Fri Jun 02 2023
This is my first post on using Terraform + Akamai
Written by: Cesar
4 min read
We currently use Akamai’s control panel to manage all our properties. This works pretty good when you only have to manage a few sites and when you only have one or two resources managing changes. However this does not scale very well when you have many sites and a lot of people making changes.
I looked at two possible solutions, the first was using Akamai pipelines. This solution looked promissing at first, but then when I started to actually use it ran into some problems with ruleset versions and other issues, and the CLI did not give descriptive error messages, so it was very difficult to debug.
I was finally able to get Akamai properties working, then I tried to do the same for cloudlets which is another component we leaverage heavily, in most of our properties, and again I ran into more issues. At some point found that the cloudlet CLI from Akamai just refused to accept json rulesets, that were exported from the same CLI and did not see any progress on my issue, so I decided to abandon this solution and instead try using the Akamai Terraform provider.
I have never used Terraform before so I was a little intimidated, however after going through the getting started tutorial, found that it was actually quite easy to use, in addition, seems to be a very wildely used tool for managing infrastucture as code. I started with the Cloudlet resources.
There are 2 terraform Akamai provider resources for cloudlets:
akamai_cloudlets_policy and akamai_cloudlets_policy_activation
akamai_cloudlets_policy can be used to create a new cloudlet policy or to update an existing policy
I used the akamai/shell docker image, which has both the akamai CLI and terraform installed. Otherwise you will need to install those binaries.
A new policy can be created from scratch by simply defining a resource block with:
resource "akamai_cloudlets_policy" "policy" {
name = "name_of_new_of_new_policy"
cloudlet_code = "IG"
description = "comments for policy"
group_id = "12345"
}This example will create a policy under the group_id 12345, using a Request Control cloudlet code type, with no rules
then you can run:
terraform planto view the upates, to apply run:
terraform applyand to finally clean up and destory run:
terraform destroyfor more available details the Akamai terraform provider documentation
example I tried:
mkdir my_new_cloudlet_policy
cd my_new_cloudlet_policy
touch main.tf
touch variables.tfadd this to the main.tf:
terraform {
required_providers {
akamai = {
source = "akamai/akamai"
version = ">= 2.0.0"
}
}
required_version = ">= 0.13"
}
provider "akamai" {
edgerc = var.edgerc_path
config_section = var.config_section
}
resource "akamai_cloudlets_policy" "policy" {
name = "name_of_new_of_new_policy"
cloudlet_code = "IG"
description = "comments for policy"
group_id = "12345"
}
add this to the variables.tf
variable "edgerc_path" {
type = string
default = "~/.edgerc"
}
variable "config_section" {
type = string
default = "papi"
}next set these to where ever your edgerc file is located.
Then run:
terraform init
terraform plan
terraform applyNow if you login to Akamai’s control panel, and navigate to the cloudlets section, you should see our newly created cloudlet, with no rules. Finally to clean up you can run:
terraform destroywhich should remove the policy we just created.
I was amazed how easy this was to do.
An existing policy can be imported if you run
akamai terraform --edgerc /root/.edgerc --section papi
export-cloudlets-policy "name_of_existing_cloudlet_policy"This will import the existing cloudlet policy named: name_of_existing_cloudlet_policy This generates 4 files
you then run:
bash import.shTo initialize your terraform working directory, then you can start making changes to the cloudlet rules (stored in match-rules.tf). Then you can run:
terraform planTo see what changes this update will make with terraform, if you are okay with those, you can then execute those by running:
terraform applyKeep in mind that this will run all the resources in the policy.tf file, which will do two things, upload a new version of the policy and activate it on staging. If you only want to create a new version you will need to instead run:
terraform plan -target="akamai_cloudlets_policy.policy"So far it as been really easy to use Terraform to create/make changes to cloudlets. I will next create a Gitlab pipeline to turn this into a CI/CD workflow for our team to use.