From 2713f07c822027c5d0ee3dcc8f62e8aa06f7a1f1 Mon Sep 17 00:00:00 2001 From: Dennis Eikelenboom Date: Mon, 20 Sep 2021 15:41:46 -0700 Subject: [PATCH 1/5] include compute resources and network dependencies --- .gitignore | 1 + .../compute.tf | 37 +++++++++++++++++++ .../network.tf | 10 +++++ .../readme.md | 2 + 4 files changed, 50 insertions(+) create mode 100644 quickstart/201-machine-learning-moderately-secure/compute.tf diff --git a/.gitignore b/.gitignore index d2f6471c..8f21e32a 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ quickstart/101-machine-learning/.terraform.lock.hcl quickstart/101-machine-learning/.terraform/providers/registry.terraform.io/hashicorp/azurerm/2.76.0/windows_amd64/terraform-provider-azurerm_v2.76.0_x5.exe quickstart/101-machine-learning/terraform.tfstate quickstart/101-machine-learning/demo.tfplan +quickstart/201-machine-learning-moderately-secure/demo.tfplan diff --git a/quickstart/201-machine-learning-moderately-secure/compute.tf b/quickstart/201-machine-learning-moderately-secure/compute.tf new file mode 100644 index 00000000..2544c5a6 --- /dev/null +++ b/quickstart/201-machine-learning-moderately-secure/compute.tf @@ -0,0 +1,37 @@ +# Generate random string for unique compute instance name +resource "random_string" "ci_prefix" { + length = 8 + upper = false + special = false + number = false +} + +# Compute instance +resource "azurerm_machine_learning_compute_instance" "compute_instance" { + name = "${random_string.ci_prefix.result}instance" + location = azurerm_resource_group.default.location + machine_learning_workspace_id = azurerm_machine_learning_workspace.default.id + virtual_machine_size = "STANDARD_DS2_V2" + subnet_resource_id = azurerm_subnet.snet-training.id +} + +# Compute cluster +resource "azurerm_machine_learning_compute_cluster" "compute" { + name = "cpu-cluster" + location = azurerm_resource_group.default.location + machine_learning_workspace_id = azurerm_machine_learning_workspace.default.id + vm_priority = "Dedicated" + vm_size = "STANDARD_DS2_V2" + subnet_resource_id = azurerm_subnet.snet-training.id + + identity { + type = "SystemAssigned" + } + + scale_settings { + min_node_count = 0 + max_node_count = 3 + scale_down_nodes_after_idle_duration = "PT15M" # 15 minutes + } + +} \ No newline at end of file diff --git a/quickstart/201-machine-learning-moderately-secure/network.tf b/quickstart/201-machine-learning-moderately-secure/network.tf index c1751545..06010ff7 100644 --- a/quickstart/201-machine-learning-moderately-secure/network.tf +++ b/quickstart/201-machine-learning-moderately-secure/network.tf @@ -82,6 +82,11 @@ resource "azurerm_private_dns_zone_virtual_network_link" "vnetlinkcr" { resource "azurerm_private_dns_zone" "dnsazureml" { name = "privatelink.api.azureml.ms" resource_group_name = azurerm_resource_group.default.name + + depends_on = [ + azurerm_machine_learning_compute_cluster.compute, + azurerm_machine_learning_compute_instance.compute_instance + ] } resource "azurerm_private_dns_zone_virtual_network_link" "vnetlinkml" { @@ -94,6 +99,11 @@ resource "azurerm_private_dns_zone_virtual_network_link" "vnetlinkml" { resource "azurerm_private_dns_zone" "dnsnotebooks" { name = "privatelink.notebooks.azure.net" resource_group_name = azurerm_resource_group.default.name + + depends_on = [ + azurerm_machine_learning_compute_cluster.compute, + azurerm_machine_learning_compute_instance.compute_instance + ] } resource "azurerm_private_dns_zone_virtual_network_link" "vnetlinknbs" { diff --git a/quickstart/201-machine-learning-moderately-secure/readme.md b/quickstart/201-machine-learning-moderately-secure/readme.md index 6c5fbe6e..17bbf831 100644 --- a/quickstart/201-machine-learning-moderately-secure/readme.md +++ b/quickstart/201-machine-learning-moderately-secure/readme.md @@ -43,6 +43,8 @@ This configuration describes the minimal set of resources you require to get sta ## Usage ```bash +terraform init + terraform plan -var name=azureml567 -out demo.tfplan terraform apply "demo.tfplan" From fdbb100df1523ef254b228a466204f73d83ca1fc Mon Sep 17 00:00:00 2001 From: Dennis Eikelenboom Date: Mon, 20 Sep 2021 15:51:03 -0700 Subject: [PATCH 2/5] add comment --- .../compute.tf | 37 +++++++++++++++++++ .../readme.md | 4 +- 2 files changed, 39 insertions(+), 2 deletions(-) create mode 100644 quickstart/202-machine-learning-moderately-secure-existing-VNet/compute.tf diff --git a/quickstart/202-machine-learning-moderately-secure-existing-VNet/compute.tf b/quickstart/202-machine-learning-moderately-secure-existing-VNet/compute.tf new file mode 100644 index 00000000..aa16e3b5 --- /dev/null +++ b/quickstart/202-machine-learning-moderately-secure-existing-VNet/compute.tf @@ -0,0 +1,37 @@ +# Generate random string for unique compute instance name +resource "random_string" "ci_prefix" { + length = 8 + upper = false + special = false + number = false +} + +# Compute instance +resource "azurerm_machine_learning_compute_instance" "compute_instance" { + name = "${random_string.ci_prefix.result}instance" + location = azurerm_resource_group.default.location + machine_learning_workspace_id = azurerm_machine_learning_workspace.default.id + virtual_machine_size = "STANDARD_DS2_V2" + subnet_resource_id = var.training_subnet_resource_id +} + +# Compute cluster +resource "azurerm_machine_learning_compute_cluster" "compute" { + name = "cpu-cluster" + location = azurerm_resource_group.default.location + machine_learning_workspace_id = azurerm_machine_learning_workspace.default.id + vm_priority = "Dedicated" + vm_size = "STANDARD_DS2_V2" + subnet_resource_id = var.training_subnet_resource_id + + identity { + type = "SystemAssigned" + } + + scale_settings { + min_node_count = 0 + max_node_count = 3 + scale_down_nodes_after_idle_duration = "PT15M" # 15 minutes + } + +} \ No newline at end of file diff --git a/quickstart/202-machine-learning-moderately-secure-existing-VNet/readme.md b/quickstart/202-machine-learning-moderately-secure-existing-VNet/readme.md index 402df750..6f7fbc52 100644 --- a/quickstart/202-machine-learning-moderately-secure-existing-VNet/readme.md +++ b/quickstart/202-machine-learning-moderately-secure-existing-VNet/readme.md @@ -8,6 +8,8 @@ for private network connectivity using [Azure Private Link](https://docs.microso This configuration describes the minimal set of resources you require to get started with Azure Machine Learning in a network-isolated set-up. This configurations assumes that you have existing network components to reuse. The [201 example](../201-machine-learning-moderately-secure/readme.md), alternatively creates new network components. +Please note that this template does not configure Azure Private DNS zones. The assumption is that you have already configured DNS zones that are linked to your virtual network resources, or use your private DNS. + ## Resources | Terraform Resource Type | Description | @@ -20,8 +22,6 @@ This configuration describes the minimal set of resources you require to get sta | `azurerm_machine_learning_workspace` | An Azure Machine Learning workspace instance | | `azurerm_virtual_network` | An Azure Machine Learning workspace instance | | `azurerm_subnet` | An Azure Machine Learning workspace instance | -| `azurerm_private_dns_zone` | Private DNS Zones for FQDNs required for Azure Machine Learning and associated resources | -| `azurerm_private_dns_zone_virtual_network_link` | Virtual network links of the Private DNS Zones to the virtual network resource | | `azurerm_private_endpoint` | Private Endpoints for the Azure Machine Learning workspace and associated resources | | `azurerm_machine_learning_compute_instance` | An Azure Machine Learning compute instance a single-node managed compute. | | `azurerm_machine_learning_compute_cluster` | An Azure Machine Learning compute cluster as multi-node shared and managed compute. | From 9d04bc247e6c3da3e84328996c718209b80b35cc Mon Sep 17 00:00:00 2001 From: Dennis Eikelenboom Date: Mon, 20 Sep 2021 15:55:51 -0700 Subject: [PATCH 3/5] ci naming --- quickstart/101-machine-learning/compute.tf | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/quickstart/101-machine-learning/compute.tf b/quickstart/101-machine-learning/compute.tf index bbab56ba..d8ec709a 100644 --- a/quickstart/101-machine-learning/compute.tf +++ b/quickstart/101-machine-learning/compute.tf @@ -1,9 +1,17 @@ -# Compute Instance +# Generate random string for unique compute instance name +resource "random_string" "ci_prefix" { + length = 8 + upper = false + special = false + number = false +} + +# Compute instance resource "azurerm_machine_learning_compute_instance" "compute_instance" { - name = "default-instance" + name = "${random_string.ci_prefix.result}instance" location = azurerm_resource_group.default.location machine_learning_workspace_id = azurerm_machine_learning_workspace.default.id - virtual_machine_size = "STANDARD_DS2_V2" + virtual_machine_size = "STANDARD_DS2_V2" } # Compute Cluster From 7c4abc8e7eb20fe673ebcaffc1d2b4c5977613b9 Mon Sep 17 00:00:00 2001 From: Dennis Eikelenboom Date: Mon, 20 Sep 2021 15:57:46 -0700 Subject: [PATCH 4/5] update gitignore --- .gitignore | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 8f21e32a..0f1c8537 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,5 @@ -quickstart/101-machine-learning/.terraform.lock.hcl -quickstart/101-machine-learning/.terraform/providers/registry.terraform.io/hashicorp/azurerm/2.76.0/windows_amd64/terraform-provider-azurerm_v2.76.0_x5.exe -quickstart/101-machine-learning/terraform.tfstate -quickstart/101-machine-learning/demo.tfplan -quickstart/201-machine-learning-moderately-secure/demo.tfplan +*.terraform.lock.hcl +*.exe +*.tfstate +*.tfplan +*.tfplan From bcd263ed5f213db899d86fe499955b08cd0d0faf Mon Sep 17 00:00:00 2001 From: Dennis Eikelenboom Date: Tue, 21 Sep 2021 17:02:40 -0700 Subject: [PATCH 5/5] updates to network and compute --- .../201-machine-learning-moderately-secure/compute.tf | 6 +++++- .../201-machine-learning-moderately-secure/network.tf | 10 ---------- .../readme.md | 2 +- 3 files changed, 6 insertions(+), 12 deletions(-) diff --git a/quickstart/201-machine-learning-moderately-secure/compute.tf b/quickstart/201-machine-learning-moderately-secure/compute.tf index 2544c5a6..ee2983b1 100644 --- a/quickstart/201-machine-learning-moderately-secure/compute.tf +++ b/quickstart/201-machine-learning-moderately-secure/compute.tf @@ -13,6 +13,10 @@ resource "azurerm_machine_learning_compute_instance" "compute_instance" { machine_learning_workspace_id = azurerm_machine_learning_workspace.default.id virtual_machine_size = "STANDARD_DS2_V2" subnet_resource_id = azurerm_subnet.snet-training.id + + depends_on = [ + azurerm_private_endpoint.mlw_ple + ] } # Compute cluster @@ -33,5 +37,5 @@ resource "azurerm_machine_learning_compute_cluster" "compute" { max_node_count = 3 scale_down_nodes_after_idle_duration = "PT15M" # 15 minutes } - + } \ No newline at end of file diff --git a/quickstart/201-machine-learning-moderately-secure/network.tf b/quickstart/201-machine-learning-moderately-secure/network.tf index 06010ff7..c1751545 100644 --- a/quickstart/201-machine-learning-moderately-secure/network.tf +++ b/quickstart/201-machine-learning-moderately-secure/network.tf @@ -82,11 +82,6 @@ resource "azurerm_private_dns_zone_virtual_network_link" "vnetlinkcr" { resource "azurerm_private_dns_zone" "dnsazureml" { name = "privatelink.api.azureml.ms" resource_group_name = azurerm_resource_group.default.name - - depends_on = [ - azurerm_machine_learning_compute_cluster.compute, - azurerm_machine_learning_compute_instance.compute_instance - ] } resource "azurerm_private_dns_zone_virtual_network_link" "vnetlinkml" { @@ -99,11 +94,6 @@ resource "azurerm_private_dns_zone_virtual_network_link" "vnetlinkml" { resource "azurerm_private_dns_zone" "dnsnotebooks" { name = "privatelink.notebooks.azure.net" resource_group_name = azurerm_resource_group.default.name - - depends_on = [ - azurerm_machine_learning_compute_cluster.compute, - azurerm_machine_learning_compute_instance.compute_instance - ] } resource "azurerm_private_dns_zone_virtual_network_link" "vnetlinknbs" { diff --git a/quickstart/202-machine-learning-moderately-secure-existing-VNet/readme.md b/quickstart/202-machine-learning-moderately-secure-existing-VNet/readme.md index 6f7fbc52..c3b68e67 100644 --- a/quickstart/202-machine-learning-moderately-secure-existing-VNet/readme.md +++ b/quickstart/202-machine-learning-moderately-secure-existing-VNet/readme.md @@ -8,7 +8,7 @@ for private network connectivity using [Azure Private Link](https://docs.microso This configuration describes the minimal set of resources you require to get started with Azure Machine Learning in a network-isolated set-up. This configurations assumes that you have existing network components to reuse. The [201 example](../201-machine-learning-moderately-secure/readme.md), alternatively creates new network components. -Please note that this template does not configure Azure Private DNS zones. The assumption is that you have already configured DNS zones that are linked to your virtual network resources, or use your private DNS. +Please note that this template does not create Azure Private DNS zones. The assumption is that you have already configured Azure private DNS zones that are linked to your virtual network resources. ## Resources