DevOps Automation using Bicep #94
Replies: 4 comments 10 replies
-
Hey @DCMattyG I have another question regarding the reservations too please. :) We use multiple address prefixes per VNet (so for example two reservations: /24, /25 from IPAM, but a single VNet). When the VNet is created, the script can only assign a single tag with the name: ipam-res-id. In IPAM I get an error message saying: "A vNET with the assigned CIDR has already been associated with the target IP Block" when I assign one of the Reservation IDs to the VNet and both reservations stay. I have also tried adding both reservation IDs into the tag using an array ["xxxx", "yyyy"] and using a comma xxxx, yyyy. The IPAM Solution doesn't appear to recognise this and leaves the reservations in place with the status of pending I wondered if there is a way we can still use the tagging solution, but pass an array of Reservation IDs back to the IPAM API to delete both reservations? Hope this makes sense. :) |
Beta Was this translation helpful? Give feedback.
-
Hi there @tonydean37, there's quite a bit to digest from the above, but I promise I'll get to all of it. I'm going to break it down and ask some clarifying questions first:
Thank you for all of the excellent feedback and questions. We'll make sure you get taken good care of 😄 |
Beta Was this translation helpful? Give feedback.
-
Hi @DCMattyG, No worries at all - I was away at an internal conference last week, so didn't get as much time on this one. We have, however, come up with a bit of a solution surrounding the multiple VNet issue: I've included an updated Visio of the workflow, but basically, after the VNet has been created in Azure, we send a GET request from the pipeline to the IPAM server for all the VNets in the block. If the new VNet Resource ID doesn't appear, then send a PUT request to IPAM to add the VNet to the correct block. We use a loop to ensure that the VNet is in the correct block and then send a DELETE request to IPAM to remove the reservation ID once it is: We've tested a couple of times and it all appears to work correctly, but I'm not too sure what you think of the logic? In terms of the Subnet assigning, do you think this will require a similar reservation system to the one used for the VNets? Cheers! |
Beta Was this translation helpful? Give feedback.
-
Hey @tonydean37, I've already responded to @jonprattLBG in #116, but I'll re-post the detail here for you as well... I took a look at this closer and I think I found a very simple way to make this work. The implementation would be adding N number of reservations to a Virtual Network TAG, separate by commas, like this: If that would work, I have this functioning in our DEV containers, and you're welcome to give it a whirl and provide some feedback. Here are the configuration changes you'd need to test the development version: Under the "Development Center" for the Azure App Service, add the "dev" suffix to the ACR address (e.g. azureipamdev) for all 3 containers. Click save, allow the App Service to pull the new containers and restart (usually ~5 minutes), then give it a try! Excited for your feedback on this item, and thank you for your patience! |
Beta Was this translation helpful? Give feedback.
-
Hey @DCMattyG,
Our PoC is coming along pretty nicely and our Automation team have produced a working script to create a Landing zone with a VNet CIDR picked by IPAM, which is great. :)
Our next challenge is to enable users to input the subnet masks that they would like in the same script and the IPAM solution hand these out to the pipeline. As currently the IPAM solution API for subnets only provides the next available CIDR instead of reserving it, then I was wondering if you knew of a method to automate these?
Our current process (from a very high level) looks something like this:
This is the process that I think would need to happen if we tried assigning multiple Subnets:
It would also only work if the IPAM Solution had updated its' database with the new VNet info, which could potentially cause issues.
Any thoughts would be really appreciated :)
Cheers!
Beta Was this translation helpful? Give feedback.
All reactions