Skip to content

Cloud Blogs

Author – Madhusudhan Rao

Menu
  • Archive Blogs
    • Cloud-Blogs by Madhusudhan Rao
      • ADF
        • ADF based Android Apps
        • ADF CRUD Cascaded LOVs
        • ADF CRUD Operation
        • ADF for Dummies
        • ADF for Financial Services Software Development
      • Analytics & Visualization
        • Business Intelligence
        • Oracle BI & DV Cloud Service
        • setting up Oracle Analytics Cloud Instance and Data Visualization Techniques
      • App Servers & DevOps
        • How to deploy NodeJS Application on Oracle Application Container Cloud Service
        • Oracle Application Container Cloud Service
        • Oracle Java Cloud Service
      • Architecture
        • 01 Enterprise Business
        • 02 Content framework
        • 03 Enterprise Continuum
        • 04 Maturity Models
        • 05-Architecture Governance
        • 06-Preliminary Phase
        • 07-Architecture Vision
        • 08-Business Architecture
        • 09-Info Sys Architecture
        • 10-Tech Architecture
        • 11 Opportunities & Solns
        • 12-Migration Planning
        • 14 Implementation Governance
        • 15 Change Management
        • 16-Requirement Management
        • 17 Reference Models
        • Cloud Architecture Concepts
          • 01 Architecture Concepts – Regulatory Compliance, Security monitoring and Storage protocols
          • 02 Architecture – Network Concepts and Bare Metal
          • 03 Enterprise Solution Architecture – Best Practices
          • 04 Cloud Architecture Concepts
        • Value Selling Techniques
      • OCI Admin Blogs
        • Create Oracle Cloud Infrastructure Instance
        • ElasticSearch & Kibana – Must for All Search Engine Development
        • How to Create Oracle Bare metal Compute Instance
        • Measuring Latency and TraceRoute Details with Oracle Edge Services
        • OCI Oracle cloud infrastructure – Setting up a NAT Instances for Public Internet Access from a Private Subnet
        • Oracle Cloud Infrastructure – OCI Creating buckets and object storage – setting up self expiry URLs
        • Oracle Cloud Infrastructure OCI – Create Instance ,Attach Block Volume , Open Ports, Setup Firewall rules
        • Python Basics
        • setting up Apache Tomcat on Oracle Cloud Infrastructure OCI
        • setting up CloudFlare DNS & HAProxy on Oracle Cloud Infrastructure for High Availability
        • Setting up Django Python Web Environment on Oracle Cloud
        • setting up File Storage on OCI and uploading files through Filezilla FTP
        • Setting up GPU-enabled Narupa server on Oracle Bare Metal Cloud for Virtual Reality Clients
        • setting up LAMP Stack , PHP 5.6, PhpMyAdmin , FTP and Mail Server on OCI
        • setting up Load Balancer on Oracle Cloud Infrastructure
        • setting up MongoDB Enterprise version Instance on Oracle Cloud Infrastructure Baremetal
        • setting up MongoDB on Oracle Cloud Infrastructure Classic and Opening Ports
        • Setting up SSH , FTP and Opening Ports on Oracle Cloud PaaS and IaaS
        • setting up web infrastructure DNS and HTTPS for your cloud Infrastructure as a Service OCI
        • World of Slack Programming
      • OCI Classic Blogs
        • How to Create WordPress blog on Oracle Cloud
        • running Function as a Service on Oracle Cloud Infrastructure – fnproject.io
        • running Hadoop & Big Data on Oracle Cloud Infrastructure
        • running TensorFlow Machine Learning for Image Recognition on Oracle Cloud Infrastructure
        • Setting up Kubernetes on Oracle Cloud Infrastructure – Classic
      • Oracle BPM for Financial Services
        • BPM for FS
        • 1. Setting up the development environment
        • 2. Modeling a home loan business process
        • 3. Implementing a home loan business process
