diff --git a/quickstart/201-vmss-packer-jumpbox/main.tf b/quickstart/201-vmss-packer-jumpbox/main.tf new file mode 100644 index 00000000..5107d95a --- /dev/null +++ b/quickstart/201-vmss-packer-jumpbox/main.tf @@ -0,0 +1,233 @@ +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~>2.0" + } + } +} + +provider "azurerm" { + features {} +} + +resource "azurerm_resource_group" "vmss" { + name = var.resource_group_name + location = var.location + + tags = { + environment = "codelab" + } +} + +resource "azurerm_virtual_network" "vmss" { + name = "vmss-vnet" + address_space = ["10.0.0.0/16"] + location = var.location + resource_group_name = azurerm_resource_group.vmss.name + + tags = { + environment = "codelab" + } +} + +resource "azurerm_subnet" "vmss" { + name = "vmss-subnet" + resource_group_name = azurerm_resource_group.vmss.name + virtual_network_name = azurerm_virtual_network.vmss.name + address_prefix = "10.0.2.0/24" +} + +resource "azurerm_public_ip" "vmss" { + name = "vmss-public-ip" + location = var.location + resource_group_name = azurerm_resource_group.vmss.name + allocation_method = "Static" + domain_name_label = azurerm_resource_group.vmss.name + + tags = { + environment = "codelab" + } +} + +resource "azurerm_lb" "vmss" { + name = "vmss-lb" + location = var.location + resource_group_name = azurerm_resource_group.vmss.name + + frontend_ip_configuration { + name = "PublicIPAddress" + public_ip_address_id = azurerm_public_ip.vmss.id + } + + tags = { + environment = "codelab" + } +} + +resource "azurerm_lb_backend_address_pool" "bpepool" { + resource_group_name = azurerm_resource_group.vmss.name + loadbalancer_id = azurerm_lb.vmss.id + name = "BackEndAddressPool" +} + +resource "azurerm_lb_probe" "vmss" { + resource_group_name = azurerm_resource_group.vmss.name + loadbalancer_id = azurerm_lb.vmss.id + name = "ssh-running-probe" + port = var.application_port +} + +resource "azurerm_lb_rule" "lbnatrule" { + resource_group_name = azurerm_resource_group.vmss.name + loadbalancer_id = azurerm_lb.vmss.id + name = "http" + protocol = "Tcp" + frontend_port = var.application_port + backend_port = var.application_port + backend_address_pool_id = azurerm_lb_backend_address_pool.bpepool.id + frontend_ip_configuration_name = "PublicIPAddress" + probe_id = azurerm_lb_probe.vmss.id +} + +data "azurerm_resource_group" "image" { + name = "myResourceGroup" +} + +data "azurerm_image" "image" { + name = "myPackerImage" + resource_group_name = data.azurerm_resource_group.image.name +} + +resource "azurerm_virtual_machine_scale_set" "vmss" { + name = "vmscaleset" + location = var.location + resource_group_name = azurerm_resource_group.vmss.name + upgrade_policy_mode = "Manual" + + sku { + name = "Standard_DS1_v2" + tier = "Standard" + capacity = 2 + } + + storage_profile_image_reference { + id=data.azurerm_image.image.id + } + + storage_profile_os_disk { + name = "" + caching = "ReadWrite" + create_option = "FromImage" + managed_disk_type = "Standard_LRS" + } + + storage_profile_data_disk { + lun = 0 + caching = "ReadWrite" + create_option = "Empty" + disk_size_gb = 10 + } + + os_profile { + computer_name_prefix = "vmlab" + admin_username = var.admin_user + admin_password = var.admin_password + } + + os_profile_linux_config { + disable_password_authentication = true + + ssh_keys { + path = "/home/azureuser/.ssh/authorized_keys" + key_data = file("~/.ssh/id_rsa.pub") + } + } + + network_profile { + name = "terraformnetworkprofile" + primary = true + + ip_configuration { + name = "IPConfiguration" + subnet_id = azurerm_subnet.vmss.id + load_balancer_backend_address_pool_ids = [azurerm_lb_backend_address_pool.bpepool.id] + primary = true + } + } + + tags = { + environment = "codelab" + } +} + +resource "azurerm_public_ip" "jumpbox" { + name = "jumpbox-public-ip" + location = var.location + resource_group_name = azurerm_resource_group.vmss.name + allocation_method = "Static" + domain_name_label = "${azurerm_resource_group.vmss.name}-ssh" + + tags = { + environment = "codelab" + } +} + +resource "azurerm_network_interface" "jumpbox" { + name = "jumpbox-nic" + location = var.location + resource_group_name = azurerm_resource_group.vmss.name + + ip_configuration { + name = "IPConfiguration" + subnet_id = azurerm_subnet.vmss.id + private_ip_address_allocation = "dynamic" + public_ip_address_id = azurerm_public_ip.jumpbox.id + } + + tags = { + environment = "codelab" + } +} + +resource "azurerm_virtual_machine" "jumpbox" { + name = "jumpbox" + location = var.location + resource_group_name = azurerm_resource_group.vmss.name + network_interface_ids = [azurerm_network_interface.jumpbox.id] + vm_size = "Standard_DS1_v2" + + storage_image_reference { + publisher = "Canonical" + offer = "UbuntuServer" + sku = "16.04-LTS" + version = "latest" + } + + storage_os_disk { + name = "jumpbox-osdisk" + caching = "ReadWrite" + create_option = "FromImage" + managed_disk_type = "Standard_LRS" + } + + os_profile { + computer_name = "jumpbox" + admin_username = var.admin_user + admin_password = var.admin_password + } + + os_profile_linux_config { + disable_password_authentication = true + + ssh_keys { + path = "/home/azureuser/.ssh/authorized_keys" + key_data = file("~/.ssh/id_rsa.pub") + } + } + + tags = { + environment = "codelab" + } +} + diff --git a/quickstart/201-vmss-packer-jumpbox/output.tf b/quickstart/201-vmss-packer-jumpbox/output.tf new file mode 100644 index 00000000..57734ab9 --- /dev/null +++ b/quickstart/201-vmss-packer-jumpbox/output.tf @@ -0,0 +1,11 @@ +output "vmss_public_ip_fqdn" { + value = azurerm_public_ip.vmss.fqdn +} + +output "jumpbox_public_ip_fqdn" { + value = azurerm_public_ip.jumpbox.fqdn +} + +output "jumpbox_public_ip" { + value = azurerm_public_ip.jumpbox.ip_address +} diff --git a/quickstart/201-vmss-packer-jumpbox/readme.md b/quickstart/201-vmss-packer-jumpbox/readme.md new file mode 100644 index 00000000..c8199988 --- /dev/null +++ b/quickstart/201-vmss-packer-jumpbox/readme.md @@ -0,0 +1,25 @@ +# Azure virtual machine scale set with jumpbox from Packer custom image + +This template deploys an Azure virtual machine scale set with a jumpbox from a Packer custom image. + +## Resources + +| Terraform Resource Type | Description | +| - | - | +| `azurerm_resource_group` | The resource group all resources are deployed into | + +## Variables + +| Name | Description | +|-|-| +| `resource_group_name` | Name of the resource group in which the resources will be created | +| `location` | Location where resources will be create | +| `tags` | Map of the tags to use for the resources that are deployed | +| `application_port` | Port that you want to expose to the external load balancer | +| `admin_user` | User name to use as the admin account on the VMs that will be part of the VM scale set | +| `admin_password` | Default password for admin account (NOTE: For security reasons, this value is not set in the plaintext variables.tf file.) | + +## Example + +To see how to run this example, see [Create an Azure virtual machine scale set from a Packer custom image by using Terraform +](https://docs.microsoft.com/azure/developer/terraform/create-vm-scaleset-network-disks-using-packer-hcl#create-an-azure-image-by-using-packer). \ No newline at end of file diff --git a/quickstart/201-vmss-packer-jumpbox/variables.tf b/quickstart/201-vmss-packer-jumpbox/variables.tf new file mode 100644 index 00000000..574d720c --- /dev/null +++ b/quickstart/201-vmss-packer-jumpbox/variables.tf @@ -0,0 +1,31 @@ +variable "resource_group_name" { + description = "Name of the resource group in which the resources will be created" + default = "myResourceGroup" +} + +variable "location" { + default = "eastus" + description = "Location where resources will be created" +} + +variable "tags" { + description = "Map of the tags to use for the resources that are deployed" + type = map(string) + default = { + environment = "codelab" + } +} + +variable "application_port" { + description = "Port that you want to expose to the external load balancer" + default = 80 +} + +variable "admin_user" { + description = "User name to use as the admin account on the VMs that will be part of the VM scale set" + default = "azureuser" +} + +variable "admin_password" { + description = "Default password for admin account" +} \ No newline at end of file diff --git a/quickstart/README.md b/quickstart/README.md index 73df970b..bbb5ae7f 100644 --- a/quickstart/README.md +++ b/quickstart/README.md @@ -29,6 +29,8 @@ This project has adopted the [Microsoft Open Source Code of Conduct](https://ope - [Azure Kubernetes Service with Log Analytics](./201-aks-log-analytics/) - [Azure Kubernetes Service with Helm](./201-aks-helm/) - [Azure Kubernetes Service with ACR](./201-aks-acr-identity/) +- [Azure virtual machine scale set with jumpbox](./201-vmss-jumpbox) +- [Azure virtual machine scale set with jumpbox from Packer custom image](./201-vmss-packer-jumpbox) #### Advanced - [Azure Service Fabric](./301-service-fabric/)