I am very excited to announce that I am joining Microsoft as an Azure Technical Trainer on 21st February 2022! I received the news in November 2021 and I’m still in shock today, a dream come true!
I am very grateful to Microsoft for the opportunity and look forward to joining a great team of awesome people. A massive shoutout and thankyou to Peter de Tender for the support and encouragement through the process.
Working for Microsoft is a great opportunity, a new challenge, I’m stepping out of my comfort zone, the opportunity to continue learning, sharing knowledge, meeting new people, and most importantly I hope to make a difference “to empower every person and every organization on the planet to achieve more”
I would like to thank my family, friends and members of the Technical Community (aka CloudFamily) on Twitter (You know who you are). Thank you very much for the support.
The Covid pandemic has been devastating for all of us, however, the Technical Community have been amazing, coming together virtually to support each other at a difficult time. A vast number of amazing virtual user groups, podcasts, blogs, courses and YouTube content has been created throughout the pandemic to help support the tech community. Keep up the great work.
I would also like to thank the individuals who reached out to nominate me for the MVP award. Thank you Shabaz Daar for the nomination which due to me accepting a position at Microsoft had to be halted. Thankyou Gregor Suttie, John Lunn and Elan Shudnow for reaching out. I really appreciate your support and you believing that I was worthy for such an amazing award, it means a lot.
As my journey with Microsoft begins, I hope to make a positive impact going forward. I will also continue to make an effort to get to know more awesome individuals in the community. I will also continue publishing technical content on my blog Cloud Build and interviews on the Azure Crazy website. I will be continuing to work on the Bradford Cloud User Group co founded with my friends Shabaz Darr and Mohammed Sajid. Thankyou both for your support.
What about Daisy Corporate Services?
Leaving the Daisy family after 15 years was not an easy decision. I am extremely lucky to have worked with amazing people over the years, great managers who have always pushed me to succeed. I have always said, what makes Daisy great is the culture, the people, the support and being able to progress within the company. Thankyou very much for all the support and opportunities you have provided me since I joined the company. I leave with many great memories.
Today was emotional, as I visited the office to say goodbye, hand over my kit, and door access pass which I have held onto for over 15 years. I look no where near the young Imran I was over 15 years ago. 🙂
A quick selfie outside Daisy House with my friend and manager David Robinson, whilst battling with strong winds and rain, but we got there. Thanks Dave 🙂
I’ve lost my hair and gone grey over the years, whilst Dave still looks the same. I never managed to find out what his secret was. 🙂 Thanks for being a supportive colleague, friend and manager. I wish you nothing but success.
Time to sign out. I wish Daisy and the team all the best for the future.
In this blog post I will go through the process of deploying a VNET, Subnet and a NSG in Azure.
Reminder: Terraform documentation is great to get started with deploying resources in Microsoft Azure. Check out the following Terraform link for sample code – Docs overview | Terraform Registry
Below is the sample code provided by Terraform (link provided in step 1 above). I don’t require the resource group block as I have created one as part of my previous blog post, therefore, it has been removed from the code below.
3. I will replace some of the code so it fits with what what I am doing, such as to include my existing resource group, location (UK South) and to make use of additional variables.
I’ll work through each block of code starting with the Network Security Group (NSG)
Line 2: I replace “example”, with “demo”
Line 3: I create a variable in my variables.tf file and include the value in my terraform.tfvars file. I then replace “example-security-group” with my newly created variable.
Line 4: I use an existing variable I created in a previous blog post
Line 5: I use an existing variable I created in a previous blog post
6. Before continuing I’ll commit the changes to Git. Note that Git is not a requirement to deploy resources in Azure, but a great versioning tool that is popular. I covered Git in previous blog posts. Continue to step 7 if you do not wish to commit changes to the local Git repository.
Execute the command below
git stage .
To confirm the files have been staged, type the command below and press enter,
git status
Type a short but meaningful description of your choice
git commit -m "Added VNET Subnet and NSG"
Finally, the below command to list your commits
git log --oneline
7. Save. Next i run terraform validate to check for errors
Looks good
8. Next, I run terraform plan and the output is shown below,
9. Click save. Next, I run terraform apply, review and then type ‘yes’ to allow Terraform to continue.
10. I log into the Azure Portal and access my resource group, I have a new Virtual Network and Network Security Group located in region UK South.
I click on the new virtual network demo-vnet1, click subnets, and I see my subnet.
I click on demo_subnetA and can see my NSG (ng1demo) attached to demo_subnetA
Finally, here is my tag. I used the name demo
That’s it for now
I hope the journey has been useful to allow you to get started with Terraform.
My journey learning Terraform to allow me to deploy workloads into Microsoft Azure continues. If you missed the previous posts, please visit the links below.
Did you know: A sub directory in Terraform is known as a module. Terraform will only process the *.tf files located in the folder where you run the command terraform plan. If you would like to include configuration from sub directories, then you use the module syntax. For example, If I have a sub directory named networking, which contains my azure network configuration, I can import the networking directory into my working config directory by specifying the below command. We’ll cover more on this as we move on.
module "my_network" {
source = "./networking"
}
In this blog post I go through the process of compiling a .tfvars file, but before I continue,
What is a .tfvars file?
This is a confusing topic as terraform.tfvars and variables.tf serve a similar role, as in both are variable files. However, a tfvars file stores the default values from a variables.tf file and allows you to override values if required. Still a little confusing, right? Let’s try to work this out by discussing why we would use a tfvars files.
You could create tfvars files to deploy into multiple environments such as prod.tfvars and dev.tfvars. Therefore, the .tf files would hold the default settings that are common among all configurations but the tfvars files could hold different values. Another example of when you could make use of a tfvars file is for applications which have their own unique settings.
Something else to note, Terraform will automatically load the variables from a tfvars file if it’s named terraform.tfvars or *.auto.tfvars and placed in the same directory as your Terraform configuration file. If you wish to execute different named tfvars files, such as, prod.tfvars, staging.tfvars, test.tfvars etc, you can specify a custom tfvars file using the command line parameter -var-file and then specify the path to a variable file. I have specified examples below,
terraform plan -var-file="prod.tfvars"
or
terraform plan -var-file="app1.tfvars"
So custom named tfvars files can be called upon based on the platform you are deploying to.
Let’s get started from where we left in Part 7. We removed the default values from the variables.tf file, this action resulted in terraform prompting for values when we executed the command terraform plan.
Create a new file named terraform.tfvars
I have loaded both variables.tf and the newly created terraform.tfvars file in a split screen as seen below.
3. In the previous blog post, I removed the default values. For the purpose of this demo, I have hashed the default values as per the screen shot above. If you removed the default values from the variables.tf file, your file will look similar to the one below.
variable "resource_group_name" {
type = string
description = "Azure Resource Group Name"
}
variable "resource_group_location" {
type = string
description = "Azure Resource Group location"
}
4. I will now copy the text resource_group_name and resource_group_location to the newly created terraform.tfvars file.
5. Next, I input the values for the variables I have copied to the terraform.tfvars file.
6. Save changes. Next we run terraform plan. Terraform should no longer prompt us to input default values, instead Terraform will automatically recognise the terraform.tfvars file and apply the values. We named the file terraform.tfvars, therefore, the file will be loaded automatically.
Note: If there was a requirement to run a different named tfvars file such as prod.tfvars, you would specify a command after terraform -plan
Example,
terraform plan -var-file="prod.tfvars"
Type terraform plan -h for a list of available commands
Back to deploying our resource group using the terraform.tfvars file, let’s give it a go. The results are as expected. Terraform has recognised the terraform.tfvars file and not prompted us to insert values manually.
Note: A terraform.tfstate.backup file is created automatically in case the state file is lost or corrupted and simplifies recovery if needed.
7. So we executed terraform plan and the output shows that our tfvars file was successfully picked up and the values processed by Terraform. Next, we run terraform apply. Review and input ‘yes’
Let’s visit the Azure Portal. The resource group was created successfully.
8. Next, I would like to override a value within the tfvars file, for example, I want to create a resource group but with a name different to the one specified in the terraform.tfvars file. As per the below, my resource group is RG-DEMO-PROD1 and variable name is resource_group_name.
9. I type the command below to override the tfvars file for variable resource_group_name. I specify the resource group NEW-RG.
terraform plan -var "resource_group_name=NEW-RG"
10. The result, Terraform reports that the resource group I created earlier will be replaced with the new resource group specified in the command I executed. The old group will be destroyed. I won’t be applying the command below as I only wanted to try out the variable over ride command.
My journey learning Terraform to allow me to deploy workloads into Microsoft Azure continues. If you missed the previous posts, please visit the links below.
Did you know; 1. Terraform is natively available for you to use in the Azure Cloud shell, no installation required.
