At Motifworks, we are AZURESMART. We are one of the fastest-growing cloud solutions providers, specializing in Cloud Adoption, Application Innovation, and Effective Data Strategies. Our passion is to empower you to accelerate your digital transformation initiatives using the Microsoft Azure cloud. We’re here to simplify your path to explore what’s possible.
Corporate Office
200 W Townsontown Blvd, Suite 300D, Towson, MD, 21204, US
Regional Offices
Philadelphia ¦ Detroit ¦ Dallas ¦ Florida ¦ Cincinnati ¦ Ohio
Development Office
101 Specialty Business Center, Balewadi Road, Pune- 411045, Maharashtra, India
Overcome Challenges of Terraform Azure with CLI and PowerShell
Resolving Terraform Azure environment challenges for complex deployments through Azure CLI and PowerShell
To repeatedly deploy cloud-native applications on Azure through Infrastructure as Code (IaC) scripts, Terraform is an excellent choice. There are situations where Terraform results into execution problems due to nature of Azure Services operations and delayed resources management on Azure. In such scenarios, Terraform is integrated with Azure Command-line Interface (CLI) scripts wrapped inside PowerShell scripts.
Some real-world scenarios which you may come across while working in an Terraform Azure environment have been covered in this blog based on our experience gained while working on an e-Commerce application. In this blog, we intend to explain how combination 3 technologies (Terraform, Azure CLI and PowerShell) helped us address situations better. Feel free to read about a situation interests you or check them all out.
2. Environment gets deleted if we provision multiple environments from the same folder
Follow these steps:
Try to create multiple environments from the same folder using different vars file. When you try a second time, the earlier environment gets deleted.
Diagnosed root cause:
Terraform maintains only one state file so when we execute the scripts for second time, it destroys the environment present in the existing state file.
The Solution:
Maintain separate state files by passing file names in both terraform plan and terraform Azure apply commands.
3. Unable to destroy created environment
Follow these steps:
Use the command terraform apply -destroy –auto-approvewhenever you’ve diagnostic settings enabled.
Diagnosed root cause:
The plan file gets stale due to drift in the file as Diagnostic settings take some time to fork through.
The Solution:
Delete diagnostic settings first and use Azure CLI for destroying Resource Group. Terraform destroy doesn’t work mostly in scenarios like this.
4. Terraform script fails if provisioning environment is configured for IPv6
Follow these steps:
Use Internet Service Provider that has IPV6 enabled by default, e.g., Jio in India.
From the computer connected to this ISP, run command to fork environment.
Script will throw an error while provisioning MySQL server for opening IP Addresses in Firewall to execute SQL Commands from local computer.
The Solution:
Use (https://ipv4.icanhazip.com) to get IPv4 address and provide the obtained IPV4 address to put entry in Firewall settings of Azure MySQL Database Firewall.
5. For the case of Private Link, DNS entries for Key Vault and MySQL are not removed
Follow these steps:
Run script to create an environment with Private Link enabled.
Destroy the environment.
Run script to re-create environment with same configuration.
Observation: Terraform script will fail with reason that A Record in Private DNS Zone of MySQL and Key Vault already exists.
Diagnosed root cause:
DNS entries in Private Link of MySQL and Key Vault are not deleted by Terraform.
The Solution:
Delete these entries using Azure CLI scripts invocation.
6. VNET Peering settings are not removed with peered destination VNET
Follow these steps:
Run script to create an environment with Private Link enabled.
Destroy the environment.
Run script to re-create environment with same configuration.
Observation: Terraform script will fail with reason stating that VNET Peering already exists in the parent VNET / VNET with which current environment is being peered.
Diagnosed root cause:
VNET Address peering moves to Disconnected state when Environment is destroyed.
The Solution:
Delete these entries using Azure CLI scripts invocation.
Sanket Tarun Shah
Cloud Architecture Consultant and Mentor | Motifworks
Seasoned Enterprise and Multi-cloud Architect with strong experience in Global delivery and Technical Presales targeting North America Region. Experience in rollout of complex applications with latest technologies and balancing integration with existing systems. Mainly my areas of expertise lies in designing systems architecture that comply with business drivers such as – Performance, Scalability, Security using captive and 3rd party Data Centres including cloud services (PaaS, IaaS, SaaS). I have a strong hold on Microsoft technologies & open-source platforms.
Still facing difficulties creating and maintaining cloud-native applications?
Let us help you deploy a stateful application within minutes
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are as essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.