Terraform on OCI create instance

Mastering Terraform on Oracle Cloud Infrastructure – Deep dive training

Table of Content

In this session we will create a Ubuntu Compute Instance with existing Networking

first grab public subnet OCID of existing Network

In this case VNC is already created by name tf-vnc and also its public subnet , we will attach this a new Ubuntu VM that we are going to create

Here we would need 3 files in a folder they are listed below

  1. provider.tf
  2. compute.tf
  3. output.tf

provider.tf

You can get these variable values from our previous exercise

# Provider.tf Configure the Oracle Cloud Infrastructure provider with an API Key
provider "oci" {
  tenancy_ocid = "ocid1.tenancy.oc1..aaaaaaaaXXXXd6ahdouq"
  user_ocid = "ocid1.user.oc1..aaaaaaaa7XXXXXs4mca"
  private_key_path = "/Users/madhusudhanrao/.oci/aishu_rsa_private_key.pem"
  fingerprint = "61:44:10:29:7a:XX:YY:ZZ:b2:03:81:8c"
  region = "us-ashburn-1"
}

compute.tf

Get Image OCID from https://docs.cloud.oracle.com/en-us/iaas/images/image/957e74db-0375-4918-b897-a8ce93753ad9/

 
#Compute.tf  https://registry.terraform.io/providers/hashicorp/oci/latest/docs
# Get a list of Availability Domains
data "oci_identity_availability_domains" "ads" {
  compartment_id = "ocid1.tenancy.oc1..aaaaaaaa6vXXXXXjqpsdd6ahdouq"
} 
# Output the result
output "show-ads" {
  value = data.oci_identity_availability_domains.ads.availability_domains
} 
resource "oci_core_instance" "ubuntu_instance" {
    # Required
    availability_domain = data.oci_identity_availability_domains.ads.availability_domains[0].name
    #Compartment-15Nov that we created in previous exercise 
    compartment_id = "ocid1.compartment.oc1..aXXXXXxkqukwwbzx5nuauaa"
    shape = "VM.Standard.E2.1"
    source_details {
        source_id = "ocid1.image.oc1.iad.aaaaaaaaffttreqvrrvnn5yj57jdqdcl4dhxuin543fb3debmbmgk7n4bf2a"
        source_type = "image"
    }
 
    # Optional - Public Subnet of VNC that has already been created.
    display_name = "Ubuntu15Nov"
    create_vnic_details {
        assign_public_ip = true
        subnet_id = "ocid1.subnet.oc1.iad.aaaaaaaaXXXXlwdwqmf4gh62a"
    }
    metadata = {
        ssh_authorized_keys = file("/Users/madhusudhanrao/.oci/ssh-key-name.pub")
    }
    preserve_boot_volume = false
}

output.tf

# Outputs.tf Output the "list" of all availability domains.
output "all-availability-domains-for-your-compartment" {
  value = data.oci_identity_availability_domains.ads.availability_domains[0]
} 
# Output the "name" of the availability domain that will be used.
output "The-first-availability-domain-with-the-following-name-is-used-for-the-compute-instance" {
  value = data.oci_identity_availability_domains.ads.availability_domains[0].name
} 
#Outputs for compute instance
output "public-ip-for-compute-instance" {
  value = oci_core_instance.ubuntu_instance.public_ip
} 
output "instance-name" {
  value = oci_core_instance.ubuntu_instance.display_name
} 
output "instance-OCID" {
  value = oci_core_instance.ubuntu_instance.id
} 
output "instance-region" {
  value = oci_core_instance.ubuntu_instance.region
} 
output "instance-shape" {
  value = oci_core_instance.ubuntu_instance.shape
} 
output "instance-state" {
  value = oci_core_instance.ubuntu_instance.state
} 
output "instance-OCPUs" {
  value = oci_core_instance.ubuntu_instance.shape_config[0].ocpus
} 
output "instance-memory-in-GBs" {
  value = oci_core_instance.ubuntu_instance.shape_config[0].memory_in_gbs
} 
output "time-created" {
  value = oci_core_instance.ubuntu_instance.time_created
}

terraform init

[email protected] mytf-compartment % terraform init

Initializing the backend...

Initializing provider plugins...
- Finding latest version of hashicorp/oci...
- Installing hashicorp/oci v4.3.0...
- Installed hashicorp/oci v4.3.0 (signed by HashiCorp)

The following providers do not have any version constraints in configuration,
so the latest version was installed.

To prevent automatic upgrades to new major versions that may contain breaking
changes, we recommend adding version constraints in a required_providers block
in your configuration, with the constraint strings suggested below.

* hashicorp/oci: version = "~> 4.3.0"

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

terraform plan

[email protected] mytf-compute % terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

data.oci_identity_availability_domains.ads: Refreshing state...