2.There is a strong relationship between Microsoft and Harshicorp. Microsoft have their own terraform dev team who work closely with Hashicorp.
3. The Terraform registry website includes documentation with sample code so you can get started with deploying resources into Azure quickly.
Part 6 of this blog series involved the deployment of a resource group into Azure using Terraform. In this blog post I go through the process of compiling a variables file.
What is a terraform variables file?
A variables file allows you to write configuration that is easier to re-use as variables can replace hard coded values. It’s ok to use hard coded values if you’re only going to deploy a resource once, however if you wish to deploy a template into different platforms, such as dev, test and production platforms, a variables file would save you the time going through and changing your code. Instead, amending the code in the variables file would be much more convenient.
Example, If i specified the location of UK South throughout my main.tf file and then decided to deploy the same resources to a different location using the same code in the future, I would have to replace the location throughout my code. The advantage of the variables file is that I only replace the location once as the main.tf file is referencing the variable specified in the variables file.
Below is the code I compiled and deployed to create a resource group in Part 6 of this blog series.
# Create a resource group
resource "azurerm_resource_group" "demo" {
name = "CloudBuild-RG1"
location = "UK South"
}
For now, I will create a variables file including parameters for the location “UK South” and the name of the resource group “CloudBuild-RG1”. I will then replace these default names in my main.tf file, with the name of the variables. Let’s get started.
Create a new file named variables.tf (The file doesn’t have to be named variables.tf). Terraform scans all files, therefore, will pick up a variables file with a different name.
Note: Notice the green letter “U” by the side of the new file I created? This indicates the file is untracked as I have not committed this version to Git. You’ll also come across the letter “M” which means modified.
2. I now input two variables, my resource group (“CloudBuild-RG1”) and the location of the resource group (“UK South”) as seen in the code below, click save.
When there is a requirement to specify CloudBuild-RG1 in my code, I will instead input the variable name of var.resource_group_name and var.resource_group_location for the resource group location.
variable "resource_group_name" {
default = "CloudBuild-RG1"
type = string
description = "Azure Resource Group Name"
}
variable "resource_group_location" {
default = "UK South"
type = string
description = "Azure Resource Group location"
}
3. Next I access the main.tf file and replace location “UK South” with the new variable name var.resource_group_location (var = variable). I also replace the resource group “CloudBuild-RG1” to var.resource_group_name.
Below is a copy of my variables file,
variable "resource_group_name" {
default = "CloudBuild-RG1"
type = string
description = "Azure Resource Group Name"
}
variable "resource_group_location" {
default = "uksouth"
type = string
description = "Azure Resource Group location"
}
and below is a copy of my main.tf file. Variable names highlighted below.
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "2.95.0"
}
}
}
# Configure the Microsoft Azure Provider
provider "azurerm" {
features {}
}
# Create a resource group
resource "azurerm_resource_group" "demo" {
name = var.resource_group_name
location = var.resource_group_location
}
4. Next, i run terraform plan and the results are as expected, no changes will be deployed to Azure as there is nothing further to deploy.
5. Next, as an experiment, I amend my variables.tf file as per the below. I rename RG1 to RG2, and save. I am not amending the code included in file main.tf
What do you think the result will be when I run terraform plan?
The resource group can not be renamed, therefore, if the changes were executed, Terraform would destroy resource CloudBuild-RG1 and create a new resource group CloudBuild-RG2.
As you can see from the terraform plan output below, one resource will be added and one destroyed. Not something you would want to perform in production without prior planning/testing!
6. Next, I apply the changes by running terraform apply
Before running terraform apply, I have resource group CloudBuild-RG1 which I deployed via Terraform in part 6 of this blog series. See image below.
After running terraform apply, RG1 has been deleted and a new group ending RG2 deployed. Terraform warns me of the changes I am about to execute, giving me another opportunity to review what will change.
Note: it may take up to 30 seconds before the changes appear in the Azure portal. Click the refresh button.
The result as per the image below. Resource group ending RG1 has gone and RG2 deployed.
You can add new variables to your variables.tf file as and when required. We’ll continue making use of variables as we move on and deploy resources in Azure.
7. Before moving to the next task, I run command terraform destroy which will remove what I have deployed so far, that’s the resource group CloudBuild-RG2.
Reminder: you can always validate your code for errors by using command terraform validate so I would recommend making use of this command as your code grows.
Another quick note, you may have noticed a file named .terraform.tfstate.lock.info appear for a short while as you execute Terraform code.
What is .terraform.tfstate.lock.info? “If supported by your backend, Terraform will lock your state for all operations that could write state. This prevents others from acquiring the lock and potentially corrupting your state. State locking happens automatically on all operations that could write state. You won’t see any message that it is happening.” Source: Terraform
Back to the command terraform destroy, I run this command and as expected Terraform prompts the changes which will be carried as per the image below. My resource group will be deleted.
8. Type ‘Yes’ to confirm, and after a few seconds, the result.
9. Back to the Azure Portal, browse to resource groups, and a couple of clicks of the refresh button, the resource group has gone. The tfstate file is automatically updated to reflect the changes so if I was to run terraform apply again, the resource group we just destroyed would be recreated.
10. Back to the variables.tf file, let’s perform another task, what if I did not create a default value in my variables file as shown in the code below? At the moment, I have default values, so for example, if I use the variable var.resource_group_name in my main.tf file, the default value of CloudBuild-RG1 will always apply as that’s what I specified in my variables file. The same would apply for the resource group location.
variable “resource_group_name” { default = “CloudBuild-RG2” type = string description = “Azure Resource Group Name” }
variable “resource_group_location” { #default = “uksouth” type = string description = “Azure Resource Group location” }
11. In the next task, I remove the default values so the variables file appears as the one below. I have removed the line that applies a default value.
variable "resource_group_name" {
type = string
description = "Azure Resource Group Name"
}
variable "resource_group_location" {
type = string
description = "Azure Resource Group location"
}
Note: you could also add a # to the beginning of the code so it’s ignore at the time of execution, for example, #default = “CloudBuild-RG2”
12. Save and run the command terraform validate. The configuration is valid.
13. Next, I run terraform plan (This command outputs what Terraform would execute if you were to apply the changes). Ensure you have saved your variables file. Again, as I execute the command, the terraform state lock file will appear temporarily and then disappear.
Tip: you can press the up arrow key on your keyboard to revisit previous commands you have executed.
Reminder: you can use command clear to empty your terminal of previous code.
After running terraform plan, Terraform is not able to locate a default value as I removed the value from my variables file. Terraform prompts for a value, the Azure Resource Group Location as shown below,
I enter uksouth as that’s the Azure region where I wish to deploy my resource group,
14. I am then prompted for a value for my resource group name, I enter, demo-RG1
Note: Terraform will not run the command in the order you specify, however, it will execute the code depending on what is required to be deployed first in Azure.
15. Terraform runs through the plan and provides an output,
Note: A number of services in Azure require a unique name. For example, a storage account name has to be globally unique, therefore you will only be allowed to create that storage account once. Therefore, a variable would be ideal.
I hope this has been useful. Please feel free to comment below with feedback or any additional information you feel I may have missed out.
In the next blog post I go through the process of compiling a terraform.tfvars file – click the link below to continue,
My journey learning Terraform to allow me to deploy workloads into Microsoft Azure continues. If you missed the previous posts, please visit the links below.
In this blog post I go through the process of initiating Terraform and start the process of deploying workloads in Azure.
Launch VSCode
Create a new file named main.tf
3. Next we need to configure the provider. In our case, the provider is Azure. I type the below code in the newly created file, main.tf. You can also locate the below code from the Terraform Registry website (At the time of writing this blog post the version was 2.95.0). Save the file
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "2.95.0"
}
}
}
# Configure the Microsoft Azure Provider
provider "azurerm" {
features {}
}
4. Next I add the code to create a new resource group named CloudBuild-RG1 in location UK South. Save the file
# Create a resource group
resource "azurerm_resource_group" "demo" {
name = "CloudBuild-RG1"
location = "UK South"
}
Azurerm is the plugin name. RM stands for resource manager
CloudBuild-RG1 is the name of the resource
“demo” is the resource group name in Terraform and is what we will refer to when creating the resource group
Location is where we will be deploying the resource group. The region being UK South
5. Let’s run the newly created code. But before executing the code, we need to login to Azure. In powershell or the command terminal type the below command and press enter,
az login
6. The above code launches a web page requesting you login to your azure tenant.
Useful commands, Terraform version – outputs the version of Terraform installed Clear – Clears the command window Terraform validate – validates the code and checks for errors Terraform apply – this command will read your .tf files and apply the changes. Prior to applying Terraform will output the changes and request confirmation before applying. Terraform plan – this command outputs the changes Terraform will apply and safer to use compared to command Terraform apply Terraform init – You would run this command the first time you used Terraform within a new directory/project folder, add a new provider or a module. Terraform destroy – will remove all resources Terraform fmt – this command will fix the layout of your file so it’s well presented and easy to read. Terraformhelp – outputs a full list of commands
7. Next, we need to initialise Terraform. The below command will read from main.tf file and load the version of Terraform as specified in the file,
terraform init
A terraform folder is populated in the working folder. This folder contains the required config to allow Terraform to deploy resources in Azure.
8. Before deploying the first resource group via Terraform in Azure, I run a command to confirm what will be deployed (added/destroyed) in Azure. Run the command below and press enter. The output below displays that one resource group will be created in Azure.
terraform plan
9. We’re ready to deploy our resource group in Azure. Type the command below and press enter,
terraform apply
10. Before committing, Terraform will prompt you to check and type ‘yes’ to confirm,
Do you want to perform these actions? Terraform will perform the actions described above. Only ‘yes’ will be accepted to approve.
Enter a value:
Note: if you wish to bypass the above prompt, you could add -auto -approve after terraform apply, i.e. terraform apply -auto -approve
11. Review, type yes if all looks good, and press enter. The process to create our new resource group is under way. When complete, you’ll receive an Apply complete message as shown below.
12. Login to the Azure Portal, access resource groups. Click the refresh button if the resource group does not appear.
And here is our newly created resource group in Azure
You may have noticed that Terraform has created a new file name ‘terraform.tfstate, as shown in the screenshot below.
This state is used by Terraform to map real world resources to your configuration, keep track of metadata, and to improve performance for large infrastructures. This state is stored by default in a local file named “terraform. tfstate”, but it can also be stored remotely, which works better in a team environment. Source: Terraform
In simple words, this is a very important file because it includes the state of what you have already deployed into Azure. Note that the state file will only know what you have deployed via Terraform, it has no idea what you may have already deployed manually within the Azure Portal or via any other provider, so it’s recommended that once you start using Terraform, stick to it to avoid potential issues and confusion in the future.
What if there are a couple of you working on the same project, how does the state file work in this scenario? You could use an Azure storage account as a central location for the state file, or a jump box (a central server) from where the team always run Terraform. This server would hold the state file. However, for larger teams it’s recommended to use Terraform Enterprise for advanced features and collaboration.
Note, you can not rename a resource, for example, if I was to rename the resource group name in my main.tf file, from CloudBuild-RG1 to CloudBuild-RG2, Terraform would delete CloudBuild-RG1 and create CloudBuild-RG2, so one to watch out for. Give it a try in your lab and don’t forget to run terraform plan to confirm what changes will be performed before applying.
Committing to Git
You may recall we installed Git in part 5 of this series. I will be committing the current version/changes up to now. Note that each time you commit, git takes a snap shot of what the files look like at the time and stores a reference to that snapshot. As additional changes are made to your code, you can continue to commit the changes to Git. To commit to git,
Type the below command and press enter. This will stage all files in the current folder. You can also specify filenames if you don’t wish to commit the complete folder/project, for example git stage index.html
git stage .
2. To confirm the files have been staged, type the command below and press enter,
git status
Note: if you wish to remove the files or a file from the staging area, you can run command, git rm –cached filename (replace filename with the file you wish to unstage or type . to unstage all files.
3. Now it’s time to make our first commit in Git. Type the below command and press enter, (the message in brackets should be short but useful for tracking purposes)
git commit -m "Initial Commit"
4. And here is the result
Note, you can add files you would like Git to ignore by specifying them in the .gitignore file we created in part 5
5. Type git status again and confirm that the output displays nothing to commit.
6. Type the below command to check the history of your current log,
git log
The above output explained: The long number is the unique identifier for the commit. Each commit is associated with a unique identifier. The author name, date and time of the commit is specified. HEAD indicates that this is the latest commit, and master is the branch name. Finally, the description of the commit was ‘initial commit’.
As additional commits are added, the logs may become difficult to read, so a useful command to shorten the logs is,
git log --oneline
There is so much more to learn about Git, so I recommend you pick up a training course and study Git and GitHub further. I will however continue to work with Git, and GitHub in further blog posts.
In the next blog post (Part 7) I compile and explain the purpose of a terraform variables file.
Subscribe to new tech posts.
We will never send you spam email or forward your details to third parties.
This will close in 0 seconds
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
