create azure vm from image using terraform

Question

I have taken reference of github code.Please find below URL

https://github.com/terraform-providers/terraform-provider-azurerm/tree/master/examples/vm-from-managed-image

I modified the scripts and executed terraform init. I received below error.

Error reading config for azurerm_network_interface[main]: parse error at 1:18: expected ")" but found "."[0m

My Script :

    # Configure the Microsoft Azure Provider
provider "azurerm" {
    subscription_id = "xxxxxxxx"
    client_id       = "xxxxxxxx"
    client_secret   = "xxxxxxxx"
    tenant_id       = "xxxxxxxx"
}

# Locate the existing custom/golden image
data "azurerm_image" "search" {
  name                = "AZLXSPTDEVOPS01_Image"
  resource_group_name = "RG-PLATFORM"
}

output "image_id" {
  value = "/subscriptions/4f5c9f2a-3584-4bbd-a26e-bbf69ffbfbe6/resourceGroups/RG-EASTUS-SPT-PLATFORM/providers/Microsoft.Compute/images/AZLXSPTDEVOPS01_Image"
}

# Create a Resource Group for the new Virtual Machine.
resource "azurerm_resource_group" "main" {
  name     = "RG-TEST"
  location = "eastus"
}

# Create a Virtual Network within the Resource Group
resource "azurerm_virtual_network" "main" {
  name                = "RG-Vnet"
  address_space       = ["10.100.0.0/16"]
  resource_group_name = "${azurerm_resource_group.main.name}"
  location            = "${azurerm_resource_group.main.location}"
}

# Create a Subnet within the Virtual Network
resource "azurerm_subnet" "internal" {
  name                 = "RG-Terraform-snet-in"
  virtual_network_name = "${azurerm_virtual_network.main.name}"
  resource_group_name  = "${azurerm_resource_group.main.name}"
  address_prefix       = "10.100.2.0/24"
}

# Create a Network Security Group with some rules
resource "azurerm_network_security_group" "main" {
  name                = "RG-QA-Test-Web-NSG"
  location            = "${azurerm_resource_group.main.location}"
  resource_group_name = "${azurerm_resource_group.main.name}"

  security_rule {
    name                       = "allow_SSH"
    description                = "Allow SSH access"
    priority                   = 100
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "22"
    source_address_prefix      = "*"
    destination_address_prefix = "*"
  }
}

# Create a network interface for VMs and attach the PIP and the NSG
resource "azurerm_network_interface" "main" {
  name                      = "myNIC"
  location                  = "${azurerm_resource_group.main.location}"
  resource_group_name       = "${azurerm_resource_group.main.name}"
  network_security_group_id = "${azurerm_network_security_group.main.id}"

  ip_configuration {
    name                          = "primary"
    subnet_id                     = "${azurerm_subnet.internal.id}"
    private_ip_address_allocation = "static"
    private_ip_address            = "${cidrhost("10.100.1.8/24", 4)}"
  }
}

# Create a new Virtual Machine based on the Golden Image
resource "azurerm_virtual_machine" "vm" {
  name                             = "AZLXSPTDEVOPS01"
  location                         = "${azurerm_resource_group.main.location}"
  resource_group_name              = "${azurerm_resource_group.main.name}"
  network_interface_ids            = ["${azurerm_network_interface.main.id}"]
  vm_size                          = "Standard_DS12_v2"
  delete_os_disk_on_termination    = true
  delete_data_disks_on_termination = true

  storage_image_reference {
    id = "${data.azurerm_image.search.id}"
  }

  storage_os_disk {
    name              = "AZLXSPTDEVOPS01-OS"
    caching           = "ReadWrite"
    create_option     = "FromImage"
    managed_disk_type = "Standard_LRS"
}

  os_profile {
    computer_name  = "APPVM"
    admin_username = "admin"
    admin_password = "admin#2019"
  }

