Closed30
terraform で gcp tts の環境を構築する
tktdocker-compose でやる
tktterraform/main.tf
variable "gcp_project" {}
provider "google" {
version = "~> 3.72"
project = var.gcp_project
}
version: "3.7"
services:
tf:
image: hashicorp/terraform:1.0.0
container_name: "terraform"
working_dir: /workspace
volumes:
- ./terraform:/workspace:cached
docker-compose run --rm tf init
Initializing the backend...
Initializing provider plugins...
- Finding hashicorp/google versions matching "~> 3.72"...
- Installing hashicorp/google v3.72.0...
- Installed hashicorp/google v3.72.0 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.
╷
│ Warning: Version constraints inside provider configuration blocks are deprecated
│
│ on main.tf line 3, in provider "google":
│ 3: version = "~> 3.72"
│
│ Terraform 0.13 and earlier allowed provider version constraints inside the
│ provider configuration block, but that is now deprecated and will be removed
│ in a future version of Terraform. To silence this warning, move the provider
│ version constraint into the required_providers block.
╵
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
ここを参考に進めていく
tktdocker-compose run --rm tf apply
var.gcp_project
Enter a value: discord-speech-bot
No changes. Your infrastructure matches the configuration.
Terraform has compared your real infrastructure against your configuration and
found no differences, so no changes are needed.
╷
│ Warning: Version constraints inside provider configuration blocks are deprecated
│
│ on main.tf line 3, in provider "google":
│ 3: version = "~> 3.72"
│
│ Terraform 0.13 and earlier allowed provider version constraints inside the
│ provider configuration block, but that is now deprecated and will be removed
│ in a future version of Terraform. To silence this warning, move the provider
│ version constraint into the required_providers block.
╵
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
warning がでてたので少し修正
terraform/versions.tf
terraform {
required_version = "1.0.0"
required_providers {
google = {
source = "hashicorp/google"
version = "3.72.0"
}
}
}
terraform/main.tf
variable "gcp_project" {}
provider "google" {
project = var.gcp_project
}
tts のリソース、terraform だと定義できない…?
tktそれっぽいのがない
tkt
そもそも tts はどこじゃ
tkt
いた
tktこれかな
tktmain.tf
variable "gcp_project" {}
provider "google" {
project = var.gcp_project
}
resource "google_project_service" "tts" {
service = "texttospeech.googleapis.com"
}
docker-compose run --rm tf apply
var.gcp_project
Enter a value: discord-speech-bot
╷
│ Error: Attempted to load application default credentials since neither `credentials` nor `access_token` was set in the provider block. No credentials loaded. To use your gcloud credentials, run 'gcloud auth application-default login'. Original error: google: could not find default credentials. See https://developers.google.com/accounts/docs/application-default-credentials for more information.
│
│ with provider["registry.terraform.io/hashicorp/google"],
│ on main.tf line 2, in provider "google":
│ 2: provider "google" {
│
╵
路線に帰ってきた
tktdocker-compose.yml
version: "3.7"
services:
tf:
image: hashicorp/terraform:1.0.0
container_name: "terraform"
working_dir: /workspace
volumes:
- ./terraform:/workspace:cached
- gcloud-config:/root/.config
gcloud:
entrypoint: "gcloud"
image: google/cloud-sdk:alpine
container_name: "gcloud"
working_dir: /workspace
volumes:
- ./terraform:/workspace:cached
- gcloud-config:/root/.config
volumes:
gcloud-config:
$ docker-compose run gcloud auth application-default login
gcloud の login を済ませる
tkt$ docker-compose run --rm tf apply
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# google_project_service.tts will be created
+ resource "google_project_service" "tts" {
+ disable_on_destroy = true
+ id = (known after apply)
+ project = (known after apply)
+ service = "texttospeech.googleapis.com"
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
google_project_service.tts: Creating...
╷
│ Error: Error when reading or editing Project Service : Request "List Project Services discord-speech-bot" returned error: Failed to list enabled services for project discord-speech-bot: googleapi: Error 403: Project 'discord-speech-bot' not found or permission denied.
