hashicorp / terraform-provider-azurestack Goto Github PK
View Code? Open in Web Editor NEWTerraform provider for Azure Stack
Home Page: https://www.terraform.io/docs/providers/azurestack/
License: Mozilla Public License 2.0
Terraform provider for Azure Stack
Home Page: https://www.terraform.io/docs/providers/azurestack/
License: Mozilla Public License 2.0
terraform v1.3.3
azurestack v1.0.0
I can use resource azurerm_network_interface_security_group_association
to associate nic and nsg, but unable to do so in azurestack.
when trying the following definition, I get error
An argument named "network_security_group_id" is not expected here.
resource "azurestack_network_interface" "nics" {
for_each = { for nic in var.nics : nic.id => nic }
name = each.value.name
location = data.azurestack_resource_group.rgs[each.value.resource_group_name].location
resource_group_name = data.azurestack_resource_group.rgs[each.value.resource_group_name].name
network_security_group_id = azurestack_network_security_group.nsgs[each.value.nsg_resource_id].id
ip_configuration {
name = each.value.ip_configs[0].name
subnet_id = each.value.ip_configs[0].subnet_resource_id
private_ip_address_allocation = each.value.ip_configs[0].private_ip_address_allocation
public_ip_address_id = each.value.ip_configs[0].public_ip_address_resource_id
}
}
Is vNet Peering supported in the Azure Stack provider?
If not can I request support?
It is late in the day so I might be missing something.
Thanks.
Using the azure stack provider version 0.8.0
and terraform version 0.11.14
, I get the following error when trying to plan and apply:
Error: Error running plan: 1 error occurred:
* provider.azurestack: Unable to list provider registration status, it is possible that this is due to invalid credentials or the service principal does not have permission to use the Resource Manager API, Azure error: azure.BearerAuthorizer#WithAuthorization: Failed to refresh the Token for request to https://<endpoint_to_stack>/subscriptions/<sub_id>/providers?api-version=2016-02-01: StatusCode=0 -- Original Error: adal: Failed to execute the refresh request. Error = 'Post https://login.microsoftonline.com/.../oauth2/token?api-version=1.0: context canceled'
I have to forcefully CTRL+C
out of the execution otherwise it just sits there and hangs. This originally started happening to me in version 0.7.0
of the stack provider as well. This works using version 0.6.0
, however, that becomes null and void with stack build 1905 in the relating issue mentioned in the issue here #90
Workflow Name: Issue Opened Triage
Branch: main
Run URL: https://github.com/hashicorp/terraform-provider-azurestack/actions/runs/4641460268
save-state deprecation warnings: 0
set-output deprecation warnings: 0
node12 deprecation warnings: 1
Please review these deprecation warnings as soon as possible and merge in the necessary updates.
GitHub will be removing support for these commands and plan to fully disable them on 31st May 2023. At this time, any workflow that still utilizes these commands will fail. See https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/.
GitHub have not finalized a date for deprecating node12 yet but have indicated that this will be summer 2023. So it is advised to switch to node16 asap. See https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/.
If you need any help, please reach out to us in #team-rel-eng.
I all,
we recently moved to Azurestack 1905. i turns that some calls, specially storage, no longer work.
the error can be reproduced with the storage example
https://www.terraform.io/docs/providers/azurestack/r/storage_account.html
azurestack_storage_account.testsa: 1 error occurred:
* azurestack_storage_account.testsa: azurestack_storage_account.testsa: Error reading the state of AzurStack Storage Account "": storage.AccountsClient#GetProperties: Invalid input: autorest/validation: validation failed: parameter=accountName constraint=MinLength value="" details: value length must be greater than or equal to 3
I think that this crash belongs with the provider rather than TF itself.
Terraform v0.11.10
The ressources were created by hand and imported.
PS H:\Documents\repos\cdc-test> terraform apply
azurestack_resource_group.nwk: Refreshing state... (ID: /subscriptions/0df96577-ae86-4a08-a1af-...resourceGroups/flk-ast-nrw-nwk-rgp-001)
azurestack_local_network_gateway.tieto: Refreshing state... (ID: /subscriptions/0df96577-ae86-4a08-a1af-...etworkGateways/flk-ast-nrw-nwk-lgw-001)
azurestack_virtual_network.nwk: Refreshing state... (ID: /subscriptions/0df96577-ae86-4a08-a1af-...irtualNetworks/flk-ast-nrw-nwk-vnt-001)
azurestack_public_ip.vgw: Refreshing state... (ID: /subscriptions/0df96577-ae86-4a08-a1af-...PAddresses/flk-ast-nrw-nwk-vgw-pip-001)
azurestack_subnet.gateway: Refreshing state... (ID: /subscriptions/0df96577-ae86-4a08-a1af-...-nrw-nwk-vnt-001/subnets/GatewaySubnet)
azurestack_virtual_network_gateway.vgw: Refreshing state... (ID: /subscriptions/0df96577-ae86-4a08-a1af-...etworkGateways/flk-ast-nrw-nwk-vgw-001)
azurestack_virtual_network_gateway_connection.s2s: Refreshing state... (ID: /subscriptions/0df96577-ae86-4a08-a1af-...rk/connections/flk-ast-nrw-nwk-s2s-001)
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
~ azurestack_resource_group.nwk
tags.%: "0" => "2"
tags.environment: "" => "STST"
tags.service: "" => "CDC"
~ azurestack_virtual_network_gateway.vgw
ip_configuration.0.name: "default" => "vnetGatewayConfig"
Plan: 0 to add, 2 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
azurestack_resource_group.nwk: Modifying... (ID: /subscriptions/0df96577-ae86-4a08-a1af-...resourceGroups/flk-ast-nrw-nwk-rgp-001)
tags.%: "0" => "2"
tags.environment: "" => "STST"
tags.service: "" => "CDC"
azurestack_resource_group.nwk: Modifications complete after 1s (ID: /subscriptions/0df96577-ae86-4a08-a1af-...resourceGroups/flk-ast-nrw-nwk-rgp-001)
azurestack_virtual_network_gateway.vgw: Modifying... (ID: /subscriptions/0df96577-ae86-4a08-a1af-...etworkGateways/flk-ast-nrw-nwk-vgw-001)
ip_configuration.0.name: "default" => "vnetGatewayConfig"
Error: Error applying plan:
1 error(s) occurred:
* azurestack_virtual_network_gateway.vgw: 1 error(s) occurred:
* azurestack_virtual_network_gateway.vgw: unexpected EOF
Please update the provider to support deploying Key Vault resource to Azure Stack Hub.
resource "azurestack_key_vault" "kv" {
name = var.kv_name
resource_group_name = var.resource_group_name
location = var.location
sku_name = var.keyvault_sku
enabled_for_deployment = var.enabled_for_deployment
enabled_for_disk_encryption = var.enabled_for_disk_encryption
enabled_for_template_deployment = var.enabled_for_template_deployment
enable_rbac_authorization = var.enable_rbac_authorization
soft_delete_retention_days = var.soft_delete_retention_days
purge_protection_enabled = var.purge_protection_enabled
tenant_id = var.tenant_id
access_policy {
tenant_id = data.azurestack_client_config.current.tenant_id
object_id = data.azurestack_client_config.current.object_id
key_permissions = [
"create",
"get",
"list",
]
secret_permissions = [
"set",
"get",
"delete",
"list",
"purge",
]
storage_permissions = [
"set",
"get",
"delete",
"list",
]
}
}
None
Add support to create a custom virtual machine image that can be used to create virtual machines.
Terraform v1.2.6
on linux_amd64
+ provider registry.terraform.io/hashicorp/azurestack v1.0.0
azurestack_image
resource "azurestack_storage_blob" "azssb" {
name = "centos-7-x86_64-genericcloud-2009.vhd"
source = "/mnt/c/Users/klemghari/Downloads/CentOS-7-x86_64-GenericCloud-2009.vhd"
storage_account_name = "saosdisk"
storage_container_name = "vhds"
type = "Page"
}
resource "azurestack_image" "azsi" {
name = "centos-7-x86_64-genericcloud-2009"
location = "safi"
resource_group_name = "rg-abda"
os_disk {
os_type = "Linux"
os_state = "Generalized"
blob_uri = azurestack_storage_blob.azssb.url
size_gb = 30
caching = "None"
}
}
Error: compute.ImagesClient#CreateOrUpdate: Failure sending request: StatusCode=0 -- Original Error: Code="InvalidParameter" Message="Required parameter 'hyperVGeneration' is missing (null)." Target="hyperVGeneration"
azurestack_image.azsi: Creating...
azurestack_image.azsi: Still creating... [10s elapsed]
azurestack_image.azsi: Still creating... [20s elapsed]
azurestack_image.azsi: Still creating... [30s elapsed]
azurestack_image.azsi: Still creating... [40s elapsed]
azurestack_image.azsi: Creation complete after...
azurestack_image.azsi: Creating...
