Terraform with Cisco UCS Director

Terraform with Cisco UCS Director

November 7, 2016 3 By Eric Shanks

I’m a big fan of Terraform from Hashicorp but many organizations are using cloud management platforms like Cisco UCS Director or vRealize Automation in order to deploy infrastructure. If you read my blog often, you’ll know that I’ve got some experience with both of these products and if you’re looking to get up to speed on either of them, check out one of these links: UCS Director 6 Guide or vRealize Automation 7 Guide. But why not use Terraform with Cisco UCS Director and have the best of both worlds?

UCS Director can deploy virtual machines pretty easily, but what if you want to deploy a more complex stack, like a pair of virtual machines behind a load balancer? Well, UCS Director could do this, but Terraform makes it really easy. So here we’ll use a Terraform configuration file to do it.

The Terraform Configuration File

Below is a configuration file that could be used with Terraform that will deploy a pair of EC2 Instances and place them behind a load balancer. You can see that the instances are deployed in separate availability zones and the instances are web servers that I created through “packer” which is another Hashicorp product.

variable "access_key" {}
variable "secret_key" {}

provider "aws" {
  access_key = "${var.access_key}"
  secret_key = "${var.secret_key}"
  region     = "us-east-1"
}

resource "aws_elb" "elb1" {
	name = "hollow-elb"
	availability_zones = ["us-east-1a","us-east-1b"]

	listener {
    	instance_port = 80
    	instance_protocol = "http"
    	lb_port = 80
    	lb_protocol = "http"
  }

instances = ["${aws_instance.instance1.id}","${aws_instance.instance2.id}"]
cross_zone_load_balancing = true
idle_timeout = 400
connection_draining = true
connection_draining_timeout = 400

tags {
	Name = "HollowELB"
}

}

resource "aws_instance" "instance1" {
  ami           = "ami-f9b3e4ee"
  instance_type = "t2.micro"

}

resource "aws_instance" "instance2" {
  ami           = "ami-f9b3e4ee"
  instance_type = "t2.micro"

}

 

UCS Director Workflow

In UCS Director, we’ll deploy a workflow that makes an SSH call to a linux machine that has Terraform installed and my configuration files stored there. You can see from the screenshot below that I’ve got the Terraform binary, the terraform config file and a variable file which is used to store the EC2 keys for the configuration file.

terraform-ucsd-linux

The UCS Director workflow will SSH into our Linux VM, create a new directory named after the service request in UCSD, copy the files to the new directory and execute a “terraform apply” to start the build. The full workflow is listed below and it only requires a single task.

 

terraform-ucsd-workflow

The task is a custom ssh task that you can download from the Cisco communities website. You might get away with using the out-of-the-box workflow but the custom workflow that can be imported includes a rollback section to “undo” the deployment later.

Below you can see that I’ve loaded a bash profile and will make a new directory “/root/terraform/{ServiceRequest}”. Then we’ll copy files and run the “terraform apply” command. If you look in the “Undo Commands” section we run the “terraform destroy” command and then remove the directory we created.

terraform-ucsd-commands

Execute the UCS Director Workflow

When you execute the workflow, you can see that a new directory is made and the files are copied over. The new directory is named after the service record ID from UCSD.

terraform-ucsd-sshdir

Looking in the AWS console, we can see that a pair of EC2 instances were created in different availability zones.

terraform-ucsd-aws-instances

 

And a load balancer was created and added those two instances to it.

terraform-ucsd-aws-lb

One of the differences between vRA and UCSD is that vRA will only manage the virtual machines that were deployed through vRA. UCSD on the other hand can manage machines that were not deployed through the solution. This means that when I look at the virtual machines in UCS Director that they will show up and can be powered of, powered off or destroyed.

terraform-ucsd-vmmanaged

Thanks to the undo commands in the Custom SSH task, we can rollback the deployment which will terminate the two instances and destroy the load balancer.

Summary

Terraform is a pretty neat tool to use to define your infrastructure as a piece of code. If you combine it with an existing cloud management platform you can extend your capabilities even further.