azure

Table of contents

1. Description - What the module does and why it is useful
2. Setup
   • Requirements
   • Get Azure credentials
   • Installing the Azure module
3. Usage - Configuration options and additional functionality
4. Reference - An under-the-hood peek at what the module is doing and how
   • Types
   • Parameters
5. Known issues
6. Limitations - OS compatibility, etc.
7. Development - reporting issues and getting support

Description

Microsoft Azure exposes a powerful API for creating and managing its Infrastructure as a Service platform. The azure module allows you to drive that API using Puppet code. This allows you to use Puppet to create, stop, restart, and destroy Virtual Machines, and eventually to manage other resources, meaning you can manage even more of your infrastructure as code.

Setup

Requirements

• Ruby Gems as follows (see Installing the Azure module, below).
  • azure 0.7.x
  • azure_mgmt_storage 0.14.x
  • azure_mgmt_compute 0.14.x
  • azure_mgmt_resources 0.14.x
  • azure_mgmt_network 0.14.x
  • hocon 1.1.x
• Azure credentials (as detailed below).

Get Azure credentials

To use this module, you need an Azure account. If you already have one, you can skip this section.

First, sign up for an Azure account.

Install the Azure CLI 1.0, which is a cross-platform node.js-based tool that works on Windows and Linux. This is required to generate a certificate for the Puppet module, but it's also a useful way of interacting with Azure. Currently these instructions have not been updated for the CLI 2.0 tool ('az' commands) but this module uses the API.

Register the CLI with your Azure account.

On the command line, enter:

azure account download
azure account import <path to your .publishsettings file>

After you've created the account, export the PEM certificate file using the following command:

azure account cert export

Next, get a subscription ID using the azure account list command:

$ azure account list
info:    Executing command account list
data:    Name                    Id                                     Tenant Id  Current
data:    ----------------------  -------------------------------------  ---------  -------
data:    Pay-As-You-Go           xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxxx  undefined  true
info:    account list command OK

To use the Resource Manager API instead, you need a service principal on the Active Directory. A quick way to create one for Puppet is pendrica/azure-credentials. Its puppet mode can create the azure.conf (see below) for you. Alternatively, the official documentation covers creating this and retrieving the required credentials.

Installing the Azure module

Install the required gems with this command on puppet-agent 1.2 (included in Puppet Enterprise 2015.2.0) or later:

/opt/puppetlabs/puppet/bin/gem install retries --no-ri --no-rdoc
/opt/puppetlabs/puppet/bin/gem install azure --version='~>0.7.0' --no-ri --no-rdoc
/opt/puppetlabs/puppet/bin/gem install azure_mgmt_compute --version='~>0.14.0' --no-ri --no-rdoc
/opt/puppetlabs/puppet/bin/gem install azure_mgmt_storage --version='~>0.14.0' --no-ri --no-rdoc
/opt/puppetlabs/puppet/bin/gem install azure_mgmt_resources --version='~>0.14.0' --no-ri --no-rdoc
/opt/puppetlabs/puppet/bin/gem install azure_mgmt_network --version='~>0.14.0' --no-ri --no-rdoc
/opt/puppetlabs/puppet/bin/gem install hocon --version='~>1.1.2' --no-ri --no-rdoc

When installing on Windows, launch Start Command Prompt with Puppet and enter:

gem install retries --no-ri --no-rdoc
gem install azure --version="~>0.7.0" --no-ri --no-rdoc
gem install azure_mgmt_compute --version="~>0.14.0" --no-ri --no-rdoc
gem install azure_mgmt_storage --version="~>0.14.0" --no-ri --no-rdoc
gem install azure_mgmt_resources --version="~>0.14.0" --no-ri --no-rdoc
gem install azure_mgmt_network --version="~>0.14.0" --no-ri --no-rdoc
gem install hocon --version="~>1.1.2" --no-ri --no-rdoc

On versions of puppet agent older than 1.2 (Puppet Enterprise 2015.2.0), use the older path to the gem binary:

/opt/puppet/bin/gem install retries --no-ri --no-rdoc
/opt/puppet/bin/gem install azure --version='~>0.7.0' --no-ri --no-rdoc
/opt/puppet/bin/gem install azure_mgmt_compute --version='~>0.14.0' --no-ri --no-rdoc
/opt/puppet/bin/gem install azure_mgmt_storage --version='~>0.14.0' --no-ri --no-rdoc
/opt/puppet/bin/gem install azure_mgmt_resources --version='~>0.14.0' --no-ri --no-rdoc
/opt/puppet/bin/gem install azure_mgmt_network --version='~>0.14.0' --no-ri --no-rdoc
/opt/puppet/bin/gem install hocon --version='~>1.1.2' --no-ri --no-rdoc

Note: You must pin Azure gem installs to the correct version detailed in the example above for the azure module to work properly. The example above pins the hocon gem version to prevent possible incompatibilities.

