Terraform Build Azure Infrastructure

These are the links for us to use to build infrastructure on Azure

Git - Repositories

• https://github.com/search?q=terraform+build+Azure+cloud
• https://github.com/bridgecrewio/checkov
• Azure Elastic LoadBalancer Terraform - https://github.com/yousafkhamza/terraform-alb
• https://github.com/digihunch/cloudkube
• https://github.com/psmanika/azure-terraform-landing-zone
• https://github.com/scarolan/terraform-foundations-azure
• Precog Azure Project - https://github.com/precog/devops/issues/257
• The issue - https://github.com/orgs/precog/projects/195/views/1

More links to investigate and learn to Build Terraform on Azure

• https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network
• https://registry.terraform.io/modules/Azure/vnet/azurerm/latest
• https://registry.terraform.io/modules/Azure/network/azurerm/1.0.0
• https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network_gateway_connection
• https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network#example-usage
• https://github.com/search?q=azurerm+vnet
• https://github.com/kumarvna/terraform-azurerm-vnet
• https://github.com/Azure/terraform-azurerm-vnet
• Azure documentation - https://docs.microsoft.com/en-us/azure/developer/terraform/get-started-cloud-shell-bash?tabs=bash 
• 
  

Azure best Pratices - https://docs.microsoft.com/en-us/azure/aks/operator-best-practices-cluster-security

https://docs.microsoft.com/en-us/azure/aks/best-practices

Azure tutorials with Terraform and Packer and Ansible ..

 Here are some links to be used to build and deploy Packer Image Automated Build, Provisioned with Ansible and Deployed into infrastructure with Terraform. 

Links list; 

- Microsoft Tutorial to Implement as tutorial and publish as Video Tutorial - https://cloudblogs.microsoft.com/opensource/2018/05/23/immutable-infrastructure-azure-vsts-terraform-packer-ansible/  ( This article my have few bugs and incompatibilities as it was done ages ago and the application has since moved into more advanced versions ) 

- Packer YAML and Azure Pipelines - https://www.nielskok.tech/azure-virtual-desktop/packer-yaml-azure-devops-pipeline-pt-1/  

- Here - Creating VM Images with Packer in Microsoft Azure - https://medium.com/slalom-build/azure-packer-592c4dc0e23a  

- This tutorial is more oriented for Amazon AWS  instead of Azure - https://devopscube.com/packer-tutorial-for-beginners/   

- This another tutorial buils Terraform and Packer image build automation for Amazon AWS - https://www.bogotobogo.com/DevOps/Terraform/Terraform-state-tfstate-import.php  

- Another one - https://learn.hashicorp.com/tutorials/terraform/packer  

- https://faun.pub/building-vm-images-on-azure-using-packer-hcl-and-powershell-scripts-45abaaa87e1f  

- https://arsenvlad.medium.com/how-to-create-and-test-azure-service-principal-using-azure-cli-647787cdb526  

- https://blog.devgenius.io/terraform-packer-and-ansible-in-azure-60b1037f8497  

- https://medium.com/search?q=Packer+and+Terraform+  

4 – Videos to be implemented on Jobudo DevTeam Channel – Or create another Playlist on my existent TDLM Channel ..

I was glad to help! If you still have any questions, then be sure to contact us.

✅ Be sure to subscribe to our official social network:

💬 https://t.me/forsageio_official

💬 https://discord.gg/forsage

💬 https://t.me/meoworldgame

How to install the lasted Terraform with Home Brew on Mac or Ubuntu

 Hello all welcome into my blog. Here you author, on this article I will be sharing my solution around a problem I found today while updating Home brew on my Machine.

This solution applies both to MacOS as to Ubuntu - as long as you have Homebrew installed on you machine. Please, this article assumes, you are experienced with command line and you have homebrew installed and running through your system..

In case, you have not installed on your system,  then please - here on this page check [ Step-by-steps guide to install home brew Mac ] and how to do the same on Linux/Ubuntu .

The above screenshot was captured while, I was updating all libs installed by Homebrew - and noticed that Terraform have a quite outdated version.👌.. It got me thinking.. 

Uhmm, what if I check it out then, brew throw another message on output

This second message, we can clearly see, the message saying quote "We will nor accept any new Terraform releases in homebrew/core" I was a bit confused here. So, I decided to start investigating is .. So my next step was to run the following command to check, the current installed Terraform was accepted as figure out ways to solve the problem.

