Terraform automation: Control center (Stepstone, DNS, NTP, AD, Etc.) and Terraform automation: NAS Server (CIFS, NFS, Etc.): Difference between pages

From Iwan
(Difference between pages)
Jump to: navigation, search
No edit summary
 
No edit summary
 
Line 1: Line 1:
The control center VM will have different functions within the nested labs.
To provide storage services inside each lab environment I have created a FreeNAS server VM that will be pr-deployed and pre-configured so that it can be cloned into different lab environments.
The main purpose will be that this VM will be the stepstone to perform management inside the nested lab and access all the internal lab resources and services.
This is nothing new, as we are also doing this with other VM's within the nested virtual lab environment like with the vCenter Server, the Control Server and the Cumulus network infrastructure VM’s.
Because all traffic will not be routed outside the nested lab we need to have a control point.
The control center VM will also offer AD, DNS and NTP services.


This VM is also pre-prepared with a Windows 2019 Server installation and various services are configured and different software is pre-installed.
== Installation ==


This is the list of the services I have installed and configured together with the software installs:
The first step is to get the .ISO file that I will need to do a fresh install of FreeNAS,
I downloaded this [https://www.freenas.org/download-freenas-release/](https://www.freenas.org/download-freenas-release/ here].


* Enable Remote Desktop
I deployed a new virtual machine with the following specs/parameters:
** [https://computingforgeeks.com/how-to-enable-remote-desktop-protocol-rdp-on-windows-server-2019/ Enable RDP on Windows 2019 Server]
* Name = “nas-template”
* Turn off all Personal Firewalls
* Guest OS Family = "Other"
** [https://www.faqforge.com/windows-server-2016/turn-off-firewall-windows-server-2016/ How to Turn Off Firewall in Windows Server 2016]
* Guest OS Version = "FreeBSD 11 64-bit"
* Install Windows Updates
* CPU = 4
** [https://medium.com/@tkolber/patching-windows-server-2019-core-with-windows-update-e22aef78b8c9 Patching Windows Server 2019 Core with Windows Update]
* RAM = 8 GB
* Install VMware Tools
* HD1 = 8 GB (used for OS install)
** [https://kb.vmware.com/s/article/1018377 VMware Knowledge Base]
* HD2 = 500 GB (used for storage)  
* Change the hostname to “control”
** [https://www.server-world.info/en/note?os=Windows_Server_2019&p=initial_conf&f=3 Windows Server 2019 : Initial Settings : Change Computer Name]
* Configure AD
** [https://www.youtube.com/watch?v=h3sxduUt5a8 Setting up Active Directory in Windows Server 2019 (Step By Step Guide)]
* Configure DNS for domain “lab.local”
** [https://computingforgeeks.com/install-and-configure-dns-server-in-windows-server/ Install and Configure DNS Server on Windows Server 2019]
** Also make sure you configure an “A” record for vcsa.lab.local -> 192.168.11.10
* Configure NTP Server
** [https://docs.microsoft.com/en-us/windows-server/networking/windows-time-service/windows-time-service-tools-and-settings Windows Time service tools and settings]
* Install RoyalTSX
** [https://www.royalapps.com/ts/mac/download Royal Apps]
* Install Google Chrome
** [https://www.google.com/chrome/ Google Chrome]
* Install Putty
** [https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html Download PuTTY]
* Install Notepad ++
** [https://notepad-plus-plus.org/downloads/ Notepad++]
* Install Visual Studio Code
** [https://code.visualstudio.com/download Download Visual Studio Code - Mac, Linux, Windows]
* Install Gitkraken
** [https://www.gitkraken.com/download/mac GitKraken]
* Install PowerCLI
** [https://www.vladan.fr/how-to-install-vmware-powercli-via-powershell/ How To Install VMware PowerCLI via PowerShell]
* Install WinSCP
** [https://winscp.net/eng/download.php WinSCP Download]
* Install DeamonTools
** [https://www.daemon-tools.cc/downloads Download DAEMON Tools]
* Install Postman
** [https://www.postman.com/downloads/ Download Postman App]
* Install RVTools
** [https://www.robware.net/rvtools/download/ RVTools - Download]
* Install Chocolatey (Windows Package Manager)  
**  [https://chocolatey.org/](https://chocolatey.org/ Chocolatey Install]
* Install Terraform through the Chocolatey windows package manager
** [https://chocolatey.org/packages/terraform/0.11.14 Chocolatey Software | Terraform 0.11.14]
** [https://chocolatey.org/packages/terraform Chocolatey Software | Terraform 0.12.21]
* Change password policies and make sure passwords never expire or need to be changed
** [http://dalaris.com/how-to-change-password-complexity-policy-on-a-windows-server/ Change password policies windows server]


After the Windows 2019 Server VM is fully installed and the services are preconfigured and the software is pre-installed we can start cloning it using the below Terraform script:
During installation choose to boot from BIOS:
 
[[File:installer-boot-mode.png]]
 
You can log in with the username `root`  and the password you provided during the installation wizard.
After the initial installation and the first FreeNAS boot  a console will pop up where you can configure network settings like IP address, gateway and DNS.
This is called the “Network console".
If you shut down the console (like I did not by intention) you can always start it with `/etc/netcli` .
 
