Tips-Of-Mine/terraform-azure
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update code

Browse Source
This commit is contained in:
neil-yechenwei 2023-11-20 10:19:09 +08:00 committed by lonegunmanb
parent ae80f13644
commit 2ef49582eb
4 changed files with 86 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
quickstart/301-service-fabric/keyvault.tf
View File

@ -1,5 +1,11 @@
resource "random_string" "kv_name_prefix" {
length = 21
special = false
numeric = false
}
resource "azurerm_key_vault" "cluster" {
name = "${var.dns_prefix}-${substr(var.name, 0, 12)}-${var.environment_short}-kv"
name = "${random_string.kv_name_prefix.result}-kv"
location = azurerm_resource_group.default.location
resource_group_name = azurerm_resource_group.default.name
tenant_id = data.azurerm_client_config.current.tenant_id

70
quickstart/301-service-fabric/network.tf
View File

@ -5,96 +5,102 @@ locals {
resource "azurerm_virtual_network" "default" {
name = "${var.name}-vnet"
address_space = ["10.0.0.0/16"]
location = "${azurerm_resource_group.default.location}"
resource_group_name = "${azurerm_resource_group.default.name}"
location = azurerm_resource_group.default.location
resource_group_name = azurerm_resource_group.default.name
}
resource "azurerm_subnet" "default" {
name = "${var.name}-default-subnet"
resource_group_name = "${azurerm_resource_group.default.name}"
virtual_network_name = "${azurerm_virtual_network.default.name}"
resource_group_name = azurerm_resource_group.default.name
virtual_network_name = azurerm_virtual_network.default.name
address_prefix = "10.0.0.0/24"
}
resource "azurerm_subnet" "sf" {
name = "${var.name}-sf-subnet"
resource_group_name = "${azurerm_resource_group.default.name}"
virtual_network_name = "${azurerm_virtual_network.default.name}"
resource_group_name = azurerm_resource_group.default.name
virtual_network_name = azurerm_virtual_network.default.name
address_prefix = "10.0.1.0/24"
}
resource "random_string" "pip_name_prefix" {
length = 17
special = false
numeric = false
}
resource "azurerm_public_ip" "sf" {
name = "${var.name}-pip"
location = "${azurerm_resource_group.default.location}"
resource_group_name = "${azurerm_resource_group.default.name}"
name = "${random_string.pip_name_prefix.result}-pip"
location = azurerm_resource_group.default.location
resource_group_name = azurerm_resource_group.default.name
allocation_method = "Dynamic"
domain_name_label = "${var.dns_prefix}-${var.name}-${var.environment_short}-sf"
}
resource "azurerm_lb" "sf" {
name = "${var.name}-lb"
location = "${azurerm_resource_group.default.location}"
resource_group_name = "${azurerm_resource_group.default.name}"
location = azurerm_resource_group.default.location
resource_group_name = azurerm_resource_group.default.name
frontend_ip_configuration {
name = "${local.feip_config_name}"
public_ip_address_id = "${azurerm_public_ip.sf.id}"
name = local.feip_config_name
public_ip_address_id = azurerm_public_ip.sf.id
}
}
resource "azurerm_lb_nat_pool" "sf" {
name = "${var.name}-nat-pool"
resource_group_name = "${azurerm_resource_group.default.name}"
loadbalancer_id = "${azurerm_lb.sf.id}"
resource_group_name = azurerm_resource_group.default.name
loadbalancer_id = azurerm_lb.sf.id
count = "1"
protocol = "Tcp"
frontend_port_start = 3389
frontend_port_end = 4500
backend_port = 3389
frontend_ip_configuration_name = "${local.feip_config_name}"
frontend_ip_configuration_name = local.feip_config_name
}
resource "azurerm_lb_backend_address_pool" "sf" {
resource_group_name = "${azurerm_resource_group.default.name}"
loadbalancer_id = "${azurerm_lb.sf.id}"
resource_group_name = azurerm_resource_group.default.name
loadbalancer_id = azurerm_lb.sf.id
name = "ServiceFabricAddressPool"
}
# Probes
resource "azurerm_lb_probe" "fabric_gateway" {
resource_group_name = "${azurerm_resource_group.default.name}"
loadbalancer_id = "${azurerm_lb.sf.id}"
resource_group_name = azurerm_resource_group.default.name
loadbalancer_id = azurerm_lb.sf.id
name = "${var.name}-probe-19000"
port = 19000
}
resource "azurerm_lb_probe" "http" {
resource_group_name = "${azurerm_resource_group.default.name}"
loadbalancer_id = "${azurerm_lb.sf.id}"
resource_group_name = azurerm_resource_group.default.name
loadbalancer_id = azurerm_lb.sf.id
name = "${var.name}-probe-19080"
port = 19080
}
resource "azurerm_lb_rule" "http" {
resource_group_name = "${azurerm_resource_group.default.name}"
loadbalancer_id = "${azurerm_lb.sf.id}"
backend_address_pool_id = "${azurerm_lb_backend_address_pool.sf.id}"
probe_id = "${azurerm_lb_probe.http.id}"
resource_group_name = azurerm_resource_group.default.name
loadbalancer_id = azurerm_lb.sf.id
backend_address_pool_id = azurerm_lb_backend_address_pool.sf.id
probe_id = azurerm_lb_probe.http.id
name = "http"
protocol = "Tcp"
frontend_port = 19080
backend_port = 19080
frontend_ip_configuration_name = "${local.feip_config_name}"
frontend_ip_configuration_name = local.feip_config_name
}
resource "azurerm_lb_rule" "fabric_gateway" {
resource_group_name = "${azurerm_resource_group.default.name}"
loadbalancer_id = "${azurerm_lb.sf.id}"
backend_address_pool_id = "${azurerm_lb_backend_address_pool.sf.id}"
probe_id = "${azurerm_lb_probe.fabric_gateway.id}"
resource_group_name = azurerm_resource_group.default.name
loadbalancer_id = azurerm_lb.sf.id
backend_address_pool_id = azurerm_lb_backend_address_pool.sf.id
probe_id = azurerm_lb_probe.fabric_gateway.id
name = "fabric_gateway"
protocol = "Tcp"
frontend_port = 19000
backend_port = 19000
frontend_ip_configuration_name = "${local.feip_config_name}"
frontend_ip_configuration_name = local.feip_config_name
}

