Manage Cloud resources via Terraform v0

With the Gcore Terraform provider v0, teams define Cloud resources — Virtual Machines, Kubernetes clusters, networks, and more — in configuration files, then apply them consistently across environments without clicking through the Portal. The following resources are supported: Virtual Machines, Bare Metal servers, Kubernetes clusters, Load Balancers, networks, volumes, snapshots, server groups, and reserved IP addresses. Provider installation and authentication are covered in the Terraform overview. The v2 provider with expanded resource support is available in Terraform v2. To migrate an existing v0 configuration, follow the migration guide.

Workflow

Add resource configuration to main.tf, then run:

terraform plan

Review the output, then apply:

terraform apply

Enter yes when prompted. The getting started guide covers the full workflow.

Networking

The following resources configure private networks, subnets, and IP addresses.

Create a network and subnetwork

The following configuration creates a network and an optional subnetwork within it.

Open the main.tf file with the Gcore provider configuration.
Copy the code below to the file and customize the highlighted values:

resource "gcore_network" "network" {
  name       = "network_example"
  type       = "vlan"
}

Configure the network.

Specify “name”.
(optional) Add create_router = "false" to remove the external router from the network. Otherwise, the external router will be added by default.
(optional) Add type = "vlan". Otherwise, a “vxlan” network will be created by default.
(optional) Specify the “region_id” or “region_name”.
(optional) Specify the “project_id” or “project_name”.

To skip the subnetwork, stop here. To create a subnetwork, add the code below and customize the highlighted values:

resource "gcore_subnet" "subnet" {
  name            = "subnet_example"
  cidr            = "192.168.10.0/24"
  network_id      = gcore_network.network.id
}

Configure the subnetwork.

Specify the “name” of the subnetwork.
Specify the “cidr”.
- Select the IP address from the ranges: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, and 192.168.0.0–192.168.255.255.
- Select the subnet mask from 16 to 24.
Specify the “network_id” of the network in which the subnet will be created.
(optional) Add connect_to_network_router = "true" to make the subnetwork accessible through an external router. To disable this, add connect_to_network_router = "false". The default value is “true”.
(optional) Add the “gateway_ip” of an external router, if any.
(optional) Specify “dns_nameservers”.
(optional) Add “host_routes”.
- Specify the “destination”, the CIDR of the target subnetwork.
- Specify the “nexthop”, the IPv4 address to forward traffic to if its destination IP matches the “destination” CIDR.
(optional) Add “enable_dhcp = false” to disable DHCP. Otherwise, DHCP is enabled by default. For IPv6 networks, DHCP can be enabled or disabled at creation time — changing this setting later requires recreating the subnetwork.
(optional) Specify the “region_id” and “region_name”.
(optional) Specify the “project_id” and “project_name”.

Reserve an IP address

The following configuration reserves a fixed IP address for use with instances or load balancers.

Open the main.tf file with the Gcore provider configuration.
Copy the code below to the file and customize the highlighted values:

resource "gcore_reservedfixedip" "fixed_ip" {
  project_id   = 1
  region_id    = 1
  type         = "external"
  is_vip       = false
}

Configure the reserved IP address.

Specify the “type”: “subnet”, “any_subnet”, “external”, or “ip_address”.
Specify whether to use the reserved IP address as a virtual IP address (VIP) (“is_vip = true”) or not (“is_vip = false”).
(optional) Add “allowed_access_pairs” to assign one VIP to multiple machines. Specify the “ip_address” and “mac_address”.
(optional) Specify the “network_id” and/or “subnet_id” to attach the IP address to a specific network or subnetwork.
(optional) Specify the “region_id” or “region_name”.
(optional) Specify the “project_id” or “project_name”.

Volumes

The following resources create and manage block storage volumes.

Create a volume

The following configuration creates a standalone volume that can be attached to instances.

Open the main.tf file with the Gcore provider configuration.
Copy the code below to the file and customize:

resource "gcore_volume" "volume" {
  project_id = 1
  region_id  = 1
  name       = "volume_example"
  type_name  = "standard"
  size       = 1
}

Configure the volume.

Specify “name”.
Specify the “snapshot_id” or “image_id”.
(optional) Specify the “size” of the volume in GB.
(optional) Select the “type_name”: “standard”, “ssd_hiiops”, “cold”, or “ultra”.
(optional) Specify the “region_id” or “region_name”.
(optional) Specify the “project_id” or “project_name”.

Create a snapshot

The following configuration creates a snapshot of an existing volume.

