NSX-T Automation using Terraform: The why

August 25, 2020 Claranet Limited

Hi all, I hope you are all doing well during these trying times.

For months, possibly even years, I’ve been convincing myself I’d dive into automation.  What better time than one where I am forced into isolation with my laptop.  In truth, I was jolted into action by a business requirement for automating the build of a number of environments. These environments had to be standardised and utilise many of the same configuration elements.

I’ve spent the better part of a month learning about Cloud (AWS and VMC on AWS) along with Network Automation, which brings us onto our first section…

Why Terraform?

I first began by Googling ‘Network Automation Tools’ and reading a ton of articles.  Whittling down my options based on my requirements, I decided to talk to a number of Automation engineers, asking them what they thought about Terraform and Ansible, my top two prospective tools. I learnt a ton from both of these methods!

If like me, you research both, you’ll find Terraform appears to be more of an Orchestrator and Ansible is more of a Configuration Management System. The way I differentiate between the two, is Orchestration is about standing up the foundational infrastructure, and the Configuration Management System is about keeping systems standardised (think webserver).

There seems to be a fair amount of overlap between Terraform and Ansible, which I expected. I decided learning both would only strengthen my understanding of Network Automation, allowing me to pick the best tool for the job in the future.

Disclaimer: At this stage, I’ve only worked with Terraform. I plan to take Ansible for a long drive in the coming weeks.

I decided I would start with Terraform as one of my favourite bloggers Nico wrote a number of pieces around VMC and Terraform automation.  He also pointed me in Gilles' direction, who also had a number of superb articles.  Nico and Gilles got me showing tangible results in a matter of hours and days, spinning up VMC environments using Terraform (my main requirement).

My experience with Terraform

Over the past few weeks, I’ve enjoyed working with Terraform. First using it to spin up VMC instances and then moving onto using it in native NSX-T environments.  While there are a number of use cases listed on terraform.io, I was most intrigued with Terraform's declarative native, the disposable environments, and the scaling ability.

If you decide to play with Terraform, you’ll find out your file structure gets built up by provider(s), modules, and Terraform files (.tf). I’ll cover this in more detail in a future blog.  The structure of the file system and the semi-readable code meant this was easy to pick up.

Most importantly, did Terraform allow me to meet my requirements? In short, yes! I’m using the “vmc” and “nsxt” provider to automate the build of VMC environments. I’m able to use common configuration elements by using modules. This has allowed me to deploy different environments with the same IP sets/groups for example. Then I used Terraform files with variables for the custom elements. What has really helped during the proof of concept stage, is the ability to spin these environments up and down quickly and with ease (disposable environments).


The post was a lot fluffier than I originally intended. I wanted to get into the meat of Terraform, but it was recommended I start this two-part series with the 'why' and then move into the 'how' in my next post.

I plan on getting these blog posts out fairly quickly as I have well and truly been bitten by the automation bug. If you enjoyed reading this and want to follow me on Twitter or LinkedIn, please feel free.

Before I sign off, one last shout out to Rutger and the great post on Terraform and NSX-T.

Chris Noon's blog was originally posted here.

Previous Article
Part 2: Cloud Economics - The details
Part 2: Cloud Economics - The details

There will always be a need to create a compelling business case that defines an expected return when it is...

Next Article
Point of view: Why Everything as Code is the new horizon
Point of view: Why Everything as Code is the new horizon

Migrating to cloud is about changing your operating models and processes as much as it is your infrastructure.