        • 4. Deploying and testing a process workflow
        • 5. Administering processes
        • 6. Changing a business process by the process analyst
        • 7. Creating business reports for process owners
        • 8. Participating in a business process
        • 9. Integrating with business partners
        • 10. Collaborating with customers and end users
      • Oracle JET Series
    • Dockers on OCI Series
      • Comprehensive Blog on Dockers running on OCI
      • running a Docker Container on OCI
      • opening OCI Ports for Docker Containers
      • Building a Docker Image by using Dockerfile
      • Committing changes made in a Docker without using Dockerfile
      • pushing image to Docker Hub
      • DevOps with Github, Docker Hub and Oracle Container Cloud Services
      • running Apache Kafka for continuous data streaming on Oracle cloud infrastructure
    • Oracle Database Cloud Service
    • Oracle OKE Series
      • 01 Comprehensive Blog on Oracle Kubernetes Engine – getting started
      • 02 Configure Network Resources for Oracle Kubernetes Engine
      • 03 Creating 3 Worker and 2 Load Balancers Subnets for OKE
      • 04 Creating Oracle Kubernetes Cluster
      • 05 – Enable Cluster access through Command line interface
      • 06 – Getting onto Oracle Kubernetes Engine Dashboard
      • 07 Pod Configuration using a YAML Deployment
    • setting up and running Oracle Big Data PaaS
    • Setting up MySQL PaaS on Oracle Cloud
    • SOA BPM IDM Portal Series
      • FMW
        • Comprehensive Business Process Management – BPM 11g
        • FMW Install Startup Scripts
        • Oracle 11gR2 and 12c Database on Linux / OEL / Fedora
        • Oracle Identity Mangement
        • PS6, PS7, PS8 Install and Configuration
      • Webcenter Portal
        • Art of Webcenter Templating
        • Webcenter Sites Installation Linux
        • Webcenter Sites Look n feel
        • Webcenter Spaces
          • Custom Landing Page
        • Webcenter UCM Integration PS5
        • Webcenter, BPM Process Spaces – UCM PS5
        • BPM UCM and Webcenter PS5
      • BPM Series
        • 01-Simple BPM Task Initiator
        • 02-Business Rules and Exclusive Gateway
        • 03-Service Invocation Adapters
        • 04-BPM as a Web Service
        • 05-Mediator and Conditional Service Routing
        • 06-BPM Composer – Runtime Edit
        • 07-BPM and JMS Adapters
        • Oracle BPM 12c features
      • Process Cloud Service
        • Part 1 – Working with Process Cloud Service
        • Part 2 – How to Build Process , Data Persistence in Database Cloud Service
        • Part 3 – Invoking PCS Process from Oracle JET Framework
      • SOA Series
        • Oracle OSB 11g
        • Oracle SOA 11g Business Rules
        • Oracle SOA 11g DB Adapter
        • Oracle SOA 11g Mediator
        • SOA 11g AQ Adapters
    • Terraform on OCI Series
      • Create a Highly Scalable Cluster in the cloud using Terraform on OCI
      • Creating an Instance with New VNC Network
      • Managing the OCI Cluster with Slurm Workload Manager & Grafana
      • Terraform on OCI create instance
      • Terraform on OCI create load balancer
      • Terraform on OCI create non-federated user
      • Terraform on OCI create user, group, dynamic group and policies
      • Terraform on Oracle Cloud OCI
  • Database Developer Series
  • Database Series
    • Autonomous Data Warehouse and Analytics
      • 01 Preparing Client Machine
      • 02 Creating Autonomous Data Warehouse Instance
      • 03 Creating Tables into Autonomous Data Warehouse through SQL Developer
      • 04 Load Data into OCI Object storage and import that data into Autonomous Data warehouse
      • 05 Create Autonomous Analytics Cloud ADW Connection and create Data Visualization
    • Oracle Apex Cloud Service
Menu