│ Help Token: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=, forbidden
│
│ with google_project_service.tts,
│ on main.tf line 8, in resource "google_project_service" "tts":
│ 8: resource "google_project_service" "tts" {
│
╵
project は先に作っとかないといけない?
tktmain.tf
variable "gcp_project" {
default = "discord-speech-bot"
}
provider "google" {
project = var.gcp_project
}
resource "google_project" "gcp_project" {
name = var.gcp_project
project_id = var.gcp_project
auto_create_network = false
}
resource "google_project_service" "tts" {
project = google_project.gcp_project.project_id
service = "texttospeech.googleapis.com"
}
docker-compose run --rm tf apply
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# google_project.gcp_project will be created
+ resource "google_project" "gcp_project" {
+ auto_create_network = false
+ folder_id = (known after apply)
+ id = (known after apply)
+ name = "discord-speech-bot"
+ number = (known after apply)
+ org_id = (known after apply)
+ project_id = "discord-speech-bot"
+ skip_delete = (known after apply)
}
# google_project_service.tts will be created
+ resource "google_project_service" "tts" {
+ disable_on_destroy = true
+ id = (known after apply)
+ project = "discord-speech-bot"
+ service = "texttospeech.googleapis.com"
}
Plan: 2 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
google_project.gcp_project: Creating...
google_project.gcp_project: Still creating... [10s elapsed]
google_project.gcp_project: Still creating... [20s elapsed]
╷
│ Error: Error enabling the Compute Engine API required to delete the default network: failed to send enable services request: googleapi: Error 400: Billing account for project '9999999999999' is not found. Billing must be enabled for activation of service(s) 'compute.googleapis.com,compute.googleapis.com,compute.googleapis.com' to proceed.
│ Help Token: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX==, failedPrecondition
│
│ with google_project.gcp_project,
│ on main.tf line 8, in resource "google_project" "gcp_project":
│ 8: resource "google_project" "gcp_project" {
│
╵
少しずつ進んでいる
tkterror creating project discord-speech-bot (discord-speech-bot): googleapi: Error 409: Requested entity already exists, alreadyExists. If you received a 403 error, make sure you have the `roles/resourcemanager.projectCreator` permission
怒られたので、一度コンソールから削除してみる
tktコンソールから見ても見当たらない
tkt解決方法がわからない。キャッシュ的な何かが悪さしてる可能性を疑って、ローカルファイルを一旦削除してみる
tktdame
tktプロジェクト名を変えたらとおった。
キャッシュの消しが甘い?
もしくは console 側で消さないといけない場所がどこかにあった?
tktリソース作成できた。
先に進む前に消して、もとのプロジェクト名で作り直してみる。
tkt$ docker-compose run --rm tf destroy
ですとろおい
tktやっぱりもとの名前だと作れない。諦めて新しいので作るか、
tkt名前変えてもだめになった。
さっきはとおったのに。
キャッシュ消し的な動作からもう一度
tktできない…もう何もわからない…
tktプロジェクト名が他の人とかぶってるとかあり得る?
tktプロジェクト名が他の人とかぶってるとかあり得る?
とてもこれな気がする
これでかぶらないだろうって名前をつけると通った
tktプロジェクト名が他の人とかぶってるとかあり得る?
とてもこれな気がする
これでかぶらないだろうって名前をつけると通った
tktリソース名がユニークじゃなかったのが問題っぽい
tktdocker-compose.yml
version: "3.7"
services:
tf:
image: hashicorp/terraform:1.0.0
container_name: "terraform"
working_dir: /workspace
environment:
- TF_VAR_billing_id=$TF_VAR_billing_id
- TF_VAR_gcp_project=$TF_VAR_gcp_project
volumes:
- ./terraform:/workspace:cached
- gcloud-config:/root/.config
gcloud:
entrypoint: "gcloud"
image: google/cloud-sdk:alpine
container_name: "gcloud"
working_dir: /workspace
volumes:
- ./terraform:/workspace:cached
- gcloud-config:/root/.config
volumes:
gcloud-config:
terraform/versions.tf
terraform {
required_version = "1.0.0"
required_providers {
google = {
source = "hashicorp/google"
version = "3.72.0"
}
}
}
terraform/main.tf
variable "gcp_project" {}
variable "billing_id" {}
provider "google" {
project = var.gcp_project
}
resource "google_project" "gcp_project" {
name = var.gcp_project
project_id = var.gcp_project
billing_account = var.billing_id
auto_create_network = false
}
resource "google_project_service" "tts" {
project = google_project.gcp_project.project_id
service = "texttospeech.googleapis.com"
}
$ docker-compose run --rm gcloud auth application-default login
$ docker-compose run --rm tf init
$ docker-compose run --rm tf fmt
$ docker-compose run --rm tf validate
$ docker-compose run --rm tf plan
$ docker-compose run --rm tf apply
手順
このスクラップは2021/06/19にクローズされました