Terraform Cloud Director Provider v3.13.0 is out there now, including assist for Cloud Director 10.6 with many new options and enhancements.
Extending VCD Functionality with Solution Add-Ons
Solution Add-Ons prolong Cloud Director providing with value-added functionalities. One can handle the sources and life cycle of options which can be custom-built to increase the performance of VMware Cloud Director.
A Solution Add-On is the illustration of an answer that’s {custom} constructed for Cloud Director within the extensibility ecosystem. It encapsulates UI and API Cloud Director extensions along with their backend providers and lifecycle administration. Solution Add-Ons are distributed as .iso recordsdata and might include quite a few parts: UI plugins, vApps, customers, roles, runtime outlined entities, and extra.
Terraform VCD Provider 3.13 provides assist for Solution Add-Ons with the next new sources and information sources:
On prime of that, there are two new sources (with their information sources, as regular) for Data Solution configuration and publishing to tenants:
VMware Cloud Director extension for Data Solutions is a Solution Add-On for Cloud Director, which allows multi-tenancy clients to ship a portfolio of on-demand caching, messaging and database software program. Service suppliers can supply their tenants an built-in answer, which permits them to function and handle data-as-a-service throughout personal clouds and sovereign clouds.
There is a new information web page. For these preferring hands-on expertise, there are additionally HCL examples.
Solution Add-On Configuration Example (Data Solution Extension)
The beneath code covers finish to finish setup of a Data Solution Extension in a inexperienced area – it covers configuration of Solution Landing Zone, after which creation, instantiation and publishing of a Solution Add-On.
Note: For brevity – these examples lack some referenced useful resource/information supply definitions. A whole set of HCL scripts could be seen within the HCL examples and higher defined within the Data Solution Guide Page.
catalog {
id = vcd_catalog.solution_add_ons.id
}
vdc {
id = information.vcd_org_vdc.solutions_vdc.id
is_default = true
org_vdc_network {
id = information.vcd_network_routed_v2.options.id
is_default = true
}
compute_policy {
id = information.vcd_org_vdc.solutions_vdc.default_compute_policy_id
is_default = true
}
storage_policy {
id = information.vcd_storage_profile.options.id
is_default = true
}
}
}
useful resource “vcd_solution_add_on” “dse14” {
catalog_item_id = information.vcd_catalog_media.dse14.catalog_item_id
add_on_path = var.vcd_dse_add_on_iso_path
auto_trust_certificate = true
depends_on = [vcd_solution_landing_zone.slz]
}
useful resource “vcd_solution_add_on_instance” “dse14” {
add_on_id = vcd_solution_add_on.dse14.id
accept_eula = true
identify = “dse-14”
enter = {
delete-previous-uiplugin-versions = true
}
delete_input = {
force-delete = true
}
}
useful resource “vcd_solution_add_on_instance_publish” “public” {
add_on_instance_id = vcd_solution_add_on_instance.dse14.id
org_ids = [information.vcd_org.dse-consumer.id]
publish_to_all_tenants = false
}
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56
|
useful resource “vcd_solution_landing_zone” “slz” { org = var.vcd_solutions_org
catalog { id = vcd_catalog.solution_add_ons.id }
vdc { id = information.vcd_org_vdc.solutions_vdc.id is_default = true
org_vdc_network { id = information.vcd_network_routed_v2.options.id is_default = true }
compute_policy { id = information.vcd_org_vdc.solutions_vdc.default_compute_policy_id is_default = true }
storage_policy { id = information.vcd_storage_profile.options.id is_default = true } } }
useful resource “vcd_solution_add_on” “dse14” { catalog_item_id = information.vcd_catalog_media.dse14.catalog_item_id add_on_path = var.vcd_dse_add_on_iso_path auto_trust_certificate = true
depends_on = [vcd_solution_landing_zone.slz] }
useful resource “vcd_solution_add_on_instance” “dse14” { add_on_id = vcd_solution_add_on.dse14.id accept_eula = true identify = “dse-14”
enter = { delete–earlier–uiplugin–variations = true }
delete_input = { drive–delete = true } }
useful resource “vcd_solution_add_on_instance_publish” “public” { add_on_instance_id = vcd_solution_add_on_instance.dse14.id org_ids = [information.vcd_org.dse–shopper.id] publish_to_all_tenants = false }
|
Dynamic Schema Validation for Solution Add-On Instantiation
Each Solution Add-On incorporates its personal inputs that have to be validated and useful resource vcd_solution_add_on_instance
has a mechanism for dynamic enter validation within the information.
