This example showcases how to use Packer to pre-bake a Google VM Image with the necessary toolchain including Terraform Cloud agent and deploy this image using the tfc-agent-mig module.
We use startup script to register the runner when it comes online.
In this example, Packer creates a VM image that has the following:
- curl
- jq
- Terraform Cloud agent
-
Give Cloud Build Service Account necessary permissions to create a new GCE VM Image using Packer.
# Export required variables export PROJECT_ID="your_gcp_project_id" export TFC_AGENT_VERSION="1.12.0" # GCP commands to enable services gcloud config set project $PROJECT_ID gcloud services enable compute.googleapis.com gcloud services enable cloudbuild.googleapis.com gcloud components update # Configure the Service Account for the Google Cloud Build export CLOUD_BUILD_ACCOUNT=$(gcloud projects get-iam-policy $PROJECT_ID --filter="(bindings.role:roles/cloudbuild.builds.builder)" --flatten="bindings[].members" --format="value(bindings.members[])") gcloud projects add-iam-policy-binding $PROJECT_ID --member $CLOUD_BUILD_ACCOUNT --role roles/compute.instanceAdmin.v1 gcloud projects add-iam-policy-binding $PROJECT_ID --member $CLOUD_BUILD_ACCOUNT --role roles/iam.serviceAccountUser
-
Build GCE VM image. When the build finishes, the image id of the form
tfc-agent-image-*will be displayed. We will use this in the tfvars we create in the next step.gcloud builds submit --config=cloudbuild.yaml --substitutions=_TFC_AGENT_VERSION="$TFC_AGENT_VERSION" -
Create terraform.tfvars file with the necessary values.
project_id = "your-project-id" tfc_org_name = "your-tfc-org-name" source_image = "image-name-from-prev-step"
-
Create the infrastructure
terraform init terraform plan terraform apply
-
Your Terraform Cloud agents should become active at Organization Setting > Security > Agents.
-
Create additonal workspaces or use the existing workspace to run Terraform through the Terraform Cloud agent.Click here for more info on running the workspace.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| project_id | The Google Cloud Platform project ID to deploy Terraform Cloud agent MIG | string |
n/a | yes |
| source_image | Source disk image | string |
n/a | yes |
| source_image_project | Project where the source image comes from | string |
null |
no |
| tfc_agent_pool_name | Terraform Cloud agent pool name to be created | string |
"tfc-agent-mig-vm-packer-pool" |
no |
| tfc_agent_pool_token_description | Terraform Cloud agent pool token description | string |
"tfc-agent-mig-vm-packer-pool-token" |
no |
| tfc_org_name | Terraform Cloud org name where the agent pool will be created | string |
n/a | yes |
| tfc_project_name | Terraform Cloud project name to be created | string |
"GCP agents" |
no |
| tfc_workspace_name | Terraform Cloud workspace name to be created | string |
"tfc-agent-mig-vm-packer" |
no |
| Name | Description |
|---|---|
| mig_instance_group | The instance group url of the created MIG |
| mig_instance_template | The name of the MIG Instance Template |
| mig_name | The name of the MIG |
| project_id | The Google Cloud Platform project ID to deploy Terraform Cloud agent MIG |
| service_account_email | Service account email for GCE used with the MIG template |