N-Tier architecture service with a jumphost and a NAT instance. NAT instance is used for SNATing outbound from VMs in app-subnet.
Download and install terraform: https://www.terraform.io/downloads.html
Update variables such as subscription_id
and admin_name
in variables.tf
Run following command to get a service principal info. Note that if you have multiple subscriptions then you should set right default subscription.
az account set -s <subscription_id>
az ad sp create-for-rbac --role="Contributor" --scopes="/subscriptions/<subscription_id>"
Initialize first,
terraform init
Then apply terraform
terraform apply
- VM login - ssh public key or password
- Disk - OS disk with >30GiB and datadisk
- OS image - default or custom image for building custom image, refer packer
- Create multiple VMs
- Setting LB
- NAT instance - provision NAT instance, configure UDR and configure NAT using VM extension
- ASG - create and apply ASG
- Blob - create blob account and upload a file
For more information, please refer DOC.md
After provisioned, login to one of app
vm through jump box and test source ip using following command
curl ipinfo.io
-
terraform syntax: https://www.terraform.io/docs/configuration/syntax.html
-
iterpolation: https://www.terraform.io/docs/configuration/interpolation.html
-
lb-pool associate vms: hashicorp/terraform#13663
-
loops: https://blog.gruntwork.io/terraform-tips-tricks-loops-if-statements-and-gotchas-f739bbae55f9