Terraform: Cloud-Init with Debian on Google Cloud

• Introduction
• Step-by-Step Guide
• Code Example
• Additional Notes
• Summary
• Conclusion
• References

While Google Cloud doesn't directly support cloud-init like some other platforms, you can still achieve similar instance initialization and configuration using startup scripts in Terraform. This involves writing a bash script with the commands you want to execute upon instance creation, making the script accessible to Terraform, and then referencing this script within your Terraform configuration for your Google Compute Instance.

While Google Cloud doesn't directly support cloud-init like some other platforms, you can still achieve similar instance initialization and configuration using startup scripts in Terraform.

1. Write your startup script: This script will contain the commands you would typically put in a cloud-init configuration. For example, to install a package:

   #!/bin/bash
   apt-get update
   apt-get install -y nginx

2. Place the script in a location accessible by Terraform: This could be a local file or a remote location like Cloud Storage.

3. Reference the script in your Terraform configuration: Use the metadata_startup_script or metadata field within your google_compute_instance resource.

   resource "google_compute_instance" "example" {
     # ... other instance configurations ...
   
     metadata_startup_script = file("path/to/your/script.sh") 
     # or
     metadata = {
       "startup-script" = file("path/to/your/script.sh")
     }
   }

4. Apply your Terraform configuration: When you run terraform apply, Terraform will create the instance and execute the startup script on first boot.

This approach allows you to run custom commands, install software, and configure settings on your Google Cloud instances during their initial setup, effectively achieving the core functionality of cloud-init.

This code sets up a basic web server on a Google Compute Engine instance using Terraform. It includes a startup script that installs Nginx and configures it to serve a custom message. The Terraform configuration defines the instance, network, and points to the startup script. After deploying with Terraform, the instance will be created and the startup script will run, making the web server accessible via the instance's public IP address.

This example demonstrates how to create a Google Compute Engine instance that automatically installs Nginx and starts a basic web server upon creation using a startup script.

1. Create the startup script (startup.sh):

#!/bin/bash

# Update package lists
apt-get update -y

# Install Nginx
apt-get install -y nginx

# Replace default Nginx index.html with a custom message
echo "Hello from Terraform-provisioned web server!" > /var/www/html/index.html

# Ensure Nginx starts on boot
systemctl enable nginx

2. Create the Terraform configuration (main.tf):

# Configure the Google Cloud provider
terraform {
  required_providers {
    google = {
      source = "hashicorp/google"
      version = "~> 4.0"
    }
  }
}

# Configure variables for project and region (replace with your values)
variable "project_id" {
  type = string
}

variable "region" {
  type = string
}

# Create a Google Compute Engine instance
resource "google_compute_instance" "default" {
  name         = "terraform-instance"
  machine_type = "n1-standard-1"
  zone         = "${var.region}-b"
  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-11"
    }
  }
  network_interface {
    network = "default"
  }

  # Provision the instance with the startup script
  metadata_startup_script = file("startup.sh")
}

3. Deploy the infrastructure:

# Initialize Terraform
terraform init

# Apply the configuration
terraform apply -var="project_id=your-project-id" -var="region=your-region"

This will create a new Google Compute Engine instance running Debian 11. The startup script will run on the first boot, installing Nginx and configuring a basic web server. You can then access the web server using the instance's public IP address.

This is a simple example, but you can adapt this approach to run any set of commands or scripts you need to initialize and configure your Google Cloud instances.

• Alternatives to Startup Scripts: While startup scripts are a common approach, Google Cloud offers other mechanisms for instance initialization, such as:
  • Cloud Config Builder: A tool that helps you generate configuration files for various Google Cloud services, including startup scripts.
  • Instance Templates: Predefined configurations for instances, including startup scripts, that can be used to create multiple instances.
  • OS Config: A managed service for automating configuration management tasks across large fleets of instances.
• Security Considerations:
  • Sensitive Information: Avoid hardcoding sensitive information like passwords in your startup scripts. Use tools like Cloud Key Management Service (Cloud KMS) to manage secrets securely.
  • Script Source: Ensure that your startup scripts are stored in a secure location and that their integrity is maintained.
• Debugging:
  • Serial Console: Use the serial console output to troubleshoot issues with your startup script execution.
  • Cloud Logging: Configure your instances to send logs to Cloud Logging for centralized log management and analysis.
• Best Practices:
  • Idempotency: Design your startup scripts to be idempotent, meaning they can be run multiple times without causing unintended side effects.
  • Modularity: Break down complex configurations into smaller, reusable scripts for better organization and maintainability.
  • Version Control: Store your startup scripts in a version control system like Git to track changes and roll back to previous versions if needed.
• Cloud-init on Google Cloud: While Google Cloud doesn't natively support cloud-init, you can technically use it with some workarounds. This typically involves installing cloud-init manually within your startup script and configuring it to read your custom cloud-config data. However, this approach is generally not recommended for production environments due to potential compatibility issues and increased complexity. It's generally advisable to stick with Google Cloud's recommended methods for instance initialization.

While Google Cloud doesn't directly support cloud-init, you can achieve similar instance initialization using startup scripts in Terraform. Here's a summary:

1. Script Creation:

• Write a bash script containing the commands you want to execute on instance startup (e.g., installing packages, configuring settings).

2. Script Placement:

• Store the script in a location accessible by Terraform, either locally or remotely (e.g., Cloud Storage).

3. Terraform Configuration:

• Within your google_compute_instance resource in Terraform:
  • Use the metadata_startup_script field or the metadata field with a "startup-script" key.
  • Set the value to the path of your script file.

4. Terraform Deployment:

• Run terraform apply to create the instance.
• Terraform will automatically execute the startup script on the instance's first boot.

Benefits:

• Run custom commands and configurations during instance initialization.
• Effectively replicates the core functionality of cloud-init on Google Cloud.

In conclusion, while Google Cloud doesn't natively support cloud-init, startup scripts in Terraform provide a robust and effective alternative for instance initialization and configuration. By leveraging startup scripts, you can automate tasks like software installation, configuration changes, and command execution, ensuring your Google Cloud instances are set up according to your specific requirements. Remember to follow security best practices and explore Google Cloud's other instance initialization mechanisms for a comprehensive approach to managing your cloud infrastructure.

• Is there no cloud-init support on GCP? : r/googlecloud | Posted by u/eggbean - 8 votes and 12 comments
• Install the gcloud CLI | Google Cloud CLI Documentation | If you updated your PATH in the previous step, open a new terminal so that the changes take effect. To initialize the gcloud CLI, run gcloud init :.
• Deploy and configure Google Compute Engine VMs with Terraform ... | I recently wanted to deploy and configure a Virtual Machine on Google Compute Engine using Terraform. I thought I’d document my steps to…
• Does Terraform require cloud-init for Linux VMs? | Ars OpenForum | I plan to dive into Terraform in the near future and started wondering how exactly does Terraform provision settings such at network configuration into a freshly cloned VM template, does it require cloud-init? Or is there some mechanism it can use to communicate via guest tools of whatever...
• Remote Desktop, Continuously Delivered | by Rosemary Wang ... | A deep dive of my remote desktop environment with Chrome Remote Desktop, Packer, and Terraform.
• google_compute_instance | Resources | hashicorp/google | Terraform | To use a static external IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign ...
• Using Terraform and Cloud-Init to deploy and automatically monitor ... | In the last two series of posts on this site, I covered using SaltStack to deploy Consul and Prometheus Exporters, and also using different Prometheus service discovery mechanisms to gather instances to monitor in each provider. There is no Prometheus discovery mechanism for Proxmox, nor a consistent way to discover tagged instances in Proxmox (regardless of which tool queries the Proxmox API). Instead, we can implement something like Consul to discover the instances.
• Getting Started with the Google Cloud provider | Guides | Terraform | Your configuration is complete. Before you can run terraform apply though, Terraform needs GCP credentials. Adding credentials. In order to make requests ...
• Debian 10 cloud-init waiting for DHCP on boot with static network ... | Jan 10, 2021 ... Great pointers by @zany. In my case I was trying to configure a Debian 11 generic cloud image with cloud-init and a static IP on my KVM host ...