> ## Documentation Index
> Fetch the complete documentation index at: https://gcore.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Manage Cloud resources via Terraform v0

With the Gcore Terraform provider v0, teams define Cloud resources — Virtual Machines, Kubernetes clusters, networks, and more — in configuration files, then apply them consistently across environments without clicking through the Portal.

The following resources are supported: Virtual Machines, Bare Metal servers, Kubernetes clusters, Load Balancers, networks, volumes, snapshots, server groups, and reserved IP addresses.

Provider installation and authentication are covered in the [Terraform overview](/developer-tools/terraform/overview). The v2 provider with expanded resource support is available in [Terraform v2](/cloud/manage-cloud-via-terraform-v2). To migrate an existing v0 configuration, follow the [migration guide](/developer-tools/terraform/migrate-v0-to-v2).

## Workflow

Add resource configuration to `main.tf`, then run:

```sh theme={null}
terraform plan
```

Review the output, then apply:

```sh theme={null}
terraform apply
```

Enter `yes` when prompted. The [getting started guide](/developer-tools/terraform/get-started-with-terraform) covers the full workflow.

## Networking

The following resources configure private networks, subnets, and IP addresses.

### Create a network and subnetwork

The following configuration creates a network and an optional subnetwork within it.

1. Open the `main.tf` file with the Gcore provider configuration.
2. Copy the code below to the file and customize the highlighted values:

```hcl theme={null}
resource "gcore_network" "network" {
  name       = "network_example"
  type       = "vlan"
}
```

3. Configure the network.

* Specify "name".
* (optional) Add `create_router = "false"` to remove the external router from the network. Otherwise, the external router will be added by default.
* (optional) Add `type = "vlan"`. Otherwise, a "vxlan" network will be created by default.
* (optional) Specify the "region\_id" or "region\_name".
* (optional) Specify the "project\_id" or "project\_name".

4. To skip the subnetwork, stop here. To create a subnetwork, add the code below and customize the highlighted values:

```hcl theme={null}
resource "gcore_subnet" "subnet" {
  name            = "subnet_example"
  cidr            = "192.168.10.0/24"
  network_id      = gcore_network.network.id
}
```

5. Configure the subnetwork.

* Specify the "name" of the subnetwork.
* Specify the "cidr".
  * Select the IP address from the ranges: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, and 192.168.0.0–192.168.255.255.
  * Select the subnet mask from 16 to 24.
* Specify the "network\_id" of the network in which the subnet will be created.
* (optional) Add `connect_to_network_router = "true"` to make the subnetwork accessible through an external router. To disable this, add `connect_to_network_router = "false"`. The default value is "true".
* (optional) Add the "gateway\_ip" of an external router, if any.
* (optional) Specify "dns\_nameservers".
* (optional) Add "host\_routes".
  * Specify the "destination", the CIDR of the target subnetwork.
  * Specify the "nexthop", the IPv4 address to forward traffic to if its destination IP matches the "destination" CIDR.
* (optional) Add "enable\_dhcp = false" to disable DHCP. Otherwise, DHCP is enabled by default. For IPv6 networks, DHCP can be enabled or disabled at creation time — changing this setting later requires recreating the subnetwork.
* (optional) Specify the "region\_id" and "region\_name".
* (optional) Specify the "project\_id" and "project\_name".

### Reserve an IP address

The following configuration reserves a fixed IP address for use with instances or load balancers.

1. Open the `main.tf` file with the Gcore provider configuration.
2. Copy the code below to the file and customize the highlighted values:

```hcl theme={null}
resource "gcore_reservedfixedip" "fixed_ip" {
  project_id   = 1
  region_id    = 1
  type         = "external"
  is_vip       = false
}
```

3. Configure the reserved IP address.

* Specify the "type": "subnet", "any\_subnet", "external", or "ip\_address".
* Specify whether to use the reserved IP address as a [virtual IP address](/cloud/networking/ip-address/create-and-configure-a-virtual-ip-vip-address) (VIP) ("is\_vip = true") or not ("is\_vip = false").
* (optional) Add "allowed\_access\_pairs" to assign one VIP to multiple machines. Specify the "ip\_address" and "mac\_address".
* (optional) Specify the "network\_id" and/or "subnet\_id" to attach the IP address to a specific network or subnetwork.
* (optional) Specify the "region\_id" or "region\_name".
* (optional) Specify the "project\_id" or "project\_name".

## Volumes

The following resources create and manage block storage volumes.

### Create a volume

The following configuration creates a standalone volume that can be attached to instances.

1. Open the `main.tf` file with the Gcore provider configuration.
2. Copy the code below to the file and customize:

```hcl theme={null}
resource "gcore_volume" "volume" {
  project_id = 1
  region_id  = 1
  name       = "volume_example"
  type_name  = "standard"
  size       = 1
}
```

3. Configure the volume.

* Specify "name".
* Specify the "snapshot\_id" or "image\_id".
* (optional) Specify the "size" of the volume in GB.
* (optional) Select the "type\_name": "standard", "ssd\_hiiops", "cold", or "ultra".
* (optional) Specify the "region\_id" or "region\_name".
* (optional) Specify the "project\_id" or "project\_name".

### Create a snapshot

The following configuration creates a snapshot of an existing volume.

1. Open the `main.tf` file with the Gcore provider configuration.
2. Copy the code below to the file and customize the highlighted values:

```hcl theme={null}
resource "gcore_snapshot" "snapshot" {
  project_id  = 1
  region_id   = 1
  name        = "snapshot_example"
  volume_id   = gcore_volume.volume.id
}
```

3. Configure the snapshot.

* Specify "name".
* Specify the "volume\_id".
* (optional) Add a "description".
* (optional) Specify the "region\_id" and "region\_name".
* (optional) Specify the "project\_id" and "project\_name".

## Virtual Machines

The following resources create Virtual Machine instances and placement groups.

### Create a Virtual Machine

The following configuration creates a Virtual Machine with a reserved IP, boot volume, and floating IP attached.

1. Open the `main.tf` file with the Gcore provider configuration.
2. Copy the code to the file and customize the highlighted values:

```hcl theme={null}
resource "gcore_network" "network" {
  name       = "my-network"
  type       = "vxlan"
  project_id = data.gcore_project.project.id
  region_id  = data.gcore_region.region.id
}

data "gcore_image" "ubuntu" {
  name       = "ubuntu-22.04-x64"
  region_id  = data.gcore_region.region.id
  project_id = data.gcore_project.project.id
}

resource "gcore_reservedfixedip" "fixed_ip" {
  type             = "ip_address"
  network_id       = gcore_network.network.id
  fixed_ip_address = "192.168.13.6"
  is_vip           = false
}

resource "gcore_volume" "first_volume" {
  name       = "boot volume"
  type_name  = "ssd_hiiops"
  size       = 10
  image_id   = data.gcore_image.ubuntu.id
}

resource "gcore_floatingip" "fip" {
  fixed_ip_address = gcore_reservedfixedip.fixed_ip.fixed_ip_address
  port_id          = gcore_reservedfixedip.fixed_ip.port_id
}

resource "gcore_instance" "v" {
  name       = "hello"
  flavor_id  = "g1-standard-1-2"
  volume {
    source     = "existing-volume"
    volume_id  = gcore_volume.first_volume.id
    boot_index = 0
  }
  interface {
    type            = "reserved_fixed_ip"
    port_id         = gcore_reservedfixedip.fixed_ip.port_id
    fip_source      = "existing"
    existing_fip_id = gcore_floatingip.fip.id
    security_groups = ["ada84751-fcca-4491-9249-2dfceb321616"]
  }
}
```

3. Configure resources required for the Virtual Machine: [reserved IP](/cloud/manage-cloud-via-terraform#reserve-an-ip-address), [network and subnetwork](/cloud/manage-cloud-via-terraform#create-a-network-and-subnetwork), [volume](/cloud/manage-cloud-via-terraform#create-a-volume).
4. Configure the Virtual Machine.

