Deployment Guide

Infoblox IPAM plugin for Terraform

October 2019

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 2 | 21

Table of Contents

Introduction 3

Solution 3

Pre-requisites 3

Deployment 3

Assumption 3

Installation of Terraform 4

Installation of Go 4

Installation of vNIOS 4

Setting up vNIOS 6

Building Infoblox IPAM Plugin for Terraform 8

Provisioning of a VM 13

De-provisioning 20

Limitations 20

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 3 | 21

Introduction

Terraform is an Open Source Infrastructure as code software that is developed by HashiCorp. It enables

predictable and consistent provisioning of Infrastructure across different types of cloud providers.

Update – As of 1st May 2020 Infoblox has become official provider for Terraform. Click here to know more

about this.

The benefits of using Terraform as your Infrastructure-as-a-code tool are:

● Orchestration, not merely configuration

● Immutable infrastructure

● Declarative, not procedural code

● Client-only architecture

Solution

Infoblox NIOS provides core network services that includes an integrated, secure, and easy-to-manage DNS

(Domain Name System), DHCP (Dynamic Host Configuration Protocol) and IPAM (IP address management)

services.

The Infoblox IPAM Plugin for Terraform interfaces with Infoblox vNIOS through REST API to provide IP

Address Management and DNS Services. Instead of manually provisioning IP addresses and DNS records for

network devices and interfaces in your infrastructure, you can use the plugin to automate these steps with

vNIOS.

Infoblox IPAM Plugin for Terraform version 1 supports the following use cases:

● Creation of Network View in NIOS appliance

● Creation of Network in NIOS appliance

● Allocation and Deallocation of IP Address from a Network

● Allocation of DNS Records (A, CNAME, Host, and PTR records)

This deployment guide covers the integration of Infoblox IPAM plugin for terraform on a VMware vSphere

environment.

Pre-requisites

Before you begin, please make sure you have the following:

● Terraform 0.11.13 or greater

● Go client version 1.12.7 (This will be used to build the provider plugin)

● A provider environment – VMware vSphere environment will be used in this document

● An Infoblox appliance running 8.5 or higher with necessary licenses (DNS, NIOS, Cloud Network

Automation)

Deployment

Assumption

It is assumed that you already have a VMware vSphere environment running.

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 4 | 21

Installation of Terraform

You must install Terraform v0.11.13 or greater on your system. For more information on installing Terraform

please refer to https://learn.hashicorp.com/terraform/getting-started/install.html

Installation of Go

Install Go version 1.12.7 or later to your linux machine by using the following commands:

$ sudo apt-get update

$ wget https://dl.google.com/go/go1.13.3.linux-amd64.tar.gz

$ sudo tar -xvf go1.13.3.linux-amd64.tar.gz

$ sudo mv go /usr/local

Installation of vNIOS

● Using a browser, login to the Infoblox Support portal.

● Click Downloads

● In the drop-down menu select NIOS/vNIOS.

● Under Select release type click on General Maintenance release

● Select version drop box select the latest NIOS release.

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 5 | 21

● Since this deployment guide is based on VMware, download the VMware version of the product.

● Click on Download Image section to download the .OVA file for Grid Master or Member.

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 6 | 21

● Once you have Downloaded the .OVA image, deploy to your vSphere environment and install required

licenses.

Setting up vNIOS

● It is recommended to install the Cloud Network Automation license. However, if the license is not

installed on NIOS, configure the following extensible attributes.

o VM Name: String Type

o VM ID: String Type

o Tenant ID: String Type

o CMP Type: String Type

o Cloud API Owned: List Type (Values True, False)

o Network Name: String Type

● To create the required EA’s, Navigate to Administration → Extensible Attributes in your Infoblox

Grid Manager GUI

o Click on the + (Add) button.

o Enter the name for the EA, as displayed in bold in the list above

o Set the Type dropdown menu to the required setting (refer to the list above).

o Click on the small arrow next to Save & Close and select Save & New to add additional

EA’s, or click on Save & Close if done

o Similarly, create all the above listed EA’s.

