- Gavin In The Cloud
- Posts
- Automating Chrome Remote Desktop Linux Instance Deployment with Terraform and GitHub Actions
Automating Chrome Remote Desktop Linux Instance Deployment with Terraform and GitHub Actions
Effortless Cloud-Based Desktop Access: Streamlining Setup and Connectivity
Gavin Singh
August 16, 2023
Automating Chrome Remote Desktop Linux Instance Deployment with Terraform and GitHub Actions
Introduction: As a cloud engineer experienced in implementing solutions on GCP, you already understand the power of automation in cloud workflows. In this blog post, we will dive into the process of automating the deployment of a Chrome Remote Desktop Linux instance using Terraform and GitHub Actions. We'll guide you through the step-by-step implementation of provisioning the necessary resources, setting up the CI/CD pipeline, and achieving an efficient deployment process for Chrome Remote Desktop instances on Google Cloud Platform (GCP).
Prerequisites: Before we delve into the technical details, make sure you have the following prerequisites in place:
A Google Cloud Platform (GCP) account with the necessary permissions to create resources like Google Compute Engine instances and firewall rules.
A GitHub account with a repository set up to manage your Terraform code.
Repo Structure: To maintain an organized project structure, we'll follow a directory structure within your GitHub repository: GitHub-Repo
You can simply clone my public repository: GitHub-Repo
Terraform Configuration: Let's explore the details of each component of your Terraform code for provisioning the Chrome Remote Desktop instance.
main.tf: This file configures Google Cloud resources like the Chrome Remote Desktop instance and firewall rules using Terraform.
resource "google_compute_instance" "chrome_desktop" {
name = "chrome-remote-desktop"
machine_type = "e2-medium"
boot_disk {
initialize_params {
image = "debian-cloud/debian-11"
}
}
network_interface {
network = "default"
access_config {
// Optional. External IP address configuration.
}
}
metadata_startup_script = "${file("startup-script.sh")}"
tags = ["chrome-remote-desktop"]
}
resource "google_compute_firewall" "chrome_desktop" {
name = "chrome-desktop"
network = "default"
allow {
protocol = "tcp"
ports = ["22", "3389"]
}
source_ranges = ["0.0.0.0/0"]
}
resource "google_compute_resource_policy" "hourly" {
name = "gce-policy"
region = "us-central1"
description = "Start and stop instances"
instance_schedule_policy {
vm_start_schedule {
schedule = "0 0 * * 1-7" #1-mon,...,7-sun
}
vm_stop_schedule {
schedule = "0 0 * * 1-7"
}
time_zone = "US/Central"
}
}provider.tf: Within this file, Terraform configuration details for the Google Cloud provider, like project information and region, are specified.
terraform {
required_providers {
google = {
source = "hashicorp/google"
version = "4.58.0"
}
}
backend "gcs" {
bucket = "your-backend-bucket" // Replace with your backend bucket name
prefix = "terraform/state"
}
}
provider "google" {
project = "your-project-id" // Replace with your project ID
region = "us-central1" // Replace with your desired region
zone = "us-central1-c" // Replace with your desired zone
}startup-script.sh: During instance startup, this script installs Chrome Remote Desktop and sets up an Xfce desktop environment for remote access.
#!/bin/bash -x
#
# Startup script to install Chrome remote desktop and a Xfce desktop environment.
#
sudo apt update
curl -L -o chrome-remote-desktop_current_amd64.deb \
https://dl.google.com/linux/direct/chrome-remote-desktop_current_amd64.deb
sudo DEBIAN_FRONTEND=noninteractive \
apt-get install --assume-yes ./chrome-remote-desktop_current_amd64.deb
sudo DEBIAN_FRONTEND=noninteractive \
apt install --assume-yes xfce4 desktop-base dbus-x11 xscreensaver
sudo bash -c 'echo "exec /etc/X11/Xsession /usr/bin/xfce4-session" > /etc/chrome-remote-desktop-session'
sudo systemctl disable lightdm.service
echo "Chrome remote desktop installation completed".github/workflows/terraform.yml: This directory houses GitHub Actions workflows that automate tasks within your repository, such as managing Terraform deployments.
name: "Deploy Chrome Remote Desktop Instance"
on:
push:
branches:
- main
jobs:
terraform:
name: "Terraform"
runs-on: ubuntu-latest
env:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}
defaults:
run:
working-directory: ./src
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Terraform
uses: hashicorp/setup-terraform@v1
with:
terraform_version: 1.0.1
terraform_wrapper: false
- name: Terraform Init
id: init
run: terraform init
- name: Terraform Format
id: fmt
run: terraform fmt
- name: Terraform Plan
id: plan
run: terraform plan
- name: Terraform Apply
id: apply
run: terraform apply -auto-approve
#- name: Terraform Destroy
#id: destroy
#run: terraform destroy -auto-approveImplementation Steps: With your configurations in place, follow these implementation steps.
Set up a GitHub repository: Create a new repository on GitLab or use an existing one to host your Terraform code. If you haven't already, clone the repository from the following link: GitHub-Repo
Configure GCP Provider: In the provider.tf file, configure the GCP provider by specifying your GCP backend bucket, project ID, region, and zone.
Configure GCP Service Account Key: In your GCP project, create a service account and download the JSON key file. Securely store this JSON key as a secret named "GOOGLE_CREDENTIALS" in your GitHub repository under Settings > Secrets.
Note: Make sure to remove any white spaces in your token content before pasting it.
Push and Trigger: Commit and push your changes to the repository's main branch. This will trigger the GitHub Actions workflow, which will execute the defined steps.
Verify Resource Creation in GCP: After completing the deployment process, confirm the successful creation of your Chrome Remote Desktop instance and associated resources in the Google Cloud Platform (GCP) console. Check for the provisioned Compute Engine instance and the configured firewall rules to ensure accurate setup. This verification step ensures that your infrastructure is properly established and ready for remote desktop connections.
Connect to the Chrome Remote Desktop Instance:
Obtain Authorization: Sign in to Google Cloud, access "VM Instances," and connect via SSH.
Access Setup Page:
Using your local computer's Chrome browser, visit the Chrome Remote Desktop command line setup page: https://remotedesktop.google.com/headless
Sign in with the Google Account you want to use for remote access.
Initiate Setup: Click "Begin" and authorize access with your Google Account.
Run Command: Copy, paste, and run the provided command on your instance. The page displays a command line for Debian Linux that looks like the following:
DISPLAY= /opt/google/chrome-remote-desktop/start-host \ --code="4/xxxxxxxxxxxxxxxxxxxxxxxx" \ --redirect-url="https://remotedesktop.google.com/_/oauthredirect" \ --name=$(hostname)Set PIN: Create a 6-digit PIN for authentication during connections.
Note: Remember to safeguard your PIN and refrain from sharing it with unauthorized individuals
Connect and Access: Sign in on the Chrome Remote Desktop web app, select your instance, enter the PIN, and access your remote desktop environment.
Enjoy seamless access to your Chrome Remote Desktop instance from anywhere.
Conclusion: In this blog post, we've covered the process of automating the deployment of a Chrome Remote Desktop Linux instance on GCP using Terraform and GitHub Actions. By following the provided steps and configurations, you can streamline the provisioning and management of your Chrome Remote Desktop instances. Automation not only saves time but also ensures consistency and reliability in your cloud workflows. Happy automating!
References: