Skip to main content
Skip table of contents

Exemple d'infrastructure as a code via Terraform

Installation terraform

https://developer.hashicorp.com/terraform/install

Création d’un environnement

  • créer un dossier de travail

  • y déposer les fichiers source du code terraform à déployer

  • initialiser l’environnement

    • terraform init ( dans le dossier contenant le main.tf)

Fichiers terraform

main.tf définition des variables et des providers

CODE 
# Main config
terraform {
 	required_providers {
      vcd = {
      source = "vmware/vcd"
    }   
  }
}

variable "vcd_user" {
    type = string
    description = "VCD User"
    # sensitive = true
}
variable "vcd_password" {
    type = string
    description = "VCD Password"
    # sensitive variable are not displayed in standard output
    # sensitive = true
}

variable "vcd_url" { type = string  }
variable "vcd_allow_unverified_ssl" {
    type = bool
    description = "skip ssl certificate verification"
    default = false
}

variable "vcd_tenant_name"  { type = string }

provider "vcd" {
  user                 = var.vcd_user
  password             = var.vcd_password
  org                  = var.vcd_tenant_name
  url                  = var.vcd_url
  max_retry_timeout    = 500
  allow_unverified_ssl = var.vcd_allow_unverified_ssl
}

variables.tfvars ( stockage des variables et des secrets

CODE 
vcd_url = "https://portail.cloud.sigma.fr/api"
vcd_allow_unverified_ssl = true
vcd_user = "mon user" 
vcd_password = "mon password"
vcd_tenant_name = "mon tenant"
#### Il ne faut jamais reproduire cet exemple
#### NE PAS stocker de secrets dans un fichier de variables
#### Préférer l'utilisation d'HASHICORP vault (ou autre)  https://docs.gitlab.com/ee/ci/secrets/

Il ne faut jamais reproduire cet exemple

NE PAS stocker de secrets dans un fichier de variables
Préférer l'utilisation d'HASHICORP vault (ou autre) https://docs.gitlab.com/ee/ci/secrets/

iac.tf le fichier contenant le code de création de quelques composants

CODE 

 #sélection du  catalogue d'images et de 2 templates
data "vcd_catalog" "catalogue_linux" {
  name  = "SIGMA-LINUX"
  org = "CATALOGUE"
}
data "vcd_catalog_vapp_template" "catalogue_linux_Rocky8" {
  catalog_id = data.vcd_catalog.catalogue_linux.id
  name = "Rocky-8.x"
}
data "vcd_catalog_vapp_template" "catalogue_linux_Alma9" {
  catalog_id = data.vcd_catalog.catalogue_linux.id
  name = "Alma-9.x"
}

#initialisation de l'environnement réseau
data "vcd_vdc_group" "vdcgroup" {
  name = "${var.vcd_tenant_name}_VdcGroup"
}

data "vcd_nsxt_edgegateway" "vcd_edgegateway" {
  owner_id = data.vcd_vdc_group.vdcgroup.id
  name = "nan-w01-p-${var.vcd_tenant_name}-t1-01"
}


#Création de 3x Networks
resource "vcd_network_routed_v2" "networkA" {
  name         = "MyNetworkAsCodeA"
  edge_gateway_id = data.vcd_nsxt_edgegateway.vcd_edgegateway.id
  gateway      = "100.10.0.1"
  prefix_length = 24
  static_ip_pool {
    start_address = "100.10.0.152"
    end_address   = "100.10.0.200"
  }
  dns1 = "8.8.8.8"
  dns2 = "1.1.1.1"
}

resource "vcd_network_routed_v2" "networkB" {
  name         = "MyNetworkAsCodeB"
  edge_gateway_id = data.vcd_nsxt_edgegateway.vcd_edgegateway.id
  gateway      = "100.11.0.1"
  prefix_length = 24
  static_ip_pool {
    start_address = "100.11.0.152"
    end_address   = "100.11.0.200"
  }
  dns1 = "8.8.8.8"
  dns2 = "1.1.1.1"

}

resource "vcd_network_routed_v2" "networkC" {
  name         = "MyNetworkAsCodeC"
  edge_gateway_id = data.vcd_nsxt_edgegateway.vcd_edgegateway.id
  gateway      = "100.12.0.1"
  prefix_length = 24
  static_ip_pool {
    start_address = "100.12.0.152"
    end_address   = "100.12.0.200"
  }
  dns1 = "8.8.8.8"
  dns2 = "1.1.1.1"
}


#Création de 3x VMs
resource "vcd_vm" "vm_as_code_vmA" {
 vapp_template_id = data.vcd_catalog_vapp_template.catalogue_linux_Alma9.id
 name =          "vmascodeVMA"
 computer_name = "vmascodeVMA"
 storage_profile = "simple_standard_v1"
 org = var.vcd_tenant_name
 vdc	= "nan-az-1"
 security_tags =  ["internet_access"]
 network {
  name = vcd_network_routed_v2.networkA.name
  type = "org"
  ip_allocation_mode = "POOL"
 }
}

resource "vcd_vm" "vm_as_code_vmB" {
 vapp_template_id = data.vcd_catalog_vapp_template.catalogue_linux_Alma9.id
 name =          "vmascodeVMB"
 computer_name = "vmascodeVMB"
 storage_profile = "simple_standard_v1"
 org = var.vcd_tenant_name
 vdc	= "nan-az-1"
 security_tags =  ["internet_access"]
 network {
  name = vcd_network_routed_v2.networkB.name
  type = "org"
  ip_allocation_mode = "POOL"
  }
  # customization {
    # enabled                             = true
    # allow_local_admin_password          = true
    # must_change_password_on_first_login	= false
    # auto_generate_password              = true
	# force 								= true
  # }
}

resource "vcd_vm" "vm_as_code_vmC" {
 vapp_template_id = data.vcd_catalog_vapp_template.catalogue_linux_Rocky8.id
 name =          "vmascodeVMC"
 computer_name = "vmascodeVMC"
 storage_profile = "simple_standard_v1"
 org = var.vcd_tenant_name
 vdc	= "nan-az-1"
 security_tags =  ["internet_access"]
  network {
   name = vcd_network_routed_v2.networkC.name
   type = "org"
   ip_allocation_mode = "POOL"
  }
}

Exécuter

Vérifier que la syntaxe du code est viable.

CODE 
terraform plan -var-file variables.tfvars

Exécuter le code

CODE 
terraform apply -var-file variables.tfvars

Détruire l’infrastructure

CODE 
terraform destroy -var-file variables.tfvars
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close