Set the following environment variables specific to your Azure installation.

If using the classic API, provide this information:

export AZURE_MANAGEMENT_CERTIFICATE='/path/to/pem/file'
export AZURE_SUBSCRIPTION_ID='your-subscription-id'

At a Windows command prompt, specify the information without quotes around any of the values:

SET AZURE_MANAGEMENT_CERTIFICATE=C:\Path\To\file.pem
SET AZURE_SUBSCRIPTION_ID=your-subscription-id

If using the Resource Management API, provide this information:

export AZURE_SUBSCRIPTION_ID='your-subscription-id'
export AZURE_TENANT_ID='your-tenant-id'
export AZURE_CLIENT_ID='your-client-id'
export AZURE_CLIENT_SECRET='your-client-secret'

At a Windows command prompt, specify the information without quotes around any of the values:

SET AZURE_SUBSCRIPTION_ID=your-subscription-id
SET AZURE_TENANT_ID=your-tenant-id
SET AZURE_CLIENT_ID=your-client-id
SET AZURE_CLIENT_SECRET=your-client-secret

If you are working with both Resource Manager and classic virtual machines, provide all of the above credentials.

Alternatively, you can provide the information in a configuration file of HOCON format. Store this as azure.conf in the relevant confdir:

• *nix Systems: /etc/puppetlabs/puppet
• Windows: C:\ProgramData\PuppetLabs\puppet\etc
• Non-root users: ~/.puppetlabs/etc/puppet

The file format is:

azure: {
  subscription_id: "your-subscription-id"
  management_certificate: "/path/to/pem/file"
}

When creating this file on Windows, note that as a JSON-based config file format, paths must be properly escaped:

azure: {
  subscription_id: "your-subscription-id"
  management_certificate: "C:\\path\\to\\file.pem"
}

Note: Make sure to have at least hocon 1.1.2 installed on windows. With older versions, you have to make sure to make sure that the azure.conf is encoded as UTF-8 without a byte order mark (BOM). See HC-82, and HC-83 for technical details. Starting with hocon 1.1.2, UTF-8 with or without BOM works.

Or, with the Resource Management API:

azure: {
  subscription_id: "your-subscription-id"
  tenant_id: "your-tenant-id"
  client_id: "your-client-id"
  client_secret: "your-client-secret"
}

You can use either the environment variables or the config file. If both are present, the environment variables are used. You cannot have some settings in environment variables and others in the config file.

Next, Install the module with:

puppet module install puppetlabs-azure

Usage

Create Azure VMs

Azure has two modes for deployment: Classic and Resource Manager. For more information, see Azure Resource Manager vs. classic deployment: Understand deployment models and the state of your resources. The module supports creating VMs in both deployment modes.

Classic

You can create Azure classic virtual machines using the following:

azure_vm_classic { 'virtual-machine-name':
  ensure           => present,
  image            => 'b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04_2-LTS-amd64-server-20150706-en-us-30GB',
  location         => 'West US',
  user             => 'username',
  size             => 'Medium',
  private_key_file => '/path/to/private/key',
}

Resource Manager

You can create Azure Resource Manager virtual machines using the following:

azure_vm { 'sample':
  ensure         => present,
  location       => 'eastus',
  image          => 'canonical:ubuntuserver:14.04.2-LTS:latest',
  user           => 'azureuser',
  password       => 'Password_!',
  size           => 'Standard_A0',
  resource_group => 'testresacc01',
}

You can also add a virtual machine extension to the VM and deploy from a Marketplace product instead of an image:

azure_vm { 'sample':
  ensure         => present,
  location       => 'eastus',
  user           => 'azureuser',
  password       => 'Password_!',
  size           => 'Standard_A0',
  resource_group => 'testresacc01',
  plan           => {
    'name'      => '2016-1',
    'product'   => 'puppet-enterprise',
    'publisher' => 'puppet',
  },
  extensions     => {
    'CustomScriptForLinux' => {
       'auto_upgrade_minor_version' => false,
       'publisher'                  => 'Microsoft.OSTCExtensions',
       'type'                       => 'CustomScriptForLinux',
       'type_handler_version'       => '1.4',
       'settings'                   => {
         'commandToExecute' => 'sh script.sh',
         'fileUris'         => ['https://myAzureStorageAccount.blob.core.windows.net/pathToScript']
       },
     },
  },
}

This type also has many other properties you can manage:

azure_vm { 'sample':
  location                      => 'eastus',
  image                         => 'canonical:ubuntuserver:14.04.2-LTS:latest',
  user                          => 'azureuser',
  password                      => 'Password',
  size                          => 'Standard_A0',
  resource_group                => 'testresacc01',
  storage_account               => 'teststoracc01',
  storage_account_type          => 'Standard_GRS',
  os_disk_name                  => 'osdisk01',
  os_disk_caching               => 'ReadWrite',
  os_disk_create_option         => 'fromImage',
  os_disk_vhd_container_name    => 'conttest1',
  os_disk_vhd_name              => 'vhdtest1',
  dns_domain_name               => 'mydomain01',
  dns_servers                   => '10.1.1.1.1 10.1.2.4',
  public_ip_allocation_method   => 'Dynamic',
  public_ip_address_name        => 'ip_name_test01pubip',
  virtual_network_name          => 'vnettest01',
  virtual_network_address_space => '10.0.0.0/16',
  subnet_name                   => 'subnet111',
  subnet_address_prefix         => '10.0.2.0/24',
  ip_configuration_name         => 'ip_config_test01',
  private_ip_allocation_method  => 'Dynamic',
  network_interface_name        => 'nicspec01',
  network_security_group_name   => 'My-Network-Security-Group',
  tags                          => { 'department' => 'devops', 'foo' => 'bar' },
  extensions                    => {
    'CustomScriptForLinux' => {
       'auto_upgrade_minor_version' => false,
       'publisher'                  => 'Microsoft.OSTCExtensions',
       'type'                       => 'CustomScriptForLinux',
       'type_handler_version'       => '1.4',
       'settings'                   => {
         'commandToExecute' => 'sh script.sh',
         'fileUris'         => ['https://myAzureStorageAccount.blob.core.windows.net/pathToScript']
       },
     },
  },
}

Premium Storage

Azure supports premium SSD backed VMs for enhanced performance of production class environments. SSD storage can be selected at the time of VM creation like this (Premium_LRS is the Azure API's internal representation):

azure_vm { 'ssd-example':
  ensure               => present,
  location             => 'centralus',
  image                => 'Canonical:UbuntuServer:16.10:latest',
  user                 => 'azureuser',
  password             => 'Password_!',
  size                 => 'Standard_DS1_v2',
  resource_group       => 'puppetvms',
  storage_account_type => 'Premium_LRS',
}

To successfully enable Premium_LRS, you must select a premium-capable VM size such as Standard_DS1_v2. Regular HDD backed VMs can be created by using Standard_LRS.

Boot/guest diagnostics

The Azure portal provides switches to enable boot_diagnostics and guest diagnostics. Both switches require access to a storage account to dump the diagnostic data.

The switch behaves differently depending what is activated:

• Boot diagnostics - Configures the VM diagnosticsProfile setting to write out boot diagnostics . If required, manually enable using the portal. Since boot diagnostics only apply at boot time, their most useful for interactive debugging when a VM is having a problems booting. If required, boot diagnostics can be enabled through the Azure portal.
• Guest diagnostics - Configures an extension to capture live diagnostic output. This needs to be different depending on the selected guest OS and is enabled by supplying the appropriate data to the extensions parameter.

Managed Disks

Azure's managed disks feature removes the requirement to associate a storage account with each Azure VM. To use managed disks with azure_vm, set the managed_disks parameter to true:

azure_vm { 'managed-disks-example':
  ensure        => present,
  location      => 'centralus',
  image         => 'Canonical:UbuntuServer:16.10:latest',
  user          => 'azureuser',
  password      => 'Password_!',
  managed_disks => true,
}

When using managed disks it's not possible to set vhd options, the managed disks feature takes care of these for you.

Connecting to networks

You can create Azure Resource Manager virtual networks using the following:

azure_virtual_network { 'vnettest01':
  ensure           => present,
  location         => 'eastus',
  address_prefixes => ['10.0.0.0/16'], # Array of IP address prefixes for the VNet
  dns_servers      => [],              # Array of DNS server IP addresses
}

Specify the network objects to avoid creating your VM in a miniture DMZ where it can't reach other networks. To attach a VM to a virtual network, specify the virtual_network_name, subnet_name and network_security_group_name parameters. These all allow slashes to lookup the requested object in other resource groups. Note that subnet_name must also specify the virtual network if using this feature:

azure_vm { 'web01':
  ensure                      => present,
  location                    => 'centralus',
  image                       => 'canonical:ubuntuserver:14.04.2-LTS:latest',
  user                        => 'azureuser',
  password                    => 'Password_!',
  size                        => 'Standard_A0',
  resource_group              => 'webservers-rg',
  virtual_network_name        => 'hq-rg/delivery-vn',
  subnet_name                 => "hq-rg/delivery-vn/web-sn",
  network_security_group_name => "hq-rg/delivery-nsg",
}

If virtual network parameters specified in the azure_vm do not exist, they will be created in the same resource group as the VM. This works for basic environments where everything you want to talk to on non-public addresses is within the same resource group. You can avoid this automatic creation by not specifying virtual_network_address_space

azure_vm { 'web01':
  ensure                        => present,
  location                      => 'centralus',
  resource_group                => 'webservers-rg',
  virtual_network_name          => 'vnettest01',
  virtual_network_address_space => '10.0.0.0/16',
  ...
}

List and manage VMs

This module supports listing and managing machines via puppet resource.