------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # oci_core_instance.ubuntu_instance will be created
  + resource "oci_core_instance" "ubuntu_instance" {
      + availability_domain                 = "mKWN:US-ASHBURN-AD-1"
      + boot_volume_id                      = (known after apply)
      + compartment_id                      = "ocid1.compartment.oc1..aaaaaaaahbXXXXXkwwbzx5nuauaa"
      + dedicated_vm_host_id                = (known after apply)
      + defined_tags                        = (known after apply)
      + display_name                        = "Ubuntu15Nov"
      + fault_domain                        = (known after apply)
      + freeform_tags                       = (known after apply)
      + hostname_label                      = (known after apply)
      + id                                  = (known after apply)
      + image                               = (known after apply)
      + ipxe_script                         = (known after apply)
      + is_pv_encryption_in_transit_enabled = (known after apply)
      + launch_mode                         = (known after apply)
      + metadata                            = {
          + "ssh_authorized_keys" = <<~EOT
                ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAXXXXXA61QTtwT1SO2Cuxr /Users/madhusudhanrao/.oci/ssh-key-name
            EOT
        }
      + preserve_boot_volume                = false
      + private_ip                          = (known after apply)
      + public_ip                           = (known after apply)
      + region                              = (known after apply)
      + shape                               = "VM.Standard.E2.1"
      + state                               = (known after apply)
      + subnet_id                           = (known after apply)
      + system_tags                         = (known after apply)
      + time_created                        = (known after apply)
      + time_maintenance_reboot_due         = (known after apply)

      + agent_config {
          + is_management_disabled = (known after apply)
          + is_monitoring_disabled = (known after apply)
        }

      + availability_config {
          + recovery_action = (known after apply)
        }

      + create_vnic_details {
          + assign_public_ip       = "true"
          + defined_tags           = (known after apply)
          + display_name           = (known after apply)
          + freeform_tags          = (known after apply)
          + hostname_label         = (known after apply)
          + private_ip             = (known after apply)
          + skip_source_dest_check = (known after apply)
          + subnet_id              = "ocid1.subnet.oc1.iad.aaaaaaaa5XXXXlwdwqmf4gh62a"
          + vlan_id                = (known after apply)
        }

      + instance_options {
          + are_legacy_imds_endpoints_disabled = (known after apply)
        }

      + launch_options {
          + boot_volume_type                    = (known after apply)
          + firmware                            = (known after apply)
          + is_consistent_volume_naming_enabled = (known after apply)
          + is_pv_encryption_in_transit_enabled = (known after apply)
          + network_type                        = (known after apply)
          + remote_data_volume_type             = (known after apply)
        }

      + shape_config {
          + gpu_description               = (known after apply)
          + gpus                          = (known after apply)
          + local_disk_description        = (known after apply)
          + local_disks                   = (known after apply)
          + local_disks_total_size_in_gbs = (known after apply)
          + max_vnic_attachments          = (known after apply)
          + memory_in_gbs                 = (known after apply)
          + networking_bandwidth_in_gbps  = (known after apply)
          + ocpus                         = (known after apply)
          + processor_description         = (known after apply)
        }

      + source_details {
          + boot_volume_size_in_gbs = (known after apply)
          + kms_key_id              = (known after apply)
          + source_id               = "ocid1.image.oc1.iad.aaaaaaaaffttreqvrrvnn5yj57jdqdcl4dhxuin543fb3debmbmgk7n4bf2a"
          + source_type             = "image"
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

terraform apply

[email protected] mytf-compute % terraform apply
data.oci_identity_availability_domains.ads: Refreshing state...

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # oci_core_instance.ubuntu_instance will be created
  + resource "oci_core_instance" "ubuntu_instance" {
      + availability_domain                 = "mKWN:US-ASHBURN-AD-1"
      + boot_volume_id                      = (known after apply)
      + compartment_id                      = "ocid1.compartment.oc1..aaaaaaXXXX5nuauaa"
      + dedicated_vm_host_id                = (known after apply)
      + defined_tags                        = (known after apply)
      + display_name                        = "Ubuntu15Nov"
      + fault_domain                        = (known after apply)
      + freeform_tags                       = (known after apply)
      + hostname_label                      = (known after apply)
      + id                                  = (known after apply)
      + image                               = (known after apply)
      + ipxe_script                         = (known after apply)
      + is_pv_encryption_in_transit_enabled = (known after apply)
      + launch_mode                         = (known after apply)
      + metadata                            = {
          + "ssh_authorized_keys" = <<~EOT
                ssh-rsa AAAAB3NzaC1yc2EXXXX1QTtwT1SO2Cuxr /Users/madhusudhanrao/.oci/ssh-key-name
            EOT
        }
      + preserve_boot_volume                = false
      + private_ip                          = (known after apply)
      + public_ip                           = (known after apply)
      + region                              = (known after apply)
      + shape                               = "VM.Standard.E2.1"
      + state                               = (known after apply)
      + subnet_id                           = (known after apply)
      + system_tags                         = (known after apply)
      + time_created                        = (known after apply)
      + time_maintenance_reboot_due         = (known after apply)