Open the main.tf file with the Gcore provider configuration.
Copy the code below to the file and customize the highlighted values:

resource "gcore_snapshot" "snapshot" {
  project_id  = 1
  region_id   = 1
  name        = "snapshot_example"
  volume_id   = gcore_volume.volume.id
}

Configure the snapshot.

Specify “name”.
Specify the “volume_id”.
(optional) Add a “description”.
(optional) Specify the “region_id” and “region_name”.
(optional) Specify the “project_id” and “project_name”.

Virtual Machines

The following resources create Virtual Machine instances and placement groups.

Create a Virtual Machine

The following configuration creates a Virtual Machine with a reserved IP, boot volume, and floating IP attached.

Open the main.tf file with the Gcore provider configuration.
Copy the code to the file and customize the highlighted values:

resource "gcore_network" "network" {
  name       = "my-network"
  type       = "vxlan"
  project_id = data.gcore_project.project.id
  region_id  = data.gcore_region.region.id
}

data "gcore_image" "ubuntu" {
  name       = "ubuntu-22.04-x64"
  region_id  = data.gcore_region.region.id
  project_id = data.gcore_project.project.id
}

resource "gcore_reservedfixedip" "fixed_ip" {
  type             = "ip_address"
  network_id       = gcore_network.network.id
  fixed_ip_address = "192.168.13.6"
  is_vip           = false
}

resource "gcore_volume" "first_volume" {
  name       = "boot volume"
  type_name  = "ssd_hiiops"
  size       = 10
  image_id   = data.gcore_image.ubuntu.id
}

resource "gcore_floatingip" "fip" {
  fixed_ip_address = gcore_reservedfixedip.fixed_ip.fixed_ip_address
  port_id          = gcore_reservedfixedip.fixed_ip.port_id
}

resource "gcore_instance" "v" {
  name       = "hello"
  flavor_id  = "g1-standard-1-2"
  volume {
    source     = "existing-volume"
    volume_id  = gcore_volume.first_volume.id
    boot_index = 0
  }
  interface {
    type            = "reserved_fixed_ip"
    port_id         = gcore_reservedfixedip.fixed_ip.port_id
    fip_source      = "existing"
    existing_fip_id = gcore_floatingip.fip.id
    security_groups = ["ada84751-fcca-4491-9249-2dfceb321616"]
  }
}

Configure resources required for the Virtual Machine: reserved IP, network and subnetwork, volume.
Configure the Virtual Machine.

Specify “flavor_id”.
Select the interface “type”: “external”, “subnet”, “any_subnet”, or “reserved_fixed_ip”.
- For “subnet” type, specify the “network_id” and “subnetwork_id”.
- For “any_subnet” type, specify the “network_id”.
- For “reserved_fixed_ip” type, specify the “port_id”.
- (optional) Add is_parent = “true” to prevent the interface from being detached and to set it as the first attached interface.
- (optional) Specify order to set the order in which interfaces will be attached.
Configure “volume”.
- Specify “source = existing-volume” and the “volume_id”. Optionally, specify the size of the existing volume in GB.
- (optional) Specify the “boot_index”. If “boot_index = 0”, the volume cannot be detached.
- (optional) Specify the “type_name”: “standard”, “ssd_hiiops”, “cold”, or “ultra”.
(optional) Add “allow_app_ports = true” to allow application ports for Virtual Machines created from marketplace templates.
(optional) Specify “configuration” to set parameters for the application template from the marketplace: “key” and “value”.
(optional) Specify the “keypair_name”.
(optional) Specify the “metadata_map”: “key” and “value”.
(optional) Specify the “name” of the Virtual Machine.
(optional) Specify “username” and “password”.
(optional) Specify the “region_id” or “region_name”.
(optional) Specify the “project_id” or “project_name”.
(optional) Specify the “security_group” to add firewalls.

Create a server group

The following configuration creates a server group with an affinity or anti-affinity placement policy.

Open the main.tf file with the Gcore provider configuration.
Copy the code below to the file and customize the highlighted values:

resource "gcore_servergroup" "default" {
  name       = "server_group_example"
  policy     = "affinity"
  region_id  = 1
  project_id = 1
}

Configure the server group.

Specify “name”.
Select the policy: use “affinity” to run servers on one physical server or “anti-affinity” to distribute servers across different physical servers.
(optional) Specify the “region_id” or “region_name”.
(optional) Specify the “project_id” or “project_name”.

Bare Metal servers

The following resources provision Bare Metal servers and custom images.

Create a Bare Metal server

The following configuration creates a Bare Metal server using the Gcore Terraform provider.

Open the main.tf file with the Gcore provider configuration.
Copy the code below to the file and customize the highlighted values:

data "gcore_project" "project" {
  name = "Default"
}

data "gcore_region" "region" {
  name = "Luxembourg-2"
}

data "gcore_image" "ubuntu" {
  name       = "ubuntu-24.04-x64-ironic"
  is_baremetal = true
  project_id = data.gcore_project.project.id
  region_id  = data.gcore_region.region.id
}

resource "gcore_baremetal" "bm" {
  name       = "baremetal_example"
  flavor_id  = "bm1-infrastructure-small"
  image_id   = data.gcore_image.ubuntu.id
  interface {
      type = "external"            
  }
}

Configure the Bare Metal server.

Specify “flavor_id”.
Configure “interface”.

Select the interface “type”: “external”, “subnet”, “any_subnet”, or “reserved_fixed_ip”.

For “subnet” type, specify the “network_id” and “subnetwork_id”.
For “any_subnet” type, specify the “network_id”.
For “reserved_fixed_ip” type, specify the “port_id”.
(optional) Specify “order” to set the order in which interfaces will be attached.
(optional) Specify “app_config” to set parameters for the application template from the marketplace.
(optional) Specify the “image_id” or “apptemplate_id”.
(optional) Specify the “keypair_name”.
(optional) Specify the “name” of the server.
(optional) Specify the “region_id” or “region_name”.
(optional) Specify the “project_id” or “project_name”.
(optional) Specify the “metadata_map”: “key” and “value”.
(optional) Specify “username” and/or “password”.

Create a GPU Bare Metal image

The following configuration uploads a custom image for use with GPU Bare Metal instances.

Open the main.tf file with the Gcore provider configuration.
Copy the code below to the file and customize the highlighted values:

resource "gcore_gpu_baremetal_image" "example" {
  project_id   = data.gcore_project.project.id
  region_id    = data.gcore_region.region.id
  name         = "my-cirros-image"
  url          = "http://mirror.noris.net/cirros/0.4.0/cirros-0.4.0-x86_64-disk.img"
  architecture = "x86_64"
  os_type      = "linux"
  ssh_key      = "allow"
}

Configure the Bare Metal image.

Required attributes:

“name” for the image.
“url” where the image is located.

Optional attributes:

“project_id” - The ID of the project. Conflicts with “project_name”.
“project_name” - The name of the project. Conflicts with “project_id”.
“region_id” - The ID of the region. Conflicts with “region_name”.
“region_name” - The name of the region. Conflicts with “region_id”.
“ssh_key” - SSH key permission setting. Valid values are:
- “allow” - (Default) Allow SSH key usage
- “deny” - Deny SSH key usage
- “required” - Require SSH key
“cow_format” - When set to “true”, the image cannot be deleted until all volumes created from it are deleted.
“architecture” - CPU architecture type. Valid values are:
- “x86_64” - (Default) x86 64-bit architecture
- “aarch64” - ARM 64-bit architecture
“os_type” - The type of operating system.
“os_distro” - The distribution of the operating system (e.g., “ubuntu”, “centos”).
“os_version” - The version of the operating system.
“hw_firmware_type” - The type of firmware used for booting.
“metadata” - A map of metadata key-value pairs to associate with the image.

Kubernetes clusters

The following resources create and configure managed Kubernetes clusters.

Create a managed Kubernetes cluster

The following configuration creates a Kubernetes cluster with a private network, subnet, and a single node pool.

Open the main.tf file with the Gcore provider configuration.
Copy the code below to the file and customize the highlighted values:

resource "gcore_network" "network" {
  name       = "my-network"
  type       = "vxlan"
  project_id = data.gcore_project.project.id
  region_id  = data.gcore_region.region.id
}

resource "gcore_subnet" "subnet" {
  name            = "my-subnet"
  cidr            = "192.168.10.0/24"
  network_id      = gcore_network.network.id

  project_id = data.gcore_project.project.id
  region_id  = data.gcore_region.region.id
}

resource "gcore_k8sv2" "cluster" {
  project_id    = data.gcore_project.project.id
  region_id     = data.gcore_region.region.id
  name          = "my-k8s-cluster"
  fixed_network = gcore_network.network.id
  fixed_subnet  = gcore_subnet.subnet.id
  keypair       = gcore_keypair.my_keypair.sshkey_name
  version       = "v1.31.9"
  pool {
    name               = "my-k8s-pool"
    flavor_id          = "g1-standard-2-4"
    servergroup_policy = "soft-anti-affinity"
    min_node_count     = 1
    max_node_count     = 1
    boot_volume_size   = 10
    boot_volume_type   = "standard"
  }
}

Configure the cluster.

