Choosing between various CDNs and deploying them has never been easier. In this tutorial, you are going to see how to deploy a Content Delivery Network (CDN) on the Google Cloud Platform.
Prerequisites
- GCP Account
- Terraform
Solution
Step 1. Setup GCP Terraform provider and versions.
versions.tf:
terraform {
required_version = ">= 1.4.0"
required_providers {
google = {
version = ">= 4.55.0"
source = "hashicorp/google"
}
}
}
provider.tf:
provider "google" {
region = var.region
project = var.project
}
Step 2. Now, the actual implementation. You need to deploy around dozen resources, so create a main.tf file and add the following code blocks:
### GCS bucket
resource "google_storage_bucket" "cdn" {
name = var.bucket_name
storage_class = "MULTI_REGIONAL"
location = var.location
project = var.project
}
### backend GCS CDN bucket
resource "google_compute_backend_bucket" "cdn" {
name = var.backend_bucket_name
description = "CDN backend bucket"
bucket_name = google_storage_bucket.cdn.name
enable_cdn = true
project = var.project
}
### URL MAP
resource "google_compute_url_map" "cdn" {
name = var.url_map_name
description = "CDN URL map to the backend bucket"
default_service = google_compute_backend_bucket.cdn.self_link
project = var.project
}
### managed SSL/TLS Cert
resource "google_compute_managed_ssl_certificate" "cdn" {
provider = google-beta
project = var.project
name = var.ssl_certificate_name
managed {
domains = var.cdn_domains
}
}
### HTTPS Proxy
resource "google_compute_target_https_proxy" "cdn" {
name = var.target_https_proxy_name
description = "CDN Target HTTPS Proxy"
url_map = google_compute_url_map.cdn.self_link
ssl_certificates = [google_compute_managed_ssl_certificate.cdn.self_link]
project = var.project
}
### global public IP address
resource "google_compute_global_address" "cdn" {
name = var.global_address_name
description = "CDN global IP address"
ip_version = "IPV4"
address_type = "EXTERNAL"
project = var.project
}
### global forwarding rule
resource "google_compute_global_forwarding_rule" "cdn" {
name = var.global_forwarding_rule_name
target = google_compute_target_https_proxy.cdn.self_link
ip_address = google_compute_global_address.cdn.address
ip_protocol = "TCP"
port_range = "443"
project = var.project
}
### create A DNS record
resource "google_dns_record_set" "cdn" {
managed_zone = var.managed_zone
name = var.cdn_dns_name
type = "A"
ttl = 300
rrdatas = [google_compute_global_address.cdn.address]
project = var.project
}
### GCS bucket permissions
resource "google_storage_bucket_iam_member" "all_users_viewer" {
bucket = google_storage_bucket.cdn.name
role = "roles/storage.legacyObjectReader"
member = "allUsers"
}
### HTTP to HTTPS redirection
resource "google_compute_url_map" "http_https_redirection" {
name = "http-to-https-redirection"
description = "HTTP to HTTPS redirection"
default_url_redirect {
redirect_response_code = "MOVED_PERMANENTLY_DEFAULT"
strip_query = false
https_redirect = true
}
}
resource "google_compute_target_http_proxy" "http_https_redirection" {
name = "http-https-redirection"
url_map = google_compute_url_map.http_https_redirection.self_link
}
resource "google_compute_global_forwarding_rule" "http_https_redirection" {
name = "http-https-redirection"
target = google_compute_target_http_proxy.http_https_redirection.self_link
ip_address = google_compute_global_address.cdn.address
port_range = "80"
}
Step 3. Add all vars required in the variables.tf file.
Step 4. Cross your fingers and run the following sequence of commands:
terraform fmt
terraform init
terraform validate
terraform plan
terraform apply
Conclusion
If you get stuck at some step, feel free to leave a comment below and if you find this tutorial useful, follow our official channel on Telegram.