ECO 2022 - OCI and HashiCorp Terraform

www.rheodata.com Copyright, 2021 RheoData and affiliates
@rheodatallc
Oracle Cloud Infrastructure &
HashiCorp Terraform
in 45 minutes
ECO 2022

@rheodatallc
Roadmap
Introduction
Terraform Basics
OCI Provider & Modules
Coding Examples
Q & A

@rheodatallc
Speaker
Bobby Curtis, MBA
Atlanta, GA
• Author
• Speaker
• Former Product Manager for GoldenGate
• Oracle ACE Director Alumni?
@dbasolved
https://dbasolved.com
https://www.rheodata.com/blog
bobby.curtis@rheodata.com

@rheodatallc
License Management for Oracle,
HashiCorp, and Cloud
Get the most out of your license
DBA
Services
Remote and
On-Site
Performance Services
Identify and increase database
performance
Migration Blueprint
Zero Downtime
RheoData Status
How are you running?
On-Call Support
Managed Services
Tactical Assistance Program (TAP)
Experts to help design and manage complex architecture
Take Cloud to next level
Automation of Cloud

@rheodatallc

@rheodatallc
Multi-Cloud Opportunities
+
• Move interdependent enterprise
applications to the cloud
• Deploy custom and packaged application
• Develop cloud native, enterprise
applications
• Cross-Cloud Interconnect
• Unified IAM
• Jointly tested, validated deployment
architectures, best practices
• Collaborative support model
https://www.oracle.com/cloud/azure-interconnect.html
• Innovate across clouds
• Choice
• Maximize ROI
Advantages Possible Now New Capabilities

@rheodatallc
Basics
init
validate
plan apply
terraform init
– used to initialize a
working directory with
Terraform files.
– Some validation done
as well
terraform validate
– validates the config
files in a directory
terraform plan
– creates execution plan
– performs a refresh,
unless explicitly disabled
– determines what
needs to be done
terraform apply
– scans the current
directory for the
configuration and
applies changes

@rheodatallc
OCI Provider
provider "oci" {
version = ">= 3.76.0"
region = var.region
tenancy_ocid = var.tenancy_ocid
user_ocid = var.user_ocid
fingerprint = var.fingerprint
private_key_path = var.private_key_path
}
• Use of variables file is highly
recommended!
• Use a provider file (provider.tf)
Regions
- locations/data centers
where the workload is
built
Tenancy OCID
- account name when
initially setting up a
cloud account
User OCID
- Identifier that
identifies the user login
into the cloud
Fingerprint
- alpha/numeric string
that will be specific to
public SSH key.
- needed for API access
Key Path
- Location of SSH
private key on localhost

@rheodatallc
OCI Modules
• Modules for most item in
OCI
• VCN – Virtual Network
• Operator – Compute Nodes
• Bastion – add bastion host
• Base – all the above
• Use the lastest version
• 4.46.0
• Downloaded Modules
• .terraform/modules

@rheodatallc
Layout
Oracle/OCI/dev
|
/.terraform/modules
/compute-instance/terraform-oci-compute-instance-2.01
-- main.tf
-- variables.tf
-- output.tf
/vcn/terraform-oci-vcn-#.#.#
-- main.tf
-- variables.tf
-- locals.tf
-- nat.tf
-- servicegateway.tf
-- vcn.tf
|
-- main.tf
-- variables.tf
-- output.tf

@rheodatallc
Backend
########################
# Backend
#####################
terraform {
backend "http" {
address = "https://objectstorage.us-ashburn-
1.oraclecloud.com/p/Zi1rw_y.........EA4HjMwEU2zaaBmx71sas_oU/n/idtlingilfcy/b/bucket-terraform/o/terraform.tfstate"
update_method = "PUT"
}
}
HTTP support: uses a cURL-based HTTP command to push/pull state from object store
S3-Compatible support: more complex to setup, requires AWS keys
Pre-Authenticated Requests (PAR): enables accessing a bucket or object in OCI without providing credentials/time-
based.

@rheodatallc
Compartments
##########################
# Compartments - Custom
##########################
resource "oci_identity_compartment" "test_compartment" {
#Required
# ocid1.tenancy.oc1..aaaaaaaaojorxdfprzt2sx75lweivou6xeomto4gvjxuuyraxcdakff4dujq
compartment_id = var.root_compartment_ocid #Compartment to build in
# This is a testing compartment
description = var.compartment_description #Description for the compartment
# testing2
name = var.compartment_name #Name of the compartment
}
data "oci_identity_compartments" "test_compartments" {
compartment_id = var.tenancy_ocid
compartment_id_in_subtree = true
}
output "compartment_info" {
value = data.oci_identity_compartments.test_compartments.compartments
}

@rheodatallc
#########################
# Compute Instance - OCI Provided
#########################
module "compute-instance" {
source = "oracle-terraform-modules/compute-instance/oci"
version = "2.0.1"
#Required Info
compartment_ocid = "ocid1.compartment.oc1..aaaaaaaade5bxtniugmwuiynsonpq74fo2djk6hd64qu3lzw2xybym4svyhq"
source_ocid = "ocid1.image.oc1.iad.aaaaaaaawtb4qxiwri5z2qjeey4zpzqpv2rtxhddzpbvojw2e2c2jevmthva"
ssh_authorized_keys = "~/.ssh/id_rsa.pub"
subnet_ocids = ["ocid1.subnet.oc1.iad.aaaaaaaamlgotv3goqjfihx53abpatmajjh45h32vljzfq3nsvwoqhqmouda"]
#Optional Info
instance_count = ”4"
shape = "VM.Standard2.2"
instance_display_name = "Test-Linux_"
}
output "compute_info" {
value = [
"ID", module.compute-instance.instance_id,
"Private", module.compute-instance.private_ip,
"Public", module.compute-instance.public_ip
]
}
Compute Instances