      + agent_config {
          + is_management_disabled = (known after apply)
          + is_monitoring_disabled = (known after apply)
        }

      + availability_config {
          + recovery_action = (known after apply)
        }

      + create_vnic_details {
          + assign_public_ip       = "true"
          + defined_tags           = (known after apply)
          + display_name           = (known after apply)
          + freeform_tags          = (known after apply)
          + hostname_label         = (known after apply)
          + private_ip             = (known after apply)
          + skip_source_dest_check = (known after apply)
          + subnet_id              = "ocid1.subnet.oc1.iad.aaaaaaaaXXXXXdwqmf4gh62a"
          + vlan_id                = (known after apply)
        }

      + instance_options {
          + are_legacy_imds_endpoints_disabled = (known after apply)
        }

      + launch_options {
          + boot_volume_type                    = (known after apply)
          + firmware                            = (known after apply)
          + is_consistent_volume_naming_enabled = (known after apply)
          + is_pv_encryption_in_transit_enabled = (known after apply)
          + network_type                        = (known after apply)
          + remote_data_volume_type             = (known after apply)
        }

      + shape_config {
          + gpu_description               = (known after apply)
          + gpus                          = (known after apply)
          + local_disk_description        = (known after apply)
          + local_disks                   = (known after apply)
          + local_disks_total_size_in_gbs = (known after apply)
          + max_vnic_attachments          = (known after apply)
          + memory_in_gbs                 = (known after apply)
          + networking_bandwidth_in_gbps  = (known after apply)
          + ocpus                         = (known after apply)
          + processor_description         = (known after apply)
        }

      + source_details {
          + boot_volume_size_in_gbs = (known after apply)
          + kms_key_id              = (known after apply)
          + source_id               = "ocid1.image.oc1.iad.aaaaaaaaffttreqvrrvnn5yj57jdqdcl4dhxuin543fb3debmbmgk7n4bf2a"
          + source_type             = "image"
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

oci_core_instance.ubuntu_instance: Creating...
oci_core_instance.ubuntu_instance: Still creating... [10s elapsed]
oci_core_instance.ubuntu_instance: Still creating... [20s elapsed]
oci_core_instance.ubuntu_instance: Still creating... [30s elapsed]
oci_core_instance.ubuntu_instance: Still creating... [40s elapsed]
oci_core_instance.ubuntu_instance: Still creating... [50s elapsed]
oci_core_instance.ubuntu_instance: Creation complete after 52s 
[id=ocid1.instance.oc1.iad.anuwcljtfvlXXXz74v53b5fakncdta]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Outputs:

The-first-availability-domain-with-the-following-name-is-used-for-the-compute-instance = mKWN:US-ASHBURN-AD-1
all-availability-domains-for-your-compartment = {
  "compartment_id" = "ocid1.tenancy.oc1..aaaaaaaa6vfq4XXXpsdd6ahdouq"
  "id" = "ocid1.availabilitydomain.oc1..aaaaaaaatrXXXXXfhcb7mxsfdq"
  "name" = "mKWN:US-ASHBURN-AD-1"
}
instance-OCID = ocid1.instance.oc1.iad.anuwcljtfvlXXXXXfakncdta
instance-OCPUs = 1
instance-memory-in-GBs = 8
instance-name = Ubuntu15Nov
instance-region = iad
instance-shape = VM.Standard.E2.1
instance-state = RUNNING
public-ip-for-compute-instance = 150.136.83.135
show-ads = [
  {
    "compartment_id" = "ocid1.tenancy.oc1..aaaaaaaa6vfq4yi7ogXXXXd6ahdouq"
    "id" = "ocid1.availabilitydomain.oc1..aaaaaaaatrwxaoYYYYYfhcb7mxsfdq"
    "name" = "mKWN:US-ASHBURN-AD-1"
  },
  {
    "compartment_id" = "ocid1.tenancy.oc1..aaaaaaaa6vfq4yXXXdd6ahdouq"
    "id" = "ocid1.availabilitydomain.oc1..aaaaaaaaztuYYYxjjl2n3a"
    "name" = "mKWN:US-ASHBURN-AD-2"
  },
  {
    "compartment_id" = "ocid1.tenancy.oc1..aaaaaaaa6XXXX5vjqpsdd6ahdouq"
    "id" = "ocid1.availabilitydomain.oc1..aaaaaaaauvXXXXXohta"
    "name" = "mKWN:US-ASHBURN-AD-3"
  },
]
time-created = 2020-11-15 07:34:19.457 +0000 UTC

Reality Check

login to cloud console https://console.us-ashburn-1.oraclecloud.com/ and you should be able to see your newly created Ubuntu Instance attached with existing VNC