Sign up for a user account on Intersight.com. You will need at least one Advantage Tier license as well as a Intersight Workload Optimizer license to complete this use case. Log in to intersight.com and generate API/Secret Keys. Both licensing requirements can utilize the available demo licensing if you don't have the subscription levels.
Sign up for a TFCB (Terraform for Cloud Business) at https://app.terraform.io/. Log in and generate the User API Key. You will need this when you create the TF Cloud Target in Intersight. If not a paid version, you will need to enable the trial account.
Clone this repository to your own VCS Repository for the VCS Integration with Terraform Cloud.
Integrate your VCS Repository into the TFCB Orgnization following these instructions: https://www.terraform.io/docs/cloud/vcs/index.html. Be sure to copy the OAth Token which you will use later on for Workspace provisioning.
terraform_cloud_token
instructions: https://www.terraform.io/docs/cloud/users-teams-organizations/api-tokens.html
tfc_oath_token
instructions: https://www.terraform.io/docs/cloud/vcs/index.html
tfc_organization (TFCB Organization Name)
tfc_email (Must be an Email Assigned to the TFCB Account)
agent_pool (The Name of the Agent Pool in the TFCB Account)
vcs_repo (The Name of your Version Control Repository. i.e. CiscoDevNet/intersight-tfb-iks)
apikey
secretkey
instructions: https://community.cisco.com/t5/data-center-documents/intersight-api-overview/ta-p/3651994
Modify the terraform.tfvars file to the unique attributes of your environment for your domain and server profiles and policies.
Once finished with the modification commit the changes to your reposotiry.
The Following examples are for a Linux based Operating System. Note that the TF_VAR_ prefix is used as a notification to the terraform engine that the environment variable will be consumed by terraform.
export TF_VAR_terraform_cloud_token="your_cloud_token" export TF_VAR_tfc_oauth_token="your_oath_token"
$env:TF_VAR_terraform_cloud_token="your_cloud_token" $env:TF_VAR_tfc_oauth_token="your_oath_token"
export TF_VAR_apikey="your_api_key" export TF_VAR_secretkey=`cat ~/Downloads/SecretKey.txt`
$env:TF_VAR_apikey="your_api_key" $env:TF_VAR_secretkey="$HOME\Downloads\SecretKey.txt"
Use the following environment variable, based on your deployment, for IPMI over LAN Settings if you want to configure encryption for the IPMI communication.
export TF_VAR_ipmi_key_1="your_password"
$env:TF_VAR_ipmi_key_1="your_password"
Use the following environment variable, based on your deployment, for LDAP Policy Binding Settings.
export TF_VAR_ldap_password="your_password"
$env:TF_VAR_ldap_password="your_password"
Use the following environment variable, based on your deployment, for Local User Policy Users. This would allow you to configure up to 5 unique users in an organization for CIMC Access.
export TF_VAR_local_user_password_1="your_password" export TF_VAR_local_user_password_2="your_password" export TF_VAR_local_user_password_3="your_password" export TF_VAR_local_user_password_4="your_password" export TF_VAR_local_user_password_5="your_password"
$env:TF_VAR_local_user_password_1="your_password" $env:TF_VAR_local_user_password_2="your_password" $env:TF_VAR_local_user_password_3="your_password" $env:TF_VAR_local_user_password_4="your_password" $env:TF_VAR_local_user_password_5="your_password"
Use the following environment variable, based on your deployment, for Persistent Memory Encryption.
export TF_VAR_persistent_passphrase="your_password"
$env:TF_VAR_persistent_passphrase="your_password"
Use the following environment variables, based on your deployment, for SNMP Settings. There are 5 values for each variable type. This allows for creating up to 5 snmp users or 5 community strings. You only need to configure these variables if you want to use them. For instance you want to add an SNMP user with AuthPriv. You would configure snmp_auth_password_1 and snmp_privacy_password_1. The rest can be unused unless you were going to configure 5 different SNMP users with different passwords. The same holds true with community strings.
