cheese-chef-provisioning-azurerm

cheese-chef-provisioning-azurerm

cheese-chef-provisioning-azurerm is an extension of chef-provisioning-azurerm driver to support some basic resources like machine for chef-provisioning that allows Microsoft Azure resources to be provisioned by Chef. This driver uses the new Microsoft Azure Resource Management REST API via the azure-sdk-for-ruby.

The driver provides machine resource for Azure.

Note: If you are looking for a driver that works with the existing Microsoft Azure Service Management API please visit chef-provisioning-azure
Or original AzureRM driver please visit chef-provisioning-azurerm

Quick-start

Prerequisites

The plugin requires Chef Client 12.2.1 or higher.

Installation

This plugin is distributed as a Ruby Gem. To install it, run:

$ chef gem install cheese-chef-provisioning-azurerm

Configuration

For the driver to interact with the Microsoft Azure Resource management REST API, a Service Principal needs to be configured with Owner rights against the specific subscription being targeted. To create a Service Principal and apply the correct permissions, follow the instructions in the article: Authenticating a service principal with Azure Resource Manager

You will essentially need 4 parameters from the above article to configure Chef Provisioning: Subscription ID, Client ID, Client Secret/Password and Tenant ID. These can be easily obtained using the azure-cli tools (v0.9.8 or higher) on any platform.

Using a text editor, open or create the file ~/.azure/credentials and add the following section:

[abcd1234-YOUR-GUID-HERE-abcdef123456]
client_id = "48b9bba3-YOUR-GUID-HERE-90f0b68ce8ba"
client_secret = "your-client-secret-here"
tenant_id = "9c117323-YOUR-GUID-HERE-9ee430723ba3"

If preferred, you may also set the following environment variables on the "provisioning node", replacing the values with those obtained when you configured the service principal

AZURE_CLIENT_ID="48b9bba3-YOUR-GUID-HERE-90f0b68ce8ba"
AZURE_CLIENT_SECRET="your-client-secret-here"
AZURE_TENANT_ID="9c117323-YOUR-GUID-HERE-9ee430723ba3"

Note that the environment variables, if set, take preference over the values in a configuration file. The subscription id will be taken from the recipe.

driver_url

with_driver 'azurerm:abcd1234-YOUR-GUID-HERE-abcdef123456'

Features

Unlike a fully-featured chef-provisioning driver, the chef-provisioning-azurerm driver only offers a way to interact with machine, machine_batch and load_balancer resources.

The following resources are provided by chef-provisioning-azurerm

• azure_resource_group
• azure_resource_template
• azure_storage_account
• azure_virtual_network
• azure_network_interface
• azure_public_ip_address

cheese-chef-provisioning-azurerm offers

• azure_data_disk

Machine Options

You can pass machine options that will be used by machine and machine_batch to configure the machine.

These options are an extension of the base options. Please see that for a list of the machine_options shared between drivers.

The full syntax available in the bootstrap_options hash is the hash expected by the Azure Virtual Machines create_or_update method. The options seen below in the example are the default options.

with_machine_options({
  :transport_address_location => :private_ip # only :private_ip supported with this version
  :bootstrap_options => {
    :location => "West US 2", # location for resource
    :tags => {}, # Hash object of tags to be applied on machine
    :resource_group_name => "resource-group", # resource group name for VM
    :virtual_network_name => "virtual-network", # virtual network name for NIC of VM
    :subnet_name => "network-az-us-west-2", # subnet where NIC will be created for VM
    :network_security_group_name => "admin-sg", # security group to be applied on NIC
    :key_name => "azure-key", # name of the key to be used to ssh into VM
    :availability_set => "availability-set", # https://docs.microsoft.com/en-us/rest/api/compute/virtualmachines/virtualmachines-create-or-update#avset
    :osProfile => { # OS profile as specified here https://docs.microsoft.com/en-us/rest/api/compute/virtualmachines/virtualmachines-create-or-update#osprofile
      :computerName => "test1", # hostname of VM
      :adminUsername => "ubuntu", # username for VM
      :linuxConfiguration => { # https://docs.microsoft.com/en-us/rest/api/compute/virtualmachines/virtualmachines-create-or-update#bk_linuxconfig
        :disablePasswordAuthentication => true,
        :ssh => {
          :publicKeys => [
            {
              :keyData => ""
            }
          ]
        }
      },
    },
    :storageProfile => { # only imageReference is used under storage profile
      :imageReference => { # https://docs.microsoft.com/en-us/rest/api/compute/virtualmachines/virtualmachines-create-or-update#imageref
        :publisher => "Canonical",
        :offer => "UbuntuServer",
        :sku => "14.04.5-LTS",
        :version => "14.04.201703280"
      },
      :storage_account_type => "Standard_LRS" # this is used to create OS disk
    },
    :hardwareProfile => { # https://docs.microsoft.com/en-us/rest/api/compute/virtualmachines/virtualmachines-create-or-update#hardware
      :vmSize => "Standard_DS1_v2"
    },
  }
})

