Author: Mrigank Gupta
Introduction
In the realm of network automation and infrastructure management, Infoblox has been a frontrunner, reliably and consistently providing cutting-edge solutions to simplify and streamline complex network assignments. With the most recent update v2.6 of the Infoblox IPAM Driver for Terraform, users can anticipate even greater efficiency, flexibility and control over their network resources. Let`s delve into this update’s exciting new features and enhancements.
Terraform is a widely used popular infrastructure-as-code software tool created by HashiCorp. Users define and provide data center infrastructure using a declarative configuration language known as HashiCorp Configuration Language, or optionally, JSON, which lets you build, change and version cloud and on-prem resources safely and efficiently. We always fix bugs with our latest updates and try to enhance the user experience, but this time there are also some additions to it.
Terraform-Infoblox Integration
A provider plugin for Terraform that makes it possible to manage Infoblox NIOS (Network Identity Operating System) resources using Terraform infrastructure-as-code solutions is now available. The plugin enables lifecycle management of Infoblox NIOS DDI resources. The Infoblox IPAM Plugin for Terraform interfaces with Infoblox vNIOS through REST API to provide IP Address Management and DNS Services. Instead of manually provisioning IP addresses and DNS records for network devices and interfaces in your infrastructure, the Infoblox IPAM Plugin for Terraform automates IPAM processes. The latest version of Infoblox provider is v2.6.
Available Resources
Currently, Terraform resources can be broadly divided into two categories: Terraform Resources and Data Sources. A Terraform resource constitutes a resource block that describes one or more NIOS Grid objects, such as a network container. A Terraform Data Source allows data to be fetched or computed for use elsewhere in the Terraform configuration. With Data Sources, Terraform configuration is built on information defined outside of Terraform or by a separate Terraform configuration.
To perform a fetch, create, read, update or delete operation on a NIOS object, you must define the appropriate resource block in the Terraform configuration (.tf) file. The following topics detail the resources and data sources supported by Infoblox IPAM Plug-In version 2.5 for Terraform and include appropriate examples of blocks that must be defined in the configuration file. For more details on Terraform’s available resources and Data Sources, visit Infoblox Plug-in for Terraform.
Recent Developments, Additions and Updates
Drift Managment via Terraform Internal ID
Infoblox IPAM Plug-In for Terraform uses Terraform Internal ID, an extensible attribute created in NIOS to manage operations performed on resource objects supported by the plug-in. In earlier versions of this plug-in, this was present, but whenever there was a change in object/resource properties, i.e., any change via NIOS WAPI or GUI modifications, the Terraform Internal ID for that object would be changed in the NIOS GUI — but not on the tfstate file on your local machines where you would have kept a record of your object/resource. Now, whenever you would like to further use your same resource/object via Terraform Internal ID, it won’t be possible to overcome this so we came up with a solution where we will attach a Google UUID to every object created, and it will remain with that for it’s complete lifecycle.
UUID stands for Universally Unique Identifier. It is a 128-bit value used for a unique identification Foundation (OSF).
UUIDs provide uniqueness as they generate IDs based on time, cursor movement, system hardware (MAC, etc.), etc.
As a result, it is very likely that UUIDs are unique across space and time and are very difficult to guess as it is based on numerous factors.
Advantages of UUID:
- It can be used as a general utility to generate a unique random id
- It can also be used in cryptography and hashing applications
- It is useful in generating random documents, addresses, etc.
Management of Drift State in Terraform
Infoblox IPAM Plug-In for Terraform has the capacity to track and manage drift state that’s caused due to a jumble within the reference ID of an object/resource saved within the Terraform state (.tfstate) file with that of its counterpart in Infoblox NIOS. To detect and resolve the drift state, this plug-in uses two levels of validation to identify a resource. First, with a reference ID issued by Infoblox NIOS WAPI, and then with the extensible attribute, Terraform Internal ID saved as internal_id within the .tfstate file. The reference ID is regenerated each time a resource is altered, but the Terraform Internal ID remains unaltered. If a mismatch is detected, the plug-in takes the appropriate measures to fix it.
