Oracle Cloud Infrastructure Resource Manager
Table of Contents
What is Resource Manager in Oracle Cloud Infrastructure (OCI)?
Resource Manager is an Oracle Cloud Infrastructure Service that allows you to automate the process of provisioning your Oracle Cloud Infrastructure resources. Using Terraform, Resource Manager helps you install, configure, and manage resources through the "infrastructure-as-code" model.
Advantages of Using Resource Manager in Oracle Cloud
Deploying App Resources
Oracle Resource Manager enables you to repeatedly deploy your app and have confidence your resources are deployed in a consistent state. If you are deploying from Oracle Marketplace, the solution will automatically include a template that you can use for your app.
Organizing Resources
You no longer have to deploy parts of your app separately and then manually stitch them together. You put resources with a common lifecycle into a Resource manager job that can be deployed in a single action.
Templates
Resource Manager templates enable you to define and deploy any OCI resources you need to in a clear and consistent way (Network, Security, Availability Domainetc).
Smarter and Faster Provisioning of Resources
Because this is a fully managed service, you don't have to worry about configuring your provider manually, saving your state information or ensuring teams have the right access controls to create, modify and delete environments. Resource Manager also integrates with the Oracle platform features such as tagging and Identity and Access Management (IAM).
Pricing
There is no dedicated charge for Oracle Cloud Infrastructure Resource Manager. You only pay for the underlying compute, storage, network or any other resource you provision using this service.
Advantage Over Manual Deployment Using Terraform
One of the plus points of using Resource Manager (RM) over terraform is that RM lets you define permissions on various Terraform actions, provides state locking to prevent corruption and automatically stores all your state information in persistent storage.
Looking for a cloud-managed service provider?
Astute is an Oracle-certified solution provider specializing in delivering custom-tailored solutions.
Key Concepts and the Main Components of Resource Manager
Configuration
Use the configuration to specify the Oracle Cloud Infrastructure resources in a given stack. For example, specify resource metadata, data source definitions, and variable declarations. Each Terraform configuration file is either HashiCorp Configuration Language (HCL) format (.tf) or JSON format (.tf.json).
Configuration Source Provider
Connection information to a source code control system where your Terraform configuration files are stored. Use a configuration source provider to create a stack from a remote, versioned Terraform configuration file.
A configuration source provider has the following types:
GitLab: Supports the following products:- GitLab Community Edition
- GitLab Enterprise Edition
- GitLab.com
- Active: The configuration source provider is available for use.
Drift
Difference between the actual, real-world state of your infrastructure and the stack's last executed configuration. For example, drift occurs when a team member adds a production tag to your resources, or when a resource fails. You can run drift detection reports to determine if provisioned resources have different states than those defined in the stack's last executed configuration.
Job
Instructions to perform the actions defined in your configuration. Only one job at a time can run on a given stack; further, you can have only one set of Oracle Cloud Infrastructure resources on a given stack. To provision a different set of resources, you must create a separate stack and use a different configuration.
Resource Manager provides the following job types:
- Plan: Parses your Terraform configuration and creates an execution plan for the associated stack. The execution plan lists the sequence of specific actions planned to provision your Oracle Cloud Infrastructure resources. The execution plan is handed off to the apply job, which then executes the instructions.
- Apply:Applies the execution plan to the associated stack to create (or modify) your Oracle Cloud Infrastructure resources. Depending on the number and type of resources specified, a given job can take some time. You can check status while the job runs.
- Destroy:Releases resources associated with a stack. Released resources are not deleted. For example, terminates a Compute instance controlled by a stack. The stack's job history and state remain after running a destroy job. You can monitor the status and review the results of a destroy job by inspecting the stack's log files.
Import State. Sets the provided Terraform state file as the current state of the stack. Use this job to migrate local Terraform environments to Resource Manager.
Jobs store history about their associated stack. For example, plan jobs store generated execution plans and apply jobs store configurations (snapshots) and state files. Jobs reside in the same compartment as the stack they are associated with. An OCID is assigned to each job.
A job has the following lifecycle states:
-
Accepted: The job was accepted for processing
-
In Progress: The job is currently executing
-
Failed: The job did not complete execution
-
Succeeded: The job completed execution
-
Canceling: The job is being canceled
-
Canceled: The job was canceled
Module
A group of related resources. Use modules to create lightweight and reusable abstractions, so that you can describe your infrastructure in terms of its architecture.
Resource Discovery
A feature to capture deployed resources as Terraform configuration and state files. With this feature, you can:
- Move from manually-managed infrastructure to Resource Manager - controlled infrastructure
- Learn how Terraform uses HashiCorp Configuration Language (HCL) syntax to represent Oracle Cloud Infrastructure resources
- Duplicate or rebuild existing infrastructure in another compartment
Sample Solution
An Oracle-provided, pre-built Terraform configuration that provisions a set of resources used in a common scenario.