{{note|Full installation steps for FreeNAS can be found [https://www.ixsystems.com/documentation/freenas/11.3-U1/install.html here].}}
 
Log in to the GUI after setting the IP address with  `root`  and the password that you provided during the initial installation.
 
== Adding a new disk pool ==
In order to use storage space the first step in FreeNAS is to create a new “Disk” Pool:
 
[[File:screenshot_1530.png|600px]]
 
== Create share and enable NFS ==
When we have a disk pool we can create a share and enable a filesharing service, in my case NFS.
 
Create a Share and enable the NFS service:
 
[[File:screenshot_1531.png|600px]]
 
At this point you would say that it is good to configure the new NFS Datastore directly into the vCenter Server.
This is not possible yet, as we first need to configure the Datacenter, Hosts and Clusters.
This is something we will do in a later script.
 
Now that the initial NAS is finished we can start to create the terraform script for cloning.


{{console|body=
{{console|body=
Line 68: Line 58:
'''CLICK ON EXPAND ===> ON THE RIGHT ===> TO SEE THE OUTPUT (terraform.tfvars code) ===>''' :
'''CLICK ON EXPAND ===> ON THE RIGHT ===> TO SEE THE OUTPUT (terraform.tfvars code) ===>''' :
<div class="mw-collapsible-content">{{console|body=
<div class="mw-collapsible-content">{{console|body=
vsphere_user = “administrator@vsphere.local”
vsphere_user = “administrator@vsphere.local"
vsphere_password = “<my vCenter Server Password>
vsphere_password = “<my vCenter Server Password>"
vsphere_server = "vcsa-01.home.local"
vsphere_server = “vcsa-01.home.local”
vsphere_datacenter = “HOME”
vsphere_datacenter = “HOME”
vsphere_datastore = “vsanDatastore”
vsphere_datastore = “vsanDatastore”
vsphere_resource_pool = “Lab1”
vsphere_resource_pool = “Lab1”
vsphere_network = “L1-APP-MGMT11”
vsphere_network = “L1-APP-MGMT11”
vsphere_virtual_machine_template = “control-template”
vsphere_virtual_machine_template = “nas-template”
vsphere_virtual_machine_name = “l1-control”
vsphere_virtual_machine_name = “l1-nas”
}}</div>
}}</div>
</div>
</div>
Line 85: Line 75:
<div class="mw-collapsible-content">{{console|body=
<div class="mw-collapsible-content">{{console|body=
# vsphere login account. defaults to admin account
# vsphere login account. defaults to admin account
variable “vsphere_user" {
variable "vsphere_user" {
   default = "administrator@vsphere.local"
   default = "administrator@vsphere.local”
}
}


Line 124: Line 114:
<div class="mw-collapsible-content">{{console|body=
<div class="mw-collapsible-content">{{console|body=
provider “vsphere” {
provider “vsphere” {
   user          = ${var.vsphere_user}
   user          = "${var.vsphere_user}"
   password      = "${var.vsphere_password}"
   password      = "${var.vsphere_password}
   vsphere_server = "${var.vsphere_server}”
   vsphere_server = ${var.vsphere_server}”
   allow_unverified_ssl = true
   allow_unverified_ssl = true
}
}
Line 151: Line 141:
data “vsphere_virtual_machine” “template” {
data “vsphere_virtual_machine” “template” {
   name          = “${var.vsphere_virtual_machine_template}”
   name          = “${var.vsphere_virtual_machine_template}”
   datacenter_id = “${data.vsphere_datacenter.dc.id}
   datacenter_id = “${data.vsphere_datacenter.dc.id}"
}
}


resource “vsphere_virtual_machine” “cloned_virtual_machine” {
resource "vsphere_virtual_machine" "cloned_virtual_machine” {
   name            = “${var.vsphere_virtual_machine_name}”
   name            = “${var.vsphere_virtual_machine_name}”


   wait_for_guest_net_routable = false
   wait_for_guest_net_routable = false
   wait_for_guest_net_timeout = 0
   wait_for_guest_net_timeout = 0
  # Important of Terraform will set BIOS by default - Fix below
  firmware = “efi”


   resource_pool_id = “${data.vsphere_resource_pool.pool.id}”
   resource_pool_id = “${data.vsphere_resource_pool.pool.id}”
   datastore_id    = “${data.vsphere_datastore.datastore.id}”
   datastore_id    = “${data.vsphere_datastore.datastore.id}”
   num_cpus = 2
   num_cpus = 4
   memory  = 8192
   memory  = 8192


