A major concern that engineers and customers face when provisioning enterprise infrastructure on Oracle Cloud Infrastructure (OCI) is the time needed to input each resource’s details and provision them individually. Terraform offers infrastructure automation, but the variable values must be filled in for each module.
CD3 Automation toolkit provides the advantage of filling in the OCI resource details in the provided Excel templates and the code automatically converts them into modular Terraform files to provision OCI resources. Additionally, the toolkit also supports seamless resource management using OCI DevOps GIT service and Jenkins Pipelines.
What is CD3?
CD3 stands for Cloud Deployment Design Deliverable and is a structured design-level representation of the future-state configuration for the customer’s OCI environment. The CD3 Automation toolkit is a processor that converts the detailed OCI design spec in the form of an Excel sheet into an executable Terraform code or takes an export of customer tenancy objects and resources and converts it back into a design spec in Excel format. The generated Terraform files can be reused at any time to build similar infrastructure.
The customer OCI resource information obtained during discovery sessions is utilized to create the CD3 Excel sheet. This Excel sheet serves as input for the Automation Toolkit, responsible for producing Terraform files. Once created, these Terraform files can be utilized to provision the resources on Oracle Cloud Infrastructure (OCI).
Using CD3 with Jenkins, the generated terraform files are stored in OCI DevOps GIT Repo and the terraform state is stored in an object storage bucket for remote state management.
The toolkit can also extract the resource data from OCI tenancy and populate the CD3 Excel sheet and terraform files.
Manual method versus CD3 Automation
Provisioning a complete infrastructure on OCI using the manual method takes a few days to weeks, whereas using CD3 automation takes a few minutes to hours. Refer to the following image for a side-by-side comparison of the manual and CD3 Automation Toolkit processes.
Benefits of CD3
The key benefits of developing with the CD3 tool are time savings, faster infrastructure provisioning, scalability, and operational efficiency. The tool provides self-service visibility to anyone who wants to view the OCI resources set up in one place (Excel sheets). For example, if someone from the DevOps team wants to know how a production environment is configured, they can take a quick look at the filled excel sheets. CD3 also offers the following other benefits:
-
Secure architecture: CD3 toolkit helps customers deploy secure standardization across OCI tenancies by providing CIS-compliant Excel templates. It also enables native execution of the CIS Compliance Checker script against your tenancy.
-
DevOps-oriented: The toolkit facilitates integration of consistent output Terraform files in module format with any continuous integration and delivery (CI/CD) solution. The Terraform code can be reused to build similar workloads in different OCI regions and tenancies, which helps in quicker adoption of OCI.
-
Platform independent: CD3 is packaged as a container that can be hosted on any platform.
Supported OCI services
Currently, CD3 Automation Toolkit supports the following services for creation and export:
| OCI services | Details |
| Identity and Access Management | Compartments, Groups, Dynamic Groups, Policies, Users, Network Sources |
| Tagging | Tags (Namespaces, Tag Keys, Default Tags, Cost Tracking Tags) |
| Quotas | Quota policies |
| Budgets | Budgets, Budget Alert Rules |
| Network | VCNs, Subnets, VLANs, DRGs, IGWs, NGWs, LPGs, Route Tables, DRG Route, Tables, Security Lists, Network Security Groups, Remote Peering Connections, Application Load Balancers, Network Load Balancers |
| OCI Network Firewall | OCI Network Firewall and Policy |
| DNS Management | Private DNS – Views, Zones, rrsets/records and Resolvers |
| Compute | Instances supporting Market Place Images, Remote Exec, Cloud-Init scripts, Dedicated VM Hosts |
| Storage | FSS, Block and Boot Volumes, Backup Policies, Object Storage Buckets and logging for write events |
| Database | Exa Infra, Exadata, Database systems VM and BM, Autonomous Transaction Processing, and Autonomous Datawarehouse |
| SDDCs | Oracle Cloud VMWare Solutions |
| KMS | Vaults and Keys |
| Cloud Guard | Cloud Guard |
| Monitoring | Events, Notifications, Alarms, and Service Connector Hub |
| Logging services | VCN Flow Logs, LBaaS access and error Logs, OSS Buckets Logs, Firewall logs, FSS logs |
| Developer services | Upload to Resource Manager, Oracle Kubernetes Engine (OKE) |
| CIS landing zone compliance | Download and Execute CIS Compliance Check Script |
| Policy Enforcement | OPA – Open Policy Agent |
| ShowOCI Report | Download and Execute showOCI Script |
Automation Toolkit workflows
CD3 Automation Tool Kit supports the following main workflows:
-
Create & Manage Resources in OCI (Greenfield Workflow): Use this workflow to provision new resources in an empty OCI tenancy or where there is no need to modify or use existing resources of the tenancy.
-
Export & Manage Resources in OCI (Non-Greenfield Workflow): Use this workflow to export the existing resources into CD3 Excel sheet, generate the required Terraform files, and sync the tfstate file. Then switch to the create_resources workflow to create new resources using the existing resources.
Excel templates
The toolkit provides prefilled CD3 Excel templates for a few common scenarios like CIS landing zone, virtual cloud network (VCN), hub-spoke architecture, and CIS Management services. These templates can be used as-is by only changing the region to where the tenancy is subscribed or modify the Excel template data with the required values. This template is sent as an input to the toolkit.
Get started with the toolkit
The toolkit can be used either using CD3-CLI or Jenkins. Follow below tutorials for a quick start:
Configure CD3 Toolkit with CLI to Create and Export Oracle Cloud Infrastructure Resources
Configure CD3 Toolkit with Jenkins to Create and Export Oracle Cloud Infrastructure Resources
Learning Resources
Explore the CD3 codebase – Click here to visit our Git repository!
Get detailed information in the CD3 documentation and watch our video tutorials to learn more.
Slack Channel
Join our CD3 Slack Channel and be part of exclusive insights and discussions on the toolkit.
Pricing
The CD3 toolkit itself incurs no cost. The resources provisioned on Oracle Cloud Infrastructure are charged based on the standard published OCI pricing.
Feedback
Share your feedback by raising an issue or through the Discussion topic in the Git repository.