Problem statement
I am in the process to create an Azure VM cluster of windows os. till now I can create an Azure file share. and azure windows cluster. I want to attach file share created to each VM in my cluster. unable to find reference how to add same on windows VM.
code for this
resource "azurerm_storage_account" "main" {
name = "stor${var.environment}${var.cost_centre}${var.project}"
location = "${azurerm_resource_group.main.location}"
resource_group_name = "${azurerm_resource_group.main.name}"
account_tier = "${var.storage_account_tier}"
account_replication_type = "${var.storage_replication_type}"
}
resource "azurerm_storage_share" "main" {
name = "storageshare${var.environment}${var.cost_centre}${var.project}"
resource_group_name = "${azurerm_resource_group.main.name}"
storage_account_name = "${azurerm_storage_account.main.name}"
quota = "${var.storage_share_quota}"
}
resource "azurerm_virtual_machine" "vm" {
name = "vm-${var.location_id}-${var.environment}-${var.cost_centre}-${var.project}-${var.seq_id}-${count.index}"
location = "${azurerm_resource_group.main.location}"
resource_group_name = "${azurerm_resource_group.main.name}"
availability_set_id = "${azurerm_availability_set.main.id}"
vm_size = "${var.vm_size}"
network_interface_ids = ["${element(azurerm_network_interface.main.*.id, count.index)}"]
count = "${var.vm_count}"
storage_image_reference {
publisher = "${var.image_publisher}"
offer = "${var.image_offer}"
sku = "${var.image_sku}"
version = "${var.image_version}"
}
storage_os_disk {
name = "osdisk${count.index}"
create_option = "FromImage"
}
os_profile {
computer_name = "${var.vm_name}-${count.index}"
admin_username = "${var.admin_username}"
admin_password = "${var.admin_password}"
}
os_profile_windows_config {}
depends_on = ["azurerm_network_interface.main"]
}
Azure doesnt offer anything like that, so uou cannot do that natively, you need to create a script and run that script on the vm use script extension\dsc extension or if terraform supports that - with terraform.
https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-linux
Related
I have an existing Virtual Machine running in Azure that has customised software installed. I want to use Terraform to create an image of this virtual machine and store it in an image gallery. The problem is, I dont understand how Terraform uniquely identifies the virtual machine in question.
Currently, I have the following:
// Get VM I want to create an image for (how can I use this as the image reference?)
data "azurerm_virtual_machine" "example" {
name = "example"
resource_group_name = "rg-example"
}
resource "azurerm_shared_image_gallery" "example" {
name = "example_image_gallery"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
description = "Shared images and things."
}
resource "azurerm_shared_image" "example" {
name = "my-image"
gallery_name = azurerm_shared_image_gallery.example.name
resource_group_name = "rg-example"
location = "australiacentral"
os_type = "Linux"
identifier {
publisher = "teradata"
offer = "vantage-teradata-viewpoint"
sku = "teradata-viewpoint-single-system-hourly-new"
}
specialized = true
}
As far as I can tell, Terraform can only create the image based on the identifier block. But this does not uniquely identify my virtual machine. Am I missing something obvious?
My goal is to perform the "Capture" operation that is available via the Azure Portal via Terraform. How do I specify my source VM?
Through additional research, I found I needed an azurerm_shared_image_version resource. Here, I was able to reference my existing Virtual Machine via managed_image_id:
// Get clienttools VM information
data "azurerm_virtual_machine" "example" {
name = "test-virtual-machine"
resource_group_name = "rg-example"
}
resource "azurerm_shared_image_gallery" "example" {
name = "myGallery"
resource_group_name = "rg-example"
location = "australiacentral"
description = "Shared images and things."
}
resource "azurerm_shared_image" "example" {
name = "my-image"
gallery_name = azurerm_shared_image_gallery.example.name
resource_group_name = "rg-example"
location = "australiacentral"
os_type = "Windows"
identifier {
publisher = "MicrosoftWindowsServer"
offer = "WindowsServer"
sku = "2019-datacenter-gensecond"
}
// Set this as it defaults to V1
hyper_v_generation = "V2"
specialized = true
}
resource "azurerm_shared_image_version" "example" {
name = "0.0.1"
gallery_name = azurerm_shared_image_gallery.example.name
image_name = azurerm_shared_image.example.name
resource_group_name = "rg-example"
location = "australiacentral"
managed_image_id = data.azurerm_virtual_machine.example.id
target_region {
name = "australiacentral"
regional_replica_count = 1
storage_account_type = "Standard_LRS"
}
}
I have created a virtual machine using the below terraform code:
Here is the VM code:
# demo instance
resource "azurerm_virtual_machine" "demo-instance" {
name = "${var.prefix}-vm"
location = var.resource_group_location
resource_group_name = var.resource_group_name
network_interface_ids = [
azurerm_network_interface.demo-instance.id]
vm_size = "Standard_A1_v2"
# this is a demo instance, so we can delete all data on termination
delete_os_disk_on_termination = true
delete_data_disks_on_termination = true
storage_image_reference {
publisher = "RedHat"
offer = "RHEL"
sku = "7-RAW"
version = "7.5.2018042521"
}
storage_os_disk {
name = "RED-HAT-osdisk1"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
}
os_profile {
computer_name = "MyOS"
admin_username = "MyUsername"
admin_password = "Password1234!"