Specify “name”.
Specify the “fixed_network” of the cluster.
Specify the “fixed_subnet”; the subnet must have a router.
Specify the “keypair”.
(optional) Specify the “region_id” or “region_name”.
(optional) Specify the “project_id” or “project_name”.
(optional) Add auto_healing_enabled = "true" to allow automatic recovery of failed nodes.
(optional) Add external_dns_enabled = "true" to enable external DNS.
Configure the pool, a set of cluster nodes with the same specifications.
- Specify “name”.
- Specify “flavor_id”.
- Specify “servergroup_policy”. Server group policy: “anti-affinity”, “soft-anti-affinity”, or “affinity”.
- Specify the “min_node_count” for autoscaling.
- Specify the “max_node_count” for autoscaling.
- Specify the “node_count”. This is the initial number of nodes to be deployed.
- (optional) Specify the “boot_volume_size” in GB.
- (optional) Select “boot_volume_type”: “standard”, “ssd_hiiops”, “cold”, or “ultra”.

Create a Kubernetes cluster with Cilium load balancer and DSR

This configuration uses Cilium with Direct Server Return (DSR) mode, which preserves the client’s source IP — useful for logging, security, and latency-sensitive applications.

Open the main.tf file with the Gcore provider configuration.
Copy the code below to the file and customize the highlighted values:

resource "gcore_network" "network" {
  name       = "my-network"
  type       = "vxlan"
  project_id = 1
  region_id  = 1
}

resource "gcore_subnet" "subnet" {
  name       = "my-subnet"
  cidr       = "192.168.10.0/24"
  network_id = gcore_network.network.id

  project_id = 1
  region_id  = 1
}

resource "gcore_k8sv2" "cluster" {
  project_id    = 1
  region_id     = 1
  name          = "my-k8s-cluster"
  fixed_network = gcore_network.network.id
  fixed_subnet  = gcore_subnet.subnet.id
  keypair       = "your-keypair-name"
  version       = "v1.33.6"

  cni {
    provider = "cilium"
    cilium {
      lb_mode = "dsr"
      routing_mode = "native"
    }
  }

  pool {
    name               = "pool-1"
    flavor_id          = "g1-standard-2-4"
    servergroup_policy = "anti-affinity"
    min_node_count     = 1
    max_node_count     = 1
    boot_volume_size   = 10
    boot_volume_type   = "standard"
  }
}

Configure the cluster.

Specify the Kubernetes “version”.
Configure the “cni” (Container Network Interface) for the cluster. Specify the following parameters:
- lb_mode: The operation mode of load balancing for remote backends. Supported values are snat, dsr, hybrid. The default value is snat.
- routing_mode: Enables native-routing mode or tunneling mode. The default value is tunnel.
Specify the “region_id” to define the data center location where the cluster is created.
Specify the “project_id” to define the project in which the cluster is created.
Specify the “name” to define the cluster name within the Gcore infrastructure.
Specify the “keypair” to define the SSH key pair used for access to cluster nodes.
Specify the “fixed_network” to define the ID of the network to which the Kubernetes cluster will be connected.
Specify the “fixed_subnet” to define the ID of the subnet within the selected network.
Configure the “pool” for the Kubernetes cluster. Specify the following parameters:
- name: Cluster pool name. Changing the value of this attribute will trigger recreation of the cluster pool.
- flavor_id: Cluster pool node flavor ID. Changing the value of this attribute will trigger recreation of the cluster pool.
- servergroup_policy: Server group policy, “anti-affinity”, “soft-anti-affinity”, or “affinity”.
- min_node_count: Minimum number of nodes in the cluster pool.
- max_node_count: Maximum number of nodes in the cluster pool.
- boot_volume_size: Cluster pool boot volume size. Applies to VM pools. Changing the value of this attribute will trigger recreation of the cluster pool.
- boot_volume_type: Cluster pool boot volume type. Applies to VM pools. Available values are “standard”, “ssd_hiiops”, “cold”, and “ultra”. Changing the value of this attribute will trigger recreation of the cluster pool.

Load Balancers

A Load Balancer consists of a balancer resource, one or more listeners, a pool, and members.

