{Terraform} ALB/Azure

Terraform

 

https://learn.microsoft.com/ja-jp/azure/application-gateway/quick-create-terraform

 

cat <<-'EOF' > providers.tf

terraform {
  required_version = ">=1.2"
  
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "~> 3.0"
    }
    random = {
      source = "hashicorp/random"
      version = "~> 3.0"
    }
  }
}

provider "azurerm" {
  features {}
}

EOF

 


cat <<-'EOF' > main.tf


resource "azurerm_resource_group" "rg9999999" {
  name     = "rg9999999"
  location = "japaneast"
}

resource "azurerm_virtual_network" "vnet01" {
  name                = "vnet01"
  resource_group_name = azurerm_resource_group.rg9999999.name
  location            = azurerm_resource_group.rg9999999.location
  address_space       = ["10.0.0.0/16"]
}

resource "azurerm_subnet" "subnet01" {
  name                 = "subnet01"
  resource_group_name  = azurerm_resource_group.rg9999999.name
  virtual_network_name = azurerm_virtual_network.vnet01.name
  address_prefixes     = ["10.0.0.0/24"]
}

resource "azurerm_subnet" "subnet02" {
  name                 = "subnet02"
  resource_group_name  = azurerm_resource_group.rg9999999.name
  virtual_network_name = azurerm_virtual_network.vnet01.name
  address_prefixes     = ["10.0.1.0/24"]
}

resource "azurerm_public_ip" "pip01" {
  name                = "pip01"
  resource_group_name = azurerm_resource_group.rg9999999.name
  location            = azurerm_resource_group.rg9999999.location
  allocation_method   = "Static"
  sku                 = "Standard"
}


resource "azurerm_network_interface" "nic" {
  count               = 2
  name                = "nic${count.index+1}"
  location            = azurerm_resource_group.rg9999999.location
  resource_group_name = azurerm_resource_group.rg9999999.name

  ip_configuration {
    name                          = "nicipconfig${count.index+1}"
    subnet_id                     = azurerm_subnet.subnet02.id
    private_ip_address_allocation = "Dynamic"
  }
}

resource "random_password" "password" {
  length  = 16
  special = true
  lower   = true
  upper   = true
  numeric = true
}


resource "azurerm_windows_virtual_machine" "vm" {
  count               = 2
  name                = "vm${count.index+1}"
  resource_group_name = azurerm_resource_group.rg9999999.name
  location            = azurerm_resource_group.rg9999999.location
  size                = "Standard_DS1_v2"
  admin_username      = "azureuser"
  admin_password      = random_password.password.result

  network_interface_ids = [
    azurerm_network_interface.nic[count.index].id,
  ]

  os_disk {
    caching              = "ReadWrite"
    storage_account_type = "Standard_LRS"
  }


  source_image_reference {
    publisher = "MicrosoftWindowsServer"
    offer     = "WindowsServer"
    sku       = "2019-Datacenter"
    version   = "latest"
  }
}

resource "azurerm_virtual_machine_extension" "vmext" {
  count                = 2
  name                 = "vmext${count.index+1}-ext"
  virtual_machine_id   = azurerm_windows_virtual_machine.vm[count.index].id
  publisher            = "Microsoft.Compute"
  type                 = "CustomScriptExtension"
  type_handler_version = "1.10"

  settings = <<SETTINGS
    {
        "commandToExecute": "powershell Add-WindowsFeature Web-Server; powershell Add-Content -Path \"C:\\inetpub\\wwwroot\\Default.htm\" -Value $($env:computername)"
    }
SETTINGS

}


resource "azurerm_application_gateway" "ag01" {
  name                = "ag01"
  resource_group_name = azurerm_resource_group.rg9999999.name
  location            = azurerm_resource_group.rg9999999.location

  sku {
    name     = "Standard_v2"
    tier     = "Standard_v2"
    capacity = 1
  }

  gateway_ip_configuration {
    name      = "ag01ipconfig"
    subnet_id = azurerm_subnet.subnet01.id
  }

  frontend_port {
    name = "fp01"
    port = 80
  }

  frontend_ip_configuration {
    name                 = "fic01"
    public_ip_address_id = azurerm_public_ip.pip01.id
  }

  http_listener {
    name                           = "lis01"
    frontend_ip_configuration_name = "fic01"
    frontend_port_name             = "fp01"
    protocol                       = "Http"
  }

  backend_address_pool {
    name = "bap01"
  }

  backend_http_settings {
    name                  = "bhs01"
    cookie_based_affinity = "Disabled"
    port                  = 80
    protocol              = "Http"
    request_timeout       = 60
  }

  request_routing_rule {
    name                       = "rrr01"
    rule_type                  = "Basic"
    http_listener_name         = "lis01"
    backend_address_pool_name  = "bap01"
    backend_http_settings_name = "bhs01"
    priority                   = 1
  }
}


resource "azurerm_network_interface_application_gateway_backend_address_pool_association" "nicbap01" {
  count                   = 2
  network_interface_id    = azurerm_network_interface.nic[count.index].id
  ip_configuration_name   = "nicipconfig${count.index+1}"
  backend_address_pool_id = one(azurerm_application_gateway.ag01.backend_address_pool).id
}

 


EOF

 

 


cat <<-'EOF' > outputs.tf

output "gateway_frontend_ip" {
  value = "http://${azurerm_public_ip.pip01.ip_address}"
}

EOF


terraform init -upgrade
terraform fmt
terraform -version

terraform plan -out main.tfplan
terraform apply main.tfplan

echo $(terraform output -raw gateway_frontend_ip)

terraform plan -destroy -out main.destroy.tfplan
terraform apply main.destroy.tfplan


az group list

az group delete \
--name NetworkWatcherRG \
--yes