Line 182: Line 169:
   disk {
   disk {
     label = “disk0”
     label = “disk0”
     size  = “80”
     size  = “8”
  #  unit_number = 0
  #  unit_number = 0
   }
   }
  disk {
    label = “disk1”
    size  = “500”
    unit_number = 1
  }
   clone {
   clone {
     template_uuid = “${data.vsphere_virtual_machine.template.id}”
     template_uuid = “${data.vsphere_virtual_machine.template.id}”
Line 191: Line 185:
}}</div>
}}</div>
</div>
</div>
So we are ready to execute the terraform code on a per-directory basis.


Validate your code:
Validate your code:
{{console|body=
{{console|body=
ihoogendoor-a01:#Test iwanhoogendoorn$ tfenv use 0.11.14
ihoogendoor-a01:#Test iwanhoogendoorn$ tfenv use 0.12.24
[INFO] Switching to v0.11.14
[INFO] Switching to v0.12.24
[INFO] Switching completed
[INFO] Switching completed
ihoogendoor-a01:Test iwanhoogendoorn$ terraform validate
ihoogendoor-a01:Test iwanhoogendoorn$ terraform validate
Line 216: Line 208:
ihoogendoor-a01:Test iwanhoogendoorn$ terraform destroy
ihoogendoor-a01:Test iwanhoogendoorn$ terraform destroy
}}
}}
== Sources ==
* [https://www.youtube.com/watch?v=QeKJ2dmJTcI Source 1]
* [https://www.christitus.com/setup-freenas-11/ Source 2]


[[Category:Articles]]
[[Category:Articles]]

Revision as of 21:19, 12 January 2024

To provide storage services inside each lab environment I have created a FreeNAS server VM that will be pr-deployed and pre-configured so that it can be cloned into different lab environments. This is nothing new, as we are also doing this with other VM's within the nested virtual lab environment like with the vCenter Server, the Control Server and the Cumulus network infrastructure VM’s.

Installation

The first step is to get the .ISO file that I will need to do a fresh install of FreeNAS, I downloaded this [1](https://www.freenas.org/download-freenas-release/ here].

I deployed a new virtual machine with the following specs/parameters:

  • Name = “nas-template”
  • Guest OS Family = "Other"
  • Guest OS Version = "FreeBSD 11 64-bit"
  • CPU = 4
  • RAM = 8 GB
  • HD1 = 8 GB (used for OS install)
  • HD2 = 500 GB (used for storage)

During installation choose to boot from BIOS:

Installer-boot-mode.png

You can log in with the username `root` and the password you provided during the installation wizard. After the initial installation and the first FreeNAS boot a console will pop up where you can configure network settings like IP address, gateway and DNS. This is called the “Network console". If you shut down the console (like I did not by intention) you can always start it with `/etc/netcli` .

Note

Full installation steps for FreeNAS can be found here.

Log in to the GUI after setting the IP address with `root` and the password that you provided during the initial installation.

Adding a new disk pool

In order to use storage space the first step in FreeNAS is to create a new “Disk” Pool:

Screenshot 1530.png

Create share and enable NFS

When we have a disk pool we can create a share and enable a filesharing service, in my case NFS.

Create a Share and enable the NFS service:

Screenshot 1531.png

At this point you would say that it is good to configure the new NFS Datastore directly into the vCenter Server. This is not possible yet, as we first need to configure the Datacenter, Hosts and Clusters. This is something we will do in a later script.

Now that the initial NAS is finished we can start to create the terraform script for cloning. 

