Terraform Oct Day 2 Notes

Demo - VMS, Net
------------------------------
Provisonar
Vars
Cond - Looping
Module


Terraform
	implicit - Terraform Providers know very well
	explicit - We can set up
===================================================
Step 1 - Which Resources you want to create
Step 2 - Locate resources in Terraform provider pages and its Argument
Step 3 - Put in TF 
		
Example Code
https://www.devopsschool.com/blog/terraform-example-program-to-create-linux-vm/

SOME TASKS
--------------------------------------------
- Spend time understanding this
- Run this code

Task#1 - Add a Node in SG for Allowing 80 port
Task#2 - pub/pvt key must be created in a curr dir call "keys"
Task#3 - Add output block to display PUBLIC IP of the vm.
Task#4 - Find out a ways where you modify this script to create project BUT Not to 
use KEYS but Password.

Terraform Variables

Terraform Variables Example

variable "numofrg" {
  type = number
  description = "This is for demo of number variable"
  default = 3
}

variable "grpname-prompt" {
  type = string
  description = "This is for demo of string variable"
}

variable "grpname" {
  type = string
  description = "This is for demo of string variable"
  default = "devopsschool-grp"
}

variable "users" {
    type    = list
    default = ["devops-school-1", "devops-school-2", "devops-school-3"]
    description = "This is for demo of list variable"
}

variable "grps" {
  type = map
  default 	= {
    one = "hello1"
    two = "hello2"
  }
}
resource "azurerm_resource_group" "mapdemo1" {
  name     = var.grps["one"]
  location = "South India"
}



resource "azurerm_resource_group" "mapdemo2" {
  name     = var.grps["two"]
  location = "South India"
}

resource "azurerm_resource_group" "listdemo" {
  name     = var.users[0]
  location = "South India"
}

resource "azurerm_resource_group" "listdemo1" {
  name     = var.users[1]
  location = "South India"
}

resource "azurerm_resource_group" "listdemo2" {
  name     = var.users[2]
  location = "South India"
}

resource "azurerm_resource_group" "example1" {
  name     = var.grpname
  location = "South India"
}

resource "azurerm_resource_group" "exampleX" {
  name     = var.grpname-prompt
  location = "South India"
}

resource "azurerm_resource_group" "example" {
  count = var.numofrg
  name     = "devopsschool-${count.index}"
  location = "South India"
}

output "resource_group4" { 
	value = azurerm_resource_group.example1.name
 }

Terraform Provisionar

====================================================
Provisionar
====================================================
CM tool - chef - puppet - ansible - salt
====================================================
I want to run SOME cmd/script after Vm creation...
custom data in azure
user data in aws
-----------------------------
Provisionar
	- file		AFTER creating a res - COPY a file from HOST to Res(VM)	
				Connection
	- local-exec	AFTER creating a res- Run cmd/script in the Host

	- Remote-exec - 	AFTER creating a res- Run cmd/script in the Res(VM)	
				connection
======================================================

https://www.devopsschool.com/blog/terraform-provisioners-tutorials-and-complete-guide/

Terraform Provisionar Example code with Windows

resource "azurerm_resource_group" "rg" {
  location = var.resource_group_location
  name     = "${random_pet.prefix.id}-rg"
}

# Create virtual network
resource "azurerm_virtual_network" "my_terraform_network" {
  name                = "${random_pet.prefix.id}-vnet"
  address_space       = ["10.0.0.0/16"]
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
}

# Create subnet
resource "azurerm_subnet" "my_terraform_subnet" {
  name                 = "${random_pet.prefix.id}-subnet"
  resource_group_name  = azurerm_resource_group.rg.name
  virtual_network_name = azurerm_virtual_network.my_terraform_network.name
  address_prefixes     = ["10.0.1.0/24"]
}

# Create public IPs
resource "azurerm_public_ip" "my_terraform_public_ip" {
  name                = "${random_pet.prefix.id}-public-ip"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  allocation_method   = "Dynamic"
}

# Create Network Security Group and rules
resource "azurerm_network_security_group" "my_terraform_nsg" {
  name                = "${random_pet.prefix.id}-nsg"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name

  security_rule {
    name                       = "RDP"
    priority                   = 1000
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "*"
    source_port_range          = "*"
    destination_port_range     = "3389"
    source_address_prefix      = "*"
    destination_address_prefix = "*"
  }
  security_rule {
    name                       = "web"
    priority                   = 1001
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "80"
    source_address_prefix      = "*"
    destination_address_prefix = "*"
  }
  security_rule {
    name                       = "winrmhttp"
    priority                   = 1002
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "5985"
    source_address_prefix      = "*"
    destination_address_prefix = "*"
  }
  security_rule {
    name                       = "winrmhttps"
    priority                   = 1003
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "5986"
    source_address_prefix      = "*"
    destination_address_prefix = "*"
  }
}

