From 6a06339bab29b70a475aaedf76a404587058f1e6 Mon Sep 17 00:00:00 2001 From: James Sevedge Date: Tue, 28 Feb 2017 13:09:01 -0800 Subject: [PATCH] Commit for 1.1.2.0 --- .../cluster/1nic/BYOL/azuredeploy.json | 540 ++++++++++++++++++ .../1nic/BYOL/azuredeploy.parameters.json | 42 ++ experimental/cluster/1nic/Deploy_via_PS.ps1 | 42 +- .../cluster/1nic/PAYG/azuredeploy.json | 538 +++++++++++++++++ .../1nic/PAYG/azuredeploy.parameters.json | 39 ++ experimental/cluster/1nic/README.md | 13 +- experimental/cluster/1nic/azuredeploy.json | 518 ----------------- .../cluster/1nic/azuredeploy.parameters.json | 45 -- experimental/cluster/1nic/deploy_via_bash.sh | 117 ++-- .../1nic/{ => BYOL}/azuredeploy.json | 482 ++++++++-------- .../BYOL}/azuredeploy.parameters.json | 28 +- .../standalone/1nic/Deploy_via_PS.ps1 | 39 +- .../standalone/1nic/PAYG/azuredeploy.json | 405 +++++++++++++ .../1nic/PAYG/azuredeploy.parameters.json | 39 ++ .../standalone/1nic/deploy_via_bash.sh | 107 ++-- experimental/standalone/1nic/readme.md | 94 ++- .../2nic_limited/{ => BYOL}/azuredeploy.json | 528 ++++++++--------- .../BYOL}/azuredeploy.parameters.json | 28 +- .../standalone/2nic_limited/Deploy_via_PS.ps1 | 39 +- .../2nic_limited/PAYG/azuredeploy.json | 452 +++++++++++++++ .../PAYG/azuredeploy.parameters.json | 39 ++ .../2nic_limited/deploy_via_bash.sh | 107 ++-- .../standalone/2nic_limited/readme.md | 97 +++- supported/cluster/1nic/azuredeploy.json | 2 +- .../cluster/1nic/azuredeploy.parameters.json | 2 +- supported/standalone/1nic/azuredeploy.json | 434 +++++++------- .../1nic/azuredeploy.parameters.json | 28 +- .../standalone/2nic_limited/azuredeploy.json | 480 ++++++++-------- .../2nic_limited/azuredeploy.parameters.json | 28 +- 29 files changed, 3546 insertions(+), 1806 deletions(-) create mode 100644 experimental/cluster/1nic/BYOL/azuredeploy.json create mode 100644 experimental/cluster/1nic/BYOL/azuredeploy.parameters.json create mode 100644 experimental/cluster/1nic/PAYG/azuredeploy.json create mode 100644 experimental/cluster/1nic/PAYG/azuredeploy.parameters.json delete mode 100644 experimental/cluster/1nic/azuredeploy.json delete mode 100644 experimental/cluster/1nic/azuredeploy.parameters.json rename experimental/standalone/1nic/{ => BYOL}/azuredeploy.json (58%) rename experimental/standalone/{2nic_limited => 1nic/BYOL}/azuredeploy.parameters.json (67%) create mode 100644 experimental/standalone/1nic/PAYG/azuredeploy.json create mode 100644 experimental/standalone/1nic/PAYG/azuredeploy.parameters.json rename experimental/standalone/2nic_limited/{ => BYOL}/azuredeploy.json (58%) rename experimental/standalone/{1nic => 2nic_limited/BYOL}/azuredeploy.parameters.json (67%) create mode 100644 experimental/standalone/2nic_limited/PAYG/azuredeploy.json create mode 100644 experimental/standalone/2nic_limited/PAYG/azuredeploy.parameters.json diff --git a/experimental/cluster/1nic/BYOL/azuredeploy.json b/experimental/cluster/1nic/BYOL/azuredeploy.json new file mode 100644 index 0000000000..80af4891ea --- /dev/null +++ b/experimental/cluster/1nic/BYOL/azuredeploy.json @@ -0,0 +1,540 @@ +{ + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", + "contentVersion": "1.1.2.0", + "parameters": { + "numberOfInstances": { + "allowedValues": [ + 2 + ], + "defaultValue": 2, + "metadata": { + "description": "The number of BIG-IP VEs that will be deployed in front of your application." + }, + "type": "int" + }, + "adminUsername": { + "defaultValue": "azureuser", + "metadata": { + "description": "User name for the Virtual Machine." + }, + "type": "string" + }, + "adminPassword": { + "metadata": { + "description": "Password to login to the Virtual Machine." + }, + "type": "securestring" + }, + "dnsLabel": { + "defaultValue": "REQUIRED", + "metadata": { + "description": "Unique DNS Name for the Public IP used to access the Virtual Machine." + }, + "type": "string" + }, + "instanceType": { + "allowedValues": [ + "Standard_A2", + "Standard_A3", + "Standard_A4", + "Standard_A9", + "Standard_A11", + "Standard_D2", + "Standard_D3", + "Standard_D4", + "Standard_D12", + "Standard_D13", + "Standard_D14", + "Standard_D2_v2", + "Standard_D3_v2", + "Standard_D4_v2", + "Standard_D5_v2", + "Standard_D12_v2", + "Standard_D13_v2", + "Standard_D14_v2", + "Standard_D15_v2", + "Standard_F2", + "Standard_F4" + ], + "defaultValue": "Standard_D2_v2", + "metadata": { + "description": "Size of the VM" + }, + "type": "string" + }, + "imageName": { + "allowedValues": [ + "Good", + "Better", + "Best" + ], + "defaultValue": "Good", + "metadata": { + "description": "F5 SKU(IMAGE) to Deploy" + }, + "type": "string" + }, + "licenseKey1": { + "defaultValue": "REQUIRED", + "metadata": { + "description": "The license token for the F5 BIG-IP(BYOL)" + }, + "type": "string" + }, + "licenseKey2": { + "defaultValue": "REQUIRED", + "metadata": { + "description": "The license token for the F5 BIG-IP(BYOL). This field is required when deploying two or more devices" + }, + "type": "string" + }, + "restrictedSrcAddress": { + "defaultValue": "*", + "metadata": { + "description": "Restricts management access to a specific network or address. Enter a IP address or address range