search

Azure / Azure-Verified-Modules

Azure Verified Modules (AVM) is an initiative to consolidate and set the standards for what a good Infrastructure-as-Code module looks like. Modules will then align to these standards, across languages (Bicep, Terraform etc.) and will then be classified as AVMs and available from their respective language specific registries.
https://aka.ms/AVM
MIT License
367 stars 90 forks source link

[Module Proposal]: `avm-ptn-lbvmss` #29

Open terrymandin opened 1 year ago

terrymandin commented 1 year ago

Check for previous/existing GitHub issues/module proposals

Terraform or Bicep?

Terraform

Resource or Pattern Module?

Pattern Module

Module Name

avm-ptn-lbvmss

Module Details

Create a Terraform pattern for VMSS Flex deployment. We are currently researching how VMSS is being used by the field. This may result in multiple patterns.

Do you want to be the owner of this module?

Yes

Module Owner's GitHub Username

terrymandin

jtracey93 commented 1 year ago

Hey @terrymandin,

Thanks for the submission.

Can you explain why you feel this would be a pattern module and not a resource module?

See the Module Classification Definitions for more info

Look forward to hearing from you

Jack

jeanchg commented 1 year ago

@terrymandin pls update and let us know if you want to be the owner for this Resource Module. By doing that you'd confirm you agree to the below: • https://azure.github.io/Azure-Verified-Modules/specs/shared/team-definitions/https://azure.github.io/Azure-Verified-Modules/specs/shared/https://azure.github.io/Azure-Verified-Modules/help-support/module-support/ BTW, this module should include both Linux & Windows

terrymandin commented 1 year ago

Hey guys, sorry for the late response. I have to check my notifications as I wasn't alerted to your questions.

Hey @terrymandin,

Thanks for the submission.

Can you explain why you feel this would be a pattern module and not a resource module?

See the Module Classification Definitions for more info

Look forward to hearing from you

Jack

I have changed my mind and agree that this should be a Resource module. The PG has suggested follow-on pattern modules. e.g. Behind a load balancer, with an app gateway, blue/green testing, etc., but I can create new applications for those.

terrymandin commented 1 year ago

@terrymandin pls update and let us know if you want to be the owner for this Resource Module. By doing that you'd confirm you agree to the below: • https://azure.github.io/Azure-Verified-Modules/specs/shared/team-definitions/https://azure.github.io/Azure-Verified-Modules/specs/shared/https://azure.github.io/Azure-Verified-Modules/help-support/module-support/ BTW, this module should include both Linux & Windows

I will be an owner. I have reached out to René Hézser and Marcel Keller as possible co-owners.

terrymandin commented 1 year ago

@jeanchg and @jtracey93, please let me know when this is approved and I will create the repo from the template.

terrymandin commented 1 year ago

Marcel Keller and René Hézser have agreed to co-author this AVM.

PmeshramPM commented 1 year ago

@terrymandin - Could you please let us know their GitHub alias so that we can assign the module to them?

terrymandin commented 1 year ago

@PankajMeshramCSA, here are two of them:

Terry Mandin: terrymandin Marcel Keller: marcelkmfst

René is on holidays this week. I'll get his to you next week.

Can I get started by creating the repo from the template?

PmeshramPM commented 1 year ago

Thanks @terrymandin, I have sorted out the assignment. Yes you can start by creating the repo from the template.

terrymandin commented 1 year ago

Thanks @PankajMeshramCSA, René just sent me his GitHub id: ReneHezser

PmeshramPM commented 1 year ago

@terrymandin - Thanks, I have added him and as discussed the module name is - terraform-azurerm-avm-res-compute-virtualmachinescaleset

terrymandin commented 1 year ago

@PankajMeshramCSA, after further analysis it appears that building a "reference" AVM on top of azurerm_orchestrated_virtual_machine_scale_set would just be a "wrapper". The code example that the PG provided is actually better described as a "pattern" module to setup VMSS with a load balancer. For this reason we will switch over to building a "pattern" AVM, with our first "pattern" AVM setting up VMSS with a load balancer. More details to follow ...

terrymandin commented 1 year ago

New "pattern" module will be named: "terraform-azurerm-avm-ptn-lbvmss".

terrymandin commented 1 year ago

@PmeshramPM , I brought up a number of questions regarding the VMSS AVM with Sapna and she suggested I reach out to you:

