Deploying cAPIC on Azure With Terraform

Posted on by Soumitra Mukherji

Table of Contents:

  1. Introduction
  2. Getting Started
    2a. Clone the git repo
    2b. Modify override.tf and terraform.tfvars
    2c. Run the terraform script
    2d. Destroying the cAPIC Infra
  3. How to obtain attribute for variable "_artifactsLocation"
  4. References

    Introduction

    This writeup will show how to install cAPIC on Azure using Terraform. You can follow this and create your own ACI Fabric in Azure. Generally we install cAPIC using the cloud provider’s UI. However some customers prefer to do this using code. You can download the code from my git repo and change the variable values based on your requirment and then run the script to deploy cAPIC on Azure.

๐Ÿ“— Note:
a) This Terraform Script will deploy cAPIC version 25.02. To deploy a different version of cAPIC the value of the variable "_artifactsLocation" as defined in terraform.tfvars will need to be changed accordingly.
b) The script also checks to see if you have subscribed to to Market Place for Cloud Routers Catalyst 8KV Edge 17.07.01a-byol. If you have not, then it subscribes you to the offering. (all offereings from cisco can be found via the cli command:

az vm image list --offer cisco --all --output table

c) The download will also contain shell scripts that you could use if you prefer to use azure cli to deploy the cAPIC instead of using Terraform.

Getting Started

Clone the git repo

From any directory on your MAC or linux desktop do the following:

git clone https://github.com/soumukhe/azure_cAPIC-Terraform_Deploy.git
cd azure_cAPIC-Terraform_Deploy

Once Cloned, you will see the following files there:

File/Directory Name Purpose
file azcapic.sh shell script use only to deploy cAPIC
file decom_azcapic.sh shell script use only to undeploy cAPIC
file capic.tf the main Terraform File
file override.tf **modify ** this to put in your Azure secrets
file README.md Git readme file
directory template Azure ARM Tempate directory
file terraform.tfvars **modify ** this to put in your desired variable values
file variables.tf This file initializes the Terraform Variables
Modify override.tf and terraform.tfvars

As shown in the table below, you only need to modify 2 files.

override.tf
terraform.tfvars

Before modifying the files you need to create a service Principal in Azure and use the output from the Service Principal creation for the values to be put into override.tf file.

The steps to create the Service Principal are show below:
Please do this in your MAC or Linux workstation.

install azure cli:   https://docs.microsoft.com/en-us/cli/azure/
az login       # login to your azure account
az account list -o table  # to see a list of accounts that you have
az  account set  -s subsID. # set to the account subcription ID where you want to deploy cAPIC
az account show  # to verify you are on the right account
az ad sp create-for-rbac --name <servicePrincipalName --role="Owner" --scopes /subscriptions/<your_subsID>. # here smTest is the name of my Service Principal

An example of a run with Service Principal Name of smTest1 is shown in the figure below:
file
Figure 1: Creating Service Principal

Next, please update the overfide.tf file accordingly:
file
Figure 2: Updated the values for override.tf file

Next, go ahead and modify the variables for terraform.tfvars file.
๐Ÿ“—Note:
a) This Terraform Script will deploy cAPIC version 25.02. To deploy a different version of cAPIC the value of the variable "_artifactsLocation" as defined in terraform.tfvars will need to be changed accordingly.

file
Figure 3: Modify Variable values in "terraform.tfvars" as you desire.

Run the terraform script

I’m assuming that you already have the terraform binary installed.
If you don’t alrady have that, you can do that in a couple of minutes as shown below:

Terraform comes in a single binary. To download it,

  • go to https://terraform.io
  • click on Download CLI
  • copy the link for your operating system
  • on your ubuntu VM, do “`curl -O "
  • unzip the zip file
  • sudo mv terraform /usr/local/bin
    file
    Figure 4: Installing Terraform

Check with terraform version
file
Figure 5: terraform version

Next, run the terraform import command to check and see if the Catalyst-8KV cloud Routers MarketPlace subsription was already done earlier.
case1) If the Marketplae subscription was already present the import will import the state file into the terraform state file.
case2) If the Marketplace subscription was not present, then the next step of "terraform apply" will subsribe to the Marketplace agreement and the state will get created.

subs=<yourAzureSubscriptionID>
terraform import azurerm_marketplace_agreement.c8kv /subscriptions/$subs/providers/Microsoft.MarketplaceOrdering/agreements/cisco/offers/cisco-c8000v/plans/17_07_01a-byol

file
Figure 6: case1, MarketPlace Subscription to c8KV was present and imported ito state file.

file
Figure 7: case2, MarketPlace Subscription to c8KV was not present. terraform apply will create state.

Now All you have to do is run the Terraform script and your cAPIC in Azure will get deployed.

terraform init
terraform fmt
terraform validate
terraform plan
terraform apply --auto-approve

Below is a screenshot of what you will now see in the screen.

file
Figure 8: Output of terraform apply –auto-approve

You can now point your browser to the public IP of the capic using https and do the initial setup. After initial setup of cAPIC, the c8Kvs will spin up.

๐Ÿ“—Note: terraform show will show you the full state file

Destroying the cAPIC Infra

Destroying the cAPIC Infra is a non-reversable process. Since the deployment was using a arm template with parameters, it will be necessaary to remove the state file for the resource group also.

To destroy do the following:

terraform destroy         # it will ask you for confirmation.  type yes
terraform show            # this should show you the only item left in the state file is the resource group
az group delete --name capic2502   # use your resource group name
terraform state rm  azurerm_resource_group.rgroup       # to remove the state of resource group 
terraform show         # to verify that all state is gone

file
Figure 9: Output of terraform destroy

file
Figure 10: Output of terraform show (after destroy)

file
Figure 11: deleting the resource group manually

file
Figure 12: Removing the resource group from state

file
Figure 13: Verifying that all state is gone

How to obtain attribute for variable "_artifactsLocation"

The git repo download was made specifically for cAPIC version 25.0.2 running on Azure. If you wanted to run a different version, you would need to make 2 modifications:

a) update the attribue value for "_artifactsLocation"
b) subscribe to the correct Cloud Cat8Kv router version.

a) Obtaining "_artifactsLocation" value

The easisist way to find the location is to deploy the desired version of cAPIC through UI. Then go to the resource group, click on deployments and the last entry on the list.

file
Figure 14: Looking at deployment

Now click on Inputs and look at the variable value for "_artifactsLocation"
Update the terraform.tfvars file with that variable value

file
Figure 15: Displaying value of variable: "_artifactsLocation"

b) subscribe to the correct Cloud Cat8Kv router version
Check the CCO document
to find the compatible release of c8Kv for your cloud APIC deployment.
Use the below command to find the offer and plan name for the Markteplace subscription:

az vm image list --offer cisco --all --output table

Update the values of resource "azurerm_marketplace_agreement" "c8kv", in capic.tf with these new values.

file
Figure 16: Updating Cat8Kv values in capic.tf file

References

Getting Started with Cisco Application Centric Infrastructure

Go To TOP

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.