Professional Documents
Culture Documents
Automation On Deployment v1
Automation On Deployment v1
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
Tools for OCI Automation
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
Cloud Orchestration & Infrastructure as Code (IaC)
• Infrastructure Lifecycle
– Provision
– Update
– Destroy
• The 4 Broad categories of IAC:
– Ad hoc scripts
– Configuration management tools (chef, puppet, …)
– Server templating tools (Packer, Vagrant, Docker, ….
– Server provisioning tools (Terraform, cloud formation, heat)
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
Comparison of Terraform to Ansible and CloudFormation
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
Getting Started with Terraform
./
├── terraform
• Download ├── terraform-provider-atlas
– binary, apt, yum, choco, brew ├── terraform-provider-aws
├── terraform-provider-azure
• Create a .tf file in a workspace ├── terraform-provider-azurerm
├── terraform-provider-chef
• hw.tf ├── terraform-provider-cloudflare
output "hw" { ├── terraform-provider-cloudstack
value = “test” } ├── terraform-provider-consul
├── terraform-provider-digitalocean
• $ terraform apply ├── terraform-provider-oci
• Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
• Outputs:
• hw = test
• Providers… ->
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
Terraform – Providers
First thing to do is to use a provider
Providers abstract the APIs from any given third party in order to create infrastructure.
Example:
provider "baremetal" {
tenancy_ocid = "${var.tenancy_ocid}"
user_ocid = "${var.user_ocid}"
fingerprint = "${var.fingerprint}"
private_key_path = "${var.private_key_path}"
}
The baremetal provider enables Terraform to create, manage and destroy resources in your tenancy
on OCI.
Tenancy is the OCID of the tenant. User OCID is the users identifier. Fingerprint is the md5 fingerprint
of the private key being used to access the API, and private key path is where the API PEM private
key is stored.
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
Terraform – Resources component provider type name
With the BMCS baremetal provider, we can start creating instances, block
and object storage, networks, etc.
The following example starts an instance:
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
Terraform – Planning Phase
Once we have put together a configuration to try we can dry-run test this with the planning phase.
"terraform plan" will take the configuration and give a detailed report on which resources will be created, deleted or modified plus
identify what dependent resources are effected by these changes.
Saving the plan is useful to ensure that all the steps in the plan were actually applied.
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
Terraform – Apply
Once the plan looks good we can go and apply the configuration.
$ terraform apply
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
Terraform - Destroy
When infrastructure needs to be retired, destroying it and all of its dependencies is straightforward with
$ terraform destroy
Terraform destroy will ask for permission , requiring an explicit “yes” as input. Terraform when destroying an infrastructure is
very thorough.
The iterative plan, apply, destroy cycle is useful when learning terraform.
If a resource is change or removed in the .tf file, the state file will detect this and change or remove the resource on the next
apply.
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
Provisioning Demo
Chef Node Chef Cluster
• Part-I: Provisioning of resource (Terraform) MySQL
Chef DK
• VMs Terraform
• Network Tomcat
(Java App-1)
• Storage
Chef Node
• SSH keys
Chef Server
• userdata
• Part-II: Application deployment
• Chef cluster (Server, DK)
• Cookbooks and recipes
• cloud-init
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
Cloud-init
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential
DEMO