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 7 | 21

● Add an Authoritative and Reverse mapping zone manually in NIOS, which will be specified in terraform

configuration files

o Navigate to Data Management DNS

o Click on small arrow next + (Add) button and click on Authoritative zone

o Click on Add an authoritative forward-mapping zone

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 8 | 21

o Click Next and edit the name of zone

o Click on Save & Close

Building Infoblox IPAM Plugin for Terraform

To install the Infoblox IPAM plugin for terraform on your Linux machine, please use the following steps:

● To create an infobloxopen directory, run the following command

mkdir -p $GOPATH/src/github.com/infobloxopen

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 9 | 21

● Setup GOPATH and GOROOT :

$ GOROOT=/usr/local/<directory of plugin>

$ export PATH=$GOPATH/bin:$GOROOT/bin:$PATH

● Run the git clone command to clone the repository and example files

https://github.com/infobloxopen/terraform-provider-infoblox.git or you can create your own example

files by visiting provider page here

$ git clone https://github.com/infobloxopen/terraform-provider-

infoblox

● Once you have fetched the provider directory, the Infoblox.tf and vm.tf files will be available in the

VMware and Azure folders:

o infoblox.tf: This file contains the Infoblox resource details. These resource details contain the credentials of the Infoblox Server and resource records like A, PTR, and CNAME. The main purpose of the Infoblox Terraform Provider is to allocate an IP address to the virtual machine. For example, in the case of Fixed address template for VMware, the creation of Network and allocation of an IP address from that network, the contents of file will look like as below

provider "infoblox"{

server="10.196.215.40"

username="admin"

password="infoblox"

}

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 10 | 21

resource "infoblox_network" "demo_network"{

// network_view_name="demo1"

network_name="ex1"

cidr="10.10.10.0/24"

tenant_id="VMware"

}

resource "infoblox_ip_allocation" "demo_allocation"{

//network_view_name="demo1"

vm_name="terraform"

cidr="${infoblox_network.demo_network.cidr}"

tenant_id="VMware"

}

resource "infoblox_ip_association" "demo_associate"{

// network_view_name="demo1"

vm_name="${infoblox_ip_allocation.demo_allocation.vm_name}"

cidr="${infoblox_network.demo_network.cidr}"

mac_addr

="${vsphere_virtual_machine.vm.network_interface.0.mac_addr

ess}"

ip_addr="${infoblox_ip_allocation.demo_allocation.ip_addr}"

tenant_id="VMware"

}

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 11 | 21

resource "infoblox_ip_allocation" "demo_allocation"{

//network_view_name="demo1"

vm_name="terraform"

cidr="${infoblox_network.demo_network.cidr}"

tenant_id="VMware"

}

resource "infoblox_ip_association" "demo_associate"{

// network_view_name="demo1"

vm_name="${infoblox_ip_allocation.demo_allocation.vm_name}"

cidr="${infoblox_network.demo_network.cidr}"

mac_addr

="${vsphere_virtual_machine.vm.network_interface.0.mac_addr

ess}"

ip_addr="${infoblox_ip_allocation.demo_allocation.ip_addr}"

vm_id ="${vsphere_virtual_machine.vm.id}"

tenant_id="VMware"

}

resource "infoblox_a_record" "demo_record"{

// network_view_name="demo1"

vm_name="${infoblox_ip_allocation.demo_allocation.vm_name}"

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 12 | 21

cidr="${infoblox_network.demo_network.cidr}"

ip_addr="${infoblox_ip_allocation.demo_allocation.ip_addr}"

dns_view="default"

zone="infobloxdemo.com"

tenant_id="VMware"

}

o vm.tf: This file contains the Azure or VMware resource details. Resource details for Azure, like Tenant ID, and VMware resources, like Server details, the hardware like Ubuntu where the resource details will be deployed. The vm.tf is used to deploy a virtual machine. All the properties of the virtual machine are specified in this directory. In this directory, the field IPV4 specifies the to access the IP address from Infoblox.tf to make the records visible in NIOS once the IP address is allocated to the virtual machine. For example, in case of vSphere environment, details will look something similar as below –

provider "vsphere" {

vsphere_server = "10.196.215.25"

user = "username"

password = "*******"

allow_unverified_ssl = true

}

data"vsphere_datacenter" "dc"{

name = "datacenter name"

