fix example

revert change to 301-hub-spoke
add random suffix to avoid naming conflict
2024-10-05 09:42:43 +00:00 · 2024-10-05 15:46:58 +08:00 · 2024-10-05 15:03:50 +08:00 · 2024-10-05 15:03:50 +08:00 · 2024-10-05 15:03:50 +08:00 · 2024-10-05 15:03:50 +08:00
6 changed files with 74 additions and 14 deletions
--- a/quickstart/301-machine-learning-hub-spoke-secure/azure-firewall.tf
+++ b/quickstart/301-machine-learning-hub-spoke-secure/azure-firewall.tf
@ -3,7 +3,7 @@ resource "random_string" "fw_diag_prefix" {
  length  = 8
  upper   = false
  special = false
-  number  = false
+  numeric = false
 }
 resource "azurerm_ip_group" "ip_group_hub" {
  name                = "hub-ipgroup"
@ -47,6 +47,8 @@ resource "azurerm_firewall" "azure_firewall_instance" {
  name                = "afw-${var.name}-${var.environment}"
  location            = azurerm_resource_group.default.location
  resource_group_name = azurerm_resource_group.hub_rg.name
+  sku_name            = "AZFW_VNet"
+  sku_tier            = "Standard"
  firewall_policy_id  = azurerm_firewall_policy.base_policy.id

  ip_configuration {
@ -105,6 +107,11 @@ resource "azurerm_monitor_diagnostic_setting" "azure_firewall_instance" {
    }
  }

+  lifecycle {
+    ignore_changes = [
+      log
+    ]
+  }
 }

 resource "azurerm_firewall_policy_rule_collection_group" "azure_firewall_rules_collection" {
--- a/quickstart/301-machine-learning-hub-spoke-secure/compute.tf
+++ b/quickstart/301-machine-learning-hub-spoke-secure/compute.tf
@ -3,7 +3,7 @@ resource "random_string" "ci_prefix" {
  length  = 8
  upper   = false
  special = false
-  number  = false
+  numeric = false
 }

 # Compute instance
--- a/quickstart/301-machine-learning-hub-spoke-secure/dsvm.tf
+++ b/quickstart/301-machine-learning-hub-spoke-secure/dsvm.tf
@ -10,6 +10,15 @@ resource "azurerm_network_interface" "dsvm" {
  }
 }

+resource "random_password" "dsvm_host_password" {
+  count  = var.dsvm_host_password == null ? 1 : 0
+  length = 20
+}
+
+locals {
+  dsvm_host_password = try(random_password.dsvm_host_password[0].result, var.dsvm_host_password)
+}
+
 resource "azurerm_windows_virtual_machine" "dsvm" {
  name                = var.dsvm_name
  location            = azurerm_resource_group.default.location
@ -37,12 +46,18 @@ resource "azurerm_windows_virtual_machine" "dsvm" {
  }
  computer_name  = var.dsvm_name
  admin_username = var.dsvm_admin_username
-  admin_password = var.dsvm_host_password
+  admin_password = local.dsvm_host_password

  provision_vm_agent = true
+  vm_agent_platform_updates_enabled = false

  timeouts {
    create = "60m"
    delete = "2h"
  }
+  lifecycle {
+    ignore_changes = [ 
+      vm_agent_platform_updates_enabled,
+    ]
+  }
 }
--- a/quickstart/301-machine-learning-hub-spoke-secure/main.tf
+++ b/quickstart/301-machine-learning-hub-spoke-secure/main.tf
@ -4,29 +4,43 @@ terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
-      version = "=2.78.0"
+      version = "~> 3.0"
    }

    azureml = {
-      source = "registry.terraform.io/Telemaco019/azureml"
+      source = "registry.terraform.io/orobix/azureml"
    }
  }
 }

 provider "azurerm" {
-  features {}
+  features {
+    key_vault {
+      recover_soft_deleted_key_vaults    = false
+      purge_soft_delete_on_destroy       = false
+      purge_soft_deleted_keys_on_destroy = false
+    }
+    resource_group {
+      prevent_deletion_if_contains_resources = false
+    }
+  }
 }

 data "azurerm_client_config" "current" {}

+resource "random_string" "suffix" {
+  length  = 4
+  upper   = false
+  special = false
+}
+
 resource "azurerm_resource_group" "default" {
-  name     = "rg-${var.name}-${var.environment}"
+  name     = "rg-${var.name}-${var.environment}-${random_string.suffix.result}"
  location = var.location
 }

 #Hub Resource Group
 resource "azurerm_resource_group" "hub_rg" {
-  name     = "rg-hub-${var.name}-${var.environment}"
+  name     = "rg-hub-${var.name}-${var.environment}-${random_string.suffix.result}"
  location = var.location
-
 }
--- a/quickstart/301-machine-learning-hub-spoke-secure/variables.tf
+++ b/quickstart/301-machine-learning-hub-spoke-secure/variables.tf
@ -1,6 +1,7 @@
 variable "name" {
  type        = string
  description = "Name of the deployment"
+  default     = "301mlhss"
 }

 variable "environment" {
@ -90,4 +91,5 @@ variable "dsvm_host_password" {
  type        = string
  description = "Password for the admin username of the Data Science VM"
  sensitive   = true
+  default     = null
 }
--- a/quickstart/301-machine-learning-hub-spoke-secure/workspace.tf
+++ b/quickstart/301-machine-learning-hub-spoke-secure/workspace.tf
@ -1,6 +1,6 @@
 # Dependent resources for Azure Machine Learning
 resource "azurerm_application_insights" "default" {
-  name                = "appi-${var.name}-${var.environment}"
+  name                = "appi-${var.name}-${var.environment}-${random_string.suffix.result}"
  location            = azurerm_resource_group.default.location
  resource_group_name = azurerm_resource_group.default.name
  workspace_id        = azurerm_log_analytics_workspace.default.id
@ -8,7 +8,7 @@ resource "azurerm_application_insights" "default" {
 }

 resource "azurerm_key_vault" "default" {
-  name                     = "kv-${var.name}-${var.environment}"
+  name                     = "kv-${var.name}-${var.environment}-${random_string.suffix.result}"
  location                 = azurerm_resource_group.default.location
  resource_group_name      = azurerm_resource_group.default.name
  tenant_id                = data.azurerm_client_config.current.tenant_id
@ -22,7 +22,7 @@ resource "azurerm_key_vault" "default" {
 }

 resource "azurerm_storage_account" "default" {
-  name                            = "st${var.name}${var.environment}"
+  name                            = "st${var.name}${var.environment}${random_string.suffix.result}"
  location                        = azurerm_resource_group.default.location
  resource_group_name             = azurerm_resource_group.default.name
  account_tier                    = "Standard"
@ -36,7 +36,7 @@ resource "azurerm_storage_account" "default" {
 }

 resource "azurerm_container_registry" "default" {
-  name                = "cr${var.name}${var.environment}"
+  name                = "cr${var.name}${var.environment}${random_string.suffix.result}"
  location            = azurerm_resource_group.default.location
  resource_group_name = azurerm_resource_group.default.name
  sku                 = "Premium"
@ -50,7 +50,7 @@ resource "azurerm_container_registry" "default" {

 # Machine Learning workspace
 resource "azurerm_machine_learning_workspace" "default" {
-  name                    = "mlw-${var.name}-${var.environment}"
+  name                    = "mlw-${var.name}-${var.environment}-${random_string.suffix.result}"
  location                = azurerm_resource_group.default.location
  resource_group_name     = azurerm_resource_group.default.name
  application_insights_id = azurerm_application_insights.default.id
@ -76,6 +76,13 @@ resource "azurerm_machine_learning_workspace" "default" {

 }

+resource "time_sleep" "one_min" {
+  create_duration = "1m"
+  depends_on = [
+    azurerm_windows_virtual_machine.dsvm
+  ]
+}
+
 # Private endpoints
 resource "azurerm_private_endpoint" "kv_ple" {
  name                = "ple-${var.name}-${var.environment}-kv"
@ -94,6 +101,9 @@ resource "azurerm_private_endpoint" "kv_ple" {
    subresource_names              = ["vault"]
    is_manual_connection           = false
  }
+  depends_on = [
+    time_sleep.one_min
+  ]
 }

 resource "azurerm_private_endpoint" "st_ple_blob" {
@ -113,6 +123,9 @@ resource "azurerm_private_endpoint" "st_ple_blob" {
    subresource_names              = ["blob"]
    is_manual_connection           = false
  }
+  depends_on = [
+    time_sleep.one_min
+  ]
 }

 resource "azurerm_private_endpoint" "storage_ple_file" {
@ -132,6 +145,9 @@ resource "azurerm_private_endpoint" "storage_ple_file" {
    subresource_names              = ["file"]
    is_manual_connection           = false
  }
+  depends_on = [
+    time_sleep.one_min
+  ]
 }

 resource "azurerm_private_endpoint" "cr_ple" {
@ -151,6 +167,9 @@ resource "azurerm_private_endpoint" "cr_ple" {
    subresource_names              = ["registry"]
    is_manual_connection           = false
  }
+  depends_on = [
+    time_sleep.one_min
+  ]
 }

 resource "azurerm_private_endpoint" "mlw_ple" {
@ -170,6 +189,9 @@ resource "azurerm_private_endpoint" "mlw_ple" {
    subresource_names              = ["amlworkspace"]
    is_manual_connection           = false
  }
+  depends_on = [
+    time_sleep.one_min
+  ]
 }

 # Compute cluster for image building required since the workspace is behind a vnet.
Author	SHA1	Message	Date
github-actions[bot]	5e5d975f67	fix example	2024-10-05 09:42:43 +00:00
zjhe	30e5ac224b	revert change to 301-hub-spoke	2024-10-05 15:46:58 +08:00
zjhe	73c1ca51f1	add random suffix to avoid naming conflict	2024-10-05 15:03:50 +08:00
zjhe	0a6ee4d6d3	revert	2024-10-05 15:03:50 +08:00
zjhe	ee8733602b	add one minute sleep to avoid retryable error	2024-10-05 15:03:50 +08:00
zjhe	3e8e2078ab	fix example	2024-10-05 15:03:50 +08:00
zjhe	a43c127c8e	add random suffix to resource group	2024-10-05 15:03:50 +08:00
zjhe	4bb8b212ac	shorten default name	2024-10-05 15:03:50 +08:00
zjhe	64e270d463	fix example	2024-10-05 15:03:49 +08:00
zjhe	fd903819cd	fix example	2024-10-05 15:03:49 +08:00
zjhe	91b73244e5	add default value to fix example	2024-10-05 15:03:49 +08:00
zjhe	77dcd8d154	bump auzrerm to v3, change azureml provider to use orobix/azureml	2024-10-05 15:03:49 +08:00