  os_profile_linux_config {
    disable_password_authentication = false
  }
}

This looks like a simple typo to me. You need quotes around the IP range on `"${cidrhost(10.100.1.8/24, 4)}"`. So it should be `"${cidrhost("10.100.1.8/24", 4)}"` instead. — ydaetskcoR, Feb 20 '19 at 13:08
Thanks. But i am receiving two new errors. 1. azurerm_subnet.internal: 1 error(s) occurred: * azurerm_subnet.internal: Error Creating/Updating Subnet "RG" (Virtual Network "RG-Vnet" / Resource Group "RG"): network.SubnetsClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="NetcfgInvalidSubnet" Message="Subnet 'RG-out' is not valid in virtual network 'RG-Vnet'." Details=[] — MohanKanth, Feb 21 '19 at 08:03
2. azurerm_virtual_network.main: 1 error(s) occurred: * azurerm_virtual_network.main: Error Creating/Updating Virtual Network "RG-Vnet" (Resource Group "RG-TEST"): network.VirtualNetworksClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="InUseSubnetCannotBeDeleted" Message="Subnet RG-Terraform-snet-out is in use by /subscriptions/4f5c9f2a-3584-4bbd-a26e-bbf69ffbfbe6/resourceGroups/RG-OPT-QA-TEST/providers/Microsoft.Network/networkInterfaces/myNIC/ipConfigurations/myNicConfiguration and cannot be deleted." Details=[] — MohanKanth, Feb 21 '19 at 08:04
While my answer helps you solve the problem, why not accept it? — Charles Xu, Feb 27 '19 at 06:12
When i tried to create vm in new firewall i faced an error. azurerm_subnet.internal: Error Creating/Updating Subnet "VNET-PFSENSE-TEST/SNET-IN" (Virtual Network "VNET-PFSENSE-TEST" / Resource Group "RG-PF-TEST"): network.SubnetsClient#CreateOrUpdate: Failure sending request: StatusCode=404 -- Original Error: Code="Failed" Message="The async operation failed." AdditionalInfo=[{"Message":"No HTTP resource was found that matches the request URI — MohanKanth, Feb 27 '19 at 07:25
Well, you should publish a new question and provide more details, so that it's better to find where is the problem. — Charles Xu, Feb 28 '19 at 08:16
I will publish new question regarding delete specific resource for existing script — MohanKanth, Feb 28 '19 at 09:41
https://stackoverflow.com/questions/54922750/delete-specific-resource-i-e-vm-nic-nsg-using-terraform - Please answer this question — MohanKanth, Feb 28 '19 at 09:53

score 7 · Accepted Answer · answered Feb 22 '19 at 09:59

Below script is working fine

# Configure the Microsoft Azure Provider
provider "azurerm" {
    subscription_id = "xxxx"
    client_id       = "xxxx"
    client_secret   = "xxxx"
    tenant_id       = "xxxx"
}

# Locate the existing custom/golden image
data "azurerm_image" "search" {
  name                = "AZDEVOPS01_Image"
  resource_group_name = "RG-PLATFORM"
}

output "image_id" {
  value = "/subscriptions/xxxxxx/resourceGroups/RG-EASTUS-SPT-PLATFORM/providers/Microsoft.Compute/images/AZLXDEVOPS01_Image"
}

# Create a Resource Group for the new Virtual Machine.
resource "azurerm_resource_group" "main" {
  name     = "RG-OPT-QA-TEST"
  location = "eastus"
}

# Create a Subnet within the Virtual Network
resource "azurerm_subnet" "internal" {
  name                 = "RG-Terraform-snet-in"
  virtual_network_name = "RG-OPT-QA-Vnet"
  resource_group_name  = "${azurerm_resource_group.main.name}"
  address_prefix       = "10.100.2.0/24"
}

# Create a Network Security Group with some rules
resource "azurerm_network_security_group" "main" {
  name                = "RG-QA-Test-Dev-NSG"
  location            = "${azurerm_resource_group.main.location}"
  resource_group_name = "${azurerm_resource_group.main.name}"

  security_rule {
    name                       = "allow_SSH"
    description                = "Allow SSH access"
    priority                   = 100
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "22"
    source_address_prefix      = "*"
    destination_address_prefix = "*"
  }
}

# Create a network interface for VMs and attach the PIP and the NSG
resource "azurerm_network_interface" "main" {
  name                      = "NIC"
  location                  = "${azurerm_resource_group.main.location}"
  resource_group_name       = "${azurerm_resource_group.main.name}"
  network_security_group_id = "${azurerm_network_security_group.main.id}"

  ip_configuration {
    name                          = "nicconfig"
    subnet_id                     = "${azurerm_subnet.internal.id}"
    private_ip_address_allocation = "static"
    private_ip_address            = "${cidrhost("10.100.2.16/24", 4)}"
  }
}

# Create a new Virtual Machine based on the Golden Image
resource "azurerm_virtual_machine" "vm" {
  name                             = "AZLXDEVOPS01"
  location                         = "${azurerm_resource_group.main.location}"
  resource_group_name              = "${azurerm_resource_group.main.name}"
  network_interface_ids            = ["${azurerm_network_interface.main.id}"]
  vm_size                          = "Standard_DS12_v2"
  delete_os_disk_on_termination    = true
  delete_data_disks_on_termination = true

  storage_image_reference {
    id = "${data.azurerm_image.search.id}"
  }

  storage_os_disk {
    name              = "AZLXDEVOPS01-OS"
    caching           = "ReadWrite"
    create_option     = "FromImage"
    managed_disk_type = "Standard_LRS"
}

  os_profile {
    computer_name  = "APPVM"
    admin_username = "devopsadmin"
    admin_password = "Cssladmin#2019"
  }

  os_profile_linux_config {
    disable_password_authentication = false
  }
}

score 0 · Answer 2 · answered Feb 21 '19 at 08:44

0

Well, with the errors that in your comment, I think you should set the subnet like this:

resource "azurerm_subnet" "internal" {
  name                 = "RG-Terraform-snet-in"
  virtual_network_name = "${azurerm_virtual_network.main.name}"
  resource_group_name  = "${azurerm_resource_group.main.name}"
  address_prefix       = "10.100.1.0/24"
}

And the error with the virtual network, I do not see the virtual network with the name "RG-Vnet" in the code as the error said. So you should take a check if everything is all right in your code as you want.

