Break New Ground

Announcing Built-in Terraform Provider for Oracle Compute Cloud

Stephen Cross
Director, Partner Enablement

As of Terraform release 0.9.4, Oracle Compute Cloud is now fully supported by the built-in Terraform provider for the Oracle Public Cloud services.

What is Terraform?

HashiCorp Terraform is an open source orchestration tool for provisioning of cloud infrastructure and related resources. The Terraform tool processes a configuration file representing the desired infrastructure state and applies the required changes to the target environment to create and update the configured resources. By treating "infrastructure-as-code" Terraform enables repeatable provisioning that can easily be incorporated in DevOps practices and CI/CD automation.

Terraform supports provisioning multiple infrastructure and services via a wide collection of Terraform providers. Prior to Terraform 0.9.4 the Oracle Compute Cloud support was provided as an external provider plugin. As of Terraform release 0.9.4, Oracle Compute Cloud is now fully supported as a built-in provider and included in the main Terraform distribution.

Getting Started

Terraform is straightforward and intuitive to use, the steps below explain the process of getting started. First download the latest Terraform release from terraform.io/downloads.html. Check that you have version 0.9.4 or later.

$ terraform version
Terraform v0.9.4


If you are new to Terraform the general introduction is a recommended read to understand the core concepts. We'll start by creating a Terraform .tf file to declare the required resource configuration. Configurations can spread across multiple .tf module files, but for this example we'll create a single main.tf

The first item in the main.tf is to declare the provider with the required authentication attributes. The Oracle Compute Cloud resources are part of the OPC (Oracle Public Cloud) provider. If you have used the Oracle Cloud Cloud APIs, or CLI, these authentication attributes should be familiar.

provider "opc" {
  identity_domain = "mydomain"
  endpoint        = "https://api-z27.compute.us6.oraclecloud.com/"
  user            = "user.name@example.com"
  password        = "Pa$$w0rd"


The REST endpoint URL can be found in the Oracle Compute Cloud Console. If you have multiple Sites available in your identity domain be sure to use the correct endpoint URL for the desired site. Now lets add a resource. The opc_compute_instance resource will launch a compute instance with a specified image and shape.

resource "opc_compute_instance" "instance1" {
  name = "example-instance1"
  shape = "oc3"
  image_list = "/oracle/public/OL_7.2_UEKR3_x86_64"


We could at this point apply the terraform configuration to create the instance, but before we do that let’s add some additional configuration to ensure the instance is provisioned with a public IP address, and that we will be able login to the instance over SSH. The opc_compute_ssh_key resource creates a new public SSH Key, the opc_compute_ip_reservation creates the Public IP Address reservation, and the networking_info configuration block sets the desired networking interface attributes for the instance.

Here is the full main.tf:

The ordering of the resource definitions within the configuration file does not matter, Terraform will automatically determine the order of resources to create based on the dependencies between them. A few other interesting points of note in this configuration:

  • the attributes values with the ${} format are using Terraforms interpolation syntax to reference attributes from other resources.
  • the ssh key attribute uses the ${file()} interpolation function to read the public ssh key content from file. Update the path as necessary to point to your local ssh key file, or alternatively replace the whole attribute string with the content of the ssh public key.
  • the ssh_keys attribute is referencing the SSH Key name from the opc_compute_ssh_key resource definition. It's possible to also reference existing resources that may have been created manually and are not defined in the terraform configuration, for example to reference a ssh key that has already been created we could declare ssh_keys = [ "my_sshkey" ], or if the SSH key was created by a difference user ssh_keys = [ "/Compute-mydomain/john@example.com/johns_sshkey" ]
  • the networking_info block declares that interface 0 (i.e. eth0) should be on the Shared Network, and references the opc_compute_ip_reservation resource which assigns an IP address reservation from the Public IP pool.
  • the output definition is included as a convenience to display the assigned public IP address at the end of provisioning.

Now we are ready to provision the resources. Check that everything has been defined correctly and preview what terraform will provision by running:

$ terraform plan
+ opc_compute_instance.instance1
+ opc_compute_ip_reservation.ipreservation1
+ opc_compute_ssh_key.sshkey1


Terraform will output details of the resources to be created (+), updated (~) or destroyed (-). In this case we see three resource to be created. Assuming everything looks good now go ahead and provision the resources:

$ terraform apply
opc_compute_ip_reservation.ipreservation1: Creating...
Apply complete! Resources: 3 added, 0 changed, 0 destroyed.
public_ip = 129.144.xx.126


The instance is now provisioned and once fully booted will be accessible via ssh e.g. ssh opc@129.144.xx.126 -i ~/.ssh/id_rsa. Note: because we didn't declare any explicit security lists associations Oracle Compute Cloud automatically associates the instance the default security list which enables ssh access.

When the the configuration file is modified, running terraform plan/apply again will calculate just the changes required to create or update the deployed resources, bring them inline with the target configuration.

Finally, to complete this basic tutorial we’ll clean up by removing all the resource we just created. All the Terraform provisioned resources can be deleted by running.

$ terraform destroy
Destroy complete! Resources: 3 destroyed.


What Next?

The above overview provides just a basic example to get started. Additional resources can be added for storage, security, and networking, and combined with other providers and provisioners to orchestrate the complete infrastructure and application deployment across multiple services.

For the full set of supported resources see the Oracle Public Cloud Provider documentation. More detailed Oracle Compute Cloud Terraform configuration examples can be found at github.com/oracle/terraform-provider-compute/examples/opc/.

Oracle Bare Metal Cloud services support for Terraform is currently available as an external provider plugin at github.com/oracle/terraform-provider-baremetal.

Get Involved

The Oracle Public Cloud Terraform Provider is fully supported by Oracle and HashiCorp, questions and issues on using the Oracle Public Cloud `opc` provider can be logged directly on the Terraform Github repository

As an open source project, community contributions to the Terraform Oracle Public Cloud provider are welcomed. See the Terraform Contributing Guidelines for details.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.