As a prerequisite to setting up the plug-in, you must create an extensible attribute definition for Terraform Internal ID in NIOS. The extensible attribute is saved as internal_id and is assigned to every supported resource in the .tfstate file (Terraform state file). For methods that you can use to create the extensible attribute, see Creating the Terraform Internal ID Extensible Attribute.
According to the version of the plug-in, the extensible attribute is utilized as follows:
- In IPAM Plug-In for Terraform version 2.6.0 and later, the extensible attribute is used for the following:
- To manage drift state in Terraform, as discussed above
- To create and manage resources supported by IPAM Plug-In for Terraform.
- To import the infoblox_ip_allocation and infoblox_ip_association resources.
- In IPAM Plug-In for Terraform versions prior to 2.6.0, Terraform Internal ID is required only to create host records by using the infoblox_ip_allocation and infoblox_ip_association resources.
According to the operation that you perform in Terraform, the behavior exhibited by IPAM Plug-In for Terraform is as follows:
- Creating a resource:
- If you create a resource in Terraform and the plug-in is able to find the Terraform Internal ID extensible attribute, it attaches it to the resource in NIOS and saves it for that resource in the .tfstate file.
- Modifying an existing resource:
- If the plug-in finds a match for the reference ID and Terraform Internal ID, it completes the update operation.
- When you upgrade IPAM Plug-In for Terraform to version 2.6.0 (existing user) and then modify a resource and run the terraform apply command, the plug-in creates the Terraform Internal ID extensible attribute, attaches it to the resource in NIOS and saves it in the .tfstate file.
- If the plug-in does not find a match for the reference ID but does find a match for the Terraform Internal ID, it proceeds with the update operation and also retrieves the changed reference ID from NIOS and updates it in the .tfstate file. For more information, see Management of Drift State in Terraform.
- If the plug-in does not find a match for either the reference ID or the Terraform Internal ID, it clears the resource from the .tfstate file and tries to recreate the resource on a subsequent run of the terraform apply command.
- Importing a resource from NIOS
- When you import an existing resource from NIOS to Terraform, the plug-in creates the Terraform Internal ID extensible attribute and attaches it to the resource in NIOS and saves it in the .tfstate file in Terraform.
Creating the Terraform Internal ID Extensible Attribute
Only a NIOS admin with superuser privileges is authorized to create extensible attributes in NIOS. For more information about NIOS admin accounts, refer to the Infoblox NIOS Documentation.
Use one of the following methods to create the Terraform Internal ID extensible attribute:
- Create the extensible attribute manually in Infoblox NIOS Grid Manager. For steps, refer to the Infoblox NIOS Documentation.
- Use the following cURL command to create the extensible attribute as a read-only attribute in NIOS:
curl -k -u admin:infoblox -H “Content-Type: application/json” -X POST https:///wapi/v2.9/extensibleattributedef -d ‘{“name”: “Terraform Internal ID”, “flags”: “CR”, “type”: “STRING”, “comment”: “Internal ID for Terraform Resource”}’
For more information, refer to the Infoblox WAPI documentation. - Enable the IPAM Plug-In for Terraform to automatically create the extensible attribute by configuring the Terraform Infoblox provider with the credentials of a NIOS admin user with superuser privileges. For more information, see Configure the access permissions.
! Note
|
Conclusion
The latest update to the Infoblox IPAM Driver for Terraform represents a significant milestone in network automation and infrastructure management. With new features such as DHCP support, enhanced resource management and seamless integration with the Infoblox Cloud Platform, users can unlock new levels of efficiency, flexibility, and control over their network environments.
As organizations continue to embrace digital transformation and the adoption of cloud-native technologies, the Infoblox IPAM Driver for Terraform stands ready to meet the evolving needs of modern IT infrastructure. Whether you’re managing a small-scale network or a large enterprise deployment, Infoblox remains committed to empowering users with innovative solutions that simplify complexity and drive business success.
Stay tuned for future updates and enhancements as we continue to innovate and deliver value to our customers.
