terraform.io
You may want to add to your .gitignore:
.terraform/
terraform.tfstate*
If you're in Linode's dashboard you'll see something like "US, Dallas, TX", but what you really need in your terraform file is something like "us-central".
If you check Linode API:
curl https://api.linode.com/v4/regions
and you will get:
{
...
"data": [
{
"id": "us-central",
"country": "us"
},
{
"id": "us-west",
"country": "us"
},
...
]
}
Well.. still not what you want, so instead look at: https://www.linode.com/speedtest
Terraform Region | Linode Dashboard |
---|---|
us-east | US, Newark, NJ |
us-southeast | US, Atlanta, GA |
us-central | US, Dallas, TX |
us-west | US, Fremont, CA |
eu-central | EU, Frankfurt, DE |
eu-west | EU, London, UK |
ap-south | SG, Singapore, SG |
ap-northeast | JP, Tokyo2, JP |
Example:
resource "linode_instance" "my_instance" {
image = "linode/debian9"
region = "us-southeast" # US, Atlanta, GA
# ...
}
- https://digitalocean.com
- https://www.terraform.io/docs/providers/do/index.html
- https://developers.digitalocean.com/documentation/v2/#images
- prompt for
var.digitalocean_token}
. Get your token in your Digital Ocean panel. - let's say you have your public key in your account, and the name is "Douglas"
- specs:
- Debian Stretch
- 1gb/1cpu
- monitoring agent installed
- private networking enabled
- and access with ssh key
- with the droplet created, let's add Digital Ocean Cloud Firewall rules to our new droplet
- allow incoming traffic in http, https and ssh
- allow all outcomming traffic
provider "digitalocean" {
# create a file
token = "${var.digitalocean_token}"
}
data "digitalocean_ssh_key" "douglas" {
name = "Douglas"
}
resource "digitalocean_droplet" "mydroplet" {
image = "debian-9-x64"
name = "mydroplet-web-1"
region = "nyc3"
size = "s-1vcpu-1gb"
monitoring = true
private_networking = true
tags = ["mydroplet", "web"]
ssh_keys = ["${data.digitalocean_ssh_key.douglas.fingerprint}"]
}
resource "digitalocean_firewall" "web" {
name = "only-22-80-and-443"
droplet_ids = ["${digitalocean_droplet.mydroplet.id}"]
inbound_rule = [
{
protocol = "tcp"
port_range = "22"
source_addresses = ["0.0.0.0/0", "::/0"]
},
{
protocol = "tcp"
port_range = "80"
source_addresses = ["0.0.0.0/0", "::/0"]
},
{
protocol = "tcp"
port_range = "443"
source_addresses = ["0.0.0.0/0", "::/0"]
},
{
protocol = "icmp"
source_addresses = ["0.0.0.0/0", "::/0"]
},
]
outbound_rule = [
{
protocol = "tcp"
port_range = "1-6553"
destination_addresses = ["0.0.0.0/0", "::/0"]
},
{
protocol = "udp"
port_range = "1-6553"
destination_addresses = ["0.0.0.0/0", "::/0"]
},
{
protocol = "icmp"
destination_addresses = ["0.0.0.0/0", "::/0"]
}
]
}