Skip to content

Commit b8b141c

Browse files
TerraformingCloudTerraformingCloud
committed
Added Terraform Provisioners module in Azure Intermediate track
1 parent 612c147 commit b8b141c

File tree

4 files changed

+338
-0
lines changed

4 files changed

+338
-0
lines changed

images/Terraform-Provisioners.png

94.9 KB
Loading

intermediate/azure/Terraform-Provisioners/README.md

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
# Terraform Provisioners example
2+
3+
- [Terraform Provisioners Official Documentation](https://www.terraform.io/docs/provisioners/index.html)
4+
5+
- **Local-Exec Provisioner** - The local-exec provisioner invokes a local executable after a resource is created. This invokes a process on the machine running Terraform, not on the resource.
6+
7+
- **Remote-Exec Provisioner** - The remote-exec provisioner invokes a script on a remote resource after it is created. This can be used to run a configuration management tool, bootstrap into a cluster, etc. The remote-exec provisioner supports both ssh and winrm type connections.
8+
9+
10+
**This module creates a linux virtual machine (UBUNTU 16.04)**
11+
12+
> Note 1: This deployment is not free. If you are not on a free trail, it will incur a very small fee. So, its always a good practice to cleanup everything when you are done with the demo.
13+
14+
> Note 2: We are creating a public IP address and attaching it to the VM to login via SSH. This is not a best practice and not recommended at all in a real production environment. So, please destroy the infrastructure after the demo.
15+
16+
## Changes you need to make before execution
17+
18+
- In **azurerm_network_security_group** resource, paste in your local IP Address in *source_address_prefix*. This will restrict SSH access to your machine. Click [here](https://www.whatsmyip.org/) to findout your local ip address.
19+
20+
## Resources in this module
21+
22+
- A Resource Group
23+
- A Virtual network with a Subnet
24+
- A Network Security Group
25+
- Subnet and NSG Association
26+
- A Public IP Address
27+
- A Network Interface
28+
- A Linux Virtual Machine - (Local-exec and Remote-exec provisioners)
29+
30+
## Provisioners Run
31+
32+
33+
![Provisioners-Run](https://github.com/collabnix/terraform/blob/master/images/Terraform-Provisioners.png)
34+
35+
## After the deployment
36+
37+
- Once the deployment is successful, you can login to the virtual machine. Login to the portal, go to the VM and click on Connect and select SSH.
38+
39+
> DO NOT FORGET to cleanup everything with **$ terraform destroy -auto-approve**
40+

intermediate/azure/Terraform-Provisioners/linuxvm.tf

Lines changed: 163 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,163 @@
1+
#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
2+
# Create a Linux VM and Run provisioners
3+
#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
4+
5+
#
6+
# - Provider Block
7+
#
8+
9+
provider "azurerm" {
10+
client_id = var.client_id
11+
client_secret = var.client_secret
12+
subscription_id = var.subscription_id
13+
tenant_id = var.tenant_id
14+
15+
features {}
16+
}
17+
18+
#
19+
# - Create a Resource Group
20+
#
21+
22+
resource "azurerm_resource_group" "rg" {
23+
name = "${var.prefix}-rg"
24+
location = var.location
25+
tags = var.tags
26+
}
27+
28+
#
29+
# - Create a Virtual Network
30+
#
31+
32+
resource "azurerm_virtual_network" "vnet" {
33+
name = "${var.prefix}-vnet"
34+
resource_group_name = azurerm_resource_group.rg.name
35+
location = azurerm_resource_group.rg.location
36+
address_space = [var.vnet_address_range]
37+
tags = var.tags
38+
}
39+
40+
#
41+
# - Create a Subnet inside the virtual network
42+
#
43+
44+
resource "azurerm_subnet" "web" {
45+
name = "${var.prefix}-web-subnet"
46+
resource_group_name = azurerm_resource_group.rg.name
47+
virtual_network_name = azurerm_virtual_network.vnet.name
48+
address_prefixes = [var.subnet_address_range]
49+
}
50+
51+
#
52+
# - Create a Network Security Group
53+
#
54+
55+
resource "azurerm_network_security_group" "nsg" {
56+
name = "${var.prefix}-web-nsg"
57+
resource_group_name = azurerm_resource_group.rg.name
58+
location = azurerm_resource_group.rg.location
59+
tags = var.tags
60+
61+
security_rule {
62+
name = "Allow_SSH"
63+
priority = 1000
64+
direction = "Inbound"
65+
access = "Allow"
66+
protocol = "Tcp"
67+
source_port_range = "*"
68+
destination_port_range = 22
69+
source_address_prefix = "PASTE_YOUR_LOCAL_IP"
70+
destination_address_prefix = "*"
71+
}
72+
}
73+
74+
75+
#
76+
# - Subnet-NSG Association
77+
#
78+
79+
resource "azurerm_subnet_network_security_group_association" "subnet-nsg" {
80+
subnet_id = azurerm_subnet.web.id
81+
network_security_group_id = azurerm_network_security_group.nsg.id
82+
}
83+
84+
85+
#
86+
# - Public IP (To Login to Linux VM)
87+
#
88+
89+
resource "azurerm_public_ip" "pip" {
90+
name = "${var.prefix}-linuxvm-public-ip"
91+
resource_group_name = azurerm_resource_group.rg.name
92+
location = azurerm_resource_group.rg.location
93+
allocation_method = var.allocation_method[0]
94+
tags = var.tags
95+
}
96+
97+
#
98+
# - Create a Network Interface Card for Virtual Machine
99+
#
100+
101+
resource "azurerm_network_interface" "nic" {
102+
name = "${var.prefix}-linuxvm-nic"
103+
resource_group_name = azurerm_resource_group.rg.name
104+
location = azurerm_resource_group.rg.location
105+
tags = var.tags
106+
ip_configuration {
107+
name = "linuxvm-nic-ipconfig"
108+
subnet_id = azurerm_subnet.web.id
109+
public_ip_address_id = azurerm_public_ip.pip.id
110+
private_ip_address_allocation = var.allocation_method[1]
111+
}
112+
}
113+
114+
115+
#
116+
# - Create a Linux Virtual Machine
117+
#
118+
119+
resource "azurerm_linux_virtual_machine" "vm" {
120+
name = "${var.prefix}-linuxvm"
121+
resource_group_name = azurerm_resource_group.rg.name
122+
location = azurerm_resource_group.rg.location
123+
network_interface_ids = [azurerm_network_interface.nic.id]
124+
size = var.virtual_machine_size
125+
computer_name = var.computer_name
126+
admin_username = var.admin_username
127+
admin_password = var.admin_password
128+
disable_password_authentication = false
129+
130+
os_disk {
131+
name = "${var.prefix}-${var.os_disk.name}"
132+
caching = var.os_disk.caching
133+
storage_account_type = var.os_disk.storage_account_type
134+
disk_size_gb = var.os_disk.size
135+
}
136+
137+
source_image_reference {
138+
publisher = var.os_image.publisher
139+
offer = var.os_image.offer
140+
sku = var.os_image.sku
141+
version = var.os_image.version
142+
}
143+
144+
provisioner "local-exec" {
145+
command = "echo 'Hello, This is the output of Local-Exec Provisioner'"
146+
}
147+
148+
provisioner "remote-exec" {
149+
inline = [
150+
"echo 'Hello, This is the output of Remote-Exec Provisioner'"
151+
]
152+
connection {
153+
type = "ssh"
154+
user = var.admin_username
155+
password = var.admin_password
156+
host = azurerm_public_ip.pip.ip_address
157+
}
158+
}
159+
160+
tags = var.tags
161+
162+
}
163+

