Infrastruktur – News

Automating FreeIPA with Terraform

22 April 2020

Terraform is great for cloud provisioning and has now become a standard tool to deploy infrastructures as code, in a DevOps fashion.

Many plugins exist to cover specific needs, from major cloud providers (AWS, GCP, Azure, etc.) to specific app APIs (Grafana, GitHub, or even PostgreSQL). The community provides and maintains additional providers which can be installed and used in any Terraform project as plugins.

 

Camptocamp developed several providers over the last few years . Besides the official Rancher provider which was co-developed by our team and contributed to the community, we maintain providers to integrate Terraform with the PuppetCA, the PuppetDB, as well as the gopass password vault.

More recently, we started having a need to automate FreeIPA resources using Terraform, so we started a new provider.

Installing

Installing additional Terraform providers is rather straightforward. You can simply download the binary from the releases page and drop it in your ~/.terraform.d/plugins directory.

Usage

Like all other Terraform providers, you first need to configure the provider. You can do that using either hardcoded parameters or environment variables. In this second case, we strongly encourage you to make use of summon as a wrapper to dynamically expose the environment variables at call time.

Next, you can start writing resources to manage FreeIPA hosts and DNS records:

At the moment, this FreeIPA provider only features 2 resource types, to manage FreeIPA hosts and DNS records.
Don’t hesitate to contribute to it by providing more resource types!