https://github.com/blndev/terraform-azure-vms-template

Template for creating Azure VMs with Terraform
https://github.com/blndev/terraform-azure-vms-template

Last synced: 4 months ago
JSON representation

Template for creating Azure VMs with Terraform

• Host: GitHub
• URL: https://github.com/blndev/terraform-azure-vms-template
• Owner: blndev
• License: mit
• Created: 2020-02-21T21:51:09.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2020-03-12T22:15:19.000Z (about 6 years ago)
• Last Synced: 2025-07-19T04:56:35.701Z (11 months ago)
• Language: HCL
• Homepage:
• Size: 20.5 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.adoc
  • License: LICENSE

Awesome Lists containing this project

README

          
:Title: 

:Description: 

# What is it?

It's a Ubuntu LTS based Lab Environment, run on Azure, deployed via Terraform.

There is no Workload deployed, only the Infrastructure.

As Infrastructure it installs a small Jump and Management Host,create a new Public Key Pair and enable SSH on it.

In addition it installs n (see config) Servers. These Servers are only reachable via SSH from the Jump. Therefore they are placed in a dedicated Subnet.

All Servers have two NICs. One for Management Traffic from Jump and one for the inter Server communication.

This Template is for example used by me for an Openstack Playground and also for an Rancher Kubernetes Playground.

## What is not Active

For cost reasons this Temnplate does not activate Azure Backup, Azure Log Diagnostics and such services.

# Prerequisites

To install this Lab, you need to fulfill some requirements.

## Install

* Azure CLI >= 2.0.70 https://docs.microsoft.com/en-us/cli/azure/?view=azure-cli-latest

* Terraform >= 0.12.6 https://learn.hashicorp.com/terraform/azure/install_az

* Python 3

## Authentication

Use 'az login' to connect to your Azure environment or use https://shell.azure.com which already contains az and terraform.

### Create a Service Principal

So we have first to cerate an Service Principle Account.

If something is unclear follow https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli?view=azure-cli-latest= 

[source,bash]

----

az ad sp create-for-rbac --name TerraformDeploy - o json

----

Note the output PWD and AppID

Now make sure that these account has the correct rights (contributor)

[source,bash]

----

az role assignment list --assignee APP_ID

az role assignment create --assignee APP_ID --role Contributor

----

### Using the Credentials

Export the credentials into an environment variable or add them in the header of our terraform - script (not suggested!).

.credentials.sh

[source,bash]

----

export ARM_CLIENT_ID="00000000-0000-0000-0000-000000000000"

export ARM_CLIENT_SECRET="00000000-0000-0000-0000-000000000000"

export ARM_SUBSCRIPTION_ID="00000000-0000-0000-0000-000000000000"

export ARM_TENANT_ID="00000000-0000-0000-0000-000000000000"

----

### a little Helper

There is a maintained file which can be used for dev environments. It's called "credentials-template.sh".

Usually i create a copy of "credentials-template.sh" and name it "credentials-apply.sh". This file is ignored by git and will never checked in. 

Then i can add my credentials into "credentials-apply.sh" and execute ```source credentials-apply.sh``` once, before doing anything with terraform.

That prevents on development systems that the credentials are shown in the bash history and that they are mixed up for different projects because of global environment variables. 

## Create your Playground on Azure

Please check that on plan/apply the database will not be destroyed.

If so, then you will use all of your in the past collected data.

[source,bash]

----

terraform init  # download all required modules

terraform plan  # check credentials and configuration

terraform apply # install or upgrade solution

----

Be aware: there is a public IP created. You should limit access from your source ip or remove the inbound security rule after finishing the configuration.

The default user on the Machine is "linux" and a new SSH Keypair is generated to access the vm. You will find the require information in the terraform output and in the "output" folder.

[source,bash]

----

ssh IPADDRESS -F sshConfig

----

To remove every resource you have created just execute

[source,bash]

----

terraform destroy -y

----

# Configuration

Alle configuration can be done via Environment Variable or via teh vars.tf File.

There is no need to change the other Files.

The real Workload will be deployed via _hostconfig/bastion.sh_.