For example:

puppet resource azure_vm_classic

This outputs some information about the machines in your account:

azure_vm_classic { 'virtual-machine-name':
  ensure        => 'present',
  cloud_service => 'cloud-service-uptjy',
  deployment    => 'cloud-service-uptjy',
  hostname      => 'garethr',
  image         => 'b39f27a8b8c64d52b05eac6a62ebad85__Ubuntu-14_04_2-LTS-amd64-server-20150706-en-us-30GB',
  ipaddress     => 'xxx.xx.xxx.xx',
  location      => 'West US',
  media_link    => 'http://xxx.blob.core.windows.net/vhds/disk_2015_08_28_07_49_34_868.vhd',
  os_type       => 'Linux',
  size          => 'Medium',
}

Use the same command for Azure Resource Manager:

puppet resource azure_vm

This lists Azure Resource Manager VMs:

azure_vm { 'sample':
  location       => 'eastus',
  image          => 'canonical:ubuntuserver:14.04.2-LTS:latest',
  user           => 'azureuser',
  password       => 'Password',
  size           => 'Standard_A0',
  resource_group => 'testresacc01',
}

Create Azure storage accounts

You can create a storage account using the following:

azure_storage_account { 'myStorageAccount':
  ensure         => present,
  resource_group => 'testresacc01',
  location       => 'eastus',
  account_type   => 'Standard_GRS',
}

Note: Storage accounts are created with the Azure Resource Manager API only.

Create Azure resource groups

You can create a resource group using the following:

azure_resource_group { 'testresacc01':
  ensure   => present,
  location => 'eastus',
}

Note: Resource groups are created with Azure Resource Manager API only.

Create Azure template deployment

You can create a resource template deployment using the following:

azure_resource_template { 'My-Network-Security-Group':
  ensure         => 'present',
  resource_group => 'security-testing',
  source         => 'https://gallery.azure.com/artifact/20151001/Microsoft.NetworkSecurityGroup.1.0.0/DeploymentTemplates/NetworkSecurityGroup.json',
  params         => {
    'location'                 => 'eastasia',
    'networkSecurityGroupName' => 'testing',
  },
}

Note: Resource templates are deployed with Azure Resource Manager API only.

Reference

Types

• azure_vm_classic: Manages a virtual machine in Microsoft Azure with Classic Service Management API.
• azure_vm: Manages a virtual machine in Microsoft Azure with Azure Resource Manager API.
• azure_storage_account: Manages a Storage Account with Azure Resource Manager API.
• azure_resource_group: Manages a Resource Group with Azure Resource Manager API.
• azure_resource_template: Manages a Resource Template with Azure Resource Manager API.

Parameters

Parameters are optional unless specified Required.

Type: azure_vm_classic

ensure

Specifies the basic state of the virtual machine.

Values: 'present', 'running', stopped', 'absent'.

Values have the following effects:

• 'present': Ensure that the VM exists in either the running or stopped state. If the VM doesn't yet exist, a new one is created.
• 'running': Ensures that the VM is up and running. If the VM doesn't yet exist, a new one is created.
• 'stopped': Ensures that the VM is created, but is not running. This can be used to shut down running VMs, as well as for creating VMs without having them running immediately.
• 'absent': Ensures that the VM doesn't exist on Azure.

Default: 'present'.

name

Required.

The name of the virtual machine.

image

Name of the image to use to create the virtual machine. This can be either a VM Image or an OS Image. When specifying a VM Image, user, password, and private_key_file are not used.

location

Required.

The location where the virtual machine is created. Details of available values can be found on the Azure regions documentation. Location is read-only after the VM has been created.

user

Required for Linux guests.

The name of the user to be created on the virtual machine.

password

The password for the above mentioned user on the virtual machine.

private_key_file

Path to the private key file for accessing a Linux guest as the above user.

storage_account

The name of the storage account to create for the virtual machine. If the source image is a 'user' image, the storage account for the user image is used instead of the one provided here.

Values: A string between 3-24 characters, containing only numeric and/or lower case letters.

cloud_service

The name of the associated cloud service.

deployment

The name for the deployment.

size

The size of the virtual machine instance.

Values: See the Azure documentation for a full list of sizes.

affinity_group

The affinity group to be used for any created cloud service and storage accounts. Use affinity groups to influence colocation of compute and storage for improved performance.

virtual_network

An existing virtual network to which the virtual machine should be connected.

subnet

An existing subnet in the specified virtual network to which the virtual machine should be associated.

availability_set

The availability set for the virtual machine. These are used to ensure related machines are not all restarted or paused during routine maintenance.

reserved_ip

The name of the reserved IP to associate with the virtual machine.

data_disk_size_gb

The size of the data disk for this virtual machine, specified in gigabytes. Over the life cycle of a disk, this size can only grow. If this value is not set, Puppet does not touch the data disks for this virtual machine.

purge_disk_on_delete

Whether or not the attached data disk should be deleted when the VM is deleted.

Values: Boolean.

Default: false.

custom_data

A block of data to be affiliated with a host upon launch. On Linux hosts, this can be a script to be executed on launch by cloud-init. On such Linux hosts, this can either be a single-line command (for example touch /tmp/some-file) which runs under bash, or a multi-line file (for instance from a template) which can be any format supported by cloud-init.

Windows images (and Linux images without cloud-init) need to provide their own mechanism to execute or act on the provided data.

endpoints

A list of endpoints to associate with the virtual machine. Supply an array of hashes describing the endpoints. Available keys are:

• name: Required. The name of this endpoint.
• public_port: Required. The public port to access this endpoint.
• local_port: Required. The internal port on which the virtual machine is listening.
• protocol: Required. TCP or UDP.
• direct_server_return: enable direct server return on the endpoint.
• load_balancer_name: If the endpoint should be added to a load balancer set, specify a name here. If the set does not exist yet, it is created automatically.
• load_balancer: A hash of the properties to add this endpoint to a load balancer configuration.
  • port: Required. The internal port on which the virtual machine is listening.
  • protocol: Required. The protocol to use for the availability probe.
  • interval: The interval for the availability probe in seconds.
  • path: a relative path used by the availability probe.

The most often used endpoints are SSH for Linux and WinRM for Windows. Usually they are configured for direct pass-through like this:

endpoints => [{
    name        => 'ssh',
    local_port  => 22,
    public_port => 22,
    protocol    => 'TCP',
  },]

or

endpoints => [{
    name        => 'WinRm-HTTP',
    local_port  => 5985,
    public_port => 5985,
    protocol    => 'TCP',
  },{
    name        => 'PowerShell',
    local_port  => 5986,
    public_port => 5986,
    protocol    => 'TCP',
  },]

Note: To manually configure one of the ssh, WinRm-HTTP, or PowerShell endpoints, use those endpoint names verbatim. This is required to override Azure's defaults without creating a resource conflict.

os_type

Read Only.

The operating system type for the virtual machine.

ipaddress

Read Only.

The IP address assigned to the virtual machine.

hostname

Read Only.

The hostname of the running virtual machine.

media_link

Read Only.

The link to the underlying disk image for the virtual machine.

Type: azure_vnet

ensure

Specifies the basic state of the virtual network.

Values: 'present', 'running', stopped', 'absent'.

Values have the following effects:

• 'present': Ensure that the virtual network exists in Azure. If the virtual network doesn't yet exist, a new one is created.
• 'absent': Ensures that the virtual network doesn't exist on Azure

Default: 'present'.

name

Required.

The name of the virtual network. The name can have 64 characters at most.

location

Required.

Location to create the virtual network. Location is read-only after the vnet has been created.

Values: See Azure regions documentation.

resource_group

Required.

The resource group for the new virtual network.

Values: See Resource Groups.

dns_servers

An array of DNS servers to be given to vms in the virtual network

Default: [] # None

address_prefixes

Details of the prefix are available at Virtual Network setup.

Default: ['10.0.0.0/16']

Type: azure_network_security_group

ensure

Specifies the basic state of the virtual machine.

Values: 'present', 'absent'.

Values have the following effects:

• 'present': Ensure that the network security group exists in Azure. If it doesn't yet exist, a new one is created.
• 'absent': Ensures that the network security group doesn't exist on Azure

Default: 'present'.

name

Required.

The name of the network security group. The name can have 64 characters at most.

location

Required.

Location to create the virtual network. Location is read-only after the vnet has been created.

Values: See Azure regions documentation.

resource_group

Required.

The resource group for the new virtual network.

Values: See Resource Groups.

tags

A hash of tags to label with.

Example:

tags => {'department' => 'devops', 'foo' => 'bar'}

Type: azure_vm

ensure

Specifies the basic state of the virtual machine.

Values: 'present', 'running', stopped', 'absent'.

Values have the following effects:

• 'present': Ensure that the VM exists in either the running or stopped state. If the VM doesn't yet exist, a new one is created.
• 'running': Ensures that the VM is up and running. If the VM doesn't yet exist, a new one is created.
• 'stopped': Ensures that the VM is created, but is not running. This can be used to shut down running VMs, as well as for creating VMs without having them running immediately.
• 'absent': Ensures that the VM doesn't exist on Azure.

