We have covered multiple blogs on how to use Terraform to help automate the provisioning of environments and treat your Infrastructure as Code. Until now, for PaaS stacks, we have used Terraform together with Oracle PaaS Service Manager (PSM) CLI. This gives us great flexibility to script our own tailored PaaS stacks the way we want them. However, with flexibility comes responsibility, and in this case, if we choose to use PSM CLI, it’s up to us to script the whole provisioning/decommission of components that make up the stack. As well as what to do if we encounter an error half-way through, so that we leave things consistently.
A simpler way to provision PaaS stacks is by making use of Oracle Cloud Stack, that treats all components of the stack as a single unit, where all sub-components are provisioned/decommissioned transparently for us. For example, Oracle Integration Cloud (OIC) stack, is made of Oracle DB Cloud Service (DBCS), Integration Cloud Service (ICS), Process Cloud Service (PCS), Visual Builder Cloud Service (VBCS), IaaS, storage, network, etc. If we use Oracle Cloud Stack to provision an environment, we only have to pass a YAML template with the configuration of the whole stack and then, Cloud Stack handles the rest. Pretty awesome huh?
Similarly, as we have done in the past, we are going to use a “Build Server”. This will be used as a platform to help us provision our PaaS stacks. When provisioning this “Build Server”, I will add all the tooling it requires as part of its bootstrap process. For this, I am using Vagrant + Terraform, so that I can also treat my “Build Server” as “infrastructure as code” and I can easily get rid of it, after I built my target PaaS stack.
This is a graphical view of what I will be doing in this blog to provision an OIC stack via Cloud Stack:
Before we start
In this blog I assume that:
- It is advisable that you are familiar with Vagrant. If not, it will take you 5-very-well-spent minutes. Click here.
-
I also encourage you to read the previous blogs, which I am building on top.
- How to use Vagrant and Terraform, click here.
- How to use PSM CLI, click here.
- How to provision OIC with PSM CLI, click here.
-
You already have an Oracle Cloud account. In case you don’t, request a free trial: https://cloud.oracle.com/tryit
Create your Build Server:
For this exercise, I am going to use the Vagrant Box that I made available in my devops Git repo. Also, in order to get it in the first place, I assume that you have already Git installed on your Host OS.
To create the build server in the first place:
-
Clone my devops repository:
-
Move into the buildServer directory:
cd devops/buildServer
-
Now, start your vagrant box:
vagrant up
Note: Give it some time the first time. It will download the Box and install all dependencies. Subsequent times will be much faster.
- Once it finishes, as per the bootstrap process, your Vagrant VM is going to come with Git and Terraform ready to go.
-
Vagrant ssh into it.
vagrant ssh
-
Once in your guest VM, move to /vagrant
cd /vagrant
-
Create a folder called ssh and bring your SSH private and public keys. Call them: “myPublic_sshKey.pub” and “myPrivate_sshKey” (or adjust accordingly at variables.tf)
- Rename/Copy “terraform.tfvars_sample” to “terraform.tfvars“,
cp terraform.tfvars_sample terraform.tfvars
-
Open “terraform.tfvars” and set your variables, depending on where you want to deploy your “Build Server”.
Note: Have a look at this blog if you need assistance to know how to configure your VM image (i.e. I use Ubuntu, but you can use whatever you want).
-
Rename/Copy “scripts/psm_config/psm_setup_config.json_sample” to “scripts/psm_config/psm_setup_config.json” (or adjust accordingly at terraform.tfvars)
cp scripts/psm_config/psm_setup_config.json_sample scripts/psm_config/psm_setup_config.json
-
Open “scripts/psm_config/psm_setup_config.json” and set your variables, depending on where you want to target your PaaS services.
-
That’s it, now simply apply the Terraform plan to build your Build Server into the Oracle Cloud:
terraform apply
- Validate the Terraform plan and if all is right, accept by typing yes + enter
- Terraform is going to start building the storage, network, security rules and ultimately the Build Server compute VM instance. You can keep track of the progress by looking at the console output or by browsing through the various Compute consoles tab in your browser. It will take like a minute or two. Once it finishes, it will show you in green the Public IP Address for your Build Server.
