Infrastructure creation with Terraform

Aperçu

Terraform is an Infrastructure As Code tool that let you define ressources in definition files, that you can modify, reuse or share.

You can then use a workflow to provision and manage your infrastructure throught its lifecycle.

Terraform is using providers to manage each cloud provide. VMware developped a Terraform provider for vCD whose detailed fonctionnalities are available in official documentation .

For each type of resource the documentation contains examples of uses, some examples below taken from the documentation of the provider terraform VCD with a direct link to the associated documentation.

Using VCD provider

terraform {
  required_providers {
    vcd = {
      source = "vmware/vcd"
      version = "3.6.0"
    }
  }
}

provider "vcd" {
  # Configuration options
}

Create networks

vCD propose several network types : routed, isolated, direct ; below code example is for a routed network.

resource "vcd_network_routed_v2" "nsxt-backed" {
  org         = "my-org"
  name        = "nsxt-routed 1"
  description = "My routed Org VDC network backed by NSX-T"

  edge_gateway_id = data.vcd_nsxt_edgegateway.existing.id

  gateway       = "1.1.1.1"
  prefix_length = 24

  static_ip_pool {
    start_address = "1.1.1.10"
    end_address   = "1.1.1.20"
  }

}

Create vAPP

This code will manage creation of a vAPP named “web” to which we associate an organization network.

resource "vcd_vapp" "web" {
  name = "web"

  metadata = {
    CostAccount = "Marketing Department"
  }
}

# attach a existing org network to the vapp
resource "vcd_vapp_org_network" "routed_network" {
  vapp_name        = vcd_vapp.web.name
  org_network_name = vcd_network_routed_v2.nsxt-network.name
}

Create VM in a vAPP

This code will manage creation of a VM named “my-VM” in the vAPP “web”.

resource "vcd_vapp_vm" "my-VM" {
  vapp_name           = vcd_vapp.web.name
  name                = "my-VM"
  computer_name       = "db-vm"
  catalog_name        = "cat-where-is-template"
  template_name       = "vappWithMultiVm"
  memory              = 512
  cpus                = 2
  cpu_cores           = 1
}

Using a Terraform project

Terraform is a command line tool, which can be run on different OS (Linux, Windows, MacOs).

Applying a Terraform configuration is generally done in 2 steps : a “plan” command which displays the modifications to be applied and an “apply” command which executes the modifications.

Note that on first use of a project it is necessary, before the plan and apply, to run “init” command to initialize the project (download the used providers).

#> cd [project directory]

#> terraform init
Initializing modules...

Initializing the backend...

Initializing provider plugins...
- Reusing previous version of hashicorp/local from the dependency lock file
- Reusing previous version of vmware/vcd from the dependency lock file
- Using previously-installed hashicorp/local v2.2.2
- Using previously-installed vmware/vcd v3.5.1

Terraform has been successfully initialized!

#> terraform plan
terraform plan -var-file smart.tfvars

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

[...]

Plan: 13 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + out_vm = (sensitive value)
──────────────────────────────────────────────────────────────────
#> terraform apply

[terraform redisplay the terraform plan]

Plan: 13 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
 Terraform will perform the actions described above.
 Only 'yes' will be accepted to approve.

 Enter a value:

 [to apply the change you must enter yes, then terraform display the log of apply]

vcd_vapp.vapp1["vapp_01"]: Creating...
vcd_network_isolated_v2.inetwork["iso_03"]: Creating...
vcd_network_isolated_v2.inetwork["iso_02"]: Creating...
vcd_network_routed_v2.rnetwork["rtr_01"]: Creating...

[...]

module.vm_instance["vm-02"].vcd_vm_internal_disk.diskadd["1"]: Still creating... [40s elapsed]
module.vm_instance["vm-02"].vcd_vm_internal_disk.diskadd["1"]: Creation complete after 42s [id=2002]
local_file.output: Creating...
local_file.output: Creation complete after 0s [id=09a3efb91e3e2d185c46aa6a084b276220818ea9]

Apply complete! Resources: 13 added, 0 changed, 0 destroyed.
#>

Example of IaC project with Terraform and Gitlab

Notes about credentials

Never put credentials (login, password, token) in your terraform code or file. Prefer to use variables and store the content in a secret manager tool.

Depending on your deployment technique, you will have different possibilities, for example Gitlab documentation explains how to use Hashicorp Vault to manage your credentials

Overview

Practical sheets

API

Backup

Cloud Customer Space

Contractual documents

Help and technical assistance

Online help

Roles and users

Technical Dashboards

The Support

Virtual Data Center ressources

Network

Networks and External Interconnections (links)

VDC Networks

Security

Services Area

Log in to the service area

Services

Storage

Objet Storage (S3)

Advanced features implementation guide

Getting Started

Service user manual

VDC & Virtual Machines

vCOD

Virtual Machines

Advanced Operations

Known Issues

Main Operations

VMware Cloud Director (VCD)

Catalogs

VMWare Cloud Director Availability (vCDA)

Q & A