added 810 net gateway

HoussemDellai · Jan 29, 2024 · 695c0c6 · 695c0c6
1 parent f658983
commit 695c0c6
Show file tree

Hide file tree

Showing 13 changed files with 637 additions and 585 deletions.
diff --git a/.infracost/pricing.gob b/.infracost/pricing.gob
diff --git a/810_onprem_vpn_gateway_p2s_hub_spokes/modules/spoke/install-webapp.sh b/810_onprem_vpn_gateway_p2s_hub_spokes/modules/spoke/install-webapp.sh
diff --git a/810_onprem_vpn_gateway_p2s_hub_spokes/modules/spoke/output.tf b/810_onprem_vpn_gateway_p2s_hub_spokes/modules/spoke/output.tf
@@ -1,3 +1,3 @@
 output "vm_linux_private_ip" {
- value = azurerm_linux_virtual_machine.vm.private_ip_address
+ value = module.vm-spoke.vm_private_ip
 }
diff --git a/810_onprem_vpn_gateway_p2s_hub_spokes/modules/spoke/vm-linux.tf b/810_onprem_vpn_gateway_p2s_hub_spokes/modules/spoke/vm-linux.tf
diff --git a/810_onprem_vpn_gateway_p2s_hub_spokes/modules/spoke/vm_linux.tf b/810_onprem_vpn_gateway_p2s_hub_spokes/modules/spoke/vm_linux.tf
@@ -0,0 +1,10 @@
+module "vm-spoke" {
+ source = "../vm_linux"
+
+ vm_name = "vm-linux-${var.spoke_name}"
+ resource_group_name = azurerm_resource_group.rg.name
+ location = azurerm_resource_group.rg.location
+ subnet_id = azurerm_subnet.subnet-vm.id
+ enable_public_ip = true
+ install_webapp = true
+}
diff --git a/810_onprem_vpn_gateway_p2s_hub_spokes/modules/vm_linux/doc.md b/810_onprem_vpn_gateway_p2s_hub_spokes/modules/vm_linux/doc.md
@@ -0,0 +1,49 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.2.8 |
+| <a name="requirement_azurerm"></a> [azurerm](#requirement\_azurerm) | >= 3.69.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_azurerm"></a> [azurerm](#provider\_azurerm) | >= 3.69.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [azurerm_linux_virtual_machine.vm](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine) | resource |
+| [azurerm_network_interface.nic_vm](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface) | resource |
+| [azurerm_public_ip.pip_vm](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/public_ip) | resource |
+| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
+| [azurerm_role_assignment.role_contributor](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/role_assignment) | resource |
+| [azurerm_user_assigned_identity.identity_vm](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/user_assigned_identity) | resource |
+| [azurerm_virtual_machine_extension.vm_extension_linux](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_machine_extension) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_admin_password"></a> [admin\_password](#input\_admin\_password) | n/a | `any` | n/a | yes |
+| <a name="input_admin_username"></a> [admin\_username](#input\_admin\_username) | n/a | `any` | n/a | yes |
+| <a name="input_enable_public_ip"></a> [enable\_public\_ip](#input\_enable\_public\_ip) | n/a | `any` | n/a | yes |
+| <a name="input_location"></a> [location](#input\_location) | n/a | `any` | n/a | yes |
+| <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | n/a | `any` | n/a | yes |
+| <a name="input_subnet_id"></a> [subnet\_id](#input\_subnet\_id) | n/a | `any` | n/a | yes |
+| <a name="input_subscription_id"></a> [subscription\_id](#input\_subscription\_id) | n/a | `any` | n/a | yes |
+| <a name="input_tags"></a> [tags](#input\_tags) | n/a | `any` | n/a | yes |
