Skip to content

Create the first instance

Now we will deploy a simple web server using Terraform.

Create a key pair

To create a key pair you have two choices using your own public key or generate a new one.

Using my own public key

Using your own public key is simple just add the content bellow at the end of main.tf file. Replace "keypair_name" with a name of your choice. To define the "public_key" value you must copy your entire public key on one line.

# Upload public key
resource "openstack_compute_keypair_v2" "keypair_name" {
  name = "keypair_name"
  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1MvU9Df0n2UBaII35aFuM9pQaQd1NEJOrB6xLNs43Ca6OoL7+7mv8C2pTr4DvqNhGoCEZuZULo8ArBixZtqFYgJHZY0a5FtjqO8azyFycUcNK7QSM265tiN6CJwyepcw0P6Ucsvjeu5wLwyylUInYH7qzYKV2F85vMIkWA+r1a5xLA8M/DDw/jwIGnuU9GxDMmB/hIbj4A5tOpppyPhQxJX8BJlyiXF2PDzVTKjVEB3TWcnHRAUqFu/0V2Gft5ZCqXwiNpboms6AVJYKPbNWmVf+JrEjVcaOEwZnzyB0tcpeIbW/bwIEJmygHLttHDsfsLZN1El/nO/SZFOZ8/K02QE8h4hCjjHmffK2CEqToGaMhwnCZWGrQq+Q1tQnISZ6uNYLotklRkHh8889knIrLGL2x0q811pbFE7pMe3TTdcs+N+ZPdmMLkJhHai91rwfVtYsKFaRomp8RNMDKOic3U2wQJ4qAf2cqs084ird/tMsCYedZfx5rAqT3TyDB8JDNEVd1ie+9m5K2xQqVVOYUCtbemF6g99F6AqfsYAGpLC4BGGk2mbZCg3baDfJh8n2e6wgM8+eb9kQP5ExGDow7NahSlP+uuAgncCRE8AEpSQPrfpiW207IGI2MLo2iFCjuhwRSdhYzy3mYlUIJvectuO9wMcLsMGBrYuaomPiyCw== cardno:000605009830"
}

Generate a new keypair

To generate a new keypair just paste the content bellow and defined the name of the new keypair.

resource "openstack_compute_keypair_v2" "keypair_name" {
  name = "keypair_name"
}

Create a security group

By default Infomaniak Public Cloud block all traffic for new instances. To allow traffic you must add rules in the default security group or create a new one. In this tutorial we will create a new security group will allowing traffic on port 22 (SSH), 80 (HTTP) and 443 (HTTPS).

To create the new security group just add the content below after the keypair section, and define the name and the description.

# Create a web security group
resource "openstack_compute_secgroup_v2" "security_group_name" {
  name        = "security_group_name"
  description = "Security Group Description"

  rule {
    from_port   = 22
    to_port     = 22
    ip_protocol = "tcp"
    cidr        = "0.0.0.0/0"
  }

  rule {
    from_port   = 80
    to_port     = 80
    ip_protocol = "tcp"
    cidr        = "0.0.0.0/0"
  }

  rule {
    from_port   = 443
    to_port     = 443
    ip_protocol = "tcp"
    cidr        = "0.0.0.0/0"
  }
}

Create an instance

To launch a new instance you need the following information: - Image ID - Flavor Name - Network Name

All of the information can be retrieved on the Openstack Dashboard or by the Openstack CLI client.

Add the following content after the security group section and replace:

  • instance_name: Name of your instance (example: web-server)
  • image_id: ID of the image you want use (example: 9be06f9c-a8e8-4f33-b41e-d35f29667fcb)
  • flavor_name: Name of the flavor you want use (example: a1-ram2-disk80-perf1)
  • keypair_name: Name of the keypair define previously
  • security_group_name: Name of the security group define previously
# Create a web server
resource "openstack_compute_instance_v2" "instance_name" {
  name            = "instance_name"
  image_id        = "image_id"
  flavor_name     = "flavor_name"
  key_pair        = "keypair_name"
  security_groups = ["security_group_name"]

  metadata = {
    application = "web-app"
  }

  network {
    name = "ext-net1"
  }
}

Once you have finish to editing the file, main.tf should be seem like this: 

# Define required providers
terraform {
  required_providers {
    openstack = {
      source  = "terraform-provider-openstack/openstack"
      version = "1.44.0"
    }
  }
}

# Configure the OpenStack Provider
provider "openstack" {
  auth_url = "https://api.pub1.infomaniak.cloud/identity"
  region = "dc3-a"
  user_name = "PCU-XXXXXXX"
  password = "your_password"
  user_domain_name = "Default"
  project_domain_id = "default"
  tenant_id = "your_tenant_id"
  tenant_name = "PCP-XXXXXXX"
}

# Upload public key
resource "openstack_compute_keypair_v2" "web-keypair" {
  name = "web-keypair"
  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC1MvU9Df0n2UBaII35aFuM9pQaQd1NEJOrB6xLNs43Ca6OoL7+7mv8C2pTr4DvqNhGoCEZuZULo8ArBixZtqFYgJHZY0a5FtjqO8azyFycUcNK7QSM265tiN6CJwyepcw0P6Ucsvjeu5wLwyylUInYH7qzYKV2F85vMIkWA+r1a5xLA8M/DDw/jwIGnuU9GxDMmB/hIbj4A5tOpppyPhQxJX8BJlyiXF2PDzVTKjVEB3TWcnHRAUqFu/0V2Gft5ZCqXwiNpboms6AVJYKPbNWmVf+JrEjVcaOEwZnzyB0tcpeIbW/bwIEJmygHLttHDsfsLZN1El/nO/SZFOZ8/K02QE8h4hCjjHmffK2CEqToGaMhwnCZWGrQq+Q1tQnISZ6uNYLotklRkHh8889knIrLGL2x0q811pbFE7pMe3TTdcs+N+ZPdmMLkJhHai91rwfVtYsKFaRomp8RNMDKOic3U2wQJ4qAf2cqs084ird/tMsCYedZfx5rAqT3TyDB8JDNEVd1ie+9m5K2xQqVVOYUCtbemF6g99F6AqfsYAGpLC4BGGk2mbZCg3baDfJh8n2e6wgM8+eb9kQP5ExGDow7NahSlP+uuAgncCRE8AEpSQPrfpiW207IGI2MLo2iFCjuhwRSdhYzy3mYlUIJvectuO9wMcLsMGBrYuaomPiyCw== cardno:000605009830"
}

# Create a web security group
resource "openstack_compute_secgroup_v2" "sg-web-front" {
  name        = "sg-web-front"
  description = "Security group for web front instances"

  rule {
    from_port   = 22
    to_port     = 22
    ip_protocol = "tcp"
    cidr        = "0.0.0.0/0"
  }

  rule {
    from_port   = 80
    to_port     = 80
    ip_protocol = "tcp"
    cidr        = "0.0.0.0/0"
  }

  rule {
    from_port   = 443
    to_port     = 443
    ip_protocol = "tcp"
    cidr        = "0.0.0.0/0"
  }
}

# Create a web server
resource "openstack_compute_instance_v2" "web-server" {
  name            = "web-server"
  image_id        = "9be06f9c-a8e8-4f33-b41e-d35f29667fcb"
  flavor_name     = "a1-ram2-disk80-perf1"
  key_pair        = "web-keypair"
  security_groups = ["sg-web-front"]

  metadata = {
    application = "web-app"
  }

  network {
    name = "ext-net1"
  }
}