Activity 2: Contd

• We have two things left
• Error which we got while destroying. Refer Here for the fix
  
• Deploying the application on the linux vm
  • This will be done post the 3 acvitity

Activity 3: Create a ntier architecture in Azure

• Reference Architecture
  
• In Azure Every resource has to belong to a resource group
  
  
• Now lets create a virtual Network
  
  
  
  
  
• In Azure
• any resource by default is public if it has public ip & private if it doesnot have public ip.
• To route the traffic from internet into vnet and with in vnet we dont need to create a route table because this is part of default routing.
• Linux Virtual machines support key based authentication as well as password based authentication. User needs to provide username & Key/password
• Now after creating vnet look into the resource
  
  
• Now lets create a linux vm with ubuntu in web1 subnet
  
  
  
  
  
  
  
  
  
  
• Once the vm is create let try to login into the vm
  
  
• Now for realizing this activity in Azure using terraform we need a provider Refer Herefor the azurerm provider
• This can be done by adding the provider.tf with the following and now execute terraform init

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "=2.46.0"
    }
  }
}

# Configure the Microsoft Azure Provider
provider "azurerm" {
  features {}
}

• Authentication in Azure from terraform can be done in multiple ways, generally on ci based systems we would use service prinicipal approach Refer Here and in developer systems we can use cli based approach. Refer Here
• To review all the authentication mechanisms Refer Here
• Lets try to configure azure with Service Principal
• Launch Cloud Shell
  
  
• Now run the following commands and make a note of client_id, client_secret and tenant_id. and then in the next command make a note of subscription id

az ad sp create-for-rbac --role Contributor --query "{client_id: appId, client_secret: password, tenant_id: tenant}"

az account show --query "{subscription_id: id}"

• We can pass client id, client secret, tenant_id and subscription_id from arguments of the provider. But it is not a good practice
• We will be creating environmental variables
• Linux

export ARM_CLIENT_ID="00000000-0000-0000-0000-000000000000"
export ARM_CLIENT_SECRET="00000000-0000-0000-0000-000000000000"
export ARM_SUBSCRIPTION_ID="00000000-0000-0000-0000-000000000000"
export ARM_TENANT_ID="00000000-0000-0000-0000-000000000000"

• Windows Powershell

$env:ARM_CLIENT_ID="00000000-0000-0000-0000-000000000000"
$env:ARM_CLIENT_SECRET="00000000-0000-0000-0000-000000000000"
$env:ARM_SUBSCRIPTION_ID="00000000-0000-0000-0000-000000000000"
$env:ARM_TENANT_ID="00000000-0000-0000-0000-000000000000"

• Lets execute terraform init
  
• The first step is to create a resource group
  
• Refer Here for the official docs
• Now create a resource group. Refer Here for the changes.
  
  
  
• Now lets create a virtual network. Refer Here for the official docs
• Now lets add subnets, while adding subnets lets use dynamic functions to calcuate cidr ranges and make use of explicit dependencies. Refer Here
  
• Now we need to create a network security group for web (80 and 22 port open to all) Refer Here for the official docs
• Now lets create a public ip address Refer Here for official docs
• Now lets try to create network interface Refer Here
• Now we need to associate nsg to nic Refer Here
• At this point we have created all the network related elements
• Refer Here for the changes done
  
• Now we need to create a linux vm with ubuntu 20.04
  
• Lets use azurerm_linux_virtual_machine. Refer Here for the official docs
• Now apply the changes Refer Here for the changes done