Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Terraform - GCP - link an ip address to a load balancer linked to a cloud storage bucket

What I want:

I would like to have a static.example.com DNS records that link to a bucket in GCS containing my static images.

As I manage my DNS through Cloudflare, I think I need to use the fact that GCP can attribute me an anycast-IP , to link that IP to a GCP load balancer , that will be linked to bucket

What I currently have:

  • a bucket already created manually , named "static-images"

  • the load balancer linking to said bucket, created with

    resource "google_compute_backend_bucket" "image_backend" {
      name        = "example-static-images"
      bucket_name = "static-images"
      enable_cdn  = true
    }
    
  • the routing to link to my bucket

    resource "google_compute_url_map" "urlmap" {
      name            = "urlmap"
      default_service = "${google_compute_backend_bucket.image_backend.self_link}"
    
      host_rule {
        hosts        = ["static.example.com"]
        path_matcher = "allpaths"
      }
    
      path_matcher {
        name            = "allpaths"
        default_service = "${google_compute_backend_bucket.image_backend.self_link}"
    
        path_rule {
          paths   = ["/static"]
          service = "${google_compute_backend_bucket.image_backend.self_link}"
        }
      }
    }
    
  • an ip created with:

    resource "google_compute_global_address" "my_ip" {
      name = "ip-for-static-example-com"
    }
    

What I'm missing:

  • the terraform's equivalent to the "frontend configuration" when creating a load balancer from the web console
like image 512
allan.simon Avatar asked Oct 21 '25 06:10

allan.simon


1 Answers

Looks like you're just missing a forwarding rule and target proxy.

The terraform docs on google_compute_global_forwarding_rule have a good example.

e.g.:

resource "google_compute_global_forwarding_rule" "default" {
  name = "default-rule"
  target = "${google_compute_target_http_proxy.default.self_link}"
  port_range = 80     // or other e.g. for ssl

  ip_address = "${google_compute_global_address.my_ip.address}"
}

resource "google_compute_target_http_proxy" "default" {  // or https proxy
  name        = "default-proxy"
  description = "an HTTP proxy"
  url_map     = "${google_compute_url_map.urlmap.self_link}"
}

hope this helps!

like image 175
mg12 Avatar answered Oct 23 '25 23:10

mg12