}
os_profile_linux_config {
disable_password_authentication = false
}
}
resource "azurerm_network_interface" "demo-instance" {
name = "${var.prefix}-instance1"
location = var.resource_group_location
resource_group_name = var.resource_group_name
ip_configuration {
name = "instance1"
subnet_id = azurerm_subnet.demo-internal-1.id
private_ip_address_allocation = "Dynamic"
public_ip_address_id = azurerm_public_ip.demo-instance.id
}
}
resource "azurerm_network_interface_security_group_association" "allow-ssh" {
network_interface_id = azurerm_network_interface.demo-instance.id
network_security_group_id = azurerm_network_security_group.allow-ssh.id
}
resource "azurerm_public_ip" "demo-instance" {
name = "instance1-public-ip"
location = var.resource_group_location
resource_group_name = var.resource_group_name
allocation_method = "Dynamic"
}
and here is the network config:
resource "azurerm_virtual_network" "demo" {
name = "${var.prefix}-network"
location = var.resource_group_location
resource_group_name = var.resource_group_name
address_space = ["10.0.0.0/16"]
}
resource "azurerm_subnet" "demo-internal-1" {
name = "${var.prefix}-internal-1"
resource_group_name = var.resource_group_name
virtual_network_name = azurerm_virtual_network.demo.name
address_prefixes = ["10.0.0.0/24"]
}
resource "azurerm_network_security_group" "allow-ssh" {
name = "${var.prefix}-allow-ssh"
location = var.resource_group_location
resource_group_name = var.resource_group_name
security_rule {
name = "SSH"
priority = 1001
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "22"
source_address_prefix = var.ssh-source-address
destination_address_prefix = "*"
}
}
As a result, i am able to connect to the virtual-machine using SSH. However, when i try to connect using RDP, i face with the below error:
What i have tried:
I read this document and added an inbound role into my network
However, i am not still able to get connect with RDP.
So, far i know that my VM is in network because it has a password and i know it is running because i can connect using SSH. But, i still don't know why the RDP does not work.
Since this is a Linux VM, you can only connect via SSH protocol even though you have allowed both 3389 and 22 in the NSG.
I see from the screenshot that you have allowed RDP traffic in the VM you are creating now. But the VM you create is RHEL server, you won't be able to take RDP into that, you can SSH only. Only windows vm can be logged in by using RDP.
If you want to login RHEL server from a particular Windows Jump box, that is possible, deploy a windows VM with opening RDP port and add one rule for RHEL server where source IP would be the windows VM. Then you can login to windows VM as bastion and take ssh to RHEL from this bastion. Let me know if your query is cleared.
I am trying to create a backup policy and enable backup while provision the Azure VM using terraform (Terraform Version - 1.1.13, Azure Provider - 2.90.0). Terraform fails to enable backup with the below error.
Error: waiting for the Azure Backup Protected VM "VM;iaasvmcontainerv2;Test-product-cloud-infra;arulazurebkup-vm" to be true (Resource Group "Test-Product-Cloud-Infra") to provision: context deadline exceeded
│
│ with azurerm_backup_protected_vm.backup,
│ on main.tf line 176, in resource "azurerm_backup_protected_vm" "backup":
│ 176: resource "azurerm_backup_protected_vm" "backup" {
│
Terraform Scripts
resource "azurerm_backup_policy_vm" "example" {
name = "Test-backup-policy"
resource_group_name = "Test-Product-Cloud-Infra"
recovery_vault_name = "backuptest"
backup {
frequency = "Daily"
time = "23:00"
}
retention_daily {
count = 7
}
}
resource "azurerm_backup_protected_vm" "backup" {
resource_group_name = "Test-Product-Cloud-Infra"
recovery_vault_name = "backuptest"
source_vm_id = azurerm_virtual_machine.example.id
backup_policy_id = azurerm_backup_policy_vm.example.id
depends_on = [azurerm_virtual_machine.example,
azurerm_virtual_machine_extension.example,
azurerm_backup_policy_vm.example]
}
When i check the error in Azure portal for the backup job, i find the below entry
On further troubleshooting getting the below when enabling backup in CLI.
You are getting the error as you are using a recovery vault which is not present in the same location as the VM .
I tested the same as below :
I created the VM in West US and the existing Recovery Services Vault was in East US. So ,I got the below error :
To solve the issue ,You have to use the same location for all the resources as the Recovery Services Vault i.e. in my case same as the resource group (East US):
resource "azurerm_virtual_machine" "main" {
name = "ansuman-vm"
location = data.azurerm_resource_group.example.location
resource_group_name = data.azurerm_resource_group.example.name
network_interface_ids = [azurerm_network_interface.example.id]
vm_size = "Standard_DS1_v2"
# Uncomment this line to delete the OS disk automatically when deleting the VM
# delete_os_disk_on_termination = true
# Uncomment this line to delete the data disks automatically when deleting the VM
# delete_data_disks_on_termination = true
storage_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "16.04-LTS"
version = "latest"
}
storage_os_disk {
name = "myosdisk1"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
}
os_profile {
computer_name = "hostname"
admin_username = "testadmin"
admin_password = "Password1234!"
