This document provides an overview and roadmap for using Terraform to deploy infrastructure on Oracle Cloud Infrastructure (OCI). It covers Terraform basics, the OCI provider and modules, coding examples for deploying compute instances, autonomous databases, and Kubernetes clusters on OKE. It concludes with information for contacting RheoData for additional support or questions.

1. Copyright, 2020 RheoData and affiliates
Terraform & Oracle Cloud Infrastructure
in 30 minutes
Bobby Curtis, MBA
RheoData
2020
@rheodatallc / @dbasolved
#OracleCode

2. Copyright, 2020 RheoData and affiliates
Roadmap
Introduction
Terraform Basics
OCI Provider & Modules
Coding Examples
Q & A

3. Copyright, 2020 RheoData and affiliates
Roadmap
Introduction
Terraform Basics
OCI Provider & Modules
Coding Examples
Q & A

4. Copyright, 2020 RheoData and affiliates
Speaker
@dbasolved | @rheodatallc
Bobby.Curtis@rheodata.com

5. Copyright, 2020 RheoData and affiliates

6. Copyright, 2020 RheoData and affiliates
Multi-Cloud Opportunities
+
• Move interdependent enterprise
applications to the cloud
• Deploy custom and packaged application
• Develop cloud native, enterprise
applications
• Cross-Cloud Interconnect
• Unified IAM
• Jointly tested, validated deployment
architectures, best practices
• Collaborative support model
https://www.oracle.com/cloud/azure-interconnect.html
• Innovate across clouds
• Choice
• Maximize ROI
Advantages Possible Now New Capabilities

7. Copyright, 2020 RheoData and affiliates
Roadmap
Introduction
Terraform Basics
OCI Provider & Modules
Coding Examples
Q & A

8. Copyright, 2020 RheoData and affiliates
Basics
init
validate
plan apply
terraform init
– used to initialize a
working directory with
Terraform files.
– Some validation done
as well
terraform validate
– validates the config
files in a directory
terraform plan
– creates execution plan
– performs a refresh,
unless explicitly disabled
– determines what
needs to be done
terraform apply
– scans the current
directory for the
configuration and
applies changes

9. Copyright, 2020 RheoData and affiliates
Roadmap
Introduction
Terraform Basics
OCI Provider & Modules
Coding Examples
Q & A

10. Copyright, 2020 RheoData and affiliates
OCI Provider
provider "oci" {
version = ">= 3.76.0"
region = var.region
tenancy_ocid = var.tenancy_ocid
user_ocid = var.user_ocid
fingerprint = var.fingerprint
private_key_path = var.private_key_path
}
Use of variables file is highly
recommended!
Regions
- locations/data centers
where the workload is
built
Tenancy OCID
- account name when
initially setting up a
cloud account
User OCID
- Identifier that
identifies the user login
into the cloud
Fingerprint
- alpha/numeric string
that will be specific to
public SSH key.
- needed for API access
Key Path
- Location of SSH
private key on localhost

11. Copyright, 2020 RheoData and affiliates
OCI Modules
• Modules for most item in
OCI
• IAM -> Identity
• VCN – Virtual Network
• Compute – Compute Nodes
• Most OCI Modules written in
0.11
• Use latest version available
• Downloaded Modules
• .terraform/modules

12. Copyright, 2020 RheoData and affiliates
Upgrading Code/Modules
$ cd <directory>
$ terraform 0.12upgrade <module_path>

13. Copyright, 2020 RheoData and affiliates
Roadmap
Introduction
Terraform Basics
OCI Provider & Modules
Coding Examples
Q & A

14. Copyright, 2020 RheoData and affiliates
Layout
Oracle/OCI
|
/.terraform/modules
/compute-instance/terraform-oci-compute-instance-2.01
-- main.tf
-- variables.tf
-- output.tf
/vcn/terraform-oci-vcn-1.0.1
-- main.tf
-- variables.tf
-- locals.tf
-- nat.tf
-- servicegateway.tf
-- vcn.tf
|
-- main.tf
-- variables.tf
-- output.tf

15. Copyright, 2020 RheoData and affiliates
Backend
########################
# Backend
########################
terraform {
backend "http" {
address = "https://objectstorage.us-ashburn-
1.oraclecloud.com/p/Zi1rw_y.........EA4HjMwEU2zaaBmx71sas_oU/n/idtlingilfcy/b/bucket-
terraform/o/terraform.tfstate"
update_method = "PUT"
}
}
HTTP support: uses a cURL-based HTTP command to push/pull state from object store
S3-Compatible support: more complex to setup, requires AWS keys
Pre-Authenticated Requests: enables accessing a bucket or object in OCI without providing credentials/time-based.