Create a Load Balancer

The following configuration creates a Load Balancer with a listener, pool, and member.

Open the main.tf file with the Gcore provider configuration.
Copy the code below to the file and customize the highlighted values:

resource "gcore_loadbalancerv2" "lb" {
  project_id = 1
  region_id  = 1
  name       = "lb_example"
  flavor     = "lb1-1-2"
}

resource "gcore_lblistener" "listener" {
  name            = "listener_example"
  protocol        = "TCP"
  protocol_port   = 36621
  loadbalancer_id = gcore_loadbalancerv2.lb.id
}

resource "gcore_lbpool" "pl" {
  name            = "test_pool"
  protocol        = "HTTP"
  lb_algorithm    = "LEAST_CONNECTIONS"
  loadbalancer_id = gcore_loadbalancerv2.lb.id
  listener_id     = gcore_lblistener.listener.id
  health_monitor {
    type        = "PING"
    delay       = 60
    max_retries = 5
    timeout     = 10
  }
  session_persistence {
    type        = "APP_COOKIE"
    cookie_name = "test_new_cookie"
  }
}

resource "gcore_lbmember" "lbm" {
  pool_id       = gcore_lbpool.pl.id
  address       = "10.10.2.15"
  protocol_port = 8081
  weight        = 5
}

Configure the Load Balancer.

Specify the “name” of the Load Balancer.
Specify “flavor”.
(optional) Specify the “region_id” or “region_name”.
(optional) Specify the “project_id” or “project_name”.
(optional) Specify the “vip_port_id” or “vip_network_id”.
(optional) Specify the “vip_subnet_id”.

Configure the listener.

Specify “name”.
Select “protocol”: “HTTP”, “HTTPS”, “TCP”, “UDP”, or “TERMINATED_HTTPS”. For “TERMINATED_HTTPS”, specify the “secret_id”.
Specify the “protocol_port”.
Specify the “loadbalancer_id”.
(optional) Add insert_x_forwarded = "true" to identify an original IP address of a client connecting to a web server via a load.
(optional) Specify the “region_id” or “region_name”.
(optional) Specify the “project_id” or “project_name”.

Configure the pool.

Specify “name”.
Select “protocol”: “HTTP”, “HTTPS”, “TCP”, or “UDP”.
Select “lb_algorithm”: “ROUND_ROBIN”, “LEAST_CONNECTIONS”, or “SOURCE_IP”.
(optional) Add “health_monitor”.
- Select “type”: “HTTP”, “HTTPS”, “PING”, “TCP”, “TLS-HELLO”, or “UDP-CONNECT”.
- Specify the “delay” in seconds to set the time between sending probe requests to pool members.
- Specify the “max_retries” to set the number of successful probes required to switch a member to the ONLINE state.
- Specify the “timeout” in seconds to set the maximum time to connect.
- (optional) Select “http_method”: “CONNECT”, “DELETE”, “GET”, “HEAD”, “OPTIONS”, “PATCH”, “POST”, “PUT”, or “TRACE”.
- (optional) Specify the “max_retrieve_down” to set the threshold of failures required to switch a member to the ERROR state.
- (optional) Specify “expected_codes”.
- (optional) Specify the “url_path”.
(optional) Specify the “listener_id”.
(optional) Specify the “loadbalancer_id”.
(optional) Specify the “region_id” or “region_name”.
(optional) Specify the “project_id” or “project_name”.
(optional) Add “session_persistence”.
- Select “type”: “APP_COOKIE”, “HTTP_COOKIE”
  For “APP_COOKIE” or “HTTP_COOKIE”, specify the “cookie_name”.
  For “SOURCE_IP”, specify the “persistence_granularity” (applies to UDP ports).
- (optional) Specify the “persistence_timeout”.

Configure the member.

Specify the IP “address”.
Specify the “pool_id”.
Specify the “protocol_port”.
Specify the “instance_id” or “subnet_id”.
(optional) Specify member “weight” from 0 to 256.

​Workflow

​Networking

​Create a network and subnetwork

​Reserve an IP address

​Volumes

​Create a volume

​Create a snapshot

​Virtual Machines

​Create a Virtual Machine

​Create a server group

​Bare Metal servers

​Create a Bare Metal server

​Create a GPU Bare Metal image

​Kubernetes clusters

​Create a managed Kubernetes cluster

​Create a Kubernetes cluster with Cilium load balancer and DSR

​Load Balancers

​Create a Load Balancer