Configuring and Publishing Data Solutions
Once the DSE Solution Add-On is instantiated and printed, a supplier can leverage DSE particular sources to carry out registry configuration particulars and publish Data Solution to tenants.
useful resource “vcd_dse_registry_configuration” “mongodb-community” {
identify = “MongoDB Community”
use_default_values = true
}
useful resource “vcd_dse_solution_publish” “mongodb-community” {
data_solution_id = vcd_dse_registry_configuration.mongodb-community.id
org_id = information.vcd_org.dse-consumer.id
}
|
useful resource “vcd_dse_registry_configuration” “dso” { identify = “VCD Data Solutions” use_default_values = true }
useful resource “vcd_dse_registry_configuration” “mongodb-community” { identify = “MongoDB Community” use_default_values = true }
useful resource “vcd_dse_solution_publish” “mongodb-community” { data_solution_id = vcd_dse_registry_configuration.mongodb–group.id
org_id = information.vcd_org.dse–shopper.id } |
Auto-Scaling Support for Container Service Extension Kubernetes Cluster
The Kubernetes Autoscaler can routinely alter the dimensions of employee swimming pools in CSE. Terraform VCD Provider 3.13 permits to configure the auto-scaling capabilities for each employee pool by specifying the minimal and most nodes. This can be utilized as an alternative of the prevailing machine_count
argument:
# Normal employee pool with fastened variety of machines
worker_pool {
machine_count = 1
identify = “node-pool-1”
disk_size_gi = 20
sizing_policy_id = information.vcd_vm_sizing_policy.tkg_small.id
storage_profile_id = information.vcd_storage_profile.sp.id
}
# Worker pool with the brand new Autoscaler capabilities
worker_pool {
autoscaler_min_replicas = 2
autoscaler_max_replicas = 10
identify = “node-pool-2”
disk_size_gi = 20
sizing_policy_id = information.vcd_vm_sizing_policy.tkg_small.id
storage_profile_id = information.vcd_storage_profile.sp.id
}
}
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
|
useful resource “vcd_cse_kubernetes_cluster” “my_cluster” { identify = “my-cluster” # …
# Normal employee pool with fastened variety of machines worker_pool { machine_count = 1
identify = “node-pool-1” disk_size_gi = 20 sizing_policy_id = information.vcd_vm_sizing_policy.tkg_small.id storage_profile_id = information.vcd_storage_profile.sp.id }
# Worker pool with the brand new Autoscaler capabilities worker_pool { autoscaler_min_replicas = 2 autoscaler_max_replicas = 10
identify = “node-pool-2” disk_size_gi = 20 sizing_policy_id = information.vcd_vm_sizing_policy.tkg_small.id storage_profile_id = information.vcd_storage_profile.sp.id } }
|
When autoscaler_max_replicas
and autoscaler_min_replicas
are set in any employee pool, the Kubernetes Autoscaler is routinely deployed to the cluster, with a purpose to handle the employee swimming pools which can be configured this manner. More particulars in regards to the Autoscaler could be learn in the official FAQ doc.
OpenID Connect Support
OpenID Connect is an authentication layer on prime of the OAuth 2.0 protocol, which permits purchasers to obtain details about authenticated classes and end-users. You can now configure organizations in VMware Cloud Director with Terraform VCD Provider 3.13 to make use of this identification supplier answer by utilizing the vcd_org_oidc
useful resource:
useful resource “vcd_org_oidc” “oidc” {
org_id = information.vcd_org.my_org.id
enabled = true
prefer_id_token = false
client_id = “superClient”
client_secret = “i-am-a-secret”
max_clock_skew_seconds = 60
wellknown_endpoint = “https://my-idp.company1.com/oidc/.well-known/openid-configuration”
}
|
information “vcd_org” “company1” { identify = “company1” }
useful resource “vcd_org_oidc” “oidc” { org_id = information.vcd_org.my_org.id enabled = true prefer_id_token = false client_id = “superClient” client_secret = “i-am-a-secret” max_clock_skew_seconds = 60 wellknown_endpoint = “https://my-idp.company1.com/oidc/.well-known/openid-configuration” } |
In the instance above, a well known endpoint is used to retrieve all of the wanted configuration parameters. When utilizing this type of endpoint, one can even override any of the obtained values, if wanted:
# Overrides:
access_token_endpoint = “https://my-other-idp.company2.com/oidc/token”
userinfo_endpoint = “https://my-other-idp.company2.com/oidc/userinfo”
}
|
useful resource “vcd_org_oidc” “oidc” { org_id = information.vcd_org.my_org.id enabled = true prefer_id_token = false client_id = “superClient” client_secret = “i-am-a-secret” max_clock_skew_seconds = 60 wellknown_endpoint = “https://my-idp.company1.com/oidc/.well-known/openid-configuration”
# Overrides: access_token_endpoint = “https://my-other-idp.company2.com/oidc/token” userinfo_endpoint = “https://my-other-idp.company2.com/oidc/userinfo” } |
This useful resource can be utilized both by suppliers, to configure OIDC for the System group, or by tenants, to configure OIDC for every tenant.
VDC Template Support
Providers can now create and handle VDC Templates with the vcd_org_vdc_template
useful resource. A VDC template specifies a configuration for a corporation VDC and, optionally, an Edge Gateway and group VDC community.
