Chat with us, powered by LiveChat

Written by Antxon González, Support Engineer @ Abiquo

What is Terraform?

Terraform is an Infrastructure as Code software that allows you to manage and provision resources in different providers through a declarative language to describe the desired results. Terraform evaluates the resources state in the providers and performs the actions required to reach the described state in a programmatic way, allowing you to use version control and automation to manage the infrastructure you have in the providers.

In this article, we introduce the Abiquo Terraform Provider to control your Abiquo Cloud resources.

Terraform configuration files

Terraform configuration files can use two different formats, the native format and JSON. We will focus on the first one, which is the preferred format also, as it is human friendly and easier to understand. Files in the native format use the .tf extension and are called Terraform configurations.

First, we need to configure the Abiquo provider with a provider block. Provider blocks define the parameters you need to configure the resources in the provider, as API endpoints or credentials. In our case:

provider “abiquo” {
endpoint = “https://my.abiquo.endpoint:443/api”
username = “user”
password = “pass”
insecure = true
}

You will need to change the endpoint, username and password fields accordingly to your environment. The insecure parameter is used to specify whether the endpoint certificate must be validated or not. In our case, as we are using a self signed certificate, we set this to true.

Once the provider is configured, we need to describe the resources we will manage with Terraform and their desired states. These resources can be any Abiquo API resources, as enterprises, users, firewalls, VMs or scaling groups, and so on.
We will focus on the enterprise and limit resources to give you an idea of the general feeling. Let’s suppose we are Cloud administrators, and we have to create a new enterprise, allow it to use two datacenters and limit the amount of CPU and RAM it may use globally and in each datacenter. The enterprise resource block would look like this:

resource "abiquo_enterprise" "NewEnterprise" {
name = "NewCustomer"
cpusoft = 300 , cpuhard = 500
ramsoft = 15000 , ramhard = 20000
}

The first string after the resource keyword identifies the provider and the resource type, separated by an underscore. The second string is the Terraform resource identifier. If it changes, Terraform will deem the old identifier as intended for destruction, and create another Resource for the new identifier. Inside the blocks, we define its attributes, in this case, its name and some global resource limits.

Abiquo requires Enterprises to have a limit resource associated with a location to allow the Enterprise to use it. So, we will define such resources now:

resource "abiquo_limit" "NewEnterpriseLimit1" {
enterprise = "${abiquo_enterprise.NewEnterprise.id}"
location = "https://my.abiquo.endpoint:443/api/admin/datacenters/1"
 
cpusoft = 200 , cpuhard = 300
ramsoft = 13000 , ramhard = 14000
vlansoft = 32 , vlanhard = 64
}
 
resource "abiquo_limit" "NewEnterpriseLimit2" {
enterprise = "${abiquo_enterprise.NewEnterprise.id}"
location = "https://my.abiquo.endpoint:443/api/admin/datacenters/2"
 
cpusoft = 150 , cpuhard = 250
ramsoft = 11000 , ramhard = 12000
}

The limit resources look like the enterprise resource. Their type is abiquo_limit, and their identifiers are NewCustomerLimit1 and NewCustomerLimit2. Among their attributes, there are two worth looking at: The enterprise and the location.

The location points to an Abiquo API resource directly by its URL. The enterprise uses the Terraform interpolation syntax, which means its value will be the id value of the NewEnterprise enterprise resource, creating a dependency on it. In the Terraform Abiquo provider, these ID are the resources URLs. This is the way we reflect relationships between Abiquo resources in Terraform.

Terraform will take care of all these dependencies automatically, and ensure the NewEnterprise resource exists before it creates the limit resources.

Using Terraform

Usually, the configuration files are kept in self-contained folders which hold some extra files which keep the provider and resources states. This allows Terraform to detect any change on the defined resources, and to perform the required operations to make the resources match their definitions. So, the first step is to put all the code inside a .tf file in an empty folder, and initialize Terraform:

terraform init

Once initialized, we can check the current plan. This will show which resources will be created, modified or destroyed to make the resources definitions match the configuration files:

terraform plan

To apply such changes, we need to execute the command below. Terraform will show us the plan again, and ask for explicit confirmation before performing the changes:

terraform apply

Finally, we can destroy the resources to get rid of them in the provider. Again, Terraform will require explicit confirmation before performing any changes:

terraform destroy

Should we need to change the customer global CPU limits, or the vlan limits in the first datacenter, we just have to edit the relevant resources and apply plan again. If the customer decides to stop using the second datacenter, we just need to remove the delete the second limit resource, and apply the changes again. Terraform will verify the current state of the resources, compare it to the desire state, and perform the required changes by itself. freeing us from the burden of doing it manually though the UI and providing us tools to keep the Infrastructure configuration as code.

Next steps

Abiquo is a hybrid cloud provider which manages resources in heterogeneous environments with the same homogeneous API. As such, it provides a lot of different API resources which depend on each other to create arbitrarily complex applications and environments. Terraform allows you to define heterogeneous resources in an homogeneous language, and it will keep track of any changes in such definitions to make the infrastructure match them.

The Terraform Abiquo provider is a recent development done by Antxon Gonzalez from Abiquo’s Engineering Team that allows you to get the benefits from both at the same time. It can be used by the Cloud administrators to keep track of the resources an enterprise and its users can use, or by the end users to define the applications they need to deploy and the VMs they will use. Let us know if you are interested in it, and we will be glad to elaborate further!

About Terraform

HashiCorp Terraform enables you to safely and predictably create, change, and improve infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.

Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.

Configuration files describe to Terraform the components needed to run a single application or your entire datacenter. Terraform generates an execution plan describing what it will do to reach the desired state, and then executes it to build the described infrastructure. As the configuration changes, Terraform is able to determine what changed and create incremental execution plans which can be applied.

The infrastructure Terraform can manage includes low-level components such as compute instances, storage, and networking, as well as high-level components such as DNS entries, SaaS features, etc.

About Abiquo

Abiquo delivers the industry’s leading cloud orchestration software for service provider clouds; allowing customers to quickly build and monetise cloud services, whilst managing hybrid, private or public cloud infrastructure from one intuitive portal – adding value through greater efficiency, visibility, simplicity and control.

Abiquo is privately held, and operates from headquarters in the UK with offices in Europe, and through its extensive global partner network. For more information, contact us.