Manage vContainer with Terraform

To manage vServer with Terraform, you need to do the following steps:

Step 1: Install Terraform CLI as instructed

Step 2: To be able to manage vServer with Terraform, you need to create a Service account from the Root account on the IAM homepage (see instructions on how to create a Service account and use ), in this case you want to create a Server with Terraform requires the following (Policy) permissions:

CreateCluster
GetCluster (specify by all resources)
ListClusterSecGroupDefault (specify by all resources)
GetClusterConfig (specify by all resources)

or you can grant vServerFullAccess permission (should have vServerReadOnlyAccess permission to get resource information after creation). For more information on how to assign permissions to each Resource, the corresponding Action at .

Note: Each different resource management action will require different permissions, so it's essential to set up a reasonable set of permissions that fit your business needs.

Step 3: Create a folder containing the terraform file and download the example from the VNG Cloud repo at .

After downloading the Example folder to the computer, the user opens the file (under the path terraform-provider-vngcloud/examples/), then changes the necessary information as follows:

Client_id: Get at IAM homepage/ Service account - Service account Detail - Tab Security credentials
Client_secret: Obtained when initializing Service account at IAM homepage or can be reset at IAM homepage/ Service account - Service account Detail - Tab Security credentials



variable "client_id" {  
type = string  
default = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}
variable "client_secret" {  
type = string  
default = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"}

module "vserver" {source = "./modules/vng-cloud-vserver" }
module "vlb" { source = "./modules/vng-cloud-vlb" }

just keep:

module "k8s" { source = "./modules/vng-cloud-k8s" }

source = "./modules/vng-cloud-k8s" }
terraform {  
required_providers {    
vngcloud = {      
source  = "vngcloud/vngcloud"      
version = "1.1.0"    
}  
}  
#  backend "s3" {  
#    skip_credentials_validation = true  
#    skip_metadata_api_check = true  
#    skip_region_validation = true  
#    bucket = "bucket-name"  
#    endpoint = "https://hcm01.vstorage.vngcloud.vn/"  
#    key = "terraform.tfstate"  
#    region = "HCM01"  
#    access_key = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"  
#    secret_key = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"  
#  }
} 
provider "vngcloud" {  
token_url        = "https://iamapis.vngcloud.vn/accounts-api/v2/auth/token"  
client_id        = var.client_id  
client_secret    = var.client_secret  
vserver_base_url = "https://hcm-3.api.vngcloud.vn/vserver/vserver-gateway"  
vlb_base_url = "https://hcm-3.api.vngcloud.vn/vserver/vlb-gateway"}
module "k8s" {  
source = "./modules/vng-cloud-k8s" }
}

variable "project_id" {  
type    = string  
default = "pro-462803f3-6858-466f-bf05-df2b33faa360"
}
variable "s_general_4x8" {  
type    = string  
default = "flav-05f97524-0410-46a4-87a8-af92aa759231"}
variable "ubuntu_20_04" {  
type    = string  
default = "img-a34d639b-e070-46ff-8b91-addf4fac45b4"
}

root_disk_size: specify the size of the root disk drive, for example: 20
data_disk_size: specify the root disk volume, for example: 50

variable "ssd_3000" {  
type    = string  
default = "3000"
}
variable "root_disk_size" {  
type    = number  
default = 20
}
variable "data_disk_size" {  
type    = number  
default = 50
}

variable "network_id" {  
type    = string  
default = "net-22581aed-a65d-4b1e-86d3-102d68e148e0"
}
variable "subnet_id" {  
type    = string  
default = "sub-5f101cba-7ce0-4084-8576-06b8dbfb298a" }

variable "ssh_key_id" {  
type    = string  
default = "ssh-b4fbf87a-d9bc-4f04-9ea1-39e086f443de"
}
variable "security_group_id_list" {  
type    = list(string)  
default = [    "secg-28e91c47-11b1-4cc1-8e24-dd174882708d"  ]
}

data "vngcloud_vserver_volume_type_zone" "volume_type_zone" {  
name       = "SSD"  
project_id = var.project_id
} 
data "vngcloud_vserver_volume_type" "volume_type" {  
name                = var.volume_type_name  
project_id          = var.project_id  
volume_type_zone_id = data.vngcloud_vserver_volume_type_zone.volume_type_zone.id
} 
data "vngcloud_vserver_k8s_version" "k8sVersion1" {  
name       = "Version 1.18.7"  
project_id = var.project_id
} 
data "vngcloud_vserver_k8s_network_type" "k8sNetworkType" {  
name       = "Calico"  
project_id = var.project_id
} resource "vngcloud_vserver_k8s" "k8s" {  
project_id            = var.project_id  
ipip_mode             = "Always"  
name                  = "vng-cloud-k8s-example"  
k8s_version           = data.vngcloud_vserver_k8s_version.k8sVersion1.id  
master_count          = 1  
node_count            = 1  
network_type          = data.vngcloud_vserver_k8s_network_type.k8sNetworkType.id  
calico_cidr           = "10.46.0.0/16"  
network_id            = var.network_id  
subnet_id             = var.subnet_id  
ssh_key_id            = var.ssh_key_id  
master_flavor_id      = var.s_general_4x8  
node_flavor_id        = var.s_general_4x8  
etcd_volume_size      = 20  
etcd_volume_type_id   = data.vngcloud_vserver_volume_type.volume_type.id  
boot_volume_size      = 20  
boot_volume_type_id   = data.vngcloud_vserver_volume_type.volume_type.id  
docker_volume_size    = 20  
docker_volume_type_id = data.vngcloud_vserver_volume_type.volume_type.id  
description           = "K8S example"  
auto_scaling          = true  
min_node_count        = 1  
max_node_count        = 3  
enable_lb             = false  
auto_healing          = true  
ingress_controller = true
}

Step 7: Launch the terraform command

terraform init

The system will return the following results:

vnglab:vngcloud cbr09$ terraform init 

Initializing the backend... 

Initializing provider plugins...
- Finding vngcloud/vngcloud versions matching "0.0.5"...
- Installing vngcloud/vngcloud v0.0.5...
- Installed vngcloud/vngcloud v0.0.5 (self-signed, key ID A6A27B3126EF15EB) 
Partner and community providers are signed by their developers.
If you'd like to know more about provider signing, you can read about it here:
https://www.terraform.io/docs/cli/plugins/signing.html 

Terraform has created a lock file .terraform.lock.hcl to record the providerselections it made above. Include this file in your version control repositoryso that Terraform can guarantee to make the same selections by default whenyou run "terraform init" in the future. 

Terraform has been successfully initialized! 

You may now begin working with Terraform. Try running "terraform plan" to seeany changes that are required for your infrastructure. All Terraform commandsshould now work. 

If you ever set or change modules or backend configuration for Terraform,rerun this command to reinitialize your working directory. If you forget, othercommands will detect it and remind you to do so if necessary.