Description

This cookbook provides resources and providers to create an manage Windows Azure components. Currently supported resources are:

• Storage Accounts ('azure_storage_account')
• Blob Storage Containers ('azure_storage_container')
• SQL Azure Servers ('azure_sql_db_server')

Note This cookbook uses the azure RubyGem to interact with the Azure API. This gem requires nokogiri which requires compiling native extensions, which means build tools are required.

Requirements

Requires Chef 0.7.10 or higher for Lightweight Resource and Provider support. Chef 0.8+ is recommended. While this cookbook can be used in chef-solo mode, to gain the most flexibility, we recommend using chef-client with a Chef Server.

A Windows Azure account is required. The Management Certificate and Subscriptoin ID are used to authenticate with Azure.

Azure Credentials

In order to manage Azure components, authentication credentials need to be available to the node. There are a number of ways to handle this, such as node attributes or roles. We recommend storing these in a databag (Chef 0.8+), and loading them in the recipe where the resources are needed.

DataBag recommendation:

% knife data bag show azure main
{
  "id": "main",
  "management_certificate": "YOUR PEM FILE CONTENTS",
  "subscription_id": "YOUR SUBSCRIPTION ID"
}

This can be loaded in a recipe with:

azure = data_bag_item("azure", "main")

And to access the values:

azure['management_certificate']
azure['subscription_id']

We'll look at specific usage below.

Recipes

default.rb

The default recipe installs the azure RubyGem, which this cookbook requires in order to work with the Azure API. Make sure that the azure recipe is in the node or role run_list before any resources from this cookbook are used.

"run_list": [
  "recipe[azure]"
]

The gem_package is created as a Ruby Object and thus installed during the Compile Phase of the Chef run.

Resources and Providers

This cookbook provides three resources and corresponding providers.

storage_account.rb

Manage Azure Storage Accounts with this resource.

Actions:

• create - create a new storage account
• delete - delete the specified storage account

Attribute Parameters:

• management_certificate - PEM file contents of Azure management certificate, required.
• subscription_id - ID of Azure subscription, required.
• management_endpoint - Endpoint for Azure API, defaults to management.core.windows.net.
• location - Azure location to create storate account. Either location or affinity group are required.
• affinity_group_name - Affinity group to create account in. Either location or affinity group are required.
• geo_replication_enabled - True or false, defaults to true.

storage_container.rb

Manage Azure Blob Containers with this resource

Actions:

• create - create a new container
• delete - delete the specified container

Attribute Parameters:

• storage_account - Account to create container in, required.
• access_key - Access key for storage account, required.

sql_db_server.rb

Actions:

• create - create a new server. Use the Azure location as the name of the storage account. The server name is autogenerated.

Attribute Parameters:

• management_certificate - PEM file contents of Azure management certificate, required.
• subscription_id - ID of Azure subscription, required.
• management_endpoint - Endpoint for Azure API, defaults to management.database.windows.net.
• login - Desired admin login for db server, required.
• password - Desired admin password for db server, required.
• server_name - This attribute is set by the provider, and can be used by consuming recipies.

Usage

The following examples assume that the recommended data bag item has been created and that the following has been included at the top of the recipe where they are used.

include_recipe "azure"
azure = data_bag_item("azure", "main")

azure_storage_accouint

This will create an account named new-account in the West US location.

azure_storage_account 'new-account' do
  management_certificate azure['management_certificate']
  subscription_id azure['subscription_id']
  location 'West US'
  action :create
end

This will create an account named new-account in the existing my-ag affinity group.

azure_storage_account 'new-account' do
  management_certificate azure['management_certificate']
  subscription_id azure['subscription_id']
  affinity_group_name 'my-ag'
  action :create
end

azure_storage_container

This will create a container named my-node within the storage account my-account.

azure_storage_container 'my-node' do
  storage_account 'my-account'
  access_key azure['access_key']
  action :create
end

azure_sql_db_server

This will create a db server in the location West US with the login admin and password password.

azure_sql_db_server 'West US' do
  management_certificate azure['management_certificate']
  subscription_id azure['subscription_id']
  login 'admin'
  password 'password'
  action :create
end

Here is an example of how you might retrieve the generated server name.

file '/etc/db_server_info' do
  content lazy { 
    db2 = resources("azure_sql_db_server[West US]")
    "Url: https://#{db2.server_name}.database.windows.net"
  }
  mode 0600
  action :create
end

License and Author

• Author:: Jeff Mendoza ([email protected])

Copyright (c) Microsoft Open Technologies, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.