Automating Day 2 Ops: Infrastructure as Code with Nutanix Calm & Terraform

Introduction

The shift to Infrastructure as Code (IaC) has transformed how organizations manage initial provisioning. However, Day 2 operations—everything after deployment, such as scaling, patching, and backup—are often neglected or left manual. Nutanix environments provide a unique opportunity to automate these post-deployment tasks using both Nutanix Calm and Terraform.

This deep dive explores practical IaC patterns for automating Day 2 Ops on Nutanix platforms. You’ll get hands-on templates, real-world examples, and hybrid automation strategies that combine Calm and Terraform for maximum impact.

---

The Evolution of Day 2 Operations

In traditional IT, Day 2 Ops includes any activity required to keep infrastructure running after Day 1 provisioning. Examples:

• Patching VMs and applications
• Scaling resources up or down
• Orchestrating scheduled backups or DR workflows
• Rotating secrets or certificates

Manual execution increases risk and cost. Automating these steps is essential for modern infrastructure teams.

---

Nutanix Calm: Native IaC for Nutanix

Nutanix Calm is the platform’s orchestration and automation engine. Calm provides:

• Blueprint-based IaC: Model applications and their lifecycle as code.
• Day 2 Runbooks: Attach post-deployment actions directly to blueprints.
• Self-service portal: Enable delegated ops for IT and developers.

Calm Blueprint Anatomy

A Calm blueprint defines:

• Infrastructure: VMs, networks, storage
• Application stack: OS, middleware, app layers
• Runbooks: Actions such as scale, patch, backup

Example snippet (YAML):

applications:
  web:
    substrates:
      vm:
        type: AHV_VM
        os_type: Linux
        resources:
          cpu: 2
          memory: 4GiB
    packages:
      install_nginx:
        type: Shell
        script: |
          sudo apt update
          sudo apt install -y nginx
    services:
      nginx:
        dependencies:
          - install_nginx
actions:
  scale_out:
    description: "Add a web node"
    script: |
      # Calm code to clone VM, update load balancer

Day 2 Ops with Calm Runbooks

Calm lets you attach Day 2 operations as runbooks or actions. These can be:

• On-demand (triggered manually or via API)
• Scheduled (patch every Sunday, run backup every night)
• Event-driven (scale when CPU > 80%)

Example: Automated Patch Action

actions:
  patch_os:
    description: "Apply latest security updates"
    script: |
      sudo apt update && sudo apt upgrade -y

This action can be executed on-demand or scheduled via Calm’s built-in job scheduler.

---

Terraform with Nutanix: Declarative Day 2 Automation

Terraform is widely adopted for cloud and on-prem automation. The Nutanix provider supports most platform features:

• Resource Modeling: VMs, networks, categories, images, projects, etc.
• Immutable Changes: Adjust state files to perform Day 2 tasks (e.g., scale VM resources, attach disks).
• Modular Patterns: Reusable modules for repeatable ops.

Example: Scaling a VM with Terraform

provider "nutanix" {
  username = var.nutanix_username
  password = var.nutanix_password
  endpoint = var.nutanix_endpoint
  insecure = true
}

resource "nutanix_virtual_machine" "web" {
  name     = "web-01"
  memory_size_mib = 8192
  num_vcpus_per_socket = 2
  num_sockets = 1
  # ... other properties
}

# Day 2: Scale VM by updating the memory
# Just edit memory_size_mib and re-apply

Example: Day 2 Disk Attachment

resource "nutanix_virtual_disk" "data_disk" {
  vm_id      = nutanix_virtual_machine.web.id
  size_mib   = 10240
  bus_type   = "SCSI"
}

Update or add this resource block and run terraform apply to automate disk expansion as a Day 2 operation.

---

Pattern 1: Calm-Only Day 2 Ops

• All automation is codified in Calm blueprints and runbooks.
• Admins and DevOps can trigger Day 2 actions from the Prism Central UI or via API/webhook.
• Best for teams standardized on Nutanix tools or requiring fine-grained RBAC/self-service.

Pros: Native experience, full-featured, audit/compliance built-in.
Cons: Limited portability, more YAML authoring.

---

Pattern 2: Terraform-Only Day 2 Ops

• Day 2 lifecycle (scale, reconfig, backups) is handled by updating Terraform state and modules.
• Enables automation via pipelines (CI/CD), works with any Terraform-friendly system (GitOps, Jenkins, etc.).
• Best for shops already invested in Terraform or managing hybrid/multi-cloud.

Pros: Portability, integrates with DevOps workflows.
Cons: Not all Nutanix features are covered by the provider; state management must be handled carefully.

---

Pattern 3: Hybrid Calm & Terraform

• Use Terraform for Day 1 build-out and Calm for delegated Day 2 operations.
• Orchestrate Calm actions from Terraform with local-exec, HTTP providers, or webhook triggers.
• Example: Terraform provisions infra, then calls a Calm runbook to patch or scale.

Sample Hybrid Flow

1. Terraform applies new VM(s).
2. Terraform triggers Calm Day 2 runbook via API call.

Terraform HTTP Provider Example

provider "http" {}

resource "http_request" "trigger_patch" {
  url    = "https://prism.example.com:9440/api/nutanix/v3/runbooks/{runbook_id}/run"
  method = "POST"
  headers = {
    "Authorization" = "Basic ${base64encode("${var.user}:${var.pass}")}"
    "Content-Type"  = "application/json"
  }
  body = jsonencode({
    # Runbook parameters here
  })
}

This lets you automate the full stack—provision and Day 2 ops—in a repeatable, CI-friendly way.

---

Real-World Day 2 Ops: Scenario Examples

1. Automated OS Patching

• Calm: Attach a patch action to blueprint or run as recurring job.
• Terraform: Use external script provider or call Calm via HTTP to perform patching across VMs.

2. Scheduled Backups

• Calm: Build backup actions into runbooks, set schedule in Calm UI.
• Terraform: Manage Nutanix snapshots via provider, or integrate with Calm backup workflows.

3. Dynamic Scaling

• Calm: Add scale in/out actions to blueprints.
• Terraform: Change resource counts, update modules, and apply to scale up/down.

---

Sample Calm Blueprint: Scheduled Patch

actions:
  scheduled_patch:
    description: "Weekly OS Patching"
    script: |
      sudo apt update && sudo apt upgrade -y
    schedule:
      cron: "0 3 * * 0"
      timezone: "UTC"

---

Sample Terraform Module: VM Day 2 Scaling

module "nutanix_web_vm" {
  source           = "./modules/nutanix_vm"
  name             = "web-01"
  vcpus            = 2
  memory_size_mib  = 16384 # Day 2: Double memory
  # ...other variables
}

---

Best Practices for Day 2 IaC Automation

• Parameterize Everything: Use variables for sizes, schedules, patch commands.
• Idempotence: Ensure scripts/actions are safe to re-run.
• RBAC: Limit sensitive actions via Prism Central roles.
• Audit & Logging: Use Calm’s native logging or external tools (Splunk, ELK).
• Pipeline Integration: Trigger from CI/CD or GitOps workflows for true continuous ops.

---

Conclusion

Automating Day 2 Ops with IaC in Nutanix environments elevates infrastructure maturity and operational agility. Calm and Terraform both bring unique strengths—together, they cover nearly every Day 2 scenario, from patching and backup to scaling and orchestration. Leverage patterns, code, and integration techniques from this guide to streamline your operational workflows and reduce manual toil.

Disclaimer: The views expressed in this article are those of the author and do not represent the opinions of Nutanix, my employer or any affiliated organization. Always refer to the official Nutanix documentation before production deployment.