Terraform on Oracle Cloud OCI

Mastering Terraform on Oracle Cloud Infrastructure – Deep dive training

Table of Content

  • Terraform setting up variables
  • Creating a Compartment on OCI
  • Creating an Instance with existing Network
  • Creating an Instance with Network
  • Create Non Federated User
  • Create user, group, dynamic group, attach users to group and policies
  • Create Highly Scalable Cluster on OCI
    • Managing Cluster with Slurm workload manager and Grafana
  • Create Load Balancer on OCI
  • Dockers on OCI
  • Author : Madhusudhan Rao

Introduction

Infrastructure as Code (IaC) is the management of infrastructure (networks, virtual machines, load balancers and connection topology) , Infrastructure is described using a high-level configuration syntax. This allows a blueprint of your datacenter to be versioned and treated as you would any other code. Additionally, infrastructure can be shared and re-used

Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions. Configuration files describe to Terraform the components needed to run a single application or your entire datacenter.

Scope of this Blog: To run Terraform script on Oracle Cloud Infrastructure OCI and to create resources such as Compute, Network, Users , Groups, Dynamic Groups, Policies, Load Balancer, Cluster of Compute Instances , Managing Clusters, Deep Dive into Dockers etc more from a Practical hands-on approach.

Steps

  1. Install latest version of Terraform
  2. Generate Keys
  3. Get User’s Fingerprint Id
  4. Gather the required variables
  5. Terraform variable file

1. Install latest version of Terraform 

You can check this article to have latest version of Terraform running on your desktop or laptop or even a virtual machine running on cloud environment.

[email protected] ~ % terraform -v
Terraform v0.13.5

2. Generate Keys

Pubic and Private Keys Open SSL .pem format

Generate Public and Private Keys

[email protected] keys % openssl genrsa -out /Users/madhusudhanrao/tf/keys/myopensslkey.pem 2048
Generating RSA private key, 2048 bit long modulus
.........................................................+++
............................+++
e is 65537 (0x10001)
[email protected] keys % chmod go-rwx /Users/madhusudhanrao/tf/keys/myopensslkey.pem
[email protected] keys % openssl rsa -pubout -in /Users/madhusudhanrao/tf/keys/myopensslkey.pem -out /Users/madhusudhanrao/tf/keys/myopensslkey_public.pem
writing RSA key  

Generate an SSH Key Pair on UNIX and UNIX-Like Systems (id_rsa)

Refer this link

[email protected] keys % openssl genrsa -out /Users/madhusudhanrao/tf/keys/myopensslkey.pem 2048
[email protected] keys % ls
aishu_rsa_private_key.pem	id_rsa.pub			llgb.pub			myopensslkey.pem
aishu_rsa_public_key.pem	key_name_public.pem		mykey				myopensslkey_public.pem
id_rsa				llgb				mykey.pub
[email protected] keys % cat myopensslkey_public.pem | pbcopy

3. Get Users Fingerprint Id. 

Refer this link

Upload the Public Key

You can upload the PEM public key in the Console, located at https://console.us-ashburn-1.oraclecloud.com. If you don’t have a login and password for the Console, contact an administrator.

  1. Open the Console, and sign in.
  2. View the details for the user who will be calling the API with the key pair:

    • If you’re signed in as the user:

      Open the Profile menu and click User Settings.

    • If you’re an administrator doing this for another user: Open the navigation menu. Under Governance and Administration, go to Identity and click Users. Select the user from the list.
  3. Click Add Public Key.
  4. Paste the contents of the PEM public key in the dialog box and click Add.

The key’s fingerprint is displayed (for example, 12:34:56:78:90:ab:cd:ef:12:34:56:78:90:ab:cd:ef).

Notice that after you’ve uploaded your first public key, you can also use the UploadApiKey API operation to upload additional keys. You can have up to three API key pairs per user. In an API request, you specify the key’s fingerprint to indicate which key you’re using to sign the request.

4. Gather required Terraform Variables

Login to cloud console https://console.us-ashburn-1.oraclecloud.com/tenancy

A) tenancy_ocid : Navigation Administrator > Tenancy Details 

Copy the OCID Example :

  
ocid1.tenancy.oc1..XXXXXdd6ahdouq

B) Region :  Region is taken browser url , for example if URL is https://console.us-ashburn-1.oraclecloud.com/tenancy , then region will be us-ashburn-1 

C) user_ocid : Navigation Identity > Users

Select the Federated User and copy the OCID

Example User OCID:

 
ocid1.user.oc1..XXXXX7gajpkup6jjq

D) Fingerprint : Navigation Identity > Users > API Keys

fingerprint should have been copied in previous step itself , when you uploaded Public Key or if not you can take it from API Keys listed under the Federated User,

Most important the fingerprint should match the Public Key that you uploaded for this Terraform scripts and you cannot just use any other fingerprints under API Keys

Example Fingerprint

 
e6:65:1d:3f:8f:94:XX:YY:ZZ:9c:9b:45:a1

E) compartment_ocid : Navigation Identity > Compartments

Copy the compartment ocid under which we plan to create resources

Example Compartment id

 
ocid1.compartment.oc1..XXXXXXXXcktfgexwdddsn6j4paqphq

F) private_key_path 

Keys were generated in previous steps so private key would be something like this

 
/Users/username/directory/keys/myopensslkey.pem

G) ssh_private_key

 
/Users/username/directory/keys/myopensslkey.pem

H) ssh_public_key

Public Key is something you would need to copy paste , so this would look something like this

cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAXXXXXLOs14kmtnCR6TihglaQ8QbXVi5nB5yauZw== [email protected]

5) Terraform variable file  

We now have required variable information to create terraform variable file variables.tf

