We’ve been hard at work on our Brightbox Terraform provider over the last few weeks and I thought I’d write up some of the improvements.
Terraform is a tool to manage your “infrastructure as code” — define all your Cloud Servers, Firewalls, SQL instances etc. and terraform will handle creating and configuring them all, handling the dependencies along the way. If you’re new to Terraform, we have a guide to get you up and running.
You can now manage API Clients and Orbit Containers through terraform. Coupled together, you can now easily setup an Orbit Container and grant access to a new API Client. Take this example that sets up an Orbit Container for use with our new Docker Container Registry service:
resource "brightbox_api_client" "cro" {
name = "myapp container images pull access"
permissions_group = "storage"
}
resource "brightbox_container" "ctrimages" {
name = "myapp_ctrimages"
container_read = ["${brightbox_api_client.cro.account}:${brightbox_api_client.ctrimages.id}"]
}
output "api client credentials" {
value = "${brightbox_api_client.cro.id} ${brightbox_api_client.cro.secret}"
}
Our resources now support custom timeouts, for both create and delete operations. So, for example, if you have a specific resource you know takes a long time to build (perhaps because you’re using a huge Cloud Server or Cloud SQL snapshot image), you can tell Terraform to expect it:
resource "brightbox_server" "example" {
type = "typ-xxxxx"
image = "img-yyyyy"
timeouts {
create = "20m"
}
}
We now support importing all resource types (Servers, Cloud SQL instances, Cloud IPs, Orbit Containers, API Clients, so you can take an existing cluster you built manually and bring it under the management of Terraform.
For example, say you have a Cloud SQL instance
with id dbs-aaaaa
, just define it in your terraform manifest:
resource "brightbox_database_server" "mydb" {
name = "mydb"
allow_access = ["grp-xxxxx", "grp-yyyyy"]
database_engine = "mysql"
database_type = "dbt-zzzzz"
database_version = 5.7
maintenance_hour = 6
maintenance_weekday = 0
snapshots_schedule = "0 5 * * *"
}
And then use the import command to link it to the existing instance:
$ terraform import brightbox_database_server.mydb dbs-aaaaa
The only real limitation is that some secrets, such as Cloud SQL instance admin passwords and API Client secrets are only available from our API at create-time, so Terraform won’t know them. (You can add these by editing your Terraform state file, but that is a delicate operation and usually discouraged! So beware!)
Oh, and as you can see, we now support managing the snapshot schedule!
Cloud SQL snapshots are now available as a data source, so you can build new Cloud SQL instances from specific snapshots. So, for example, to build a Cloud SQL instance from the most recent snapshot:
data "brightbox_database_snapshot" "today" {
name = "mydb"
most_recent = true
}
resource "brightbox_database_server" "mydb" {
name = "mydb"
database_type = "dbt-zzzzz"
snapshot = "${brightbox_database_snapshot.today.id}"
}
As you can see we’ve been busy. We’re using Terraform internally at Brightbox more and more, and while there are some quirks, it’s becoming an invaluable tool. We hope you’ll find it just as useful.