Provisioning a private environment with Terraform on OpenStack
This blog post walks you through managing your OpenStack environment with Terraform. Terraform is a quite powerful and skilled automation tool for infrastructure management. In this example, we explain it through the SkyAtlas project, which uses OpenStack in its infrastructure. Still, you can also use Terraform for pretty much any other cloud service providers like AWS or GCP.
Firstly, we need to install Terraform. Below you can find how to install it on Linux, but I still recommend checking the Terraform website for the latest way(s) of installation.
$ wget https://releases.hashicorp.com/terraform/0.12.16/terraform_0.12.16_linux_amd64.zip
$ unzip terraform_0.12.16_linux_amd64.zip
$ sudo mv terraform /usr/local/bin/
For identity verification, we use an RC file. To get that file, we log in to the SkyAtlas dashboard.
Then navigate to the Project tab on the drop-down menu, open the Compute tab, and click Access & Security. On the API Access tab, click Download OpenStack RC File and save the file (Terraform supports both versions). The filename is in the form of PROJECT-openrc.sh where PROJECT is the name of the project for which you downloaded the file.
When you source the file, it asks for your account password. After you type in your password correctly, environment variables and your credentials are set for your current shell.
$ source PATH_OF_THE_RC_FILE.sh
Now it’s time to get Terraform configuration files from GitLab. These files contain platform-ready example configs in which all the variables are compatible with the OpenStack RC file.
$ git clone https://gitlab.com/itsmeoz/skyatlas_compute_cluster.git
When it’s done, navigate the folder you want to deploy:
$ cd instance_with_lb
In the example below, we deploy two load-balancers, two separate networks, and two different types of instances connected to those networks:
Terraform needs to download provider plugins first.
$ terraform init
Before the initial deployment, it would be nice to have a plan, right? Terraform plan command generates an execution plan which gives you output for actions to be performed.
Just copy and paste the command below. It works with your RC file if you source it already.
$ terraform plan -var os_username=$OS_USERNAME -var os_project_name=$OS_PROJECT_NAME -var os_password_input=$OS_PASSWORD_INPUT -var os_auth_url=$OS_AUTH_URL -var os_region_name=$OS_REGION_NAME -var ssh_key_file=~/.ssh/id_rsa
Note: The command above assumes you have an ssh-key file under your home directory, ‘~/.ssh/id_rsa’. If you do not have or want to use a different key file, you should change the path.
If you’re satisfied with your Terraform plan output, you’re ready to deploy your environment.
Warning: The following steps may create resources that cost you money.
If you ready to deploy your environment, simply run this command:
$ terraform apply -var os_username=$OS_USERNAME -var os_project_name=$OS_PROJECT_NAME -var os_password_input=$OS_PASSWORD_INPUT -var os_auth_url=$OS_AUTH_URL -var os_region_name=$OS_REGION_NAME -var ssh_key_file=~/.ssh/id_rsa
When you’re done, you can wipe out all your infrastructure:
$ terraform destroy -var os_username=$OS_USERNAME -var os_project_name=$OS_PROJECT_NAME -var os_password_input=$OS_PASSWORD_INPUT -var os_auth_url=$OS_AUTH_URL -var os_region_name=$OS_REGION_NAME -var ssh_key_file=~/.ssh/id_rsa
Warning: Be aware that Terraform destroy command does not destroy your volumes due to safety reasons. You can change the code or manually delete all the volumes you created if you no longer need them.
The video below shows the steps and possible errors you might come across during the process.
Author: Onur ÖzkanDate Published: Jan 16, 2020