How to Make Deployment with Ansible Azure Modules

Ansible is an open-source product that automates cloud provisioning, configuration management, and application deployments. It includes a suite of modules for interacting with Azure Resource Manager, giving us the tools to easily create and orchestrate infrastructure on Azure.

In order to use Ansible, we need a linux on-prem server or a linux jumpbox vm in azure. Then follow Install and configure Ansible to install ansible. Ansible communicates with Azure using a username and password or a service principal. An Azure service principal is a security identity that we can use with apps, services, and automation tools like Ansible. As we can control and define the permissions as to what operations the service principal can perform in Azure, and also revoke the permission as we want anytime, it provides a better security experience than user name password approach. Please refer to Use portal to create an Azure Active Directory application and service principal that can access resources about how to create the service principal and also Authenticating with Azure about how to authenticate to Azure in Ansible. Just please remember that we also need add the corresponding app as the target resource group or subscription's contributor shown below, otherwise the service principal doesn't have the permission for deployment.

If there is no existing linux server to install Ansible, we can also use Azure Cloud Shell which has just supported Ansible since February which means we don't need install Ansible explicitly in Azure Cloud Shell. Also, if  login to the Cloud Shell as the subscription's admin, there is no need to perform authentication step mentioned in the above either. If you are new to Cloud Shell, please refer to Overview of Azure Cloud Shell firstly.

Now, we can create our playbook and perform the deployment. For example the below configuraiton means we are going to create a CentOS virtual machine with user name and password.

 - name: Create Azure VM
  hosts: localhost
  connection: local
  tasks:
  - name: Create VM
    azure_rm_virtualmachine:
      resource_group: myResourceGroup
      name: myVM
      vm_size: Standard_DS1_v2
      admin_username: jacky
      admin_password: changeit
      image:
        offer: CentOS
        publisher: OpenLogic
        sku: '7.3'
        version: latest

The azure_rm_virtualmachine in the above configurtion is just the module to create, update, stop and start a virtual machine. For full list of all the supported modules, please refer to below or Azure Cloud Modules.

• azure_rm_acs - Manage an Azure Container Service Instance (ACS).
• azure_rm_availabilityset - Manage Azure availability set.
• azure_rm_availabilityset_facts - Get availability set facts.
• azure_rm_deployment - Create or destroy Azure Resource Manager template deployments
• azure_rm_dnsrecordset - Create, delete and update DNS record sets and records.
• azure_rm_dnsrecordset_facts - Get DNS Record Set facts.
• azure_rm_dnszone - Manage Azure DNS zones.
• azure_rm_dnszone_facts - Get DNS zone facts.
• azure_rm_functionapp - Manage Azure Function Apps
• azure_rm_functionapp_facts - Get Azure Function App facts
• azure_rm_loadbalancer - Manage Azure load balancers.
• azure_rm_loadbalancer_facts - Get load balancer facts.
• azure_rm_managed_disk - Manage Azure Manage Disks
• azure_rm_managed_disk_facts - Get managed disk facts.
• azure_rm_networkinterface - Manage Azure network interfaces.
• azure_rm_networkinterface_facts - Get network interface facts.
• azure_rm_publicipaddress - Manage Azure Public IP Addresses.
• azure_rm_publicipaddress_facts - Get public IP facts.
• azure_rm_resourcegroup - Manage Azure resource groups.
• azure_rm_resourcegroup_facts - Get resource group facts.
• azure_rm_securitygroup - Manage Azure network security groups.
• azure_rm_securitygroup_facts - Get security group facts.
• azure_rm_storageaccount - Manage Azure storage accounts.
• azure_rm_storageaccount_facts - Get storage account facts.
• azure_rm_storageblob - Manage blob containers and blob objects.
• azure_rm_subnet - Manage Azure subnets.
• azure_rm_virtualmachine - Manage Azure virtual machines.
• azure_rm_virtualmachine_extension - Managed Azure Virtual Machine extension
• azure_rm_virtualmachine_scaleset - Manage Azure virtual machine scale sets.
• azure_rm_virtualmachine_scaleset_facts - Get Virtual Machine Scale Set facts
• azure_rm_virtualmachineimage_facts - Get virtual machine image facts.
• azure_rm_virtualnetwork - Manage Azure virtual networks.
• azure_rm_virtualnetwork_facts - Get virtual network facts.

Run command "ansible-playbook azure_create_vm.yml" and wait for a while, the vm will be provisioned soon shown below.

Notice that Cloud Shell is backed by Azure Storage's file share, if you have one existing yml playbook and would like to upload it to Cloud Shell, just simply upload the asset in the corresponding storage account shown below. Please refer to Transfer local files to Cloud Shell for more details.