AZURE ::: ARM Templates Tutorial

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Credits to Creator of the video : Adam Marczak - Azure for Everyone

All credits to the creator of this video. from where I have prepared this note from

ARM Templates Tutorial | Infrastructure as Code (IaC) for Beginners | Azure Resource Manager


GitHub - Azure/azure-quickstart-templates: Azure Quickstart Templates

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 


What is Azure Resource Manager ?

How does it work. Lets see how can we deploy resources today in Azure .

There are several ways to deploy resources in Azure. and the ways as as below.

  1. Azure Portal
  2. Azure PowerShell
  3. Azure CLI
  4. REST client

 For Powershell and CLI you are using SDKs . But pretty much all these ways are communicating to Azure Resource Manager End Point . And it is your Centralized resource management layer in Azure. It is secure by default and it is secure by mean of Active Directory .

So it does not matter which interface you are using it is still secured the same way. Once the request is received Resource Manager talks to something called Resource Provider

Every single resource in Azure has its own Resource Provider. And that resource provider handles everything about that resource. In Azure , everything is managed in a Hierarchical scope  And the scope goes from the management groups where you have multiple subscriptions and from subscription a unit of billing for your subscription.


Usually a separate subscription into development and production environment and each subscription contains Resource Groups - A logical grouping of resources usually presenting your applications. And underneath at the very lowest level you have resources. Those are the one we are going to be deploying today . And we are going to be doing on a Resource Group level.

One thing - How you separate your management groups, subscriptions is resource groups is really up to you . You can separate them by Regions / Departments / Applications / Modules

Now we can move to the templates themselves.

They are unified language for you to manage your resources in Azure .

They way they work is very simple . Imagine you have a Resource group in which you have a Virtual Machine and a storage account. You can actually create a template to deploy all that

The template would like this. It is a simple JSON format with some properties that you need to fill .


Simple JSON format with some properties that you need to fill . Basic properties is always the same. There are few that are Mandatory like schemas.

Schema defines whether the properties are available for the rest of your template. This pretty much defines how the rest of your template will react . This is very important if you are using tools such as Visual studio Code with intelligence .

You can see the schema has a date in it. which indicates what is the current version of the schema you are working in


As you can see the schema has a Date in it . Indicating what is the current version of the Schema that you are working .The next field is content version.

Content Version : Is a simple filed that allows you to version your templates . Well it is important to version your templates if you are using tools like Git , It is not important to keep this field up-to-date.



Next you have the most important section. which is the Resources section.

It is an array of JSON object where each objects describes the service that it is going to be deploying.

And you can have multiple resources deployed using a single template.

Additionally you have parameters


This section is optional , but if you want to parametrized your template you can use this to pick up some input parameters for your template. 

And if you want to calculate something dynamically. you have "Variables " If you want to calculate some dynamic properties during the execution of template itself based on your input parameters and other variables.

You also have Output section that allows you to return some properties from the template execution.


And also Function section if you are using if you are using expressions a lot you can define a single expression in here and re-use across your template. As you can see the general section of the template is not too complicated.

So lets look at JSON objects describing a service. If we take for instance the storage account. If you go to the portal and start creating this you will see some properties that describe as storage account. And if you create the storage account exactly the same way in the template it will look like this.


So what are the key properties that you always need to fill. 

First one is the type

Describes what service are you deploying . And it is concatenation of the resource provider name 

Microsoft.Storage -- in this case. And then you have the name of the service itself which is "storageAccounts"

Additionally : apiversion  -- I was talking about resource manager talking to resource providers and in order for Azure to be able to change over time because this is cloud and it changes all the time. And apiversion is introduce so whenever there is a major change in the service a New apiversion is provided

in this case it is 2019-06-01 in which it has a specific set of properties to be supplied . You should always keep up-to-date with this as you will see that more new fields gets exposed and more new features are available for you to use with in your template. But always remember there is always a risk. and some field changed its name and your templates might break. Always do it with caution.

Every service you deploy has to have a name.


A mandatory property that always need to be filled . 

Also location the location of your data center


where your service will be deployed. Beyond this service all the resources in Azure have unique properties. So you always need to check out what kind of properties you need to supply for your service.

In this case the SKU name is the combination of performance and replication . In this case it is Standard and Locally Redundant storage .

 

In this case it is a standard - Locally Redundant Storage .

You also have Account kind & also Access tier that you need to define . In order to deploy storage account. There are many more properties available for storage account but this the minimum in order to replicate what you see in the portal itself.

There are also multiple properties how you can manage your deployment 

I have one template which will define all the resources for your application and all the dependencies between those resources .

Another way to use is it i using separate ARM templates . So you can have an ARM template for each resource for which you are deploying . You can still maintain the reference of the and define the relation ship between the resources and pull some information from one to another .

 


You can also Next the templates - you can have a Master Template which can refer to Sub-Template for each resource , so you can have a very clean and have a very separated approach for each resource management . 

You get a loads of benefits when using ARM templates.


