Automating infrastructure setup in Azure Cloud using Terraform and Azure DevOps is a powerful approach to managing your infrastructure as code (IaC). This allows you to define and manage your Azure resources programmatically, version control your infrastructure configurations, and automate the deployment process.
We will be creating a Java based WebApp(app service) in Azure cloud using Terraform and automate the process using Azure Devops Pipelines.
Create storage account, container for Terraform to store state information in Azure cloud remotely.
Create pipeline and add Terraform tasks
Execute pipeline to deploy resources(App service plan and WebApp) in Azure cloud
Verify resources are created in Azure cloud
Confirm if the terraform.tfstate file is updated
Create Resource Group in Azure cloud
Login to Azure portal, Create a new RG, or you can skip this step if you already have existing group.
Create Storage Account in Azure cloud
Create a new resource, type storage account
Click on create
select RG, enter unique account name, select standard as performance, select locally redundant storage
Click on create
Create a container inside the storage account
Select the storage account you just created, click on containers under Data storage
enter a name for the container
Create a pipeline in Azure DevOps
Login to Azure Devops, select Pipelines, select use the classic editor to create a pipeline
Configure Pipeline with tasks
Add Terraform installer task to install Terraform on build agent
Add Terraform task
Configure the task
enter storage account, container, key information as below:
Add terraform tasks to plan, apply
Add Terraform task for plan
change the command to plan from drop down and also select azure subscription from drop down
Add Terraform task for apply
change the command to apply from drop down and also select azure subscription from drop down
Now verify to make sure if we have correct values in each/every task. Now click on Save + Queue.
Click on Save and Run
This confirms that pipeline have successfully created resources in Azure cloud. You can login to Azure portal to see the resources - app service plan and web app.
You can also verify terraform state info which has resources entry for all the resources created
Click on Containers, mytfstatecontainer
Click on terraform.tfstate
Click on Edit to view the content of terraform state file
Clean up resources created in Azure using the pipeline - destroy command
change the command to destroy instead of apply from the drop down
You can either add a new task for destroy or modify to destroy from apply in the existing task.
Now save the pipeline and run the pipeline. check the output of destroy task
Let's learn how to connect to a Virtual machine running in Azure cloud from your local machine. Your local machine can be a Windows laptop or MacBook laptop.
Pre-requisites:
1. Keys(for e.g., yourkey.pem) already downloaded in your local machine, preferably in downloads folder. 2. Azure VM is up and running 3. SSH client - for Windows laptop, you need to install an SSH client such as Git bash or putty. You can download Git from this URL - https://git-scm.com/downloads. For Apple laptop you need to download iTerm from here.
Windows Laptop instructions 5. Go to your local machine, Open Git Bash in Windows
make sure you are in downloads directory where your keys got downloaded. Type the below commands:
type below commands:
pwd
this should tell you which directory you are and then navigate to downloads dir.
cd ~/downloads
Now copy the value from Example in the above screen
ssh -i myAzVMKey.pem azureuser@104.43.214.12
and then type enter, say yes and enter
now you should be in Azure cloud, screen should show something like this, It means you are successfully connected to VM instance running on Azure cloud.
Mac Book Laptop or iMac Instructions
Open iTerm window, type the below command to go to downloads directory.
cd downloads
For few Mac laptops, it may add .txt in the end of pem file. in that case you need to remove .txt in the end
ssh -i myAzVMKey.pem azureuser@104.43.214.12
pwd and then execute below command to make sure the keys have only read permissions.
chmod 400 *.pem
6. Paste the url from example highlighted above in step # 4.
ssh -i myAzVMKey.pem azureuser@104.43.214.12
7. type yes when it is asking to connect.
8. now you should be in Azure cloud, screen should show something like this, It means you are successfully connected to VM instance running on Azure cloud.
Ansible is an open-source, configuration management tool that automates cloud provisioning, configuration management, and application deployments. Using Ansible you can provision virtual machines, containers, network, and complete cloud infrastructures.
Automate Azure cloud infrastructure setup using Ansible and Azure pipeline
Integrate Ansible with Azure Cloud
Integrating Ansible with Microsoft Azure allows you to automate and manage your Azure infrastructure using Ansible playbooks and modules. Ansible provides a collection of Azure-specific modules that enable you to provision and configure resources in Azure.
To configure Azure credentials, you need the following information:
Your Azure subscription ID and tenant ID
The service principal application ID and secret
Pre-requisites:
Azure account subscription, click here if you don't have one.
Service principal to create any resources in Azure cloud using Azure cloud shell or Azure CLI
Create Azure Service Principal
Run the following commands to create an Azure Service Principal:
az ad sp create-for-rbac --name <service-principal-name> \
--role Contributor \
--scopes /subscriptions/<subscription_id>
Save the above output in a file as you will not be able retrieve later.
Create an Ansible playbook
Create a simple playbook to create resource group in Azure. Make sure you modify the name of the resource group and location below.
How to setup Ansible on Red Hat Linux VM and Integrate with Azure Cloud?
Ansible is #1 configuration management tool. It can also be used for infrastructureprovisioning as well. or You can use Ansible in combination of Terraform which can take care of infra automation and Ansible can do configuration management. We will be setting up Ansible on Red Hat VM in Azure cloud And create some resources in Azure Cloud by using Ansible playbooks.
Ansible Architecture:
The best way to install Ansible in Linux is to use PIP, a package manager for Python.
In this section, you create a local credentials file to provide credentials to Ansible. For security reasons, credential files should only be used in development environments.
mkdir ~/.azure
vi ~/.azure/credentials
Insert the following lines into the file. Replace the placeholders with the service principal values.