in CIDR notation, or asterisk for all sources." + }, + "type": "string" + }, + "tagValues": { + "defaultValue": { + "application": "APP", + "cost": "COST", + "environment": "ENV", + "group": "GROUP", + "owner": "OWNER" + }, + "type": "object" + } + }, + "variables": { + "apiVersion": "2015-06-15", + "computeApiVersion": "2015-06-15", + "networkApiVersion": "2015-06-15", + "storageApiVersion": "2015-06-15", + "location": "[resourceGroup().location]", + "singleQuote": "'", + "f5CloudLibsTag": "v2.1.0", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) a6a9db3b89bbd014413706f22fa619c3717fac41fc99ffe875589c90e9b85a05cea227c134ea6e5b519c8fee0d12f2175368e75917f31f447ece3d92f31814af\n set hashes(f5-cloud-libs-aws.tar.gz) 90058095cc536a057378a90ed19c3afe0cecd9034e1d1816745bd5ad837939623fad034ebd2ee9bdf594f33358b50c50f49a18c2ee7588ba89645142f2217330\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature OmyfJKVQkBj+Ks6SdIc2+UNxM2xFCK4MGizGysivShzeRof0EFlEUTQiZveZ4v2SElofUp5DMVKiTIIkM00kZ7LnwqvLYIOztDFNAtMGwO6/B/zA8jLhkfnA2xzxu9fFgFn3OEsc8QwbfFS1AqCMyyacbbiczJycHtu3z0a/8sqCgiZtcQ4iXqBP4fz+8HKLA36U0jpmW+z0gQQUwpiC+AfFWcAarXMtmpwLzScldnaZ5RLo0MG8EGrHmXiWjndSR/Ii9b3+vnHnceD6+sw7e7LXPvz+jV9/rFyEQOA1QNpv0Cy4SJcuY9NRjV9KNdBobJ5N+h2PZBlgaIdLMACAVQ==\n}', variables('singleQuote'))]", + "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit\nfi\necho loaded verifyHash\necho verifying f5-cloud-libs.targ.gz\n/usr/bin/tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz\nif [ $? != 0 ]; then\necho f5-cloud-libs.tar.gz is not valid\nexit\nfi\necho verified f5-cloud-libs.tar.gz\necho expanding f5-cloud-libs.tar.gz\ntar xvfz /config/cloud/f5-cloud-libs.tar.gz -C /config/cloud\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", + "newStorageAccountName": "[concat(uniquestring(resourceGroup().id), 'stor')]", + "storageAccountType": "Standard_LRS", + "dnsLabel": "[toLower(parameters('dnsLabel'))]", + "imageNameToLower": "[toLower(parameters('imageName'))]", + "skuToUse": "[concat('f5-bigip-virtual-edition-', variables('imageNameToLower'),'-byol')]", + "offerToUse": "f5-big-ip", + "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", + "nicName": "[concat(variables('dnsLabel'), '-nic')]", + "defaultGw": "10.0.1.1", + "virtualNetworkName": "[concat(variables('dnsLabel'), '-vnet')]", + "vnetId": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]", + "vnetAddressPrefix": "10.0.0.0/16", + "nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-nsg'))]", + "publicIPAddressName": "[concat(variables('dnsLabel'), '-pip')]", + "publicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]", + "publicIPAddressType": "Static", + "subnetName": "[concat(variables('dnsLabel'),'-subnet')]", + "subnetId": "[concat(variables('vnetId'), '/subnets/', variables('subnetName'))]", + "subnetPrefix": "10.0.1.0/24", + "ipAddress": "10.0.1.", + "loadBalancerName": "[concat(variables('dnsLabel'),'-alb')]", + "deviceNamePrefix": "[concat(variables('dnsLabel'),'-device')]", + "lbID": "[resourceId('Microsoft.Network/loadBalancers',variables('loadBalancerName'))]", + "frontEndIPConfigID": "[concat(variables('lbID'),'/frontendIPConfigurations/loadBalancerFrontEnd')]" + }, + "resources": [ + { + "apiVersion": "[variables('networkApiVersion')]", + "location": "[variables('location')]", + "name": "[variables('publicIPAddressName')]", + "properties": { + "dnsSettings": { + "domainNameLabel": "[variables('dnsLabel')]" + }, + "idleTimeoutInMinutes": 30, + "publicIPAllocationMethod": "[variables('publicIPAddressType')]" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/publicIPAddresses" + }, + { + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('virtualNetworkName')]", + "properties": { + "addressSpace": { + "addressPrefixes": [ + "[variables('vnetAddressPrefix')]" + ] + }, + "subnets": [ + { + "name": "[variables('subnetName')]", + "properties": { + "addressPrefix": "[variables('subnetPrefix')]" + } + } + ] + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/virtualNetworks" + }, + { + "apiVersion": "[variables('apiVersion')]", + "copy": { + "count": "[parameters('numberOfInstances')]", + "name": "niccopy" + }, + "dependsOn": [ + "[concat('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]", + "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'))]", + "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'),'/inboundNatRules/guimgt',copyindex())]", + "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'),'/inboundNatRules/sshmgt',copyindex())]", + "[concat('Microsoft.Network/networkSecurityGroups/', variables('dnsLabel'),'-nsg')]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('nicName'),copyindex())]", + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "loadBalancerBackendAddressPools": [ + { + "id": "[concat(variables('lbID'), '/backendAddressPools/', 'loadBalancerBackEnd')]" + } + ], + "loadBalancerInboundNatRules": [ + { + "id": "[concat(variables('lbID'), '/inboundNatRules/', 'guimgt',copyIndex())]" + }, + { + "id": "[concat(variables('lbID'), '/inboundNatRules/', 