Automation On Deployment v1

Oracle Cloud Infrastructure Automation
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
Tools for OCI Automation
• SDKs and Other Tools

– Java SDK
– Python SDK
– Ruby SDK
– Command Line Interface (CLI)
• Chef Knife Plugin
• Terraform Provider
Cloud Orchestration & Infrastructure as Code (IaC)
• Infrastructure Lifecycle
– Provision
– Update
– Destroy
• The 4 Broad categories of IAC:
– Ad hoc scripts
– Configuration management tools (chef, puppet, …)
– Server templating tools (Packer, Vagrant, Docker, ….
– Server provisioning tools (Terraform, cloud formation, heat)
Comparison of Terraform to Ansible and CloudFormation
Terraform CloudFormation Ansible
Syntax HCL JSON YAML

Manage Existing
Difficult No Yes
Deployments
State Management Yes No Yes
Third Party Providers 65+ No Many++
Infrastructure Immutable Immutable Mutable
Agent/Master No / No No / No No / No
Type Declarative Declarative Procedural
Getting Started with Terraform
./
├── terraform
• Download ├── terraform-provider-atlas
– binary, apt, yum, choco, brew ├── terraform-provider-aws
├── terraform-provider-azure
• Create a .tf file in a workspace ├── terraform-provider-azurerm
├── terraform-provider-chef
• hw.tf ├── terraform-provider-cloudflare
output "hw" { ├── terraform-provider-cloudstack
value = “test” } ├── terraform-provider-consul
├── terraform-provider-digitalocean
• $ terraform apply ├── terraform-provider-oci
• Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
• Outputs:
• hw = test
• Providers… ->
Terraform – Providers
First thing to do is to use a provider
Providers abstract the APIs from any given third party in order to create infrastructure.
Example:
provider "baremetal" {
tenancy_ocid = "${var.tenancy_ocid}"
user_ocid = "${var.user_ocid}"
fingerprint = "${var.fingerprint}"
private_key_path = "${var.private_key_path}"
}
The baremetal provider enables Terraform to create, manage and destroy resources in your tenancy
on OCI.
Tenancy is the OCID of the tenant. User OCID is the users identifier. Fingerprint is the md5 fingerprint
of the private key being used to access the API, and private key path is where the API PEM private
key is stored.
Terraform – Resources component provider type name
Once a provider is configured we can start using that providers resources.
With the BMCS baremetal provider, we can start creating instances, block
and object storage, networks, etc.
The following example starts an instance:
resource "baremetal_core_instance" "TFInstance" {

availability_domain =
"${lookup(data.baremetal_identity_availability_domains.ADs.availability_domains[var.AD -
1],"name")}"
compartment_id = "${var.compartment_ocid}"
display_name = "TFInstance"
hostname_label = "instance1"
image = "${lookup(data.baremetal_core_images.OLImageOCID.images[0], "id")}"
shape = "${var.InstanceShape}"
subnet_id = "${var.SubnetOCID}"
metadata {
ssh_authorized_keys = "${var.ssh_public_key}"
user_data = "${base64encode(file(var.BootStrapFile))}"}
}
Terraform – Planning Phase
Once we have put together a configuration to try we can dry-run test this with the planning phase.
"terraform plan" will take the configuration and give a detailed report on which resources will be created, deleted or modified plus
identify what dependent resources are effected by these changes.
terraform plan -out=plan1
Saving the plan is useful to ensure that all the steps in the plan were actually applied.
Terraform – Apply
Once the plan looks good we can go and apply the configuration.
$ terraform apply
There is also an option to use saved plans

for an apply operation.
$ terraform apply plan1
Plan and apply can also target particular

resource(s) using the -target flag.
Plans that are too old will be detected,

they are created against a given version
of the terraform.tfstate file.
Terraform - Destroy
When infrastructure needs to be retired, destroying it and all of its dependencies is straightforward with
$ terraform destroy
Terraform destroy will ask for permission , requiring an explicit “yes” as input. Terraform when destroying an infrastructure is
very thorough.
The iterative plan, apply, destroy cycle is useful when learning terraform.
If a resource is change or removed in the .tf file, the state file will detect this and change or remove the resource on the next
apply.
Tainting may also be used to force the

recreation of a resource. There are
also lifecycle directives available to
protect resources if needed.
$ terraform plan -destroy

Shows what will be destroyed without
actually doing it.
Provisioning Demo
Chef Node Chef Cluster
• Part-I: Provisioning of resource (Terraform) MySQL
Chef DK
• VMs Terraform
• Network Tomcat
(Java App-1)
• Storage
Chef Node
• SSH keys
Chef Server
• userdata
• Part-II: Application deployment
• Chef cluster (Server, DK)
• Cookbooks and recipes
• cloud-init
Cloud-init
DEMO
Copyright © 2015, Oracle

Copyright and/orOracle
© 2017, its affiliates.
and/orAll its
rights reserved.
affiliates. All|rights
Oracle reserved.
Confidential
Oracle OpenWorld

Automation On Deployment v1

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Automation On Deployment v1

Uploaded by

Copyright:

Available Formats

Oracle Cloud Infrastructure Automation

• SDKs and Other Tools

Terraform CloudFormation Ansible

Syntax HCL JSON YAML

Type Declarative Declarative Procedural

Once a provider is configured we can start using that providers resources.

resource "baremetal_core_instance" "TFInstance" {

terraform plan -out=plan1

There is also an option to use saved plans

$ terraform apply plan1

Plan and apply can also target particular

Plans that are too old will be detected,

Tainting may also be used to force the

$ terraform plan -destroy

Copyright © 2015, Oracle

You might also like