Azure Cloud Automation Quickstart – Customizing our Azure Blueprint with Variables

Thanks for all the questions about this Azure blog series. We have decided to add this bonus blog to take the Blueprint one step further and add variables.

At this point in the series we have created our Azure Virtual Network, hardened it with Security Groups and deployed a VM with a customized NGINX web server using cloud-init in the Azure Portal and with a simple Tuono Blueprint. We are now going to discuss how to customize your Tuono Blueprint with variables.

Variables allow us to change the infrastructure parameters at deploy time allowing for customization of a single Blueprint to fit multiple use cases. This allows a single Blueprint to be used for dev, QA, and production deployments of an application for example. Another use case might be to use a single Blueprint for all development environments that is tuned per environment.

How do I create variables for my Tuono Blueprint?

In a Tuono Blueprint, we define a variable by providing a variable name, a brief description, and the type of variable we are defining.

admin_username:
    description: The username for the administrative user.
    type: string

We can add a default value to the variable, bypassing the need to set the parameter every time. This variable can not be used anywhere in our Blueprint by calling it out like this (( admin_username )).

admin_username:
    description: The username for the administrative user.
    type: string
    default: adminuser

We can modify the Blueprint we have been building to add variables that allow you to specify a login user name, provide a distinct SSH key and add your own customized message to the webserver.

All variables are defined under the “variables” section of our Blueprint.

variables:
  admin_username:
    description: The username for the administrative user.
    type: string
    default: adminuser
  admin_public_key:
    description: The OpenSSH Public Key to use for administrative access.
    type: string
  your_caption:
    description: Name of webserver
    type: string
    default: "Hello, Is there anybody out there?"

In place of hardcoded values for our webserver we are now going to put our variables into place. The previous code block looked like the following with hard coded values for username and the ssh key:

configure:
        admin:
          username: adminuser
          public_key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDu= dummy_key@tuono.wpengine.com
        userdata:
          type: cloud-init
          content: |
            #cloud-config
            package_upgrade: false
            packages:
              - nginx
            users:
              - name: adminuser
                groups:
                  - sudo
                sudo: ALL=(ALL) NOPASSWD:ALL
                ssh_authorized_keys:
                  - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDummyDu= dummy_key@tuono.wpengine.com
            runcmd:
              - sudo su 
              - echo 'Congratulations on configuring an Azure web server! ' > /var/www/html/index.nginx-debian.html

Putting our variables into place cleans up our webserver configuration to this tidy block:

configure:
        admin:
          username: (( admin_username ))
          public_key: (( admin_public_key ))
        userdata:
          type: cloud-init
          content: |
            #cloud-config
            package_upgrade: false
            packages:
              - nginx
            users:
              - name: (( admin_username ))
                groups:
                  - sudo
                sudo: ALL=(ALL) NOPASSWD:ALL
                ssh_authorized_keys:
                  - (( admin_public_key ))
            runcmd:
              - sudo su 
              - echo '(( your_caption ))' > /var/www/html/index.nginx-debian.html

Time to deploy to the cloud…

Deploying infrastructure with Tuono can be accomplished with our Portal or API. When applying a Blueprint in our portal you get an easy to use interface that allows you to customize all of your Blueprint Variables

The variables table lists all of your Blueprint variables along with defaults. You can easily set new values right before deploying . You can see that we have set the value for our SSH key and modified the NGINX index.html message while keeping our username the default.

Applying a Blueprint through the portal will give a concise summary of the Job and allows us to get the IP of our new webserver.

Tuono portal

When browsing to the IP you will see NGINX is now displaying the message we changed with our variable input for (( your_caption )).

NGINX display message

The complete Blueprint with user defined variables for this series is below.

#
# This is an example blueprint that demonstrates the creation of an Azure webservice
#
---
# Part 4 introduces variables
variables:
  admin_username:
    description: The username for the administrative user.
    type: string
    default: adminuser
  admin_public_key:
    description: The OpenSSH Public Key to use for administrative access.
    type: string
  your_caption:
    description: Name of webserver
    type: string
    default: "Congratulations on configuring an Azure web server!"

location:
  region:
    my-region:
      country: USA
      area: northwest
  folder:
    azure-walkthrough:
      region: my-region
networking:
  network:
    vnet-walkthrough:
      range: 10.0.0.0/16
      public: true
  subnet:
    subnet-walkthrough:
      range: 10.0.0.0/24
      network: vnet-walkthrough
      firewall: fw-external-access  # Part 2 adds a Firewall to the subnet and marks it public
      public: true

# Part 2 Protocols
  protocol:
    ssh:
      ports:
        - port: 22
          proto: tcp
    http:
      ports:
        - port: 80
          proto: tcp
        
# Part 2 adds a Firewall using a protocol
  firewall:
    fw-external-access:
      rules:
        - protocols: ssh
          to: self
        - protocols: http
          to: self
# Part 3 adds VM a configures NGINX with cloud-init
compute:
  image:
    bionic:
      publisher: Canonical
      product: UbuntuServer
      sku: 18.04-LTS
      venue:
        aws:
          # if provisioning fails due to image not found, go to:
          # https://cloud-images.ubuntu.com/locator/ec2/
          # and search for "bionic amd64 ebs" and also add your AWS zone name like "us-west-2"
          image_id: ami-04bb0cc469b2b81cc
  vm:
    webserver-var:
      cores: 1
      memory: 1 GB
      image: bionic
      nics:
        external:
          ips:
            - private:
                type: dynamic
              public:
                type: static
          firewall: fw-external-access
          subnet: subnet-walkthrough
      configure:
        admin:
          username: (( admin_username ))
          public_key: (( admin_public_key ))
        userdata:
          type: cloud-init
          content: |
            #cloud-config
            package_upgrade: false
            packages:
              - nginx
            users:
              - name: (( admin_username ))
                groups:
                  - sudo
                sudo: ALL=(ALL) NOPASSWD:ALL
                ssh_authorized_keys:
                  - (( admin_public_key ))
            runcmd:
              - sudo su 
              - echo '(( your_caption ))' > /var/www/html/index.nginx-debian.html

Thanks for following along with this series. For another step by step guide, check out “How to deploy an Application Gateway in Azure” too. And if you have ideas for other topics you want to see, send us a message on LinkedIn or Twitter!

If you want to give it a try, sign up for Community Edition. All you need to add to the Blueprint in this post is a set of AWS or Azure credentials and you can build this demo in the cloud with just a couple clicks.

Deploy your first environment