267 lines
6.8 KiB
HCL
267 lines
6.8 KiB
HCL
terraform {
|
|
|
|
required_version = ">=0.12"
|
|
|
|
required_providers {
|
|
azurerm = {
|
|
source = "hashicorp/azurerm"
|
|
version = "~>3.0"
|
|
}
|
|
azapi = {
|
|
source = "Azure/azapi"
|
|
version = "~> 1.0"
|
|
}
|
|
local = {
|
|
source = "hashicorp/local"
|
|
version = "2.4.0"
|
|
}
|
|
random = {
|
|
source = "hashicorp/random"
|
|
version = "3.5.1"
|
|
}
|
|
tls = {
|
|
source = "hashicorp/tls"
|
|
version = "4.0.4"
|
|
}
|
|
}
|
|
}
|
|
|
|
provider "azurerm" {
|
|
features {
|
|
resource_group {
|
|
prevent_deletion_if_contains_resources = false
|
|
}
|
|
}
|
|
}
|
|
|
|
resource "random_pet" "id" {}
|
|
|
|
resource "azurerm_resource_group" "vmss" {
|
|
name = coalesce(var.resource_group_name, "201-vmss-packer-jumpbox-${random_pet.id.id}")
|
|
location = var.location
|
|
tags = var.tags
|
|
}
|
|
|
|
resource "random_string" "fqdn" {
|
|
length = 6
|
|
special = false
|
|
upper = false
|
|
numeric = false
|
|
}
|
|
|
|
resource "azurerm_virtual_network" "vmss" {
|
|
name = "vmss-vnet"
|
|
address_space = ["10.0.0.0/16"]
|
|
location = var.location
|
|
resource_group_name = azurerm_resource_group.vmss.name
|
|
tags = var.tags
|
|
}
|
|
|
|
resource "azurerm_subnet" "vmss" {
|
|
name = "vmss-subnet"
|
|
resource_group_name = azurerm_resource_group.vmss.name
|
|
virtual_network_name = azurerm_virtual_network.vmss.name
|
|
address_prefixes = ["10.0.2.0/24"]
|
|
}
|
|
|
|
resource "azurerm_public_ip" "vmss" {
|
|
name = "vmss-public-ip"
|
|
location = var.location
|
|
resource_group_name = azurerm_resource_group.vmss.name
|
|
allocation_method = "Static"
|
|
domain_name_label = random_string.fqdn.result
|
|
tags = var.tags
|
|
}
|
|
|
|
resource "azurerm_lb" "vmss" {
|
|
name = "vmss-lb"
|
|
location = var.location
|
|
resource_group_name = azurerm_resource_group.vmss.name
|
|
|
|
frontend_ip_configuration {
|
|
name = "PublicIPAddress"
|
|
public_ip_address_id = azurerm_public_ip.vmss.id
|
|
}
|
|
|
|
tags = var.tags
|
|
}
|
|
|
|
resource "azurerm_lb_backend_address_pool" "bpepool" {
|
|
loadbalancer_id = azurerm_lb.vmss.id
|
|
name = "BackEndAddressPool"
|
|
}
|
|
|
|
resource "azurerm_lb_probe" "vmss" {
|
|
loadbalancer_id = azurerm_lb.vmss.id
|
|
name = "ssh-running-probe"
|
|
port = var.application_port
|
|
}
|
|
|
|
resource "azurerm_lb_rule" "lbnatrule" {
|
|
loadbalancer_id = azurerm_lb.vmss.id
|
|
name = "http"
|
|
protocol = "Tcp"
|
|
frontend_port = var.application_port
|
|
backend_port = var.application_port
|
|
backend_address_pool_ids = [azurerm_lb_backend_address_pool.bpepool.id]
|
|
frontend_ip_configuration_name = "PublicIPAddress"
|
|
probe_id = azurerm_lb_probe.vmss.id
|
|
}
|
|
|
|
data "azurerm_resource_group" "image" {
|
|
name = var.packer_resource_group_name
|
|
}
|
|
|
|
data "azurerm_image" "image" {
|
|
name = var.packer_image_name
|
|
resource_group_name = data.azurerm_resource_group.image.name
|
|
}
|
|
|
|
resource "azapi_resource" "ssh_public_key" {
|
|
type = "Microsoft.Compute/sshPublicKeys@2022-11-01"
|
|
name = random_pet.id.id
|
|
location = azurerm_resource_group.vmss.location
|
|
parent_id = azurerm_resource_group.vmss.id
|
|
}
|
|
|
|
resource "azapi_resource_action" "ssh_public_key_gen" {
|
|
type = "Microsoft.Compute/sshPublicKeys@2022-11-01"
|
|
resource_id = azapi_resource.ssh_public_key.id
