Infrastructure as Code (IaC) is a technique that has been used widely in recent years to reduce workloads and operational errors by automating infrastructure implementation. In IaC world, implementation work is replaced from design document + manual work to machine-readable definition file (code) + automation tool.
IaC provides the following advantages:
- After the code is written, it can be shared and reused by anyone.
- Version control can be applied to the code, same as the software.
- Design and implementation of the infrastructure can be reviewed by the code without modifying the actual hardware.
This article describes how to integrate multiple automation tools on Terraform & Service Automation, so that you can connect fragmented automations to further improve operational efficiency. Using Terraform & Service Automation, you can easily integrate multiple automation tools in a graphical user interface.
There are various automation tools such as Chef, Ansible, Terraform, and so on and each of these tools has its own advantages and disadvantages. Enterprises need to find a way to integrate the different automation capabilities their teams use because extensive automation supports digital transformation by enabling rapid provisioning of the entire infrastructure and reusable automation assets.
|Terraform||Is suitable for provisioning and configuring virtual servers including Amazon Web Services (AWS), IBM® Cloud®, VMWare®, IBM Power Systems™, and so on|
Integration using IaC
Various teams in your organization might have built automation tools to meet the requirements of their teams. However, the availability of an automation platform enables you to integrate the different automation tools and thus make it available for use across teams in the organization.
Integrating multiple tools could also help you automate broader parts of the IT infrastructure in a multiplatform hybrid cloud environment. It can enable rapid end-to-end automatic provisioning, reduce communication errors, and eliminate time spent due to task dependencies.
There are several ways to achieve this kind of cross-organizational automation. For example, the Terraform & Service Automation feature included in IBM Cloud Pak® for Multicloud Management makes it easy to integrate multiple tools. You can integrate tools on the graphical interface of Service Composer. Service Composer is provided on Terraform & Service Automation to create a design for connecting the automation tools. This helps you achieve more advanced automation without wasting past investments and enables the orchestration of a series of systems across multiple IT infrastructures.
Here are a few other scenarios:
Launching other automation tools from one automation tool: This allows you to run multiple automation tools in serial. However, it is not easy to pass information among tools.
Creating a program that relays each tool: This method requires the development of tools from scratch, and this involves a lot of effort. In addition, every time a new automation tool needs to be integrated, a new development is required.
This article introduces a method using Terraform & Service Automation.
Example scenario: Integration of Terraform and Ansible on IBM Cloud Pak for Multicloud Management
Terraform & Service Automation is an add-on module for Cloud Pak for Multicloud Management that enables provisioning of virtual servers. It covers not only on-premises environments such as IBM Power Systems, x86, and IBM Z®, but also cloud environments such as IBM Cloud and AWS. In addition, you can integrate Terraform, Ansible, Chef, REST APIs, and others on the Terraform & Service Automation module.
In this article, I’ll show you a simple scenario where we deploy an IBM AIX® environment utilizing Terraform and IBM PowerVC and then configure it with Ansible. To run this scenario, we’ll prepare the environment as shown in Figure 1. The main components that make up this environment are explained in Table 1. Refer to the Appendix for the installation procedure.
Table 1: Components used in the scenario
|PowerVC||Tool to provision storage and logical partition (LPAR) for IBM Power Systems|
|CP4MCM||Cloud Pak for Multicloud Management|
|Terraform & Service Automation||Add-on for Cloud Pak for Multicloud Management to run Terraform template and integrate with Chef, Ansible, and other tools. Terraform is often used for provisioning virtual servers.|
|Ansible, Ansible Tower||Automation tool for configuration management, application deployment, provisioning, and so on.|
Figure 1: Logical configuration of example scenario
Note: This article is based on Cloud Pak for Multicloud Management 1.3. The latest version, Cloud Pak for Multicloud Management 2.0, provides the same automation.
This scenario can be accomplished by performing the following tasks:
Prepare a Terraform template to deploy AIX LPAR.
We’ll use a Terraform template to create an AIX LPAR using PowerVC. The template can also be created using the Template Designer tool provided with Terraform & Service Automation, but a sample template, named IBM PowerVC Single Virtual Machine Example, is available. If you have an Internet connection for Cloud Pak for Multicloud Management, it is registered in the template library of Terraform & Service Automation. In an isolated environment, you can download and import it from the following GitHub repository: IBM PowerVC Single Virtual Machine example.
