commands.sh
# make sure terraform CLI is installed terraform # format the tf files terraform fmt # initialize terraform Azure modules terraform init # validate the template terraform validate # plan and save the infra changes into tfplan file terraform plan -out tfplan # show the tfplan file terraform show -json tfplan terraform show -json tfplan >> tfplan.json # Format tfplan.json file terraform show -json tfplan | jq '.' > tfplan.json # apply the infra changes terraform apply tfplan # delete the infra terraform destroy # cleanup files rm terraform.tfstate rm terraform.tfstate.backup rm tfplan rm tfplan.json rm -r .terraform/
providers.tf
provider "azurerm" { features {} } terraform { required_providers { azurerm = { source = "hashicorp/azurerm" version = "2.78.0" } } }
main.tf
# Create a resource group if it doesn't exist resource "azurerm_resource_group" "rg" { name = var.resource_group_name location = var.resource_group_location tags = { environment = "production" } } # Create virtual network resource "azurerm_virtual_network" "vnet" { name = var.virtual_network_name address_space = ["10.0.0.0/16"] location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name tags = { environment = "production" } } # Create subnet resource "azurerm_subnet" "subnet" { name = var.subnet_name resource_group_name = azurerm_resource_group.rg.name virtual_network_name = azurerm_virtual_network.vnet.name address_prefixes = ["10.0.1.0/24"] } # Create public IPs resource "azurerm_public_ip" "public_ip" { name = var.public_ip_name location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name allocation_method = "Dynamic" tags = { environment = "production" } } resource "azurerm_public_ip" "public_ip2" { name = var.public_ip_name2 location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name allocation_method = "Dynamic" tags = { environment = "production" } } resource "azurerm_public_ip" "public_ip3" { name = var.public_ip_name3 location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name allocation_method = "Dynamic" tags = { environment = "production" } } # Create Network Security Group and rule resource "azurerm_network_security_group" "nsg" { name = var.network_security_group_name location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name security_rule { name = "SSH" priority = 1001 direction = "Inbound" access = "Allow" protocol = "Tcp" source_port_range = "*" destination_port_ranges = ["22", "8080"] source_address_prefix = "*" destination_address_prefix = "*" } tags = { environment = "production" } } # Create network interface resource "azurerm_network_interface" "nic" { name = var.network_interface_name location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name ip_configuration { name = "myNicConfiguration" subnet_id = azurerm_subnet.subnet.id private_ip_address_allocation = "Dynamic" public_ip_address_id = azurerm_public_ip.public_ip.id } tags = { environment = "production" } } resource "azurerm_network_interface" "nic2" { name = var.network_interface_name2 location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name ip_configuration { name = "myNicConfiguration2" subnet_id = azurerm_subnet.subnet.id private_ip_address_allocation = "Dynamic" public_ip_address_id = azurerm_public_ip.public_ip2.id } tags = { environment = "production" } } resource "azurerm_network_interface" "nic3" { name = var.network_interface_name3 location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name ip_configuration { name = "myNicConfiguration3" subnet_id = azurerm_subnet.subnet.id private_ip_address_allocation = "Dynamic" public_ip_address_id = azurerm_public_ip.public_ip3.id } tags = { environment = "production" } } # Connect the security group to the network interface resource "azurerm_network_interface_security_group_association" "association" { network_interface_id = azurerm_network_interface.nic.id network_security_group_id = azurerm_network_security_group.nsg.id } resource "azurerm_network_interface_security_group_association" "association2" { network_interface_id = azurerm_network_interface.nic2.id network_security_group_id = azurerm_network_security_group.nsg.id } resource "azurerm_network_interface_security_group_association" "association3" { network_interface_id = azurerm_network_interface.nic3.id network_security_group_id = azurerm_network_security_group.nsg.id } # Generate random text for a unique storage account name resource "random_id" "randomId" { keepers = { # Generate a new ID only when a new resource group is defined resource_group = azurerm_resource_group.rg.name } byte_length = 8 } # Create storage account for boot diagnostics resource "azurerm_storage_account" "storage" { name = "diag${random_id.randomId.hex}" resource_group_name = azurerm_resource_group.rg.name location = azurerm_resource_group.rg.location account_tier = "Standard" account_replication_type = "LRS" tags = { environment = "production" } } # Create (and display) an SSH key resource "tls_private_key" "example_ssh" { algorithm = "RSA" rsa_bits = 4096 } # Create virtual machine resource "azurerm_linux_virtual_machine" "linuxvm" { name = var.linux_virtual_machine_name location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name network_interface_ids = [azurerm_network_interface.nic.id] size = "Standard_DS1_v2" os_disk { name = "myOsDisk" caching = "ReadWrite" storage_account_type = "Premium_LRS" } source_image_reference { publisher = "OpenLogic" offer = "CentOS" sku = "8_4" version = "latest" } computer_name = var.linux_virtual_machine_name admin_username = "azureuser" disable_password_authentication = true admin_ssh_key { username = "azureuser" public_key = tls_private_key.example_ssh.public_key_openssh } boot_diagnostics { storage_account_uri = azurerm_storage_account.storage.primary_blob_endpoint } tags = { environment = "production" } } resource "azurerm_linux_virtual_machine" "linuxvm2" { name = var.linux_virtual_machine_name2 location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name network_interface_ids = [azurerm_network_interface.nic2.id] size = "Standard_DS1_v2" os_disk { name = "myOsDisk2" caching = "ReadWrite" storage_account_type = "Premium_LRS" } source_image_reference { publisher = "OpenLogic" offer = "CentOS" sku = "8_4" version = "latest" } computer_name = var.linux_virtual_machine_name2 admin_username = "azureuser" disable_password_authentication = true admin_ssh_key { username = "azureuser" public_key = tls_private_key.example_ssh.public_key_openssh } boot_diagnostics { storage_account_uri = azurerm_storage_account.storage.primary_blob_endpoint } tags = { environment = "production" } } resource "azurerm_linux_virtual_machine" "linuxvm3" { name = var.linux_virtual_machine_name3 location = azurerm_resource_group.rg.location resource_group_name = azurerm_resource_group.rg.name network_interface_ids = [azurerm_network_interface.nic3.id] size = "Standard_DS1_v2" os_disk { name = "myOsDisk3" caching = "ReadWrite" storage_account_type = "Premium_LRS" } source_image_reference { publisher = "OpenLogic" offer = "CentOS" sku = "8_4" version = "latest" } computer_name = var.linux_virtual_machine_name3 admin_username = "azureuser" disable_password_authentication = true admin_ssh_key { username = "azureuser" public_key = tls_private_key.example_ssh.public_key_openssh } boot_diagnostics { storage_account_uri = azurerm_storage_account.storage.primary_blob_endpoint } tags = { environment = "production" } }
variables.tf
variable "resource_group_name" { type = string description = "RG name in Azure" } variable "resource_group_location" { type = string description = "RG location in Azure" } variable "virtual_network_name" { type = string description = "VNET name in Azure" } variable "subnet_name" { type = string description = "Subnet name in Azure" } variable "public_ip_name" { type = string description = "Public IP name in Azure" } variable "public_ip_name2" { type = string description = "Public IP name in Azure" } variable "public_ip_name3" { type = string description = "Public IP name in Azure" } variable "network_security_group_name" { type = string description = "NSG name in Azure" } variable "network_interface_name" { type = string description = "NIC name in Azure" } variable "network_interface_name2" { type = string description = "NIC name in Azure" } variable "network_interface_name3" { type = string description = "NIC name in Azure" } variable "linux_virtual_machine_name" { type = string description = "Linux VM name in Azure" } variable "linux_virtual_machine_name2" { type = string description = "Linux VM name in Azure" } variable "linux_virtual_machine_name3" { type = string description = "Linux VM name in Azure" }
terraform.tfvars
resource_group_name = "automation_mart" resource_group_location = "East US 2" virtual_network_name = "vnetforAutomation" subnet_name = "subnetforAutomation" public_ip_name = "publicip019" public_ip_name2 = "publicip020" public_ip_name3 = "publicip021" network_security_group_name = "nsgprod019" network_interface_name = "nicprod019" network_interface_name2 = "nicprod020" network_interface_name3 = "nicprod021" linux_virtual_machine_name = "jenkins" linux_virtual_machine_name2 = "ansible" linux_virtual_machine_name3 = "docker"
outputs.tf
output "vm_id" { value = azurerm_linux_virtual_machine.linuxvm.id } output "vm_ip" { value = azurerm_linux_virtual_machine.linuxvm.public_ip_address } output "vm_id2" { value = azurerm_linux_virtual_machine.linuxvm2.id } output "vm_ip2" { value = azurerm_linux_virtual_machine.linuxvm2.public_ip_address } output "vm_id3" { value = azurerm_linux_virtual_machine.linuxvm3.id } output "vm_ip3" { value = azurerm_linux_virtual_machine.linuxvm3.public_ip_address } output "tls_private_key" { value = tls_private_key.example_ssh.private_key_pem sensitive = true }
I
No comments:
Post a Comment