Azure Machine Learning Deployment using Terraform
This post shows how to perform a full Azure Machine Learning deployment using Terraform. This includes enterprise features like setting up VNET-bindings and Private Link. You can reuse this sample and adapt it to your own needs.
In short, the proposed Terraform deployment will roll out the following environment:
- Azure Machine Learning Workspace with Private Link enabled
- Azure Virtual Network (with a subnet)
- Azure Storage Account with VNET bindings and Private Link (for Blob and File access)
- Azure Key Vault with VNET bindings and Private Link
- Azure Container Registry
- Azure Application Insights
- Jumphost for testing (useful if you do not have a VPN connection into the VNET)
Lastly, it is worth nothing that this deployment does not include any resources that typically would be provisioned inside the Azure Machine Learning Workspace, such as Datasets, Compute Clusters, or Compute Instances.
The full code presented in this post can be found in this GitHub repo: https://github.com/csiebler/azure-machine-learning-terraform
Getting this Terraform deployment up and running for some testing is straight forward:
- Clone https://github.com/csiebler/azure-machine-learning-terraform locally
- Install Terraform
terraform.tfvars.examplefrom the repo to
terraform.tfvarswith your desired values (the defaults might work fine for testing though!)
- Execute the deployment:
$ terraform init $ terraform plan $ terraform apply
After a couple of minutes, our Terraform deployment should be done. As we can see, it has deployed quite a bunch of resources in Azure:
Validating our Setup
Once the deployment has finished, navigate to https://ml.azure.com and select your newly created Workspace. However, you should be greeted with an error message – this is expect, as you are trying to access a Private Link protected Workspace from a location (your laptop) that is most likely not connected to the Virtual Network (yet):
This is why I’ve decided to include a Jumphost for testing in this deployment. Navigate to the
dsvm-jumpbox resource in the resource group and connect to it via RDP using the username/password you’ve defined in
Next, once you are connected, navigate to https://ml.azure.com and you should be greeted with a fully working Azure Machine Learning Workspace:
From here, you can use the Workspace as normal. Lastly, for moving this to a production grade setup, you would obviously get rid of the jumphost. Instead, you’d probably connect to the Workspace by either using Azure Express Route or having a VPN connection from your local machine to the VNET.
In conclusion, Terraform makes it very simple to deploy complex Azure Machine Learning setups. I hope this post was helpful – feel free to reuse the code from https://github.com/csiebler/azure-machine-learning-terraform. If you have questions, feel free to reach out in the comments below!
Special thanks go out to my good friend Kapil Arora from HashiCorp, who was kind enough to help me getting started with Terraform!