Default: 'present'.

name

Required.

The name of the virtual machine. The name can have 64 characters at most. Some images may have more restrictive requirements.

image

Name of the image to use to create the virtual machine. Required if no Marketplace plan is provided.

Values: Must be in the ARM image_reference format. See the Azure image reference.

canonical:ubuntuserver:14.04.2-LTS:latest

location

Required.

Location to create the virtual machine. Location is read-only after the VM has been created.

Values: See Azure regions documentation.

user

Required for Linux guests.

The name of the user to be created on the virtual machine.

password

Required.

The password for the user on the virtual machine.

size

Required.

The size of the virtual machine instance. ARM requires that the "classic" size be prefixed with Standard; for example, A0 with ARM is Standard_A0. D-Series sizes are already prefixed.

Values: See the Azure documentation for a full list of sizes.

resource_group

Required.

The resource group for the new virtual machine.

Values: See Resource Groups.

storage_account

The storage account name for the subscription id.

Storage account name rules are defined in Storage accounts.

storage_account_type

The type of storage account to be associated with the virtual machine.

See Valid account types. Default: Standard_GRS.

os_disk_name

The name of the disk that is to be attached to the virtual machine.

os_disk_caching

The caching type for the attached disk.

See Caching.

Default: ReadWrite.

os_disk_create_option

Create options are listed at Options.

Default: FromImage.

os_disk_vhd_container_name

The vhd container name is used to create the vhd uri of the virtual machine.

This transposes with storage_account and the os_disk_vhd_name to become the URI of your virtual hard disk image.

https://#{storage_account}.blob.core.windows.net/#{os_disk_vhd_container_name}/#{os_disk_vhd_name}.vhd

os_disk_vhd_name

The name of the vhd that forms the vhd URI for the virtual machine.

dns_domain_name

The DNS domain name that to be associated with the virtual machine.

dns_servers

The DNS servers to be setup on the virtual machine.

Default: '10.1.1.1 10.1.2.4'

public_ip_allocation_method

The public IP allocation method.

Values: 'Static', 'Dynamic', 'None'.

Default: 'Dynamic'.

public_ip_address_name

The key name of the public IP address.

virtual_network_name

The key name of the virtual network for the virtual machine.

See Virtual Network setup

virtual_network_address_space

The ip range for the private virtual network.

May be a string or array of strings. See Virtual Network setup.

Default: '10.0.0.0/16'.

subnet_name

The private subnet name for the virtual network. See Virtual Network setup.

subnet_address_prefix

Details of the prefix are available at Virtual Network setup.

Default: '10.0.2.0/24'

ip_configuration_name

The key name of the IP configuration for the VM.

private_ip_allocation_method

The private ip allocation method.

Values: 'Static', 'Dynamic'.

Default: 'Dynamic'

network_interface_name

The Network Interface Controller (nic) name for the virtual machine.

custom_data

A block of data to be affiliated with a host upon launch. On Linux hosts, this can be a script to be executed on launch by cloud-init. On such Linux hosts, this can either be a single-line command (for example touch /tmp/some-file), which is run under bash, or a multi-line file (for instance from a template), which can be any format supported by cloud-init.

Windows images (and Linux images without cloud-init) need to provide their own mechanism to execute or act on the provided data.

data_disks

Manages one or more data disks attached to an Azure VM. This parameter expects a hash where the key is the name of the data disk and the value is a hash of data disk properties.

Azure VM data_disks support the following parameters:

caching

Specifies the caching behavior of data disk.

Values:

• 'None'
• 'ReadOnly'
• 'ReadWrite'

The default value is 'None'.

create_option

Specifies the create option for the disk image.

Values: 'FromImage', 'Empty', 'Attach'.

data_size_gb

Specifies the size, in GB, of an empty disk to be attached to the Virtual Machine.

lun

Specifies the Logical Unit Number (LUN) for the disk. The LUN specifies the slot in which the data drive appears when mounted for usage by the Virtual Machine.

Values: Valid LUN values, 0 through 31.

vhd

Specifies the location of the blob in storage where the vhd file for the disk is located. The storage account where the vhd is located must be associated with the specified subscription.

Example:

http://example.blob.core.windows.net/disks/mydisk.vhd

plan

Deploys the VM from an Azure Software Marketplace product (called a "plan"). Required if no image is specified.

Value must be a hash with three required keys: name, product, and publisher. promotion_code is an optional fourth key.

Example:

plan => {
  'name'      => '2016-1',
  'product'   => 'puppet-enterprise',
  'publisher' => 'puppet',
},

tags

A hash of tags to label with.

