Preparing to Deploy PCF on Azure using Terraform

Page last updated:

This guide describes the preparation steps required to install Pivotal Cloud Foundry (PCF) on Azure using Terraform templates.

The Terraform template for PCF on Azure describes a set of Azure resources and properties. For more information about how Terraform creates resources in Azure, see the Azure Provider topic on the Terraform site.

You may also find it helpful to review different deployment options in the Reference Architecture for Pivotal Cloud Foundry on Azure.


In addition to fulfilling the prerequisites listed in the Installing Pivotal Cloud Foundry on Azure topic, ensure you have the following:

Step 1: Download and Edit the Terraform Variables File

Before you can run Terraform commands to create infrastructure resources, you must fill out a template variables file.

  1. Navigate to the runtime release on Pivotal Network. For more information about the runtimes you can deploy for PCF, see Installing Runtimes.

  2. Select Pivotal Application Service. The Pivotal Application Service page opens.

  3. Download the Azure Terraform zip file.

  4. Extract the contents of the zip file and move the folder to the workspace directory on your local machine.

  5. From a terminal window, navigate to the folder:

    $ cd ~/workspace/TERRAFORMING-AZURE-FOLDER

  6. Create a new file named terraform.tfvars:

    $ touch terraform.tfvars

  7. Open the terraform.tfvars file and paste in the following contents:

    subscription_id       = "YOUR-SUBSCRIPTION-ID"
    tenant_id             = "YOUR-TENANT-ID"
    client_id             = "YOUR-CLIENT-ID"
    client_secret         = "YOUR-CLIENT-SECRET"
    env_name              = "YOUR-ENVIRONMENT-NAME"
    location              = "YOUR-AZURE-LOCATION"
    ops_manager_image_uri = "YOUR-OPS-MAN-IMAGE-URI"
    dns_suffix            = "YOUR-DNS-SUFFIX"
    vm_admin_username     = "YOUR-ADMIN-USERNAME"
  8. Edit the values in the file according to the table below:

    Value to replace Guidance
    YOUR-SUBSCRIPTION-ID Enter the subscription ID of your Azure service principal. Terraform uses this ID when creating resources.
    YOUR-TENANT-ID Enter the tenant ID of your Azure service principal. Terraform uses this ID when creating resources.
    YOUR-CLIENT-ID Enter the client ID of your Azure service principal. Terraform uses this ID when creating resources.
    YOUR-CLIENT-SECRET Enter your Azure service client secret. Terraform requires this secret to create resources.
    YOUR-ENVIRONMENT-NAME Enter a name to use to identify resources in Azure. Terraform prepends the names of the resources it creates with this environment name. Example: pcf.
    YOUR-AZURE-LOCATION Enter the name of the Azure location in which you want Terraform to create resources. Example: Central US.
    YOUR-OPS-MAN-IMAGE-URI Enter the URL for the Ops Manager Azure image you want to boot. You can find this code in the PDF included with the Ops Manager release on Pivotal Network.
    YOUR-DNS-SUFFIX Enter a domain name to use as part of the system domain for your PCF deployment. Terraform creates DNS records in Azure using YOUR-ENVIRONMENT-NAME and YOUR-DNS-SUFFIX. For example, if you enter for your DNS suffix and have pcf as your environment name, Terraform creates DNS records at
    YOUR-ADMIN-USERNAME Enter the admin username you want to use for your Ops Manager deployment.

Step 2: (Optional) Add Variables for Isolation Segment

Complete this section if you plan to deploy the Isolation Segment tile.

Note: You can see the configurable options by opening the file and looking for variables with default values.

Add the following variable to your terraform.tfvars file. This causes Terraform to create an additional HTTP load balancer and DNS record to use for the Isolation Segment tile.

isolation_segment = "true"

Step 3: Create Azure Resources with Terraform

Follow these steps to use the Terraform CLI to create resources on Azure:

  1. From the directory that contains the Terraform files, run terraform init to initialize the directory based on the information you specified in the terraform.tfvars file.

    $ terraform init

  2. Run the following command to create the execution plan for Terraform.

    $ terraform plan -out=plan

  3. Run the following command to execute the plan from the previous step. It may take several minutes for Terraform to create all the resources in Azure.

    $ terraform apply plan

Step 5: Create DNS Record

  1. In a browser, navigate to the DNS provider for the DNS suffix you entered in your terraform.tfvars file.

  2. Create a new NS (Name server) record for your PCF system domain. Your system domain is YOUR-ENVIRONMENT-NAME.YOUR-DNS-SUFFIX.

  3. In this record, enter the name servers included in env_dns_zone_name_servers from your Terraform output.

What to Do Next

Proceed to the next step in the deployment, Configuring BOSH Director on Azure (Terraform).

Create a pull request or raise an issue on the source for this page in GitHub