* Specify "flavor\_id".
* Select the interface "type": "external", "subnet", "any\_subnet", or "reserved\_fixed\_ip".
  * For "subnet" type, specify the "network\_id" and "subnetwork\_id".
  * For "any\_subnet" type, specify the "network\_id".
  * For "reserved\_fixed\_ip" type, specify the "port\_id".
  * (optional) Add is\_parent = "true" to prevent the interface from being detached and to set it as the first attached interface.
  * (optional) Specify order to set the order in which interfaces will be attached.
* Configure "volume".
  * Specify "source = existing-volume" and the "volume\_id". Optionally, specify the size of the existing volume in GB.
  * (optional) Specify the "boot\_index". If "boot\_index = 0", the volume cannot be detached.
  * (optional) Specify the "type\_name": "standard", "ssd\_hiiops", "cold", or "ultra".
* (optional) Add "allow\_app\_ports = true" to allow application ports for Virtual Machines created from marketplace templates.
* (optional) Specify "configuration" to set parameters for the application template from the marketplace: "key" and "value".
* (optional) Specify the "keypair\_name".
* (optional) Specify the "metadata\_map": "key" and "value".
* (optional) Specify the "name" of the Virtual Machine.
* (optional) Specify "username" and "password".
* (optional) Specify the "region\_id" or "region\_name".
* (optional) Specify the "project\_id" or "project\_name".
* (optional) Specify the "security\_group" to add firewalls.

### Create a server group

The following configuration creates a server group with an affinity or anti-affinity placement policy.

1. Open the `main.tf` file with the Gcore provider configuration.
2. Copy the code below to the file and customize the highlighted values:

```hcl theme={null}
resource "gcore_servergroup" "default" {
  name       = "server_group_example"
  policy     = "affinity"
  region_id  = 1
  project_id = 1
}
```

3. Configure the server group.

* Specify "name".
* Select the `policy`: use "affinity" to run servers on one physical server or "anti-affinity" to distribute servers across different physical servers.
* (optional) Specify the "region\_id" or "region\_name".
* (optional) Specify the "project\_id" or "project\_name".

## Bare Metal servers

The following resources provision Bare Metal servers and custom images.

### Create a Bare Metal server

The following configuration creates a Bare Metal server using the Gcore Terraform provider.

1. Open the `main.tf` file with the Gcore provider configuration.
2. Copy the code below to the file and customize the highlighted values:

```hcl theme={null}
data "gcore_project" "project" {
  name = "Default"
}

data "gcore_region" "region" {
  name = "Luxembourg-2"
}

data "gcore_image" "ubuntu" {
  name       = "ubuntu-24.04-x64-ironic"
  is_baremetal = true
  project_id = data.gcore_project.project.id
  region_id  = data.gcore_region.region.id
}

resource "gcore_baremetal" "bm" {
  name       = "baremetal_example"
  flavor_id  = "bm1-infrastructure-small"
  image_id   = data.gcore_image.ubuntu.id
  interface {
      type = "external"            
  }
}
```

3. Configure the Bare Metal server.

* Specify "flavor\_id".
* Configure "interface".

Select the interface "type": "external", "subnet", "any\_subnet", or "reserved\_fixed\_ip".

* For "subnet" type, specify the "network\_id" and "subnetwork\_id".
* For "any\_subnet" type, specify the "network\_id".
* For "reserved\_fixed\_ip" type, specify the "port\_id".
* (optional) Specify "order" to set the order in which interfaces will be attached.
* (optional) Specify "app\_config" to set parameters for the application template from the marketplace.
* (optional) Specify the "image\_id" or "apptemplate\_id".
* (optional) Specify the "keypair\_name".
* (optional) Specify the "name" of the server.
* (optional) Specify the "region\_id" or "region\_name".
* (optional) Specify the "project\_id" or "project\_name".
* (optional) Specify the "metadata\_map": "key" and "value".
* (optional) Specify "username" and/or "password".

