Azure Bicep: Implement Intersite Connectivity
Leverage Infrastructure as Code for Azure using Bicep Language to configure local and global peering between virtual networks across multiple Azure regions.
This article shows you how to leverage Azure Bicep, a domain-specific language (DSL) that uses a declarative syntax to deploy Azure resources, to create a virtual network peering that enables you to connect two or more Virtual Networks in Azure seamlessly.
Prerequisites.
- An Active Azure account: You can create an account for free.
- Azure Bicep is installed on your local machine.
- Azure PowerShell. See: Install Azure PowerShell.
- A resource group in your Azure subscription
Let’s get started!
1. Solution Overview
iFabrik has three data centers in Seattle, New York, and Seattle connected via mesh wide-area network links, with full connectivity between them.
We will implement a test environment using Azure Bicep that will reflect the topology of the iFabik’s on-premises networks and verify its functionality.
The solution will include the following files:
- 📄 main.bicep: This is the Bicep template that will contain the definition of all the resources that are to be created
- 📄 azuredeploy.parameters.json: This parameter file contains the values to use for deploying your Bicep template.
2. Azure Bicep Template — parameters
Create a new file in your working directory and name it ‘main.bicep’. We will define the following parameters:
@description('Virtual machine size')
param vmSize string = 'Standard_D2s_v3'@description('First Azure Region')
param location1 string = 'eastus'@description('Second Azure Region')
param location2 string = 'westus'@description('Admin username')
param adminUsername string@description('Admin password')
@secure()
param adminPassword string
3. Azure Bicep Template — variables
We will define the following variables:
var locationNames = [
location1
location1
location2
]var vmName = 'az104-05-vm'
var nicName = 'az104-05-nic'
var subnetName = 'subnet0'
var vnetName = 'az104-05-vnet'
var pipName = 'az104-05-pip'
var nsgName = 'az104-05-nsg'
var vnet0 = 'az104-05-vnet0'
var vnet1 = 'az104-05-vnet1'
var vnet2 = 'az104-05-vnet2'
var remoteVnetRg = 'azinsider_demo'
4. Azure Bicep Template — resources
We will define the following resources:
5. Parameters file
Create a new file named ‘azuredeploy.parameters.json’. The code below shows the definition of the parameters file:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vmSize": {
"value": "Standard_D2s_v3"
},
"adminUsername": {
"value": "Student"
},
"adminPassword": {
"value": "Pa55w.rd1234"
}
}
}6. Azure Bicep Template — Deployment
We will use the command below to deploy our Bicep template:
$date = Get-Date -Format "MM-dd-yyyy"
$deploymentName = "AzInsiderDeployment"+"$date"New-AzResourceGroupDeployment -Name $deploymentName -ResourceGroupName azinsider_demo -TemplateFile .\main.bicep -TemplateParameterFile .\azuredeploy.parameters.json -c
The image below shows the output of the deployment:
You can go to the Azure Portal and review all the resources created as shown in the image below:
Test intersite connectivity
Now we will test connectivity between virtual machines on the three virtual networks that you connected via peering.
In the Azure portal, search for and select Virtual machines. In the list of virtual machines, click az104–05-vm0.
Once you selected the virtual machine, go and click on the ‘Run command’ and click on the ‘RunPowerShellScript’ option:
Run the following to test connectivity to az104–05-vm1 (which has the private IP address of 10.51.0.4) over TCP port 3389:
Test-NetConnection -ComputerName 10.51.0.4 -Port 3389 -InformationLevel 'Detailed'The image below shows the output from this test:
Now, run the following to test connectivity to az104–05-vm2 (which has the private IP address of 10.52.0.4):
Now, go to the az104–05-vm1. Once you selected the virtual machine, go and click on the ‘Run command’ and click on the ‘RunPowerShellScript’ option. Then, run the following to test connectivity to az104–05-vm2 (which has the private IP address of 10.52.0.4) over TCP port 3389:
Test-NetConnection -ComputerName 10.52.0.4 -Port 3389 -InformationLevel 'Detailed'
Examine the output of the command and verify that the connection was successful.
Source Code.
You can find the code of this solution in the following URL; feel free to contribute!
Conclusion.
Along with this article we reviewed how you can deploy resources in Azure using Azure Bicep Language, we leveraged Azure Bicep capabilities to deploy the infrastructure and configured local and global virtual network peering. Then we tested intersite connectivity.
👉 Join the AzInsider email list here.
-Dave R.