โท
โ Warning: Argument is deprecated
โ
โ with provider["registry.terraform.io/hashicorp/azurestack"],
โ on provider.tf line 1, in provider "azurestack":
โ 1: provider "azurestack" {
โ
โ `arm_endpoint` is deprecated in favour of `metadata_host` and will be removed in version 1.0 of the AzureStack provider.
โต
โท
โ Error: compute.ImagesClient#CreateOrUpdate: Failure sending request: StatusCode=0 -- Original Error: Code="InvalidParameter" Message="Required parameter 'hyperVGeneration' is missing (null)." Target="hyperVGeneration"
โ
โ with azurestack_image.azsi,
โ on prototype.tf line 10, in resource "azurestack_image" "azsi":
โ 10: resource "azurestack_image" "azsi" {
โ
โต
terraform apply
storage_os_disk - (Required) A Storage OS DFlag to enable deletion of the OS disk VHD blob when the VM is deleted, defaults to false (not yet supported).
Looks like there was a mixup in the text of delete_os_disk_on_termination flag and storage_os_disk block
Versions
Terraform v0.11.13
+ provider.azurestack v0.6.0
Stack Information
Issue
I'm just running a simple test against our stack by creating a resource group using a service principal that has been assigned "contributor"permissions. However, when I run terraform plan, I receive the following error:
terraform :
At line:1 char:1
terraform plan
~~~~~~~~~~~~~~
CategoryInfo : NotSpecified: , RemoteException
FullyQualifiedErrorId : NativeCommandError
Error running plan: 1 error(s) occurred:
provider.azurestack: Unable to list provider registration status, it is possible that this is due to invalid credentials or the service principal does not have permission to use the Resource Manager API, Azure error:
azure.BearerAuthorizer#WithAuthorization: Failed to refresh the Token for request to https://management.SSCCentral.dev.azs.cloud-nuage.gc.ca/subscriptions/7d9a264f-9ca7-4bcd-9e98-796b910bxxxx/providers?api-version=2016-02-01:
StatusCode=404 -- Original Error: adal: Refresh request failed. Status Code = '404'. Response body:
Not Found
HTTP Error 404. The requested resource is not found.
I have confirmed that the SP has the correct privileges as I'm able to authenticate and create a resource:
PS C:\Users\mcculls2\Desktop\AKS\aks\terraform> az group create -l ssccentral -n sdm-test-rg
{
"id": "/subscriptions/7d9a264f-9ca7-4bcd-9e98-796b910bxxxx/resourceGroups/sdm-test-rg",
"location": "ssccentral",
"managedBy": null,
"name": "sdm-test-rg",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null,
"type": null
}
Here is the contents of my tf file:
provider "azurestack" {
# whilst the `version` attribute is optional, we'd recommend pinning to a particular version
version = "=0.6.0"
arm_endpoint = "https://management.SSCCentral.dev.azs.cloud-nuage.gc.ca"
subscription_id = "7d9a264f-9ca7-4bcd-9e98-796b910xxxxx"
client_id = "ddc55e30-9b0d-4131-be0a-3b45365xxxxx"
client_secret = "X2MPOeE5vY8qE_iuhPs0v5gJ1iW9l9IQe_xxxxxx"
tenant_id = "68d875cd-fb09-4d37-bf50-3b4a9e7xxxxx"
}
# Create a resource group
resource "azurestack_resource_group" "test" {
name = "tf-dev-rg"
location = "ssccentral"
}
Add AKS Kubernetes cluster support.
AKS has come to the Azure Stack.
https://docs.microsoft.com/en-us/azure-stack/user/azure-stack-kubernetes-aks-engine-overview?view=azs-1910
Thank you,
Jeff Young
With the introduction of Fast Path VPN - it is essential to update the list of gateway SKUs in the code. At the moment any of the new fast path SKUs are failing because they are not in the list of string used for the validation logic.
resource "azurestack_virtual_network_gateway" "test" {
name = "test"
location = azurestack_resource_group.test.location
resource_group_name = azurestack_resource_group.test.name
type = "Vpn"
vpn_type = "RouteBased"
sku = "VpnGw1"
ip_configuration {
public_ip_address_id = azurestack_public_ip.test.id
private_ip_address_allocation = "Dynamic"
subnet_id = azurestack_subnet.test.id
}
}
Terraform v0.13.3
Azurestack v1.0.0
resource "azurestack_network_interface
network_security_group_id
argument is missing in Azurestack 1.0.0 with no documents.