@rheodatallc
Autonomous Database(s)
• No OCI certified modules available
• Deprecated Resources by version
• Write custom
oci_database_autonomous_database

@rheodatallc
Autonomous Database(s)
##############################
# OCI - Autonomous Database(s)
##############################
resource "oci_database_autonomous_database" "demo_adb" {
#Required
admin_password = ”<Password>"
compartment_id =
"ocid1.compartment.oc1..aaaaaaaade5bxtniugmwuiynsonpq74fo2djk6hd64qu3lzw2xybym4svyhq"
cpu_core_count = "1"
data_storage_size_in_tbs = "1"
db_name = "RDADB1"
#Optional
db_version = "19c"
db_workload = "OLTP"
display_name = "RDADB1"
is_free_tier = "false"
license_model = "BRING_YOUR_OWN_LICENSE"
source = "NONE"
}
output "demo_adb_ocid" {
value = oci_database_autonomous_database.demo_adb.id
}

@rheodatallc
GoldenGate Service (GGS)
• Oracle GoldenGate (Microservices) as a Service
• Builds one (1) deployment only
resource "oci_golden_gate_deployment" "ggdev" {
#Required
compartment_id = "ocid1.compartment.oc1..aaaaaaaaeg3ug2usjziq5smuc5a6oc5up6ngkgy5ilkw2pgnjxz2xe67plbq"
cpu_core_count = "2"
deployment_type = "OGG"
display_name = "ggdev"
is_auto_scaling_enabled = "false"
is_public = "true"
license_model = "LICENSE_INCLUDED"
subnet_id = var.devsubnet
#nsg_ids = ["ocid1.networksecuritygroup.oc1.iad.aaaaaaaal4efdb64mjtutdfw5ju3dthibfmruqavaakx6olkjdx2lyaxmb3q"]
ogg_data {
admin_password = ”<password>
admin_username = "oggadmin"
deployment_name = "ggdev"
}
} #end-resource

@rheodatallc
Kubernetes (OKE)
• Oracle Container Engine (OKE) is Oracle’s managed Kubernetes service
• Lots of components within OCI – OCI module is best option
module "oke" {
source = "oracle-terraform-modules/oke/oci"
version = "2.2.2"
#Required
api_fingerprint = var.fingerprint
api_private_key_path = "~/.ssh/id_rsa"
compartment_id = "ocid1.compartment.oc1……gmwuiynsonpq74fo2djk6hd64qu3lzw2xybym4svyhq"
existing_key_id = "ocid1.key.oc1.iad.bbppj6k3aacuu.a……tsnq3ldofns5czn7vyzvxnvvnliq"
region = var.region
secret_id = "ocid1.vault.oc1.iad.bbppj6k3aacuu………w5e5mc6rhxcm7mzytdbsqt6g6ozaftjtj4uegbmwcuya"
service_account_cluster_role_binding = "clustertestbinding"
tenancy_id = var.tenancy_ocid
user_id = var.user_ocid
#Optional
ssh_public_key_path = "~/.ssh/id_rsa.pub"
}

@rheodatallc
Graph
• Inherently exposes some of Terraform’s Core implementation details
• Handy for debugging how Terraform is executing
$ terraform graph
digraph {
compound = "true"
newrank = "true"
subgraph "root" {
"[root] data.oci_identity_compartments.test_compartments (orphan)" [label = "data.oci_identity_compartments.test_compartments",
shape = "box"]
"[root] module.compute-instance.data.oci_core_instance_credentials.this (expand)" [label = "module.compute-
instance.data.oci_core_instance_credentials.this", shape = "box"]
"[root] module.compute-instance.data.oci_core_subnet.this (expand)" [label = "module.compute-
instance.data.oci_core_subnet.this", shape = "box"]
"[root] module.compute-instance.oci_core_instance.this (expand)" [label = "module.compute-instance.oci_core_instance.this",
shape = "box"]
"[root] module.compute-instance.oci_core_volume.this (expand)" [label = "module.compute-instance.oci_core_volume.this", shape =
"box"]
"[root] module.compute-instance.oci_core_volume_attachment.this (expand)" [label = "module.compute-
instance.oci_core_volume_attachment.this", shape = "box"]
"[root] oci_identity_compartment.test_compartment (orphan)" [label = "oci_identity_compartment.test_compartment", shape = "box"]
"[root] output.compartment_info (destroy)" [label = "output.compartment_info (destroy)", shape = "note"]
"[root] output.compute_info" [label = "output.compute_info", shape = "note"]
"[root] provider["registry.terraform.io/hashicorp/oci"]" [label = "provider["registry.terraform.io/hashicorp/oci"]", shape =
"diamond"]
"[root] var.adw_ocid" [label = "var.adw_ocid", shape = "note"]
"[root] var.compartment_description" [label = "var.compartment_description", shape = "note"]
…

@rheodatallc
Stacks & Jobs
Code Zip Upload & Run

@rheodatallc
Questions

@rheodatallc
Contact RheoData
info@rheodata.com
@rheodatallc
http://rheodata.com

@rheodatallc
RheoData Happy Hour
Tonight!
Immediately
After the Networking Event
6 pm – 7 pm EST

ECO 2022 - OCI and HashiCorp Terraform

More Related Content

What's hot (20)

Similar to ECO 2022 - OCI and HashiCorp Terraform (20)

More from Bobby Curtis (8)

Recently uploaded (20)

ECO 2022 - OCI and HashiCorp Terraform