intermediate/azure/Terraform-Provisioners/variables.tf

Lines changed: 135 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,135 @@
1+
#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
2+
# Linux VM - Variables
3+
#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*#*
4+
5+
# Service Principal Variables
6+
7+
variable "client_id" {
8+
description = "Client ID (APP ID) of the application"
9+
type = string
10+
}
11+
12+
variable "client_secret" {
13+
description = "Client Secret (Password) of the application"
14+
type = string
15+
}
16+
17+
variable "subscription_id" {
18+
description = "Subscription ID"
19+
type = string
20+
}
21+
22+
variable "tenant_id" {
23+
description = "Tenant ID"
24+
type = string
25+
}
26+
27+
# Prefix and Tags
28+
29+
variable "prefix" {
30+
description = "Prefix to append to all resource names"
31+
type = string
32+
default = "Collabnix"
33+
}
34+
35+
variable "tags" {
36+
description = "Resouce tags"
37+
type = map(string)
38+
default = {
39+
"author" = "Vamsi"
40+
"deployed_with" = "Terraform"
41+
}
42+
}
43+
44+
# Resource Group
45+
46+
variable "location" {
47+
description = "Location of the resource group"
48+
type = string
49+
default = "East US"
50+
}
51+
52+
# Vnet and Subnet
53+
54+
variable "vnet_address_range" {
55+
description = "IP Range of the virtual network"
56+
type = string
57+
default = "10.0.0.0/16"
58+
}
59+
60+
variable "subnet_address_range" {
61+
description = "IP Range of the virtual network"
62+
type = string
63+
default = "10.0.1.0/24"
64+
}
65+
66+
# Public IP and NIC Allocation Method
67+
68+
variable "allocation_method" {
69+
description = "Allocation method for Public IP Address and NIC Private ip address"
70+
type = list(string)
71+
default = ["Static", "Dynamic"]
72+
}
73+
74+
75+
# VM
76+
77+
variable "virtual_machine_size" {
78+
description = "Size of the VM"
79+
type = string
80+
default = "Standard_B1s"
81+
}
82+
83+
variable "computer_name" {
84+
description = "Computer name"
85+
type = string
86+
default = "Linuxvm"
87+
}
88+
89+
variable "admin_username" {
90+
description = "Username to login to the VM"
91+
type = string
92+
default = "linuxadmin"
93+
}
94+
95+
variable "admin_password" {
96+
description = "Password to login to the VM"
97+
type = string
98+
default = "P@$$w0rD2020*"
99+
}
100+
101+
variable "os_disk" {
102+
description = "Os Disk Details"
103+
type = object({
104+
name = string
105+
caching = string
106+
storage_account_type = string
107+
size = number
108+
})
109+
110+
default = {
111+
name = "linuxvm-disk"
112+
caching = "ReadWrite"
113+
storage_account_type = "StandardSSD_LRS"
114+
size = 64
115+
}
116+
}
117+
118+
119+
variable "os_image" {
120+
description = "OS image details"
121+
type = object({
122+
publisher = string
123+
offer = string
124+
sku = string
125+
version = string})
126+
127+
default = {
128+
publisher = "Canonical"
129+
offer = "UbuntuServer"
130+
sku = "16.04-LTS"
131+
version = "latest"
132+
}
133+
}
134+
135+

0 commit comments

Comments
 (0)