Deploy development virtual machines on Google Cloud

This page details the Terraform configuration for deploying development virtual machines (VMs) on Google Cloud Platform (GCP) with multiple operating system options and automated Netprobe deployment. This environment creates development VMs on GCP with:

Template files Copied

The environment contains the following Terraform configuration files:

Prerequisites Copied

  1. Terraform version 1.0 or higher installed

  2. Google Cloud SDK version 400.0.0 or higher installed

  3. GCP authentication configured

  4. GCP project with required APIs enabled:

    # Enable required APIs
gcloud services enable compute.googleapis.com
gcloud services enable oslogin.googleapis.com

# Set default project
gcloud config set project YOUR_PROJECT_ID

  5. SSH key pair for VM access

    # Generate SSH key pair if not already available
ssh-keygen -t rsa -b 4096 -f ../../../../../resources/id_rsa

  6. IAM permissions, where the user or service account must have:

    • Compute Instance Admin
    • Compute Security Admin
    • Service Account User

Deployment setup Copied

  1. Copy the example configuration.

    # For Ubuntu 22.04 (default)
cp terraform.tfvars.example terraform.tfvars

# For Ubuntu 24.04
cp terraform.tfvars.ubuntu24.example terraform.tfvars

# For RHEL 8
cp terraform.tfvars.rhel8.example terraform.tfvars

# For RHEL 9
cp terraform.tfvars.rhel9.example terraform.tfvars

  2. Update terraform.tfvars configuration file with your Google Cloud settings.

    nano terraform.tfvars

  3. Deploy the infrastructure.

    terraform init
terraform plan
terraform apply

Authentication overview Copied

This deployment requires two types of authentication:

  1. Terraform authentication (infrastructure creation) to allow Terraform to create virtual machines, networks, and cloud resources. For Google Cloud, you need to configure gcloud auth or the service account credentials.

    • User account — makes use of your personal Google account for authentication.

      gcloud auth login
gcloud auth application-default login

    -Service account — makes use of a service account for automated deployments.

    export GOOGLE_APPLICATION_CREDENTIALS="/path/to/service-account-key.json"
    • Workload Identity (GKE/Cloud Build) — makes use of a workload identity for deployments from GCP services.

  2. Application authentication (cloud storage access) to allow applications running on virtual machines to download the deployment resources from the respective cloud storage. This is configured in the netprobe.yml file for each environment. Refer to Google Cloud Platform authentication for detailed authentication configuration.

Configuration files Copied

Select the appropriate configuration file for your operating system:

Operating system Configuration file
Ubuntu 22.04 LTS (default) terraform.tfvars.example
Ubuntu 24.04 LTS terraform.tfvars.ubuntu24.example
RHEL 8 terraform.tfvars.rhel8.example
RHEL 9 terraform.tfvars.rhel9.example

In the selected configuration file, configure the parameters outlined below.

GCP account configuration Copied

Parameter Description Default Required
gcp_project_id GCP project ID for deployment Yes
gcp_region GCP region for deployment “us-central1” Yes
gcp_zone_id Zone suffix within the region “a” Yes

GCP service account configuration Copied

The service account must be created by the user before deployment. This service account will be attached to the VM instances during creation.

Example service account creation:

# Create the service account for VM instances
gcloud iam service-accounts create dev-instance-sa \
    --display-name="Development Instance Service Account" \
    --project=your-project-id
Parameter Description Default Required
gcp_service_account_email Email of existing service account to attach to instances Yes
gcp_service_account_scopes List of access scopes for the service account [“cloud-platform”] Yes

Deployment configuration Copied

Parameter Description Default Required
deployment_count Number of identical VM deployments to create 1 Yes
labels Resource labels to assign to all created resources {} No

Network configuration Copied

Parameter Description Default Required
network_name VPC network name “default” Yes
subnetwork_name Subnet name “default” Yes

Virtual machine configuration Copied

Virtual machine configurations are based on the Netprobe system requirements. The default machine type and boot OS disk type and size also follow the Netprobe requirements.