}

data "vsphere_datastore" "datastore" {

name = "DS14"

datacenter_id = "${data.vsphere_datacenter.dc.id}"

}

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 13 | 21

data "vsphere_resource_pool" "pool" {

name = "Cloud/Resources"

datacenter_id = "${data.vsphere_datacenter.dc.id}"

}

data "vsphere_network" "network" {

name = "VM Network"

datacenter_id = "${data.vsphere_datacenter.dc.id}"

}

Provisioning of a VM

The following flowchart describes the workflow of execution steps in provisioning a VM through Infoblox IPAM

plugin for terraform

To provision the VM you need to run set of Terraform commands in the working directory containing Terraform

configuration files. In this document Fixed Address template example files are being used and configured

according to vSphere environment

Updating of MAC

address once the

VM is Powered on

Allocation of IP

address from

Infoblox Grid

Provision of VM on

VMware/Azure

platform

Create DNS record

in Infoblox

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 14 | 21

● terraform init command is used to initialize a working directory containing terraform

configuration files

● terraform plan command is used to create an execution plan. This command determines the

necessary actions to achieve the desired state specified in the configuration files

● terraform apply command to apply changes required to reach the desired state of the

configuration, or the predetermined set of actions generated by a terraform plan execution

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 15 | 21

plan.

● Once the terraform apply command is successfully executed, On the VMware vSphere client you can

see that a VM has been created

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 16 | 21

● IPv4 Network as mentioned in Infoblox.tf file will be created in NIOS

● IP address allocation from the network created above along with MAC address update in NIOS is done

by Infoblox IPAM plugin for terraform

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 17 | 21

● You will also find DNS A record in the authoritative zone as mentioned in Infoblox.tf files registered.

● To view the cloud resource, when you have the Cloud Network automation license installed, Click on

Cloud Tab, you will see the tenant created

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 18 | 21

● Clicking on the Tenant tab will give you relevant information with respect to cloud networks and cloud

VM

● Additionally, you can view the extensible attributes of the DNS record that have been populated

automatically.

To view the extensible attributes of DNS record created click on Data Management 🡪 DNS 🡪 Click on

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 19 | 21

Infobloxdemo.com zone 🡪 right click on A record

● Click on Extensible attributes

I n f o b l o x I P A M P l u g - i n f o r T e r r a f o r m - O c t 2 0 1 9 P a g e 20 | 21

De-provisioning

De-provisioning(destroy) of VM will release the allocated IP addresses and deletes associated IPAM details

including DNS records and Networks

The flow chart below explains the deprovision workflow –

To initiate De-provision, use the following command in the directory containing Terraform Files :

terraform destroy -force

Limitations

● Infoblox plugin for Terraform currently supports only IPv4 environments and does not support IPv6

environment.

● Creation of Network views is possible through Infoblox plugin for Terraform however deletion of a

Network view is not supported yet

● Infoblox IPAM plugin for Terraform currently supports on Azure and VMware as provider platform.

● Modification of DNS records is not possible with Terraform IPAM plugin, however creation and deletion

are possible

Delete DNS

record from

Infoblox

Deletion of IPv4

Network from

Infoblox

De-provision of VM on

VMware/Azure platform

De-allocation of

IP address from

Infoblox

Infoblox enables next level network experiences with its Secure Cloud-Managed Network Services. As the pioneer in providing the

world’s most reliable, secure and automated networks, we are relentless in our pursuit of network simplicity. A recognized industry

leader, Infoblox has 50 percent market share comprised of 8,000 customers, including 350 of the Fortune 500.

Corporate Headquarters | 3111 Coronado Dr. | Santa Clara, CA | 95054

+1.408.986.4000 | 1.866.463.6256 (toll-free, U.S. and Canada) | info@infoblox.com | www.infoblox.com

© 2019 Infoblox, Inc. All rights reserved. Infoblox logo, and other marks appearing herein are property of Infoblox, Inc. All other marks

are the property of their respective owner(s).