❯ tree
├── main.tf    
├── terraform.tfvars
├── variables.tf

terraform.tfvars

CLICK ON EXPAND ===> ON THE RIGHT ===> TO SEE THE OUTPUT (terraform.tfvars code) ===> : 

vsphere_user = “administrator@vsphere.local"
vsphere_password = “<my vCenter Server Password>"
vsphere_server = “vcsa-01.home.local”
vsphere_datacenter = “HOME”
vsphere_datastore = “vsanDatastore”
vsphere_resource_pool = “Lab1”
vsphere_network = “L1-APP-MGMT11”
vsphere_virtual_machine_template = “nas-template”
vsphere_virtual_machine_name = “l1-nas”

variables.tf

CLICK ON EXPAND ===> ON THE RIGHT ===> TO SEE THE OUTPUT (variables.tf code) ===> : 

root # vsphere login account. defaults to admin account
variable "vsphere_user" {
  default = "administrator@vsphere.local”
}

root # vsphere account password. empty by default.
variable “vsphere_password” {
  default = “<my vCenter Server Password>” 
}

root # vsphere server, defaults to localhost
variable “vsphere_server” {
  default = “vcsa-01.home.local”
}

root # vsphere datacenter the virtual machine will be deployed to. empty by default.
variable “vsphere_datacenter” {}

root # vsphere resource pool the virtual machine will be deployed to. empty by default.
variable “vsphere_resource_pool” {}

root # vsphere datastore the virtual machine will be deployed to. empty by default.
variable “vsphere_datastore” {}

root # vsphere network the virtual machine will be connected to. empty by default.
variable “vsphere_network” {}

root # vsphere virtual machine template that the virtual machine will be cloned from. empty by default.
variable “vsphere_virtual_machine_template” {}

root # the name of the vsphere virtual machine that is created. empty by default.
variable “vsphere_virtual_machine_name” {}

main.tf

CLICK ON EXPAND ===> ON THE RIGHT ===> TO SEE THE OUTPUT (main.tf code) ===> : 

provider “vsphere” {
  user           = "${var.vsphere_user}"
  password       = "${var.vsphere_password}”
  vsphere_server = “${var.vsphere_server}”
  allow_unverified_ssl = true
}

data “vsphere_datacenter” “dc” {
  name = “${var.vsphere_datacenter}”
}

data “vsphere_datastore” “datastore” {
  name          = “${var.vsphere_datastore}”
  datacenter_id = “${data.vsphere_datacenter.dc.id}”
}

data “vsphere_resource_pool” “pool” {
  name          = “${var.vsphere_resource_pool}”
  datacenter_id = “${data.vsphere_datacenter.dc.id}”
}

data “vsphere_network” “network” {
  name          = “${var.vsphere_network}”
  datacenter_id = “${data.vsphere_datacenter.dc.id}”
}

data “vsphere_virtual_machine” “template” {
  name          = “${var.vsphere_virtual_machine_template}”
  datacenter_id = “${data.vsphere_datacenter.dc.id}"
}

resource "vsphere_virtual_machine" "cloned_virtual_machine” {
  name             = “${var.vsphere_virtual_machine_name}”

  wait_for_guest_net_routable = false
  wait_for_guest_net_timeout = 0

  resource_pool_id = “${data.vsphere_resource_pool.pool.id}”
  datastore_id     = “${data.vsphere_datastore.datastore.id}”
  num_cpus = 4
  memory   = 8192

  #num_cpus = “${data.vsphere_virtual_machine.template.num_cpus}”
  #memory   = “${data.vsphere_virtual_machine.template.memory}”

  guest_id = “${data.vsphere_virtual_machine.template.guest_id}”

  scsi_type = “${data.vsphere_virtual_machine.template.scsi_type}”

  network_interface {
    network_id   = “${data.vsphere_network.network.id}”
    adapter_type = “${data.vsphere_virtual_machine.template.network_interface_types[0]}”
  }

  disk {
    label = “disk0”
    size  = “8”
 #   unit_number = 0
  }

  disk {
    label = “disk1”
    size  = “500”
    unit_number = 1
  }

  clone {
    template_uuid = “${data.vsphere_virtual_machine.template.id}”
  }
}

Validate your code: 

ihoogendoor-a01:#Test iwanhoogendoorn$ tfenv use 0.12.24
[INFO] Switching to v0.12.24
[INFO] Switching completed
ihoogendoor-a01:Test iwanhoogendoorn$ terraform validate

Plan your code: 

ihoogendoor-a01:Test iwanhoogendoorn$ terraform plan

Execute your code to implement the Segments: 

ihoogendoor-a01:Test iwanhoogendoorn$ terraform apply

When the segments need to be removed again you can revert the implementation: 

ihoogendoor-a01:Test iwanhoogendoorn$ terraform destroy

Sources

Retrieved from "http://www.iwanhoogendoorn.nl/index.php?title=Terraform_automation:_Control_center_(Stepstone,_DNS,_NTP,_AD,_Etc.)&oldid=93"