Terraform: Set Up a Simple Infrastructure with OCI Terraform

In this tutorial, you use Terraform to set up a simple infrastructure in your Oracle Cloud Infrastructure account.

Key tasks include how to:

  • Copy your existing scripts from the Terraform Get Started tutorials.
  • Edit the scripts to combine all the resources in one directory.
  • Run one apply command to create the following resources:
    • a compartment
    • a virtual cloud network
    • a compute instance
A diagram of the components needed to create a simple Infrastructure with Terraform. From a local Linux environment, the user creates a virtual cloud network with Terraform. This network has a public subnet and a compuete instance that can be reached from the internet. The network also has a private subnet that connects to the internet through a NAT gateway, and also privately connects to the Oracle Services Network. The CIDR block for the virtual cloud network is 10.0.0.0/16, for the public subnet is 10.0.0.0/24, and for the private subnet is 10.0.1.0/24.A diagram of a user connected from a local machine to an Oracle Cloud Infrastructure tenancy.

For additional information, see:

Before You Begin

To successfully perform this tutorial, you must have the following:

Requirements

1. Prepare

Copy the scripts you created in the Terraform: Get Started tutorials into a new directory.

Copy Declared Resources
  1. In your $HOME directory, create a directory called tf-simple-infrastructure and change to that directory.
    mkdir tf-simple-infrastructure
    cd tf-simple-infrastructure
  2. Copy the Terraform scripts from the tf-provider directory.
    cp ../tf-provider/*.tf .
    Note

    Do not copy the terraform.tfstate or terraform.tfstate.backup files. They contain the state of the resources for their current directory. After you run the scripts in this new directory, you get a new state file.
  3. Rename the outputs.tf file to outputs1.tf.
    mv outputs.tf outputs1.tf
  4. Copy the Terraform scripts from the tf-compartment directory.
    cp ../tf-compartment/*.tf .
    Note

    Because you only need one provider file per directory, no harm is done when the copy command replaces one provider.tf file with another.
  5. Rename the outputs.tf file to outputs2.tf.
    mv outputs.tf outputs2.tf
  6. Copy the Terraform scripts from the tf-compute directory.
    cp ../tf-compute/*.tf .
  7. Rename the outputs.tf file to outputs3.tf.
    mv outputs.tf outputs3.tf
  8. Copy the Terraform scripts from the tf-vcn directory.
    cp ../tf-vcn/*.tf .
  9. Rename the outputs.tf file to outputs4.tf.
    mv outputs.tf outputs4.tf
  10. Concatenate the four output files.
    cat outputs1.tf outputs2.tf outputs3.tf outputs4.tf > outputs.tf
  11. Remove the outputs1.tf, outputs2.tf, outputs3.tf, and outputs4.tf files from the tf-simple-infrastructure directory.
    rm outputs1.tf outputs2.tf outputs3.tf outputs4.tf
  12. Confirm that you have the following files in your directory.
    ls
    availability-domains.tf
    compartment.tf
    compute.tf
    outputs.tf
    private-security-list.tf
    private-subnet.tf
    provider.tf
    public-security-list.tf
    public-subnet.tf
    vcn-module.tf

2. Edit the Scripts

Edit the scripts to assign a new name for your compartment and to replace all hard-coded OCIDs with references.

Update the Compartment Name
  1. Open the compartment.tf file.
  2. Update <your-compartment-name> with <your-new-compartment-name>, in case you already created <your-compartment-name> in the previous tutorials.
    # Source from https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/identity_compartment
    
    resource "oci_identity_compartment" "tf-compartment" {
        # Required
        compartment_id = "<tenancy-ocid>"
        description = "Compartment for Terraform resources."
        name = "<your-new-compartment-name>"
    }
Update Compartment References
Find the Reference to Compartment OCID

In the previous tutorials, you hard-coded the compartment OCID. Now, update <compartment-ocid> to reference the compartment from compartment.tf.

  1. Find how compartment OCID is referenced in the outputs.tf file.
    grep -R compartment outputs.tf

    Example output:

    # Outputs for compartment
    output "compartment-name" {
      value = oci_identity_compartment.tf-compartment.name
    output "compartment-OCID" {
      value = oci_identity_compartment.tf-compartment.id
  2. Copy the value for the compartment OCID into your notepad:
    oci_identity_compartment.tf-compartment.id
    
Update Hard-Coded Compartment OCIDs
  1. Find which files reference compartment_id.
    grep -Rn compartment_id

    Example output:

    availability-domains.tf:7:  compartment_id = "<compartment-ocid>"
    compartment.tf:3:   compartment_id = "<tenancy-ocid>"
    compute.tf:4:  compartment_id = "<compartment-ocid>"
    private-security-list.tf:6:  compartment_id = "<compartment-ocid>"
    private-subnet.tf:6:  compartment_id = "<compartment-ocid>"
    public-security-list.tf:6:  compartment_id = "<compartment-ocid>"
    public-subnet.tf:6:  compartment_id = "<compartment-ocid>"
    vcn-module.tf:9:  compartment_id = "<compartment-ocid>"
    Note

    The availability-domains.tf and compartment.tf files, both point to the <tenancy-ocid>. For example, the compartment.tf file points to the tenancy as its parent compartment and then creates a compartment underneath it. Don't edit the compartment_id in these two files.
  2. Except for availability-domains.tf and compartment.tf files, in the remaining files that result from your grep command, replace compartment_id = "<compartment-ocid>" with:
    compartment_id = oci_identity_compartment.tf-compartment.id
    
Update Subnet References
Find the Reference to Subnet OCID

In the Terraform Tutorial: Create a Compute Instance, you hard-coded the public subnet that hosts the compute instance. Now, update the compute.tf file to reference the public-subnet-OCID from the public-subnet.tf file.

