목차

01. 사전조건

  1. 환경준비 를 참조하여, 환경을 준비 합니다.
  2. Packer로 VM Image 만들기를 구성합니다.

02. Terraform 템플릿

  • Visual Studio Code를 실행하고, WSL Terminal을 실행합니다.
  • Git Clone로 IaC Template을 복제 합니다.

    Git Clone
    git clone https://github.com/Sanses/IaC.git
    
    Git Clone
    cd IaC/terraform-vmss
    
    ls -al
    terraform.tfvars
    vmss.tf
    variables.tf
    output.tf
    
  • terraform.tfvars 환경변수 값을 설정 합니다.
    자격증명은 '03. Terraform으로 Log Workspace생성' 문서에서 생성한 값을 그대로 이용합니다.

    terraform.tfvars
    subscription_id = "{subscription_id}"
    tenant_id = "{tenant_id}"
    client_id = "{client_id}"
    client_secret = "{client_secret}"
  • Terraform Template를 확인 합니다.

    vmss.tf
    resource "azurerm_resource_group" "vmss" {
      name     = var.resource_group_name
      location = var.location
    
      tags = {
        environment = "codelab"
      }
    }
    resource "azurerm_network_security_group" "vmss" {
        name                = "vmssnsg"
        location            = var.location
        resource_group_name = azurerm_resource_group.vmss.name
        
        security_rule {
            name                       = "https"
            priority                   = 1001
            direction                  = "Outbound"
            access                     = "Allow"
            protocol                   = "Tcp"
            source_port_range          = "*"
            destination_port_range     = "443"
            source_address_prefix      = "*"
            destination_address_prefix = "*"
        }
    
        tags = {
            environment = "codelab"
        }
    }
    
    resource "azurerm_virtual_network" "vmss" {
      name                = "vmss-vnet"
      address_space       = ["10.0.0.0/16"]
      location            = var.location
      resource_group_name = azurerm_resource_group.vmss.name
    
      tags = {
        environment = "codelab"
      }
    }
    
    resource "azurerm_subnet" "vmss" {
      name                 = "vmss-subnet"
      resource_group_name  = azurerm_resource_group.vmss.name
      virtual_network_name = azurerm_virtual_network.vmss.name
      address_prefix       = "10.0.2.0/24"
    }
    
    resource "azurerm_subnet_network_security_group_association" "vmss" {
      subnet_id                 = azurerm_subnet.vmss.id
      network_security_group_id = azurerm_network_security_group.vmss.id
    }
    
    resource "azurerm_public_ip" "vmss" {
      name                         = "vmss-public-ip"
      location                     = var.location
      resource_group_name          = azurerm_resource_group.vmss.name
      allocation_method            = "Static"
      domain_name_label            = azurerm_resource_group.vmss.name
    
      tags = {
        environment = "codelab"
      }
    }
    
    resource "azurerm_lb" "vmss" {
      name                = "vmss-lb"
      location            = var.location
      resource_group_name = azurerm_resource_group.vmss.name
    
      frontend_ip_configuration {
        name                 = "PublicIPAddress"
        public_ip_address_id = azurerm_public_ip.vmss.id
      }
    
      tags = {
        environment = "codelab"
      }
    }
    
    resource "azurerm_lb_backend_address_pool" "bpepool" {
      resource_group_name = azurerm_resource_group.vmss.name
      loadbalancer_id     = azurerm_lb.vmss.id
      name                = "BackEndAddressPool"
    }
    
    resource "azurerm_lb_probe" "vmss" {
      resource_group_name = azurerm_resource_group.vmss.name
      loadbalancer_id     = azurerm_lb.vmss.id
      name                = "ssh-running-probe"
      port                = var.application_port
    }
    
    resource "azurerm_lb_rule" "lbnatrule" {
      resource_group_name            = azurerm_resource_group.vmss.name
      loadbalancer_id                = azurerm_lb.vmss.id
      name                           = "http"
      protocol                       = "Tcp"
      frontend_port                  = var.application_port
      backend_port                   = var.application_port
      backend_address_pool_id        = azurerm_lb_backend_address_pool.bpepool.id
      frontend_ip_configuration_name = "PublicIPAddress"
      probe_id                       = azurerm_lb_probe.vmss.id
    }
    
    data "azurerm_resource_group" "image" {
      name = var.packer_resource_group_name
    }
    
    data "azurerm_image" "image" {
      name                = var.packer_image_name
      resource_group_name = data.azurerm_resource_group.image.name
    }
    
    resource "azurerm_virtual_machine_scale_set" "vmss" {
      name                = "vmscaleset"
      location            = var.location
      resource_group_name = azurerm_resource_group.vmss.name
      upgrade_policy_mode = "Manual"
    
      sku {
        name     = "Standard_DS1_v2"
        tier     = "Standard"
        capacity = 2
      }
    
      storage_profile_image_reference {
        id=data.azurerm_image.image.id
      }
    
      storage_profile_os_disk {
        name              = ""
        caching           = "ReadWrite"
        create_option     = "FromImage"
        managed_disk_type = "Standard_LRS"
      }
    
      storage_profile_data_disk {
        lun          = 0
        caching        = "ReadWrite"
        create_option  = "Empty"
        disk_size_gb   = 10
      }
    
      os_profile {
        computer_name_prefix = "vmlab"
        admin_username       = "azureuser"
        admin_password       = "Passwword1234"
      }
    
    
      network_profile {
        name    = "terraformnetworkprofile"
        primary = true
    
        ip_configuration {
          name                                   = "IPConfiguration"
          subnet_id                              = azurerm_subnet.vmss.id
          load_balancer_backend_address_pool_ids = [azurerm_lb_backend_address_pool.bpepool.id]
          primary = true
        }
      }
      
      tags = {
        environment = "codelab"
      }
    }
    variables.tf
     variable "location" {
      description = "The location where resources are created"
      default     = "koreacentral"
    }
    
    variable "resource_group_name" {
      description = "The name of the resource group in which the resources are created"
      default     = "sanse20200107"
    }
    
    variable "application_port" {
        description = "The port that you want to expose to the external load balancer"
        default     = 80
    }
    
    variable "admin_password" {
        description = "Default password for admin"
        default = "1qazxsw23edC"
    }
    
    variable "packer_resource_group_name" {
      description = "The name of the resource group in which the resources are created"
      default     = "sanseIAC"
    }
    
    variable "packer_image_name" {
        description = "Default password for admin"
        default = "PackerImage"
    }
    
    variable "codelabtag" {
        description = "Default tag"
        default = "codelab"
    }
    output.tf
    output "vmss_public_ip" {
        value = azurerm_public_ip.vmss.fqdn
    }

03. Terraform으로 VMSS(Virtual Machine Scale Sets)환경 프로비저닝

  • 초기화
    terraform init
    PLAN
    terraform plan
    적용
    terraform apply
    결과
    Apply complete! Resources: 11 added, 0 changed, 0 destroyed.
    
    Outputs:
    
    vmss_public_ip = sanseterraform.koreacentral.cloudapp.azure.com


  • No labels
Write a comment…