This asset provides the scripts to provision a single zone VPC with access to the internet. Then deploy a Windows virtual service instance into the VPC using Terraform.
-
Active IBM Cloud account with credentials for an IBMid or ServiceID that can deploy VPC infrastructure.
-
Access to a public SSH key.
-
Update the versions of Terraform and IBM Cloud Terraform Provider in the versions.tf file.
-
Review the variables in the variables.tf file required to deploy this pattern.
- Add values for iaasapikey, paasapikey, iaasusername for authorization.
- Add desired ibm_region, availability_zone and riaas_endpoint endpoint in variable.tf files.
- Add ssh_key value which will be required while creating VSI.
-
Run Terraform script:
- cd infrastructure-code
- terraform init
- terraform plan
- terraform apply
-
Test by connecting to the instance using Remote Desktop protocol using the floating IP as target. To properly connect,
- Get encrypted password from UI and saved to a file, decode it using:
cat UI_PASSWORD_FILE | base64 --decode > decoded_base64_password_file
- Decrypt it using the SSH key used to create the instance:
openssl pkeyutl -in decoded_base64_password_file -decrypt -inkey ~/.ssh/id_rsa -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 -pkeyopt rsa_mgf1_md:sha256 > finalpass
cat finalpass
- Get encrypted password from UI and saved to a file, decode it using:
-
New VPC will be assigned to new resource group
vpc_test
created in given region (ibm-region from variables.tf). -
You need Administrator access to the given resource_group, in order to view encrypted password on VSI.