Error: Unsupported argument
on modules/bastion/main.tf line 63, in resource "azurestack_network_interface" "bastion":
63: network_security_group_id = azurestack_network_security_group.bastion_ssh.id
An argument named "network_security_group_id" is not expected here.
terraform apply
Use custom-built images for booting up VMs and VMSS without publishing them as platform images.
Im trying to associate a load balancer to a vmss.
when looking at the documentation i would presume that the link to a backend pool would be done under the ip_configuration block in network profile.
but looking at the docs it seems to be missing
as i cant see it on the page, could be me being blind.
Update:
I took and educated guess from the azurerm version and edded:
load_balancer_backend_address_pool_ids = [azurestack_lb_backend_address_pool.worker.id]
im also having difficulty providing an nsg to the network profile
Hi and thanks for adding support for the Azure Stack provider!
You guys are doing a fantastic job.
I have, however, some issues....
In the documentation for the azurestack_virtual_machine, azurestack_managed_disk is listed as an option. As far as I can see, that's not supported by the provider?
I'm able to provision resource group, VNET and subnet without any problems, but today I had to add infra to our stack and virtual machine refuses to create. I'm even using the example from the documentation to limit personal screw-ups.
Error message: azurestack_virtual_machine.test: compute.VirtualMachinesClient#CreateOrUpdate: Invalid input: autorest/validation: validation failed: parameter=parameters.VirtualMachineProperties.StorageProfile.OsDisk.Vhd constraint=Null value=(*compute.VirtualHardDisk)(nil) details: value can not be null; required parameter
The terraform-provider-azurerm provider has moved the tag schema, validation and other functions into separate package back in Aug 2019. Having the terraform-provider-azurerm provider diverge makes it more difficult to create new resources on Azure Stack (ie #50) that are derived from the Azure Cloud. If the model in the Azure Cloud has stabilized, I propose starting migrating to similar packages in Azure Stack.
This issue is specifically for tags. Separate issues can be created for other kinds.
The complete list :
terraform-provider-azurestack file | terraform-provider-azurerm package |
---|---|
azurestack/locks.go | azurerm/internal/locks |
azurestack/tags.go | azurerm/internal/tags |
others? |
Once the new package is committed, a sweep of the source code can be completed to update references.
My goals in my recent contributions, is trying to update the azurestack provider to be more closely aligned with the AzureRM provider. As mentioned in other issues, the less code that needs to be edited between the two providers allows for easier feature updates. I would like to be able to take the data source or resource providers for the missing components and just cut stuff out that is not supported on Azure Stack.
At this point, I am trying to make non-functional changes, that allow the two code bases to converge. However, it can be difficult because I am not aware of the road map or priorities for the azurerm provider. On my fork, I have an issue where I am brainstorming the changes that should be made.
My current work contract will allow me access to a Azure Stack instance through the end of the year, possibly longer. I would like to make headway on adding the additional resources like app service plan, app service and key vault.
Thoughts?
I have read the docs but seem currently Azure-stack haven't provide support for App Service on Azure-stack yet. Is there any plan?
Hi,
I created a simple TF to provision a VM using an existing Resource Group, VNET, and Subnet:
data "azurestack_subnet" "vmsubnet" {
name = "***my RG's subnet ***"
virtual_network_name = "${data.azurestack_virtual_network.rgnetwork.name}"
resource_group_name = "${data.azurestack_resource_group.vmrg.name}"
}
but i get this odd error when it reaches VM NIC creation:
Error: Error: Subnet "**** My RG's subnet **" (Virtual Network " VNET Resource Group Name " / Resource Group " The VNET name ***") was not found
I tried switching it like so ๐คฃ
data "azurestack_subnet" "vmsubnet" {
name = "*** my RG's subnet ***"
virtual_network_name = "${data.azurestack_resource_group.vmrg.name}"
resource_group_name = "${data.azurestack_virtual_network.rgnetwork.name}"
}
and it worked ๐คฃ
Using:
Terraform v0.12.6
Has someone come across this?
Thanks!
It would be great if there was a way to ignore an unknown certification authority.
I've seen something similar in other providers configuration.
Often azure stack is installed with self signed certificates: it is difficult to import them.