#*************************************
#           TF Requirements
#*************************************
variable "tenancy_ocid" {
  default = "ocid1.tenancy.oc1..XXXlwwvtqvzpfdp255vjqpsdd6ahdouq"
}
variable "region" {
  default = "us-ashburn-1"
}
variable "user_ocid" {
  default = "ocid1.user.oc1..XXXtvmjhudi3fcue4nbuxjsf3s4mca"
}
variable "private_key_path"{
  default = "/Users/username/keys/myopensslkey.pem"
}
variable "fingerprint"{
  default = "e6:65:XX:YY:ZZ:9c:9b:45:a1"
}
variable "compartment_ocid" {
  #Compartment-12112020
  default = "ocid1.compartment.oc1..XXXXx6rhcktfgexwdddsn6j4paqphq"
}
variable "ssh_public_key" { 
   # cat id_rsa.pub       
   default =  "ssh-rsa AAAAB3NzaC1XXXXQ8QbXVi5nB5yauZw== [email protected]" 
}
variable "ssh_private_key" { 
    default = "/Users/username/keys/myopensslkey.pem"
}

Disclaimer : All views expressed in my blogs are my own.

Log in
  • Archive Blogs
    • Cloud-Blogs by Madhusudhan Rao
      • ADF
        • ADF based Android Apps
        • ADF CRUD Cascaded LOVs
        • ADF CRUD Operation
        • ADF for Dummies
        • ADF for Financial Services Software Development
      • Analytics & Visualization
        • Business Intelligence
        • Oracle BI & DV Cloud Service
        • setting up Oracle Analytics Cloud Instance and Data Visualization Techniques
      • App Servers & DevOps
        • How to deploy NodeJS Application on Oracle Application Container Cloud Service
        • Oracle Application Container Cloud Service
        • Oracle Java Cloud Service
      • Architecture
        • 01 Enterprise Business
        • 02 Content framework
        • 03 Enterprise Continuum
        • 04 Maturity Models
        • 05-Architecture Governance
        • 06-Preliminary Phase
        • 07-Architecture Vision
        • 08-Business Architecture
        • 09-Info Sys Architecture
        • 10-Tech Architecture
        • 11 Opportunities & Solns
        • 12-Migration Planning
        • 14 Implementation Governance
        • 15 Change Management
        • 16-Requirement Management
        • 17 Reference Models
        • Cloud Architecture Concepts
          • 01 Architecture Concepts - Regulatory Compliance, Security monitoring and Storage protocols
          • 02 Architecture - Network Concepts and Bare Metal
          • 03 Enterprise Solution Architecture - Best Practices
          • 04 Cloud Architecture Concepts
        • Value Selling Techniques
      • OCI Admin Blogs
        • Create Oracle Cloud Infrastructure Instance
        • ElasticSearch & Kibana - Must for All Search Engine Development
        • How to Create Oracle Bare metal Compute Instance
        • Measuring Latency and TraceRoute Details with Oracle Edge Services
        • OCI Oracle cloud infrastructure - Setting up a NAT Instances for Public Internet Access from a Private Subnet
        • Oracle Cloud Infrastructure - OCI Creating buckets and object storage - setting up self expiry URLs
        • Oracle Cloud Infrastructure OCI - Create Instance ,Attach Block Volume , Open Ports, Setup Firewall rules
        • Python Basics
        • setting up Apache Tomcat on Oracle Cloud Infrastructure OCI
        • setting up CloudFlare DNS & HAProxy on Oracle Cloud Infrastructure for High Availability
        • Setting up Django Python Web Environment on Oracle Cloud
        • setting up File Storage on OCI and uploading files through Filezilla FTP
        • Setting up GPU-enabled Narupa server on Oracle Bare Metal Cloud for Virtual Reality Clients
        • setting up LAMP Stack , PHP 5.6, PhpMyAdmin , FTP and Mail Server on OCI
        • setting up Load Balancer on Oracle Cloud Infrastructure
        • setting up MongoDB Enterprise version Instance on Oracle Cloud Infrastructure Baremetal
        • setting up MongoDB on Oracle Cloud Infrastructure Classic and Opening Ports
        • Setting up SSH , FTP and Opening Ports on Oracle Cloud PaaS and IaaS
        • setting up web infrastructure DNS and HTTPS for your cloud Infrastructure as a Service OCI
        • World of Slack Programming
      • OCI Classic Blogs
        • How to Create WordPress blog on Oracle Cloud
        • running Function as a Service on Oracle Cloud Infrastructure - fnproject.io
        • running Hadoop & Big Data on Oracle Cloud Infrastructure
        • running TensorFlow Machine Learning for Image Recognition on Oracle Cloud Infrastructure
        • Setting up Kubernetes on Oracle Cloud Infrastructure - Classic
      • Oracle BPM for Financial Services
        • BPM for FS
        • 1. Setting up the development environment
        • 2. Modeling a home loan business process
        • 3. Implementing a home loan business process
        • 4. Deploying and testing a process workflow
        • 5. Administering processes
        • 6. Changing a business process by the process analyst
        • 7. Creating business reports for process owners
        • 8. Participating in a business process
        • 9. Integrating with business partners
        • 10. Collaborating with customers and end users
      • Oracle JET Series
    • Dockers on OCI Series
      • Comprehensive Blog on Dockers running on OCI
      • running a Docker Container on OCI
      • opening OCI Ports for Docker Containers
      • Building a Docker Image by using Dockerfile
      • Committing changes made in a Docker without using Dockerfile
      • pushing image to Docker Hub
      • DevOps with Github, Docker Hub and Oracle Container Cloud Services
      • running Apache Kafka for continuous data streaming on Oracle cloud infrastructure
    • Oracle Database Cloud Service
    • Oracle OKE Series
      • 01 Comprehensive Blog on Oracle Kubernetes Engine - getting started
      • 02 Configure Network Resources for Oracle Kubernetes Engine
      • 03 Creating 3 Worker and 2 Load Balancers Subnets for OKE
      • 04 Creating Oracle Kubernetes Cluster
      • 05 - Enable Cluster access through Command line interface
      • 06 - Getting onto Oracle Kubernetes Engine Dashboard
      • 07 Pod Configuration using a YAML Deployment
    • setting up and running Oracle Big Data PaaS
    • Setting up MySQL PaaS on Oracle Cloud
    • SOA BPM IDM Portal Series
      • FMW
        • Comprehensive Business Process Management - BPM 11g
        • FMW Install Startup Scripts
        • Oracle 11gR2 and 12c Database on Linux / OEL / Fedora
        • Oracle Identity Mangement
        • PS6, PS7, PS8 Install and Configuration
      • Webcenter Portal
        • Art of Webcenter Templating
        • Webcenter Sites Installation Linux
        • Webcenter Sites Look n feel
        • Webcenter Spaces
          • Custom Landing Page
        • Webcenter UCM Integration PS5
        • Webcenter, BPM Process Spaces - UCM PS5
        • BPM UCM and Webcenter PS5
      • BPM Series
        • 01-Simple BPM Task Initiator
        • 02-Business Rules and Exclusive Gateway
        • 03-Service Invocation Adapters
        • 04-BPM as a Web Service
        • 05-Mediator and Conditional Service Routing
        • 06-BPM Composer - Runtime Edit
        • 07-BPM and JMS Adapters
        • Oracle BPM 12c features
      • Process Cloud Service
        • Part 1 - Working with Process Cloud Service
        • Part 2 – How to Build Process , Data Persistence in Database Cloud Service
        • Part 3 – Invoking PCS Process from Oracle JET Framework
      • SOA Series
        • Oracle OSB 11g
        • Oracle SOA 11g Business Rules
        • Oracle SOA 11g DB Adapter
        • Oracle SOA 11g Mediator
        • SOA 11g AQ Adapters
    • Terraform on OCI Series
      • Create a Highly Scalable Cluster in the cloud using Terraform on OCI
      • Creating an Instance with New VNC Network
      • Managing the OCI Cluster with Slurm Workload Manager & Grafana
      • Terraform on OCI create instance
      • Terraform on OCI create load balancer
      • Terraform on OCI create non-federated user
      • Terraform on OCI create user, group, dynamic group and policies
      • Terraform on Oracle Cloud OCI
  • Database Developer Series
  • Database Series
    • Autonomous Data Warehouse and Analytics
      • 01 Preparing Client Machine
      • 02 Creating Autonomous Data Warehouse Instance
      • 03 Creating Tables into Autonomous Data Warehouse through SQL Developer
      • 04 Load Data into OCI Object storage and import that data into Autonomous Data warehouse
      • 05 Create Autonomous Analytics Cloud ADW Connection and create Data Visualization
    • Oracle Apex Cloud Service

"Technology has the shelf life of a banana. By the time you buy it, implement it and train people on it, it’s obsolete. … ” as said by Mr Scott McNealy

© 2023 Cloud Blogs | Powered by Minimalist Blog WordPress Theme