Terraform with OneFuse: IPAM

Terraform

In this article we are going to walk through using OneFuse to reserve an IP address for use in a Terraform configuration. To do this we will create a new Terraform configuration that uses the OneFuse provider data source and resource for the IPAM policy we created as part of “Creating an IPAM Policy with OneFuse”.

By the end of this article we will have created a Terraform configuration that calls OneFuse and returns an IP Address, subnet, gateway, network, primary, & secondary DNS. While this will be a simple example we will build upon this in later articles to showcase the advanced capabilities offered by OneFuse as a platform.

Terraform with OneFuse: IPAM

Before we begin, there are prerequisites you will want to have ready.

Prerequisites

The OneFuse appliance should be deployed and configured, see the following articles if you need to walk through the OneFuse deployment and configuration.

Creating the Terraform Configuration

To begin we will need to initialize the OneFuse Terraform provider. To do this we will need the following statement:

Provider Declaration

terraform {
  required_providers {
    onefuse = {
      source  = "CloudBoltSoftware/onefuse"
      version = ">= 1.20.0"
   }
  }
  required_version = ">= 0.13"
}
provider "onefuse" {
  scheme     = "https"
  address    = "onefuse_fqdn"
  port       = "443"
  user       = "admin"
  password   = "admin"
  verify_ssl = "false"
}

The OneFuse Terraform provider is available in the Terraform Registry. By point to the source “CloudBoltSoftware/onefuse” Terraform will automatically download the OneFuse provider based on the required_version specified. In the example above that will be v1.20.0 or higher.

Data Source

Next, we need to leverage the OneFuse Provider Data Source to lookup the IPAM policy we would like to use. This will allow us to determine which policy we will be using by its name.

// OneFuse Data Source for IPAM Policy to lookup policy ID
data "onefuse_ipam_policy" "policy" {
  name = "default"
}

In the above example, I am using the “data” source type “onefuse_ipam_policy” to lookup the policy by the name “default” and store it as “policy” We will then be able to refer to the results as data.onefuse_ipam_policy.policy.

Resource

Next, we need to create a resource that will trigger Terraform to contact OneFuse to reserve the IP address and hold the results for use. To do this we will need the following declaration:

resource "onefuse_ipam" "ipam-record" {
  hostname = "test-bp-name"
  policy_id        = data.onefuse_ipam_policy.policy.id
  template_properties = {
      "dnsSuffix"             = "company.com"
  }
}

Here we are creating a resource that uses “onefuse_ipam” with the name “ipam-record”. We need to tell the resource the id for the policy we want to use. To do this we simple reference the data source we looked up. To get the id we reference “data.onefuse_ipam_policy.policy.id”

In the article “Creating an IPAM Policy with OneFuse” we created a IPAM policy that contains all the relevant network information.

When calling the resource “onefuse_ipam” we need to tell OneFuse what to use for the values for each of the variables that is used in the policy. This is done through the “tempalate_properties” input. In this case we need to pass the value for dnsSuffix which we added to the DNS Suffix field in the policy.

Output

If we want to see the results including the IP address that was reserved we can use the Terraform “output” declaration to output the IP Address, netmask, gateway, network, subnet, primary_dns, & secondary_dns after we run the plan. To do this we add the following declaration to the configuration.

// Output Results for IPAM Resources
output "ip_address" {
  value = onefuse_ipam_record.ipam-record.ip_address
}

output "netmask" {
  value = onefuse_ipam_record.ipam-record.netmask
}

output "gateway" {
  value = onefuse_ipam_record.ipam-record.gateway
}

output "network" {
  value = onefuse_ipam_record.ipam-record.network
}

output "subnet" {
  value = onefuse_ipam_record.ipam-record.subnet
}

output "primary_dns" {
  value = onefuse_ipam_record.ipam-record.primary_dns
}

output "secondary_dns" {
  value = onefuse_ipam_record.ipam-record.secondary_dns
}

Putting it all together

Our completed plan will look like the following:

terraform {
  required_providers {
    onefuse = {
      source  = "CloudBoltSoftware/onefuse"
      version = ">= 1.20.0"
   }
  }
  required_version = ">= 0.13"
}
 
// Inititalize OneFuse Provider
provider "onefuse" {
 
  scheme     = "https"
  address    = "onefuse12bp.company.com"
  port       = "443"
  user       = "admin"
  password   = "admin"
  verify_ssl = "false"
}
 
// OneFuse Data Source for IPAM Policy to lookup policy ID
data "onefuse_ipam_policy" "policy" {
  name = "default"
}
 
resource "onefuse_ipam" "ipam-record" {
  hostname = "test-bp-name"
  policy_id        = data.onefuse_ipam_policy.policy.id
  template_properties = {
      "dnsSuffix"             = "company.com"
  }
}
 
// Output Results for IPAM Resources
output "ip_address" {
  value = onefuse_ipam_record.ipam-record.ip_address
}
 
output "netmask" {
  value = onefuse_ipam_record.ipam-record.netmask
}
 
output "gateway" {
  value = onefuse_ipam_record.ipam-record.gateway
}
 
output "network" {
  value = onefuse_ipam_record.ipam-record.network
}
 
output "subnet" {
  value = onefuse_ipam_record.ipam-record.subnet
}
 
output "primary_dns" {
  value = onefuse_ipam_record.ipam-record.primary_dns
}
 
output "secondary_dns" {
  value = onefuse_ipam_record.ipam-record.secondary_dns
}

Applying the configuration

To apply this configuration we can perform the following:

  1. Init
    • terraform init
  2. Plan
    • terraform plan
  3. Apply
    • terraform apply
    • If you login to the OneFuse web ui, navigate to modules, IPAM and scroll down to Managed IP Addresses you will see your newly registered IP Addresses in the list.
  4. Destroy
    • terraform destroy

Once destroyed you will see the Managed IP Address in OneFuse has been removed and the reservation no longer exists.

For example terraform configurations visit our onefuse-examples in our GitHub repo.

Want to try OneFuse with Terraform for yourself? Check out the WWT HOL Accelerating Terraform with OneFuse.

Questions or comments? Visit our

Comments are closed.

Skip to toolbar