# Create network interface
resource "azurerm_network_interface" "my_terraform_nic" {
  name                = "${random_pet.prefix.id}-nic"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name

  ip_configuration {
    name                          = "my_nic_configuration"
    subnet_id                     = azurerm_subnet.my_terraform_subnet.id
    private_ip_address_allocation = "Dynamic"
    public_ip_address_id          = azurerm_public_ip.my_terraform_public_ip.id
  }
}

# Connect the security group to the network interface
resource "azurerm_network_interface_security_group_association" "example" {
  network_interface_id      = azurerm_network_interface.my_terraform_nic.id
  network_security_group_id = azurerm_network_security_group.my_terraform_nsg.id
}

# Create storage account for boot diagnostics
resource "azurerm_storage_account" "my_storage_account" {
  name                     = "diag${random_id.random_id.hex}"
  location                 = azurerm_resource_group.rg.location
  resource_group_name      = azurerm_resource_group.rg.name
  account_tier             = "Standard"
  account_replication_type = "LRS"
}


# Create virtual machine
resource "azurerm_windows_virtual_machine" "main" {
  name                  = "${var.prefix}-vm"
  admin_username        = "azureuser"
  admin_password        = random_password.password.result
  location              = azurerm_resource_group.rg.location
  resource_group_name   = azurerm_resource_group.rg.name
  network_interface_ids = [azurerm_network_interface.my_terraform_nic.id]
  size                  = "Standard_DS1_v2"

  os_disk {
    name                 = "myOsDisk"
    caching              = "ReadWrite"
    storage_account_type = "Premium_LRS"
  }

  source_image_reference {
    publisher = "MicrosoftWindowsServer"
    offer     = "WindowsServer"
    sku       = "2022-datacenter-azure-edition"
    version   = "latest"
  }

   connection {
      type     = "winrm"
      user     = "azureuser"
      password = random_password.password.result
	  https       = true
	  insecure    = true
	  host 	      = self.public_ip_address
   }
   
   provisioner "file" {
    source      = "InitializeInstance.ps1"
    destination = "C:\\InitializeInstance.ps1"
   }

   provisioner "remote-exec" {
   inline = [
         "powershell -ExecutionPolicy Unrestricted -File C:\\InitializeInstance.ps1 -Schedule"
        ]
    }
	
	provisioner "local-exec" {
    command = "deploy.bat"
	}
	

  boot_diagnostics {
    storage_account_uri = azurerm_storage_account.my_storage_account.primary_blob_endpoint
  }
}

# Install IIS web server to the virtual machine
resource "azurerm_virtual_machine_extension" "web_server_install" {
  name                       = "${random_pet.prefix.id}-wsi"
  virtual_machine_id         = azurerm_windows_virtual_machine.main.id
  publisher                  = "Microsoft.Compute"
  type                       = "CustomScriptExtension"
  type_handler_version       = "1.8"
  auto_upgrade_minor_version = true

  settings = <<SETTINGS
    {
      "commandToExecute": "powershell -ExecutionPolicy Unrestricted Install-WindowsFeature -Name Web-Server -IncludeAllSubFeature -IncludeManagementTools"
    }
  SETTINGS
  
	
}

# Generate random text for a unique storage account name
resource "random_id" "random_id" {
  keepers = {
    # Generate a new ID only when a new resource group is defined
    resource_group = azurerm_resource_group.rg.name
  }

  byte_length = 8
}

resource "random_password" "password" {
  length      = 20
  min_lower   = 1
  min_upper   = 1
  min_numeric = 1
  min_special = 1
  special     = true
}

resource "random_pet" "prefix" {
  prefix = var.prefix
  length = 1
}

variable "resource_group_location" {
  default     = "eastus"
  description = "Location of the resource group."
}

variable "prefix" {
  type        = string
  default     = "win-vm-iis"
  description = "Prefix of the resource name"
}

output "resource_group_name" {
  value = azurerm_resource_group.rg.name
}

output "public_ip_address" {
  value = azurerm_windows_virtual_machine.main.public_ip_address
}

output "admin_password" {
  sensitive = true
  value     = azurerm_windows_virtual_machine.main.admin_password
}

Terraform: Example Code for Create Azure Linux/Windows VM with file, remote-exec & local-exec provisioner

Terraform: Create Azure Windows VM with file, remote-exec & local-exec provisioner

Terraform: Create Azure Windows VM with file, remote-exec & local-exec provisioner
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x