askadm
/
terraform.azure.automation
1
0
Fork 0
Koodi Ongelmat 0 Pull-pyynnöt 0 Julkaisut 0 Wiki Toiminta
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commitit
1 Haara
47 KiB
 
 
Haara: master
Branchit Tagit
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
terraform.azure.automation/modules/azure_vm/main.tf

220 rivejä
9.3 KiB
Raaka Pysyvä linkki Blame Historia 

  1. terraform {

  2.   required_version = "~> 0.12.21"

  3.   required_providers {

  4.     azurerm = "~> 1.44"

  5.   }

  6. }

  7. 

  8. resource "azurerm_virtual_machine" "azvm" {

  9.   count = length(var.vms)

  10. 

  11.   name                             = var.vms[count.index].name

  12.   resource_group_name              = var.vms[count.index].resource_group_name

  13.   location                         = var.vms[count.index].location

  14.   network_interface_ids            = [for nic in var.vms[count.index].nics: azurerm_network_interface.nic[join("-nic", [var.vms[count.index].name, index(var.vms[count.index].nics, nic)])].id]

  15.   vm_size                          = var.vms[count.index].vm_size #Standard_D2s_v3, Standard_B2s

  16.   availability_set_id              = azurerm_availability_set.avset[var.vms[count.index].avset.name].id

  17.   tags                             = var.vms[count.index].tags

  18.   delete_os_disk_on_termination    = try(var.vms[count.index].delete_os_disk_on_termination, true)

  19.   delete_data_disks_on_termination = try(var.vms[count.index].delete_data_disks_on_termination, true)

  20.   #zones                            = try(var.vms[count.index].zones, null)

  21. 

  22.   storage_os_disk {

  23.     name          = join("-", [var.vms[count.index].name, "disk"])

  24.     caching       = var.vms[count.index].storage_os_disk.caching #None, ReadOnly or ReadWrite

  25.     create_option = var.vms[count.index].storage_os_disk.create_option #Attach, FromImage

  26.     disk_size_gb  = var.vms[count.index].storage_os_disk.disk_size_gb

  27.     os_type       = var.vms[count.index].storage_os_disk.os_type #Linux or Windows

  28.   }

  29.   

  30.   dynamic "os_profile" {

  31.     for_each = var.vms[count.index].os_profile

  32.     content {

  33.       computer_name  = var.vms[count.index].name

  34.       admin_username = try(os_profile.value.admin_username, "") != "" ? os_profile.value.admin_username : "master"

  35.       admin_password = try(os_profile.value.admin_password, null)

  36.     }

  37.   }

  38.   

  39.   dynamic "os_profile_linux_config" {

  40.     for_each = try(var.vms[count.index].os_profile_linux_config, [])

  41.     content {

  42.       disable_password_authentication = os_profile_linux_config.value.disable_password_authentication

  43.       dynamic "ssh_keys" {

  44.         for_each = os_profile_linux_config.value.disable_password_authentication ? os_profile_linux_config.value.ssh_keys : {}

  45.         content {

  46.           key_data = try(ssh_keys.value.file, "") != "" ? file("${ssh_keys.value.file}") : var.default_ssh_pubkey

  47.           path     = try(ssh_keys.value.dst_path, "") != "" ? ssh_keys.value.dst_path : format("/home/%s/.ssh/authorized_keys", "master")

  48.         }

  49.       }

  50.     }

  51.   }

  52. 

  53.   dynamic "os_profile_windows_config" {

  54.     for_each = try(var.vms[count.index].os_profile_windows_config, [])

  55.     content {

  56.       provision_vm_agent = os_profile_windows_config.value.provision_vm_agent

  57.       enable_automatic_upgrades = os_profile_windows_config.value.enable_automatic_upgrades

  58.       timezone = os_profile_windows_config.value.timezone #https://jackstromberg.com/2017/01/list-of-time-zones-consumed-by-azure/

  59.       winrm {

  60.         protocol        = os_profile_windows_config.value.protocol #HTTP or HTTPS

  61.         certificate_url = os_profile_windows_config.value.certificate_url

  62.       }

  63.     }

  64.   }

  65. 

  66.   dynamic "plan" {

  67.     for_each = try(var.vms[count.index].plan, [])

  68.     content {

  69.       name      = plan.value.name

  70.       publisher = plan.value.publisher

  71.       product   = plan.value.product

  72.     }

  73.   }

  74. 

  75.   dynamic "storage_data_disk" {

  76.     for_each = try(var.vms[count.index].storage_data_disk, [])

  77.     content {

  78.       name          = storage_data_disk.value.name

  79.       caching       = try(storage_data_disk.value.caching, "ReadOnly") #None, ReadOnly or ReadWrite

  80.       create_option = try(storage_data_disk.value.create_option, "Empty") #Attach, FromImage and Empty

  81.       disk_size_gb  = storage_data_disk.value.disk_size_gb

  82.       lun           = storage_data_disk.value.lun

  83.     }

  84.   }

  85. 

  86.   dynamic "storage_image_reference" {

  87.     for_each = var.vms[count.index].storage_image_reference

  88.     content {

  89.       publisher = storage_image_reference.value.publisher

  90.       offer     = storage_image_reference.value.offer

  91.       sku       = storage_image_reference.value.sku

  92.       version   = storage_image_reference.value.version

  93.       id        = try(storage_image_reference.value.id, null)

  94.     }

  95.   }

  96. 

  97.   depends_on = [azurerm_marketplace_agreement.accept, var.azvm_depends_on]

  98. }

  99. 

