Version: 1.0.0

Task 03: Configure Cluster Mode

DOCUMENT CATEGORY: Task
SCOPE: Cluster mode configuration
PURPOSE: Define cluster VPN, Key Vault, storage, and DNS records MASTER REFERENCE: Azure Local Deployment Overview

Status: Active Last Updated: 2026-02-07

Objective

Configure cluster-specific resources including VPN connection to on-premises cluster network, cluster Key Vault, storage account, and DNS A records for cluster nodes.

Prerequisites

Task 01 completed (core variables)
Task 02 completed (management mode, VPN Gateway deployed)
Cluster network details from on-premises team
Cluster node hostnames and IP addresses
Physical cluster location code (3 chars max)

Configuration

Cluster Identification

cluster_instance = "c01" # Cluster instance number (c01, c02, etc.)
cluster_location = "ral" # Physical location code (3 chars: ral, phx, dal)

Cluster Network Configuration

cluster_network_config = {
 on_prem = {
 asn = 64512 # On-premises cluster BGP ASN
 cluster_ip = "10.100.3.120" # First cluster node IP
 gateway_public_ip = "203.0.113.100" # On-prem gateway public IP or FQDN
 gateway_bgp_ip = "169.254.21.1" # On-prem gateway BGP IP
 }
 
 azure = {
 vpn_gateway_id = module.management.vpn_gateway.id # Reference to management VPN Gateway
 deploy_arc_gateway = false # Deploy Azure Arc Gateway (optional)
 }
}

Cluster Nodes

nodes = {
 "c01-n01-prd-ral" = "10.100.3.101" # Node 1 hostname and IP
 "c01-n02-prd-ral" = "10.100.3.102" # Node 2 hostname and IP
 "c01-n03-prd-ral" = "10.100.3.103" # Node 3 hostname and IP
 "c01-n04-prd-ral" = "10.100.3.104" # Node 4 hostname and IP (optional)
}

Variable Reference

Variable	Type	Description	Example
`cluster_instance`	string	Cluster instance identifier	`"c01"`
`cluster_location`	string	Physical location (3 chars)	`"ral"`, `"phx"`
`on_prem.asn`	number	On-prem cluster BGP ASN	`64512`
`on_prem.cluster_ip`	string	First cluster node IP	`"10.100.3.120"`
`on_prem.gateway_public_ip`	string	Gateway public IP/FQDN	`"203.0.113.100"`
`on_prem.gateway_bgp_ip`	string	Gateway BGP IP	`"169.254.21.1"`
`azure.vpn_gateway_id`	string	VPN Gateway resource ID	`module.management...`
`azure.deploy_arc_gateway`	bool	Deploy Arc Gateway	`false`
`nodes`	map(string)	Node hostname to IP mapping	`{ "c01-n01..." = "10..." }`

Node Naming Convention

Cluster node hostnames should follow this pattern:

{cluster}-{node}-{env}-{location}

Examples:
 c01-n01-prd-ral # Cluster 01, Node 01, Production, Raleigh
 c01-n02-prd-ral # Cluster 01, Node 02, Production, Raleigh
 c02-n01-dev-phx # Cluster 02, Node 01, Development, Phoenix

Azure Arc Gateway

Set deploy_arc_gateway = true if you need:

Azure Arc-enabled services integration
Hybrid cloud management capabilities
Azure Policy enforcement on-premises

Default

Most deployments use deploy_arc_gateway = false. Enable only if specifically required.

Complete Example

# terraform.tfvars (cluster mode section)

# Cluster Identification
cluster_instance = "c01"
cluster_location = "ral"

# Cluster Network
cluster_network_config = {
 on_prem = {
 asn = 64512
 cluster_ip = "10.100.3.120"
 gateway_public_ip = "203.0.113.100"
 gateway_bgp_ip = "169.254.21.1"
 }
 
 azure = {
 vpn_gateway_id = module.management.vpn_gateway.id
 deploy_arc_gateway = false
 }
}

# Cluster Nodes (4-node cluster)
nodes = {
 "c01-n01-prd-ral" = "10.100.3.101"
 "c01-n02-prd-ral" = "10.100.3.102"
 "c01-n03-prd-ral" = "10.100.3.103"
 "c01-n04-prd-ral" = "10.100.3.104"
}

Validation

Cluster instance and location codes correct
On-premises cluster BGP ASN matches network team documentation
Cluster IP and gateway public IP verified
Gateway BGP IP confirmed with network team
VPN Gateway ID references management deployment
All cluster nodes listed with correct hostnames and IPs
Node naming convention follows standard pattern
Arc Gateway setting matches requirements

Resources Deployed

When cluster mode is configured, these resources are created:

Resource	Purpose
VPN Connection	Site-to-site connectivity to cluster network
Key Vault	Cluster-specific secrets storage
Log Analytics Workspace	Cluster monitoring and logs
Storage Account	Cloud witness for cluster quorum
DNS A Records	Name resolution for all cluster nodes
Arc Gateway (optional)	Hybrid cloud management

Next Steps

Configuration complete. Proceed to Phase 02 - Pipeline Execution to deploy infrastructure.

GitHub
GitLab
Azure DevOps

When to use: Use this tab if your CI/CD pipeline runs on GitHub Actions.

See procedure steps above for GitHub-specific guidance.

Toolkit Reference

Scripts for this task are located in the azurelocal-toolkit repository under scripts/deploy/ in the appropriate task folder.

Alternatives

The procedures in this task use the scripted methods shown in the tabs above. Additional deployment methods including Azure CLI and Bash scripts are available in the azurelocal-toolkit repository under scripts/deploy/.

Method	Description
Azure CLI	PowerShell-based Azure CLI scripts for Azure resource operations
Bash	Linux/macOS compatible shell scripts for pipeline environments

Previous	Up	Next
Task 02 - Management Mode	Phase 01 - Configuration	Phase 02 - Pipeline Execution

Variables from variables.yml

Variable	Config Path	Example
Cluster Mode	`azure.cluster.mode`	`standard`
Cluster Name	`azure.cluster.name`	`azlocal-cluster-01`
Node Count	`azure.cluster.node_count`	`2`

Troubleshooting

Issue	Cause	Resolution
Cluster mode configuration errors	Invalid cluster topology settings	Verify cluster mode variables match deployment topology
Mode validation fails	Dependencies between management and cluster modes not met	Configure management mode before cluster mode

Version Control

Version	Date	Author	Changes
1.0.0	2026-03-24	Azure Local Cloud	Initial release

Objective​

Prerequisites​

Configuration​

Cluster Identification​

Cluster Network Configuration​

Cluster Nodes​

Variable Reference​

Node Naming Convention​

Azure Arc Gateway​

Complete Example​

Validation​

Resources Deployed​

Next Steps​

Alternatives​

Navigation​

Variables from variables.yml​

Troubleshooting​

Version Control​