I'm trying to enable "automaticRepairsPolicy" for my azure VMSS via terraform. I can't find the right option in azurerm documentation. Is there another way how to enable it? Maybe by creating a policy or adding an extension?
I'm grateful for any help!
You are using a deprecated resource azurerm_virtual_machine_scale_set
As documentation says, rely on one of the below resources::
azurerm_linux_virtual_machine_scale_set for linux VMSS
azurerm_windows_virtual_machine_scale_set for windows VMSS
Above resources have automatic_instance_repair block where you can set them accordingly.
Related
I currently deal 10-15 environment 100% IaC with Terraform in Azure. One of the recent projects was to change some log collection settings for all AKS Cluster. Here is a link of how to do it via kubectl - https://learn.microsoft.com/en-us/azure/azure-monitor/containers/container-insights-agent-config#data-collection-settings.
What I've found so far?
Terraform has a kubernetes_config_map resource which I was able to successfully create. (https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/config_map)
My next question is how do I apply or attach the kubernetes_config_map resource to the AKS cluster? Assuming I want this applied to all the namespaces. I wasn't able to find config_map parameter on any of the resources.
We also use helm_release, is it possible to attach/pass that kubernets_config_map to the helm_release?
Any guidance would be greatly appreciated. Thanks..
I am using the "azurerm_windows_web_app" resource type in terraform to create an app service. I am using this resource because the "azurerm_app_service" is being deprecated as indicated by the docs.
I need to setup the outbound traffic section of the app service to use a virtual network like below. I already have the virtual network being created successfully, so I just need to find a way to link it to the app service via terraform.
I cannot see any property on the resource that allows me to achieve this. On the "azurerm_app_service" resource I can see a "azurerm_app_service_virtual_network_swift_connection" which I think might achieve this, but I cannot see a corresponding resource for a "azurerm_windows_web_app" resource to connect it to a virtual network.
Does anybody know if there is currently a way to achieve this?
app_service_virtual_network_swift_connection should still be the right one. The app services resources have been split up with the latest 3.0 TF provider release but I believe the swift resource will cover both, Windows and Linux app services.
I want to install an azure agent onto my VM and have it appear as an Environment resource as described here: https://learn.microsoft.com/en-us/azure/devops/pipelines/process/environments-virtual-machines?view=azure-devops .
This works if you run the script interactively, however when I use --unattended (as described here: https://learn.microsoft.com/en-us/azure/devops/pipelines/agents/v2-windows?view=azure-devops#unattended-config ) there is no longer a way to specify tags. The --addDeploymentGroupTags option doesn't work with Environment agents.
How do I automate the adding of a VM as an environment resource with tags?
I had a look at the source code and figured out there is an undocumented way to do this. Just use the following commands:
--addvirtualmachineresourcetags --virtualmachineresourcetags "<tag>"
According to the official doc , the “interactive PS registration script” supports to add the environments tags. This document doesn’t mention adding tags in “Unattended config” mode.
You can add tags to the VM as part of the interactive PS registration script. You can also add or remove tags from the resource view by clicking on ... at the end of each VM resource on the Resources tab.
We could simply run .\config.cmd --help to check the help info of this command in PowerShell.
It only mentions how to add a “deploygroup tag” through an option. Not any info related to tag of VM resource in environment.
I'm afraid this is not available to add tags to Environment VM resource in “Unattended config” mode.
is there any code generator for Azure Terraform?
Actually i am trying to add Azure app service to existing resource group. For this we need a state configuration file, which can be generated only ( Terraform import ) if we have full Terraform code already written for that resource group.
I saw, Using Terraform to import existing resources on Azure and Update existing app service with Terraform ,but here i am talking about the thousands of resource groups.
Thanks
Gill
You would, to my knowledge, need to use terraform import against all of the existing resources that you have / want to consumse via terraform.
In saying that if you only want to manage the Azure App Service with Terraform and not everything else you can just simply pass all the requirements for the resource in and only manage this in the terraform state file.
Hi Lachie thanks for reply, I Found the solution using AZ2TF tool.
Thanks to Mr Agarciamiravet, who explained all the steps to use AZ2TF tool ( by using Docker) at
https://recetasdevops.com/migra-tu-infraestructura-actual-de-azure-a-terraform-con-py-az2tf/
this worked very well for me.
Thanks
Gill
I'm using Terraform to create a slot on an azure app service but I need some of the app settings to be sticky. This is normally done using the "slotConfigNames" in ARM but doesn't seem to be possible in Terraform.
Is this possible?
https://www.terraform.io/docs/providers/azurerm/r/app_service_slot.html
Thanks
It is not possible to use azurerm_app_service_slot directly since the Sticky Slot settings are not supported in terraform. But you can make use of the Azure Template Deployment resource in Terraform.
The solution will create an App Service with one or more Slots
attached to it and will also make use of Slot settings in order to
have the configuration tied to the environment as opposed to transform
a config file with a CI/CD server such as Octopus Deploy or perhaps
use multiple appSettings.json for each environment as you would on a
.net application.
You can get more details from this blog.
This has ben implemented now in v3.4.0 of the AzureRM provider.
terraform-provider-azurerm 3.4.0 (April 28, 2022) release notes
terraform documentation: sticky_settings
UPDATE: after some investigation into the AZ powershell module for sticky settings (Set-AzWebAppSlotConfigName), I realized that you don't need to set this on the terraform slot resource - you just set it on the primary resource (production slot).
The sticky_settings block has been added to the parent resources (app service, function app), but not the slot.