So, run $ brew doctor command;

Although, brew reported both Terraform and OpenSSL 1.1 as deprecated - lets focus only on Terraform lets talk about OpenSSL in another blog post.

  I removed Terraform currently installed on my system:

Consulting - Terraform Documentation here I done reinstalled Terraform with Homebrew

Using the lasted version.

The lasts steps is to close your terminal and start new session on Terminal and run - the command $ terraform version

Now you have the latest version of Terraform running on Infra. Happy coding 😁😀😄 ..See you all on the next blog post, happy reading.

Terraform configuration to build a Zero-trust network

Terraform configuration to build a Zero-trust network for web applications in Azure MS, with Azure Firewall and application gateways:

Terraform

terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = ">= 3.0.0"
    }
  }
}

provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "zerotrust" {
  name     = "zerotrust-rg"
  location = "westus"
}

resource "azurerm_virtual_network" "app-vnet" {
  name     = "app-vnet"
  location = azurerm_resource_group.zerotrust.location
  address_prefixes = ["10.0.0.0/16"]

  subnet {
    name         = "app-subnet"
    address_prefix = "10.0.1.0/24"
  }
}

resource "azurerm_application_gateway" "app-gw" {
  name     = "app-gw"
  location = azurerm_resource_group.zerotrust.location
  capacity = 2

  frontend_port {
    name     = "http"
    port     = 80
    protocol = "Http"
  }

  frontend_port {
    name     = "https"
    port     = 443
    protocol = "Https"
  }

  backend_address_pool {
    name = "app-backend-pool"
  }

  frontend_ip_configuration {
    name   = "app-frontend-ip"
    public_ip_address_id = null
  }

  listener {
    name                 = "http-listener"
    protocol             = "Http"
    frontend_port_name   = "http"
    frontend_ip_config_name = "app-frontend-ip"
  }

  listener {
    name                 = "https-listener"
    protocol             = "Https"
    frontend_port_name   = "https"
    frontend_ip_config_name = "app-frontend-ip"
  }

  request_routing_rule {
    name         = "app-http-rule"
    listener_name = "http-listener"
    backend_address_pool_name = "app-backend-pool"
    backend_http_setting_name = "app-http-setting"
  }

  request_routing_rule {
    name         = "app-https-rule"
    listener_name = "https-listener"
    backend_address_pool_name = "app-backend-pool"
    backend_http_setting_name = "app-https-setting"
  }

  backend_http_setting {
    name         = "app-http-setting"
    idle_timeout_in_minutes = 10

    path_rule {
      name         = "app-rule"
      path_patterns = ["/*"]
      backend_pool_name = "app-backend-pool"
      backend_http_setting_name = "app-http-setting"
    }
  }

  backend_http_setting {
    name         = "app-https-setting"
    idle_timeout_in_minutes = 10

    path_rule {
      name         = "app-rule"
      path_patterns = ["/*"]
      backend_pool_name = "app-backend-pool"
      backend_http_setting_name = "app-https-setting"
    }
  }

  probe {
    name        = "app-probe"
    path        = "/"
    interval_in_seconds = 30
    threshold = 3
  }

  health_monitor {
    name     = "app-monitor"
    probe_name = "app-probe"
  }
}

YAML

---
- name: Provision whitelist configuration
  hosts: all
  become: true
  tasks:
    - name: Get whitelist data from database
      uri:
        url: "https://database

OBS: 

Disclaimer

This Terraform and Ansible code is provided for informational purposes only and should not be considered production-ready. Running this code may have unintended consequences and could potentially compromise your Azure environment.

By using this code, you assume all risk and responsibility for any damages or losses that may occur. It is highly recommended to thoroughly understand the code and modify it to fit your specific needs and security requirements before deploying it in a production environment.

Additionally, always consult with qualified Azure and security professionals before implementing any changes in your environment.

Source Code:

 https://github.com/iNarendraK/terraform-nov-2022_new 

List of the best Terraform infrastructure as Code Books, based on Readers feedback.

Based on readers’ feedback, here are some of the best books on Terraform Infrastructure as Code:

• Continuous Delivery with Jenkins, Kubernetes, and Terraform: by Mohamed Labouardy. This book is a practical guide to automating your development pipeline in a cloud-native, service-driven world. It covers topics like the basics of Terraform and Jenkins, how to use Jenkins for code-driven CI/CD pipelines, and mastering the usage of Terraform for code-based infrastructure management.

