Provisioning with Tags on VMware Cloud on AWS using Terraform

4 minute read
Content level: Intermediate
2

This post shows how to use the Terraform vSphere Provider to configure and provision Virtual Machines on VMC with Tags.

Terraform Basics

  • Providers: Providers are a logical abstraction of an upstream API. They are responsible for understanding API interactions and exposing resources. You can find the exhaustive list of provider at Terraform Registry. We are using vSphere Provider for the example below. The vSphere provider can be used for Lifecycle management of VMware vSphere resources, including Virtual Machines, ESXi Hosts, Datastores, vSwitches, and more.

  • Resources: The objects on the platform which we create and manage using Infrastructure as a Code. Example Datastore, vSwitch etc. in vSphere and VPC, Subnets etc in AWS world.

  • Stages: There are 3 basic states for Terraform Code

    • Plan : It showcases the potential impact of the terraform code
    • Apply: Application of the code push the code to the platform.
    • Destroy: If you want to destroy what’s created

 

The article demonstrates how in a declarative fashion we can define VM configuration for a VMware Cloud on AWS environment. We are using vSphere Provider for the example below. The vSphere provider can be used for Lifecycle management of VMware vSphere resources, including Virtual Machines, Datastores, vSwitches, and more.

For TF code, you need to create 3 files

  • The var.tf : where you can declare your variables
  • The terraform.tfvars : where you can define the values of the variables like username, password, servername etc, so you don’t need to add the values in your main code
  • The main.tf :This is where you put your actual code.

 

Below code shows the data sources I have used in **main.tf **

provider "vsphere" {                                                                 # Calling the "vSphere" Provider
  user           = var.vsphere_user
  password       = var.vsphere_password                                 # Calling the variables defined in var.tf and terraform.tfvars
  vsphere_server = var.vsphere_server

  # If you have a self-signed cert
  allow_unverified_ssl = true
}

data "vsphere_datacenter" "dc" {
  name = "SDDC-Datacenter"                                                           # The "Datacenter" name in my VMC SDDC, where workload will be deployed
}

data "vsphere_datastore" "datastore" {      
  name          = "WorkloadDatastore"                                                # The "Datastore" name in my VMC SDDC, where workload will be deployed
  datacenter_id = data.vsphere_datacenter.dc.id
}

data "vsphere_resource_pool" "pool" {
  name          = "Puneet-Demo"                                                      # The "Resource Pool" name in my VMC SDDC, where workload will be deployed
  datacenter_id = data.vsphere_datacenter.dc.id
}

data "vsphere_network" "network" {
  name          = "Puneet-Web/App"                                                   # The "Network Segment" name in my VMC SDDC, where workload will be deployed
  datacenter_id = data.vsphere_datacenter.dc.id
}

 

VMC vCenter Inventory Pane vCenter Network Segment

 

Once the Data Sources are defined, we need to define the resource configurations.  

I have used tags based resource configuration for the Virtual machine I intend to provision *“vSphere_tag_category” “vsphere_tag”. * This allows you to create a Tag and Tag Category for the Virtual Machine.

Also important to note that I have used “firmware” parameter under “vSphere_Virtual_Machine” resource. “firmware” is an Optional Parameter and the default value is “bios”. But for Windows Machine provisioning like Win2K16 or Win2K19, you need to change it to “efi” or Windows Machine provisioning will not happen.  

resource "vsphere_tag_category" "category" {
  name = "VMC"
  cardinality = "SINGLE"
  associable_types = ["VirtualMachine"]
}                                                                                   # The "Tag Category" and "Tag" created while provisiong of Virtual Machine
 
resource "vsphere_tag" "tag" {
  name        = "Web"
  category_id = vsphere_tag_category.category.id
}

resource "vsphere_virtual_machine" "vm" {
  name             = "VMC-Demo"
  resource_pool_id = data.vsphere_resource_pool.pool.id
  datastore_id     = data.vsphere_datastore.datastore.id
  folder            = "Workloads/Terraform"                                         # The "Folder" name, where the VM will be created
  tags              = [vsphere_tag.tag.id]
  firmware         = "efi"                                                          # The firmware mode changed to "EFI" for Windows. The default is "BIOS"

  num_cpus = 2
  memory   = 4096
  guest_id = data.vsphere_virtual_machine.template.guest_id
  scsi_type = data.vsphere_virtual_machine.template.scsi_type

  network_interface {
    network_id = data.vsphere_network.network.id
    adapter_type = data.vsphere_virtual_machine.template.network_interface_types[0]

 

I have set the Network Segment in VMC Console as DHCP enabled hence I don’t need to define IP Address, Subnet and Gateway details in the Clone configuration section. But in case you want to define static Network credentials, you can follow the example on this link: https://www.terraform.io/docs/providers/vsphere/r/virtual_machine.html

Once the TF code is ready, the next step is to execute the following

  • terraform plan
  • terraform apply

 

Result:

TF code provisions a VM from the template you chose in your declared VMC SDDC, with Tags, picking an IP address from the Subnet Range (through DHCP)

 

Provisioned VM with Tags

profile pictureAWS
EXPERT
published 10 months ago1090 views
2 Comments

Hi,

In the above example, what permission in SDDC is the user executing the Terraform code as? 'CloudAdmin' role or 'Administrator' role?

mkn
replied 9 months ago

I used "CloudAdmin" credentials for the above example.

profile pictureAWS
EXPERT
replied 9 months ago