โ Error: Error retrieving Environment from Endpoint "https://****************/": Get "https://****************/metadata/endpoints?api-version=1.0": x509: certificate signed by unknown authority
โ
โ with provider["registry.terraform.io/hashicorp/azurestack"],
โ on provider.tf line 1, in provider "azurestack":
โ 1: provider "azurestack" {
โ
provider "azurestack" {
version = "=0.10.0"
arm_endpoint = var.endpoint
subscription_id = var.subscription_id
client_id = var.client_id
client_secret = var.client_secret
tenant_id = var.tenant_id
allow_unverified_ssl = true
}
Workflow Name: Issue Comment Created Triage
Branch: main
Run URL: https://github.com/hashicorp/terraform-provider-azurestack/actions/runs/3961489735
save-state deprecation warnings: 0
set-output deprecation warnings: 0
node12 deprecation warnings: 1
Please review these deprecation warnings as soon as possible and merge in the necessary updates.
GitHub will be removing support for these commands and plan to fully disable them on 31st May 2023. At this time, any workflow that still utilizes these commands will fail. See https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/.
GitHub have not finalized a date for deprecating node12 yet but have indicated that this will be summer 2023. So it is advised to switch to node16 asap. See https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/.
If you need any help, please reach out to us in #team-rel-eng.
As part of the preparation for Terraform v0.12, we would like to migrate all providers to use Go Modules. We plan to continue checking dependencies into vendor/ to remain compatible with existing tooling/CI for a period of time, however go modules will be used for management. Go Modules is the official solution for the go programming language, we understand some providers might not want this change yet, however we encourage providers to begin looking towards the switch as this is how we will be managing all Go projects in the future. Would maintainers please react with ๐ for support, or ๐ if you wish to have this provider omitted from the first wave of pull requests. If your provider is in support, we would ask that you avoid merging any pull requests that mutate the dependencies while the Go Modules PR is open (in fact a total codefreeze would be even more helpful), otherwise we will need to close that PR and re-run go mod init
. Once merged, dependencies can be added or updated as follows:
$ GO111MODULE=on go get github.com/some/module@master
$ GO111MODULE=on go mod tidy
$ GO111MODULE=on go mod vendor
GO111MODULE=on might be unnecessary depending on your environment, this example will fetch a module @ master and record it in your project's go.mod and go.sum files. It's a good idea to tidy up afterward and then copy the dependencies into vendor/. To remove dependencies from your project, simply remove all usage from your codebase and run:
$ GO111MODULE=on go mody tidy
$ GO111MODULE=on go mod vendor
Thank you sincerely for all your time, contributions, and cooperation!
It seems current provider would work only with AAD deployed AZS. I haven't found anywhere how to configure SPN with certificate for ADFS deployed AZS.
Run Terraform 0.12.2 with Azure Stack configuration file.
Error reported from "Terraform init":
Provider "azurestack" v0.7.0 is not compatible with Terraform 0.12.2.
Provider version 0.6.0 is the latest compatible version. Select it with
the following constraint:
version = "~> 0.6"
Terraform checked all of the plugin versions matching the given constraint:
~> 0.6
Consult the documentation for this provider for more information on
compatibility between provider and Terraform versions.
Alternatively, upgrade to the latest version of Terraform for compatibility with newer provider releases.
So question is what is the Terraform version we need to use for Azure Stack provider 0.7?
And the vhd_uri
is probably Required
I think if that is the case?
It does look like managed disks may be supported now? https://azure.microsoft.com/en-us/updates/managed-disks-in-azure-stack/
I'm not sure how quickly people will have that installed (include us for testing).
I was comparing the options between azurerm and azure stack, and being involved with a support call today made me look deeper... I noticed azure stack nics have capabilities for enabling accelerated networking - but when I looked in terraform, I did not see the option.
Is this feature going to be implemented in the future? Is it already enabled?
The reference link is here
Thanks!
If this has been abandoned can it be made clear
Thanks
@thetonymaster @katbyte
Sorry for the ping, but is the Terraform Azurestack Provider at its final release?
There have been features such as Key Vault & Azure Monitor in Azure stack Hub, albeit only accessible from the Azure Stack Hub Portal which isn't ideal :
However, the Terraform Azurestack Provider at the moment provided no way to access the key vault & azure monitor which is important, especially from a security point of view.
Another feature that I would like to request:
The ability to define source/destination port rangeS, as well as source/destination _address_prefixES
those are very important, otherwise we would have a lot of rules. Thank you.
Thank you.
Azurestack provider seems to lack the option to attach ipsec_policy to the virtual_network_gateway_connection. Azurerm provider has that ipsec_policy block option available. Is the ipsec_policy block expected to become available for azurestack provider too?
Great to see that Azure Stack support is here!
I started reading through the resource documentation and there looks to be some functionality documented which I don't believe works in Azure Stack.
A document showing some of the differences are here:
https://docs.microsoft.com/en-us/azure/azure-stack/user/azure-stack-acs-differences
For example, in the documentation there shows support for GRS etc, but in Azure Stack only LRS is supported.