### Create a GPU Bare Metal image

The following configuration uploads a custom image for use with GPU Bare Metal instances.

1. Open the `main.tf` file with the Gcore provider configuration.
2. Copy the code below to the file and customize the highlighted values:

```hcl theme={null}
resource "gcore_gpu_baremetal_image" "example" {
  project_id   = data.gcore_project.project.id
  region_id    = data.gcore_region.region.id
  name         = "my-cirros-image"
  url          = "http://mirror.noris.net/cirros/0.4.0/cirros-0.4.0-x86_64-disk.img"
  architecture = "x86_64"
  os_type      = "linux"
  ssh_key      = "allow"
}
```

3. Configure the Bare Metal image.

Required attributes:

* "name" for the image.
* "url" where the image is located.

Optional attributes:

* "project\_id" - The ID of the project. Conflicts with "project\_name".
* "project\_name" - The name of the project. Conflicts with "project\_id".
* "region\_id" - The ID of the region. Conflicts with "region\_name".
* "region\_name" - The name of the region. Conflicts with "region\_id".
* "ssh\_key" - SSH key permission setting. Valid values are:
  * "allow" - (Default) Allow SSH key usage
  * "deny" - Deny SSH key usage
  * "required" - Require SSH key
* "cow\_format" - When set to "true", the image cannot be deleted until all volumes created from it are deleted.
* "architecture" - CPU architecture type. Valid values are:
  * "x86\_64" - (Default) x86 64-bit architecture
  * "aarch64" - ARM 64-bit architecture
* "os\_type" - The type of operating system.
* "os\_distro" - The distribution of the operating system (e.g., "ubuntu", "centos").
* "os\_version" - The version of the operating system.
* "hw\_firmware\_type" - The type of firmware used for booting.
* "metadata" - A map of metadata key-value pairs to associate with the image.

## Kubernetes clusters

The following resources create and configure managed Kubernetes clusters.

### Create a managed Kubernetes cluster

The following configuration creates a Kubernetes cluster with a private network, subnet, and a single node pool.

1. Open the `main.tf` file with the Gcore provider configuration.
2. Copy the code below to the file and customize the highlighted values:

```hcl theme={null}
resource "gcore_network" "network" {
  name       = "my-network"
  type       = "vxlan"
  project_id = data.gcore_project.project.id
  region_id  = data.gcore_region.region.id
}

resource "gcore_subnet" "subnet" {
  name            = "my-subnet"
  cidr            = "192.168.10.0/24"
  network_id      = gcore_network.network.id

  project_id = data.gcore_project.project.id
  region_id  = data.gcore_region.region.id
}

resource "gcore_k8sv2" "cluster" {
  project_id    = data.gcore_project.project.id
  region_id     = data.gcore_region.region.id
  name          = "my-k8s-cluster"
  fixed_network = gcore_network.network.id
  fixed_subnet  = gcore_subnet.subnet.id
  keypair       = gcore_keypair.my_keypair.sshkey_name
  version       = "v1.31.9"
  pool {
    name               = "my-k8s-pool"
    flavor_id          = "g1-standard-2-4"
    servergroup_policy = "soft-anti-affinity"
    min_node_count     = 1
    max_node_count     = 1
    boot_volume_size   = 10
    boot_volume_type   = "standard"
  }
}
```

