Create the first instance
Now we will deploy a simple web server using Terraform.
Create a key pair
To create a key pair you have two choices using your own public key or generate a new one.
Using my own public key
Using your own public key is simple just add the content bellow at the end of main.tf file. Replace "keypair_name" with a name of your choice. To define the "public_key" value you must copy your entire public key on one line.
# Upload public key
resource "openstack_compute_keypair_v2" "keypair_name" {
name = "keypair_name"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1MvU9Df0n2UBaII35aFuM9pQaQd1NEJOrB6xLNs43Ca6OoL7+7mv8C2pTr4DvqNhGoCEZuZULo8ArBixZtqFYgJHZY0a5FtjqO8azyFycUcNK7QSM265tiN6CJwyepcw0P6Ucsvjeu5wLwyylUInYH7qzYKV2F85vMIkWA+r1a5xLA8M/DDw/jwIGnuU9GxDMmB/hIbj4A5tOpppyPhQxJX8BJlyiXF2PDzVTKjVEB3TWcnHRAUqFu/0V2Gft5ZCqXwiNpboms6AVJYKPbNWmVf+JrEjVcaOEwZnzyB0tcpeIbW/bwIEJmygHLttHDsfsLZN1El/nO/SZFOZ8/K02QE8h4hCjjHmffK2CEqToGaMhwnCZWGrQq+Q1tQnISZ6uNYLotklRkHh8889knIrLGL2x0q811pbFE7pMe3TTdcs+N+ZPdmMLkJhHai91rwfVtYsKFaRomp8RNMDKOic3U2wQJ4qAf2cqs084ird/tMsCYedZfx5rAqT3TyDB8JDNEVd1ie+9m5K2xQqVVOYUCtbemF6g99F6AqfsYAGpLC4BGGk2mbZCg3baDfJh8n2e6wgM8+eb9kQP5ExGDow7NahSlP+uuAgncCRE8AEpSQPrfpiW207IGI2MLo2iFCjuhwRSdhYzy3mYlUIJvectuO9wMcLsMGBrYuaomPiyCw== cardno:000605009830"
}
Generate a new keypair
To generate a new keypair just paste the content bellow and defined the name of the new keypair.
resource "openstack_compute_keypair_v2" "keypair_name" {
name = "keypair_name"
}
Create a security group
By default Infomaniak Public Cloud block all traffic for new instances. To allow traffic you must add rules in the default security group or create a new one. In this tutorial we will create a new security group will allowing traffic on port 22 (SSH), 80 (HTTP) and 443 (HTTPS).
To create the new security group just add the content bellow after the keypair section, and define the name and the descprition.
# Create a web security group
resource "openstack_compute_secgroup_v2" "security_group_name" {
name = "security_group_name"
description = "Security Group Description"
rule {
from_port = 22
to_port = 22
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
rule {
from_port = 80
to_port = 80
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
rule {
from_port = 443
to_port = 443
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
}
Create an instance
To launch a new instance you need the following informations: - Image ID - Flavor Name - Network Name
All of the informations can be retrieve on Openstack Dashboard or by Openstack CLI client
Add the following content after the security group section and replace:
- instance_name: Name of your instance (example: web-server)
- image_id: ID of the image you want use (example: 9be06f9c-a8e8-4f33-b41e-d35f29667fcb)
- flavor_name: Name of the flavor you want use (example: a1-ram2-disk80-perf1)
- keypair_name: Name of the keypair define previously
- security_group_name: Name of the security group define previously
# Create a web server
resource "openstack_compute_instance_v2" "instance_name" {
name = "instance_name"
image_id = "image_id"
flavor_name = "flavor_name"
key_pair = "keypair_name"
security_groups = ["security_group_name"]
metadata = {
application = "web-app"
}
network {
name = "ext-net1"
}
}
Once you have finish to editing the file, main.tf should be seem like this:
# Define required providers
terraform {
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "1.44.0"
}
}
}
# Configure the OpenStack Provider
provider "openstack" {
auth_url = "https://api.pub1.infomaniak.cloud/identity"
region = "dc3-a"
user_name = "PCU-XXXXXXX"
password = "your_password"
user_domain_name = "Default"
project_domain_id = "default"
tenant_id = "your_tenant_id"
tenant_name = "PCP-XXXXXXX"
}
# Upload public key
resource "openstack_compute_keypair_v2" "web-keypair" {
name = "web-keypair"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1MvU9Df0n2UBaII35aFuM9pQaQd1NEJOrB6xLNs43Ca6OoL7+7mv8C2pTr4DvqNhGoCEZuZULo8ArBixZtqFYgJHZY0a5FtjqO8azyFycUcNK7QSM265tiN6CJwyepcw0P6Ucsvjeu5wLwyylUInYH7qzYKV2F85vMIkWA+r1a5xLA8M/DDw/jwIGnuU9GxDMmB/hIbj4A5tOpppyPhQxJX8BJlyiXF2PDzVTKjVEB3TWcnHRAUqFu/0V2Gft5ZCqXwiNpboms6AVJYKPbNWmVf+JrEjVcaOEwZnzyB0tcpeIbW/bwIEJmygHLttHDsfsLZN1El/nO/SZFOZ8/K02QE8h4hCjjHmffK2CEqToGaMhwnCZWGrQq+Q1tQnISZ6uNYLotklRkHh8889knIrLGL2x0q811pbFE7pMe3TTdcs+N+ZPdmMLkJhHai91rwfVtYsKFaRomp8RNMDKOic3U2wQJ4qAf2cqs084ird/tMsCYedZfx5rAqT3TyDB8JDNEVd1ie+9m5K2xQqVVOYUCtbemF6g99F6AqfsYAGpLC4BGGk2mbZCg3baDfJh8n2e6wgM8+eb9kQP5ExGDow7NahSlP+uuAgncCRE8AEpSQPrfpiW207IGI2MLo2iFCjuhwRSdhYzy3mYlUIJvectuO9wMcLsMGBrYuaomPiyCw== cardno:000605009830"
}
# Create a web security group
resource "openstack_compute_secgroup_v2" "sg-web-front" {
name = "sg-web-front"
description = "Security group for web front instances"
rule {
from_port = 22
to_port = 22
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
rule {
from_port = 80
to_port = 80
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
rule {
from_port = 443
to_port = 443
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
}
# Create a web server
resource "openstack_compute_instance_v2" "web-server" {
name = "web-server"
image_id = "9be06f9c-a8e8-4f33-b41e-d35f29667fcb"
flavor_name = "a1-ram2-disk80-perf1"
key_pair = "web-keypair"
security_groups = ["sg-web-front"]
metadata = {
application = "web-app"
}
network {
name = "ext-net1"
}
}