Terraform - Azure VM + Managed Disks

Project URL: https://github.com/bgcodehub/profisee-code

1. Introduction

Given the task of creating a Virtual Machine (VM) and a storage account/disk, the prime objective was to ensure that these resources are reliable, secure, and scalable. The tool of choice to achieve this was Terraform, a widely recognized infrastructure-as-code software tool.

2. Resource Group Configuration

Before deploying any resources in Azure, setting up a resource group is a foundational step. A resource group provides a consolidated framework to manage multiple resources that may share similar lifecycle settings. Key Insights:
  • Resource groups streamline the management, location, and deletion of collections of resources within Azure.
  • Incorporating a variable naming convention ensures consistent naming across resources, which in turn simplifies identification and management.
  • Utilizing such conventions also aids in differentiating between various deployments, making the architecture scalable across different environments or configurations.

3. Virtual Network and Subnet Configuration

The establishment of a Virtual Network (VNet) and its associated subnet was a critical step in the process. Key Insights:
  • VNets in Azure play an indispensable role in securely hosting resources and ensuring their isolation from other resources.
  • The introduction of subnets further helps in segmenting these resources. This segmentation ensures that Virtual Machines (VMs) are logically grouped, aiding in more efficient network management and traffic distribution.
  • Address range definitions, like "/16" and "/24", help in defining the scope of addresses available within the network and its segments.

4. Network Interface Configuration

Setting up a Network Interface Card (NIC) is a preparatory measure before deploying a VM. Key Insights:
  • A NIC acts as a mediator between the VM and the VNet. In essence, it’s the bridge that facilitates network communications.
  • Entrusting Azure with dynamic IP allocation for these NICs ensures seamless management. With Azure overseeing IP address assignments, the complexities of manual IP management are significantly reduced.

5. Virtual Machine Configuration

The crux of the entire task was to establish a VM with tailored configurations. Key Insights:
  • Given the breadth of the assignment, the decision to go with Ubuntu, a globally recognized operating system, appeared most logical.
  • The selected VM size was geared towards achieving an optimal balance between operational efficiency and cost considerations.
  • An added advantage of this configuration ensures that any OS disk derived from its base image is marked for deletion once the VM is no longer in use. This practice underscores the importance of resource management and cleanliness.

6. External Managed Disks Configuration

The configuration culminated with the provisioning of eight managed disks which were subsequently attached to the VM. Key Insights:
  • Azure’s preference leans towards the use of managed disks for storage solutions.
  • The choice of VM size dictated the number of data disks that could be attached. Automation played a role here in ensuring that the attachment process was not manually intensive.
  • The decision to deploy eight disks was influenced by a desire to harness the VM's maximum storage capacity. Managed disks, in this context, offer enhanced reliability for intensive workloads. Furthermore, the chosen storage replication strategy, though not spread across different geographical zones, is cost-effective.

7. Key Takeaways

  • Modularity: Different functionalities have been segmented into distinct blocks, enhancing debugging, scalability, and management capabilities.
  • Scalability: The design is versatile enough to be adapted across different environments, ensuring a uniform deployment strategy.
  • Best Practices: The methodology incorporated both Azure and Terraform best practices. This includes the use of managed disks, structured VNets, among others.
  • Balanced Approach: A significant part of the strategy was to intertwine comprehensive features with simplicity. This would facilitate rapid deployment while still showcasing proficiency.

8. Potential Enhancements

Potential upgrades to the current design include:
  • The integration of a logging and monitoring system, which would offer insights into VM performance and health.
  • A more stringent implementation of Network Security Group (NSG) rules, further bolstering the security framework.
  • A shift to geographically redundant storage strategies would improve data resilience and enhance availability.

9. Q&A

Several key questions addressed during the configuration phase include:
  • Choice of OS: Ubuntu 18.04 LTS was preferred due to its long-term support, assuring stability and prolonged assistance.
  • Naming Convention: Using specific prefixes in resource names adds a layer of flexibility and scalability, aiding in the easy grouping and identification of resources.
  • Choice of VM Size: The selected VM size aimed to strike the right balance between performance and cost.
  • Storage Options: The choice of “Standard_LRS” storage was influenced by cost-efficiency and regional replication benefits.
  • External Data Disk Choices: The choice of attaching eight external data disks was guided by the constraints of the VM size and the overarching aim to maximize storage potential. Future requirements might necessitate VM upscaling or exploring alternate storage solutions.