Example:

tags => {'department' => 'devops', 'foo' => 'bar'}

extensions

The extension to configure on the VM. Azure VM Extensions implement behaviors or features that either help other programs work on Azure VMs. You can optionally configure this parameter to include an extension.

This parameter can be either a single hash (single extension) or multiple hashes (multiple extensions). Setting the extension parameter to 'absent' deletes the extension from the VM.

Example:

extensions     => {
  'CustomScriptForLinux' => {
     'auto_upgrade_minor_version' => false,
     'publisher'                  => 'Microsoft.OSTCExtensions',
     'type'                       => 'CustomScriptForLinux',
     'type_handler_version'       => '1.4',
     'settings'                   => {
       'commandToExecute' => 'sh script.sh',
       'fileUris'         => ['https://myAzureStorageAccount.blob.core.windows.net/pathToScript']
     },
   },
},

To install the Puppet agent as an extension on a Windows VM:

extensions     => {
  'PuppetExtension' => {
     'auto_upgrade_minor_version' => true,
     'publisher'                  => 'Puppet',
     'type'                       => 'PuppetAgent',
     'type_handler_version'       => '1.5',
     'protected_settings'                   => {
       'PUPPET_MASTER_SERVER': 'mypuppetmaster.com'
     },
   },
},

For more information on VM Extensions, see About virtual machine extensions and features. For information on how to configure a particular extension, see Azure Windows VM Extension Configuration Samples.

Azure VM Extensions support the following parameters:

publisher

The name of the publisher of the extension.

type

The type of the extension (for example, CustomScriptExtension).

type_handler_version

The version of the extension to use.

settings

The settings specific to an extension (for example, CommandsToExecute).

protected_settings

The settings specific to an extension that are encrypted before passing to the VM.

auto_upgrade_minor_version

Indicates whether extension should automatically upgrade to latest minor version.

Type: azure_storage_account

ensure

Specifies the basic state of the storage account.

Values: 'present', 'absent'.

Default: 'present'.

name

Required.

The name of the storage account. Must be globally unique.

location

Required

The location where the storage account is created. Location is read-only after the Storage Account has been created.

Values: See the Azure regions documentation.

resource_group

Required.

The resource group for the new storage account.

Values: See Resource Groups.

account_type

The type of storage account. This indicates the performance level and replication mechanism of the storage account.

Values: See Valid account types.

Defaults to 'Standard_GRS'.

account_kind

The kind of storage account.

Values: 'Storage' or 'BlobStorage'.

Default: 'Storage'.

tags

A hash of tags to label with.

Example:

tags => {'department' => 'devops', 'foo' => 'bar'}

Type: azure_resource_group

ensure

Specifies the basic state of the resource group.

Values: 'present', 'absent'.

Default: 'present'.

name

Required.

The name of the resource group.

Values: A string no longer than 80 characters long, containing only alphanumeric characters, dash, underscore, opening parenthesis, closing parenthesis, and period. The name cannot end with a period.

location

Required.

The location where the resource group is created.

Values: See Azure regions documentation.

tags

A hash of tags to label with.

Example:

tags => {'department' => 'devops', 'foo' => 'bar'}

Type: azure_resource_template

ensure

Specifies the basic state of the resource group.

Values: 'present' and 'absent'. Defaults to 'present'.

name

Required.

The name of the template deployment.

Values: A string no longer than 80 characters long, containing only alphanumeric characters, dash, underscore, opening parenthesis, closing parenthesis, and period. The name cannot end with a period.

resource_group

Required.

The resource group for the new template deployment.

Values: See Resource Groups..

source

The URI of a template. May be http:// or https://.

Must not be specified when content is specified.

content

The text of an Azure Resource Template.

Must not be specified when source is specified.

params

The params that are required by the Azure Resource Template. Follows the form of { 'key_one' => 'value_one', 'key_two' => 'value_two'}.

This format is specific to Puppet. Must not be specified when params_source is specified.

params_source

The URI of a file containing the params in Azure Resource Model standard format.

The format of this file differs from the format accepted by the params attribute. Must not be specified when params is specified.

Type: azure_vnet

ensure

Specifies the basic state of the virtual network.

Values: present, absent.

Default: present.

name

Required.

The name of the vnet.

Values: A string no longer than 80 characters long, containing only alphanumeric characters, dash, underscore, opening parenthesis, closing parenthesis, and period. The name cannot end with a period.

location

Required.

The location where the vnet is created.

Values: See Azure regions documentation.

resource_group

Required.

The resource group with which to associate the vnet.

Values: See Resource Groups..

tags

A hash of tags to label with.

Example:

tags => {'department' => 'devops', 'foo' => 'bar'}

Type: azure_subnet

ensure

Specifies the basic state of the subnet.

Values: present, absent.

Default: present.

name

Required.

The name of the subnet.

