Azure Linux ScaleSet

Azure terraform module to create an Azure Linux Virtual Machine Scale Set.

Global versioning rule for Claranet Azure modules

Module version	Terraform version	OpenTofu version	AzureRM version
>= 8.x.x	Unverified	1.8.x	>= 4.0
>= 7.x.x	1.3.x		>= 3.0
>= 6.x.x	1.x		>= 3.0
>= 5.x.x	0.15.x		>= 2.0
>= 4.x.x	0.13.x / 0.14.x		>= 2.0
>= 3.x.x	0.12.x		>= 2.0
>= 2.x.x	0.12.x		< 2.0
< 2.x.x	0.11.x		< 2.0

Contributing

If you want to contribute to this repository, feel free to use our pre-commit git hook configuration which will help you automatically update and format some files for you by enforcing our Terraform code module best-practices.

More details are available in the CONTRIBUTING.md file.

Usage

This module is optimized to work with the Claranet terraform-wrapper tool which set some terraform variables in the environment needed by this module. More details about variables set by the terraform-wrapper available in the documentation.

⚠️ Since modules version v8.0.0, we do not maintain/check anymore the compatibility with Hashicorp Terraform. Instead, we recommend to use OpenTofu.

module "linux_scaleset" {
  source  = "claranet/linux-scaleset/azurerm"
  version = "x.x.x"

  location       = module.azure_region.location
  location_short = module.azure_region.location_short
  client_name    = var.client_name
  environment    = var.environment
  stack          = var.stack

  resource_group_name = module.rg.name

  vm_size        = "Standard_F4s_v2"
  admin_username = "myusername"

  subnet = module.subnet

  ssh_public_key = var.ssh_public_key

  ultra_ssd_enabled = true

  # Value depends on `var.vm_size` local storage size
  os_disk_size_gb = 31

  data_disks = [
    {
      lun                  = 0
      disk_size_gb         = 32
      caching              = "ReadOnly"
      storage_account_type = "Premium_LRS"
    },
    {
      lun                  = 1
      disk_size_gb         = 48
      disk_iops_read_write = 4000
      storage_account_type = "UltraSSD_LRS"
    },
  ]

  # The feature must be activated upstream:
  # az feature register --namespace Microsoft.Compute --name EncryptionAtHost --subscription <subscription_id_or_name>
  encryption_at_host_enabled = true

  source_image_reference = {
    publisher = "Debian"
    offer     = "debian-11"
    sku       = "11-gen2"
    version   = "latest"
  }

  upgrade_mode = "Automatic"
  automatic_instance_repair = {
    enabled = true
  }

  load_balancer_backend_address_pool_ids = var.lb_backend_address_pool_id[*]
  health_probe = {
    id = var.health_probe_id
  }

  diagnostics_storage_account_name = module.run.logs_storage_account_name
  azure_monitor_data_collection_rule = {
    id = module.run.data_collection_rule_id
  }

  extra_tags = {
    "extra-tag" = "extra-tag-value"
  }
}

Providers

Name	Version
azurecaf	~> 1.2.28
azurerm	~> 4.0

Modules

No modules.

Resources

Name	Type
azurerm_linux_virtual_machine_scale_set.main	resource
azurerm_monitor_data_collection_rule_association.main	resource
azurerm_virtual_machine_scale_set_extension.azure_monitor_agent	resource
azurerm_virtual_machine_scale_set_extension.main	resource
azurecaf_name.ip_configuration	data source
azurecaf_name.nic	data source
azurecaf_name.vmss_linux	data source

Inputs

Name	Description	Type	Default	Required
accelerated_networking_enabled	Should accelerated networking be enabled? Defaults to true.	bool	true	no
admin_password	Password for the Scale Set administrator account. One of either var.admin_password or var.ssh_public_key must be specified. Changing this forces a new resource to be created.	string	null	no
admin_username	Username of the Scale Set administrator account.	string	n/a	yes
application_gateway_backend_address_pool_ids	List of references to backend address pools of an Application Gateway. A Scale Set can reference backend address pools of a single Application Gateway.	list(string)	null	no
application_security_group_ids	IDs of Application Security Groups (up to 20).	list(string)	null	no
automatic_instance_repair	Whether to enable automatic instance repair. Must have a valid var.health_probe.id or an Application Health Extension.	object({ enabled = optional(bool, false) grace_period = optional(string, "PT10M") action = optional(string, "Replace") })	{}	no
automatic_os_upgrade_enabled	Should OS upgrades automatically be applied to Scale Set instances in a rolling fashion when a newer version of the OS image becomes available? This is particularly useful when var.upgrade_mode = "Rolling". Defaults to false.	bool	false	no
automatic_rollback_enabled	Should automatic rollbacks be enabled? Only available when var.upgrade_mode is not 'Manual'. Defaults to true.	bool	true	no
azure_monitor_agent_enabled	Whether to enable Azure Monitor Agent. Requires a Data Collection Rule ID.	bool	true	no
azure_monitor_agent_version	Azure Monitor Agent extension version.	string	"1.22"	no
azure_monitor_data_collection_rule	Data Collection Rule ID from Azure Monitor for metrics and logs collection.	object({ id = string })	null	no
client_name	Client name/account used in naming.	string	n/a	yes
custom_data	The Base64-Encoded Custom Data which should be used for this Virtual Machine Scale Set.	string	null	no
custom_name	Custom name for the Virtual Machine Scale Sets. Generated if not set.	string	null	no
data_disks	Definition of data disks to be attached to instances in the Scale Set.	list(object({ # name = string (unexpected status 400 (400 Bad Request) with error: InvalidParameter: Parameter 'dataDisk.name' is not allowed.) lun = number disk_size_gb = number create_option = optional(string, "Empty") caching = optional(string, "None") storage_account_type = optional(string, "StandardSSD_LRS") disk_encryption_set_id = optional(string) disk_iops_read_write = optional(string) disk_mbps_read_write = optional(string) write_accelerator_enabled = optional(bool, false) }))	[]	no
dcr_custom_name	Custom name for the Data Collection Rule association.	string	null	no
default_tags_enabled	Option to enable or disable default tags.	bool	true	no
diagnostics_storage_account_name	Name of the Storage Account in which Scale Set boot diagnostics are stored.	string	null	no
dns_servers	List of DNS servers.	list(string)	null	no
encryption_at_host_enabled	Should all disks (including the temporary disk) attached to instances in the Scale Set be encrypted by enabling Encryption at Host? See documentation for list of compatible VM sizes. Defaults to true.	bool	true	no
environment	Project environment.	string	n/a	yes
extensions	Extensions to add to the Scale Set.	list(object({ name = string publisher = string type = string type_handler_version = string auto_upgrade_minor_version = optional(bool, true) automatic_upgrade_enabled = optional(bool, false) failure_suppression_enabled = optional(bool, false) force_update_tag = optional(string) protected_settings = optional(string) provision_after_extensions = optional(list(string)) settings = optional(string) }))	[]	no
extra_tags	Additional tags to associate with the Scale Set.	map(string)	{}	no
health_probe	Specifies the identifier for the Load Balancer health probe. Required when var.upgrade_mode = "Automatic" or "Rolling".	object({ id = string })	null	no
identity	Identity block information as described in this documentation.	object({ type = optional(string, "SystemAssigned") identity_ids = optional(list(string)) })	{}	no
instance_count	Number of instances in the Scale Set. Defaults to 2.	number	2	no
ip_configuration_custom_name	Custom name for the IP configuration of the network interfaces. Generated if not set.	string	null	no
ip_forwarding_enabled	Does this network interface support IP forwarding? Defaults to false.	bool	false	no
load_balancer_backend_address_pool_ids	List of references to backend address pools of Load Balancers. A Scale Set can reference backend address pools of one public and one internal Load Balancer.	list(string)	null	no
load_balancer_inbound_nat_rules_ids	List of references to inbound NAT rules for Load Balancers.	list(string)	null	no
location	Azure location.	string	n/a	yes
location_short	Short string for Azure location.	string	n/a	yes
name_prefix	Optional prefix for the generated name.	string	""	no
name_suffix	Optional suffix for the generated name.	string	""	no