3. Configure the cluster.

* Specify "name".
* Specify the "fixed\_network" of the cluster.
* Specify the "fixed\_subnet"; the subnet must have a router.
* Specify the "keypair".
* (optional) Specify the "region\_id" or "region\_name".
* (optional) Specify the "project\_id" or "project\_name".
* (optional) Add `auto_healing_enabled = "true"` to allow automatic recovery of failed nodes.
* (optional) Add `external_dns_enabled = "true"` to enable external DNS.
* Configure the pool, a set of cluster nodes with the same specifications.
  * Specify "name".
  * Specify "flavor\_id".
  * Specify "servergroup\_policy". Server group policy: "anti-affinity", "soft-anti-affinity", or "affinity".
  * Specify the "min\_node\_count" for autoscaling.
  * Specify the "max\_node\_count" for autoscaling.
  * Specify the "node\_count". This is the initial number of nodes to be deployed.
  * (optional) Specify the "boot\_volume\_size" in GB.
  * (optional) Select "boot\_volume\_type": "standard", "ssd\_hiiops", "cold", or "ultra".

### Create a Kubernetes cluster with Cilium load balancer and DSR

This configuration uses Cilium with Direct Server Return (DSR) mode, which preserves the client's source IP — useful for logging, security, and latency-sensitive applications.

1. Open the `main.tf` file with the Gcore provider configuration.
2. Copy the code below to the file and customize the highlighted values:

```hcl theme={null}
resource "gcore_network" "network" {
  name       = "my-network"
  type       = "vxlan"
  project_id = 1
  region_id  = 1
}

resource "gcore_subnet" "subnet" {
  name       = "my-subnet"
  cidr       = "192.168.10.0/24"
  network_id = gcore_network.network.id

  project_id = 1
  region_id  = 1
}

resource "gcore_k8sv2" "cluster" {
  project_id    = 1
  region_id     = 1
  name          = "my-k8s-cluster"
  fixed_network = gcore_network.network.id
  fixed_subnet  = gcore_subnet.subnet.id
  keypair       = "your-keypair-name"
  version       = "v1.33.6"

  cni {
    provider = "cilium"
    cilium {
      lb_mode = "dsr"
      routing_mode = "native"
    }
  }

  pool {
    name               = "pool-1"
    flavor_id          = "g1-standard-2-4"
    servergroup_policy = "anti-affinity"
    min_node_count     = 1
    max_node_count     = 1
    boot_volume_size   = 10
    boot_volume_type   = "standard"
  }
}
```

3. Configure the cluster.

* Specify the Kubernetes "version".
* Configure the "cni" (Container Network Interface) for the cluster. Specify the following parameters:
  * lb\_mode: The operation mode of load balancing for remote backends. Supported values are snat, dsr, hybrid. The default value is snat.
  * routing\_mode: Enables native-routing mode or tunneling mode. The default value is tunnel.
* Specify the "region\_id" to define the data center location where the cluster is created.
* Specify the "project\_id" to define the project in which the cluster is created.
* Specify the "name" to define the cluster name within the Gcore infrastructure.
* Specify the "keypair" to define the SSH key pair used for access to cluster nodes.
* Specify the "fixed\_network" to define the ID of the network to which the Kubernetes cluster will be connected.
* Specify the "fixed\_subnet" to define the ID of the subnet within the selected network.
* Configure the "pool" for the Kubernetes cluster. Specify the following parameters:
  * name: Cluster pool name. Changing the value of this attribute will trigger recreation of the cluster pool.
  * flavor\_id:  Cluster pool node flavor ID. Changing the value of this attribute will trigger recreation of the cluster pool.
  * servergroup\_policy: Server group policy, "anti-affinity", "soft-anti-affinity", or "affinity".
  * min\_node\_count: Minimum number of nodes in the cluster pool.
  * max\_node\_count: Maximum number of nodes in the cluster pool.
  * boot\_volume\_size: Cluster pool boot volume size. Applies to VM pools. Changing the value of this attribute will trigger recreation of the cluster pool.
  * boot\_volume\_type: Cluster pool boot volume type. Applies to VM pools. Available values are "standard", "ssd\_hiiops", "cold", and "ultra". Changing the value of this attribute will trigger recreation of the cluster pool.

## Load Balancers

A Load Balancer consists of a balancer resource, one or more listeners, a pool, and members.

### Create a Load Balancer

The following configuration creates a Load Balancer with a listener, pool, and member.

