Terraform Oct Day 2 Notes
Limited Time Offer!
For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!
Demo - VMS, Net
------------------------------
Provisonar
Vars
Cond - Looping
Module
Terraform
implicit - Terraform Providers know very well
explicit - We can set up
===================================================
Step 1 - Which Resources you want to create
Step 2 - Locate resources in Terraform provider pages and its Argument
Step 3 - Put in TF
Example Code
https://www.devopsschool.com/blog/terraform-example-program-to-create-linux-vm/
SOME TASKS
--------------------------------------------
- Spend time understanding this
- Run this code
Task#1 - Add a Node in SG for Allowing 80 port
Task#2 - pub/pvt key must be created in a curr dir call "keys"
Task#3 - Add output block to display PUBLIC IP of the vm.
Task#4 - Find out a ways where you modify this script to create project BUT Not to
use KEYS but Password.Terraform Variables
Terraform Variables Example
variable "numofrg" {
type = number
description = "This is for demo of number variable"
default = 3
}
variable "grpname-prompt" {
type = string
description = "This is for demo of string variable"
}
variable "grpname" {
type = string
description = "This is for demo of string variable"
default = "devopsschool-grp"
}
variable "users" {
type = list
default = ["devops-school-1", "devops-school-2", "devops-school-3"]
description = "This is for demo of list variable"
}
variable "grps" {
type = map
default = {
one = "hello1"
two = "hello2"
}
}
resource "azurerm_resource_group" "mapdemo1" {
name = var.grps["one"]
location = "South India"
}
resource "azurerm_resource_group" "mapdemo2" {
name = var.grps["two"]
location = "South India"
}
resource "azurerm_resource_group" "listdemo" {
name = var.users[0]
location = "South India"
}
resource "azurerm_resource_group" "listdemo1" {
name = var.users[1]
location = "South India"
}
resource "azurerm_resource_group" "listdemo2" {
name = var.users[2]
location = "South India"
}
resource "azurerm_resource_group" "example1" {
name = var.grpname
location = "South India"
}
resource "azurerm_resource_group" "exampleX" {
name = var.grpname-prompt
location = "South India"
}
resource "azurerm_resource_group" "example" {
count = var.numofrg
name = "devopsschool-${count.index}"
location = "South India"
}
output "resource_group4" {
value = azurerm_resource_group.example1.name
}Terraform Provisionar
====================================================
Provisionar
====================================================
CM tool - chef - puppet - ansible - salt
====================================================
I want to run SOME cmd/script after Vm creation...
custom data in azure
user data in aws
-----------------------------
Provisionar
- file AFTER creating a res - COPY a file from HOST to Res(VM)
Connection
- local-exec AFTER creating a res- Run cmd/script in the Host
- Remote-exec - AFTER creating a res- Run cmd/script in the Res(VM)
connection
======================================================
https://www.devopsschool.com/blog/terraform-provisioners-tutorials-and-complete-guide/
Terraform Provisionar Example code with Windows
resource "azurerm_resource_group" "rg" {
location = var.resource_group_location
name = "${random_pet.prefix.id}-rg"
}
# Create virtual network
resource "azurerm_virtual_network" "my_terraform_network" {
name = "${random_pet.prefix.id}-vnet"
address_space = ["10.0.0.0/16"]
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
}
# Create subnet
resource "azurerm_subnet" "my_terraform_subnet" {
name = "${random_pet.prefix.id}-subnet"
resource_group_name = azurerm_resource_group.rg.name
virtual_network_name = azurerm_virtual_network.my_terraform_network.name
address_prefixes = ["10.0.1.0/24"]
}
# Create public IPs
resource "azurerm_public_ip" "my_terraform_public_ip" {
name = "${random_pet.prefix.id}-public-ip"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
allocation_method = "Dynamic"
}
# Create Network Security Group and rules
resource "azurerm_network_security_group" "my_terraform_nsg" {
name = "${random_pet.prefix.id}-nsg"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
security_rule {
name = "RDP"
priority = 1000
direction = "Inbound"
access = "Allow"
protocol = "*"
source_port_range = "*"
destination_port_range = "3389"
