VES Terraform Provider

Overview

Volterra terraform provider is used to expose Volterra Services public objects as terraform resources. The provider is responsible for interacting with VES objects in the backend.


Prerequisites

Minimum

  1. Volterra VES account

  2. Terraform
  3. OpenSSL

Configuring the Volterra Provider

Volterra Provider can be configured either by:

  • PCKS file (p12) and password
  • Private key and certificate.

P12 file can be created and downloaded from API credentials section of your Volterra tenant. P12 file can only be downloaded (auto-downloaded) when it is created

Login to Volterra Console and create API credentials [navigate to "system" namspace --> IAM --> API Credentials]

To extract the certificate and private key out of the P12 file:

openssl pkcs12 -in <input-p12-file> -nodes -nokeys -out <output cert file>
openssl pkcs12 -in <input-p12-file> -nodes -nocerts -out <output key file>

Example Usage (with p12 file and password)

provider "volterra" {
  api_p12_file     = "${var.api_p12_file}"
  api_p12_password = "${var.api_p12_password}"
  tenant           = "${var.tenant_name}"
}

Example Usage (with private key and certificate)


provider "volterra" {
  api_cert = "${var.api_cert}"
  api_key  = "${var.api_key}"
  tenant   = "${var.tenant_name}"
}

Configuring Volterra Resources

Volterra resources creation, read, update and deletion functionalities are defined as part of terraform provider. Internally it maps terraform lifecycle operation to Volterra’s public API operations.
Below is an example of configuring volterra’s endpoint resource using terraform


resource "volterra_endpoint" "volterra_ep" {
  name     = "webapp-nodejs-ep"
  namespace = "demo3"

  endpoint_address {
    dns_name = "www.apache.org"
  }
  port = 80
  endpoint_classifier {
    ref_or_selector {
        site {
            ref {
                name      = "ny8-nyc"
                     namespace = "system"
                tenant  = "ves-io"
            }
            network_type = "VIRTUAL_NETWORK_SITE_LOCAL"
        }       
    }
  }

Reference:

  • name : (Required) The name of the endpoint object (string)
  • namespace : (Required) The namespace where endpoint object will be installed
  • endpoint_address.dns_name : (Optional) endpoint dns name which will be used to discover the endpoint
  • port : (Optional) endpoint port which needs to be discovered
  • endpoint_classifier : (Optional) where the endpoint will be discovered