Skip to content

Instantly share code, notes, and snippets.

@JonTheNiceGuy

JonTheNiceGuy/Auzre-Terraform-Blogpost-README.md Secret

Last active June 13, 2019 13:16
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save JonTheNiceGuy/33137f10fe57645dca4bdd6ecf5ac468 to your computer and use it in GitHub Desktop.
Save JonTheNiceGuy/33137f10fe57645dca4bdd6ecf5ac468 to your computer and use it in GitHub Desktop.
Download ZIP
Some documentation to help understand how to get started with building an IAAS environment with Terraform
Raw
Auzre-Terraform-Blogpost-README.md

Pre-requsites

mkdir -p ~/bin
cd ~/bin
sudo apt update && sudo apt install unzip

Install AzureCLI

Source

curl -sL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/microsoft.asc.gpg > /dev/null
echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/azure-cli.list > /dev/null
sudo apt update && sudo apt install azure-cli

Install Kubectl in WSL

Source

curl -sLO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl && chmod 755 kubectl

Install Terraform in WSL

Source

curl -sLO $(curl https://www.terraform.io/downloads.html | grep "linux_amd64.zip" | cut -d\" -f 2) && unzip terraform*.zip && rm terraform*.zip && chmod 755 terraform

Install terraform extension for VSCode

https://marketplace.visualstudio.com/items?itemName=mauve.terraform

Define bash as Default VSCode Shell

Source

  1. ctrl+shift+p (Command palete)
  2. Type: default shell and select Terminal: Select Default Shell
  3. Choose "WSL Bash"
Raw
main.tf
data "http" "icanhazip" {
url = "http://ipv4.icanhazip.com"
}
provider "azurerm" {
}
resource "azurerm_resource_group" "rg" {
name = var.resource_group_name
location = var.location
}
resource "azurerm_virtual_network" "vnet" {
name = var.vnet_name
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
address_space = ["10.0.0.0/16"]
dns_servers = ["8.8.8.8", "8.8.4.4"]
}
# If the VNET already exists, use
#data "azurerm_virtual_network" "vnet" {
# name = "some_vnet_name"
# resource_group_name = "owner_rg_for_vnet"
#}
resource "azurerm_subnet" "subnet" {
name = var.subnet_name
resource_group_name = azurerm_resource_group.rg.name
virtual_network_name = azurerm_virtual_network.vnet.name
address_prefix = "10.0.1.0/24"
}
resource "azurerm_network_security_group" "iaasnsg" {
name = "iaas-nsg"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
}
resource "azurerm_network_security_rule" "iaasnsgr" {
name = "iaas-nsg-100"
priority = 100
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "22"
source_address_prefix = "${trimspace(data.http.icanhazip.body)}/32"
destination_address_prefix = "*"
resource_group_name = azurerm_resource_group.rg.name
network_security_group_name = azurerm_network_security_group.iaasnsg.name
}
resource "azurerm_public_ip" "iaaspubip" {
name = "iaas-pubip"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
allocation_method = "Dynamic"
domain_name_label = var.dns_prefix
}
resource "azurerm_network_interface" "iaasnic" {
name = "iaas-nic"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
network_security_group_id = azurerm_network_security_group.iaasnsg.id
ip_configuration {
name = "iaas-nic-ip"
subnet_id = azurerm_subnet.subnet.id
private_ip_address_allocation = "Dynamic"
public_ip_address_id = azurerm_public_ip.iaaspubip.id
}
}
resource "azurerm_virtual_machine" "main" {
name = "iaas-vm"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
network_interface_ids = [azurerm_network_interface.iaasnic.id]
vm_size = "Standard_DS1_v2"
delete_os_disk_on_termination = true
delete_data_disks_on_termination = true
storage_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "18.04-LTS"
version = "latest"
}
storage_os_disk {
name = "iaas-os-disk"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
}
os_profile {
computer_name = "iaas"
admin_username = var.ssh_user
admin_password = var.ssh_password
}
os_profile_linux_config {
disable_password_authentication = false
}
provisioner "remote-exec" {
inline = ["mkdir /tmp/ansible"]
connection {
host = azurerm_public_ip.iaaspubip.fqdn
user = var.ssh_user
password = var.ssh_password
}
}
provisioner "file" {
source = "ansible/"
destination = "/tmp/ansible"
connection {
host = azurerm_public_ip.iaaspubip.fqdn
user = var.ssh_user
password = var.ssh_password
}
}
provisioner "remote-exec" {
inline = [
"sudo apt update > /tmp/apt_update || cat /tmp/apt_update",
"sudo apt install -y python3-pip > /tmp/apt_install_python3_pip || cat /tmp/apt_install_python3_pip",
"sudo -H pip3 install ansible > /tmp/pip_install_ansible || cat /tmp/pip_install_ansible",
"ansible-playbook /tmp/ansible/main.yml"
]
connection {
host = azurerm_public_ip.iaaspubip.fqdn
user = var.ssh_user
password = var.ssh_password
}
}
}
Raw
output.tf
output "host" {
value = "${azurerm_public_ip.iaaspubip.fqdn}"
}
Raw
variables.tf
variable "os_disk_size" {
default = 30
}
variable "ssh_user" {
default = "tf_admin"
}
variable "ssh_password" {
default = "Sup3rS3cr3t-"
}
variable "dns_prefix" {
default = "MyFirstIaaSOnTerraform"
}
variable resource_group_name {
default = "MFIOT201906"
}
variable vnet_name {
default = "MFIOT201906_vnet"
}
variable subnet_name {
default = "MFIOT201906_subnet"
}
variable location {
default = "UK South"
}
Raw
versions.tf
terraform {
required_version = ">= 0.12"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment