Terraform and Juniper (JTAF) configuration/deployment advice/help

Hi Terraform Community,

I’m currently working on a project where the goal is to deploy and configure a Juniper vSRX device leveraging Terraform.
I’ve been following this guide of Juniper to use their JTAF framework to compile my own provider, and so far, after some struggles I managed to build the provider and configure already several parameters via there.

However, I feel I’m missing some efficiency in configuring the device, as in, getting lots of code easily and repeating many things.

As an example, this is my current structure of my project.

│ .gitignore

│ .terraform.lock.hcl

main.tf

providers.tf

README.md

│ terraform.tfstate

│ terraform.tfstate.backup

│ terraform.tfvars

variables.tf

├───.terraform

│ ├───modules

│ │ modules.json

│ │

│ └───providers

│ └───juniper

│ └───providers

│ └───junos-vsrx

│ └───21.31.9

│ └───windows_amd64

│ terraform-provider-junos-vsrx.exe

└───modules

└───vsrx

main.tf

providers.tf

variables.tf

Some of my code is like this:

tfvars

gigabitethernet_0_unit_0_inet_address          = "x.x.x.x/y"
gigabitethernet_0_unit_0_interface_description = "something"

main/variables.tf

#Interface variables
#Interface ge-0/0/0

variable "gigabitethernet_0_unit_0_interface_description" {
  type        = string
  description = "description to assign to interface"

}

variable "gigabitethernet_0_unit_0_inet_address" {
  type        = string
  description = "ip address to assign to interface"


  validation {
    condition     = can(cidrnetmask(var.gigabitethernet_0_unit_0_inet_address))
    error_message = "Must be a valid IPv4 CIDR block address."
  }
}

main/main.tf

module "vsrx" {
  source = "./modules/vsrx"

  #Interface ge-0/0/0

  gigabitethernet_0_unit_0_inet_address          = var.gigabitethernet_0_unit_0_inet_address
  gigabitethernet_0_unit_0_interface_description = var.gigabitethernet_0_unit_0_interface_description
  
  resource "junos-vsrx_commit" "commit-main" {
  resource_name = "commit"
  depends_on    = [module.vsrx]
}

resource "junos-vsrx_destroycommit" "commit-main" {
  resource_name = "destroycommit"
}

modules/vsrx/variables.tf

#Interfaces
#Interface ge-0/0/0

variable "gigabitethernet_0_unit_0_inet_address" {

}

variable "gigabitethernet_0_unit_0_interface_description" {

}

modules/vsrx/main.tf

#Interfaces
#Interface ge-0/0/0

resource "junos-vsrx_InterfacesInterfaceUnitDescription" "vsrx_gigabitethernet_0_unit_0_description" {
    resource_name = "vsrx_gigabitethernet_0_unit_0_description"
    name = "ge-0/0/0"
    name__1 = "0"
    description = var.gigabitethernet_0_unit_0_interface_description
}

resource "junos-vsrx_InterfacesInterfaceUnitFamilyInetAddressName" "vsrx_gigabitethernet_0_unit_0_inet" {
    resource_name = "vsrx_gigabitethernet_0_unit_0_inet"
    name = "ge-0/0/0"
    name__1 = "0"
    name__2 = var.gigabitethernet_0_unit_0_inet_address

As you can probably tell, this is going to work, but it will cost me way more time and become overwhelming soon.

Therefore, my question to the community if there are people around here who’ve been configuring Juniper devices before, with Terraform.

And how you guys code your things the most efficient way, without having to add a variable for every little thing, and have to repeat it multiple times over and over in tf files.

Things I need to configure, but not limited are:

  • Interfaces
  • SNMP
  • Routing Instances
  • Routing Options
  • Policy Options

TL;DR

I do understand the basics and flow such as modules, state, tfvars, … and how to test and build the code.

However, I’m mainly puzzled with how to leverage some features efficiently to apply the DRY principle.

Thanks for any help and/or advice in advance! :grin:

Regards