+| <a name="input_vm_name"></a> [vm\_name](#input\_vm\_name) | n/a | `any` | n/a | yes |
+| <a name="input_vm_size"></a> [vm\_size](#input\_vm\_size) | n/a | `any` | n/a | yes |
+
+## Outputs
+
+No outputs.
+<!-- END_TF_DOCS -->
diff --git a/810_onprem_vpn_gateway_p2s_hub_spokes/modules/vm_linux/main.tf b/810_onprem_vpn_gateway_p2s_hub_spokes/modules/vm_linux/main.tf
@@ -0,0 +1,53 @@
+resource "azurerm_public_ip" "pip_vm" {
+ count = var.enable_public_ip ? 1 : 0
+ name = "pip-${var.vm_name}"
+ resource_group_name = var.resource_group_name
+ location = var.location
+ allocation_method = "Static"
+ sku = "Standard"
+ sku_tier = "Regional"
+}
+
+resource "azurerm_network_interface" "nic_vm" {
+ name = "nic-${var.vm_name}"
+ resource_group_name = var.resource_group_name
+ location = var.location
+
+ ip_configuration {
+ name = "internal"
+ subnet_id = var.subnet_id
+ private_ip_address_allocation = "Dynamic"
+ public_ip_address_id = var.enable_public_ip ? azurerm_public_ip.pip_vm.0.id : null
+ }
+}
+
+resource "azurerm_linux_virtual_machine" "vm" {
+ name = var.vm_name
+ resource_group_name = var.resource_group_name
+ location = var.location
+ size = "Standard_B2ats_v2" # "Standard_B2als_v2"
+ disable_password_authentication = false
+ admin_username = "azureuser"
+ admin_password = "@Aa123456789"
+ network_interface_ids = [azurerm_network_interface.nic_vm.id]
+ priority = "Spot"
+ eviction_policy = "Deallocate"
+
+ custom_data = var.install_webapp ? filebase64("./install-webapp.sh") : null
+
+ os_disk {
+ caching = "ReadWrite"
+ storage_account_type = "Standard_LRS"
+ }
+
+ source_image_reference {
+ publisher = "canonical"
+ offer = "0001-com-ubuntu-server-jammy"
+ sku = "22_04-lts-gen2"
+ version = "latest"
+ }
+
+ boot_diagnostics {
+ storage_account_uri = null
+ }
+}
diff --git a/810_onprem_vpn_gateway_p2s_hub_spokes/modules/vm_linux/output.tf b/810_onprem_vpn_gateway_p2s_hub_spokes/modules/vm_linux/output.tf
@@ -0,0 +1,3 @@
+output "vm_private_ip" {
+ value = azurerm_linux_virtual_machine.vm.private_ip_address
+}
diff --git a/810_onprem_vpn_gateway_p2s_hub_spokes/modules/vm_linux/variables.tf b/810_onprem_vpn_gateway_p2s_hub_spokes/modules/vm_linux/variables.tf
@@ -0,0 +1,12 @@
+variable "resource_group_name" {}
+variable "location" {}
+variable "subnet_id" {}
+variable "vm_name" {}
+variable "enable_public_ip" {
+ type = bool
+ default = false
+}
+variable "install_webapp" {
+ type = bool
+ default = false
+}
diff --git a/810_onprem_vpn_gateway_p2s_hub_spokes/output.tf b/810_onprem_vpn_gateway_p2s_hub_spokes/output.tf
@@ -1,5 +1,5 @@
 output "vm_linux_hub_private_ip" {
- value = azurerm_linux_virtual_machine.vm.private_ip_address
+ value = module.vm-hub.vm_private_ip
 }
 
 output "storage_account_url" {

diff --git a/810_onprem_vpn_gateway_p2s_hub_spokes/private_dns_zone.tf b/810_onprem_vpn_gateway_p2s_hub_spokes/private_dns_zone.tf
@@ -8,7 +8,7 @@ resource "azurerm_private_dns_a_record" "a-record" {
  zone_name = azurerm_private_dns_zone.private-dns-zone.name
  resource_group_name = azurerm_private_dns_zone.private-dns-zone.resource_group_name
  ttl = 300
- records = [azurerm_linux_virtual_machine.vm.private_ip_address] # just example IP address
+ records = [module.vm-hub.vm_private_ip] # just example IP address
 }
 
 resource "azurerm_private_dns_zone_virtual_network_link" "link-dns-vnet" {