'sshmgt',copyIndex())]" + } + ], + "privateIPAddress": "[concat(variables('ipAddress'),add(4,copyindex()))]", + "privateIPAllocationMethod": "Static", + "subnet": { + "id": "[variables('subnetId')]" + } + } + } + ], + "networkSecurityGroup": { + "id": "[variables('nsgID')]" + } + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[concat(variables('dnsLabel'), '-nsg')]", + "properties": { + "securityRules": [ + { + "name": "mgmt_allow_443", + "properties": { + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "443", + "direction": "Inbound", + "priority": 101, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "sourcePortRange": "*" + } + }, + { + "name": "ssh_allow_22", + "properties": { + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "22", + "direction": "Inbound", + "priority": 102, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "sourcePortRange": "*" + } + } + ] + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/networkSecurityGroups" + }, + { + "apiVersion": "[variables('apiVersion')]", + "dependsOn": [ + "[concat('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]" + ], + "location": "[variables('location')]", + "name": "[variables('loadBalancerName')]", + "properties": { + "backendAddressPools": [ + { + "name": "loadBalancerBackEnd" + } + ], + "frontendIPConfigurations": [ + { + "name": "loadBalancerFrontEnd", + "properties": { + "publicIPAddress": { + "id": "[variables('publicIPAddressId')]" + } + } + } + ] + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/loadBalancers" + }, + { + "apiVersion": "[variables('apiVersion')]", + "copy": { + "count": "[parameters('numberOfInstances')]", + "name": "lbNatLoop" + }, + "dependsOn": [ + "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'))]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('loadBalancerName'),'/guimgt', copyIndex())]", + "properties": { + "backendPort": 443, + "enableFloatingIP": false, + "frontendIPConfiguration": { + "id": "[variables('frontEndIPConfigID')]" + }, + "frontendPort": "[copyIndex(8443)]", + "protocol": "tcp" + }, + "type": "Microsoft.Network/loadBalancers/inboundNatRules" + }, + { + "apiVersion": "[variables('apiVersion')]", + "copy": { + "count": "[parameters('numberOfInstances')]", + "name": "lbNatLoop" + }, + "dependsOn": [ + "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'))]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('loadBalancerName'),'/sshmgt', copyIndex())]", + "properties": { + "backendPort": 22, + "enableFloatingIP": false, + "frontendIPConfiguration": { + "id": "[variables('frontEndIPConfigID')]" + }, + "frontendPort": "[copyIndex(8022)]", + "protocol": "tcp" + }, + "type": "Microsoft.Network/loadBalancers/inboundNatRules" + }, + { + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('availabilitySetName')]", + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/availabilitySets" + }, + { + "apiVersion": "[variables('storageApiVersion')]", + "location": "[variables('location')]", + "name": "[variables('newStorageAccountName')]", + "properties": { + "accountType": "[variables('storageAccountType')]" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Storage/storageAccounts" + }, + { + "apiVersion": "[variables('apiVersion')]", + "copy": { + "count": "[parameters('numberOfInstances')]", + "name": "devicecopy" + }, + "dependsOn": [ + "[concat('Microsoft.Network/networkInterfaces/', variables('nicName'), copyindex())]", + "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", + "[concat('Microsoft.Storage/storageAccounts/', variables('newStorageAccountName'))]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('deviceNamePrefix'),copyindex())]", + "plan": { + "name": "[variables('skuToUse')]", + "product": "[variables('offerToUse')]", + "publisher": "f5-networks" + }, + "properties": { + "availabilitySet": { + "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "[concat('http://',variables('newstorageAccountName'),'.blob.core.windows.net')]" + } + }, + "hardwareProfile": { + "vmSize": "[parameters('instanceType')]" + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "[concat(resourceId('Microsoft.Network/networkInterfaces',variables('nicName')),copyindex())]" + } + ] + }, + "osProfile": { + "adminPassword": "[parameters('adminPassword')]", + "adminUsername": "[parameters('adminUsername')]", + "computerName": "[concat(variables('deviceNamePrefix'),copyindex())]" + }, + "storageProfile": { + "imageReference": { + "offer": "[variables('offerToUse')]", + "publisher": "f5-networks", + "sku": "[variables('skuToUse')]", + "version": "12.1.21" + }, + "osDisk": { + "caching": "ReadWrite", + "createOption": "FromImage", + "name": "[concat('osdisk',copyindex())]", + "vhd": { + "uri": "[concat('http://',variables('newStorageAccountName'),'.blob.core.windows.net/',variables('newStorageAccountName'),'/osDisk',copyindex(),'.vhd')]" + } + } + } + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/virtualMachines" + }, + { + "apiVersion": "2016-03-30", + "dependsOn": [ + "[concat('Microsoft.Compute/virtualMachines/',variables('deviceNamePrefix'),0)]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('deviceNamePrefix'),0,'/start')]", + "properties": { + "protectedSettings": { + "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', concat(variables('ipAddress'), 4), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('deviceNamePrefix'), 0, '.azuresecurity.com'), ' --license ', parameters('licenseKey1'), ' --ntp pool.ntp.org --db provision.1nicautoconfig:disable --db tmm.maxremoteloglength:2048 --module ltm:nominal --module asm:none --module afm:none; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/cluster.js --output /var/log/cluster.log --log-level debug --host ', concat(variables('ipAddress'), 4), ' -u admin --password-url file:///config/cloud/passwd --config-sync-ip ', concat(variables('ipAddress'), 4), ' --create-group --device-group Sync --sync-type sync-failover --device ', concat(variables('deviceNamePrefix'), 0, '.azuresecurity.com'), ' --auto-sync --save-on-auto-sync; rm -f /config/cloud/passwd')]" + }, + "publisher": "Microsoft.Azure.Extensions", + "settings": { + "fileUris": [ + "[concat('https://raw.githubusercontent.com/F5Networks/f5-cloud-libs/', variables('f5CloudLibsTag'), '/dist/f5-cloud-libs.tar.gz')]" + ] + }, + "type": "CustomScript", + "typeHandlerVersion": "2.0" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "apiVersion": "2016-03-30", + "copy": { + "count": "[sub(parameters('numberOfInstances'), 1)]", + "name": "extensionLoop" + }, + "dependsOn": [ + "[concat('Microsoft.Compute/virtualMachines/',variables('deviceNamePrefix'),add(copyindex(),1))]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('deviceNamePrefix'),add(copyindex(),1),'/start')]", + "properties": { + "protectedSettings": { + "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', concat(variables('ipAddress'), 5), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('deviceNamePrefix'), copyindex(1), '.azuresecurity.com'), ' --license ', parameters('licenseKey2'), ' --ntp pool.ntp.org --db provision.1nicautoconfig:disable --db tmm.maxremoteloglength:2048 --module ltm:nominal --module asm:none --module afm:none; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/cluster.js --output /var/log/cluster.log --log-level debug --host ', concat(variables('ipAddress'), 5), ' -u admin --password-url file:///config/cloud/passwd --config-sync-ip ', concat(variables('ipAddress'), 5), ' --join-group --device-group Sync --sync --remote-host ', concat(variables('ipAddress'), 4), ' --remote-user admin --remote-password-url file:///config/cloud/passwd; rm -f /config/cloud/passwd')]" + }, + "publisher": "Microsoft.Azure.Extensions", + "settings": { + "fileUris": [ + "[concat('https://raw.githubusercontent.com/F5Networks/f5-cloud-libs/', variables('f5CloudLibsTag'), '/dist/f5-cloud-libs.tar.gz')]" + ] + }, + "type": "CustomScript", + "typeHandlerVersion": "2.0" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "outputs": { + "GUI-URL": { + "type": "string", + "value": "[concat('https://',reference(variables('publicIPAddressId')).dnsSettings.fqdn,':8443')]" + }, + "SSH-URL": { + "type": "string", + "value": "[concat(reference(variables('publicIPAddressId')).dnsSettings.fqdn,' ',8022)]" + } + } +} \ No newline at end of file diff --git a/experimental/cluster/1nic/BYOL/azuredeploy.parameters.json b/experimental/cluster/1nic/BYOL/azuredeploy.parameters.json new file mode 100644 index 0000000000..2ec4952090 --- /dev/null +++ b/experimental/cluster/1nic/BYOL/azuredeploy.parameters.json @@ -0,0 +1,42 @@ +{ + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.1.2.0", + "parameters": { + "numberOfInstances": { + "value": 2 + }, + "adminUsername": { + "value": "azureuser" + }, + "adminPassword": { + "value": "GEN_UNIQUE" + }, + "dnsLabel": { + "value": "REQUIRED" + }, + "instanceType": { + "value": "Standard_D2_v2" + }, + "imageName": { + "value": "Good" + }, + "licenseKey1": { + "value": "REQUIRED" + }, + "licenseKey2": { + "value": "REQUIRED" + }, + "restrictedSrcAddress": { + "value": "*" + }, + "tagValues": { + "value": { + "application": "APP", + "cost": "COST", + "environment": "ENV", + "group": "GROUP", + "owner": "OWNER" + } + } + } +} \ No newline at end of file diff --git a/experimental/cluster/1nic/Deploy_via_PS.ps1 b/experimental/cluster/1nic/Deploy_via_PS.ps1 index 58711a72a8..17791308e1 100644 --- a/experimental/cluster/1nic/Deploy_via_PS.ps1 +++ b/experimental/cluster/1nic/Deploy_via_PS.ps1 @@ -1,24 +1,26 @@ -# Params below match to parameteres in the azuredeploy.json that are gen-unique, otherwsie pointing to -# the azuredeploy.parameters.json file for default values. Some options below are mandatory, some(such as deployment password for BIG IP) -# can be supplied inline when running this script but if they arent then the default will be used as specificed in below param arguments -# Example Command: .\Deploy_via_PS.ps1 -solutionDeploymentName deploynamestring -numberOfInstances 2 -adminUsername azureuser -adminPassword password -# -dnsLabel dnslabestring -licenseKey1 XXXX-XXXX-XXXX-XXXX -licenseKey2 XXXX-XXXX-XXXX-XXXX +## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## +## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some(such as region) can ## +## be supplied inline when running this script but if they aren't then the default will be used as specificed below. ## +## Example Command: .