We start a brand new 12 months with a brand new Terraform VMware Cloud Director Supplier launch – 3.5.0 with assist for tenant operations for the NSX-T Superior Load Balancer (ALB) and lots of different options. (Be aware: the supplier a part of the ALB has been launched within the earlier launch.)
Extra manner of connecting to VCD with API Token
VCD 10.3.1 provides the aptitude of producing an API entry token for supplier and tenant. These tokens can’t be used on to authenticate in opposition to a VCD: customers ought to first alternate the token for a bearer token utilizing a REST API name after which join as standard with the brand new token. The VCD Terraform plugin 3.5.0, nonetheless, makes issues easier by exchanging the API token for a bearer token and use it transparently. All customers have to do is offering the next within the supplier block:
|
|
supplier “vcd” { person = “none” password = “none” api_token = “NsqWSrgFCHFWMdZJO1t3hmt9SwlOajAJ” # token acquired from administrator auth_type = “api_token”
# […] }
|
Potential to set Lease for a vApp
The vcd_vapp useful resource and corresponding knowledge supply add the flexibility of setting the lease interval for run time and storage. The lease is indicated in seconds. A lease of 0 signifies that the vApp takes the default lease because it was set within the mum or dad group.
|
|
useful resource “vcd_vapp” “my-vapp” { title = “my-vapp” # […] lease { runtime_lease_in_sec = 60 * 60 * 24 * 30 # extends the runtime lease to 30 days storage_lease_in_sec = 60 * 60 * 24 * 7 # extends the storage lease to 7 days } }
|
Preliminary VDC Group assist.
This launch provides means for suppliers and Org customers (with sure rights) to create and handle NSX-T VDC Teams. Here’s a fast instance on how to configure one utilizing Terraform:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
|
knowledge “vcd_org_vdc” “startVdc” { title = “existingVdc” } knowledge “vcd_org_vdc” “additionalVdc” { title = “oneMoreVdc” } useful resource “vcd_vdc_group” “new-vdc-group” { org = “myOrg” title = “newVdcGroup” description = “my description” starting_vdc_id = knowledge.vcd_org_vdc.startVdc.id participating_vdc_ids = [knowledge.vcd_org_vdc.startVdc.id, knowledge.vcd_org_vdc.additionalVdc.id] dfw_enabled = true default_policy_status = true }
|
Solely System Administrator and Org Customers with rights View VDC Group, Configure VDC Group, vDC Group: Configure Logging, Group vDC Distributed Firewall: Allow/Disable can handle VDC teams utilizing this useful resource.
NSX-T Superior Load Balancer
Terraform supplier VCD launch 3.4.0 launched assets to configure NSX-T ALB infrastructure for
suppliers. The newest launch 3.5.0 continued to evolve the NSX-T ALB assist, however this time it centered
on NSX-T Edge Gateway aspect of configuration. It’s now full with 4 new assets and knowledge sources in 3.5.0:
vcd_nsxt_alb_settings and vcd_nsxt_alb_edgegateway_service_engine_group nonetheless require supplier
interplay to allow ALB on a specific Edge Gateway, however vcd_nsxt_alb_pool and vcd_nsxt_alb_virtual_service
are made for tenants and that is the place precise load balancer configuration occurs.
Take a look at a brand new web page in our Guides part devoted for NSX-T ALB for an entire
overview and instance.
Here’s a temporary instance demonstrating how tenants can outline an NSX-T ALB Pool after which eat it
in digital service:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47
|
knowledge “vcd_nsxt_edgegateway” “current” { org = “my-org” vdc = “nsxt-vdc” title = “nsxt-gw” } knowledge “vcd_nsxt_alb_edgegateway_service_engine_group” “assigned” { org = “my-org” vdc = “nsxt-vdc” edge_gateway_id = knowledge.vcd_nsxt_edgegateway.current.id # This title comes from prerequisite setup (could be regarded up within the UI by tenants) service_engine_group_name = “assigned-service-engine-group-name” } useful resource “vcd_nsxt_alb_pool” “check” { org = “my-org” vdc = “nsxt-vdc” title = “first-pool” edge_gateway_id = knowledge.vcd_nsxt_edgegateway.current.id default_port = “9000” member { ip_address = “192.168.1.1” } } useful resource “vcd_nsxt_alb_virtual_service” “check” { org = “my-org” vdc = “nsxt-vdc” title = “first-virtual-service” edge_gateway_id = knowledge.vcd_nsxt_edgegateway.current.id pool_id = vcd_nsxt_alb_pool.check.id service_engine_group_id = knowledge.vcd_nsxt_alb_edgegateway_service_engine_group.assigned.service_engine_group_id virtual_ip_address = tolist(knowledge.vcd_nsxt_edgegateway.current.subnet)[0].primary_ip application_profile_type = “HTTP” service_port { start_port = 80 kind = “TCP_PROXY” } }
|
Potential to configure Certificates
Certificates within the Certificates library can be utilized when creating secured providers.
That is how simple it’s so as to add one:
|
|
useful resource “vcd_library_certificate” “new-certificate” { org = “myOrg” alias = “SAML certificates” description = “my description” certificates = file(“/residence/person/cert.pem”) private_key = file(“/residence/person/key.pem”) private_key_passphrase = “passphrase” }
|
Please see examples the best way to reference them within the new Load Balancer assets right here:
Extra info
As standard, there’s greater than that – please see full changelog for the total image.
Additionally, documentation:
https://registry.terraform.io/suppliers/vmware/vcd/newest/docs
And, as all the time with the brand new Terraform VCD Supplier launch, we’ve got launched a brand new model of the govcd library (Go language library for VCD). If you happen to’re creating a VCD shopper with Go, please replace:
https://github.com/vmware/go-vcloud-director/releases/tag/v2.14.0
https://github.com/vmware/go-vcloud-director/blob/v2.14.0/CHANGELOG.md
