Deploy a CN-Series Firewall Using Terraform

1. Use your local cn-series\tfvars to create a file named terraform.tfvars, and add the following variables and their associated values.

   k8s_environment = ""          # Kubernetes environment
                                 # (gke|eks|aks|openshift|native)
   panorama_ip = ""              # Panorama IP address
   panorama_auth_key = ""        # Panorama auth key for VM-series registration
   panorama_device_group = ""    # Panorama device group
   panorama_template_stack = ""  # Panorama template stack
   panorama_collector_group = "" # Panorama log collector group
   k8s_dp_cpu = ""               # DP container CPU limit

2. Validate the Terraform plan.
   $ terraform init
3. Validate the Terraform plan.
   $ terraform plan
4. Apply the Terraform plan.
   $ terraform apply
5. Verify the pods have been deployed and are Ready and the status is Running.
   $ kubectl get pods -A

   NAMESPACE     NAME                     READY   STATUS    RESTARTS   AGE
   ...
   kube-system   pan-cni-6kkxw            1/1     Running   0          26m
   kube-system   pan-cni-tvx2b            1/1     Running   0          26m
   kube-system   pan-mgmt-sts-0           1/1     Running   0          26m
   kube-system   pan-mgmt-sts-1           1/1     Running   0          26m
   kube-system   pan-ngfw-ds-nrtrn        1/1     Running   0          26m
   kube-system   pan-ngfw-ds-rcmmj        1/1     Running   0          26m

   You are ready to Configure Kubernetes plugin for Panorama.