Happy to do a pull request and start pairing down the functionality, but wanted to make sure y'all weren't architecting for functionality soon to be released :)
Hi all,
I've been using terraform for azurestack and noticed that even though the Azure Portal allows specifying rule with multiple addresses delimited by commas, the current terraform provider for azurestack doesn't have the following argument references:
source_address_prefixes
destination_address_prefixes
This means to create a rule with multiple source address, you have to split the rules into multiple rules. The terraform provider for azurerm have the above argument references. Please implement them for azurestack. Thank you!
argument references taken from: https://registry.terraform.io/providers/hashicorp/azurestack/latest/docs/resources/network_security_rule
Unable to assign azurestack load balancer with a public ip address, copied the supporting documentation
resource "azurestack_lb" "lb" {
name = var.lb_name
location = var.location
resource_group_name = var.rg_name
frontend_ip_configuration {
name = "frontendIP"
public_ip_address_id = "${azurestack_public_ip.pips.id}"
}
Keep getting the following error
Error: Cycle: azurestack_public_ip.pips, azurestack_lb.lb
I have tried the following:
different terraform versions 0.12.2 + 0.12.20 + 0.13.5
different stack provider versions 0.8.1 + 0.9.0
I can provision a public ip address and the load balancer but as soon as I assign the public ip address to the load balancer
public_ip_address_id = "${azurestack_public_ip.pips.id}"
I get the above error
I can successfully provision a AzureStack LB using private ip address etc.
Azurerm provider have gotten support for configuring active-active VPN connection in azurerm.virtual_network_gateway. Additionally you need two public IPs, and two ipconfiguration for the Virtual Network Gateway.
This would allow redundant VPN connections!
Some references for configuration with other methods:
Powershell: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-activeactive-rm-powershell
Terraform AzureRM: https://www.terraform.io/docs/providers/azurerm/r/virtual_network_gateway.html
Hi all,
We tried to create Availability Sets with VMs having managed disks. Unfortunately we have an error, specifying that the Availability Sets must have the Sku "Aligned".
However, according to the Provider's source code, this option is not available (apparently commented).
Would it be possible to add this feature?
Error with Terraform:
Error: compute.VirtualMachinesClient#CreateOrUpdate: Failure sending request: StatusCode=0 -- Original Error: autorest/azure: Service returned an error. Status= Code="OperationNotAllowed" Message="Addition of a VM with managed disks to non-managed Availability Set or addition of a VM with blob based disks to managed Availability Set is not supported. Please create an Availability Set with 'Aligned' SKU in order to add a VM with managed disks to it." Target="vm-test-001"
The terraform-provider-azurerm provider has moved the resource locking functionality into separate package back in Aug 2019. Having the terraform-provider-azurerm provider diverge makes it more difficult to create new resources on Azure Stack (ie #50) that are derived from the Azure Cloud. If the model in the Azure Cloud has stabilized, I propose starting migrating to similar packages in Azure Stack.
See issue #109
I am attempting to assign tags to resource groups that we spin up using terraform, however I keep running into errors saying that the "tags
" block is not a supported block type.
Error: Unsupported block type
on main.tf line 5, in resource "azurestack_resource_group" "test":
5: tags {
Blocks of type "tags" are not expected here. Did you mean to define argument
"tags"? If so, use the equals sign to assign it a value.
Within the Azure Stack portal, I can add tags to the resource groups manually but this is not feasible nor is it good for automated deployments.
I should be able to do something like:
resource "azurestack_resource_group" "test" {
name = "${var.deployment_name}-rg"
location = "${var.resource_group_location}"
tags {
lifecycle = "dev"
owner = "[email protected]"
}
}
This also does not work for virtual machines, even though in the documentation it shows that we can.
I'm starting to create my infrastructure in Azure using Terraform. In order to create a mirror from my azure account, I had created a list with all my vm sizes, founded a Azure equivalent for all the vms and checked if the vm's that i had chosen are available n the region west us 2.
Now, that I want to create some vm's, the terraform interface is showing me that
Please try another size or deploy to a different location or zones. See https://aka.ms/azureskunotavailable for details.
when I go to the Azure painel, I'm able to create the VM manually, in the same region.
I'm trying to create a Standard_A1 VM, in west us 2.
How can I find out the rigth name for the VM in terraform? Where is the documentation about it?
