Tuono Azure Demo – Modify an instance with 3 lines of code

Change Ahead Sign - Azure Configuration Changes

I received several questions about Day 2 operations after my previous Tuono demo post. Day 2 operations are a core feature of the Tuono platform. Many cloud infrastructures evolve over time and managing changes to those environments is critical. A Tuono blueprint can be applied to an environment repeatedly and it will verify the deployed cloud infrastructure matches the blueprint each time it is applied. This also allows a user to make changes to the blueprint and apply it to the environment to make changes to the deployed infrastructure. In this demo, we start with an environment deployed to Azure, then we edit the blueprint and see the changes to the access control list (ACL) and disks.

How do I add a disk to an Azure instance / VM?

In order to add a disk to an Azure instance with Tuono, simply add the new disk to the blueprint. In the example below we add a new 50GB disk named “data” to our virtual machine named “vm-instance.” This is done by adding 2 lines to the blueprint as seen below. The new disk will be added to the instance next time the blueprint is applied.

Before:

  vm:
    vm-instance:
      admin_username: adminuser
      cores: 2
      memory: 4 GB
      disks:
        boot:
          size: 100GB

After:

  vm:
    vm-instance:
      admin_username: adminuser
      cores: 2
      memory: 4 GB
      disks:
        boot:
          size: 100GB
        data:
          size: 50GB

How do I modify the access control list (ACL) on an Azure subnet?

The ACL can be updated to disallow http by removing the http line from the protocol list for the policy. In this case, that is accomplished by removing a single like from the policy. The http rule will be removed from any ACL that uses this policy next time the blueprint is applied. The Preview feature will show what changes the system is planning to make without making any changes to the running environment. This allows you to see what if going to happen before executing the changes.

Before:

  firewall:
    management-access:
      rules:
        - protocols:
            - https
            - http
            - ssh
          to: members
          from: 192.168.1.42/32

After:

  firewall:
    management-access:
      rules:
        - protocols:
            - https
            - ssh
          to: members
          from: 192.168.1.42/32

Check out this Tuono Azure Day 2 demo

Here is a full copy of the blueprint for anyone who wants to try it out.

location:
  region:
    demo_region:
      country: USA
      area: northwest

  folder:
    demo_folder:
      region: demo_region
      name: Demo_RG
      
networking:
  network:
    demo_vnet:
      range:
        - 10.50.0.0/16
        - 10.150.0.0/16
      public: true

  subnet:
    public_subnet:
      range: 10.50.0.0/16
      network: demo_vnet
      public: true
      firewall: management-access
    private_subnet:
      range: 10.150.0.0/16
      network: demo_vnet
      public: true
      firewall: management-access

  protocol:
    ssh:
      ports:
        - port: 22
          proto: tcp
    https:
      ports:
        - port: 443
          proto: tcp
    http:
      ports:
        - port: 80
          proto: tcp

  firewall:
    management-access:
      rules:
        - protocols:
            - https
            - ssh
          to: members
          from: 192.168.1.42/32

compute:
  image:
    bionic:
      publisher: Canonical
      product: UbuntuServer
      sku: 18.04-LTS
      venue:
        aws:
          image_id: ami-0a7d051a1c4b54f65

  vm:
    vm-instance:
      admin_username: adminuser
      cores: 2
      memory: 4 GB
      disks:
        boot:
          size: 100GB
        data:
          size: 200GB
      image: bionic
      nics:
        external_nic:
          ips:
            - private:
                type: dynamic
              public:
                type: static
          firewall: management-access
          subnet: public_subnet
        internal_nic:
          ips:
            - private:
                ip: 10.150.0.11
                type: static
          subnet: private_subnet
      ssh_public_key: {{ public_key }}

Sign up for our newsletter


Close

Contact Us

Schedule a Demo

Request Early Access