Terraform & Service Automation allows you to specify runtime parameters on the GUI. Terraform doesn’t provide GUI, so this is one of advantages to use Terraform & Service Automation. This parameter can be supplied from other tools in addition to the GUI.
Figure 2: Deploy imported Terraform template on Terraform & Service Automation
Prepare an Ansible playbook and configure Ansible Tower to run the playbook as a job.
The Ansible modules required to configure AIX and Power Systems are available in Ansible Galaxy for power_aix. We can use the modules and create a new user in AIX in the playbook. In this playbook (refer to Example 1), we use the
wait_for_connectionmodule to wait for the AIX LPAR created in step 1 to be started. Also, we can create a new user with the user module.
Example 1: Sample playbook to create a new user on AIX
- hosts: all become: yes gather_facts: False tasks: - name: Wait 300 seconds for target connection to become reachable wait_for_connection: timeout: 300 - name: Create user aixguest1010 user: state: present name: htanaka change_passwd_on_login: False password: "01.BCzrhYIrz. attributes: home: /home/test/aixguest1010 data: 1272
After the playbook is tested, we can register it as a job in Ansible Tower. Then Terraform & Service Automation can run the playbook using Ansible Tower (see Figure 3).
Figure 3: AIX Playbook registered to Ansible Tower as a job
Integrate the Terraform template and the Ansible playbook on service.
Finally, we need to create a new service. The service acts like a canvas that integrates each component. We can integrate each component by placing the Terraform template, Ansible Playbook, and so on, on the service and linking the necessary parameters. In this scenario, we integrate three components on the service (as shown in Figure 4). The first component is the Terraform template, which creates a new AIX LPAR through PowerVC. The next component adds the IP address of the AIX to Ansible inventory. Finally, we run the Ansible Playbook and create a user on the AIX system that was added to the inventory. These components are linked to each other by the service, and parameters including the IP address and the name of the inventory are passed to the next component.
Figure 4: Integrate Terraform and Ansible on service
Run the service.
Now you can deploy the newly created service. You will be prompted to enter the necessary parameters for running the service. Once entered, the components registered to the service run in a sequence, and a preconfigured AIX LPAR is built automatically.
In this scenario, we have integrated two automation tools used by two separate teams. This automation can significantly reduce build time, cost, and configuration errors. Moreover, if an AIX LPAR is needed for another application, you can easily reuse this service with just a few changes, and save the design and build effort.
The future of IaC
This example shows a simple automation on the IBM Power Systems infrastructure, but you can also automate the following scenarios:
- Install and configure middleware and applications
- Build solutions that span multiple platforms such as x86, Power Systems, and IBM Z
- Build infrastructure in a hybrid cloud environment that includes IBM Cloud and AWS
This automation will also make it easier to build a disaster recovery environment, and the automation asset can be used for migrating to new hardware or cloud environments. The rapid build-out and migration process should greatly help customers accelerate their digital transformation.
You can choose online installation or offline installation for Red Hat® OpenShift® Container Platform, Cloud Pak for Multicloud Management and Terraform automation. “Online” means you have connection to the internet directly or through a proxy server. Though online installation is the easiest method, you can also perform offline installation, that is, without internet connection. For offline installation of OpenShift Container Platform, you need to prepare a mirror image of Red Hat’s container registry. Also, for Cloud Pak for Multicloud Management and Terraform automation, you need to download software images from the IBM Passport Advantage website. Check out the following references for further details.
Installation procedure (for both online and offline) of Ansible Tower is the same. You need to install Ansible Tower on the x86 architecture. Ansible itself supports Power Systems.
IBM solutions for automation success
IBM Cloud Pak for Multicloud Management provides consistent visibility, governance, and automation from on-premises to the edge computing. Enterprises gain capabilities such as multicluster management, event management, application management, and infrastructure management.
IBM Lab Services offers training and services for automation technologies on IBM Power Systems, IBM Power Systems Virtual Server, IBM Z, and LinuxONE. If you are interested in talking about how to deploy blockchain technology, contact us today.