As with any software, terraform also has hidden gems waiting to be discovered, even after you've obtained your associate certification. Some features aren't always known until you need them, which is why we still a a lot to learn from the product. Today is one of those days! In this post, I will show how to deploy Multi-Region Resources using something called provider aliases.
Why multi region deploy isn’t that common ?
The reason why the provider alias feature is not commonly used is that most users typically deploy resources in a single region at a time. Unless you have a setup that requires a DR configuration with regional failover or a distributed workload across several regions. The provider block, which is placed in the root module of a Terraform configuration, dictates the default location where all resources will be created.
Understanding Provider Aliases
To support multi region deployment, you can include multiple configurations for a given provider by including multiple provider blocks with the same provider name, but different alias meta-argument for each additional configuration. see Hashicorp’s example below
How to reference it from a resource block
To use extra provider configuration for a resource or data source, set its
provider argument to a
<PROVIDER NAME>.<ALIAS> defined earlier:
Practical Scenario: Deploying Public IPs in Multiple Regions in OCI
Let's consider a scenario where a HA firewall setup (active-active) requires 4 public IP addresses in two different regions. We'll leverage provider aliases to achieve this multi-region deployment.
Toronto => primary site (default) while Montreal (aliased) => failover region
4 IPs per region will be deployed
Public IP for Firewall Primary VM management Interface
Public IP for Firewall Secondary VM management Interface
Floating Public IP for Firewall Untrust Interface
Floating Public IP for Firewall Untrust Interface inbound flow (frontend cluster ip)
Clone the repository
This is my own github repo, Pick an area on your file system and run the clone command
You will find our configuration under a subdirectory called terraform-provider-oci/publicIPs
Cd Into the subdirectory where our configuration resides and run the init
Here’s a tree of the files composing our configuration