Cisco Intersight Service for HashiCorp Terraform (IST) addresses the challenge of securely connecting and configuring on-premises and hybrid environments to work with Terraform Cloud Business Tier. Leveraging Intersight Assist, users can integrate Terraform Cloud Business with Cisco Intersight, enabling secure communication between on-premises data centers and edge locations with the IaC platform. This means users can spend less time managing the end-to-end lifecycle of Terraform Cloud Agents, benefiting from native integration directly within Intersight, including upgrades and the ability to scale as demand grows.
In this example, we cover a how we can use IST to automatically configure Cisco ACI.
We will automate configuration of ACI’s logical constructs i.e. Tenant, Bridge domain, AP, EPG, Contracts, Filters to build a 3 tier application in ACI.
- Intersight SaaS platform account with Advantage licenses
- An Intersight Assist appliance that is connected to your Intersight environment.
- Terraform Cloud Business Tier Account
- ACI Fabric
- GitHub account to host your Terraform code.
Link to GitHub Repo https://github.com/majidstd/ACI-Terraform.git
Login into your Intersight organization account, Claim Target and select Terraform Cloud:
Then fill out the required information: Terraform Cloud Organization should be matched with Organization name in Terraform Cloud. Terraform Cloud Username/token will be your Terraform Cloud username and user token:
After claiming the Terraform Cloud, as you see in the images, claim Terraform Cloud Agent and fill out the required information:
As you can see Intersight Assist already filled out automatically as we already installed the Intersight Assist in our data center.
You should fill out the name, Agent pool and Managed host which in this scenario will be the network the APIC controller belong to.
After this step, you will have the Terraform Cloud Agent is showing connected.
Login into your Organization, go to setting, Agents. Make sure you have your agent is connected:
This means you agent is ready to accept and execute terraform codes.
Go to workspace and create a new workspace for this purpose. We created “aci-terraform-ist”(you can create any workspace name that you like)
Select the IST agent in the workspace setting to execute the Terraform codes by the agent
Set Terraform variables to use aka APIC host name, APIC username, APIC password etc. You can see variable is been used in this usecase. you can set yours based on your ACI and VMware virtual switch information.
-
For Execute the Terraform codes, connect the GitHub repo where the terraform configuration located. Files with *.tf extension will be executed by Terraform or a Terraform agent. You can check my GitHub repo I used: https://github.com/majidstd/ACI-Terraform
-
Create a New Terraform plan on Runs section:
-
Terraform will evaluate the codes. If the code is passed, it will show all accepted proposed configuration
After Confirm and apply, terraform will push the configuration into APIC with all desire configuration:
Please visit our repositories for more detail and other projects in automation and programability:
https://github.com/bay-infotech
We are working hard to bring more automation and programmability into community. Please contact us for more detail projects and solutions