-
Your Build Server is ready to go. It comes out-of-the box with:
- Terraform
- PSM CLI (fully setup, pointing to your target Oracle Public Cloud account as indicated in the psm_setup_config.json file)
- Python3
- Pip
- Git
- Etc.
-
Since you used your public key to create the VM, now you can ssh into it using your private key.
ssh -i myPrivateKey ubuntu@IP_ADDRESS
- Congratulations, your Build Server is ready. Now we can create any type of Oracle PaaS you need. For example, in this case, let’s build a new Oracle Integration Cloud environment.
Let’s provision Oracle Integration Cloud (OIC) stack with Cloud Stack and Terraform
Once that you have created your Build Server and have ssh into it, let’s provision a new PaaS environment such as Oracle Integration Cloud (OIC)
-
In your new Build Server, choose a folder to once again git clone my devops repo.
git clone https://github.com/solutionsanz/devops.git
Note: Previously we Git cloned devops repo in a Vagrant Box locally on your laptop, this time we are doing it inside the new Build Server VM that we just provisioned.
-
This time go into the provisionPaaS directory:
cd devops/ provisionPaaS
-
Create a folder called ssh and bring your public SSH key. Call it: “myPublic_sshKey.pub“
- Rename/Copy “terraform.tfvars_sample” to “terraform.tfvars“,
cp terraform.tfvars_sample terraform.tfvars
- Open “terraform.tfvars” and set your variables, depending on where you want to deploy your OIC environment.
-
Now, inside the templates folder, you will find sample YAML files that will ultimately configure your new PaaS stack. In this case, for OIC, we are going to use “ProdCastleOIC-template.yaml“. Although I tried to parameterise with @XXX@ notations all those values that are more likely to change, I still encourage you to have a good look at the different configuration settings and make sure that they match your requirements. Especially in terms of region, api, shapes, editions, sizes, feature set, versions, etc. In my case I used Chicago DC in US.
For OIC, these are the 2 files that you want to look at:
- ProdCastleOIC-template.yaml: This template contains the configuration for all the OIC sub components, e.g. DBCS and IC configurations. Have a look at all default values and make sure all parameters are set properly. Theses values are automatically replaced at runtime by using the values provided in your terraform.tfvars file. These values are passed by terraform main.tf file.
- ProdCastleOIC-destroy.json: This template contains the OIC configuration to be applied when destroying/decommissioning the OIC stack. Similarly, as with the previous configuration file, the values are automatically replaced at runtime by using the values provided in your terraform.tfvars file. These variables are passed by terraform main.tf file.
-
Once you feel comfortable with your stack template, go to the top provisionPaaS directory and run terraform init to download and configure the providers being used i.e. opc and null:
terraform init
-
Then apply the Terraform plan:
terraform apply
Review and accept the changes by typing yes + enter
- First, it is going to create the required stack pre-requisites, such as Object storage, network configuration, DB, etc… But we don’t have to know about it, all is handled transparently by Cloud Stack. Yes, I know, it is awesome!!!
- After a little while, your new OIC stack (or any other stack you chose to provision) will be ready to go with all its dependencies:
- If you want to get rid of it, simply do a terraform destroy from your Build Server and it will go as a single unit.
Feel free to go to Oracle Cloud Stack console and browse across lots of PaaS stacks templates that Oracle maintains up to date and makes available for us to provision via the browser or automate like what we did with Terraform in this blog. There are templates for both Autonomous and Non-autonomous stacks.
For example:
Congratulations!!! You have enough to start provisioning your own OIC stacks or bring your own Cloud Stack template to provision any other PaaS stack (autonomous or not).
I will keep publishing more blogs as I keep adding templates for other stacks, e.g. API Platform, OMCe, DIPC, Visual Builder, etc. So, you better stay tuned!
I hope you found this blog useful. If you have any question or comment, feel free to contact me directly at https://www.linkedin.com/in/citurria/
Thanks for your time.