16. Copyright, 2020 RheoData and affiliates
Compartments
##########################
# Compartments - Custom
##########################
resource "oci_identity_compartment" "test_compartment" {
#Required
# ocid1.tenancy.oc1..aaaaaaaaojorxdfprzt2sx75lweivou6xeomto4gvjxuuyraxcdakff4dujq
compartment_id = var.root_compartment_ocid #Compartment to build in
# This is a testing compartment
description = var.compartment_description #Description for the compartment
# testing2
name = var.compartment_name #Name of the compartment
}
data "oci_identity_compartments" "test_compartments" {
compartment_id = var.tenancy_ocid
compartment_id_in_subtree = true
}
output "compartment_info" {
value = data.oci_identity_compartments.test_compartments.compartments
}

17. Copyright, 2020 RheoData and affiliates
#########################
# Compute Instance - OCI Provided
#########################
module "compute-instance" {
source = "oracle-terraform-modules/compute-instance/oci"
version = "2.0.1"
#Required Info
compartment_ocid = "ocid1.compartment.oc1..aaaaaaaade5bxtniugmwuiynsonpq74fo2djk6hd64qu3lzw2xybym4svyhq"
source_ocid = "ocid1.image.oc1.iad.aaaaaaaawtb4qxiwri5z2qjeey4zpzqpv2rtxhddzpbvojw2e2c2jevmthva"
ssh_authorized_keys = "~/.ssh/id_rsa.pub"
subnet_ocids = ["ocid1.subnet.oc1.iad.aaaaaaaamlgotv3goqjfihx53abpatmajjh45h32vljzfq3nsvwoqhqmouda"]
#Optional Info
instance_count = "1"
shape = "VM.Standard2.1"
instance_display_name = "Test-Linux"
}
output "compute_info" {
value = [
"ID", module.compute-instance.instance_id,
"Private", module.compute-instance.private_ip,
"Public", module.compute-instance.public_ip
]
}
Compute Instances

18. Autonomous Database(s)
• No OCI certified modules available
• Deprecated Resources by version
• Write custom
oci_database_autonomous_database

19. Autonomous Database(s)
##############################
# OCI - Autonomous Database(s)
##############################
resource "oci_database_autonomous_database" "demo_adb" {
#Required
admin_password = "WElcome12345##"
compartment_id =
"ocid1.compartment.oc1..aaaaaaaade5bxtniugmwuiynsonpq74fo2djk6hd64qu3lzw2xybym4svyhq"
cpu_core_count = "1"
data_storage_size_in_tbs = "1"
db_name = "RDADB1"
#Optional
db_version = "19c"
db_workload = "OLTP"
display_name = "RDADB1"
is_free_tier = "false"
license_model = "BRING_YOUR_OWN_LICENSE"
source = "NONE"
}
output "demo_adb_ocid" {
value = oci_database_autonomous_database.demo_adb.id
}

20. Copyright, 2020 RheoData and affiliates
Kubernetes (OKE)
• Oracle Container Engine (OKE) is Oracle’s managed Kubernetes service
• Lots of components within OCI – OCI module is best option
module "oke" {
source = "oracle-terraform-modules/oke/oci"
version = "2.2.2"
#Required
api_fingerprint = var.fingerprint
api_private_key_path = "~/.ssh/id_rsa"
compartment_id = "ocid1.compartment.oc1……gmwuiynsonpq74fo2djk6hd64qu3lzw2xybym4svyhq"
existing_key_id = "ocid1.key.oc1.iad.bbppj6k3aacuu.a……tsnq3ldofns5czn7vyzvxnvvnliq"
region = var.region
secret_id = "ocid1.vault.oc1.iad.bbppj6k3aacuu………w5e5mc6rhxcm7mzytdbsqt6g6ozaftjtj4uegbmwcuya"
service_account_cluster_role_binding = "clustertestbinding"
tenancy_id = var.tenancy_ocid
user_id = var.user_ocid
#Optional
ssh_public_key_path = "~/.ssh/id_rsa.pub"
}

21. Copyright, 2020 RheoData and affiliates
Stacks & Jobs
Code Zip Upload & Run

22. Copyright, 2020 RheoData and affiliates
Roadmap
Introduction
Terraform Basics
OCI Provider & Modules
Coding Examples
Q & A

23. Copyright, 2020 RheoData and affiliates
Questions

24. Copyright, 2020 RheoData and affiliates
Contact RheoData
solutions@rheodata.com
@rheodatallc
http://rheodata.com
#OracleCode