|
|
action = "generateKeyPair"
|
|
method = "POST"
|
|
|
|
response_export_values = ["publicKey", "privateKey"]
|
|
}
|
|
|
|
resource "random_password" "password" {
|
|
count = var.admin_password == null ? 1 : 0
|
|
length = 20
|
|
}
|
|
|
|
locals {
|
|
admin_password = try(random_password.password[0].result, var.admin_password)
|
|
}
|
|
|
|
resource "azurerm_virtual_machine_scale_set" "vmss" {
|
|
name = "vmscaleset"
|
|
location = var.location
|
|
resource_group_name = azurerm_resource_group.vmss.name
|
|
upgrade_policy_mode = "Manual"
|
|
|
|
sku {
|
|
name = "Standard_DS1_v2"
|
|
tier = "Standard"
|
|
capacity = 2
|
|
}
|
|
|
|
storage_profile_image_reference {
|
|
id = data.azurerm_image.image.id
|
|
}
|
|
|
|
storage_profile_os_disk {
|
|
name = ""
|
|
caching = "ReadWrite"
|
|
create_option = "FromImage"
|
|
managed_disk_type = "Standard_LRS"
|
|
}
|
|
|
|
storage_profile_data_disk {
|
|
lun = 0
|
|
caching = "ReadWrite"
|
|
create_option = "Empty"
|
|
disk_size_gb = 10
|
|
}
|
|
|
|
os_profile {
|
|
computer_name_prefix = "vmlab"
|
|
admin_username = var.admin_user
|
|
admin_password = local.admin_password
|
|
}
|
|
|
|
os_profile_linux_config {
|
|
disable_password_authentication = true
|
|
|
|
ssh_keys {
|
|
path = "/home/azureuser/.ssh/authorized_keys"
|
|
key_data = azapi_resource_action.ssh_public_key_gen.output.publicKey
|
|
}
|
|
}
|
|
|
|
network_profile {
|
|
name = "terraformnetworkprofile"
|
|
primary = true
|
|
|
|
ip_configuration {
|
|
name = "IPConfiguration"
|
|
subnet_id = azurerm_subnet.vmss.id
|
|
load_balancer_backend_address_pool_ids = [azurerm_lb_backend_address_pool.bpepool.id]
|
|
primary = true
|
|
}
|
|
}
|
|
|
|
tags = var.tags
|
|
}
|
|
|
|
resource "azurerm_public_ip" "jumpbox" {
|
|
name = "jumpbox-public-ip"
|
|
location = var.location
|
|
resource_group_name = azurerm_resource_group.vmss.name
|
|
allocation_method = "Static"
|
|
domain_name_label = "${random_string.fqdn.result}-ssh"
|
|
tags = var.tags
|
|
}
|
|
|
|
resource "azurerm_network_interface" "jumpbox" {
|
|
name = "jumpbox-nic"
|
|
location = var.location
|
|
resource_group_name = azurerm_resource_group.vmss.name
|
|
|
|
ip_configuration {
|
|
name = "IPConfiguration"
|
|
subnet_id = azurerm_subnet.vmss.id
|
|
private_ip_address_allocation = "Dynamic"
|
|
public_ip_address_id = azurerm_public_ip.jumpbox.id
|
|
}
|
|
|
|
tags = var.tags
|
|
}
|
|
|
|
resource "azurerm_virtual_machine" "jumpbox" {
|
|
name = "jumpbox"
|
|
location = var.location
|
|
resource_group_name = azurerm_resource_group.vmss.name
|
|
network_interface_ids = [azurerm_network_interface.jumpbox.id]
|
|
vm_size = "Standard_DS1_v2"
|
|
|
|
storage_image_reference {
|
|
publisher = "Canonical"
|
|
offer = "UbuntuServer"
|
|
sku = "16.04-LTS"
|
|
version = "latest"
|
|
}
|
|
|
|
storage_os_disk {
|
|
name = "jumpbox-osdisk"
|
|
caching = "ReadWrite"
|
|
create_option = "FromImage"
|
|
managed_disk_type = "Standard_LRS"
|
|
}
|
|
|
|
os_profile {
|
|
computer_name = "jumpbox"
|
|
admin_username = var.admin_user
|
|
admin_password = local.admin_password
|
|
}
|
|
|
|
os_profile_linux_config {
|
|
disable_password_authentication = true
|
|
|
|
ssh_keys {
|
|
path = "/home/azureuser/.ssh/authorized_keys"
|
|
key_data = azapi_resource_action.ssh_public_key_gen.output.publicKey
|
|
}
|
|
}
|
|
|
|
tags = var.tags
|
|
}
|