Terraform-provider-azurerm: Terraform DSC
_This issue was originally opened by @gurjitsk as hashicorp/terraform#16247. It was migrated here as a result of the provider split. The original body of the issue is below._
I am deploying some windows VM's in Azure and does Terraform supports DSC ?
Hi there,
Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.
If your issue relates to a specific Terraform provider, please open it in the provider's own repository. The index of providers is at https://github.com/terraform-providers .
Terraform Version
Run terraform -v to show the version. If you are not running the latest version of Terraform, please try upgrading because your issue may have already been fixed.
Terraform Configuration Files
# Copy-paste your Terraform configurations here.
#
# For large Terraform configs, please use a service like Dropbox and
# share a link to the ZIP file. For security, you can also encrypt the
# files using our GPG public key.
Debug Output
Full debug output can be obtained by running Terraform with the environment variable TF_LOG=trace. Please create a GitHub Gist containing the debug output. Please do _not_ paste the debug output in the issue, since debug output is long.
Debug output may contain sensitive information. Please review it before posting publicly, and if you are concerned feel free to encrypt the files using the HashiCorp security public key.
Crash Output
If the console output indicates that Terraform crashed, please share a link to a GitHub Gist containing the output of the crash.log file.
Expected Behavior
What should have happened?
Actual Behavior
What actually happened?
Steps to Reproduce
Please list the full steps required to reproduce the issue, for example:
terraform initterraform apply
Important Factoids
Are there anything atypical about your situation that we should know? For example: is Terraform running in a wrapper script or in a CI system? Are you passing any unusual command line options or environment variables to opt-in to non-default behavior?
References
Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:
- hashicorp/terraform#6017
hashibot
All 14 comments
I am deploying some windows VM's in Azure and does Terraform supports DSC ?
gurjitsk
on 3 Oct 2017
Hi @gurjitsk
Thanks for opening this issue :)
I am deploying some windows VM's in Azure and does Terraform supports DSC ?
Yes, you can do this either using a VM Extension or by using the remote-exec provisioner depending on your setup. Would you be able to take a look and see if either of those works for you?
Thanks!
tombuildsstuff
on 3 Oct 2017
Hi Tom, thanks for your reply :)
I am new to TF, would you be able to share any examples?
gurjitsk
on 3 Oct 2017
Hi @gurjitsk
I don't have a DSC extension available unfortunately - but based on this example from an ARM Template:
"name": "Microsoft.Powershell.DSC",
"type": "extensions",
"location": "[resourceGroup().location]",
"apiVersion": "2015-06-15",
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachines/', variables('vmName'))]"
],
"properties": {
"publisher": "Microsoft.Powershell",
"type": "DSC",
"typeHandlerVersion": "2.20",
"autoUpgradeMinorVersion": true,
"forceUpdateTag": "[parameters('dscExtensionUpdateTagVersion')]",
"settings": {
"configuration": {
"url": "[concat(parameters('_artifactsLocation'), '/', variables('dscExtensionArchiveFolder'), '/', variables('dscExtensionArchiveFileName'))]",
"script": "dscExtension.ps1",
"function": "Main"
},
"configurationArguments": {
"nodeName": "[variables('vmName')]"
}
},
"protectedSettings": {
"configurationUrlSasToken": "[parameters('_artifactsLocationSasToken')]"
}
}
.. the Terraform configuration for the VM Extension should look something like this:
resource "azurerm_virtual_machine_extension" "test" {
name = "hostname"
location = "West US"
resource_group_name = "${azurerm_resource_group.test.name}"
virtual_machine_name = "${azurerm_virtual_machine.test.name}"
publisher = "Microsoft.Powershell"
type = "DSC"
type_handler_version = "2.20"
settings = <<SETTINGS
{
"configuration": {
"url": "https://path/to/file.ps1",
"script": "dscExtension.ps1",
"function": "Main"
},
"configurationArguments": {
"nodeName": "some-machine-name"
}
}
}
SETTINGS
tags {
environment = "Production"
}
}
Thanks!
tombuildsstuff
on 3 Oct 2017
👋 @gurjitsk have you had a chance to look at the suggestion above yet?
tombuildsstuff
on 11 Oct 2017
DSC extension Still not working, same error, have tried all different combinations( capital username etc.)