source_address_prefix = "*"
destination_address_prefix = "*"
}
security_rule {
name = "web"
priority = 1001
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "80"
source_address_prefix = "*"
destination_address_prefix = "*"
}
security_rule {
name = "winrmhttp"
priority = 1002
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "5985"
source_address_prefix = "*"
destination_address_prefix = "*"
}
security_rule {
name = "winrmhttps"
priority = 1003
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "5986"
source_address_prefix = "*"
destination_address_prefix = "*"
}
}
# Create network interface
resource "azurerm_network_interface" "my_terraform_nic" {
name = "${random_pet.prefix.id}-nic"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
ip_configuration {
name = "my_nic_configuration"
subnet_id = azurerm_subnet.my_terraform_subnet.id
private_ip_address_allocation = "Dynamic"
public_ip_address_id = azurerm_public_ip.my_terraform_public_ip.id
}
}
# Connect the security group to the network interface
resource "azurerm_network_interface_security_group_association" "example" {
network_interface_id = azurerm_network_interface.my_terraform_nic.id
network_security_group_id = azurerm_network_security_group.my_terraform_nsg.id
}
# Create storage account for boot diagnostics
resource "azurerm_storage_account" "my_storage_account" {
name = "diag${random_id.random_id.hex}"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
account_tier = "Standard"
account_replication_type = "LRS"
}
# Create virtual machine
resource "azurerm_windows_virtual_machine" "main" {
name = "${var.prefix}-vm"
admin_username = "azureuser"
admin_password = random_password.password.result
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
network_interface_ids = [azurerm_network_interface.my_terraform_nic.id]
size = "Standard_DS1_v2"
os_disk {
name = "myOsDisk"
caching = "ReadWrite"
storage_account_type = "Premium_LRS"
}
source_image_reference {
publisher = "MicrosoftWindowsServer"
offer = "WindowsServer"
sku = "2022-datacenter-azure-edition"
version = "latest"
}
connection {
type = "winrm"
user = "azureuser"
password = random_password.password.result
https = true
insecure = true
host = self.public_ip_address
}
provisioner "file" {
source = "InitializeInstance.ps1"
destination = "C:\\InitializeInstance.ps1"
}
provisioner "remote-exec" {
inline = [
"powershell -ExecutionPolicy Unrestricted -File C:\\InitializeInstance.ps1 -Schedule"
]
}
provisioner "local-exec" {
command = "deploy.bat"
}
boot_diagnostics {
storage_account_uri = azurerm_storage_account.my_storage_account.primary_blob_endpoint
}
}
# Install IIS web server to the virtual machine
resource "azurerm_virtual_machine_extension" "web_server_install" {
name = "${random_pet.prefix.id}-wsi"
virtual_machine_id = azurerm_windows_virtual_machine.main.id
publisher = "Microsoft.Compute"
type = "CustomScriptExtension"
type_handler_version = "1.8"
auto_upgrade_minor_version = true
settings = <<SETTINGS
{
"commandToExecute": "powershell -ExecutionPolicy Unrestricted Install-WindowsFeature -Name Web-Server -IncludeAllSubFeature -IncludeManagementTools"
}
SETTINGS
}
# Generate random text for a unique storage account name
resource "random_id" "random_id" {
keepers = {
# Generate a new ID only when a new resource group is defined
resource_group = azurerm_resource_group.rg.name
}
byte_length = 8
}
resource "random_password" "password" {
length = 20
min_lower = 1
min_upper = 1
min_numeric = 1
min_special = 1
special = true
}
resource "random_pet" "prefix" {
prefix = var.prefix
length = 1
}
variable "resource_group_location" {
default = "eastus"
description = "Location of the resource group."
}
variable "prefix" {
type = string
default = "win-vm-iis"
description = "Prefix of the resource name"
}
output "resource_group_name" {
value = azurerm_resource_group.rg.name
}
output "public_ip_address" {
value = azurerm_windows_virtual_machine.main.public_ip_address
}
output "admin_password" {
sensitive = true
value = azurerm_windows_virtual_machine.main.admin_password
}Terraform: Example Code for Create Azure Linux/Windows VM with file, remote-exec & local-exec provisioner
Terraform: Create Azure Windows VM with file, remote-exec & local-exec provisioner
Terraform: Create Azure Windows VM with file, remote-exec & local-exec provisioner