  • First of all you do not just manage Code IaC , but also Policy and Roles as a Code. 
  • Using declarative syntax 
  • Repeatable very consist results 
  • We have Orchestration and the quality and the order in which the resources are created .
  • We have Build-In-Validation , If I make some common mistakes the resource providers tell me about it .
  • You can have modular file where you can nested templates 
  • Every thing that you deploy is tracked so that you can very much see what was deployed and when 


There are loads of additional function for ARM templates 


  • You can define functions use expressions to dynamically parameterize your template. 
  • Use references to pull  across information from services 
  • Export to export existing resources as an ARM template 
  • Use loops to define multiple resources  in a single go
  • And deploy resources conditionally 
The most common scenario is Application Development 



So if you are moving across environments using ARM templates you can have very consistent results every single time. Also if you are an Azure administrator and also managing your Azure environment . You can use governance using ARM templates , so you can define Policies, groups , management groups and stuff using the same language . So you are investing to learn this which can be used to manage pretty much everything in Azure using this language . 


I have prepared live demos for your

  1.  Building Templates using visual studio code. And I will show you what are the resources available for you and what properties you need to supply for each resource , I will show you couple of option and I will tell you which is the best one in my opinion .
  2. Next I will show you all the options for deployment starting from Powershell, Azure CLI, Cloud shell , Git hub and the portal and I am going to finish off showing you how can you parameterize your templates using parameters , variables and functions .
So lets go into the Portal .

Today's demo is not to show you what we can do in a Portal. I am going to show you what we have in a portal. 

Everything that we are going to deploy today is using Visual Studio code. 

Setup in Visual Studio Code :

The most important thing that you need to have for yourself is Extension from Microsoft called - Azure Resource Manager .

And if you are working with ARM templates a lot . I can highly recommend . I will also recommend you this ARM template Viewer extension  as well .


This allows you to explore your templates visually and helps you to check what is being deployed with out doing a deep diving into the code. 

Lets deploy a Storage account . Storage account is the most straight forward thing in azure and it will show the principle of the ARM template deployments 

Lets create a New File -- DEMO folder right click -- 01-storage.json 



And there are multiple ways how you can start but for initializing the templates I like to use snippets . Because I use this ARM template . 

type arm 


Press enter and those are the standard properties . Now you can actually start deploying the resources .

We need to expand on the resources section .

And we can indeed use templates again. for example 


And then press TAB


And it generated the template for the storage . And it filled the main important fields for us . 


Location will be the same as the resource group location . 

The tags section is optional so that you can remove that . 



We can actually store this template and deploy it right now. 

In Order to deploy the template we can use Power shell 

Open the terminal

> connect-AZAccount  -- login window will appear , then enter the credentials . 




You can deploy it using the terminal or using a very simple script . 

I will create a 01-storage-ps1

That will be the deployment script that we will use. Within that script I will do two things .

I will do two things in the script
  •  I will create Resource Group - arm-introduction-01
  •  And I am going to create that resource group in Northeneurope 
  • Next I will perform deployment using AZResourceGroupDeployment
New Storage is not the name of the service it is the name of the entire deployment

ResourceGroup is where the resource will be deployed to and it will pass it to the template file that I just created . So we can now run the script .


And as you can see it has created a resource group already . 

It has succeeded and not you have to wait for the deployment . The template will fail. let see how did it fail . 


The storageaccount 1 has already been taken . 

We are changing the Storage Name 


Changed the storage name - Save the template and simple re-run the script .

Re run the script very quickly


We can see the result ARM template introduction . 


We will go back to portal and then review the results . Refresh the page now to see the new resource group .



one thing . Some times there is a delay in the portal after the deployment succeeds just like 40 sec to a 1 minute for the resource to appear . 

You can also see the properties that your defined during the deployment .


If you go to the configuration of the storage which is on the left hand side of the screen . 

You can change the LRS_Standard to GRS - which is Geo Redundant storage .


And rerun the script . 


And it didn't work out , lets take a deep dive and check why it didn't happen . it failed here because we used a very Old API version here . So lets fix that .

So lets see how to use the good practices to use the storage account . Before I delete this section. I want to create a New one . 

Lets see how you can use intelligence to achieve the same result 

type press tab


type ": and you are going to get intelligence about all the available resources 


once i do that every other property that I would get in intelligence is for this resource provider 

"apiversion": 


And notice that we were using a  very old api version we will choose the latest one by going down underneath . 

Now let just define a name for our storage .

We will name it pretty much as the last one 


this time we changed the name to 2a instead of 1a 

We definitely need to fill in location. 

If you want you can use the same expression as above which will choose the location similar to the location of your resource location. 

sku : the intelligence is saying it is an object .

In the above command you used 




How do you know what are the properties of each version of the api to fill in . Lucky the Microsoft Azure delivers this list .

Open a browser : resource provider recommendation

Azure resource reference - Bicep & ARM template reference | Microsoft Docs



For each version you have all the properties associated with that Version.


