Building an azure homelab can help give you the opportunity to study for certifications or help grow your career as a cloud engineer. Using terraform to build your homelab will allow you to spin up and destroy your environment everyday to save on cost. In this article we will go over the following task to help get your azure homelab built:
- Create a Microsoft azure account
- Install the azure cli
- Setup terraform on your pc
- Install visual studio code or the editor of your choice
- Build your azure homelab using terraform code
Creating a microsoft azure account
First you need to head over to azure.microsoft.com and signup for a free account. Azure provides a selection of free services forever such as windows servers, linux servers, databases and more. As you go through the initial signup process, you will be asked for a credit card. This will not charge you anything.
Installing the azure cli
In order to utilize some of the commands we will need to login to azure from the cli, we need to install the azure cli. Microsoft provides great documentation on all the commands and how to become more familiar with it. Visit their download page here and download the appropriate package for your computer.
Installing Terraform
Terraform needs to be downloaded from terraform.io and follow these steps to get terraform to work correctly on your pc:
- First unzip the folder
- create a folder called terraform on your C: drive
- Then create another folder inside the terraform folder called bin
- Go into the advanced system settings on your computer if using windows
- Select Environment Variables
- Then add the path to the bin folder in the user variables.
This now allows you to run the terraform command in the command prompt without having to use the absolute path.
Choosing a code editor of your choice
Next choose a code editor of your choice. An editor allows you to easily format code for various programming languages. Here is a list of possible editors of your choice:
- visual studio code
- atom
- sublime text
- notepad++
Build your azure homelab using terraform
First lets create our terraform folder structure. Create a folder called azurehomelab and inside of that folder create a folder called main.tf. This folder is where we will put all of our terraform code.
In your editor of choice, open up the folder and select the main.tf file. To create our azure homelab we will need the following resources created by terraform:
- azure resource group
- network security group that allows any network to access port 3389 for rdp access
- create a virtual network with a cidr of 10.0.0.0/16 and a subnet in that vnet with the 10.0.1.0/24 prefix
- a network interface and public ip address we can use to access our azure homelab server
- a windows 2016 virtual machine
Create your resource group
At the top of the main.tf file we need to add our terraform block and required providers. This section of the code also creates the azure resource group in the specified region. We also need the “data” and “output blocks as well. We need to do this because we have no way to pull the subnet id natively from the azurerm_virtual_network block. Without the Id, we would not be able to configure the network interface block down below.
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.22.0"
}
}
}
# Configure the Microsoft Azure Provider
provider "azurerm" {
features {}
}
# Create a resource group
resource "azurerm_resource_group" "homelabrg" {
name = "homelab"
location = "East US"
}
data "azurerm_subnet" "example" {
name = "subnet1"
virtual_network_name = "homelab-network"
resource_group_name = "homelab"
}
output "subnet_id" {
value = data.azurerm_subnet.example.id
}
Azure security group
Next we will create our security group and then a rule that will allow us to remote into the instance.
resource "azurerm_network_security_group" "homelabsg" {
name = "homelab-security-group"
location = azurerm_resource_group.homelabrg.location
resource_group_name = azurerm_resource_group.homelabrg.name
security_rule {
name = "allow rdp inbound"
priority = 100
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "3389"
source_address_prefix = "*"
destination_address_prefix = "*"
}
}
Building your azure virtual network
The next terraform resource block is the azurerm_virtual_network. This will define the address space and subnet being used.
resource "azurerm_virtual_network" "homelabvnet" {
name = "homelab-network"
location = azurerm_resource_group.homelabrg.location
resource_group_name = azurerm_resource_group.homelabrg.name
address_space = ["10.0.0.0/16"]
dns_servers = ["10.0.0.4", "10.0.0.5"]
subnet {
name = "subnet1"
address_prefix = "10.0.1.0/24"
}
tags = {
environment = "homelab"
}
}
Azure network interface & public IP address
These next two pieces are really critical for the creation of the azure virtual machine. Without the network interface and public ip address, you will not be able to access the server from home.
resource "azurerm_public_ip" "example" {
name = "homelabpublicip"
resource_group_name = azurerm_resource_group.homelabrg.name
location = azurerm_resource_group.homelabrg.location
allocation_method = "Static"
tags = {
environment = "homelab"
}
}
resource "azurerm_network_interface" "example" {
name = "windowshomelab-nic"
location = azurerm_resource_group.homelabrg.location
resource_group_name = azurerm_resource_group.homelabrg.name
ip_configuration {
name = "internal"
subnet_id = data.azurerm_subnet.example.id
private_ip_address_allocation = "Dynamic"
public_ip_address_id = azurerm_public_ip.example.id
}
}
Creating a virtual machine in azure using terraform
Last but not least we need to choose our azure virtual machine. This will configure the image we will be using, the os disk and the username and password to login. Best practice would be to utilize secrets to pass the password into the file vs clear text. Since this is a homelab we can destroy and bring up at any time we can keep it simple.
resource "azurerm_windows_virtual_machine" "example" {
name = "example-machine"
resource_group_name = azurerm_resource_group.homelabrg.name
location = azurerm_resource_group.homelabrg.location
size = "Standard_F2"
admin_username = "adminuser"
admin_password = "P@$$w0rd1234!"
network_interface_ids = [
azurerm_network_interface.example.id
]
os_disk {
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
}
source_image_reference {
publisher = "MicrosoftWindowsServer"
offer = "WindowsServer"
sku = "2016-Datacenter"
version = "latest"
}
}
The output block from the first snippet of code above will provide you with the outside ip address you can utilize to rdp into the server. Now if this is your first time using terraform you will have to complete a couple commands:
- “Terraform init” this will initialize and download the required providers
- “Terraform Plan” will allow you see what will be changed. Its always best practice to run this first
- “Terraform Apply” will then Configure all of your azure homelab resources
- “Terraform Destroy” will destroy all of the resources once your are done using them. This could also help save money when not using them.
Conclusion
Now that we have the full homelab setup, you will be able to expand on this configuration and build more resources. As your skills in azure continue to grow, its always important to keep as much of your lab in terraform. This will help keep your resources in one configuration and help eliminate an expensive bill if you forget to delete anything manually.