ArticlesC2 Spring 2022CloudDevOpsHPE GreenLake Infrastructure-as-code on HPE GreenLake using Terraform by Didier Lalli March 27, 2022 written by Didier Lalli [vc_row][vc_column][vc_column_text] The process of managing and provisioning computer data centers through machine-readable definition files, otherwise known as Infrastructure-as-Code (IaC), offers many significant benefits. It helps to increase operational agility, simplify management, reduce errors, and save cost. In this post, I’ll explore some of the benefits of using IaC on HPE GreenLake through the use of Terraform. Let’s harness some of the benefits of Infrastructure as Code One of the superpowers of IaC is its repeatability, the fact that you can set something up once and then use the same information in multiple ways. Implementing IaC allows organizations to store configuration files describing the desired infrastructure as a single source of truth. It also allows you to apply the DevOps methodology that’s already in place for application code directly to the infrastructure. For example, configuration files can be stored and managed through GitHub using the same way your DevOps team manages the application code. This concept is often called “Shifting Left”, as you are describing the infrastructure to host an application earlier (left) in the delivery pipeline of the application. This allows for easier and more consistent deployments of infrastructure across the complete infrastructure landscape of an organization. HPE GreenLake HPE GreenLake is HPE’s edge-to-cloud platform. The HPE GreenLake platform provides a unified experience wherever your applications and their data are located on the edge, in colocations, or in your own data center. This cloud experience everywhere includes the following capabilities: Self-service Infinite scalability Pay-as-you-go Managed for you HPE GreenLake Cloud Services The HPE GreenLake ecosystem provides solutions for several top workloads such as containers, Machine Learning, private cloud, virtual machines, SAP HANA, HPC, VDI, and many more. This page on HPE GreenLake cloud services and ecosystem provides a complete list. The ecosystem also leverages many technologies from HPE partners such as Microsoft, VMware, SAP, Nutanix, Veeam, and others. HPE GreenLake for private cloud One of the options provided by HPE GreenLake is to make it easy for customers to order and operate a private cloud with a mix of virtual machines, containers, and physical servers. This is exactly what the private cloud Service is all about. This service allows customers to point and click to create resources such as virtual machines. It also provides access via a public API, allowing developers to use an Infrastructure-as-Code type of tool to automate provisioning, for example using Terraform. Terraform Terraform is an open-source Infrastructure-as-Code framework originally created by HashiCorp that is written in Go. It uses a declarative language (HashiCorp Configuration Language HCL or JSON more recently) to describe the desired state of the infrastructure in terms of cloud, virtual machines, networks, storage, and many other components. Terraform uses the concept of “providers” to integrate with all major public clouds. Terraform is a so-called idempotent system in the sense that it doesn’t generate any side effects if applied multiple times on an infrastructure already in its desired state. Terraform has gained quite the momentum in the last few years. Its main competition is Ansible, Amazon Cloud Formation, Puppet, and Chef. Readying for your Infrastructure-as-Code implementation Terraform installation Your first step is to get your system ready to run Terraform. In case this has not been done yet, this will include: Installing Terraform: follow these steps Verifying installation: terraform –help Initializing Terraform in a new empty folder: terraform init At this point, you are ready to start building your infrastructure description file. Building a Terraform configuration file from scratch Let’s start building this TF file using your favorite editor. Selecting a Terraform provider The first section of the file will enumerate the “providers” you rely upon for building your infrastructure, and they could be multiple providers in a single TF file. In this case here, you will only have the HPE GreenLake provider referenced as hewlettpackard/hpeg in the official Terraform registry. The first lines of your Terraform configuration file should look like this: # Load HPE GreenLake terraform provider terraform { required_providers { hpegl = { source = "hewlettpackard/hpegl" version = "0.1.0-beta7" } } } You can find out more about the HPE GreenLake Terraform provider from its Terraform Registry page. This page also provides a link to the GitHub repository corresponding to this provider. The doc folder is your best source of information for using the different data sources and resources provided by the provider. If you navigate to the resources section, you will see that one resource you can manipulate with this provider is a VM instance. Let’s focus on this resource in this article. Note: Because this is open source, don’t hesitate to open issues, or even a pull request, if you identify an issue. Setting up the Terraform provider Now that you have expressed the fact that the hpegl provider will be used, you need to set up some parameters for it. As explained on this page, you can either explicitly set those parameters in your TF file, or have them set in a series of environment variables, or a mix of both. I suggest the following two parameters be added in your TF file: # Setup provider environment (location and space) provider "hpegl" { vmaas { location = "HPE" space_name = "TerraForm Space" } } And the rest (such as tenant id, user id, and user secret key) can be placed in an RC file, which you can source before running your Terraform command. You can find your location and your space name from the HPE GreenLake user interface. In our example shown below, HPE is our location: And in the capture below, Terraform Space is the space we have created for our work with Terraform. You can check your available Spaces from the GreenLake console under your profile icon, Change space. [/vc_column_text][vc_empty_space][/vc_column][/vc_row][vc_row penci_el_width=”width-1080″ penci_show_desk=”1″ penci_show_tablet=”1″ penci_show_mobile=”1″ penci_css=”.vc_custom_1647532756286{border-top-width: 10px !important;border-right-width: 10px !important;border-bottom-width: 10px !important;border-left-width: 10px !important;border-left-color: #8c8c8c !important;border-right-color: #8c8c8c !important;border-top-color: #8c8c8c !important;border-bottom-color: #8c8c8c !important;}”][vc_column][vc_column_text css=”.vc_custom_1647532967283{margin-top: 20px !important;margin-right: 20px !important;margin-bottom: 20px !important;margin-left: 20px !important;border-top-width: 10px !important;border-right-width: 10px !important;border-bottom-width: 10px !important;border-left-width: 10px !important;padding-top: 10px !important;padding-right: 10px !important;padding-bottom: 10px !important;padding-left: 10px !important;border-left-color: #000000 !important;border-left-style: solid !important;border-right-color: #000000 !important;border-right-style: solid !important;border-top-color: #000000 !important;border-top-style: solid !important;border-bottom-color: #000000 !important;border-bottom-style: solid !important;border-radius: 2px !important;}”] New for 2022: HPE DEV Meetups The HPE DEV team is happy to announce another opportunity to come and learn with us in 2022 called HPE DEV Meetups. These sessions will complement the continuing HPE DEV Munch & Learn Technology Talks that started in 2021. The HPE DEV Munch & Learn Technology Talks were designed to provide industry thought-leadership insights on today’s newest technologies. They proved quite successful with a grand total of 1,415 participants attending the 11 sessions that were held this past year. Participants of these sessions indicated that, while they enjoyed and wished to continue attending Munch & Learn sessions, they also needed an opportunity to dive in deep and more fully explore specific projects or products. The new HPE DEV Meetups are designed to fill that gap, covering topics that sit at the intersection of development and open source. The cadence for these meetups will be monthly, occurring the last week of every month. The first meetup was held on January 26th, 5PM CET (8AM PST). Entitled Quarkus – Supersonic Subatomic Java, it was delivered by Dimitris Andreadis, Engineering Director at Red Hat. The next session was held on February 23rd and covered Streamlit – the fastest way to build and share data science apps. The session was delivered by Arnaud Miribel, a machine learning engineer at Streamlit.io. You can catch replays of these sessions and see what’s coming next in our HPE DEV Meetups calendar. As you can see, we are already off to a good start and will continue to look for the best possible speakers inside and outside of HPE to cover the most relevant topics for developers and open source enthusiasts. Please check our HPE DEV Meetup calendar page for the complete list of registration links. We will continue to post links to replays once they are available. We hope you will join us and continue to expand your skills and expertise. [/vc_column_text][vc_empty_space][/vc_column][/vc_row][vc_row][vc_column][vc_column_text] Setting up a API Client access Next, you need to create a new API Client access dedicated to Terraform. You can do this from the HPE GreenLake console under your settings icon, identity & Access, and then the API Clients tab. Create a new API Client (hpedev-hackshack-terraform in the screen capture above), and make sure the Tenant Contributor and Tenant Owner roles are assigned on your space. Make note of the client id and the Issuer URL as shown in the capture below. Note: You need to remember the API Client secret key, as it’s not displayed anymore after creation. Finally, you’ll need your Tenant ID as shown from the HPE GreenLake console under your profile icon, API Access With this you can now build a resource file that defines the following environment variables: export HPEGL_TENANT_ID=<Your Tenant ID> export HPEGL_USER_ID=<Client ID of the API Client> export HPEGL_USER_SECRET=<Secret Key displayed when you created the API Client> export HPEGL_IAM_SERVICE_URL=<Issuer URL> And execute it on your machine to set these environment variables. Querying for infrastructure components Your next step with the TF file is to query the HPE GreenLake provider to collect information needed to create your first VM instance. From the documentation, you can see that you need to gather the following information: Cloud ID Group ID Layout ID Plan ID Instance type code Network ID Resource Pool ID Template ID Folder Code For this, you will use the Terraform data statements. For example, the following statement retrieves the Cloud ID and stores it (in variable called cloud), which we can later use with: data.hpegl_vmaas_cloud.cloud.id # Retrieve cloud id data "hpegl_vmaas_cloud" "cloud" { name = "HPE GreenLake VMaaS Cloud-Trial4 " } Using a similar technique, you can retrieve the rest of the data you need: # And a few networks data "hpegl_vmaas_network" "blue_net" { name = "Blue-Network" } data "hpegl_vmaas_network" "green_net" { name = "Green-network" } data "hpegl_vmaas_cloud_folder" "compute_folder" { cloud_id = data.hpegl_vmaas_cloud.cloud.id name = "ComputeFolder" } # Locate a resource pool data "hpegl_vmaas_resource_pool" "cl_resource_pool" { cloud_id = data.hpegl_vmaas_cloud.cloud.id name = "ComputeResourcePool" } # And a group data "hpegl_vmaas_group" "default_group" { name = "HPEDEV-HackShackTenant-Group" } # Locate a plan data "hpegl_vmaas_plan" "g1_small" { name = "G1-Small" } # A layout data "hpegl_vmaas_layout" "vmware" { name = "VMware VM with vanilla CentOS" instance_type_code = "glhc-vanilla-centos" } # And a template data "hpegl_vmaas_template" "vanilla" { name = "vanilla-centos7-x86_64-09072020" } You can get information about each of the data statements supported by the hpegl provider from GitHub. Creating a VM resource The last step is to use a Terraform resource statement to request the creation of a new VM instance: resource "hpegl_vmaas_instance" "DidierTest1" { name = "DidierTest1" cloud_id = data.hpegl_vmaas_cloud.cloud.id group_id = data.hpegl_vmaas_group.default_group.id layout_id = data.hpegl_vmaas_layout.vmware.id plan_id = data.hpegl_vmaas_plan.g1_small.id instance_type_code = data.hpegl_vmaas_layout.vmware.instance_type_code network { id = data.hpegl_vmaas_network.green_net.id } volume { name = "root_vol" size = 15 datastore_id = "auto" } config { resource_pool_id = data.hpegl_vmaas_resource_pool.cl_resource_pool.id template_id = data.hpegl_vmaas_template.vanilla.id no_agent = true asset_tag = "vm_terraform" folder_code = data.hpegl_vmaas_cloud_folder.compute_folder.code } power = "poweron" } Note: You can get information about each of the resource statements supported by the hpegl provider from GitHub. Terraform ready to plan To validate your configuration file, I recommend running the plan command as you add sections to your file. The terraform plan command will check for syntax errors and provide information about what will be created when the terraform apply method is used. Didiers-MacBook-Pro:Terraform lalli$ terraform plan Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create Terraform will perform the following actions: # hpegl_vmaas_instance.DidierTest1 will be created + resource "hpegl_vmaas_instance" "DidierTest1" { + cloud_id = 1 + containers = (known after apply) + group_id = 3 + history = (known after apply) + hostname = (known after apply) + id = (known after apply) + instance_type_code = "glhc-vanilla-centos" + layout_id = 1159 + name = "DidierTest1" + plan_id = 402 + power = "poweron" + server_id = (known after apply) + status = (known after apply) + config { + asset_tag = "vm_terraform" + folder_code = "1" + no_agent = true + resource_pool_id = 1 + template_id = 573 } + network { + id = 6 + internal_id = (known after apply) + is_primary = (known after apply) + name = (known after apply) } + volume { + datastore_id = "auto" + id = (known after apply) + name = "root_vol" + root = true + size = 10 } } Plan: 1 to add, 0 to change, 0 to destroy. If you agree with the plan, and what is going to be created, you can move to the last step, i.e. applying the configuration. Terraform ready to apply The command you need to use is now: terraform apply. This will rerun the plan command, then prompt you to confirm before it starts building what’s in the plan: Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes hpegl_vmaas_instance.DidierTest1: Creating... hpegl_vmaas_instance.DidierTest1: Still creating... [10s elapsed] hpegl_vmaas_instance.DidierTest1: Still creating... [20s elapsed] hpegl_vmaas_instance.DidierTest1: Still creating... [30s elapsed] hpegl_vmaas_instance.DidierTest1: Still creating... [40s