HiveBrain v1.2.0
Get Started
← Back to all entries
snippetMinor

Can I create an Azure VM from Ansible with NICs in different resource groups?

Submitted by: @import:stackexchange-devops··
0
Viewed 0 times
cangroupscreateresourcewithdifferentnicsazurefromansible

Problem

I am working on creating an Ansible playbook to

  • Ensure required network resources for an Azure VM are present, and



  • Create an Azure VM attached to those resources.



Due to the way the organization is structured, all network resources (such as NIC, NSG, Subnets and Public IPs) are placed in a Networks Resource Group in Azure. And these are managed by a separate team.

Also, the mandate is to create the Azure VMs and all non network resources in a separate resource group (let's call it AZRVMRG.

The chunk of the playbook that creates the VM looks like this:

---
- name: "Create VM {{vm_type}} - {{name}}"
  azure_rm_virtualmachine:
    resource_group: "{{rg_name}}"
    name: "{{name}}"
    vm_size: "{{size}}"
    admin_username: "{{user}}"
    admin_password: "{{pass}}"
    os_type: "{{os_type}}"
    network_interfaces: "{{nic_name}}"
    image: "{{image}}"
    tags: "{{tags}}"


Where {{rg_name}} is the AZRVMRG RG, and {{nic_name}} is an existing NIC present in the Networks RG.

Question

How do I reference the NIC present in the Networks resource group while creating the Azure VM within AZRVMRG resource group?

What I've tried

I have tried "just" referencing the NIC name, but that gives me an error similar to:

"msg": "Error fetching network interface AZRVMNIC - Azure Error: ResourceNotFound\nMessage: The Resource 'Microsoft.Network/networkInterfaces/AZRVMNIC' under resource group 'AZRVMRG' was not found."


So clearly, its looking under the same resource group.

Notes

(I have seen VMs created in the Azure subscription this way, so this is possible in Azure. But Ansible does not document this approach in its official docs. )

Solution

From close reading of the Ansible doc page on creating Azure VMs, it's clear that you can refer to a resource such as a virtual network or NIC using its resource ID. This lets you specify any resource, just like RM templates.

To specify a NIC created in another resource group by the networking team, with the networking_rg_name var set to that group name, you would use a resource ID like this:

- set_fact:
    nic_id: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ networking_rg_name }}/providers/Microsoft.Network/networkInterfaces/{{ nic_name }}"

- name: "Create VM {{vm_type}} - {{name}}"
  azure_rm_virtualmachine:
    resource_group: "{{rg_name}}"
    name: "{{name}}"
    vm_size: "{{size}}"
    admin_username: "{{user}}"
    admin_password: "{{pass}}"
    os_type: "{{os_type}}"
    network_interfaces: "{{nic_id}}"     # Use the nic_id instead of name
    image: "{{image}}"
    tags: "{{tags}}"


This works for any resources that are in a different resource group, including virtual networks.

Code Snippets

- set_fact:
    nic_id: "/subscriptions/{{ subscription_id }}/resourceGroups/{{ networking_rg_name }}/providers/Microsoft.Network/networkInterfaces/{{ nic_name }}"

- name: "Create VM {{vm_type}} - {{name}}"
  azure_rm_virtualmachine:
    resource_group: "{{rg_name}}"
    name: "{{name}}"
    vm_size: "{{size}}"
    admin_username: "{{user}}"
    admin_password: "{{pass}}"
    os_type: "{{os_type}}"
    network_interfaces: "{{nic_id}}"     # Use the nic_id instead of name
    image: "{{image}}"
    tags: "{{tags}}"

Context

StackExchange DevOps Q#3741, answer score: 1

Revisions (0)

No revisions yet.