export TF_VAR_snmp_auth_password_1="your_password" export TF_VAR_snmp_auth_password_2="your_password" export TF_VAR_snmp_auth_password_3="your_password" export TF_VAR_snmp_auth_password_4="your_password" export TF_VAR_snmp_auth_password_5="your_password" export TF_VAR_snmp_privacy_password_1="your_password" export TF_VAR_snmp_privacy_password_2="your_password" export TF_VAR_snmp_privacy_password_3="your_password" export TF_VAR_snmp_privacy_password_4="your_password" export TF_VAR_snmp_privacy_password_5="your_password"
$env:TF_VAR_snmp_auth_password_1="your_password" $env:TF_VAR_snmp_auth_password_2="your_password" $env:TF_VAR_snmp_auth_password_3="your_password" $env:TF_VAR_snmp_auth_password_4="your_password" $env:TF_VAR_snmp_auth_password_5="your_password" $env:TF_VAR_snmp_privacy_password_1="your_password" $env:TF_VAR_snmp_privacy_password_2="your_password" $env:TF_VAR_snmp_privacy_password_3="your_password" $env:TF_VAR_snmp_privacy_password_4="your_password" $env:TF_VAR_snmp_privacy_password_5="your_password"
export TF_VAR_access_community_string_1="your_community" export TF_VAR_access_community_string_2="your_community" export TF_VAR_access_community_string_3="your_community" export TF_VAR_access_community_string_4="your_community" export TF_VAR_access_community_string_5="your_community" export TF_VAR_snmp_trap_community_1="your_community" export TF_VAR_snmp_trap_community_2="your_community" export TF_VAR_snmp_trap_community_3="your_community" export TF_VAR_snmp_trap_community_4="your_community" export TF_VAR_snmp_trap_community_5="your_community"
$env:TF_VAR_access_community_string_1="your_community" $env:TF_VAR_access_community_string_2="your_community" $env:TF_VAR_access_community_string_3="your_community" $env:TF_VAR_access_community_string_4="your_community" $env:TF_VAR_access_community_string_5="your_community" $env:TF_VAR_snmp_trap_community_1="your_community" $env:TF_VAR_snmp_trap_community_2="your_community" $env:TF_VAR_snmp_trap_community_3="your_community" $env:TF_VAR_snmp_trap_community_4="your_community" $env:TF_VAR_snmp_trap_community_5="your_community"
Once all Variables have been imported into your environment, run the plan in the tfe folder:
When running in Terraform Cloud with VCS Integration the first Plan will need to be run from the UI but subsiqent runs should trigger automatically
terraform plan -out=main.plan terraform apply main.plan
When run, this module will Create the Terraform Cloud Workspace(s) and Assign the Variables to the workspace(s).
Name | Version |
---|---|
tfe | 0.25.3 |
No providers.
Name | Source | Version |
---|---|---|
sensitive_intersight_variables | terraform-cisco-modules/modules/tfe//modules/tfc_variables | 0.6.2 |
sensitive_server_variables | terraform-cisco-modules/modules/tfe//modules/tfc_variables | 0.6.2 |
sensitive_snmp_variables | terraform-cisco-modules/modules/tfe//modules/tfc_variables | 0.6.2 |
workspaces | terraform-cisco-modules/modules/tfe//modules/tfc_workspace | 0.6.2 |
No resources.
