Daily Archives: March 20, 2020

Onboard Tenants on Cloud Director in less than 5 Minutes using vCD Terraform Provider

Posted on by
2

In continuation to my last post, In this post we are going to onboard a tenant using vCloud Director Terraform provider , there are five things that we are going to do:

avn

  • Create a new Organisation for the Tenant
  • Create a new Organisation Administrator for this Tenant
  • Create a new Organisation VDC for the Tenant
  • Deploy a new Edge gateway for the Tenant
  • Create a new routed Network for the Tenant

Code for New Organisation:

So in this section , we are going to create a new organisation names “T3” which is enabled to use, This section creates a new vCloud Organisation by specifying the name, full name, and description.

#Create a new org names "T3"
resource "vcd_org" "org-name" {
  name             = "T3"
  full_name        = "My organization"
  description      = "The pride of my work"
  is_enabled       = "true"
  delete_recursive = "true"
  delete_force     = "true"
}

Code for Creating Organisation Administrator:

Once as a provider you created Org, this org need an admin, below code will create local org admin. In this code everything is self explanatory but few important parameters explained here:

  • Resource Type -> “vcd_org_user”
  • org & name -> these are variable, referred in variable file.
  • role -> role assigned to this user
  • password -> initial password assigned
  • depends_on -> Explicit dependencies that this resource has. These dependencies will be created before this resource
#Create a new Organization Admin
resource "vcd_org_user" "org-admin" {
org = var.org_name #variable referred in variable file 
name = var.org_admin #variable referred in variable file
description = "a new org admin"
role = "Organization Administrator"
password = "change-me"
enabled = true
email_address = "avnish@t3company.org"
depends_on = [vcd_org.org-name]
}

Code for Creating new Organisation VDC:

So till now we created Org and Org admin , next is to create a organisation virtual data center , so that tenant can provision VMs, Containers and Applications. few important configuration parameters to consider:

  • name -> T3-vdc
  • Org -> T3
  • Allocation Pool -> Pay as you go (represented as “AllocationVApp”).
  • network_pool_name -> Network pool name as defined during provider config.
  • provider_vdc_name -> Name of Provider VDC name.
  • Compute & Storage -> Define compute and storage allocation.
  • VM_quota -> Maximum no. of vms can be provisioned in to this VDC
  • network_quota -> Maximum no of networks can be created.
# Create Org VDC for above org
resource "vcd_org_vdc" "vdc-name" {
  name        = var.vdc_name
  description = "The pride of my work"
  org         = var.org_name #variable referred in variable file
  allocation_model = "AllocationVApp"
  network_pool_name = "PVDC-A-VXLAN-NP"
  provider_vdc_name = "PVDC-A"
  compute_capacity {
    cpu {
      limit = 0
    }
    memory {
      limit = 0
    }
  }
  storage_profile {
    name     = "*"
    limit    = 10240
    default  = true    
  }
  metadata = {
    role    = "For Customer T3"
    env     = "staging"
    version = "v1"
  }  
  vm_quota                 = 10 #Max no. of VMs 
  network_quota            =  100
  enabled                  = true
  enable_thin_provisioning = true
  enable_fast_provisioning = true
  delete_force             = true
  delete_recursive         = true
depends_on = [vcd_org.org-name]
}

Code for Creating Edge Gateway for Tenant

This next section creates a new vCloud Organisation Edge Gateway by specifying the name, full name, and description. Provider configures an edge gateway to provide connectivity to one or more external networks.

  • Configuration -> compact
  • Advanced -> this will be an advance edge
  • distributed_routing -> distributed routing is enabled
  • external_network ->  uplink information towards DC exit.
  • You will notice there is a ‘depends_on’ setting. This means that this resource depends on the resource specified before executing.
resource "vcd_edgegateway" "egw" {
  org = var.org_name #variable referred in variable file
  vdc = var.vdc_name #variable referred in variable file
  name                    = var.edge_name
  description             = "T3 new edge gateway"
  configuration           = "compact"
  advanced                = true
  distributed_routing     = true
  external_network {
    name = "SiteA-ExtNet"
    subnet {
      ip_address            = "192.168.100.20"
      gateway               = "192.168.100.1"
      netmask               = "255.255.255.0"
      use_for_default_route = true
    }
  }
depends_on = [vcd_org_vdc.vdc-name]
}

Code for Creating Organisation Routed Network

An organization VDC network with a routed connection provides controlled access to machines and networks outside of the organization VDC. System administrators (Providers) and organization administrators can configure network address translation (NAT) and firewall settings on the network’s Edge Gateway to make specific virtual machines in the VDC accessible from an external network. Things to consider:

  • resource -> must be of type “vcd_network_routed”
  • Define other networking information
resource "vcd_network_routed" "net" {
org = var.org_name #variable referred in variable file
vdc = var.vdc_name #variable referred in variable file
name = "T3-Routed-net"
edge_gateway = var.edge_name 
gateway = "10.10.0.1"
dhcp_pool {
start_address = "10.10.0.2"
end_address = "10.10.0.100"
}
static_ip_pool {
start_address = "10.10.0.152"
end_address = "10.10.0.254"
}
depends_on = [vcd_edgegateway.egw]
}

Putting it all together:

So i have put all this code in to a single file and also created a variable file, which will allow providers to on-board a new Tenant less then “5 minute” , provider admin just need to update few parameters in to the variable file like:

  • org_name -> Tenant organisation name
  • vcd_name -> Tenant Org VDC Name
  • edge_name -> Tenant N/S router name
  • org_admin -> Org Admin name

15

Once you input the parameters, run terraform plan and Apply the plan, this enitre process should not take more than 5 minutes to complate.

  • Terraform Plan -out f1.tfplan
    • 16
  • Terraform apply “f1.tfplan”
    • 17

Result:

As described above all five tasks related to a Tenant on-boarding got successfully completed and if you notice highlighted boxes , everything is over in less than 2 minutes, isn’t it awesome ?

18

Here i am attaching variable and code file , which you can use it in your environment by just changing variable file contents like , org_name , vdc_name etc..which i explained above. pls try these files in to a non-prod environment and make your self comfortable before doing it in production.Here is the Code file to download – Terraform.zip. Please share feedback , suggestion any in the comment section…

 

Advertisement