37
quickstart/301-service-fabric/service_fabric.tf
View File

@ -1,15 +1,22 @@
resource "random_string" "sf_name_prefix" {
length = 22
special = false
numeric = false
upper = false
}
resource "azurerm_storage_account" "sf" {
name = "${var.dns_prefix}${substr(replace(var.name, "-", ""), 0, 16)}sf${var.environment_short}"
resource_group_name = "${azurerm_resource_group.default.name}"
location = "${azurerm_resource_group.default.location}"
name = "${random_string.sf_name_prefix.result}sf"
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
account_tier = "Standard"
account_replication_type = "LRS"
}
resource "azurerm_service_fabric_cluster" "default" {
name = "${var.name}-sf"
resource_group_name = "${azurerm_resource_group.default.name}"
location = "${azurerm_resource_group.default.location}"
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
reliability_level = "Bronze"
vm_image = "Windows"
management_endpoint = "https://${azurerm_public_ip.sf.fqdn}:19080"
@ -36,9 +43,9 @@ resource "azurerm_service_fabric_cluster" "default" {
}
azure_active_directory {
tenant_id = "${data.azurerm_subscription.current.tenant_id}"
cluster_application_id = "${azuread_application.client.application_id}"
client_application_id = "${azuread_application.cluster.application_id}"
tenant_id = data.azurerm_subscription.current.tenant_id
cluster_application_id = azuread_application.client.application_id
client_application_id = azuread_application.cluster.application_id
}
fabric_settings {
@ -58,21 +65,21 @@ resource "azurerm_service_fabric_cluster" "default" {
}
certificate {
thumbprint = "${azurerm_key_vault_certificate.cluster.thumbprint}"
thumbprint_secondary = "${azurerm_key_vault_certificate.cluster.thumbprint}"
thumbprint = azurerm_key_vault_certificate.cluster.thumbprint
thumbprint_secondary = azurerm_key_vault_certificate.cluster.thumbprint
x509_store_name = "My"
}
client_certificate_thumbprint {
thumbprint = "${azurerm_key_vault_certificate.client.thumbprint}"
thumbprint = azurerm_key_vault_certificate.client.thumbprint
is_admin = true
}
diagnostics_config {
storage_account_name = "${azurerm_storage_account.sf.name}"
storage_account_name = azurerm_storage_account.sf.name
protected_account_key_name = "StorageAccountKey1"
blob_endpoint = "${azurerm_storage_account.sf.primary_blob_endpoint}"
queue_endpoint = "${azurerm_storage_account.sf.primary_queue_endpoint}"
table_endpoint = "${azurerm_storage_account.sf.primary_table_endpoint}"
blob_endpoint = azurerm_storage_account.sf.primary_blob_endpoint
queue_endpoint = azurerm_storage_account.sf.primary_queue_endpoint
table_endpoint = azurerm_storage_account.sf.primary_table_endpoint
}
}

