Setup vRealize Automation using Terraform
VMware has created a HashiCorp Terraform provider which can be used to set up your vRealize Automation (vRA) infrastructure, along with requesting deployments and consuming XaaS resources. This post will cover the basics of setting up vRA using Terraform.
The first two posts in this series cover the basics of Infrastructure as Code with vRA and Terraform along with creating your first Terraform configuration to deploy a vSphere virtual machine. To get started, have a read of the documentation available for either vRA 8 or vRA 7.
This post will assume that vRA 8 has been deployed using vRealize Suite Lifecycle Manager, the vIDM has been configured for the required external accounts and a Cloud Account and Cloud Zone have been created to reference a vSphere environment. The below will presume the default user account, in this case, "configadmin" has also been created and that the Terraform version is 0.14.11 which can be downloaded from here.
Create a vRA Project
Create a new file called "main.tf" and define the required_providers block to be used, in this case, "vra" and define the source and version. Following this, create a provider block called "vra" and reference the variables which we'll create next.
1terraform {
2 required_version = ">= 0.13"
3 required_providers {
4 vra = {
5 source = "vmware/vra"
6 version = "0.3.5"
7 }
8 }
9}
10
11provider "vra" {
12 url = var.url
13 refresh_token = var.refresh_token
14 insecure = var.insecure
15}
The next file is called "variable.tf" and it is where the variables are defined. Each variable block is created with the variable name, and it's best practice to define a description, type and default value.
1# Input variable: url
2variable "url" {
3 description = "The URL of the vRealize Automation environment either vRA 8.x or vRA Cloud"
4 type = string
5 default = "https://vra-fqdn"
6}
7
8# Input variable: refresh_token
9variable "refresh_token" {
10 description = "The refresh token to connect to the vRealize Automation environment"
11 type = string
12 default = ""
13}
14
15# Input variable: insecure
16variable "insecure" {
17 description = "Should SSL verification be skipped? true = skip ssl verification"
18 type = bool
19 default = "false"
20}
Create a new file called "projects.tf" and the first block to be created is a data source and for this we will retrieve the vRA Cloud Zone for the vSphere Cloud Zone which should already be created. The second block is a resource block, meaning that something will be created, in this case, a "vra_project". Provide a name and description as a variable, along with your configuration to assign your existing vRA Cloud Zone to your new project. The first field is the zone_id retrieved from the previously defined data source, followed by the priority, max number of instances, cpu limit, memory limit and storage limit. The next few lines are optional, and set if resources should be shared from this project to other projects, any administrators and members that need to be added, an operational timeout set at the project level in case of long running operations, and the machine naming template.
1data "vra_zone" "this" {
2 name = var.zone_name
3}
4
5resource "vra_project" "this" {
6 name = var.project_name
7 description = var.project_description
8
9 zone_assignments {
10 zone_id = data.vra_zone.this.id
11 priority = 1
12 max_instances = 5
13 cpu_limit = 16
14 memory_limit_mb = 16384
15 storage_limit_gb = 1024
16 }
17
18 shared_resources = false
19 administrators = ["flynnga@homelab.local"]
20 members = ["flynng@homelab.local"]
21 operation_timeout = 6000
22 machine_naming_template = "$${resource.name}-$${####}"
23}
With the "projects.tf" file now created, updated the "variables.tf" file with the new variables just used, to look like the below.
1# Input variable: url
2variable "url" {
3 description = "The URL of the vRealize Automation environment either vRA 8.x or vRA Cloud"
4 type = string
5 default = "https://vra-fqdn"
6}
7
8# Input variable: refresh_token
9variable "refresh_token" {
10 description = "The refresh token to connect to the vRealize Automation environment"
11 type = string
12 default = ""
13}
14
15# Input variable: insecure
16variable "insecure" {
17 description = "Should SSL verification be skipped? true = skip ssl verification"
18 type = bool
19 default = "false"
20}
21
22# Input variable: project_name
23variable "project_name" {
24 description = "vRA Project Name to be added to the project"
25 type = string
26 default = ""
27}
28
29# Input variable: project_description
30variable "project_description" {
31 description = "vRA Project Description to be added to the project"
32 type = string
33 default = ""
34}
35
36# Input variable: zone_name
37variable "zone_name" {
38 description = "vRA Zone Name to be added to the project"
39 type = string
40 default = ""
41}
The final step is to define the values of each variable. To do this, create a "variables.tfvars" file and enter your environmental details in the file, as per the example below. Remember, all *.tfvars files should not be stored in source control such as git, as the values will differ between environments.
1url = "https://vra8.homelab.local"
2refresh_token = "UhIlbUxsIgFEpzdRtjZxouQH57X61KON"
3insecure = false
4project_name = "Development Web App"
5project_description = "A project for the development environment of the web app"
6zone_name = "vcenter-1.homelab.local"
With all the files now created, run a "terraform plan" and confirm everything looks correct and that your new resource will be created, and then run "terraform apply".
Once the apply command has finished, in vRA you will see the new project created with the properties configured exactly as set in the "projects.tf" file.
Whilst this post only covers the creating of a vRA project, you can use this same process to configure most of vRA, with documentation available on the vRA Terraform provider here.