}
os_profile_linux_config {
disable_password_authentication = false
}
}
data "azurerm_recovery_services_vault" "example" {
name = "recoveryvaultansuman"
resource_group_name = data.azurerm_resource_group.example.name
}
resource "azurerm_backup_policy_vm" "example" {
name = "ansuman-recovery-vault-policy"
resource_group_name = data.azurerm_resource_group.example.name
recovery_vault_name = data.azurerm_recovery_services_vault.example.name
backup {
frequency = "Daily"
time = "23:00"
}
retention_daily {
count = 7
}
}
resource "azurerm_backup_protected_vm" "vm1" {
resource_group_name = data.azurerm_resource_group.example.name
recovery_vault_name = data.azurerm_recovery_services_vault.example.name
source_vm_id = azurerm_virtual_machine.main.id
backup_policy_id = azurerm_backup_policy_vm.example.id
}
Output:
I have first created a simple standard VM in Azure which I have customized for data science purpose with different software on it. Then I have created an image from this VM so that I can deploy new VM based on the customized image faster with same configuration. I have saved the image under Azure Shared Image Gallery.
Is it any way to deploy this customized image from a Terraform script into a new Resource Group? I know how to deploy a normal standard VM from Terraform but couldn't find out how to deploy it based on a customized image saved in the Shared Image gallery.
To deploy a customized image from Azure Shared Image Gallery with terraform. You could use Data Source: azurerm_shared_image and azurerm_windows_virtual_machine or azurerm_linux_virtual_machine to manage it with specify the source_image_id. Please note that the newly created VM should be in the same region as the shared image before you deploy it. If not, you could replicate this image to your desired region, read https://learn.microsoft.com/en-us/azure/virtual-machines/shared-image-galleries#replication
For example, deploy a Windows VM from generalized shared image:
provider "azurerm" {
features {}
}
data "azurerm_shared_image" "example" {
name = "my-image"
gallery_name = "my-image-gallery"
resource_group_name = "example-resources-imageRG"
}
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "xxxxximageregion"
}
resource "azurerm_virtual_network" "example" {
name = "example-network"
address_space = ["10.0.0.0/16"]
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
}
resource "azurerm_subnet" "example" {
name = "internal"
resource_group_name = azurerm_resource_group.example.name
virtual_network_name = azurerm_virtual_network.example.name
address_prefixes = ["10.0.2.0/24"]
}
resource "azurerm_network_interface" "example" {
name = "example-nic"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
ip_configuration {
name = "internal"
subnet_id = azurerm_subnet.example.id
private_ip_address_allocation = "Dynamic"
}
}
resource "azurerm_windows_virtual_machine" "example" {
name = "example-machine"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
size = "Standard_F2"
admin_username = "adminuser"
admin_password = "P#$$w0rd1234!"
network_interface_ids = [
azurerm_network_interface.example.id,
]
os_disk {
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
}
source_image_id = data.azurerm_shared_image.example.id
}
Result
I have imported a managed disk from a blob with terraform. Now I just need to create a VM with it (it's an OS disk). How?
I have:
resource "azurerm_managed_disk" "MyDisk" {
name = "MyDisk"
location = var.location
resource_group_name = azurerm_resource_group.rg.name
storage_account_type = "Standard_LRS"
create_option = "Import"
storage_account_id = azurerm_storage_account.temp_storage.id
source_uri = "${azurerm_storage_container.images.id}/MyDisk.vhd"
disk_size_gb = "32"
tags = {
environment = "staging"
}
}
azurerm_linux_virtual_machine doesn't seem to have any way to take this managed disk and make a VM with it. Anyone know how?
thank you much
You can use azurerm_virtual_machine_data_disk_attachment. Example:
resource "azurerm_virtual_machine_data_disk_attachment" "example" {
managed_disk_id = azurerm_managed_disk.MyDisk.id
virtual_machine_id = azurerm_virtual_machine.MyMachine.id
lun = "10"
caching = "ReadWrite"
}
# <https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine>
resource "azurerm_virtual_machine" "main" {
name = "VoIP-VM"
location = var.location
resource_group_name = azurerm_resource_group.VoIP.name
network_interface_ids = [azurerm_network_interface.VoIP.id]
vm_size = "Standard_F2"
# Uncomment this line to delete the OS disk automatically when deleting the VM
# delete_os_disk_on_termination = true
# Uncomment this line to delete the data disks automatically when deleting the VM
# delete_data_disks_on_termination = true
storage_os_disk {
name = "${azurerm_managed_disk.MyDisk.name}"
caching = "ReadWrite"
create_option = "Attach"
managed_disk_type = "Standard_LRS"
managed_disk_id = "${azurerm_managed_disk.MyDisk.id}"
os_type = "linux"
}
tags = {
environment = "staging"
}
}