IBM Cloud Configuration Discovery allows you to reverse-engineer your perfect application hosting environment and codify it so you can easily re-build or replicate as you need.

Do you have an IBM Cloud infrastructure that was incrementally and manually built that is now set up exactly how you want it and perfectly running your business-critical applications? Up until now, you may have wanted to replicate the environment for a number of different reasons, but it would take a lot of steps to create from scratch using the industry automation Infrastructure as Code (IaC) methodology. Perhaps you wish you could “clone” this environment:

With the growing complexity and increased adoption of cloud infrastructure resources in a business-critical application infrastructure, Infrastructure as Code (IaC) has never been more important. The promise of IaC is simple: You can use code (and the associated development practices) to seamlessly manage your cloud service infrastructure and eliminate the error-prone manual interventions. 

If you already used IaC practices to set up your perfect existing environment, you’re all set — you’ve already reached the end goal. But if you didn’t, don’t you now want to take that next step to get all the IaC benefits for your future operations? You really want to “clone” your environment through a discovery process and save that for future use. Thus is born the IBM Cloud Configuration Discovery tool.

Infrastructure to Code

“Infrastructure to Code” is the mechanism to transform an existing cloud “infrastructure” into the declarative code that can be used to create it again. It is, of course, based on the industry-leading Terraform automation, and it is the opposite to the well-known declarative process known as Infrastructure as Code (IaC).

IaC code in Terraform consists of two main components:

Importing an existing cloud infrastructure into IaC means you must generate the HCL files and the state-file, and IBM Cloud Configuration Discovery will do that for you.

IBM Cloud Configuration Discovery tool

IBM Cloud uses IaC code with Terraform, so that is where we will create by migrating your existing infrastructure into Terraform code. Let’s walk through how to do that:

Terraformer is an open-source project built by Google with a CLI that is suitable for a Terraform developer.  With Terraformer CLI, a developer can easily build Terraform configuration files for pre-existing resources in a cloud environment. It performs the reverse of what Terraform is designed to do, and in that way, this tool can be thought of as “Infrastructure to Code.” Terraformer will “import” your current environment state to a Terraform configuration from a provider. When you “import” that current environment configuration into those files, you can then use that to create a new environment with those files and Terraform. You can refer to the Terraformer materials for more information about installation and usage.

Configuration Discovery capabilities

Although Terraformer is a powerful and robust tool for importing an existing cloud infrastructure, it has a few shortcomings that need to be improved, as well as specific IBM Cloud information that must be handled. Fortunately, the Configuration Discovery tool has a number of capabilities that deliver function above and beyond Terraformer:

  • Adds a brown-field scenario, which is very often the real scenario needed in mature production environments.
  • Upgrades the Terraform configuration to the latest Terraform versions.
  • Supports integration of the Configuration Discovery tool into the VS Code extension for IBM Cloud Schematics.
  • It can rewrite your resources into Terraform modules.

Configuration Discovery import scenarios

Let’s see about some possible scenarios you might have and how you can use Configuration Discovery to permanently save your infrastructure into a repeatable and usable code format in these different scenarios.

This tool supports two general import cases:

  • Green-field scenario: Import the existing infrastructure on a clean state.
  • Brown-field scenario: Import the existing infrastructure and merge the generated Terraform files into the presence of already existing Terraform files.

Green-field scenario

In software engineering, green-field refers to importing existing infrastructure on a clean or blank state.

Let’s assume that the following infrastructures were created through IBM Cloud console:

  • Virtual Private Cloud resource
  • IBM Cloud Object Storage resource
  • IAM access group and policy resource 

Going forward, if you want to adopt the Terraform tool to manage your existing cloud infrastructure, there are many benefits. This is a perfect green-field scenario — you can import the existing infrastructure where it generates both Terraform state file and configuration files to a folder. Once it generates the Terraform code, you can manage all your existing cloud infrastructure lifecycle operations through Terraform.

In this case, the configuration discovery tool will import the state from the existing infrastructure, and next time a terraform apply command is run, the Terraform will consider the resources in its state. This means any changes made to configuration will be picked up as modifications, rather than as an addition of new infrastructure

Brown-field scenario

Brown-field refers to importing an existing infrastructure in the presence of existing Terraform code. 

Let’s describe a brown-field scenario:

  • You have written configuration or tf file and provisioned a IBM Cloud Virtual Private Cloud using Terraform.
  • Now, you have provisioned another set of Virtual Private Cloud and COS-related resources in the IBM Cloud using the console or CLI.
  • Your cloud infrastructure has been changed and now you want to synchronize and manage all the resources through Terraform.
  • Configuration Discovery will import all the Virtual Private Cloud and COS-related resources and merge the TF and state files into a folder:
    • It will attempt to merge with generated .tf/state file with existing .tf/state file.
    • Once the merge completes, you can manage all your existing infrastructure through Terraform.

Using these scenarios, you can handle any situation you need to handle with various types and layouts of cloud infrastructures.

Note: This feature is not yet completed in the tool, it is coming in the future.

Using with IBM Cloud Schematics

The output files from the Configuring Discovery tool can be used directly with Terraform CLI commands to create and manage resources in the IBM Cloud. But an easier method would be to use IBM Cloud Schematics, the automation tool that runs Terraform deployment operations, among a number of other automation capabilities. The files created from using the Configuration Discovery tool can be used in Schematics, just like any other Terraform files, to recreate an environment you’d like to use in IBM Cloud.

Next steps

So that’s the story of what IBM Cloud Configuration Discovery is, why it was created, what it can do and when and why you would want to use it. There is a full Configuration Discovery Tutorial that walks you through step-by-step a detailed usage scenario that will assist you with getting started.

IBM Cloud Configuration Discovery tool is being released to open-source project in Github as an initial Beta-level code. This tool is licensed under Apache 2.0 and built using the Go programming language. Users are allowed to enhance the tool and are free to ask for feature enhancements or report something that they think is not working properly.

We look forward to engaging with you in Github!

More from Announcements

IBM Hybrid Cloud Mesh and Red Hat Service Interconnect: A new era of app-centric connectivity 

2 min read - To meet customer demands, applications are expected to be performing at their best at all times. Simultaneously, applications need to be flexible and cost effective, and therefore supported by an underlying infrastructure that is equally reliant, performant and secure as the applications themselves.   Easier said than done. According to EMA's 2024 Network Management Megatrends report only 42% of responding IT professionals would rate their network operations as successful.   In this era of hyper-distributed infrastructure where our users, apps, and data…

IBM named a Leader in Gartner Magic Quadrant for SIEM, for the 14th consecutive time

3 min read - Security operations is getting more complex and inefficient with too many tools, too much data and simply too much to do. According to a study done by IBM, SOC team members are only able to handle half of the alerts that they should be reviewing in a typical workday. This potentially leads to missing the important alerts that are critical to an organization's security. Thus, choosing the right SIEM solution can be transformative for security teams, helping them manage alerts…

IBM and MuleSoft expand global relationship to accelerate modernization on IBM Power 

2 min read - As companies undergo digital transformation, they rely on APIs as the backbone for providing new services and customer experiences. While APIs can simplify application development and deliver integrated solutions, IT shops must have a robust solution to effectively manage and govern them to ensure that response times and costs are kept low for all applications. Many customers use Salesforce’s MuleSoft, named a leader by Gartner® in full lifecycle API management for seven consecutive times, to manage and secure APIs across…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters