What is Terraform? Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular service providers as well as custom in-house solutions.
Configuration files describe to Terraform the components needed to run a single application or your entire datacenter. Terraform generates an execution plan describing what it will do to reach the desired state, and then executes it to build the described infrastructure. As the configuration changes, Terraform is able to determine what changed and create incremental execution plans which can be applied.
To check the version of PowerShell you currently have installed, launch PowerShell, run the command below:
Get-Host | Select-Object Version
2) Now that you have the latest version of PowerShell installed, you will need to install the AZ module if not already installed. The command below will allow you to check if you already have the AZ Module installed including the version number.
Get-Module -Name Az -ListAvailable
3) If you already have the AZ module installed, the version will appear. If no version is installed, no results will appear after running the above command. You may find that you have more the one version installed.
To install the latest version, type the command below:
Install-Module -Name Az -AllowClobber
Please note, if you already have older versions of the Az Module installed, you may wish to add -force to the end of the command so that the module installs side by side with your existing versions. Such as:
Install-Module -Name Az -AllowClobber -force
Installing the module will take about a minute. Run the command below again to confirm the module has installed
Get-Module -Name Az -ListAvailable
If you have multiple versions of the AZ Module installed, the latest version will be used by default, unless you specify for an older version to be used.
You have migrated your virtual machines to new storage but find that the summary tab of the virtual machines shows two datastores within the vSphere Web Client and vSphere Client. You have checked the datastore and no data resides on the LUN.
Here are a couple of things you want to check,
1) The most obvious is to check whether there are ISO’s mounted to your servers
2) vSwap file. Does a vSwap file exist on the data store? browse the datastore and check if any vSwap files exist. If yes, a VMotion of the Virtual Machine migrates the vswap to the new location. If you’re moving VM’s to new storage, don’t forget to check your vSwap configuration, especially if you originally configured the vSwap location to reside on a different LUN. Ensure the vSwap file location has been reconfigured to point to new storage.
3) Check if any VMWare snapshots exist. If a VMWare snapshot was taken whilst an ISO was attached to the VM, this could be the issue. Remove the snapshot
Building a server in Microsoft Azure is simple and has become easier as Microsoft have made improvements on the portal over the years.
In this example, i’ll be building a Windows 2019 Server, so lets get started
Logon to your Azure Portal, search for virtual machines and click + Add
The below interface appears, select your subscription from the drop down list. If you only have the one, it will already be selected
Next, drop down and select a resource group.
What is an Azure Resource Group? A resource group is a container that holds related resources for an Azure solution. The resource group includes those resources that you want to manage as a group. You decide which resources belong in a resource group based on what makes the most sense for your organisation.
For the purposes of this demo, I’m going to create a new resource group
Next, lets give our virtual server a name and select a region. I have selected UK South
Next, I’m going to create this VM in a new availability set, because I will be building and adding another virtual web server and including it within the same availability set to provide for high availability. If you’re not interested in creating an availability set, you can skip these steps. But because it doesn’t cost anything to create an availability set, you may want to add the server to an availability set if you have plans of setting up redundancy in the future. You’ll obviously be charged for the second server, but the availability set is free. If you decide at this point you don’t require redundancy, but in the future change you’re mind, you will have to delete and recreate the VM to allow you to add it to a new availability set.
What is an Azure availability set? An availability set is a logical grouping of VMs within a datacenter that allows Azure to understand how your application is built to provide for redundancy and availability. Azure makes sure that the VMs you place within an Availability Set run across multiple physical servers, compute racks, storage units, and network switches. More info at: Azure Availability Options
Create a new availability set (I’m leave the defaults) and click OK. When you create another server, drop down and select an existing availability set. The below screenshot shows my new availability set. It’s worth looking into how fault domains and update domains function.
Next, select your Operating System. I have selected Windows Server 2019 Datacenter and a size of Standard DS1 v2 for this demo. The higher spec server the more it will cost you so ensure you select the correct server size depending on requirements
You may have noticed Azure Spot Instance. What is Azure Spot? Azure Spot offers unused Azure capacity at a discounted rate versus pay as you go prices. Workloads should be tolerant to infrastructure loss as Azure may recall capacity for pay as you go workloads. It’s recommended to use Azure Spot only if you’re testing and are happy for Microsoft to delete your VM without much notice. Never use this for production or even a test environment you require access to at all times.
Next setup your local administrator account and a strong password. For inbound public ports, I have set none. I will be accessing this server internally via RDP and don’t want to expose RDP to the outside world. If Bastion is available with your region, you could set it up so you can access your VM from within the portal. For more details on how to configure Azure Bastion, click How to Configure Bastion? If you have a requirement for public RDP to be enabled, lock down access to certain IP addresses and it’s worth setting up Azure Just In Time Access.
What is Azure Just In Time Access? Just-in-time (JIT) virtual machine (VM) access can be used to lock down inbound traffic to your Azure VMs, reducing exposure to attacks while providing easy access to connect to VMs when needed. The just-in-time feature is available on the Standard tier of Security Center
Click next, to configure disks. Select your disk types depending on your server/application requirements
You may also have a requirement to add an additional disk, such as a data disk. Don’t worry about creating a page file disk. You’ll get a temporary disk assigned by default
So here is what my disk configuration looks like. OS and a data disk
Click next to visit networking settings
Select your virtual network, subnet, a public IP if required and basic or advanced NSG. The common NSG is basic but will obviously depend on your company requirements. You can also control the NSG at subnet level within your VNET, or even route all traffic to an external firewall, such as a Paloalto firewall. It’s worth consulting with your networks team on security requirements.
When ready click next and configure management settings as required
I have set my machine to auto shut at 7pm. It’s only a test server and doesn’t need to be powered on after 7pm. Will save me on costs while it’s powered down.
Click next. If you have any requirements to install any extensions, such as Microsoft Antimalware, you can select here. If you’re not sure just yet, don’t worry about it, as you can select extensions after the VM build. It’s worth taking a look at the available extensions though. Click Next when ready
Create tags if required. Explanation of tags below
And click review and create
You’ll receive a notification after the VM has been built
I hope this post was useful. Feel free to comment below if you have any further questions.