Coaching on DevOps and Cloud Computing: Automate Azure App Service setup using Ansible and Azure DevOps pipeline | How to integrate Ansible with Azure DevOps | How to Create WebApp in Azure Cloud using Ansible

Tuesday, April 23, 2024

Automate Azure App Service setup using Ansible and Azure DevOps pipeline | How to integrate Ansible with Azure DevOps | How to Create WebApp in Azure Cloud using Ansible

Ansible is an open-source, configuration management tool that automates cloud provisioning, configuration management, and application deployments.

Ansible Playbooks

Ansible playbooks allow you to direct Ansible to configure your environment. Playbooks are coded using YAML so as to be human-readable.

Automate Azure Web App setup using Ansible and Azure pipeline

Integrate Ansible with Azure Cloud

Integrating Ansible with Microsoft Azure allows you to automate and manage your Azure infrastructure using Ansible playbooks and modules. Ansible provides a collection of Azure-specific modules that enable you to provision and configure resources in Azure.

To configure Azure credentials, you need the following information:

Your Azure subscription ID and tenant ID
The service principal application ID and secret

Pre-requisites:

Azure account subscription, click here if you don't have one.
Azure CLI needs to be installed.
Service principal to create any resources in Azure cloud
Microsoft organization

Login to Azure

az login

Enter Microsoft credentials

Create Azure Service Principal

Run the following commands to create an Azure Service Principal:

az ad sp create-for-rbac --name ansible-azure-sp --role Contributor --scopes /subscriptions/<subscription_id>

Save the above output in a file as you will not be able retrieve later.

Create an Ansible playbook - create-linux-app-svc.yml

Create a simple playbook to create resource group in Azure and also a Azure App Service. Make sure you modify the name of the resource group, Azure WebApp and location below.

- hosts: localhost
  connection: local
  vars:
    resource_group: myResourceGroup
    webapp_name: myfirstAwesomeWebApp
    plan_name: myAppServicePlan
    location: eastus
  tasks:
    - name: Ensure resource group exists
      azure_rm_resourcegroup:
        name: myResourceGroup
        location: East US
      register: rg_result
    - debug:
        var: rg_result
    - name: Create App Service on Linux with Java Runtime
      azure_rm_webapp:
        resource_group: "{{ resource_group }}"
        name: "{{ webapp_name }}"
        plan:
          resource_group: "{{ resource_group }}"
          name: "{{ plan_name }}"
          is_linux: true
          sku: S1
          number_of_workers: 1
        frameworks:
          - name: "java"
            version: "8"
            settings:
              java_container: tomcat
              java_container_version: 9.0

Create Azure YAML build pipeline:

Select project dashboard.

Go to Pipelines -> New pipeline --> Click on Azure Repos Git or any SCM where you have playbooks stored. Select repo, click on Starter pipeline.

Add below four pipeline variables with value received from service principal creation.

AZURE_SUBSCRIPTION_ID
AZURE_CLIENT_ID
AZURE_SECRET
AZURE_TENANT
Add below tasks:
Install Ansible on build agent
Install Ansible rm module on build agent
Execute Ansible playbook for creating resource group in Azure cloud.
trigger:
- main

pr: none  # Disable PR triggers, can be adjusted as needed
pool:
  vmImage: 'ubuntu-latest'
steps:
- script: |
    # Install Ansible
    pip3 install "ansible==2.9.17"
  displayName: 'Install Ansible'
  
- script: |
    # Install Ansible rm module
    pip3 install ansible[azure]
  displayName: 'Install Ansible rm module'
  
- script: |
    # Run Ansible playbook to create Azure App Service
    ansible-playbook create-linux-app-svc.yml
  displayName: 'Run Ansible Playbook'
  env:
    AZURE_SUBSCRIPTION_ID: $(AZURE_SUBSCRIPTION_ID)
    AZURE_CLIENT_ID: $(AZURE_CLIENT_ID)
    AZURE_SECRET: $(AZURE_SECRET) 
    AZURE_TENANT: $(AZURE_TENANT) 

Save the pipeline and run it.

Now Login to Azure cloud to see if the App Service have been created.

Clean up service principal & Resource Group

az ad sp list --display-name ansible-azure-sp --output table

az ad sp delete --id <pass_the_id>

az group delete --name myResourceGroup --yes --no-wait

Delete Resource group and App Service using Ansible playbook: delete-linux-app-svc.yml

- name: Delete Azure App Service
hosts: localhost
connection: local
vars:
resource_group: myResourceGroup
webapp_name: myfirstAwesomeWebApp
tasks:
- name:
azure_rm_webapp:
name: "{{ webapp_name }}"
resource_group: "{{ resource_group }}"
state: absent

1 comment:

Digital ArnavApril 25, 2024 at 3:55 AM
This comment has been removed by the author.
ReplyDelete
Replies

Add comment