Terraform GCP: How to connect a MIG to a backend service?

Question

To create an HTTP load balancer, I made the following .tf file:

resource "google_compute_instance_group_manager" "nginx" {
  name = "nginx-igm"

  base_instance_name = "nginx"
  zone               = var.zone

  version {
    instance_template = google_compute_instance_template.nginx.id
  }

  target_size  = 2

  auto_healing_policies {
    health_check      = google_compute_health_check.autohealing.id
    initial_delay_sec = 300
  }
}

resource "google_compute_health_check" "autohealing" {
  name        = "autohealing"
  description = "Autohealing health check via http"

  timeout_sec         = 5
  check_interval_sec  = 5
  healthy_threshold   = 2
  unhealthy_threshold = 2

  http_health_check {
    response = "<!DOCTYPE html>"
  }
}

resource "google_compute_instance_template" "nginx" {
  name        = "nginx-template"
  description = "This template is used to create nginx instances."

  tags = ["http-server"]

  instance_description = "Nginx instance"
  machine_type         = "e2-small"
  can_ip_forward       = false

  scheduling {
    automatic_restart   = true
    on_host_maintenance = "MIGRATE"
  }

  disk {
    source_image = "ubuntu-2004-nginx"
    auto_delete  = true
    boot         = true
  }

  network_interface {
    network = "default"
  }
}

resource "google_compute_backend_service" "mig-backend" {
  name        = "mig-backend"
  port_name   = "http"
  protocol    = "HTTP"
  timeout_sec = 3000

  backend {
    group = google_compute_instance_group_manager.nginx.self_link
  }

  health_checks = [google_compute_health_check.http-health-check.self_link]

  log_config {
    enable = true
  }
}

resource "google_compute_url_map" "mig-url-map" {
  name            = "mig-url-map"
  default_service = google_compute_backend_service.mig-backend.self_link
}

resource "google_compute_target_http_proxy" "mig-target-http-proxy" {
  name    = "mig-target-http-proxy"
  url_map = google_compute_url_map.mig-url-map.self_link
}

resource "google_compute_global_forwarding_rule" "mig-global-forwarding-rule-http" {
  name       = "mig-global-forwarding-rule-http"
  target     = google_compute_target_http_proxy.mig-target-http-proxy.self_link
  port_range = "80"
  ip_address = google_compute_global_address.mig-lb-address.address
}

resource "google_compute_global_address" "mig-lb-address" {
  name = "mig-lb-address"
}

This configuration file has an obvious flaw on this part:

resource "google_compute_backend_service" "mig-backend" {
  name        = "mig-backend"
  port_name   = "http"
  protocol    = "HTTP"
  timeout_sec = 3000

  backend {
    group = google_compute_instance_group_manager.nginx.self_link
  }

  health_checks = [google_compute_health_check.http-health-check.self_link]

  log_config {
    enable = true
  }
}

The official documentation says that the backend.group attribute of a backend service should be "the fully-qualified URL of an Instance Group or Network Endpoint Group resource", but in my case I specified the URL of an Instance Group Manager. Actually, I got this error message from GCP:

Error: Error creating BackendService: googleapi: Error 400: Invalid value for field 'resource.backends[0].group': 'https://www.googleapis.com/compute/v1/projects/oiax-lb-test/zones/asia-northeast2-a/instanceGroupManagers/nginx-igm'. Unexpected resource collection 'instanceGroupManagers'., invalid

How should I correct my configuration file to connect the instance group and the backend service?

question from:https://stackoverflow.com/questions/65878256/terraform-gcp-how-to-connect-a-mig-to-a-backend-service

Answer 1

refer to the 'instance_group' attribute - The full URL of the instance group created by the manager.

backend {
  group = google_compute_instance_group_manager.nginx.instance_group
}