Note
Reference the following guide to find the ocid for tenancy_ocid, compartment_ocid, user_ocid, fingerprint, subnet_ocid, and private_key_path: https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/terraformproviderconfiguration.htm.
To get the OCID for Oracle Linux 8, visit the following link: https://docs.oracle.com/en-us/iaas/images/oracle-linux-8x/ is region specific as well as architecture specific, so you’ll want to find the latest Oracle Linux 8 image for x86 (or in other words, look for one without the aarch64 text in the image name).
Warning
Just be sure to add the terraform.tfvars file to your .gitignore list to avoid checking any sensitive information into version control.
12. Next, let’s run Terraform to see if we did everything correctly:
$ terraform init
$ terraform plan
$ terraform apply
The terraform init command initializes the working directory containing your Terraform project files and this should always be the first command that you run after you write a new Terraform configuration. After this, it is a good idea to run terraform plan as this will give you a chance to preview/verify the plan. During this command, Terraform will compare your real infrastructure against your configuration. Finally, running terraform apply will display the plan again, but it will additionally give you the chance to enter yes to perform any actions proposed by the plan.
When you see the prompt that asks you to Enter a value, go ahead and type yes, and then press Enter.
Important note
If you get a 401-NotAuthenticated error, make sure you’ve added your public key to the OCI console. This is the public key that pairs with private_key_path under the API Key Authentication method.
For help with adding your public key to the OCI console, visit https://docs.oracle.com/en-us/iaas/Content/API/Concepts/apisigningkey.htm#three.
13. If all goes well, you should be able to watch as your resources are created. Once this is complete, you’ll see a message like this:
Apply complete!
Resources: 3 added, 0 changed, 0 destroyed.
14. If you check the OCI console, you will see your newly created instance and you will be able to connect to it via the SSH key pair the Terraform code generated and stuffed inside the instances folder within your Terraform project.
This is easy enough to do, but why not automate a bit more so we don’t need to check the OCI console for the public IP address? All we need to do is add a bit more code to our main.tf file and we can really start to take things to the next level.
Go ahead and add the following code to your main.tf file:
Figure 8.16 – Terraform code that outputs connection details
15. Now that we have that in place, save your file and run terraform apply once more to see what this does:
$ terraform apply
Terraform will again compare your real infrastructure with your configuration, but this time, since most of our infrastructure is in place, it’s only going to propose adding one resource. When you see the Enter a value prompt, go ahead and type yes, and then press Enter.
16. Terraform will do its thing, and at the end, you’ll see output that provides instructions on how to SSH into the newly created instance. That should look a bit like this:
Figure 8.17 – Output of “terraform apply”
I realize that what we have just covered seems like a lot of information, but let’s consider what we’ve done here. We automated the deployment of an instance into the cloud. Every parameter is easily configurable within our terraform.tfvars file. Finally, trivial steps including generating SSH keys are also automated, and we even print a statement at the end that clearly instructs how to connect to the newly deployed instance. I hope you enjoyed this recipe and are starting to see the true value of IaC!
The source code for this recipe can be found at https://github.com/PacktPublishing/Oracle-Linux-Cookbook/tree/main/ch8/terraform.