Parameter Description Default Required
vm_name Base name for VM instances “vm-template” Yes
vm_type GCP machine type “n2-standard-2” Yes
vm_image_family VM boot image family “ubuntu-2204-lts” Yes
vm_image_project GCP project containing the VM image “ubuntu-os-cloud” Yes
vm_disk_size VM boot disk size in GB 50 Yes
vm_disk_type VM boot disk type “pd-ssd” Yes
vm_status Desired VM status “RUNNING” Yes

SSH access configuration Copied

Parameter Description Default Required
ssh_user SSH username for VM access “netprobe_user” Yes
ssh_public_key_path Path to SSH public key file “../../../../../resources/id_rsa.pub” Yes

Ansible deployment configuration Copied

Parameter Description Default Required
ansible_playbook_path Path to Ansible playbook “../../../../ansible/netprobe.yml” Yes
ansible_operation Deployment operation “install” Yes
additional_args Additional Ansible playbook arguments "" No

Resources created Copied

The following GCP infrastructure resources will be created:

Resource Description
Compute instance VM with selected OS and automatic image detection
Ansible deployment Automated Netprobe service installation

Outputs Copied

The following outputs will be available after deployment:

Output Description
external_ip External IP address of the compute instance
internal_ip Internal IP address of the compute instance
instance_name Name of the compute instance
instance_zone Zone where the instance is deployed
operating_system Operating system version selected
ssh_user SSH username for the operating system
deployment_summary Summary of all deployed resources

Ansible integration Copied

Ansible playbooks are automatically executed after the creation of the virtual machine. These are used to:

Troubleshooting Copied

You can run the given commands if you encounter the following issues:

Issue type Command
Authentication issues 
# Check current GCP identity
gcloud auth list

# Check application default credentials
gcloud auth application-default print-access-token

# Re-authenticate
gcloud auth login
gcloud auth application-default login

# Check project configuration
gcloud config list
Project and API issues 
# List available projects
gcloud projects list

# Set project
gcloud config set project YOUR_PROJECT_ID

# Check enabled APIs
gcloud services list --enabled

# Enable required APIs
gcloud services enable compute.googleapis.com
Instance issues 
# Check instance status
gcloud compute instances list

# Get instance details
gcloud compute instances describe INSTANCE_NAME --zone=ZONE

# Check via Terraform
terraform show
terraform state list
Image issues 
# List available Ubuntu images
gcloud compute images list --project=ubuntu-os-cloud --filter="family:ubuntu-minimal-2204-lts"

# List available RHEL images
gcloud compute images list --project=rhel-cloud --filter="family:rhel-9"
SSH connection issues 
# Check firewall rules
gcloud compute firewall-rules list

# Test SSH connection
ssh -i ../../../../../resources/id_rsa netprobe_user@<instance-ip>

# Use gcloud SSH (alternative)
gcloud compute ssh INSTANCE_NAME --zone=ZONE
Ansible deployment issues 
# Check Ansible logs in Terraform output
terraform apply -auto-approve

# Manual Ansible execution
ansible-playbook -i <instance-ip>, ../../../../ansible/netprobe.yml \
  --private-key ../../../../../resources/id_rsa \
  --user netprobe_user \
  --extra-vars "operation=install"

Terraform commands Copied

Run the following Terraform commands to deploy the infrastructure.

Command Command
Initialize Terraform 
terraform init
Plan the deployment 
terraform plan -var-file="terraform.tfvars"
Apply the deployment 
terraform apply -var-file="terraform.tfvars"
Show the deployment options 
terraform output
Destroy the deployment 
terraform destroy -var-file="terraform.tfvars"

Netprobe Configuration Copied

The netprobe.yml file contains Ansible configuration for Netprobe deployment. For general configuration structure and available parameters, refer to Ansible configuration.

Update the following environment-specific settings in netprobe.yml file for your GCP development environment:

SSH configuration Copied 

# SSH connection configuration (required)
ansible_ssh_private_key_file: "../../../../resources/id_rsa"
ansible_ssh_common_args: "-o ControlMaster=no -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null"

Bootstrap configuration Copied 

# Set to false for dev environments (minimal bootstrap)
perform_bootstrap: false

# GCP Cloud Storage library installation if perform_bootstrap is true
additional_bootstrap: "{{ python_path }} -m pip install --upgrade google-cloud-storage"

Cloud provider configuration Copied 

resources:
  # Google Cloud Storage configuration
  source:
    gcp:
      auth_kind: "machineaccount"
      # credential: "service-account@project-id.iam.gserviceaccount.com"  # Optional override
  # Cloud storage container
  container: geneos
  # Resource paths
  path: netprobe.tar.gz
  setupfile:
    path: netprobe.setup_template.xml

Gateway connection Copied 

env_vars:
  # Gateway information (configure for your setup)
  GATEWAY_HOST: "0.0.0.0"
  GATEWAY_PORT: "7039"

Netprobe connection Copied 

env_vars:
  # Netprobe information
  SERVICE_PARAM: "-port 7036 -setup {{ workspace_dir }}/{{ resources.setupfile.path | basename }}"
["Geneos"] ["Geneos > Netprobe"] ["User Guide"]

Was this topic helpful?