As of Terraform release 0.9.4, Oracle Compute Cloud is now fully supported by the built-in Terraform provider for the Oracle Public Cloud services.
HashiCorp Terraform is an open source orchestration tool for provisioning of cloud infrastructure and related resources. The Terraform tool processes a configuration file representing the desired infrastructure state and applies the required changes to the target environment to create and update the configured resources. By treating "infrastructure-as-code" Terraform enables repeatable provisioning that can easily be incorporated in DevOps practices and CI/CD automation.
Terraform supports provisioning multiple infrastructure and services via a wide collection of Terraform providers. Prior to Terraform 0.9.4 the Oracle Compute Cloud support was provided as an external provider plugin. As of Terraform release 0.9.4, Oracle Compute Cloud is now fully supported as a built-in provider and included in the main Terraform distribution.
Terraform is straightforward and intuitive to use, the steps below explain the process of getting started. First download the latest Terraform release from terraform.io/downloads.html. Check that you have version 0.9.4 or later.
$ terraform version
Terraform v0.9.4
If you are new to Terraform the general introduction is a recommended read to understand the core concepts. We'll start by creating a Terraform .tf file to declare the required resource configuration. Configurations can spread across multiple .tf module files, but for this example we'll create a single main.tf
The first item in the main.tf is to declare the provider with the required authentication attributes. The Oracle Compute Cloud resources are part of the OPC (Oracle Public Cloud) provider. If you have used the Oracle Cloud Cloud APIs, or CLI, these authentication attributes should be familiar.
provider "opc" {
identity_domain = "mydomain"
endpoint = "https://api-z27.compute.us6.oraclecloud.com/"
user = "user.name@example.com"
password = "Pa$$w0rd"
}
The REST endpoint URL can be found in the Oracle Compute Cloud Console. If you have multiple Sites available in your identity domain be sure to use the correct endpoint URL for the desired site. Now lets add a resource. The opc_compute_instance resource will launch a compute instance with a specified image and shape.
resource "opc_compute_instance" "instance1" {
name = "example-instance1"
shape = "oc3"
image_list = "/oracle/public/OL_7.2_UEKR3_x86_64"
}
We could at this point apply the terraform configuration to create the instance, but before we do that let’s add some additional configuration to ensure the instance is provisioned with a public IP address, and that we will be able login to the instance over SSH. The opc_compute_ssh_key resource creates a new public SSH Key, the opc_compute_ip_reservation creates the Public IP Address reservation, and the networking_info configuration block sets the desired networking interface attributes for the instance.
Here is the full main.tf:
The ordering of the resource definitions within the configuration file does not matter, Terraform will automatically determine the order of resources to create based on the dependencies between them. A few other interesting points of note in this configuration:
Now we are ready to provision the resources. Check that everything has been defined correctly and preview what terraform will provision by running:
$ terraform plan
+ opc_compute_instance.instance1
...
+ opc_compute_ip_reservation.ipreservation1
...
+ opc_compute_ssh_key.sshkey1
...
Terraform will output details of the resources to be created (+), updated (~) or destroyed (-). In this case we see three resource to be created. Assuming everything looks good now go ahead and provision the resources:
$ terraform apply
opc_compute_ip_reservation.ipreservation1: Creating...
...
Apply complete! Resources: 3 added, 0 changed, 0 destroyed.
Outputs:
public_ip = 129.144.xx.126
The instance is now provisioned and once fully booted will be accessible via ssh e.g. ssh opc@129.144.xx.126 -i ~/.ssh/id_rsa. Note: because we didn't declare any explicit security lists associations Oracle Compute Cloud automatically associates the instance the default security list which enables ssh access.
When the the configuration file is modified, running terraform plan/apply again will calculate just the changes required to create or update the deployed resources, bring them inline with the target configuration.
Finally, to complete this basic tutorial we’ll clean up by removing all the resource we just created. All the Terraform provisioned resources can be deleted by running.
$ terraform destroy
...
Destroy complete! Resources: 3 destroyed.
The above overview provides just a basic example to get started. Additional resources can be added for storage, security, and networking, and combined with other providers and provisioners to orchestrate the complete infrastructure and application deployment across multiple services.
For the full set of supported resources see the Oracle Public Cloud Provider documentation. More detailed Oracle Compute Cloud Terraform configuration examples can be found at github.com/oracle/terraform-provider-compute/examples/opc/.
Oracle Bare Metal Cloud services support for Terraform is currently available as an external provider plugin at github.com/oracle/terraform-provider-baremetal.
The Oracle Public Cloud Terraform Provider is fully supported by Oracle and HashiCorp, questions and issues on using the Oracle Public Cloud `opc` provider can be logged directly on the Terraform Github repository
As an open source project, community contributions to the Terraform Oracle Public Cloud provider are welcomed. See the Terraform Contributing Guidelines for details.