https://pulumi.com logo
Title
f

freezing-memory-87554

05/24/2021, 12:50 PM
Hey! Does anyone know how to create a FrontDoor in Azure Native? Maybe some example I'm sooo confused with SubResourceArgs right now in RoutingRules... How am I suppose to know the Id before FrontDoor is created?
@tall-librarian-49374 Found you on the relevant discussion in GitHub. If you can, please shed some light on this, I'm literally stuck and have no idea what to do 🙂 🙏
w

worried-knife-31967

05/24/2021, 2:22 PM
For C# it still doesn't work, I resorted to using the previous version for that one resource. You can mix and match.
f

freezing-memory-87554

05/24/2021, 2:28 PM
@worried-knife-31967 thank you so much! But which version are you referring to? Azure NextGen?
w

worried-knife-31967

05/24/2021, 2:28 PM
what's now referred to as "classic"
I was asked to create a ticket for the SubResourceArgs thing, but I haven't yet
f

freezing-memory-87554

05/24/2021, 2:31 PM
got it, thanks! it's actually pretty frustrating. I thought that Azure Native would be the way to go, but with issues like these... 😰
w

worried-knife-31967

05/24/2021, 2:31 PM
same same
t

tall-librarian-49374

05/24/2021, 5:51 PM
Azure Native is modelled around ARM API. we present them 100% including all idiosyncrasies like subresourceid. or was there something Pulumi-specific? Please report as an issue if so.
w

worried-knife-31967

05/24/2021, 7:32 PM
https://www.pulumi.com/docs/reference/pkg/azure-native/network/frontdoor/ That's being presented as SubResourceArgs for the healthprobe. In TS, if I remember correctly, you can just override it and send more parameters, but not in C#.
f

freezing-memory-87554

05/24/2021, 7:51 PM
@tall-librarian-49374 so, every parameter of FrontDoor presented as SubResourceArgs basically references subresources that should be created with the FrontDoor itself, they don't "live" without it. SubResourceArgs has only one property - Id which should be full resource Id as seen by Azure (as far as I understood). That means that before referencing these Ids we need already created "subresources" which are defined in the same FrontDoorArgs object. For example:
HealthProbeSettings = 
            {
                new AzureNative.Network.Inputs.HealthProbeSettingsModelArgs
                {
                    EnabledState = "Enabled",
                    HealthProbeMethod = "HEAD",
                    IntervalInSeconds = 120,
                    Name = "healthProbeSettings1",
                    Path = "/",
                    Protocol = "Http",
                },
            }
and apparently this settings should be referenced in BackendPoolArgs as:
HealthProbeSettings = new AzureNative.Network.Inputs.SubResourceArgs
                    {
                        Id = "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/frontDoors/frontDoor1/healthProbeSettings/healthProbeSettings1",
                    },
I found no resource in Pulumi SDK which allows one to create HealthProbeSettings separately from FrontDoor. The same goes for:
LoadBalancingSettings 
FrontendEndpoints in RoutingRuleArgs
BackendPool in ForwardingConfigurationArgs

etc.
If there is a possibility to somehow correctly define FrontDoor resource with all these subresources, it would be great to at least have some hint on how to do it 🙂 I spent the whole day, but didn't figured it out.
t

tall-librarian-49374

05/25/2021, 5:49 AM
So what goes wrong in the example above? How is it different from ARM templates?
That’s being presented as SubResourceArgs for the healthprobe.
There’s a
HealthProbeSettings
property with full arguments, as @freezing-memory-87554 shows above.
I found no resource in Pulumi SDK which allows one to create HealthProbeSettings separately from FrontDoor.
Yeah, because those resources do not exist in ARM API.
f

