Ansible as Infrastructure as Code tool for deployment of Azure resources
RedHat’s Ansible is a well-known tool that’s used for configuration management & for building Cloud resources deployment. Ansible can be used for the deployment of resources in Aws, Azure, GCP, Oracle Cloud, IBM cloud platform resources either in standalone or through Ansible tower. In this blog post, I’m going to cover Azure resources deployment through Ansible as Infra as code (IaC) tool.
The Ansible configuration block starts with “host” details followed by the “tasks” declaration including the variables to be defined — declared as “vars” block in Ansible. The “tasks” can be consists of multiple building blocks for Azure resources like for the declaration of “resource group”, “resource definition block”, “resource configuration block” etc. In this example, I’m citing an Ansible configuration YAML block for Azure Kubernetes Cluster (AKS) on scale followed by Azure Log Analytics workspace.
# Ansible playbook to create AKS cluster on scale---- name: Create Azure Kuberneter Clusterhosts: localhostconnection: localvars:ssh_key: "{{ssh_key}}"resource_group: "{{resource_group_name}}"location: "southeast asia"aks_name: "{{aks_name}}"username: "{{username}}"client_id: "{{client_id}}"client_secret: "{{client_secret}}"tasks:- name: Create Resource groupazure_rm_resourcegroup:name: "{{resource_group_name}}"location: "southeast asia"- name: Create a managed Azure container services (AKS) Clusterazure_rm_aks:name: "{{aks_name}}"location: "southeast asia"resource_group: "{{resource_group_name}}"dns_prefix: "{{aks_name}}"kubernetes_version: "{{aks_version}}"linux_profile:admin_username: "{{admin_username}}"ssh_key: "{{ssh_key}}"service_principal:client_id: "{{client_id}}"client_secret: "{{client_secret}}"agent_pool_profiles:- name: defaultcount: 2vm_size: Standard_D2_v2tags:environment: dev
While writing Ansible configuration building blocks, it has to be always taken care of spaces & indentation styles like as general YAML script standards. Apart from that, the jinja, ansible inventory, modules also take a good part in the IaC development through Ansible.
Here goes an example Ansible building block configuration of the Azure Log Analytics workspace.
#Ansible block for Azure Log analytics workspace---- name: Create Azure Log Analytics workspacehosts: localhostconnection: localvars:resource_group: "{{ resource_group_name }}"location: "{{ location }}"workspace_name: "{{ workspace_name }}"tasks:- name: Create Azure Resource groupazure_rm_resourcegroup:name: "{{ resource_group }}"location: "{{ location }}"tags:environment: devcostcenter: "10021"- name: Create Azure Log Analytics Workspaceazure_rm_loganalytics_workspace:resource_group: "{{ resource_group }}"name: "{{ workspace_name }}"location: "{{ location }}"
The Github repo containing the Azure resources deployment scripts with Ansible is made available in the following link.
Apart from Ansible “azure_rm” collection, lately “ansible_az_collection” is available through which mostly all of the Azure resources can be deployed through an ansible API call. Here goes the link to the Azure ansible collection registry link.