  1. How do I find customer architectures to base my VMSS AVM patterns on? Currently, Jerry Steele has mentioned a few: 1) VMSS with a Load Balancer, 2) VMSS with an App Gateway, and 3) blue/green architectures. If I build these, how do I validate them with real customer scenarios
  2. To be more specific, it seems that when building AVM modules we should be pruning down, defaulting or hard coding certain variables to align with best practices. How do I find the right balance with VMSS. I will be reaching out to Marcel and René, but am also looking for your input.
  3. Could you send me a link to the old Terraform repository. I'd like to review it to see if there are any VMSS architectures I can review there.
  4. One of the first customer's we are considering for the VMSS AVM modules is SAP. They have already built architectures based on VMSS using Availability Sets for databases. Interested in your thoughts here as you have experience with SAP. I also want to get Jerry Steele's (VMSS PM) recommendations as I believe there are nuances related to databases using VMSS. Interestingly, the Oracle database best practice is to use VMSS on Availability Sets.

If you are interested, you can see my initial commits on the VMSS Load Balancer AVM here. I am now trying to get the code to adhere to the AVM requirements and also determine which parameters are needed.

PmeshramPM commented 1 year ago

@terrymandin - Please see my responses [1] - This is where you would need to speak with assigned contacts with some of the big customers who may have common requirements for VMSS patterns. We can take it offline, happy to help you here. We can go back to these customers for validation. [2] - I would say in terms of balance, lets start with like a V1 version, validate that with customers and then work on V2 and so on. [3] - https://github.com/Azure/terraform-azure-modules - This is the link to TFVM repot but it does not have VMSS module. [4] - The best practice for SAP is VMSS with AZs. Here is the link to the architecture - https://learn.microsoft.com/en-us/azure/sap/workloads/virtual-machine-scale-set-sap-deployment-guide?tabs=scaleset-cli - I think we already have this one in the code. Let me check and get back to you on this one.

PmeshramPM commented 1 year ago

@terrymandin -Two more points

  1. on the pattern module name, the convention is avm-ptn-vmss - I have updated that in the description of this GH issue. Please pay attention to the repo name which would be terraform-azurerm-avm-ptn-vmss
  2. On the SAP point, we do have VMSS flex with AZs in the SAP automation repo.
terrymandin commented 1 year ago

@PmeshramPM , thank you for you replies!

[1] Thank you for your offer to help finding customers. I will setup time for us to discuss [2] The VMSS PM presented a great option to me for the variables. He recommended I use the same variables as az vmss create -h. I will do this. [3] - [4] -

Regarding the naming, as patterns can contain multiple services, it seems that the naming standard is looser. For example, in the specifications it gives an example of avm-ptn-apptiervmss. I believe that avm-ptn-vmss is too general in nature, as there will be other VMSS patterns as well. For example, the next one we are planning is a VMSS App Gateway pattern. If I have already used avm-ptn-vmss for the load balancer, what do I name the VMSS App Gateway pattern?

Regarding SAP, perhaps it could be one of the first consumer's of the VMSS AVM patterns?

PmeshramPM commented 1 year ago

Had a chat with @terrymandin and he is building VMSS Flex with lb pattern , updated the issue description and details based on that

terrymandin commented 1 year ago

This pattern AVM has been deprioritized by the CSU Compute PM (Michiel van Shaik). He has asked that we keep the request, but that we focus on other resource AVMs now.

microsoft-github-policy-service[bot] commented 11 months ago

@terrymandin, @ReneHezser, @marcelkmfst, this issue has not had any activity in the last 3 weeks. Please feel free to reach out to the AVM core team should you have any questions or need any help with the development of this module.

microsoft-github-policy-service[bot] commented 11 months ago

@terrymandin, @ReneHezser, @marcelkmfst, this issue has not had any activity in the last 3 weeks. Please feel free to reach out to the AVM core team should you have any questions or need any help with the development of this module.

microsoft-github-policy-service[bot] commented 11 months ago

@terrymandin, @ReneHezser, @marcelkmfst, this issue has not had any activity in the last 3 weeks. Please feel free to reach out to the AVM core team should you have any questions or need any help with the development of this module.

terrymandin commented 10 months ago

This pattern module was initially created as LB/VMSS architectures were quite common in the architecture center. It was also recommended by the VMSS PM.

After speaking with the Compute CSU PM we have decided to wait to see the usage of the VMSS resource AVM (currently in PR stage) before continuing on this module.

mbilalamjad commented 9 months ago

Reached out to @terrymandin offline to confirm the plans for this going forward, he or I will update accordingly

matebarabas commented 7 months ago

@terrymandin, @mbilalamjad, the AVM issue triage team is reviewing issues tagged as long-term. As part of this effort, we'd like to ask you to please provide any updates on this issue. Thank you!