Deployment

The easiest way to deploy FortiGate Autoscale for GCP is with Terraform.

This deployment was tested with:

Terraform 0.12
Terraform Google Provider 2.20.1
Terraform Google Provider Beta 2.20.1

To deploy FortiGate Autoscale for GCP:

Log into your GCP account.
If you haven't already done so, create an authentication token. The default Compute service account should have sufficient permissions. For details refer to the Google Cloud article Getting Started.
Install Terraform. For installation details, refer to the HashiCorp article Install Terraform.
Clone the repository.
Change into the new directory and do one of the following:
- Run the following commands:
- Visit the FortiGate Autoscale for GCP GitHub project release page and download the latest gcp.zip from the releases tab; create a folder named dist and place the gcp.zip file in that directory.

The following files and folders should be present:

.
├── assets
│   └── configset
│   	├── baseconfig
│   	├── httproutingpolicy
│   	├── httpsroutingpolicy
│   	├── internalelbweb
│   	├── port2config
│   	├── setuptgwvpn
│   	└── storelogtofaz
├── cloud-function-package.json
├── dist
│   └── gcp.zip
├── index.ts
├── main.tf
├── package.json
├── package-lock.json
├── README.md
├── tsconfig.json
├── tslint.json
└── vars.tf

Open the vars.tf file and add values to the following variables:
- project: your Google Project ID
- service_account: the service account that will be used to call Cloud Function
- auth_key: the name (and path) of your GCP authentication key. The default is account.json. Specify the path if the key is not in the current directory.
The above can also be done from the command line using the syntax:
```
terraform plan -var "<var_name>=<value>"
```
Customize other variables such as cpu_ulitization, cool down period, etc. as needed. For variable descriptions, refer to the section Terraform variables.
Initialize the providers and modules:
```
terraform init
```
Verify the plan:
```
terraform plan
```

Confirm and apply the plan:

terraform apply

Output will be similar to the following. A randomly generated five (5) letter suffix is added to all resources and can be used to help identify your cluster resources.

InstanceTemplate = fortigateautoscale-instance-template-cehpm
LoadBalance_instances = []
LoadBalancer_Ip_Address = xxx.xxx.xxx.xxx
Notes = The Firestore Database must be deleted separately
Trigger_URL = https://us-central1-*************.cloudfunctions.net/fortigateautoscale-cehpm
google_compute_region_instance_group_manager = fortigateautoscale-fortigate-autoscale-cehpm

As part of the deployment, Terraform will adjust the value of ${fgt_secondary_ip} within the baseconfig file located in assets/configset/. The value should be the IP address of the external load balancer. For details on Load Balancing in GCP, refer to the Google Cloud article Network Load Balancing Concepts.

Deployment

The easiest way to deploy FortiGate Autoscale for GCP is with Terraform.

This deployment was tested with:

Terraform 0.12

Terraform Google Provider 2.20.1

Terraform Google Provider Beta 2.20.1

To deploy FortiGate Autoscale for GCP:

Log into your GCP account.

If you haven't already done so, create an authentication token. The default Compute service account should have sufficient permissions. For details refer to the Google Cloud article Getting Started.

Install Terraform. For installation details, refer to the HashiCorp article Install Terraform.

Clone the repository.

Change into the new directory and do one of the following:

Run the following commands:
Visit the FortiGate Autoscale for GCP GitHub project release page and download the latest gcp.zip from the releases tab; create a folder named dist and place the gcp.zip file in that directory.

The following files and folders should be present:

.
├── assets
│   └── configset
│   	├── baseconfig
│   	├── httproutingpolicy
│   	├── httpsroutingpolicy
│   	├── internalelbweb
│   	├── port2config
│   	├── setuptgwvpn
│   	└── storelogtofaz
├── cloud-function-package.json
├── dist
│   └── gcp.zip
├── index.ts
├── main.tf
├── package.json
├── package-lock.json
├── README.md
├── tsconfig.json
├── tslint.json
└── vars.tf

Open the vars.tf file and add values to the following variables:

project: your Google Project ID
service_account: the service account that will be used to call Cloud Function
auth_key: the name (and path) of your GCP authentication key. The default is account.json. Specify the path if the key is not in the current directory.

The above can also be done from the command line using the syntax:

terraform plan -var "<var_name>=<value>"

Customize other variables such as cpu_ulitization, cool down period, etc. as needed. For variable descriptions, refer to the section Terraform variables.

Initialize the providers and modules:

terraform init

Verify the plan:

terraform plan

Confirm and apply the plan:

terraform apply

Output will be similar to the following. A randomly generated five (5) letter suffix is added to all resources and can be used to help identify your cluster resources.

InstanceTemplate = fortigateautoscale-instance-template-cehpm
LoadBalance_instances = []
LoadBalancer_Ip_Address = xxx.xxx.xxx.xxx
Notes = The Firestore Database must be deleted separately
Trigger_URL = https://us-central1-*************.cloudfunctions.net/fortigateautoscale-cehpm
google_compute_region_instance_group_manager = fortigateautoscale-fortigate-autoscale-cehpm

GCP Administration Guide

Deployment

Deployment

To deploy FortiGate Autoscale for GCP:

Deployment

To deploy FortiGate Autoscale for GCP: