Video Reference:
Before we begin, here’s a useful YouTube video that visually demonstrates the process of creating a resource group in Azure CLI. Make sure to watch it for a more interactive learning experience:
Mastering Azure CLI: Creating Resource Groups Like a Pro!

Step-by-Step Guide: Creating a Resource Group in Azure CLI

Step 1: Install Azure CLI:
If you haven’t already installed the Azure CLI, you can download and install it from the official website: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli. Follow the installation instructions for your specific operating system.

Step 2: Open a Terminal or Command Prompt:
Once the Azure CLI is installed, open a terminal or command prompt on your computer.

Step 3: Log in to Azure:
In the terminal, type the following command to log in to your Azure account:

az login

This will open a web page where you can enter your Azure credentials. After successful authentication, return to the terminal.

Step 4: Set Azure Subscription (Optional):
If you have multiple subscriptions associated with your account, you can set the desired subscription for resource group creation using the following command:

az account set --subscription <subscription_id>

Replace `<subscription_id>` with the ID of your desired subscription.

Step 5: Create the Resource Group:
To create a resource group, use the following command:

az group create --name <resource_group_name> --location <azure_region>

Replace `<resource_group_name>` with a unique name for your resource group, and `<azure_region>` with the region where you want your resource group to reside. Choose a region closest to your users or services for better performance.

Step 6: Verify the Resource Group Creation:
To verify that your resource group has been successfully created, you can list all your resource groups using the command:

az group list

This command will display information about all your resource groups, including the one you just created.

Conclusion:
Congratulations! You have successfully created a resource group in Azure using the Azure Command-Line Interface (CLI). Resource groups play a crucial role in organizing and managing your cloud resources effectively. By following this step-by-step guide, you can efficiently structure your Azure resources, making them easier to manage and monitor. Keep exploring Azure CLI’s capabilities to optimize your cloud management experience.

Remember, the YouTube video referenced in this article provides additional visual guidance on creating an Azure resource group via Azure CLI. Happy cloud computing and resource management!

Note: I have used this SKU size as it’s lightweight and sufficient for this lab exercise – Standard B1s (1 vcpu, 1 GiB memory)

First, we’ll create two Linux Ubuntu virtual machines in Azure. We’ll use Azure because it offers a quick and easy way to create virtual machines.

Step 1:

• Sign in to the Azure portal.
• Click on “Create a resource” in the top left corner of the screen.
• Search for “Ubuntu Server” and select the “Ubuntu Server 18.04 LTS” option.
• Choose a subscription, resource group, virtual machine name, region, and size for the virtual machine. You’ll need to create one VM for the image server and another for the video server.
• Set up a username and password for the VM.
• Choose “SSH public key” as the authentication type.
• Create an SSH key pair if you don’t already have one.
• Click “Review + create” to review your settings and create the VM.

Repeat this process to create a second VM for the video server.

Step 2: Configure the Virtual Machines

Next, we’ll configure the virtual machines to serve static assets. We’ll use Nginx as the web server, but you can use any web server you prefer.

SSH into the image server VM or use Azure Run Command Tool.
Install Nginx by running the command

"sudo apt-get update && sudo apt-get install nginx".

Copy your images to the VM and place them in the “/var/www/html” directory.
Repeat this process on the video server VM, but copy your videos to the “/var/www/html/videos” directory.

A step by step walkthrough as per below;
Install Nginx

sudo apt-get -y update
sudo apt-get -y install nginx

Create Images Folder Path

mkdir /var/www/html/images/
echo "<h1> This is the Images Server </h1>" > /var/www/html/images/index.html

Create Videos Folder Path

mkdir /var/www/html/videos/
echo "<h1>This is the Videos Server</h1>" > /var/www/html/videos/index.html

Step 3: Create the Application Gateway

Now, we’ll create the application gateway in Azure. This will enable us to route traffic to the correct VM based on the URL path.

• Sign in to the Azure portal.
• Click on “Create a resource” in the top left corner of the screen.
• Search for “Application Gateway” and select the “Application Gateway v2” option.
• Choose a subscription, resource group, name, region, and SKU for the application gateway.
• Choose the “Backend pools” option in the left menu.
• Click “Add” to add a backend pool.
• Choose the “Virtual machines” option for the backend target type.
• Choose the image server and video server virtual machines as the targets.
• Choose the “HTTP settings” option in the left menu.
• Click “Add” to add an HTTP setting.
• Choose a name for the HTTP setting and configure the protocol, port, and cookie settings.
• Choose the “Rules” option in the left menu.
• Click “Add” to add a rule.
• Choose a name for the rule and configure the listener, backend target, and URL path map settings.
• Test your application gateway by accessing the image and video servers through the gateway URL with the appropriate path.

Create Application Gateway

create application gateway public ip

create application gateway with images backend pool

create application gateway with videos backend pool

create application gateway images backend setting

create application gateway add multiple targets to create path-based rule

create application gateway add multiple images path-based rule

create application gateway videos backend setting

create application gateway add multiple videos path-based rule

create application gateway add backend targets

create application gateway frontend routing rules for backend pools

Browse to Video Server Resource

create application gateway and check health

Check Overview of Application Gateway

Awesome links for further reading;
Apache web server documentation: https://httpd.apache.org/docs/
Azure documentation: https://docs.microsoft.com/en-us/azure/
Ubuntu server documentation: https://ubuntu.com/server/docs
Virtual machines in Azure: https://docs.microsoft.com/en-us/azure/virtual-machines/
Application Gateway in Azure: https://docs.microsoft.com/en-us/azure/application-gateway/

Configure Your Environment

Configure Deployment Parts

Create your vars.tf file

#Variable file used to store details of repetitive references
variable "location" {
  description = "availability zone that is a string type variable"
  type    = string
  default = "eastus2"
}

variable "prefix" {
  type    = string
  default = "emc-eus2-corporate"
}

Create your providers.tf file

#Variable file used to store details of repetitive references
variable "location" {
  type    = string
  default = "eastus2"
}

variable "prefix" {
  type    = string
  default = "emc-eus2-corporate"
}

In the next steps, we create the main.tf file and add the following cmdlets.

Create a virtual network

#Create virtual network and subnets
resource "azurerm_virtual_network" "emc-eus2-corporate-network-vnet" {
  name                = "emc-eus2-corporate-network-vnet"
  location            = azurerm_resource_group.emc-eus2-corporate-resources-rg.location
  resource_group_name = azurerm_resource_group.emc-eus2-corporate-resources-rg.name
  address_space       = ["172.20.0.0/16"]

  tags = {
    environment = "Production"
  }
}

Create a subnet

#Create subnet - presentation tier
resource "azurerm_subnet" "presentation-subnet" {
  name                 = "presentation-subnet"
  resource_group_name  = azurerm_resource_group.emc-eus2-corporate-resources-rg.name
  virtual_network_name = azurerm_virtual_network.emc-eus2-corporate-network-vnet.name
  address_prefixes     = ["172.20.1.0/24"]
}

#Create subnet - data access tier
resource "azurerm_subnet" "data-access-subnet" {
  name                 = "data-access-subnet"
  resource_group_name  = azurerm_resource_group.emc-eus2-corporate-resources-rg.name
  virtual_network_name = azurerm_virtual_network.emc-eus2-corporate-network-vnet.name
  address_prefixes     = ["172.20.2.0/24"]
}

Create a public IP address

#Create Public IP Address
resource "azurerm_public_ip" "emc-eus2-corporate-nic-01-pip" {
  name                = "emc-eus2-corporate-nic-01-pip"
  location            = azurerm_resource_group.emc-eus2-corporate-resources-rg.location
  resource_group_name = azurerm_resource_group.emc-eus2-corporate-resources-rg.name
  allocation_method   = "Dynamic"
}

Create a network security group and SSH inbound rule

# Create Network Security Group and rule
resource "azurerm_network_security_group" "emc-eus2-corporate-nsg" {
  name                = "emc-eus2-corporate-nsg"
  location            = azurerm_resource_group.emc-eus2-corporate-resources-rg.location
  resource_group_name = azurerm_resource_group.emc-eus2-corporate-resources-rg.name

  security_rule {
    name                       = "SSH"
    priority                   = 1001
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "22"
    source_address_prefix      = "*"
    destination_address_prefix = "*"
  }
}

Create a virtual network interface card

# Create network interface
resource "azurerm_network_interface" "corporate-webserver-vm-01-nic" {
  name                = "corporate-webserver-vm-01-nic"
  location            = azurerm_resource_group.emc-eus2-corporate-resources-rg.location
  resource_group_name = azurerm_resource_group.emc-eus2-corporate-resources-rg.name

  ip_configuration {
    name                          = "corporate-webserver-vm-01-nic-ip"
    subnet_id                     = azurerm_subnet.presentation-subnet.id
    private_ip_address_allocation = "Dynamic"
    public_ip_address_id          = azurerm_public_ip.corporate-webserver-vm-01-ip.id
  }
}

Connect the network security group to the network interface

# Connect the security group to the network interface
resource "azurerm_network_interface_security_group_association" "corporate-webserver-vm-01-nsg-link" {
  network_interface_id      = azurerm_network_interface.corporate-webserver-vm-01-nic.id
  network_security_group_id = azurerm_network_security_group.emc-eus2-corporate-nsg.id
}

Create a storage account for boot diagnostics

# Generate random text for a unique storage account name
resource "random_id" "randomId" {
  keepers = {
    # Generate a new ID only when a new resource group is defined
    resource_group = azurerm_resource_group.emc-eus2-corporate-resources-rg.name
  }
  byte_length = 8
}

Create a storage account for boot diagnostics

# Create storage account for boot diagnostics
resource "azurerm_storage_account" "corpwebservervm01storage" {
  name                     = "diag${random_id.randomId.hex}"
  location                 = azurerm_resource_group.emc-eus2-corporate-resources-rg.location
  resource_group_name      = azurerm_resource_group.emc-eus2-corporate-resources-rg.name
  account_tier             = "Standard"
  account_replication_type = "LRS"
}

Create SSH Key

# Create (and display) an SSH key
resource "tls_private_key" "linuxsrvuserprivkey" {
  algorithm = "RSA"
  rsa_bits  = 4096
}

Create a virtual machine

# Create virtual machine
resource "azurerm_linux_virtual_machine" "emc-eus2-corporate-webserver-vm-01" {
  name                  = "emc-eus2-corporate-webserver-vm-01"
  location              = azurerm_resource_group.emc-eus2-corporate-resources-rg.location
  resource_group_name   = azurerm_resource_group.emc-eus2-corporate-resources-rg.name
  network_interface_ids = [azurerm_network_interface.corporate-webserver-vm-01-nic.id]
  size                  = "Standard_DC1ds_v3"

  os_disk {
    name                 = "corpwebservervm01disk"
    caching              = "ReadWrite"
    storage_account_type = "Premium_LRS"
  }

  source_image_reference {
    publisher = "Canonical"
    offer     = "0001-com-ubuntu-server-focal"
    sku       = "20_04-lts-gen2"
    version   = "latest"
  }

  computer_name                   = "corporate-webserver-vm-01"
  admin_username                  = "linuxsrvuser"
  disable_password_authentication = true

  admin_ssh_key {
    username   = "linuxsrvuser"
    public_key = tls_private_key.linuxsrvuserprivkey.public_key_openssh
  }
}

Terraform Plan

The terraform plan command evaluates a Terraform configuration to determine the desired state of all the resources it declares, then compares that desired state to the real infrastructure objects being managed with the current working directory and workspace. It uses state data to determine which real objects correspond to which declared resources, and checks the current state of each resource using the relevant infrastructure provider’s API.

terraform plan

Terraform Apply

The terraform apply command performs a plan just like terraform plan does, but then actually carries out the planned changes to each resource using the relevant infrastructure provider’s API. It asks for confirmation from the user before making any changes, unless it was explicitly told to skip approval.

terraform apply

Command to find an image based on the SKU.

samuel@Azure:~$ az vm image list -s "2019-Datacenter" --output table
You are viewing an offline list of images, use --all to retrieve an up-to-date list
Offer          Publisher               Sku              Urn                                                          UrnAlias           Version
-------------  ----------------------  ---------------  -----------------------------------------------------------  -----------------  ---------
WindowsServer  MicrosoftWindowsServer  2019-Datacenter  MicrosoftWindowsServer:WindowsServer:2019-Datacenter:latest  Win2019Datacenter  latest
samuel@Azure:~$ 

samuel@Azure:~$ az vm image list -s "18.04-LTS" --output table
You are viewing an offline list of images, use --all to retrieve an up-to-date list
Offer         Publisher    Sku        Urn                                      UrnAlias    Version
------------  -----------  ---------  ---------------------------------------  ----------  ---------
UbuntuServer  Canonical    18.04-LTS  Canonical:UbuntuServer:18.04-LTS:latest  UbuntuLTS   latest

Command to find an image based on the Publisher.

samuel@Azure:~$ az vm image list -p "Microsoft" --output table
You are viewing an offline list of images, use --all to retrieve an up-to-date list
Offer          Publisher               Sku                                 Urn                                                                             UrnAlias                 Version
-------------  ----------------------  ----------------------------------  ------------------------------------------------------------------------------  -----------------------  ---------
WindowsServer  MicrosoftWindowsServer  2022-Datacenter                     MicrosoftWindowsServer:WindowsServer:2022-Datacenter:latest                     Win2022Datacenter        latest
WindowsServer  MicrosoftWindowsServer  2022-datacenter-azure-edition-core  MicrosoftWindowsServer:WindowsServer:2022-datacenter-azure-edition-core:latest  Win2022AzureEditionCore  latest
WindowsServer  MicrosoftWindowsServer  2019-Datacenter                     MicrosoftWindowsServer:WindowsServer:2019-Datacenter:latest                     Win2019Datacenter        latest

samuel@Azure:~$ az vm image list -p "Canonical" --output table
You are viewing an offline list of images, use --all to retrieve an up-to-date list
Offer         Publisher    Sku        Urn                                      UrnAlias    Version
------------  -----------  ---------  ---------------------------------------  ----------  ---------
UbuntuServer  Canonical    18.04-LTS  Canonical:UbuntuServer:18.04-LTS:latest  UbuntuLTS   latest

At this point, the required pieces to build a Linux Virtual Machine on Azure is complete. It’s time to test your code.

You can learn more from Hashicorp by visiting the following link.
This article was helpful in troubleshooting issues with the Ubuntu SKU.