When using Terraform to deploy a VM on Azure Stack Hub, referencing a VM SKU which has an uppercase 'V' in the SKU name i.e. "Standard_F16s_V2" causes VM to have network performance issues and the ability to add additional NICs to the VM is not possible. Solution is to make sure the SKU being called has a lowercase 'v' in the name i.e. "Standard_F16s_v2" however I feel that this should be captured / reported back during the deployment that the SKU requested is invalid.
Hello, I cannot get the azurestack_virtual_machine_extension working on a Windows VM.
The az vm extension image list --location someplace -o table command shows
Name Publisher Version
CustomScriptExtension Microsoft.Compute 1.9.3
CustomScript Microsoft.Azure.Extensions 2.0.6
CustomScriptForLinux Microsoft.OSTCExtensions 1.5.5
I used
publisher = "Microsoft.Compute"
type = "CustomScriptExtension"
type_handler_version = "1.9.3"
but keep getting the error:
Error: compute.VirtualMachineExtensionsClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="InvalidParameter" Message="The value of parameter typeHandlerVersion is invalid." Target="typeHandlerVersion"
Can somebody please advise?
Thanks.
when creating either a windows vm or a linux vm, the user isnt being added.
even though the terraform apply works and the tasks complete im not seeing any errors.
Hi there ,
by following "Building The Provider", the step of "make build" failed on windows 2016 server as follows
any input ?
C:\work\src\github.com\terraform-providers\terraform-provider-azurestack>make build
==> Checking that code complies with gofmt requirements...
gofmt needs running on the following files:
./azurestack/azurestack_sweeper_test.go
./azurestack/config.go
./azurestack/data_source_client_config.go
./azurestack/data_source_client_config_test.go
./azurestack/data_source_network_interface.go
./azurestack/data_source_network_interface_test.go
./azurestack/data_source_network_security_group.go
./azurestack/data_source_network_security_group_test.go
./azurestack/data_source_public_ip.go
./azurestack/data_source_public_ip_test.go
./azurestack/data_source_resource_group.go
./azurestack/data_source_resource_group_test.go
./azurestack/data_source_route_table.go
./azurestack/data_source_route_table_test.go
./azurestack/data_source_storage_account.go
./azurestack/data_source_storage_account_test.go
./azurestack/data_source_subnet.go
./azurestack/data_source_subnet_test.go
./azurestack/data_source_virtual_network.go
./azurestack/data_source_virtual_network_gateway.go
./azurestack/data_source_virtual_network_gateway_test.go
./azurestack/data_source_virtual_network_test.go
./azurestack/helpers/azure/resourceid.go
./azurestack/helpers/azure/resourceid_test.go
./azurestack/helpers/azure/validate.go
./azurestack/helpers/azure/validate_test.go
./azurestack/loadbalancer.go
./azurestack/location.go
./azurestack/locks.go
./azurestack/provider.go
./azurestack/provider_test.go
./azurestack/required_resource_providers.go
./azurestack/required_resource_providers_test.go
./azurestack/resourceid.go
./azurestack/resource_arm_availability_set.go
./azurestack/resource_arm_availability_set_test.go
./azurestack/resource_arm_dns_a_record.go
./azurestack/resource_arm_dns_a_record_test.go
./azurestack/resource_arm_dns_zone.go
./azurestack/resource_arm_dns_zone_test.go
./azurestack/resource_arm_loadbalancer.go
./azurestack/resource_arm_loadbalancer_backend_address_pool.go
./azurestack/resource_arm_loadbalancer_backend_address_pool_test.go
./azurestack/resource_arm_loadbalancer_nat_pool.go
./azurestack/resource_arm_loadbalancer_nat_pool_test.go
./azurestack/resource_arm_loadbalancer_nat_rule.go
./azurestack/resource_arm_loadbalancer_nat_rule_test.go
./azurestack/resource_arm_loadbalancer_probe.go
./azurestack/resource_arm_loadbalancer_probe_test.go
./azurestack/resource_arm_loadbalancer_rule.go
./azurestack/resource_arm_loadbalancer_rule_test.go
./azurestack/resource_arm_loadbalancer_test.go
./azurestack/resource_arm_local_network_gateway.go
./azurestack/resource_arm_local_network_gateway_test.go
./azurestack/resource_arm_managed_disk.go
./azurestack/resource_arm_network_interface.go
./azurestack/resource_arm_network_interface_test.go
./azurestack/resource_arm_network_security_group.go
./azurestack/resource_arm_network_security_group_test.go
./azurestack/resource_arm_network_security_rule.go
./azurestack/resource_arm_network_security_rule_test.go