1. Open the `main.tf` file with the Gcore provider configuration.
2. Copy the code below to the file and customize the highlighted values:

```hcl theme={null}
resource "gcore_loadbalancerv2" "lb" {
  project_id = 1
  region_id  = 1
  name       = "lb_example"
  flavor     = "lb1-1-2"
}

resource "gcore_lblistener" "listener" {
  name            = "listener_example"
  protocol        = "TCP"
  protocol_port   = 36621
  loadbalancer_id = gcore_loadbalancerv2.lb.id
}

resource "gcore_lbpool" "pl" {
  name            = "test_pool"
  protocol        = "HTTP"
  lb_algorithm    = "LEAST_CONNECTIONS"
  loadbalancer_id = gcore_loadbalancerv2.lb.id
  listener_id     = gcore_lblistener.listener.id
  health_monitor {
    type        = "PING"
    delay       = 60
    max_retries = 5
    timeout     = 10
  }
  session_persistence {
    type        = "APP_COOKIE"
    cookie_name = "test_new_cookie"
  }
}

resource "gcore_lbmember" "lbm" {
  pool_id       = gcore_lbpool.pl.id
  address       = "10.10.2.15"
  protocol_port = 8081
  weight        = 5
}
```

3. Configure the Load Balancer.

* Specify the "name" of the Load Balancer.
* Specify "flavor".
* (optional) Specify the "region\_id" or "region\_name".
* (optional) Specify the "project\_id" or "project\_name".
* (optional) Specify the "vip\_port\_id" or "vip\_network\_id".
* (optional) Specify the "vip\_subnet\_id".

4. Configure the listener.

* Specify "name".
* Select "protocol": "HTTP", "HTTPS", "TCP", "UDP", or "TERMINATED\_HTTPS". For "TERMINATED\_HTTPS", specify the "secret\_id".
* Specify the "protocol\_port".
* Specify the "loadbalancer\_id".
* (optional) Add `insert_x_forwarded = "true"` to identify an original IP address of a client connecting to a web server via a load.
* (optional) Specify the "region\_id" or "region\_name".
* (optional) Specify the "project\_id" or "project\_name".

5. Configure the pool.

* Specify "name".
* Select "protocol": "HTTP", "HTTPS", "TCP", or "UDP".
* Select "lb\_algorithm": "ROUND\_ROBIN", "LEAST\_CONNECTIONS", or "SOURCE\_IP".
* (optional) Add "health\_monitor".
  * Select "type": "HTTP", "HTTPS", "PING", "TCP", "TLS-HELLO", or "UDP-CONNECT".
  * Specify the "delay" in seconds to set the time between sending probe requests to pool members.
  * Specify the "max\_retries" to set the number of successful probes required to switch a member to the ONLINE state.
  * Specify the "timeout" in seconds to set the maximum time to connect.
  * (optional) Select "http\_method": "CONNECT", "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT", or "TRACE".
  * (optional) Specify the "max\_retrieve\_down" to set the threshold of failures required to switch a member to the ERROR state.
  * (optional) Specify "expected\_codes".
  * (optional) Specify the "url\_path".
* (optional) Specify the "listener\_id".
* (optional) Specify the "loadbalancer\_id".
* (optional) Specify the "region\_id" or "region\_name".
* (optional) Specify the "project\_id" or "project\_name".
* (optional) Add "session\_persistence".
  * Select "type": "APP\_COOKIE", "HTTP\_COOKIE"\
    For "APP\_COOKIE" or "HTTP\_COOKIE", specify the "cookie\_name".\
    For "SOURCE\_IP", specify the "persistence\_granularity" (applies to UDP ports).
  * (optional) Specify the "persistence\_timeout".

6. Configure the member.

* Specify the IP "address".
* Specify the "pool\_id".
* Specify the "protocol\_port".
* Specify the "instance\_id" or "subnet\_id".
* (optional) Specify member "weight" from 0 to 256.