  100. locals {

  101.   # flatten ensures that this local value is a flat list of objects, rather

  102.   # than a list of lists of objects.

  103.   avsets = flatten([

  104.     for vm in var.vms : {

  105.       name                         = vm.avset.name

  106.       location                     = vm.location

  107.       resource_group_name          = try(vm.avset.resource_group_name, vm.resource_group_name)

  108.       platform_update_domain_count = try(vm.avset.platform_update_domain_count, 2)

  109.       platform_fault_domain_count  = try(vm.avset.platform_fault_domain_count, 2)

  110.       managed                      = try(vm.avset.managed, true) #true => Aligned, false => Classic 

  111.       tags                         = try(vm.avset.tags, vm.tags)

  112.     }

  113.   ])

  114. }

  115. 

  116. resource "azurerm_availability_set" "avset" {

  117.   for_each = {

  118.     for avs in local.avsets:

  119.     avs.name => avs...

  120.   }

  121.   

  122.   name                         = each.value[0].name

  123.   location                     = each.value[0].location

  124.   resource_group_name          = each.value[0].resource_group_name

  125.   platform_update_domain_count = each.value[0].platform_update_domain_count

  126.   platform_fault_domain_count  = each.value[0].platform_fault_domain_count

  127.   managed                      = each.value[0].managed

  128.   tags                         = each.value[0].tags

  129. }

  130. 

  131. locals {

  132.   # flatten ensures that this local value is a flat list of objects, rather

  133.   # than a list of lists of objects.

  134.   images = flatten([

  135.     for vm in var.vms : [

  136.       for image in vm.storage_image_reference : {

  137.         name      = join("-", [image.publisher, image.offer, image.sku])

  138.         publisher = image.publisher

  139.         offer     = image.offer

  140.         plan      = image.sku

  141.       }

  142.     ]

  143.   ])

  144. }

  145. 

  146. resource "azurerm_marketplace_agreement" "accept" {

  147.   for_each = {

  148.     for image in local.images:

  149.     image.name => image...

  150.   }

  151.   

  152.   publisher = each.value[0].publisher

  153.   offer     = each.value[0].offer

  154.   plan      = each.value[0].plan

  155. }

  156. 

  157. locals {

  158.   # flatten ensures that this local value is a flat list of objects, rather

  159.   # than a list of lists of objects.

  160.   nics = flatten([

  161.     for vm in var.vms : [

  162.       for nic in vm.nics : {

  163.         name                           = join("-nic", [vm.name, index(vm.nics, nic)])

  164.         location                       = vm.location

  165.         resource_group_name            = nic.resource_group_name

  166.         enable_ip_forwarding           = try(nic.enable_ip_forwarding, false)

  167.         enable_accelerated_networking  = try(nic.enable_accelerated_networking, false)

  168.         tags                           = nic.tags

  169.         nsg                            = nic.nsg

  170.         subnet                         = nic.subnet

  171.         ip_configuration               = {

  172.           "name"                          = "${join("-nic", [vm.name, index(vm.nics, nic)])}-ipc"

  173.           "private_ip_address_allocation" = try(nic.ip_configuration.private_ip_address_allocation, "Static")

  174.           "private_ip_address_version"    = try(nic.ip_configuration.private_ip_address_version, "IPv4")

  175.           "private_ip_address"            = try(nic.ip_configuration.private_ip_address_allocation, "Static") == "Static" ? nic.ip_configuration.private_ip_address : null

  176.           "public_ip_address_id"          = try(nic.ip_configuration.public_ip_address_id, null)

  177.         }

  178.       }

  179.     ]

  180.   ])

  181. }

  182. 

  183. resource "azurerm_network_interface" "nic" {

  184.   for_each = {for nic in local.nics: nic.name => nic}

  185. 

  186.   name                          = each.value.name

  187.   location                      = each.value.location

  188.   resource_group_name           = each.value.resource_group_name

  189.   enable_ip_forwarding          = each.value.enable_ip_forwarding

  190.   enable_accelerated_networking = each.value.enable_accelerated_networking

  191.   network_security_group_id     = data.azurerm_network_security_group.nsg[each.value.name].id

  192.   tags                          = each.value.tags

  193. 

  194.   ip_configuration {

  195.     name                          = each.value.ip_configuration.name 

  196.     subnet_id                     = data.azurerm_subnet.sub[each.value.name].id

  197.     private_ip_address_allocation = each.value.ip_configuration.private_ip_address_allocation

  198.     private_ip_address_version    = each.value.ip_configuration.private_ip_address_version

  199.     private_ip_address            = try(each.value.ip_configuration.private_ip_address, null)

  200.     public_ip_address_id          = try(each.value.ip_configuration.public_ip_address_id, null)

  201.   }

  202. }

  203. 

  204. data "azurerm_network_security_group" "nsg" {

  205.   for_each = {for nic in local.nics: nic.name => nic}

  206. 

  207.   name                 = each.value.nsg.name

  208.   resource_group_name  = each.value.nsg.resource_group_name

  209.   depends_on = [var.azvm_depends_on]

  210. }

  211. 

  212. data "azurerm_subnet" "sub" {

  213.   for_each = {for nic in local.nics: nic.name => nic}

  214. 

  215.   name                 = each.value.subnet.name

  216.   virtual_network_name = each.value.subnet.virtual_network_name

  217.   resource_group_name  = each.value.subnet.resource_group_name

  218.   depends_on = [var.azvm_depends_on]

  219. }