elapsed] hpegl_vmaas_instance.DidierTest1: Still creating... [50s elapsed] hpegl_vmaas_instance.DidierTest1: Still creating... [1m0s elapsed] hpegl_vmaas_instance.DidierTest1: Still creating... [1m10s elapsed] hpegl_vmaas_instance.DidierTest1: Still creating... [1m20s elapsed] hpegl_vmaas_instance.DidierTest1: Still creating... [1m30s elapsed] hpegl_vmaas_instance.DidierTest1: Still creating... [1m40s elapsed] hpegl_vmaas_instance.DidierTest1: Still creating... [1m50s elapsed] hpegl_vmaas_instance.DidierTest1: Still creating... [2m0s elapsed] hpegl_vmaas_instance.DidierTest1: Creation complete after 2m9s [id=145] Apply complete! Resources: 1 added, 0 changed, 0 destroyed. If you open your HPE GreenLake console to monitor the VM resources, you will see the effect of the terraform apply command: Cleaning it all up In Terraform, clean-up can be done using the destroy command. This will automatically use the HPE GreenLake provider to clean the infrastructure in HPE GreenLake. Didiers-MacBook-Pro:Terraform lalli$ terraform destroy hpegl_vmaas_instance.DidierTest1: Refreshing state... [id=145] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: - destroy Terraform will perform the following actions: # hpegl_vmaas_instance.DidierTest1 will be destroyed - resource "hpegl_vmaas_instance" "DidierTest1" { - cloud_id = 1 -> null - containers = [ - { - container_type = [ - { - name = "vanilla-centos7-node" }, ] - external_fqdn = "didiertest1.localdomain" - hostname = "didiertest1" - id = 145 - ip = "172.17.70.29" - max_cores = 1 - max_memory = 4294967296 - max_storage = 16106127360 - name = "DidierTest1_145" - server = [ - { - compute_server_type = [ - { - external_delete = true - managed = true - name = "VMware Linux VM" }, ] - date_created = "2022-02-23T14:42:10Z" - id = 151 - last_updated = "2022-02-23T22:05:33Z" - owner = [ - { - username = "hpedev-hackshack-terraform" }, ] - platform = "" - platform_version = "" - server_os = [ - { - name = "centOS 7 64-bit" }, ] - ssh_host = "172.17.70.29" - ssh_port = 22 - visibility = "private" }, ] }, ] -> null - group_id = 3 -> null - history = [ - { - account_id = 2 - created_by = [ - { - display_name = "hpedev-hackshack-terraform" - username = "hpedev-hackshack-terraform" }, ] - date_created = "2022-02-23T14:42:11Z" - display_name = "DidierTest1" - duration = 54873 - end_date = "2022-02-23T14:43:06Z" - id = 1191 - instance_id = 145 - last_updated = "2022-02-23T14:43:06Z" - percent = 100 - process_type = [ - { - code = "provision" - name = "provision" }, ] - reason = "" - start_date = "2022-02-23T14:42:11Z" - status = "complete" - status_eta = 0 - unique_id = "dc48d7f7-f564-46b7-b60f-67eaf5193f38" - updated_by = [ - { - display_name = "hpedev-hackshack-terraform" - username = "hpedev-hackshack-terraform" }, ] }, ] -> null - id = "145" -> null - instance_type_code = "glhc-vanilla-centos" -> null - layout_id = 1159 -> null - name = "DidierTest1" -> null - plan_id = 402 -> null - power = "poweron" -> null - server_id = 151 -> null - status = "running" -> null - config { - asset_tag = "vm_terraform" -> null - create_user = false -> null - folder_code = "group-v41" -> null - no_agent = true -> null - resource_pool_id = 2 -> null - template_id = 573 -> null } - network { - id = 7 -> null - interface_id = 0 -> null - internal_id = 197 -> null - is_primary = true -> null - name = "eth0" -> null } - volume { - datastore_id = "auto" -> null - id = 282 -> null - name = "root_vol" -> null - root = false -> null - size = 15 -> null } } Plan: 0 to add, 0 to change, 1 to destroy. Do you really want to destroy all resources? Terraform will destroy all your managed infrastructure, as shown above. There is no undo. Only 'yes' will be accepted to confirm. Enter a value: Enter a value: yes hpegl_vmaas_instance.DidierTest1: Destroying... [id=145] hpegl_vmaas_instance.DidierTest1: Still destroying... [id=145, 10s elapsed] hpegl_vmaas_instance.DidierTest1: Still destroying... [id=145, 20s elapsed] hpegl_vmaas_instance.DidierTest1: Still destroying... [id=145, 30s elapsed] hpegl_vmaas_instance.DidierTest1: Still destroying... [id=145, 40s elapsed] hpegl_vmaas_instance.DidierTest1: Still destroying... [id=145, 50s elapsed] hpegl_vmaas_instance.DidierTest1: Still destroying... [id=145, 1m0s elapsed] hpegl_vmaas_instance.DidierTest1: Destruction complete after 1m7s Destroy complete! Resources: 1 destroyed. What’s next? In this blog post, I covered how to get started with the Terraform provider for HPE GreenLake, explained how to collect data from the platform, and showed how to request the creation of a VM instance. In my next article, I will apply changes to the configuration of the infrastructure configuration file and demonstrate how the desired state is automatically tracked by Terraform and applied to HPE GreenLake. Learn more about Terraform Learn more about HPE GreenLake Learn more about the HPE GreenLake Terraform provider Find other tutorials and articles on HPE GreenLake on the HPE DEV blog. Continue Reading March 27, 2022 0 comment 0 FacebookTwitterPinterestEmail