\Deploy_via_PS.ps1 -licenseType PAYG -licensedBandwidth 200m -numberOfInstances 2 -adminUsername azureuser -adminPassword -dnsLabel -instanceType Standard_D2_v2 -imageName Good -restrictedSrcAddress "*"-resourceGroupName param( + [Parameter(Mandatory=$True)] [string] - $solutionDeploymentName, + $licenseType, - [Parameter(Mandatory=$True)] - [ValidateSet("2")] [string] - $numberOfInstances, + $licensedBandwidth = $(if($licenseType -eq "PAYG") { Read-Host -prompt "licensedBandwidth"}), [string] - $instanceType = "Standard_D2_v2", + $licenseKey1 = $(if($licenseType -eq "BYOL") { Read-Host -prompt "licenseKey1"}), [string] - $imageName = "Best", + $licenseKey2 = $(if($licenseType -eq "BYOL") { Read-Host -prompt "licenseKey2"}), + + [Parameter(Mandatory=$True)] + [string] + $numberOfInstances, [Parameter(Mandatory=$True)] [string] @@ -34,14 +36,14 @@ param( [Parameter(Mandatory=$True)] [string] - $licenseKey1, + $instanceType, [Parameter(Mandatory=$True)] [string] - $licenseKey2, + $imageName, [string] - $restrictedSrcAddress = "*", + $restrictedSrcAddress = "*", [Parameter(Mandatory=$True)] [string] @@ -76,9 +78,15 @@ New-AzureRmResourceGroup -Name $resourceGroupName -Location "$region" # Create Arm Deployment $pwd = ConvertTo-SecureString -String $adminPassword -AsPlainText -Force - -# Create Arm Deployment - $deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -solutionDeploymentName "$solutionDeploymentName" -numberOfInstances "$numberOfInstances" -instanceType "$instanceType" -imageName "$imageName" -adminUsername "$adminUsername" -adminPassword $pwd -dnsLabel "$dnsLabel" -licenseKey1 "$licenseKey1" -licenseKey2 "$licenseKey2" -restrictedSrcAddress "$restrictedSrcAddress" +if ($licenseType -eq "BYOL") { + if ($templateFilePath -eq "azuredeploy.json") { $templateFilePath = ".\BYOL\azuredeploy.json"; $parametersFilePath = ".\BYOL\azuredeploy.parameters.json" } + $deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -numberOfInstances "$numberOfInstances" -adminUsername "$adminUsername" -adminPassword $pwd -dnsLabel "$dnsLabel" -instanceType "$instanceType" -imageName "$imageName" -restrictedSrcAddress "$restrictedSrcAddress" -licenseKey1 "$licenseKey1" -licenseKey2 "$licenseKey2" +} elseif ($licenseType -eq "PAYG") { + if ($templateFilePath -eq "azuredeploy.json") { $templateFilePath = ".\PAYG\azuredeploy.json"; $parametersFilePath = ".\PAYG\azuredeploy.parameters.json" } + $deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -numberOfInstances "$numberOfInstances" -adminUsername "$adminUsername" -adminPassword $pwd -dnsLabel "$dnsLabel" -instanceType "$instanceType" -imageName "$imageName" -restrictedSrcAddress "$restrictedSrcAddress" -licensedBandwidth "$licensedBandwidth" +} else { + Write-Error -Message "Uh oh, something went wrong! Please select valid license type of PAYG or BYOL." +} # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/experimental/cluster/1nic/PAYG/azuredeploy.json b/experimental/cluster/1nic/PAYG/azuredeploy.json new file mode 100644 index 0000000000..ece8d5550c --- /dev/null +++ b/experimental/cluster/1nic/PAYG/azuredeploy.json @@ -0,0 +1,538 @@ +{ + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", + "contentVersion": "1.1.2.0", + "parameters": { + "numberOfInstances": { + "allowedValues": [ + 2 + ], + "defaultValue": 2, + "metadata": { + "description": "The number of BIG-IP VEs that will be deployed in front of your application." + }, + "type": "int" + }, + "adminUsername": { + "defaultValue": "azureuser", + "metadata": { + "description": "User name for the Virtual Machine." + }, + "type": "string" + }, + "adminPassword": { + "metadata": { + "description": "Password to login to the Virtual Machine." + }, + "type": "securestring" + }, + "dnsLabel": { + "defaultValue": "REQUIRED", + "metadata": { + "description": "Unique DNS Name for the Public IP used to access the Virtual Machine." + }, + "type": "string" + }, + "instanceType": { + "allowedValues": [ + "Standard_A2", + "Standard_A3", + "Standard_A4", + "Standard_A9", + "Standard_A11", + "Standard_D2", + "Standard_D3", + "Standard_D4", + "Standard_D12", + "Standard_D13", + "Standard_D14", + "Standard_D2_v2", + "Standard_D3_v2", + "Standard_D4_v2", + "Standard_D5_v2", + "Standard_D12_v2", + "Standard_D13_v2", + "Standard_D14_v2", + "Standard_D15_v2", + "Standard_F2", + "Standard_F4" + ], + "defaultValue": "Standard_D2_v2", + "metadata": { + "description": "Size of the VM" + }, + "type": "string" + }, + "imageName": { + "allowedValues": [ + "Good", + "Better", + "Best" + ], + "defaultValue": "Good", + "metadata": { + "description": "F5 SKU(IMAGE) to Deploy" + }, + "type": "string" + }, + "licensedBandwidth": { + "allowedValues": [ + "25m", + "200m", + "1g" + ], + "defaultValue": "200m", + "metadata": { + "description": "PAYG licensed bandwidth to allocate for this image." + }, + "type": "string" + }, + "restrictedSrcAddress": { + "defaultValue": "*", + "metadata": { + "description": "Restricts management access to a specific network or address. Enter a IP address or address range in CIDR notation, or asterisk for all