freezing-memory-87554

05/25/2021, 7:53 AM
I'm not really familiar with ARM, but finally I think I got somewhere. So, it seems what you need to do is to construct the resource Id dynamically pretending that it has been already created at the definition time. Sigh... That's kinda strange, but guess this is how Azure works 🤦‍♂️ @worried-knife-31967
@tall-librarian-49374 thanks, one more question if you don't mind - ARM has CustomHttpsConfiguration resource on the frontend endpoint (I guess?) but hadn't found it in Pulumi. Any ideas how this can be achieved? https://github.com/Azure/azure-quickstart-templates/blob/master/101-front-door-custom-domain/azuredeploy.json
{
  "type": "Microsoft.Network/frontdoors/frontendEndpoints/customHttpsConfiguration",
  "apiVersion": "2020-07-01",
  "name": "[concat(parameters('frontDoorName'), '/frontendEndpoint2/default')]",
  "dependsOn": [
    "[parameters('frontDoorName')]"
  ],
  "properties": {
    "protocolType": "ServerNameIndication",
    "certificateSource": "FrontDoor",
    "frontDoorCertificateSourceParameters": {
      "certificateType": "Dedicated"
    },
    "minimumTlsVersion": "1.2"
  }
}
w

worried-knife-31967

05/25/2021, 8:16 AM
The Terraform resource doesn't do that, so I'm a) surprised that you have to do that in ARM, and b) that there's a reluctance to provide an example for an obscure setup like that.
f

freezing-memory-87554

05/25/2021, 8:59 AM
@worried-knife-31967 that's true, I think Pulumi went ARM way to support 100% of the API and sync near real-time with changes in Azure which is a good thing. Some syntactic sugar for that would be great of course, but nothing actually prevents to implement your own. The bad thing is that we have to guess how it supposed to be used. Azure REST API isn't really helpful also. I am still trying to understand how to enable certificate provisioning for FrontDoor - banging my head against the wall again 😄
t

tall-librarian-49374

05/25/2021, 12:04 PM
@freezing-memory-87554 customHttpsConfiguration seems to be missing from our API. let me check the details and come back to you.
🙏 1
f

freezing-memory-87554

05/25/2021, 12:04 PM
much appreciated
t

tall-librarian-49374

05/25/2021, 12:06 PM
that there’s a reluctance to provide an example for an obscure setup like that.
We do have one example https://www.pulumi.com/docs/reference/pkg/azure-native/network/frontdoor/ But again, we rely on ARM here and expose examples that Microsoft highlighted in their specs.
We definitely more than welcome contributions to https://github.com/pulumi/examples
f

freezing-memory-87554

05/25/2021, 12:16 PM
I guess I saw this issue, but it says "It does exist in others SDKs like Python, Go, .NET."...
t

tall-librarian-49374

05/25/2021, 12:16 PM
Well, this is wrong
Now, I’m not sure how the ARM template that you linked works. The API version
2020-07-01
isn’t published at all… https://github.com/Azure/azure-rest-api-specs/tree/master/specification/frontdoor/resource-manager/Microsoft.Network/stable
It sounds like it may actually not work, based on comments on stack overflow:
At least for me it completely doesn’t work. Deployment succeeds but this section simply being ignored. HTTP continues to be disabled
This did work briefly at the start, but definitely not consistently
Bottom line: we’d need a custom resource that does a POST request, or wait until Microsoft ship ARM support
f

freezing-memory-87554

05/25/2021, 12:27 PM
Got it, thanks! Azure Classic actually has this working, but I'm no expert in Pulumi internals to understand how exactly. It's still should be a POST request from the logical perspective. Will use Azure Classic for now. Much appreciate your help.
t

tall-librarian-49374

05/25/2021, 12:33 PM
Yes, the classic provider calls the
EnableHTTPS
POST endpoint
w

worried-knife-31967

05/25/2021, 6:15 PM
By providing examples I mean a tested scenario where someone at pulumi has run it in to check that it works. Right now, as you've pointed out, only some of the resources YOUR api provides have been tested by yourselves. I get why, but you can't say that you've provided a working example when you have done it, and you're expecting the community to work it out. It's rant, I know, but I'm coming across more and more of these nuances with how you provided API works
t

tall-librarian-49374

05/25/2021, 6:47 PM
Thank you for the feedback, it’s very useful