Terraform is really focused on delivering automation to cloud providers like AWS, Azure, Google and others. If you were to look for examples in Terraforms site, most are directly related to Public Cloud Providers. So how does this relate to Cisco? With the ACI module, Cisco has focused resources on the development of this infrastructure plugin for Terraform to satisfy requirements to our Cloud APIC product and customers that use Terraform for their cloud deployments. These customers requested to Cisco that this be developed to assist with the deployment of infrastructure connections between private and cloud networks.

Terraform (CLI) allows the user to execute the configuration files that are written in HashiCorp Configuration Language (HCL) with the extension of .tf files. This is important because the Terraform CLI then allows the user to apply subcommands like init, deploy, destroy or plan in order to deploy the desired task.

Terraform Init: Is the initial command that the user will run under the Configuration files to initialized the working directory. This command will check the configuration files and download the necessary provider plugins.

Terraform Plan: This command allows the user to create an execution plan. This command is very useful because allows the user to check and compare if the execution plan matches the desired intent of the plan.

Terraform Apply: This is the command that applies the changes to execute the desired state of the configuration.

Terraform Destroy: This is the command that allows the user to "destroy" (delete) the Terraform managed infratrusture.

Terraform leverages the configuration files to describe the desired state of the infrastructure (AWS, GCP, ACI, etc) to generate an execution plan that describes what Terraform needs to do in order to obtain the state the user wants. After this is done the user can apply these changes in order for Terraform start executing the necessary tasks.

Components

There are some important concepts to understand about the Terraform configuration files. These are Resource that control of creation of the infrastructure that we wish to manage. Data is a read operation to gather information and reference that is needed to create resources. The Provider section simply identifies what Terraform is going to use as backend software to perform the function defined in the configuration files.

Resource

According to Terraform, Resources are the most important element in the Terraform language. Resource block represents an infrastructure object like ACI, VMW, AWS. Resource block requires to have a resource type and resource name, they must contain unique names. We will be covering these concepts in the next sections.

What about Ansible?

One of the first questions that is asked when looking at Terraform is how does it compare to other automation tools like Ansible. At a high level, a clear differentation is that Terraform mantains states while Ansible simply executes a series of steps defined in playbooks.

Should a user pick one over the other? The answer is actually both Ansible and Terraform while having some concepts in common, actually complement each other. A very high level diagram compairing the two would look similar to this:

The key way to view how they complement is that Terraform is very good at creating the infrastructure. This is creating the virtual machines in the cloud, the network infrastructure for those virtual machines. Ansible is better at going into these virtual machines and setting them up properly to the requirements of applications that are running on top.

Cisco has created the Terraform modules to assist customers that are using ACI on private networks and doing connections to the cloud via ACI Anywhere. ACI provides an architecture for connecting private clouds to public clouds via secure IP tunnels allowing connectivity of resources in both public and private cloud seamless to Cisco ACI customers.

These terraform modules allow you to deploy ACI infrastructure both on local private clouds and public clouds like AWS and Azure.