Getting started with unipipe terraform runner on Azure
This tutorial is for you if want to build your first service using unipipe + terraform.
- write permissions on an empty git repository that supports SSH access; this tutorial will work with a GitHub repository
- unipipe cli, terraform, and az installed
- contributor rights on an Azure subscription that should host the service-broker and terraform-runner containers
- rights to create an Azure AD Application with a Service Principal
We will build a service and integrate it with the meshStack marketplace. Our architecture includes two containers in Azure: one called Service Broker and one called Terraform Runner.
This is how things will fit together at the end:
sequenceDiagram
participant Marketplace
participant Service Broker
participant Git Repository
participant Terraform Runner
participant Azure
Marketplace->>Service Broker: User orders a pizza receipe instance
Service Broker->>Git Repository: Store order as instance.yml and binding.yml files
Git Repository->>Terraform Runner: Read instance.yml and binding.yml files
Terraform Runner->>Azure: Create Pizza Receipe by applying terraform
Terraform Runner ->> Git Repository: Write status.yml file
Git Repository ->> Service Broker: Read status.yml file
Service Broker ->> Marketplace: Show status to user
Clone your empty git repository.
git clone git@<github/gitlab/azuredevops>.com:<your-organization>/pizza-receipe-services.git
cd pizza-receipe-servicesWe are going to use the terraform-azure-unipipe module for deployment.
Copy the files in the examples/standard-deployment-with-terraform-runner folder into your empty git repository under terraform/deployment
mkdir -p terraform/deployment
cd terraform/deployment
curl https://raw.githubusercontent.com/meshcloud/terraform-azure-unipipe/main/examples/standard-deployment-with-terraform-runner/main.tf > main.tf
curl https://raw.githubusercontent.com/meshcloud/terraform-azure-unipipe/main/examples/standard-deployment-with-terraform-runner/outputs.tf > outputs.tfOpen the main.tf file and replace all '...' with proper values.
Run terraform init and then terraform apply.
The resource group should look something like this
Run unipipe generate terraform-runner-hello-world in the repository root.
This will generate a set of files
├── README.md
├── catalog.yml
└── terraform
├── <uuid matching the service definition id in the catalog.yml file>
│ ├── backend.tf
│ ├── main.tf
│ └── variables.tf
└── deployment
├── README.md
├── main.tf
├── outputs.tf
└── terraform.tfstate
The documentation for meshStack marketplace is available in the meshcloud public docs.
After you have ordered a service instance, the hello-world-service will apply the terraform module in the service binding folder. The result will look like this:
instances
└── <some uuid>
├── bindings
│ └── <some uuid>
│ ├── backend.tf
│ ├── binding.yml
│ ├── module.tf.json
│ ├── pizza_receipe_<topping>.txt
│ └── status.yml
├── instance.yml
└── status.yml
The file pizza_receipe_.txt is the output of the terraform module.
You have built your first service with unipipe + terraform.
For a more advanced example, see the unipipe repository github.com/likvid-bank/networking-services