./azurestack/resource_arm_public_ip.go
./azurestack/resource_arm_public_ip_test.go
./azurestack/resource_arm_resource_group.go
./azurestack/resource_arm_resource_group_test.go
./azurestack/resource_arm_route.go
./azurestack/resource_arm_route_table.go
./azurestack/resource_arm_route_table_test.go
./azurestack/resource_arm_route_test.go
./azurestack/resource_arm_storage_account.go
./azurestack/resource_arm_storage_account_test.go
./azurestack/resource_arm_storage_blob.go
./azurestack/resource_arm_storage_blob_test.go
./azurestack/resource_arm_storage_cointainer_test.go
./azurestack/resource_arm_storage_container.go
./azurestack/resource_arm_subnet.go
./azurestack/resource_arm_subnet_test.go
./azurestack/resource_arm_template_deployment.go
./azurestack/resource_arm_template_deployment_test.go
./azurestack/resource_arm_virtual_machine.go
./azurestack/resource_arm_virtual_machine_extension.go
./azurestack/resource_arm_virtual_machine_extension_test.go
./azurestack/resource_arm_virtual_machine_scale_set.go
./azurestack/resource_arm_virtual_machine_scale_set_test.go
./azurestack/resource_arm_virtual_machine_test.go
./azurestack/resource_arm_virtual_machine_unmanaged_disks_test.go
./azurestack/resource_arm_virtual_network.go
./azurestack/resource_arm_virtual_network_gateway.go
./azurestack/resource_arm_virtual_network_gateway_connection.go
./azurestack/resource_arm_virtual_network_gateway_connection_test.go
./azurestack/resource_arm_virtual_network_gateway_test.go
./azurestack/resource_arm_virtual_network_test.go
./azurestack/resource_group_name.go
./azurestack/tags.go
./azurestack/test_utils.go
./main.go
You can use the command: make fmt
to reformat code.
make: *** [fmtcheck] Error 1
C:\work\src\github.com\terraform-providers\terraform-provider-azurestack>
Hi,
running apply on code
resource "azurerm_virtual_machine_extension" "vm-bootstrap" {
count = "1"
name = "bootstrap"
virtual_machine_id = ...
publisher = "Microsoft.Azure.Extensions"
type = "CustomScript"
type_handler_version = "2.1.6"
settings = <<SETTINGS
{
"script": "${filebase64("bootstrap.sh")}"
}
SETTINGS
}
returns the following error:
Code="InvalidParameter" Message="The value of parameter typeHandlerVersion is invalid." Target="typeHandlerVersion"
though it looks like version 2.1.6 exists:
az vm extension image list-versions -n CustomScript --publisher Microsoft.Azure.Extensions --lo
cation westeurope --query "[].name" -o tsv | sort -u
2.0.0
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.0.6
2.0.7
2.1.1
2.1.2
2.1.3
2.1.6
Can you please check?
N/A
N/A
N/A
N/A
N/A
Documentation for Azure Stack is incorrect on website. Publisher should be Microsoft.Compute. There also needs to be details warning users to check the installed Custom Extension version in the Azure Stack Hub Admin Portal. 2.0 is not valid for the Azure Stack. These instructions appear to have been copied from Azurerm.
Terraform v1.2.6
azurestack v1.0.0
azurestack_resource_group
provider "azurestack" {
metadata_host = "management.local.azurestack.external"
features {}
}
# Create a resource group
resource "azurestack_resource_group" "test" {
name = "test-rg"
location = "local"
}
https://gist.github.com/matthorgan/27fecca7ee03b3e4ce8efaaf85479658
A resource group should be created
Error before RG is created
terraform apply
Attempting to run Terraform on my ASDK environment produces the error Error: determining environment: unable to locate metadata for environment "stack" from custom metadata host "management.local.azurestack.external"
. I am using the az cli
for authentication and have confirmed I can create resources via the az cli
so the permissions are correct.
Hello,
I cannot find a resource type or method of creating storage tables and queues in the Azure Stack provider while it is supported using the Azure provider (azurerm_storage_table, azurerm_storage_queue).
I only see three available resource types in Azure Stack:
azurestack_storage_account
azurestack_storage_container
azurestack_storage_blob
Is there a plan to expand the available storage resource types for Azure Stack?
Thanks,
Luc
It would be great to have a data source for azurestack_subnet
Example terraform code:
data "azurestack_subnet" "test" {
name = "backend"
virtual_network_name = "production"
resource_group_name = "networking"
}
output "subnet_id" {
value = "${data.azurestack_subnet.test.id}"
}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.