The configuration of a VDC Template is similar to how configuring a VDC seems to be like:
compute_configuration {
cpu_limit = 0
cpu_guaranteed = 20
cpu_speed = 256
memory_limit = 1024
memory_guaranteed = 30
}
provider_vdc {
id = information.vcd_provider_vdc.pvdc1.id
external_network_id = information.vcd_external_network_v2.ext_net.id
}
provider_vdc {
id = information.vcd_provider_vdc.pvdc2.id
external_network_id = information.vcd_external_network_v2.ext_net.id
}
storage_profile {
identify = “*”
default = true
restrict = 1024
}
network_pool_id = information.vcd_network_pool.np1.id
readable_by_org_ids = [
information.vcd_org.org.id
]
}
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
|
useful resource “vcd_org_vdc_template” “tmpl1” { identify = “myTemplate” description = “Requires System privileges” tenant_name = “myAwesomeTemplate” tenant_description = “Any tenant can use this” allocation_model = “AllocationVApp”
compute_configuration { cpu_limit = 0 cpu_guaranteed = 20 cpu_speed = 256 memory_limit = 1024 memory_guaranteed = 30 }
provider_vdc { id = information.vcd_provider_vdc.pvdc1.id external_network_id = information.vcd_external_network_v2.ext_net.id }
provider_vdc { id = information.vcd_provider_vdc.pvdc2.id external_network_id = information.vcd_external_network_v2.ext_net.id }
storage_profile { identify = “*” default = true restrict = 1024 }
network_pool_id = information.vcd_network_pool.np1.id
readable_by_org_ids = [ information.vcd_org.org.id ] } |
Once the VDC Template is created, it may be instantiated by any supplier, or by any tenant person with the required rights, and if it was set within the readably_by_org_ids
argument. In order to try this, one can leverage the vcd_org_vdc_template_instance
useful resource:
# This ensures that eradicating this useful resource from HCL will not take away
# the instantiated VDC. Set it to “true” to take away the VDC when this
# useful resource is eliminated.
delete_instantiated_vdc_on_removal = false
delete_force = false
delete_recursive = false
}
|
useful resource “vcd_org_vdc_template_instance” “my_instance” { org_vdc_template_id = vcd_org_vdc_template.tmpl1.id identify = “myInstantiatedVdc” description = “A brand new VDC” org_id = information.vcd_org.org.id
# This ensures that eradicating this useful resource from HCL will not take away # the instantiated VDC. Set it to “true” to take away the VDC when this # useful resource is eliminated. delete_instantiated_vdc_on_removal = false delete_force = false delete_recursive = false } |
Users can management what to do when the vcd_org_vdc_template_instance
useful resource is eliminated, with the delete_instantiated_vdc_on_removal
flag and auxiliary flags delete_force
and delete_recursive
. If they don’t need the useful resource to delete the VDC when it’s faraway from HCL configuration, delete_instantiated_vdc_on_removal=false
will keep away from exactly that. This is beneficial when the instantiated VDC is imported as a subsequent step, and fully managed by a vcd_org_vdc
useful resource, as a result of customers can then discard the vcd_org_vdc_template_instance
code block with none aspect impact.
VCD and Organization Association (Multi-Site)
An affiliation between VCDs is achieved by the collaboration between the directors of the 2 websites (or the coordinated motion of an administrator that personal each VCDs). The information supply vcd_multisite_site_data
permits the administrator to gather the affiliation information wanted to arrange the operation. On the opposite aspect, the administrator of the receiving VCD will use the useful resource vcd_multisite_site_association
to set the connection. When either side have carried out each operations, the affiliation is finished.
Similar operations (utilizing the information supply vcd_multisite_org_data
and useful resource vcd_multisite_org_association
are carried out to create an affiliation between organizations. There are 5 information sources and a pair of sources to carry out the assorted duties. Since it might be complicated to grasp what to make use of and when, we have now additionally launched a common function Site and Org affiliation information.
Here’s an instance:
The administrator of website 1 collects the information as follows, saving it to file site1.xml
|
information “vcd_multisite_site_data” “site1” { download_to_file = “site1.xml” } |
The administrator of site2 will then create the affiliation:
|
useful resource “vcd_multisite_site_association” “site2-site1” { association_data_file = “site1.xml” } |
After that, the 2 directors swap roles and run the identical operations in reverse order (site2 information assortment and site1 affiliation).
There are two full examples about website affiliation and organization affiliation within the repository.
List of New Resources and Data Sources
2 new information pages:
11 new sources:
13 new information sources:
There are extra options and enhancements, which you’ll be able to see within the project’s changelog. And, as at all times, we’re awaiting your suggestions and options in GitHub Issues and #vcd-terraform-dev Slack channel (https://the-code-community.slack.com).
Last however not least, there’s a new model v2.25.0 of Go SDK for VMware Cloud Director.