To create an Azure VM from the image in Azure Marketplace, you can follow the tutorial Create a complete Linux virtual machine infrastructure in Azure with Terraform. You do not need to create an image resource in your Terraform code. Just set it like this in the resource azurerm_virtual_machine:

storage_os_disk {
        name              = "myOsDisk"
        caching           = "ReadWrite"
        create_option     = "FromImage"
        managed_disk_type = "Premium_LRS"
    }

Also, when you refer to other resources in the same code, you should do it like this:

virtual_network_name = "${azurerm_virtual_network.main.name}"

not just with the string name as "RG-Vnet", it's not the correct way.

answered Feb 21 '19 at 08:44

Charles Xu

29,862
2
22
39

Thank you for the response.Now one error is resolved. Still one more error i am receiving. – MohanKanth Feb 21 '19 at 09:42
@MohanKanth Any more questions? Or if it's helpful you can accept it as the answer. – Charles Xu Feb 21 '19 at 09:44
1 error(s) occurred: * azurerm_virtual_network.main: 1 error(s) occurred: * azurerm_virtual_network.main: Error Creating/Updating Virtual Network "RG-Vnet" (Resource Group "RG"): network.VirtualNetworksClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="InUseSubnetCannotBeDeleted" Message="Subnet RG-Terraform-snet-out is in use by /subscriptions/xxxxxxxx/resourceGroups/RG-OPT-QA-TEST/providers/Microsoft.Network/networkInterfaces/myNIC/ipConfigurations/myNicConfiguration and cannot be deleted." Details=[] – MohanKanth Feb 21 '19 at 09:44
@MohanKanth As I said in the answer, I cannot find the virtual network named RG-Vnet in your code. Do you show all the code? – Charles Xu Feb 21 '19 at 09:46
@MohanKanth Also, there is no problem with your virtual network that I can see your code if you change the setting of your subnet as I suggest. – Charles Xu Feb 21 '19 at 09:51
@MohanKanth A possible reason I think is that there another terraform file in the same directory. You should create a new directory just contains the terraform files in this creation, without others. – Charles Xu Feb 21 '19 at 09:57
Sorry i have updated my script in question. Could you please check once – MohanKanth Feb 21 '19 at 10:08
@MohanKanth The Terraform file seems OK. You can delete the resource group existing first. And then execute the Terraform. – Charles Xu Feb 21 '19 at 11:51
@MohanKanth That's great. If it's helpful you can accept it as the answer. – Charles Xu Feb 22 '19 at 07:36
I have one more doubt. So i have created vm then after deployment i need to delete the created vm and their resources(disk,nic).so i am able to delete the vm terraform init terraform apply -no-color -auto-approve terraform destroy -force. But it also trying to nsg . How to skip this deleting nsg. Could you please help me – MohanKanth Feb 22 '19 at 07:50
@MohanKanth So what do you want to know? How to delete the resources through Terraform? Or others? – Charles Xu Feb 22 '19 at 07:56
I want to delete created vm and their resources i.e,datadisks,network interface through terraform. I dont want to try delete nsg. – MohanKanth Feb 22 '19 at 07:59
@MohanKanth Well, you can delete all things you want in the Azure portal and remain the NSG. Then recreate the things you want, and you can refer to existing NSG through [data NSG](https://www.terraform.io/docs/providers/azurerm/d/network_security_group.html) in Terraform. – Charles Xu Feb 22 '19 at 08:03
azurerm_network_security_group.main: Error deleting Network Security Group "RG-NSG" (Resource Group "RG-TEST"): network.SecurityGroupsClient#Delete: Failure sending request: StatusCode=400 -- Original Error: Code="InUseNetworkSecurityGroupCannotBeDeleted" Message="Network security group /subscriptions/xxxxxx/resourceGroups/RG-TEST/providers/Microsoft.Network/networkSecurityGroups/RG-NSG cannot be deleted because it is in use by the following resources: /subscriptions/xxxx/resourceGroups/RG-TEST/providers/Microsoft.Network/networkInterfaces/myNIC." Details=[] – MohanKanth Feb 22 '19 at 08:03
@MohanKanth It seems the NSG is in use. So you cannot just delete it. Two ways, one is you can disassociate the resource and then delete it. Another is you can use it in your Terraform with data that I provide in the comment. – Charles Xu Feb 22 '19 at 08:14
Okay.Thank you very much Charles. – MohanKanth Feb 22 '19 at 08:19
@MohanKanth Well, if it's helpful you can accept my answer. – Charles Xu Feb 22 '19 at 08:23

create azure vm from image using terraform

2 Answers2