network_security_group	ID of the Network Security Group to be assigned to this network interface.	object({ id = string })	null	no
nic_custom_name	Custom name for the network interfaces. Generated if not set.	string	null	no
os_disk_caching	OS disk caching requirements. Possible values are None, ReadOnly and ReadWrite. Defaults to None.	string	"None"	no
os_disk_encryption_set_id	ID of the Disk Encryption Set which should be used to encrypt the OS disk. Changing this forces a new resource to be created.	string	null	no
os_disk_managed_disk_type	Type of managed disk to create. Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS. Defaults to StandardSSD_LRS.	string	"StandardSSD_LRS"	no
os_disk_size_gb	Size of the OS disk in GB.	number	32	no
os_disk_write_accelerator_enabled	Whether to enable write accelerator for the OS disk.	bool	false	no
os_ephemeral_disk_enabled	Whether OS disk is local ephemeral disk. See documentation. Changing this forces a new resource to be created.	bool	true	no
os_ephemeral_disk_placement	Placement for the local ephemeral disk. Possibles values are CacheDisk and ResourceDisk. See documentation. Defaults to ResourceDisk. Changing this forces a new resource to be created.	string	"ResourceDisk"	no
overprovisioning_enabled	Should Azure overprovision instances in this Scale Set? This means that multiple Virtual Machines will be provisioned and Azure will keep the instances which become available first, which improves provisioning success rates and improves deployment time. Defaults to true.	bool	true	no
resource_group_name	Resource Group name.	string	n/a	yes
rolling_upgrade_policy	Rolling upgrade policy. Only applicable when var.upgrade_mode is not 'Manual'.	object({ cross_zone_upgrades_enabled = optional(bool) max_batch_instance_percent = optional(number, 25) max_unhealthy_instance_percent = optional(number, 25) max_unhealthy_upgraded_instance_percent = optional(number, 25) pause_time_between_batches = optional(string, "PT30S") prioritize_unhealthy_instances_enabled = optional(bool) maximum_surge_instances_enabled = optional(bool) })	{}	no
scale_in_force_deletion_enabled	Whether the instances chosen for removal should be force deleted when the Virtual Machine Scale Set is being scaled-in.	bool	false	no
scale_in_policy	The scale-in policy rule that decides which instances are chosen for removal when a Virtual Machine Scale Set is scaled-in. Possible values are Default, NewestVM and OldestVM. Defaults to Default.	string	"Default"	no
source_image_id	ID of the source image to use. One of either var.source_image_id or var.source_image_reference must be specified. Changing this forces a new resource to be created.	string	null	no
source_image_reference	Reference of the source image to use. One of either var.source_image_id or var.source_image_reference must be specified. Changing this forces a new resource to be created.	object({ publisher = string offer = string sku = string version = string })	null	no
ssh_private_key	Private SSH key to be deployed on instances in the Scale set.	string	null	no
ssh_public_key	Public SSH key to be deployed on instances in the Scale set. One of either var.admin_password or var.ssh_public_key must be specified. Changing this forces a new resource to be created.	string	null	no
stack	Project Stack name.	string	n/a	yes
subnet	ID of the Subnet.	object({ id = string })	n/a	yes
ultra_ssd_enabled	Should the capacity to use UltraSSD_LRS Storage Account type be supported on this Scale Set?. Defaults to false. Changing this forces a new resource to be created.	bool	false	no
upgrade_mode	Specifies how upgrades (e.g. changing the image/SKU) should be performed to instances in the Scale Set. Possible values are Automatic, Manual and Rolling. Defaults to Manual. Changing this forces a new resource to be created.	string	"Manual"	no
user_data	The Base64-Encoded User Data which should be used for this Virtual Machine Scale Set.	string	null	no
vm_size	Size (SKU) of instances in the Scale Set.	string	n/a	yes
vtpm_enabled	Specifies if vTPM (virtual Trusted Platform Module) and Trusted Launch is enabled for the Scale Set. Defaults to true. Changing this forces a new resource to be created.	bool	true	no
zone_balancing_enabled	Whether the instances in this Scale Set should be strictly evenly distributed across Availability Zones? Changing this forces a new resource to be created.	bool	true	no
zones	A list of Availability Zones in which the instances in this Scale Set should be created in. Updating zones to remove an existing zone forces a new resource to be created.	list(number)	[ 1, 2, 3 ]	no

Outputs

Name	Description
admin_password	Scale Set admin password.
admin_ssh_private_key	Scale Set admin SSH private key.
admin_ssh_public_key	Scale Set admin SSH public key.
admin_username	Scale Set admin username.
id	Scale Set ID.
identity_principal_id	Object ID of the Scale Set Managed Service Identity.
name	Scale Set name.
resource	Scale Set resource object.
terraform_module	Information about this Terraform module

Related documentation

• Microsoft Azure documentation: docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/