• Terraform: Up & Running: Writing Infrastructure as Code by Yevgeniy (Jim) Brikman. This hands-on book shows you how to get up and running with Terraform fast. It covers topics like manual and automated testing for Terraform code, comparing Terraform to Chef, Puppet, Ansible, CloudFormation, and Salt Stack, and deploying server clusters, load balancers, and databases. It also important to mention here, this book is at 3rd edition already.

• Terraform in Action: This book is also highly recommended by readers.

• Getting Started with Terraform: Manage Production Infrastructure as a Code. This book is a great starting point for beginners.

• Terraform Cookbook: Efficiently define, launch, and manage Infrastructure as Code across various cloud platforms. This book is ideal for those who are new to Terraform and want to learn more about it.

Please, bear in mind that the availability of these books may vary. I recommend checking them out on your preferred book retailer or library.

1 - Here I can leave you guys with some more learning/Reading resources - GitHub - shuaibiyy/awesome-terraform: Curated list of resources on HashiCorp's Terraform

2 - Hashicorp Terraform source documentation - https://developer.hashicorp.com/terraform/docs 

3 - Master Terraform: A cheat sheet for infrastructure automation - https://www.architect.io/blog/2023-02-02/terraform-cheat-sheet/ 

Mastering Docker Minified Systems: A Step-by-Step Guide with Real Use Cases

Introduction

Docker is a powerful platform for developing, shipping, and running applications. Minified Docker systems are optimized for size and efficiency, making them ideal for production environments where resources are at a premium.

Step 1: Understanding Docker Basics

Before diving into minified systems, ensure you have a solid understanding of Docker concepts like images, containers, volumes, and networks.

Key Commands:

docker pull [image_name] # Download an image from Docker Hub
docker run -d --name [container_name] [image_name] # Run a container in detached mode

Step 2: Creating a Minified Dockerfile

A minified Dockerfile contains only the essential layers needed to run your application.

Example Dockerfile:

FROM alpine:latest
RUN apk add --no-cache python3 py3-pip
COPY . /app
WORKDIR /app
RUN pip install -r requirements.txt
CMD ["python3", "app.py"]

Step 3: Building and Running Your Minified Container

Build your image with the Docker build command, tagging it appropriately.

Build Command:

docker build -t my-minified-app .

Step 4: Optimizing Your Image

Use multi-stage builds to reduce size and remove unnecessary build dependencies.

Multi-Stage Dockerfile:

# Build stage
FROM python:3.8-slim as builder
COPY requirements.txt .
RUN pip install --user -r requirements.txt
# Final stage
FROM python:3.8-alpine
COPY --from=builder /root/.local /root/.local
COPY . .
CMD ["python", "./app.py"]

Step 5: Managing Data and State

For stateful applications, use volumes to persist data.

Volume Command:

docker volume create my_volume
docker run -d -v my_volume:/data my-minified-app

Step 6: Networking and Communication

Link containers and enable communication between them using Docker networks.

Network Commands:

docker network create my_network
docker run -d --net=my_network my-minified-app

Step 7: Deploying to Production

Deploy your containerized application using orchestration tools like Docker Swarm or Kubernetes.

Step 8: Monitoring and Maintenance

Monitor your containers and systems using tools like Docker stats, cAdvisor, or Prometheus.

Conclusion

Mastering Docker minified systems involves understanding Docker fundamentals, optimizing Dockerfiles, managing data, and deploying efficiently.

Further Learning

• Docker Official Documentation: docs.docker.com
• Dockerfile Best Practices: Dockerfile Best Practices
• Docker Networking: Docker Networking

Remember, practice makes perfect. Start small, iterate, and gradually incorporate these practices into larger projects.

OBs:

[ Docker is an open platform for developing, shipping, and running applications. Docker enables you to separate your applications from your infrastructure so you can deliver software quickly. 

With Docker, you can manage your infrastructure in the same ways you manage your applications. By taking advantage of Docker’s methodologies for shipping, testing, and deploying code quickly, you can significantly reduce the delay between writing code and running it in production.

Certainly! Here’s an extensive guide titled “Mastering Docker Minified Systems: A Step-by-Step Guide with Real Use Cases.” ]

---

This guide provides a foundational understanding of working with minified Docker systems. For more in-depth learning, refer to the provided links and continue exploring real-world use cases. Happy Dockering!