sources." + }, + "type": "string" + }, + "tagValues": { + "defaultValue": { + "application": "APP", + "cost": "COST", + "environment": "ENV", + "group": "GROUP", + "owner": "OWNER" + }, + "type": "object" + } + }, + "variables": { + "apiVersion": "2015-06-15", + "computeApiVersion": "2015-06-15", + "networkApiVersion": "2015-06-15", + "storageApiVersion": "2015-06-15", + "location": "[resourceGroup().location]", + "singleQuote": "'", + "f5CloudLibsTag": "v2.1.0", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) a6a9db3b89bbd014413706f22fa619c3717fac41fc99ffe875589c90e9b85a05cea227c134ea6e5b519c8fee0d12f2175368e75917f31f447ece3d92f31814af\n set hashes(f5-cloud-libs-aws.tar.gz) 90058095cc536a057378a90ed19c3afe0cecd9034e1d1816745bd5ad837939623fad034ebd2ee9bdf594f33358b50c50f49a18c2ee7588ba89645142f2217330\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature OmyfJKVQkBj+Ks6SdIc2+UNxM2xFCK4MGizGysivShzeRof0EFlEUTQiZveZ4v2SElofUp5DMVKiTIIkM00kZ7LnwqvLYIOztDFNAtMGwO6/B/zA8jLhkfnA2xzxu9fFgFn3OEsc8QwbfFS1AqCMyyacbbiczJycHtu3z0a/8sqCgiZtcQ4iXqBP4fz+8HKLA36U0jpmW+z0gQQUwpiC+AfFWcAarXMtmpwLzScldnaZ5RLo0MG8EGrHmXiWjndSR/Ii9b3+vnHnceD6+sw7e7LXPvz+jV9/rFyEQOA1QNpv0Cy4SJcuY9NRjV9KNdBobJ5N+h2PZBlgaIdLMACAVQ==\n}', variables('singleQuote'))]", + "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit\nfi\necho loaded verifyHash\necho verifying f5-cloud-libs.targ.gz\n/usr/bin/tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz\nif [ $? != 0 ]; then\necho f5-cloud-libs.tar.gz is not valid\nexit\nfi\necho verified f5-cloud-libs.tar.gz\necho expanding f5-cloud-libs.tar.gz\ntar xvfz /config/cloud/f5-cloud-libs.tar.gz -C /config/cloud\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", + "newStorageAccountName": "[concat(uniquestring(resourceGroup().id), 'stor')]", + "storageAccountType": "Standard_LRS", + "dnsLabel": "[toLower(parameters('dnsLabel'))]", + "imageNameToLower": "[toLower(parameters('imageName'))]", + "skuToUse": "[concat('f5-bigip-virtual-edition-', parameters('licensedBandwidth'), '-', variables('imageNameToLower'),'-hourly')]", + "offerToUse": "f5-big-ip-hourly", + "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", + "nicName": "[concat(variables('dnsLabel'), '-nic')]", + "defaultGw": "10.0.1.1", + "virtualNetworkName": "[concat(variables('dnsLabel'), '-vnet')]", + "vnetId": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]", + "vnetAddressPrefix": "10.0.0.0/16", + "nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-nsg'))]", + "publicIPAddressName": "[concat(variables('dnsLabel'), '-pip')]", + "publicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]", + "publicIPAddressType": "Static", + "subnetName": "[concat(variables('dnsLabel'),'-subnet')]", + "subnetId": "[concat(variables('vnetId'), '/subnets/', variables('subnetName'))]", + "subnetPrefix": "10.0.1.0/24", + "ipAddress": "10.0.1.", + "loadBalancerName": "[concat(variables('dnsLabel'),'-alb')]", + "deviceNamePrefix": "[concat(variables('dnsLabel'),'-device')]", + "lbID": "[resourceId('Microsoft.Network/loadBalancers',variables('loadBalancerName'))]", + "frontEndIPConfigID": "[concat(variables('lbID'),'/frontendIPConfigurations/loadBalancerFrontEnd')]" + }, + "resources": [ + { + "apiVersion": "[variables('networkApiVersion')]", + "location": "[variables('location')]", + "name": "[variables('publicIPAddressName')]", + "properties": { + "dnsSettings": { + "domainNameLabel": "[variables('dnsLabel')]" + }, + "idleTimeoutInMinutes": 30, + "publicIPAllocationMethod": "[variables('publicIPAddressType')]" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/publicIPAddresses" + }, + { + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('virtualNetworkName')]", + "properties": { + "addressSpace": { + "addressPrefixes": [ + "[variables('vnetAddressPrefix')]" + ] + }, + "subnets": [ + { + "name": "[variables('subnetName')]", + "properties": { + "addressPrefix": "[variables('subnetPrefix')]" + } + } + ] + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/virtualNetworks" + }, + { + "apiVersion": "[variables('apiVersion')]", + "copy": { + "count": "[parameters('numberOfInstances')]", + "name": "niccopy" + }, + "dependsOn": [ + "[concat('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]", + "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'))]", + "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'),'/inboundNatRules/guimgt',copyindex())]", + "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'),'/inboundNatRules/sshmgt',copyindex())]", + "[concat('Microsoft.Network/networkSecurityGroups/', variables('dnsLabel'),'-nsg')]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('nicName'),copyindex())]", + "properties": { + "ipConfigurations": [ + { + "name": "ipconfig1", + "properties": { + "loadBalancerBackendAddressPools": [ + { + "id": "[concat(variables('lbID'), '/backendAddressPools/', 'loadBalancerBackEnd')]" + } + ], + "loadBalancerInboundNatRules": [ + { + "id": "[concat(variables('lbID'), '/inboundNatRules/', 'guimgt',copyIndex())]" + }, + { + "id": "[concat(variables('lbID'), '/inboundNatRules/', 'sshmgt',copyIndex())]" + } + ], + "privateIPAddress": "[concat(variables('ipAddress'),add(4,copyindex()))]", + "privateIPAllocationMethod": "Static", + "subnet": { + "id": "[variables('subnetId')]" + } + } + } + ], + "networkSecurityGroup": { + "id": "[variables('nsgID')]" + } + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[concat(variables('dnsLabel'), '-nsg')]", + "properties": { + "securityRules": [ + { + "name": "mgmt_allow_443", + "properties": { + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "443", + "direction": "Inbound", + "priority": 101, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "sourcePortRange": "*" + } + }, + { + "name": "ssh_allow_22", + "properties": { + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "22", + "direction": "Inbound", + "priority": 102, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "sourcePortRange": "*" + } + } + ] + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/networkSecurityGroups" + }, + { + "apiVersion": "[variables('apiVersion')]", + "dependsOn": [ + "[concat('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]" + ], + "location": "[variables('location')]", + "name": "[variables('loadBalancerName')]", + "properties": { + "backendAddressPools": [ + { + "name": "loadBalancerBackEnd" + } + ], + "frontendIPConfigurations": [ + { + "name": "loadBalancerFrontEnd", + "properties": { + "publicIPAddress": { + "id": "[variables('publicIPAddressId')]" + } + } + } + ] + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/loadBalancers" + }, + { + "apiVersion": "[variables('apiVersion')]", + "copy": { + "count": "[parameters('numberOfInstances')]", + "name": "lbNatLoop" + }, + "dependsOn": [ + "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'))]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('loadBalancerName'),'/guimgt', copyIndex())]", + "properties": { + "backendPort": 443, + "enableFloatingIP": false, + "frontendIPConfiguration": { + "id": "[variables('frontEndIPConfigID')]" + }, + "frontendPort": "[copyIndex(8443)]", + "protocol": "tcp" + }, + "type": "Microsoft.Network/loadBalancers/inboundNatRules" + }, + { + "apiVersion": "[variables('apiVersion')]", + "copy": { + "count": "[parameters('numberOfInstances')]", + "name": "lbNatLoop" + }, + "dependsOn": [ + "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'))]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('loadBalancerName'),'/sshmgt', copyIndex())]", + "properties": { + "backendPort": 22, + "enableFloatingIP": false, + "frontendIPConfiguration": { + "id": "[variables('frontEndIPConfigID')]" + }, + "frontendPort": "[copyIndex(8022)]", + "protocol": "tcp" + }, + "type": "Microsoft.Network/loadBalancers/inboundNatRules" + }, + { + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('availabilitySetName')]", + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/availabilitySets" + }, + { + "apiVersion": "[variables('storageApiVersion')]", + "location": "[variables('location')]", + "name": "[variables('newStorageAccountName')]", + "properties": { + "accountType": "[variables('storageAccountType')]" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Storage/storageAccounts" + }, + { + "apiVersion": "[variables('apiVersion')]", + "copy": { + "count": "[parameters('numberOfInstances')]", + "name": "devicecopy" + }, + "dependsOn": [ + "[concat('Microsoft.Network/networkInterfaces/', variables('nicName'), copyindex())]", + "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", + "[concat('Microsoft.Storage/storageAccounts/', variables('newStorageAccountName'))]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('deviceNamePrefix'),copyindex())]", + "plan": { + "name": "[variables('skuToUse')]", + "product": "[variables('offerToUse')]", + "publisher": "f5-networks" + }, + "properties": { + "availabilitySet": { + "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "[concat('http://',variables('newstorageAccountName'),'.blob.core.windows.net')]" + } + }, + "hardwareProfile": { + "vmSize": "[parameters('instanceType')]" + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "[concat(resourceId('Microsoft.Network/networkInterfaces',variables('nicName')),copyindex())]" + } + ] + }, + "osProfile": { + "adminPassword": "[parameters('adminPassword')]", + "adminUsername": "[parameters('adminUsername')]", + "computerName": "[concat(variables('deviceNamePrefix'),copyindex())]" + }, + "storageProfile": { + "imageReference": { + "offer": "[variables('offerToUse')]", + "publisher": "f5-networks", + "sku": "[variables('skuToUse')]", + "version": "12.1.22" + }, + "osDisk": { + "caching": "ReadWrite", + "createOption": "FromImage", + "name": "[concat('osdisk',copyindex())]", + "vhd": { + "uri": "[concat('http://',variables('newStorageAccountName'),'.blob.core.windows.net/',variables('newStorageAccountName'),'/osDisk',copyindex(),'.vhd')]" + } + } + } + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/virtualMachines" + }, + { + "apiVersion": "2016-03-30", + "dependsOn": [ + "[concat('Microsoft.Compute/virtualMachines/',variables('deviceNamePrefix'),0)]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('deviceNamePrefix'),0,'/start')]", + "properties": { + "protectedSettings": { + "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', concat(variables('ipAddress'), 4), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('deviceNamePrefix'), 0, '.azuresecurity.com'), ' --ntp pool.ntp.org --db