  1. Find how subnet OCID is referenced in the outputs.tf file.
    grep -R subnet outputs.tf

    Example output:

    ...
    output "private-subnet-name" {
      value = oci_core_subnet.vcn-private-subnet.display_name
    output "private-subnet-OCID" {
      value = oci_core_subnet.vcn-private-subnet.id
    # Outputs for public subnet
    output "public-subnet-name" {
      value = oci_core_subnet.vcn-public-subnet.display_name
    output "public-subnet-OCID" {
      value = oci_core_subnet.vcn-public-subnet.id
  2. Copy the value for the public subnet OCID into your notepad:
    oci_core_subnet.vcn-public-subnet.id
    
Update Hard-Coded Subnet OCIDs
  1. Find which files reference subnet_id.
    grep -Rn subnet_id

    Example output:

    compute.tf:19:        subnet_id = "<your-public-subnet-ocid>"
  2. In the compute.tf file that results from your grep command, replace compartment_id = "<your-public-subnet-ocid>" with:
    subnet_id = oci_core_subnet.vcn-public-subnet.id
    

Congratulations! All your scripts are now ready to run.

3. Create a Simple Infrastructure

Run your Terraform scripts to create a compartment, a virtual cloud network, and a compute instance in the public subnet.

Run the Scripts
  1. Initialize a working directory in the tf-simple-infrastructure directory.
    terraform init
  2. Create an execution plan and review the changes that Terraform plans to make to your account:
    terraform plan
  3. Create your simple infrastructure with Terraform:
    terraform apply

    When prompted for confirmation, enter yes, for your resources to be created.

Watch the Creation in the Console (Optional)
  1. Open the navigation menu and click Identity & Security. Under Identity, click Compartments.
  2. Refresh the page, until you see the compartment name.
  3. Open the navigation menu and click Networking, and then click Virtual Cloud Networks.
  4. In the left navigation of the Virtual Cloud Networks page, find your compartment.
  5. If you can't find your compartment, then refresh the left navigation.
  6. Go to your compartment and watch your virtual cloud network appear in the list of networks.
  7. Click <your-vcn-name>.
  8. Review the created Resources.
  9. Open the navigation menu and click Compute. Under Compute, click Instances.
  10. Watch your instance appear in the list of instances.
Review the Outputs

Review the outputs in the output terminal.

Example of output displayed in terminal:
oci_identity_compartment.tf-compartment: Creating...
oci_identity_compartment.tf-compartment: Creation complete after 7s [id=xxx]
module.vcn.oci_core_vcn.vcn: Creating...
module.vcn.oci_core_vcn.vcn: Creation complete after 2s [id=xxx]
module.vcn.oci_core_nat_gateway.nat_gateway[0]: Creating...
module.vcn.oci_core_default_security_list.lockdown[0]: Creating...
module.vcn.oci_core_internet_gateway.ig[0]: Creating...
module.vcn.oci_core_service_gateway.service_gateway[0]: Creating...
oci_core_security_list.public-security-list: Creating...
oci_core_security_list.private-security-list: Creating...
module.vcn.oci_core_internet_gateway.ig[0]: Creation complete after 1s [id=xxx]
module.vcn.oci_core_route_table.ig[0]: Creating...
oci_core_security_list.private-security-list: Creation complete after 1s [id=xxx]
module.vcn.oci_core_default_security_list.lockdown[0]: Creation complete after 1s [id=xxx]
oci_core_security_list.public-security-list: Creation complete after 1s [id=xxx]
module.vcn.oci_core_route_table.ig[0]: Creation complete after 1s [id=xxx]
oci_core_subnet.vcn-public-subnet: Creating...
module.vcn.oci_core_nat_gateway.nat_gateway[0]: Creation complete after 2s [id=xxx]
module.vcn.oci_core_service_gateway.service_gateway[0]: Creation complete after 3s [id=xxx]
module.vcn.oci_core_route_table.nat[0]: Creating...
module.vcn.oci_core_route_table.nat[0]: Creation complete after 1s [id=xxx]
oci_core_subnet.vcn-private-subnet: Creating...
oci_core_subnet.vcn-public-subnet: Creation complete after 2s [id=xxx]
oci_core_instance.ubuntu_instance: Creating...
oci_core_subnet.vcn-private-subnet: Creation complete after 2s [id=xxx]
oci_core_instance.ubuntu_instance: Still creating... [10s elapsed]
oci_core_instance.ubuntu_instance: Still creating... [20s elapsed]
oci_core_instance.ubuntu_instance: Still creating... [30s elapsed]
oci_core_instance.ubuntu_instance: Creation complete after 38s [id=xxx]

Apply complete! Resources: 13 added, 0 changed, 0 destroyed.

References:

What's Next

Congratulations! You have successfully created a simple infrastructure using Terraform, in your Oracle Cloud Infrastructure account.

Now that you know how to use data sources, resources and modules, go ahead and add new objects from the Terraform Registry to your simple infrastructure.

To explore more information about development with Oracle products, check out these sites: