Terraform-provider-azurerm: Allow application gateway to point at a VMSS

Created on 5 Jul 2018  ·  7Comments  ·  Source: terraform-providers/terraform-provider-azurerm

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Azure Application Gateway allows you to point at a VMSS on the backend (this is also even noted in the terraform documentation) but that capability is not yet supported in terraform:

The backend_address_pool block supports:
name - (Required) User defined name for a backend address pool.
ip_address_list - (Optional) List of public IPAdresses, or internal IP addresses in a backend address pool.
fqdn_list - (Optional) List of FQDNs in a backend address pool.

New or Affected Resource(s)

  • azurerm_application_gateway

Potential Terraform Configuration

resource "azurerm_application_gateway" "awg" {
  name                = "firefly"
  backend_address_pool {
    name = "${local.awg_name}-be-pool-discuss"
    vmss_list = ["${azurerm_virtual_machine_scale_set.test.name}"]
  }
…
}

References

ø

question servicvmss
Source
picture Supermathie
👍2

All 7 comments

You have to register your scale set when you create that. Take a look at "application_gateway_backend_address_pool_ids" on the VMSS page: https://www.terraform.io/docs/providers/azurerm/r/virtual_machine_scale_set.html

bpoland picture bpoland on 5 Jul 2018

hi @Supermathie

Thanks for opening this issue :)

As @bpoland has mentioned - a Virtual Machine Scale Set can be connected to an Application Gateway using the application_gateway_backend_address_pool_ids property within the ip_configuration block in the network_profile block in the azurerm_virtual_machine_scale_set resource - for instance:

resource "azurerm_application_gateway" "test" {
  # ..
}

resource "azurerm_virtual_machine_scale_set" "test" {
  # ..
  network_profile {
    ip_configuration {
      application_gateway_backend_address_pool_ids = ["${azurerm_application_gateway.test.id}"]
    }
  }
}

Would you be able to take a look and see if this works for you? Since this is a question about Terraform Configuration rather than a bug in Terraform - I'm going to close this issue for the moment (but we'll continue responding 😄).

Thanks!

tombuildsstuff picture tombuildsstuff on 5 Jul 2018

Ah! Didn't realize I had to go backwards.

Two things:

  • we could make this clearer on the application gateway documentation page by pointing them at the VMSS page
  • Since I need to reference the backend address pool id (not the application gateway ID) I'm wondering how to do that:

I have multiple backend address pools in my gateway but it seems I can't interrogate the ID of a particular one by name… I have to use index which makes it difficult:

azurerm_application_gateway.awg:
  id = /subscriptions/…/resourceGroups/michael/providers/Microsoft.Network/applicationGateways/awg
  backend_address_pool.# = 2
  backend_address_pool.0.fqdn_list.# = 0
  backend_address_pool.0.id = /subscriptions/…/resourceGroups/michael/providers/Microsoft.Network/applicationGateways/awg/backendAddressPools/awg-be-pool-app1
  backend_address_pool.0.ip_address_list.# = 0
  backend_address_pool.0.name = awg-be-pool-app1
  backend_address_pool.1.fqdn_list.# = 0
  backend_address_pool.1.id = /subscriptions/…/resourceGroups/michael/providers/Microsoft.Network/applicationGateways/awg/backendAddressPools/awg-be-pool-app2
  backend_address_pool.1.ip_address_list.# = 0
  backend_address_pool.1.name = awg-be-pool-app2

Presumably there is a way of doing this but I don't know it yet.

Supermathie picture Supermathie on 5 Jul 2018

I also wondering how should I specify backend address pool id.
It work like following but... not smart.

      # appGatewayBackendPool is name I specify.
      application_gateway_backend_address_pool_ids = ["${azurerm_application_gateway.test.id}/backendAddressPools/appGatewayBackendPool"]
guitarrapc picture guitarrapc on 18 Aug 2018

@guitarrapc that's pretty much what I'm doing - I'm doing some ERB templating so I pass the following into a module:

module "<%= @name %>_cluster" {
  …
  awg_pool_id      = "${azurerm_application_gateway.awg_clusters.id}/backendAddressPools/${azurerm_application_gateway.awg_clusters.name}-be-pool-<%= @name %>"
  …
}

and then inside the module:

resource "azurerm_virtual_machine_scale_set" "app" {
  …
    network_profile {
    name    = "private"
    primary = true

    ip_configuration {
      name      = "app-ipconfiguration"
      subnet_id = "${azurerm_subnet.workers.id}"
      application_gateway_backend_address_pool_ids = ["${var.awg_pool_id}"]
      load_balancer_backend_address_pool_ids = ["${module.nat.lb_be_id}"]
    }
  }
…
}
Supermathie picture Supermathie on 24 Aug 2018
👍1

Wonderful idea, thanks it help me much!

guitarrapc picture guitarrapc on 25 Aug 2018
1

I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

hashibot[bot] picture hashibot[bot] on 30 Mar 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

alant94 picture alant94  ·  3Comments
whytoe picture whytoe  ·  3Comments
Lachlan-White picture Lachlan-White  ·  3Comments
mlazowik picture mlazowik  ·  3Comments
akamalov picture akamalov  ·  3Comments