title | description |
---|---|
Azure Linux VM using Terraform |
Create Azure Linux VM using Terraform |
We are going to create following Azure Resources
- azurerm_public_ip
- azurerm_network_interface
- azurerm_network_security_group
- azurerm_network_interface_security_group_association
- Terraform Local Block for Security Rule Ports
- Terraform
for_each
Meta-argument - azurerm_network_security_rule
- Terraform Local Block for defining custom data to Azure Linux Virtual Machine
- azurerm_linux_virtual_machine
- Terraform Outputs
- Terraform Functions
# Create Folder
mkdir ssh-keys
# Create SSH Key, Do not give a passphrase
cd ssh-keys
ssh-keygen \
-m PEM \
-t rsa \
-b 4096 \
-C "azureuser@myserver" \
-f terraform-azure.pem
# List Files
ls -lrt ssh-keys/
# Files Generated after above command
Public Key: terraform-azure.pem.pub -> Rename as terraform-azure.pub with mv terraform-azure.pem.pub terraform-azure.pub
Private Key: terraform-azure.pem
# Permissions for Pem file
chmod 400 terraform-azure.pem
Create providers.tf
file and fill it.
Create variables.tf
file and put these variables in it:
- Business Division in the large organization this Infrastructure belongs
- Environment Variable used as a prefix
- Resource Group Name
- Region in which Azure Resources to be created
Create locals.tf
file and fill it in.
Create random-resources.tf
file and create myrandom resource.
Create resource-groups.tf
file and the resource group
Create files for
- VNet variables
vnet-variables.tf
- VNet
virtual-network.tf
- Subnet and NSG
subnet-and-nsg.tf
- VNet outputs
vnet-outputs.tf
Create linuxvm-variables.tf
file for Linux VM input variables.
Create linuxvm-publicip.tf
file for Linux VM public IP.
Create linuxvm-network-interface.tf
for Linux VM NIC.
Create linuxvm-network-security-group.tf
for Linux VM NSG.
- We have two options to define
custom_data
to Azure Linux VM- Option-1: Using file as input (shell script file or
cloud-init.txt
file) - Option-2: Define the code in Terraform locals block
- Option-1: Using file as input (shell script file or
- We will review both options and choose
Option-2
for implementation. - Commented code will be available in
azurerm_linux_virtual_machine
to useoption-1
too. Createlinuxvm.tf
file and fill it in.
Create linuxvm-outputs.tf
file.
Create the terraform.tfvars
file and fill it with preferred values.
# Terraform Initialize
terraform init
# Terraform Validate
terraform validate
# Terraform Plan
terraform plan
# Terraform Apply
terraform apply -auto-approve
# Verify Resources - Virtual Network
1. Azure Resource Group
2. Azure Virtual Network
3. Azure Subnet
4. Azure Network Security Group
5. View the topology
6. Verify Terraform Outputs in Terraform CLI
# Verify Resources - Web Linux VM
1. Verify Public IP created for Linux VM
2. Verify Network Interface created for Linux VM
3. Verify Linux VM
4. Verify Network Security Groups associated with VM (Subnet NSG and NIC NSG)
5. View Topology at Linux VM -> Networking
6. Connect to Linux VM
ssh -i ssh-keys/terraform-azure.pem azureuser@<LinuxVM-PublicIP>
sudo su -
cd /var/log
tail -100f cloud-init-output.log
cd /var/www/html
ls -lrt
cd /var/www/html/app1
ls -lrt
exit
exit
7. Access Sample Application
http://<PUBLIC-IP>/
http://<PUBLIC-IP>/app1/index.html
http://<PUBLIC-IP>/app1/hostname.html
http://<PUBLIC-IP>/app1/status.html
http://<PUBLIC-IP>/app1/metadata.html
# Comment code in `linuxvm-network-security-group.tf`
NSG associated with Linux VM NIC is commented
# Terraform Validate
terraform validate
# Terraform Plan
terraform plan
# Terraform Apply
terraform apply -auto-approve
# Verify NSG associated with VM
1. Verify Network Security Groups associated with VM (subnet NSG only)
2. Access Application
http://<PUBLIC-IP>/app1/metadata.html
# Delete Resources
terraform destroy
[or]
terraform apply -destroy -auto-approve
# Clean-Up Files
rm -rf .terraform*
rm -rf terraform.tfstate*