Series – Get your database running with Terraform part 3: VCN

Now after we have compartment where to place resources we are ready to create Virtual Cloud Network (VCN). Since previous post was about compartments and how they logically group your resources one way to think is that a VCN groups your network resources together.

You can read part 2 from here.

VCN is relatively simple concept as all you need to define now is a compartment where to place VCN, name, dns label and a CIDR block. After you have created it you will create all subnets, security lists, load balancers etc under that VCN as they will use IPV4 addresses from the CIDR block you defined.

CIDR block as per documentation is “a single, contiguous IPv4 CIDR block of your choice. The allowable VCN size range is /16 to /30. Example: 10.0.0.0/16.'”

DNS label is added to oraclevcn.com so if you define your VCN DNS label “test” then it will be test.oraclevcn.com (and later on if you add subnet label it will be combined as mysubnet.test.oraclevcn.com).

Couple things are important when you define VCN range. Do you have any other VCN’s which you need to connect together or will you create a connection to your corporate network? If that’s the case make sure the VCN CIDR ranges do not overlap.

Also think on how you will size VCN based on CIDR block. A /16 CIDR will give you 65,536 IP addresses whereas /30 will give you only four IP addresses. And Oracle will take first two and the last IP address from any given VCN so that would leave you with only one IP address available.

In my example I will use a /16 CIDR block for VCN and when we move to subnets I’ll use /24 subnets.

Each VCN will by default also have a routing table, security list and set of DHCP options. It’s good to get a grasp of these by reading VCN overview.

Terraform

When creating the resource I again only need three variables in my variables.tf. I will add these to the existing file I used in the compartments part 2.

variable "vcn_cidr_block" {
  default = "172.16.0.0/16"
} // Define the CIDR block for your use

variable "display_name" {
  default = "My VCN"
} // VCN Name

variable "dns_label" {
  default = "oci"
} // DNS Label for VCN

Next we will modify main.tf and add the VCN create resource there. I use defined variables and there is also a reference to the previous compartment resource creation. We need the OCID of the compartment we just created and will get it by referencing the .id on line four.

resource "oci_core_virtual_network" "CreateVCN" {
  cidr_block     = "${var.vcn_cidr_block}"
  dns_label      = "${var.dns_label}"
  compartment_id = "${oci_identity_compartment.CreateCompartment.id}"
  display_name   = "${var.display_name}"
}

If you need to look what values you can get on when you create the resource you can check OCI Terraform provider documentation and see list of values exported. For example exported values for compartment are found here.

I’ve already executed terraform plan to see it will create a new resource. Next just running apply to get the VCN created.

PS C:\\builddemo> terraform.exe applyoci_identity_compartment.CreateCompartment: Refreshing state... (ID: ocid1.compartment.oc1..xxxxxxx...xxxx)

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  + oci_core_virtual_network.CreateVCN
      id:                       <computed>
      cidr_block:               "172.16.0.0/16"
      compartment_id:           "ocid1.compartment.oc1..axxxxxxxxxxxxxx"
      default_dhcp_options_id:  <computed>
      default_route_table_id:   <computed>
      default_security_list_id: <computed>
      display_name:             "My VCN"
      dns_label:                "oci"
      freeform_tags.%:          <computed>
      state:                    <computed>
      time_created:             <computed>
      vcn_domain_name:          <computed>


Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

oci_core_virtual_network.CreateVCN: Creating...
  cidr_block:               "" => "172.16.0.0/16"
  compartment_id:           "" => "ocid1.compartment.oc1..xxxxxxxxxxxxx"
  default_dhcp_options_id:  "" => "<computed>"
  default_route_table_id:   "" => "<computed>"
  default_security_list_id: "" => "<computed>"
  display_name:             "" => "My VCN"
  dns_label:                "" => "oci"
  freeform_tags.%:          "" => "<computed>"
  state:                    "" => "<computed>"
  time_created:             "" => "<computed>"
  vcn_domain_name:          "" => "<computed>"
oci_core_virtual_network.CreateVCN: Creation complete after 1s (ID: ocid1.vcn.oc1.eu-frankfurt-1.aaaaaaaavc...xxxxxxxxxxxxxxxxxxx)

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Now our main.tf and variables.tf contain values for setup, compartment and VCN. Next we will create Internet and NAT Gateways.

Simo

View Comments

Recent Posts

Connecting to Autonomous Database Running on Google Cloud

Last time I showed how to provision Autonomous Database Serverless (ADB-S) on Google Cloud. This…

2 months ago

Can you believe it? Provisioning Autonomous Database in GCP!

I bet few years back folks didn't expect that by 2024 we would be able…

2 months ago

IP Address Insights with CLI

My previous post on IP Address Insights I mentioned it wasn't yet available with CLI…

6 months ago

Thoughts on Oracle Database@Azure

This will NOT be a technical walkthrough on Oracle Database@Azure but rather my opinions and…

6 months ago

OCI Vulnerability Scanning Setup

Many times when you work for someone, they already have their own vulnerability scanning throughout…

6 months ago

OCI IP Address Insights

Recently OCI announced small but VERY useful service, IP Address Insights. Why this matters? I've…

6 months ago