The Microsoft Azure cloud and Juju

List of supported clouds > Microsoft Azure

This document describes details specific to using your existing Microsoft Azure cloud with Juju.

See more: Microsoft Azure

When using the Microsoft Azure cloud with Juju, it is important to keep in mind that it is a (1) machine cloud and (2) not some other cloud.

See more: Cloud differences in Juju

As the differences related to (1) are already documented generically in our Tutorial, How-to guides, and Reference docs, here we record just those that follow from (2).

Juju points of variation Notes for the Microsoft Azure cloud
setup (chronological order):
CLOUD
supported versions:
requirements: If you’re in a locked-down environment:
Permissions:

- Microsoft.Compute/skus (read)

- Microsoft.Resources/subscriptions/resourceGroups (read, write, delete)

- Microsoft.Resources/deployments/ (write/read/delete/cancel/validate)

- Microsoft.Network/networkSecurityGroups (write, read, delete, other - join)

- Microsoft.Network/virtualNetworks/ (write, read, delete)

- Microsoft.Compute/virtualMachineScaleSets/ (write, read, delete, other - start action, other - deallocate action, other - restart action, other powerOff action)

- Microsoft.Network/virtualNetworks/subnets/ (read, write, delete, other - join)

- Microsoft.Compute/availabilitySets (write, read, delete)

- Microsoft.Network/publicIPAddresses (write, read, delete, other - join - optional for public services)

- Microsoft.Network/networkInterfaces (write, read, delete, other - join)

- Microsoft.Compute/virtualMachines (write, read, delete, other - start, power off, restart, deallocate)

- Microsoft.Compute/disks (write, read, delete)
definition: Already known to Juju. Run juju clouds --all to confirm. (Pre-defined cloud name in Juju: azure.)

Structure of the YAML file:

clouds:
<user-defined cloud name>:
   type: azure
   auth-types: [interactive, service-principal-secret]
   regions:
    <region name>:
    endpoint: <endpoint>
CREDENTIAL
definition: auth-type: interactive (recommended), service-principal-secret. Depending on which one you choose, you will have to provide one or more of the following: your subscription id, application name, application id, tenant id, application password.

:warning: If your credential stops working: Credentials for the azure cloud have been reported to occasionally stop working over time. If this happens, try juju update-credential (passing as an argument the same credential) or juju add-credential (passing as an argument a new credential) + juju default-credential.
CONTROLLER
notes on bootstrap:
other (alphabetical order:)
CONFIGURATION (model)
cloud-specific: load-balancer-sku-name (string)
Mirrors the LoadBalancerSkuName type in the Azure SDK.

network (string)
If set, uses the specified virtual network for all model machines instead of creating one.

resource-group-name (string)
If set, uses the specified resource group for all model artefacts instead of creating one based on the model UUID.
CONSTRAINT
conflicting: [instance-type] vs [arch, cores, mem]
allocate-public-id :white_check_mark:
arch :white_check_mark:
Valid values: amd64.
container :white_check_mark:
cores :white_check_mark:
cpu-power :negative_squared_cross_mark:
instance-role :negative_squared_cross_mark:
instance-type :white_check_mark:
Valid values: See cloud provider.
mem :white_check_mark:
root-disk :white_check_mark:
root-disk-source :white_check_mark:
Represents the Juju storage pool for the root disk. By specifying a storage pool, the root disk can be configured to use encryption.
spaces :negative_squared_cross_mark:
tags :negative_squared_cross_mark:
virt-type :negative_squared_cross_mark:
zones :white_check_mark:
PLACEMENT DIRECTIVE
<machine> TBA
subnet=... :white_check_mark:
system-id=... :negative_squared_cross_mark:
zone=... TBA
RESOURCE (cloud)

Consistent naming, tagging, and the ability to add user-controlled tags to created instances.

 :negative_squared_cross_mark:

Last updated a month ago.

Help improve this document in the forum.