Name | Description | Type | Default | Required |
---|---|---|---|---|
access_community_string_1 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
access_community_string_2 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
access_community_string_3 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
access_community_string_4 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
access_community_string_5 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
apikey | Intersight API Key. | string |
n/a | yes |
binding_parameters_password | The password of the user for initial bind process. It can be any string that adheres to the following constraints. It can have character except spaces, tabs, line breaks. It cannot be more than 254 characters. | string |
"" |
no |
ipmi_key_1 | Encryption key to use for IPMI communication. It should have an even number of hexadecimal characters and not exceed 40 characters. | string |
"" |
no |
local_user_password_1 | Password to assign to a local user. Sensitive Variables cannot be added to a for_each loop so these are added seperately. | string |
"" |
no |
local_user_password_2 | Password to assign to a local user. Sensitive Variables cannot be added to a for_each loop so these are added seperately. | string |
"" |
no |
local_user_password_3 | Password to assign to a local user. Sensitive Variables cannot be added to a for_each loop so these are added seperately. | string |
"" |
no |
local_user_password_4 | Password to assign to a local user. Sensitive Variables cannot be added to a for_each loop so these are added seperately. | string |
"" |
no |
local_user_password_5 | Password to assign to a local user. Sensitive Variables cannot be added to a for_each loop so these are added seperately. | string |
"" |
no |
secretkey | Intersight Secret Key. | string |
n/a | yes |
secure_passphrase | Secure passphrase to be applied on the Persistent Memory Modules on the server. The allowed characters are a-z, A to Z, 0-9, and special characters =, !, &, #, $, %, +, ^, @, _, *, -. | string |
"" |
no |
snmp_auth_password_1 | SNMPv3 User Authentication Password. | string |
"" |
no |
snmp_auth_password_2 | SNMPv3 User Authentication Password. | string |
"" |
no |
snmp_auth_password_3 | SNMPv3 User Authentication Password. | string |
"" |
no |
snmp_auth_password_4 | SNMPv3 User Authentication Password. | string |
"" |
no |
snmp_auth_password_5 | SNMPv3 User Authentication Password. | string |
"" |
no |
snmp_privacy_password_1 | SNMPv3 User Privacy Password. | string |
"" |
no |
snmp_privacy_password_2 | SNMPv3 User Privacy Password. | string |
"" |
no |
snmp_privacy_password_3 | SNMPv3 User Privacy Password. | string |
"" |
no |
snmp_privacy_password_4 | SNMPv3 User Privacy Password. | string |
"" |
no |
snmp_privacy_password_5 | SNMPv3 User Privacy Password. | string |
"" |
no |
snmp_trap_community_1 | Community for a Trap Destination. | string |
"" |
no |
snmp_trap_community_2 | Community for a Trap Destination. | string |
"" |
no |
snmp_trap_community_3 | Community for a Trap Destination. | string |
"" |
no |
snmp_trap_community_4 | Community for a Trap Destination. | string |
"" |
no |
snmp_trap_community_5 | Community for a Trap Destination. | string |
"" |
no |
terraform_cloud_token | Token to Authenticate to the Terraform Cloud. | string |
n/a | yes |
terraform_version | Terraform Target Version. | string |
"1.0.3" |
no |
tfc_oauth_token | Terraform Cloud OAuth Token for VCS_Repo Integration. | string |
n/a | yes |
tfc_organization | Terraform Cloud Organization Name. | string |
n/a | yes |
trap_community_string_1 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
trap_community_string_2 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
trap_community_string_3 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
trap_community_string_4 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
trap_community_string_5 | The default SNMPv1, SNMPv2c community name or SNMPv3 username to include on any trap messages sent to the SNMP host. The name can be 18 characters long. | string |
"" |
no |
vcs_repo | Version Control System Repository. | string |
n/a | yes |
workspaces | Map of Workspaces to create in Terraform Cloud. key - Name of the Workspace to Create. * allow_destroy_plan - Default is true. * auto_apply - Defualt is false. Automatically apply changes when a Terraform plan is successful. Plans that have no changes will not be applied. If this workspace is linked to version control, a push to the default branch of the linked repository will trigger a plan and apply. * branch - Default is "master". The repository branch that Terraform will execute from. Default to master. * description - A Description for the Workspace. * global_remote_state - Whether the workspace allows all workspaces in the organization to access its state data during runs. If false, then only specifically approved workspaces can access its state (remote_state_consumer_ids).. * queue_all_runs - needs description. * remote_state_consumer_ids - The set of workspace IDs set as explicit remote state consumers for the given workspace. * working_directory - The Directory of the Version Control Repository that contains the Terraform code for UCS Domain Profiles for this Workspace. * workspace_type - What Type of Workspace will this Create. Options are: - chassis - domain - pool - server - vlan |
map(object( |
{ |
no |
Name | Description |
---|---|
workspaces | Terraform Cloud Workspace IDs and Names. |
Owner
Contributors
Categories
Products
IntersightUCS ManagerProgramming Languages
HCLLicense
Code Exchange Community
Get help, share code, and collaborate with other developers in the Code Exchange community.View Community