Skip to content

Terraform

1. Terraform installation

We need unzip to unpack terraform so install it now:

sudo apt install unzip

We will be installing terraform on newly created virtual machine.
To do so we need to go to Hashicorp website and copy the link for AMD64 architecture (so for 64 bit systems)

wget https://releases.hashicorp.com/terraform/1.3.9/terraform_1.3.9_linux_amd64.zip

Create ~/bin/ and add it to PATH environment variable 

mkdir ~/bin
export PATH="$PATH:~/bin/"

Unpack terraform

unzip terraform_1.3.9_linux_amd64.zip -d ~/bin/

2. Create SSH and add it to OpenStack with CLI

We need to create SSH keypair; to do so we run the command:

ubuntu@tadmin:~$ ssh-keygen -t ed25519
Generating public/private ed25519 key pair.
Enter file in which to save the key (/home/ubuntu/.ssh/id_ed25519):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/ubuntu/.ssh/id_ed25519
Your public key has been saved in /home/ubuntu/.ssh/id_ed25519.pub
The key fingerprint is:
SHA256:+3qvvNXVzZRaNSp1abfc7k0jgOaf2ikuCvcBJ1LhUSQ ubuntu@tadmin
The key's randomart image is:
+--[ED25519 256]--+
|     Eoo     . oo|
|    . +     . oo=|
|     o    .. .oo=|
|    .    o .. o=+|
|   . o .S   .. .=|
|    . +  o   o oo|
|   . . .. . o ooo|
|    o ...+o+.   o|
|     ...+=B*.    |
+----[SHA256]-----+

We will use openrc file to connect to OpenStack API, which we copied to the instance in previous exercise 

source openrc.sh

Next we add newly created SSH key to OpenStack with command:

ubuntu@tadmin:~$ openstack keypair create --public-key ~/.ssh/id_ed25519.pub tadminkey
+-------------+-------------------------------------------------+
| Field       | Value                                           |
+-------------+-------------------------------------------------+
| created_at  | None                                            |
| fingerprint | a0:68:b3:db:41:99:88:0e:fb:d2:62:b2:8b:c0:11:02 |
| id          | tadminkey                                       |
| is_deleted  | None                                            |
| name        | tadminkey                                       |
| type        | ssh                                             |
| user_id     | ba59c7eeabe5468785d5a460f10f8feb                |
+-------------+-------------------------------------------------+

To check if the key was added successfully check with command:

ubuntu@tadmin:~$ openstack keypair list
+-----------+-------------------------------------------------+------+
| Name      | Fingerprint                                     | Type |
+-----------+-------------------------------------------------+------+
| tadminkey | a0:68:b3:db:41:99:88:0e:fb:d2:62:b2:8b:c0:11:02 | ssh  |
+-----------+-------------------------------------------------+------+

3. Creating terraform working directory

To create terraform working directory and enter it issue 

mkdir ~/terraform
cd ~/terraform

4. Basic terraform configuration for connection to OpenStack

To create instance with terraform we will need a file with definition of desired state of infrastructure that we want.

To do so we need to create file with command nano infra.tf. In this file we will put information for terraform on how to connect to OpenStack cloud.

terraform {
required_version = ">= 0.14.0"
  required_providers {
    openstack = {
      source  = "terraform-provider-openstack/openstack"
      version = "~> 1.48.0"
    }
  }
}

# Configure the OpenStack Provider
provider "openstack" {
  user_name        = "user-XXXXXXX" # To delete
  tenant_name      = ""
  user_domain_name = "Default"
  password         = "password" # To delete
  auth_url         = "https://auth.cloud.ovh.net/"
  region           = "SomeRegion1" # To delete
}

Next lets initialize terraform

ubuntu@tadmin:~/terraform$ terraform init

Initializing the backend...

Initializing provider plugins...
- Finding terraform-provider-openstack/openstack versions matching "~> 1.48.0"...
- Installing terraform-provider-openstack/openstack v1.48.0...
- Installed terraform-provider-openstack/openstack v1.48.0 (self-signed, key ID 4F80527A391BEFD2)

Partner and community providers are signed by their developers.
If you'd like to know more about provider signing, you can read about it here:
https://www.terraform.io/docs/cli/plugins/signing.html

Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

Next try to run terraform plan. Your output should look like the following:

ubuntu@tadmin:~/terraform$ terraform plan

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.

5. Creating resources in OpenStack cloud

To do so you need to add to infra.tf file definitions of resources that you wish to add.

resource "openstack_blockstorage_volume_v2" "terratestvolume" {
  name        = "terratestvolume"
  volume_type = "classic"
  size        = 10
}

resource "openstack_compute_instance_v2" "terratest" {
  name            = "terratest"
  image_id        = "534f4d98-163f-4478-9a92-d23c86bd5a43" # Update
  flavor_id       = "774a7187-eeb2-4639-92e7-546351cb3eca" # Update
  key_pair        = "tadminkey"
  security_groups = ["default"]

  network {
    name = "Ext-Net"
  }
}

resource "openstack_compute_volume_attach_v2" "terratestvolme_terratest" {
  instance_id = "${openstack_compute_instance_v2.terratest.id}"
  volume_id   = "${openstack_blockstorage_volume_v2.terratestvolume.id}"
}

Next run terraform apply:

ubuntu@tadmin:~/terraform$ terraform apply

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # openstack_blockstorage_volume_v2.terratestvolume will be created
  + resource "openstack_blockstorage_volume_v2" "terratestvolume" {
(...)
  # openstack_compute_instance_v2.terratest will be created
(...)
  # openstack_compute_volume_attach_v2.terratestvolme_terratest will be created
(...)

Plan: 3 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

openstack_compute_instance_v2.terratest: Creating...
openstack_blockstorage_volume_v2.terratestvolume: Creating...
(...)

After terraform finishes it's work you will get the following output: 

Apply complete! Resources: 3 added, 0 changed, 0 destroyed.

To remove unneeded resources you need to remove it from infra.tf file and run terraform apply again.
Terraform will output resources that it wants to remove and will ask for confirmation:

Plan: 0 to add, 0 to change, 3 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes