Azure – Terraform #5

Hi there

in this post I’m covering Azure & Terraform series today I’m introducing vars.tf file which we use to declare all variables for our main.tf file to standardize our Azure through Terraform scripts.

Before we continue check your Terraform version running terraform –version 

Quick review

  1. download Terraform from https://www.terraform.io/downloads.html
  2. edit your Windows PATH variable to point to your terraform main folder (I have a main folder for Azure deployments with a folder on C:\TERRAFORM\ where I extract my Terraform downloaded file into)
  3. quick commands
    1. az login
    2. terraform init
    3. terraform plan -out myplanName
    4. terraform apply myplanName
    5. follow up your console output to check for any warnings, errors and its deployment
    6. terraform destroy

 

Now you’re ready to continue

download main.tf and vars.tf for this exercise

This main.tf will create the following using variables from vars.tf

  1. azure resource group named MyTerraform5
  2. region (location): eastus
  3. azure VNET named mytf5-vnet
  4. azure subnet #1 named mytf5-sbn1
  5. azure ubuntu vm 1804 LTS named mytf5-vm01
  6. azure public ip for the ubuntu vm named mytf5-pip01
  7. azure nsg with firewall rule allowing ssh tcp port 22 to the vm through its public ip
  8. vm admin user named: adminuser
  9. vm password: P@ssw0rd@2020@

Let’s roll

go to your work directory

  • run terraform init
  • run terraform plan -out mytf5-plan1
  • run terraform apply mytfr-plan1

 

you should now enter the variables asked on screen

  • var.admin_password
    Password must meet Azure complexity requirements
    Enter a value: P@ssw0rd@2020@
  • var.admin_username
    Administrator user name for virtual machine
    Enter a value: adminuser
  • var.location
    Enter a value: eastus

save the info above: username and password to connect when the VM is deployed

have ready putty or any other ssh client that you like to use (Windows 10 build 18xx has built-in ssh client on it)

ssh adminuser@public_ip_address with password and you should be good (accept the RSA ssl cert, after you’re logged run sudo su – to get root access)

type halt to shutdown the vm then deallocate it from the Azure portal

Files explained

vars.tf

#enter the subscriptin id that returns from your az login command
variable "subscription_id" {
type = string
description = "Subscription ID"
default = "xxxxx-zzzzz-yyyyy-aaaaa-eeeee"
}

#will ask you to pick one of the declared
variable "location" {}

#will ask for the username you want to use/set
variable "admin_username" {
type = string
description = "Administrator user name for virtual machine"
}

#will ask for the password you want to use/set
variable "admin_password" {
type = string
description = "Password must meet Azure complexity requirements"
}

#will add the name on "default" below as prefix for all azure resources to be created on this exercise
variable "prefix" {
type = string
default = "my"
}

#will add the tags accordingly
variable "tags" {
type = "map"

default = {
Environment = "Terraform GS"
Dept = "Engineering"
}
}

#will ask for the sku location to pick the proper vm sku (version)
#this location will be the default location for all resources created on this deployment

#this example is based on the available OS image enabled / available on each location/region
variable "sku" {
default = {
westus = "16.04-LTS"
eastus = "18.04-LTS"
}
}

 

main.tf

# Configure the Microsoft Azure Provider.
provider "azurerm" {
version = "~>2.0"
features {}
subscription_id = var.subscription_id
}

# Create a resource group
resource "azurerm_resource_group" "rg" {
name = "${var.prefix}TFRG"
location = var.location
tags = var.tags
}

# Create virtual network
resource "azurerm_virtual_network" "vnet" {
name = "${var.prefix}TFVnet"
address_space = ["10.0.0.0/16"]
location = var.location
resource_group_name = azurerm_resource_group.rg.name
tags = var.tags
}

# Create subnet
resource "azurerm_subnet" "subnet" {
name = "${var.prefix}TFSubnet"
resource_group_name = azurerm_resource_group.rg.name
virtual_network_name = azurerm_virtual_network.vnet.name
address_prefixes = ["10.0.1.0/24"]
}

# Create public IP
resource "azurerm_public_ip" "publicip" {
name = "${var.prefix}TFPublicIP"
location = var.location
resource_group_name = azurerm_resource_group.rg.name
allocation_method = "Dynamic"
tags = var.tags
}

# Create Network Security Group and rule
resource "azurerm_network_security_group" "nsg" {
name = "${var.prefix}TFNSG"
location = var.location
resource_group_name = azurerm_resource_group.rg.name
tags = var.tags

security_rule {
name = "SSH"
priority = 1001
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "22"
source_address_prefix = "*"
destination_address_prefix = "*"
}
}

# Create network interface
resource "azurerm_network_interface" "nic" {
name = "${var.prefix}NIC"
location = var.location
resource_group_name = azurerm_resource_group.rg.name
# network_security_group_id = azurerm_network_security_group.nsg.id
tags = var.tags

ip_configuration {
name = "${var.prefix}NICConfg"
subnet_id = azurerm_subnet.subnet.id
private_ip_address_allocation = "dynamic"
public_ip_address_id = azurerm_public_ip.publicip.id
}
}

# Create a Linux virtual machine
resource "azurerm_virtual_machine" "vm" {
name = "${var.prefix}TFVM"
location = var.location
resource_group_name = azurerm_resource_group.rg.name
network_interface_ids = [azurerm_network_interface.nic.id]
vm_size = "Standard_DS1_v2"
tags = var.tags

storage_os_disk {
name = "${var.prefix}OsDisk"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Premium_LRS"
}

storage_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = lookup(var.sku, var.location)
version = "latest"
}

os_profile {
computer_name = "${var.prefix}TFVM"
admin_username = var.admin_username
admin_password = var.admin_password
}

os_profile_linux_config {
disable_password_authentication = false
}

}

#defines the variable for an output on screen
data "azurerm_public_ip" "ip" {
name = azurerm_public_ip.publicip.name
resource_group_name = azurerm_virtual_machine.vm.resource_group_name
}

#displays on screen the public ip address set for the VM deployed
output "public_ip_address" {
value = data.azurerm_public_ip.ip.ip_address
}

#displays on screen the sku and location chosen for this deployment
output "os_sku" {
value = lookup(var.sku, var.location)
}

References

https://learn.hashicorp.com/terraform/azure/variables_az

Thanks,

Thiago Beier
TwitterLinkedInFacebookRSS

One thought on “Azure – Terraform #5

Comments are closed.