31
quickstart/301-service-fabric/vmss.tf
View File

@ -1,7 +1,14 @@
resource "random_string" "vmss_name_prefix" {
length = 20
special = false
numeric = false
upper = false
}
resource "azurerm_storage_account" "vmss" {
name = "${var.dns_prefix}${substr(replace(var.name, "-", ""), 0, 12)}vmss${var.environment_short}"
resource_group_name = "${azurerm_resource_group.default.name}"
location = "${azurerm_resource_group.default.location}"
name = "${random_string.vmss_name_prefix.result}vmss"
resource_group_name = azurerm_resource_group.default.name
location = azurerm_resource_group.default.location
account_tier = "Standard"
account_replication_type = "LRS"
}
@ -9,15 +16,15 @@ resource "azurerm_storage_account" "vmss" {
# Vm Scale Set
resource "azurerm_virtual_machine_scale_set" "default" {
name = "${var.name}-vmss"
location = "${azurerm_resource_group.default.location}"
resource_group_name = "${azurerm_resource_group.default.name}"
location = azurerm_resource_group.default.location
resource_group_name = azurerm_resource_group.default.name
upgrade_policy_mode = "Automatic"
overprovision = false
sku {
name = "Standard_D1_v2"
tier = "Standard"
capacity = "${var.cluster_size}"
capacity = var.cluster_size
}
storage_profile_image_reference {
@ -43,12 +50,12 @@ resource "azurerm_virtual_machine_scale_set" "default" {
os_profile {
computer_name_prefix = "sfvm"
admin_username = "${var.admin_username}"
admin_password = "${var.admin_password}"
admin_username = var.admin_username
admin_password = var.admin_password
}
os_profile_secrets {
source_vault_id = "${azurerm_key_vault.cluster.id}"
source_vault_id = azurerm_key_vault.cluster.id
vault_certificates {
certificate_url = "${azurerm_key_vault.cluster.vault_uri}secrets/${azurerm_key_vault_certificate.cluster.name}/${azurerm_key_vault_certificate.cluster.version}"
@ -63,8 +70,8 @@ resource "azurerm_virtual_machine_scale_set" "default" {
}
boot_diagnostics {
enabled = true
storage_uri = "${azurerm_storage_account.vmss.primary_blob_endpoint}"
enabled = true
storage_uri = azurerm_storage_account.vmss.primary_blob_endpoint
}
network_profile {
@ -74,7 +81,7 @@ resource "azurerm_virtual_machine_scale_set" "default" {
ip_configuration {
primary = true
name = "IPConfiguration"
subnet_id = "${azurerm_subnet.sf.id}"
subnet_id = azurerm_subnet.sf.id
load_balancer_backend_address_pool_ids = ["${azurerm_lb_backend_address_pool.sf.id}"]
load_balancer_inbound_nat_rules_ids = ["${azurerm_lb_nat_pool.sf[0].id}"]
}