Stack
The collection of Oracle Cloud Infrastructure resources corresponding to a given Terraform configuration. Each stack resides in the compartment you specify, in a single region; however, resources on a given stack can be deployed across multiple regions. An OCIDis assigned to each stack.
You can create stacks from solutions, from Terraform configurations stored either remotely or locally, or from existing compartments using resource discovery.
A stack created from a compartment represents all supported resources in the entire compartment, at the appropriate scope. If you select the root compartment for your tenancy, then the scope is the tenancy level, such as users and groups. If you select a non-root compartment, then the scope is compartment level, such as Compute instances.
Stack creation is supported from a single compartment only. Stacks cannot be created from nested compartments.
A stack has the following lifecycle states:
-
Creating: The stack is being created
-
Active: The stack is available for use
-
Deleting: The stack is being deleted
-
Deleted: The stack was deleted
-
Failed: The stack could not be created
State
The state of your resource configuration, stored in JSON format in a state file (.tfstate). The state file maps your stack's resources to your configuration and also maintains essential configuration metadata, such as resource dependencies. Resource Manager generates and updates state files automatically. You cannot edit the file manually.
Resource Manager supports state locking by allowing only one job at a time to run on a given stack.
Availability
The Resource Manager service is available in all Oracle Cloud Infrastructure commercial regions.
Generalized Workflow
The following image represents a generalized view of the Resource Manager workflow.
The following steps reference Console instructions; however, you can do the same tasks using the API (through the CLI (Command Line Interface) or other tool).
- Create a Terraform configuration
Note:You can store your Terraform configuration file locally or remotely, using a source code control system. With remote storage, any job running on the associated stack automatically uses the latest version of your configuration. - Create a stack
- Run a plan job, which produces an execution plan
- Review the execution plan
- If changes are needed in the execution plan, update the configuration and run a plan job again
- Run an apply job to provision resources
- Review state file and log files, as needed
- You can optionally reapply your configuration, with or without making changes, by running an apply job again
- Optionally, to release the resources running on a stack, run a destroy job
Ways to Access Resource Manager
You can access the Resource Manager service using the OCI Console or the REST API. Instructions for the Console and API are included in topics throughout this guide.
Supported Providers
In addition to terraform-provider-oci (the Terraform provider for Oracle Cloud Infrastructure), Resource Manager supports the following third-party Terraform providers.
Third-party Terraform Provider |
Supported Versions |
terraform-provider-ansible |
1.0.3 |
terraform-provider-archive |
1.1.0, 1.2.2 |
terraform-provider-checkpoint |
1.0.0 |
terraform-provider-chef |
0.2.0 |
terraform-provider-cloudinit |
1.0.0 |
terraform-provider-digitalocean |
1.13.0 |
terraform-provider-github |
2.3.1 |
terraform-provider-gitlab |
2.5.0 |
terraform-provider-helm |
0.9.1, 1.1.1 |
terraform-provider-kubernetes |
1.8.1 |
terraform-provider-local |
1.1.0, 1.2.2, 1.4.0 |
terraform-provider-null |
1.0.0, 2.1.2 |
terraform-provider-panos |
1.6.2 |
terraform-provider-random |
2.1.2, 2.3.0 |
terraform-provider-template |
1.0.0, 2.1.2 |
terraform-provider-tls |
1.2.0, 2.0.1 |
terraform-provider-vault |
2.7.1 |
Authentication and Authorization
Each service in Oracle Cloud Infrastructure integrates with IAM for authentication and authorization, for all interfaces (the Console, Standard Development Kit (SDK) or Command Line interface (CLI), and REST API).
An administrator in your organization needs to set up groups , compartments , and policies that control which users can access which services, which resources, and the type of access. For example, the policies control who can create new users, create and manage the cloud network, launch instances, create buckets, download objects, etc.
Important
Policies for managing Oracle Cloud Infrastructure resources are also required for Resource Manager operations that access resources. For example, running an apply job on a stack that includes Compute instances and subnets requires policies that grant you permissions for those resource types, in the compartments where you want to provision the resources.
Want to know more about OCI? Schedule a meeting with an Astute Team Member.
Interested in Oracle Cloud Services?
Get personalized assistance from Astute, an Oracle-certified Cloud Services Partner.
PART TWO - COMING SOON!
Jiyash is the Director of Consulting Services with Astute. He has over 19 years experience in IT consulting and project management experience in ERP and Oracle cloud migration projects, Jiyashhas executed complex PeopleSoft ERP upgrades and global rollouts in Peoplesoft Human Capital Management and Finance/Supply Chain across the globe.
Search
Related Posts
Subscribe Our Newsletter
Gain access to exclusive insights, technical know-how and crucial knowledge from Astute experts.
Share Article
See The Team In Action
Upcoming Events
Reach Out
Ready to Connect?
Please fill the following form, we will get back to you within a business day.
Contact Form
Contact Us