Values: A string no longer than 80 characters long, containing only alphanumeric characters, dash, underscore, opening parenthesis, closing parenthesis, and period. The name cannot end with a period.

location

Required.

The location where the subnet is created.

Values: See Azure regions documentation.

resource_group

Required.

The resource group with which to associate the subnet.

Values: See Resource Groups..

virtual_network

Required.

The virtual network with which to associate the subnet.

tags

A hash of tags to label with.

Example:

tags => {'department' => 'devops', 'foo' => 'bar'}

Known issues

For the azure module to work, all azure gems must be installed successfully. There is a known issue where these gems fail to install if nokogiri failed to install.

Limitations

Because of a Ruby Azure SDK dependency on the nokogiri gem, running the module on a Windows Agent is supported only with puppet-agent 1.3.0 (a part of Puppet Enterprise 2015.3) and newer. In these versions, the correct version of nokogiri is installed when you run the gem install azure command mentioned in Installing the Azure module.

Development

If you have an issue with this module or would like to request a feature, file a ticket.

If you have problems with this module, contact Support.

Supported Version 1.3.1

Added

• Japanese translations updated to reflect the 1.3.0 README.md.

Supported Version 1.3.0

Added

• New Puppet Types and Providers for subnet, vnet and network_security_group.
• Support for the Microsoft ARM 0.14 API
• Support for SKU in Storage Accounts.
• Types for access_tier and https_traffic_only in Storage Accounts.
• Overhaul of acceptance testing to run locally on the host.

Fixed

• Acceptance tests now can run locally on your host. (bundle exec rake fast) This should complete in ~ 24 mins and verify the basic stack on ARM. To commit PR's please continue to run (bundle exec rake acceptance).

Supported Version 1.2.1

Added

• This release adds internationalization for the README.md.
• The first supported language is Japanese.

Supported Version 1.2.0

Added

• Support for Azure's managed disks feature removes the requirement to associate a storage account with each Azure VM, removing one of the fundamental limitations of the platform.
• Premium SSD backed VMs for enhanced performance of production class environments are now supported and documented.
• The network security group can now be specified when creating a VM.
• Cross networking support. By default, all network objects created while provisioning a azure_vm will be created in the resource group you created the VM in. This works fine in basic environments where everything you want to talk to on non-public addresses is within the same resource group but if you need to plug into a network in another resource group.
• Tagging is now supported for Puppet Types.

Fixed

• Redundant acceptance tests removed.

Supported Version 1.1.1

This release adds support for Puppet 4.9.4.

Added

• Puppet 4.9.4 Support

Fixed

• azure_resource_template The templateURL parameter when unused was being set to Nil and failing.
• ProviderArm parameter virtual_network_address_space now supports an array of addresses

Supported Version 1.1.0

Summary

This release adds several more useful resource types for managing Azure resource groups, storage accounts, and resource templates. It also expands the capabilities of the azure_vm type by adding support for managing extensions, data disks, custom data, and deploying from marketplace images.

Added

• azure_resource_group type for resource group management
• azure_storage_account type for storage account management
• azure_resource_template type for template management
• extensions parameter to azure_vm for extension configuration
• plan parameter to azure_vm for Azure Marketplace images
• data_disks parameter to azure_vm for data disk configuration
• custom_data parameter to azure_vm for custom data configuration

Fixed

• Updated to 1.1.2 version of hocon gem (includes windows fixes)
• No longer requires azure.conf classic credentials for only ARM or vice versa
• Better printing of error messages from azure's API
• Allow azure_vm::public_ip_allocation_method => 'None' to work

Supported Version 1.0.3

Summary

This release updates the module for the 0.3.0 version of the azure gems and fixes a bug for Azure::Core

Fixed

• Update to 0.3.0 version of azure_mgmt* gems
• Fix Azure::Core require
• Fix paging of REST when lots of VMs
• Fix puppet resource failing validation
• Fix docs mentioning incorrect quoting in azure.conf
• Fix bundlered listen gem failing on older rubies
• Fix lint warnings in examples/*.pp
• Add Debian 8 to metadata
• Fix domain to be spec-specific

Supported Version 1.0.2

This release includes:

• (CLOUD-488) Windows agent support for the Azure module testing.
• Several test improvements and fixes.
• Fixes validation for name length.
• Updates module for Hocon 1.0.0 compatibility.
• Improves error reporting.
• Adds apt-get update before install for custom_data param.

2015-12-08 - Supported Version 1.0.1

This release includes:

• Updates to the metadata to identify supported Windows platforms
• Improvements to the documentation around Windows support
• Fixes to URLs pointing at the previous Git repository

2015-12-08 - Supported Release 1.0.0

The first public release of the Azure module provides support for managing VMs in both the Service Management (Classic) and new Resource Management APIs in Azure.