Azure Labs AZ700 - Module 1 - Implement Global Vnet Peering

1. What is it
2. Why do this
3. Diagram
4. Lab
- 4.1 Terraform Code
  - 4.1.1 Terraform Deployment
- 4.2 Azure
  - 4.2.1 Global Vnet Peering

git clone https://github.com/jeremypageitcompany/AZ700_Lab_Terraform.git

1. What is it Link to heading

Deployment of 2 vnets in different region
Establish peering between both
Validate connectivity and routing

2. Why do this Link to heading

Virtual network peering allow to interconnect VNet in Azure.
Resources in one VNet can access resources in the other VNet.

We will also see how the route are propagated in the Effective Route Table of the VM nic.

Info

Azure supports 2 type of peering:

VNet peering, same region
Global VNet peering, different region

4. Lab Link to heading

Content of the lab:

2 Linux VMs
- PIP
- Storage
Resource Group
Vnets + Subnets

4.1 Terraform Code Link to heading

terraform1

data.tf , contains code to get your public IP
vnet1.tf , contains code to deploy the VNet, ubuntu server with NIC and PIP
vnet2.tf , contains code to deploy the VNet, ubuntu server with NIC and PIP
main.tf , contains code to deploy Resource Group, Vnets peering
variables.tf

4.1.1 Terraform deployment Link to heading

Warning

Requirements:

Download and Install Visual Studio Code: https://code.visualstudio.com/download
Download and Install GIT: https://git-scm.com/downloads
Download and Install Terraform: https://www.terraform.io/downloads
- Add Terraform to your PATH
Az cli: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-windows?tabs=azure-cli
- az login to your Azure Subscription

Git Clone the repo in a folder, open it in vscode and input terraform command
https://github.com/jeremypageitcompany/AZ700_Lab_Terraform/tree/master/Module_1/Global_VNet-Peering

To fix formating:

terraform fmt

To validate the configuration

terraform validate

To deploy

terraform apply

4.2 Azure Link to heading

azure1

All resources should be deployed.
You can test that you can connect to the linux VMs with their public IPs.

4.2.1 Global Vnet Peering Link to heading

Lets validate that the peering is established correctly. VNet - Settings - Peerings
On both VNet, the peering status should be Connected
peering1

Now lets validate routing by checking the Effective Routes of the VMs nics
We can see that the NIC of VM in VNet1 has a route 10.20.0.0/16 (VNet2) in its route table. The next hop is VNetGlobalPeering

peering2

Finaly, validate connectivity by connecting to one of the VM and doing a Ping on the other one.

peering3