Connecting two discrete VNets using VNet peering and ARM Templates

Motivation:

Connecting Virtual Networks might be messy sometimes if not done right. Creating it, again and again, will be more error-prone. So, we will be utilizing a service from Azure called Azure Arm Templates to deploy our infrastructure in an idempotent way. We will also be using Portal for only some tasks but most of it will be done from the templates.

Architecture:

Prerequisites:

1. Azure Account
2. Azure Virtual Machine
3. Azure Vnet
4. ARM templates

Azure VNet:

Azure Virtual Network is a network of Azure in the cloud. This VNet can be subdivided into different subnets. For this exercise, we will be creating two VNets: east and west, with two subnets for each VM, where east VNET is restricted to private IPs and west has access to public IPs like the above architecture. Later on, we will use Vnet Peering to connect these two different VNet’s in different regions.

ARM Templates:

ARM Templates are the idempotent way to write infrastructure in the form of JSON for maximum usability. Creating a VM, VNets, and subnets is a very lengthy process and we may have errors on the way while creating them and so for that reason, ARM Templates are preferred. I have already created the ARM Templates and are here on my GitHub. But do not worry I will teach you how to write ARM Templates, more so generate them as it’s quite difficult to write from scratch.

Let’s say I have created some infrastructure and I want to have an ARM Template for it. Go to the Resource Groups, Select Resources, and Export Template.

Then click on the Download button.

You will get template.json and parameter.json. Template.json contains what infrastructure you want to make with its details and parameter.json contains the unique name that you want to give to the resource. For this post, I will be adding my own default values. You can add your unique names through parameter.json and enter the commands given below.

After you hit the commands using the CLI it might not work on the fly as you must do some housekeeping on the JSON files like removing the subscription id for dynamic usability and also removing unnecessary key values pairs. For this post, you don’t have to worry as the JSON I have provided works to its fullest. After you open the code here are the commands that you need to enter linearly.

az group create --name oss-east-rg --location eastus

az group create --name oss-west-rg --location westus

az deployment group create --resource-group oss-east-rg --template-file template.json

az deployment group create --resource-group oss-west-rg --template-file template.json

VNet Peering:

We will be using a portal to peer both the VNets. Go to the east Virtual Network, Settings, Peerings and +Add

We should keep in mind that we are connecting east to west but also west to east, so is the reason that there are two blanks with the Peering link name. Fill in the basic details and hit Add.

Demonstration:

Now, let’s connect to the VM which have a public IP address(west) and then connect to the east using a private IP address on a different VNet. I have provided the PEM file in the repository. Let’s start from the west VM.

sudo ssh -i vm.pem azureuser@104.40.10.98

A connection has been established.

Now, let’s connect to the east VM using the private IP. Remember to copy the PEM file into the VM itself.

sudo ssh -i vm.pem azureuser@10.0.0.4

A connection has been established again.

Conclusion:

We have demonstrated how we can leverage Azure ARM Templates to create even the complex infrastructure with ease. This is a bare minimum as we can add more and more to the ARM Templates. There are other tools such as Terraform and Pulumi which we can leverage to write IaC code as well in declarative and imperative ways. The possibilities are endless, the choices are endless and it’s up to you for what you want to make it. If you encounter any problems or have difficulty following the steps, comment below on this post or message me at tsulabh4@gmail.com. You can also connect with me on Linkedin and GitHub.

Resources:

[1] Azure Virtual Network: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview

[2] ARM templates: https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/overview