There are so many properties

How would you know the mandatory properties that you need to fill . it is always not so straight forward . so there is another great resource and this resource is even better because there is a 
Git Hub for Microsoft . which has something called Azure quick start templates 

GitHub - Azure/azure-quickstart-templates: Azure Quickstart Templates


It has a loads of templates for resource providers with loads of samples for each one of them 

Ctrl + F = storage and search for the storage account samples 


get into this 


The file of interest is the above one .

This is the file containing the ARM template . lets go to the resource section down below.

we can see other properties that you can add to resource group .


we copy this property to our arm template .

Press Ctrl + space for the intelligence 


The latest one is StorageV2 

removed the old code above for resource and saved the new resource 


Go to Azure Portal and check for the resource group  there can be a delay for the resource to appear


Now we can work with Parameterization of our template 

As you can see below Hard coding the name is not the best approach .


for that you can actually introduce parameters . And this section is pretty easy .


This parameter is always an object 



What kind of a Type is this . This can be array , boolean 


This is the minimum and maximum values for the storage accounts . You have already have that parameter and you can already use that in your template . 

To get the parameter value you need to call a function , to call the function with in you need to remove the value put there square brackets .


And with in this square brackets you can use functions. If you again press ctrl+ space you can get in 

You will get the list of all the available functions 


And the parameters for function is called parameters 


Now lets see how your execution of your template changes because right now you need to supply an input parameter and it is fairly easy 

I will go to this new AZResourceGroup deployment 

You just need to supply the parameter , there is a couple of ways to do that but the most . But the most simple one is 

- storageName 

And run this deployment again . The  deployment has finished 

The result has succeeded , we can go back to the portal now 



Lets add one more parameter section of our template and add one more parameter to the section .


Parameter above 

Go to resource section and parameterize the SKU .


You can pass the storage parameter Standard_SKU


So far I have been deploying resources using Powershell let see what are the other options that we have.

For instance you can Use - Cloud shell 

Using cloud shell is very simple, lets copy the script that we created here . Got to Azure Portal click the > arrow mark above . And you can either use Bash / Powershell . In this case we are keeping as Bash script. 


First of all I need to get the template here, I should either upload the template here or you may use build in editor Code . with in cloud shell 


And you will have a similar experience of using a Visual Studio Code . 


You can copy and paste the code in here .

Save it provide a Name . 


Once done you can either close the editor using Ctrl +  Q 

Running the deployment from Cloud shell is as easy as running from powershell .



And since i didn't provide the storage name , I am prompted to give one . 



press 1 and run the deployment for StandardLRS 

we can see the deployment finished and therefore you can close the Cloud Shell . And the script i provided in CLI should provide a new resource group . Go to Azure cloud and refresh that .


But there is one more way you can deploy in Azure. On the portal - Create a resource 

Type in -- Template 

And you are going to find a market place item for resource deployment  .


Hit Create 

You can create your own template . 

which give you a small template editor , very simply paste into this template the code .

Hit save and it will give you  



And it will give you UI for your template 



All the deployments you do can be seen the deployment screen .


Here we are shown only two deployments because each time we deployed we used the same new-storage  as the name ,

If you go back to the Quick Start Templates of Azure you will find 

You can find 


So lets see how this works , lets find another template 

101-app-function 

I want to create a function app because it will deploy a function app and underlying resources which will be tied together so we will be deploying multiple services in a single template .


Click deploy to Azure button  . 

This will take you to the portal which will take this as a template as an input 

You can review the template by clicking the edit button.











Comments

Post a Comment

Popular posts from this blog

Azure : 400 : Sec : 2 : NEW Configure processes and communication

Image
 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++   ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Azure Boards:  How we plan our work using Azure Boards  ?  When you sign into Azure- DevOps - it would have created an Organization and  Project  Azure DevOps Portal : https://azure.microsoft.com/en-us/products/devops Inside Organization > Inside Projects > Boards (Where we do the planning it self) Lets say you want to create a task or you want to create a User Story you will create something as the work Item within a project within your organization Create a New Work Item. I can create the Epic, Issue and Task but I cannot create a User story. Now why is this the case. Now why is this the case.  This is based on the work process model that is chosen within the project when you created within the Organization.  It shows the basic process and based on the basic process these are the ...
Read more

Azure : 104 : Sec: 2 : Azure Concepts

Image
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  Azure Concepts : ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++  Azure services are huge . There are literally hundreds of services underneath the Azure Umbrella.  Core services Virtual Machine Virtual Networking Storage Virtual Mahine is a foundation on top of which other compute services provide services. So when you get Kubernetes contains you are actually work with VMs under the hood. Kubernetes is just an abstraction layer about the virtual machines. Virtual Machine Scaleset : It is a way to have load balancers The below are fully managed servers and you do not have remote access into them. Azure Storage Blobs is the most common within which you use containers to store your files.  Microsoft stores 3 copies of your files in case if there was some catastrophy happens  Redundancy Data Services  Data storage in terms of databases. When you are migr...
Read more

Azure-104 : Sec1 :

 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++   ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++.  Azure Free Account Central URL for Azure is >>> https://portal.azure.com/#home  
Read more