Had a word with Microsoft who said , as long as extension is concerned ,it is working using powershell.
so still banging my head against the wall. :(
gurjitsk
on 11 Oct 2017
@tombuildsstuff That is a great example but I cannot apply the "autoUpgradeMinorVersion": true
whytoe
on 11 Oct 2017
@whytoe auto_update_minor_version is a native parameter in Terraform - so you can specify it there rather than within settings :)
tombuildsstuff
on 12 Oct 2017
Guys , I don't care about "autoUpgradeMinorVersion": true
All I want is get below working somehow or help with making any changes if I am missing anything:
Domain Join Extension
resource "azurerm_virtual_machine_extension" "gsk-JDExtension" {
name = "joindomain"
location = "${var.azure_location}"
resource_group_name = "${azurerm_resource_group.GS-RG-PROD.name}"
virtual_machine_name = "GS-SRV-01"
publisher = "Microsoft.Compute"
type = "JsonADDomainExtension"
type_handler_version = "1.0"
settings = <
"Name": "GSK.local",
"User": "GSK.local\gurjit.singh",
"Restart": "true",
"Options": "3"
}
SETTINGS
protected_settings = <
"Password": "*00"
}
PROTECTED_SETTINGS
}
gurjitsk
on 12 Oct 2017
@gurjitsk your original post was about DSC not about ADjoin
This works for me (protected settings not displayed)
name = "join-domain"
location = "${var.vm_location}"
resource_group_name = "${var.resource_group_name}"
virtual_machine_name = "${var.vm_machine_name}"
publisher = "${var.publisher}"
type = "JsonADDomainExtension"
type_handler_version = "1.0"
settings = <<-BASE_SETTINGS
{
"Name": "domain.com",
"OUPath": "OU=Test,OU=Cloud,OU=MyOrg,OU=Servers,DC=domain,DC=com",
"User": "domain\domainjoinaccount",
"Restart": "true",
"Options": "3"
}
BASE_SETTINGS
whytoe
on 12 Oct 2017
@whytoe Yes you are right, I apologise for that but thanks for your help :)
@Tom Thanks a lot mate for all the help. :)
Good news is that Extension is now working fine, I was missing word BASE_SETTINGS and OU variable.
gurjitsk
on 12 Oct 2017
@gurjitsk glad it works now! I'm going to close this issue but feel free to reopen it if you have more issues!
mbfrahry
on 12 Oct 2017
@ I am using the below tf script for VM joining to Domain after deploying but its throwing error, please help me.
resource "azurerm_virtual_machine_extension" "test" {
name = "join-domain"
location = "${var.location}"
resource_group_name = "${var.rg_name}"
virtual_machine_name = "${azurerm_virtual_machine.vm.name}"
publisher = "Microsoft.Compute"
type = "JsonADDomainExtension"
type_handler_version = "1.0"
settings = <
"Name": "domain.com",
"OUPath": "Domain.com/Windows Servers/Azure/MSB 2016",
"User": "account",
"Restart": "true",
"Options": "3"
}
SETTINGS
protected_settings = <
"password": "Pa*"
}
PROTECTED_SETTINGS
}
panditmali
on 19 Jun 2019
I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!
![hashibot[bot] picture](https://avatars2.githubusercontent.com/in/8332?v=4&s=40)
hashibot[bot]
on 19 Jun 2019
Related issues
rolandjohann
·
3Comments
voyera
·
3Comments
Kanikamiglani31
·
3Comments
bentterp
·
3Comments
mikemorris
·
3Comments