Tuono Azure Demo – Modify an instance with 3 lines of code

I received several questions about Day 2 operations after my previous Tuono demo post. Day 2 operations are a core feature of the Tuono platform. Many cloud infrastructures evolve over time and managing changes to those environments is critical. A Tuono blueprint can be applied to an environment repeatedly and it will verify the deployed cloud infrastructure matches the blueprint each time it is applied. This also allows a user to make changes to the blueprint and apply it to the environment to make changes to the deployed infrastructure. In this demo, we start with an environment deployed to Azure, then we edit the blueprint and see the changes to the access control list (ACL) and disks.
How do I add a disk to an Azure instance / VM?
In order to add a disk to an Azure instance with Tuono, simply add the new disk to the blueprint. In the example below we add a new 50GB disk named “data” to our virtual machine named “vm-instance.” This is done by adding 2 lines to the blueprint as seen below. The new disk will be added to the instance next time the blueprint is applied.
Before:
vm: vm-instance: admin_username: adminuser cores: 2 memory: 4 GB disks: boot: size: 100GB
After:
vm: vm-instance: admin_username: adminuser cores: 2 memory: 4 GB disks: boot: size: 100GB data: size: 50GB
How do I modify the access control list (ACL) on an Azure subnet?
The ACL can be updated to disallow http by removing the http line from the protocol list for the policy. In this case, that is accomplished by removing a single like from the policy. The http rule will be removed from any ACL that uses this policy next time the blueprint is applied. The Preview feature will show what changes the system is planning to make without making any changes to the running environment. This allows you to see what if going to happen before executing the changes.
Before:
firewall: management-access: rules: - protocols: - https - http - ssh to: members from: 192.168.1.42/32
After:
firewall: management-access: rules: - protocols: - https - ssh to: members from: 192.168.1.42/32
Check out this Tuono Azure Day 2 demo
Here is a full copy of the blueprint for anyone who wants to try it out.
location: region: demo_region: country: USA area: northwest folder: demo_folder: region: demo_region name: Demo_RG networking: network: demo_vnet: range: - 10.50.0.0/16 - 10.150.0.0/16 public: true subnet: public_subnet: range: 10.50.0.0/16 network: demo_vnet public: true firewall: management-access private_subnet: range: 10.150.0.0/16 network: demo_vnet public: true firewall: management-access protocol: ssh: ports: - port: 22 proto: tcp https: ports: - port: 443 proto: tcp http: ports: - port: 80 proto: tcp firewall: management-access: rules: - protocols: - https - ssh to: members from: 192.168.1.42/32 compute: image: bionic: publisher: Canonical product: UbuntuServer sku: 18.04-LTS venue: aws: image_id: ami-0a7d051a1c4b54f65 vm: vm-instance: admin_username: adminuser cores: 2 memory: 4 GB disks: boot: size: 100GB data: size: 200GB image: bionic nics: external_nic: ips: - private: type: dynamic public: type: static firewall: management-access subnet: public_subnet internal_nic: ips: - private: ip: 10.150.0.11 type: static subnet: private_subnet ssh_public_key: {{ public_key }}