How to Start Terraform with Oracle Cloud Infrastructure (OCI)

Terraform, as you may know, is a very convenient way to manage resources in cloud services and Oracle Cloud Infrastructure (OCI) is one of them. Infrastructure as code is the way to go for sure. I’m not going to discuss how great it is here but I will introduce how to get started with Terraform with OCI.

Prerequisites

  1. OCI Account. Free Oracle Cloud Promotion is available from here if you don’t have one.
  2. You already have OCI CLI installed and it is in a working state. Please go through this blog article if you have not.

Download and Install Terraform

You can download Terraform from here. Terraform is a single executable so installation is simply place it somewhere and give the location to $PATH.

terraform --version

I am using Terraform v0.13.4 as of October 2020.

Steps

Terraform can use the credential that is already set up for OCI CLI. I will show how to do it below.

Create a directory where you store all the Terraform files. e.g. ~/dev/terraform

Now Create terraform.tfvars with the following contents.

user_profile = "DEFAULT"

The “DEFAULT” indicates the profile to use for Terraform to communicate with OCI in ~/.oci/config file created when you setup for OCI CLI.

Create provider.tf file with the following contents.

provider "oci" {
    alias = "us-ashburn-1"
    region = "us-ashburn-1"
    tenancy_ocid = var.tenancy_id
    config_file_profile = var.user_profile
}

Create variables.tf with the following contents. Replace the tenancy_id with your own.

variable "tenancy_id" {
    default = "ocid1.tenancy.oc1..aaaaaaaaca7lntmtszny3mgfhmzb5jb5oi6xucnrb7z6emorxdzheos4m4pa"
}

variable "user_profile" {
    default = ""
}

variable "fingerprint" {
    default =  ""
}

variable "private_key_path" {
    default = ""
}

variable "user_ocid" {
    default = ""
}

At this point, you should have the following 3 files in the directory.

  • provider.tf
  • terraform.tfvars
  • variables.tf

Now execute the following command to initialize terraform.

terraform init

The command creates .terraform directory and it has some stuff you really shouldn’t modify.

Then execute this.

terraform plan

You should see…

No changes. Infrastructure is up-to-date.

Let’s see if we can create a compartment. In case you don’t know, a compartment is a logical group of resources on OCI.

Create a file compartments.tf with the following contents. Replace the value of compartment_id to your tenancy ID. It indicates the parent compartment of the compartment you are planning to create. In this case, the compartment is going to be created at the root level of the tenancy, so I am specifying the tenancy ID.

resource "oci_identity_compartment" "blog" {
    compartment_id = "ocid1.tenancy.oc1..aaaaaaaaca7lntmtszny3mgfhmzb5jb5oi6xucnrb7z6emorxdzheos4m4pa"
    description = "blog compartment"
    name = "blog"
    enable_delete = "true"
}

Once it’s done, execute terraform plan to show what Terraform is going to do.

terraform plan

Here is the plan output.

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # oci_identity_compartment.blog will be created
  + resource "oci_identity_compartment" "blog" {
      + compartment_id = "ocid1.tenancy.oc1..aaaaaaaaca7lntmtszny3mgfhmzb5jb5oi6xucnrb7z6emorxdzheos4m4pa"
      + defined_tags   = (known after apply)
      + description    = "blog compartment"
      + enable_delete  = true
      + freeform_tags  = (known after apply)
      + id             = (known after apply)
      + inactive_state = (known after apply)
      + is_accessible  = (known after apply)
      + name           = "blog"
      + state          = (known after apply)
      + time_created   = (known after apply)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Once it looks good, apply the change by executing terraform apply.

terraform apply

Enter yes when prompted and hit enter. If you see it on OCI web console, you should actually see the new compartment under the root.

One thing to note is that terraform apply generates terraform.tfstate file. Do not delete or manually modify it. It has the information of your OCI resources that you are managing with Terraform.

Terraform can pretty much manage all resources in OCI. The OCI provider reference of Terraform can be found here. Now that my Terraform can talk to my OCI tenancy, I plan to manage resources with it.

Author: admin

A software engineer in greater Seattle area

Leave a Reply

Your email address will not be published. Required fields are marked *