This options hash can be supplied to either with_machine_options at the recipe level or directly into the machine_options attribute.

location option

location for resource creation can be specified at 2 places.
This list is in the order of preference

• machine_options[:bootstrap_options][:location]
• machine_options[:location]

Example Recipe - deployment of machine

The following recipe creates a new VM within your subscription (identified by the GUID on line 2).

example1.rb

#
# Cookbook:: azure-provision
# Recipe:: default
#
# Copyright:: 2017, The Authors, All Rights Reserved.

require 'chef/provisioning/azurerm'
with_driver 'azurerm:abcd1234-YOUR-GUID-HERE-abcdef123456'

with_machine_options({
  :bootstrap_options => {
    :location => "West US 2",
    :tags => {:business => "my business"},
    :resource_group_name => "resource-group",
    :virtual_network_name => "virtual-network",
    :subnet_name => "network-az-us-west-2",
    :network_security_group_name => "admin-sg",
    :key_name => "azure-key",
    :availability_set => "availability-set",
    :osProfile => {
      :computerName => "test1",
      :adminUsername => "ubuntu",
      :linuxConfiguration => {
        :disablePasswordAuthentication => true,
        :ssh => {
          :publicKeys => [
            {
              :keyData => "replace with your pub key"
            }
          ]
        }
      },
    },
    :storageProfile => {
      :imageReference => {
        :publisher => "Canonical",
        :offer => "UbuntuServer",
        :sku => "14.04.5-LTS",
        :version => "14.04.201703280"
      },
      :storage_account_type => "Standard_LRS"
    },
    :hardwareProfile => {
      :vmSize => "Standard_DS1_v2"
    },
  }
})


machine "test1" do
end

Resources

azure_data_disk

This resource is used to create and manage managed disks of azurerm. Azure supports several create options to create managed disk. But this driver only supports Empty disk creation as a default option.

attributes

attribute :name, kind_of: String, name_attribute: true
attribute :resource_group, String, required: true
attribute :size, kind_of: Integer, default: 10 # in gb
attribute :storage_account_type, String, default: 'Standard_LRS'
attribute :caching, String, default: 'none'
attribute :lun, Integer
attribute :tags, kind_of: Hash
attribute :vm, String
attribute :location, String

vm and location

One must be specified while creating a new disk. And if both specified, vm takes precedence over location.

size

Azure supports disk size expansion so does this driver, but only at a certain condition.
When a disk is already created and not attached, :create action can be used to attach the disk to a VM and if a larger size is specified, it will expand the disk too. But if size is reduced in same case scenario, it will just warn and attach the disk to the VM.

actions

create

This action will create an empty managed disk. Behaviour of this action varies based vm attribute.

• case 1: when vm not provided
  A new empty disk will be created.
• case 2: when vm is provided
  The disk will be added to the VM. In case disk already exist and is attached to a different VM, it will raise an error.

destroy

• case 1: when disk is not attached
  The disk will be destroyed.
• case 2: when disk is attached to a VM
  The vm needs to be specified to detach and destroy disk, else it will raise an error.

attach

This action can be used when disk is already available and needs to be attached to a VM. Using :attach action will raise error if disk is not already created.
If you are not sure about disk and still wants a disk to be attached to the VM, use :create action.

detach

This action will detach the disk from provided VM. If vm is not specified, it will raise error.

Example

• Creating and attaching disk to VM

azure_data_disk 'disk-test1' do
  size 12
  vm 'disk-test1' # required in this case
  resource_group 'resource-group'
end

• Creating an empty disk

azure_data_disk 'disk-test2' do
  size 12
  location 'West US 2' # required in this case
  resource_group 'resource-group'
end

• Attaching existing disk to a VM

azure_data_disk 'disk-test2' do
  vm 'disk-test2' # required in this case
  resource_group 'resource-group'
end

• Expanding size of disk

azure_data_disk 'detaching disk' do
  name 'disk-test2'
  vm 'disk-test2' # required in this case
  resource_group 'resource-group'
  action :detach
end

azure_data_disk 're-attaching with bigger size' do
  name 'disk-test2'
  size 20
  vm 'disk-test2' # required in this case
  resource_group 'resource-group'
end