provision.1nicautoconfig:disable --db tmm.maxremoteloglength:2048 --module ltm:nominal --module asm:none --module afm:none; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/cluster.js --output /var/log/cluster.log --log-level debug --host ', concat(variables('ipAddress'), 4), ' -u admin --password-url file:///config/cloud/passwd --config-sync-ip ', concat(variables('ipAddress'), 4), ' --create-group --device-group Sync --sync-type sync-failover --device ', concat(variables('deviceNamePrefix'), 0, '.azuresecurity.com'), ' --auto-sync --save-on-auto-sync; rm -f /config/cloud/passwd')]" + }, + "publisher": "Microsoft.Azure.Extensions", + "settings": { + "fileUris": [ + "[concat('https://raw.githubusercontent.com/F5Networks/f5-cloud-libs/', variables('f5CloudLibsTag'), '/dist/f5-cloud-libs.tar.gz')]" + ] + }, + "type": "CustomScript", + "typeHandlerVersion": "2.0" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/virtualMachines/extensions" + }, + { + "apiVersion": "2016-03-30", + "copy": { + "count": "[sub(parameters('numberOfInstances'), 1)]", + "name": "extensionLoop" + }, + "dependsOn": [ + "[concat('Microsoft.Compute/virtualMachines/',variables('deviceNamePrefix'),add(copyindex(),1))]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('deviceNamePrefix'),add(copyindex(),1),'/start')]", + "properties": { + "protectedSettings": { + "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', concat(variables('ipAddress'), 5), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('deviceNamePrefix'), copyindex(1), '.azuresecurity.com'), ' --ntp pool.ntp.org --db provision.1nicautoconfig:disable --db tmm.maxremoteloglength:2048 --module ltm:nominal --module asm:none --module afm:none; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/cluster.js --output /var/log/cluster.log --log-level debug --host ', concat(variables('ipAddress'), 5), ' -u admin --password-url file:///config/cloud/passwd --config-sync-ip ', concat(variables('ipAddress'), 5), ' --join-group --device-group Sync --sync --remote-host ', concat(variables('ipAddress'), 4), ' --remote-user admin --remote-password-url file:///config/cloud/passwd; rm -f /config/cloud/passwd')]" + }, + "publisher": "Microsoft.Azure.Extensions", + "settings": { + "fileUris": [ + "[concat('https://raw.githubusercontent.com/F5Networks/f5-cloud-libs/', variables('f5CloudLibsTag'), '/dist/f5-cloud-libs.tar.gz')]" + ] + }, + "type": "CustomScript", + "typeHandlerVersion": "2.0" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "outputs": { + "GUI-URL": { + "type": "string", + "value": "[concat('https://',reference(variables('publicIPAddressId')).dnsSettings.fqdn,':8443')]" + }, + "SSH-URL": { + "type": "string", + "value": "[concat(reference(variables('publicIPAddressId')).dnsSettings.fqdn,' ',8022)]" + } + } +} \ No newline at end of file diff --git a/experimental/cluster/1nic/PAYG/azuredeploy.parameters.json b/experimental/cluster/1nic/PAYG/azuredeploy.parameters.json new file mode 100644 index 0000000000..1c55bb0e2a --- /dev/null +++ b/experimental/cluster/1nic/PAYG/azuredeploy.parameters.json @@ -0,0 +1,39 @@ +{ + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.1.2.0", + "parameters": { + "numberOfInstances": { + "value": 2 + }, + "adminUsername": { + "value": "azureuser" + }, + "adminPassword": { + "value": "GEN_UNIQUE" + }, + "dnsLabel": { + "value": "REQUIRED" + }, + "instanceType": { + "value": "Standard_D2_v2" + }, + "imageName": { + "value": "Good" + }, + "licensedBandwidth": { + "value": "200m" + }, + "restrictedSrcAddress": { + "value": "*" + }, + "tagValues": { + "value": { + "application": "APP", + "cost": "COST", + "environment": "ENV", + "group": "GROUP", + "owner": "OWNER" + } + } + } +} \ No newline at end of file diff --git a/experimental/cluster/1nic/README.md b/experimental/cluster/1nic/README.md index 7da91ece84..87adfb6ec7 100644 --- a/experimental/cluster/1nic/README.md +++ b/experimental/cluster/1nic/README.md @@ -17,7 +17,7 @@ See the **[Configuration Example](#config)** section for a configuration diagram - For a list versions of the BIG-IP Virtual Edition (VE) and F5 licenses that are supported on specific hypervisors and Microsoft Azure, see https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ve-supported-hypervisor-matrix.html. -### Help +### Help We encourage you to use our [Slack channel](https://f5cloudsolutions.herokuapp.com) for discussion and assistance on F5 ARM templates. This channel is typically monitored Monday-Friday 9-5 PST by F5 employees who will offer best-effort support.
While this template has been created by F5 Networks, it is in the experimental directory and therefore has not completed full testing and is subject to change. F5 Networks does not offer technical support for templates in the experimental directory. For supported templates, see the templates in the **supported** directory. @@ -33,7 +33,12 @@ You have three options for deploying this template: Use the following button to deploy the template. See the Template parameters section to see the information you need to succesfully deploy the template. **BASE (No application)**
- +## BYOL + + + +## PAYG(Hourly) + @@ -267,9 +272,9 @@ After the deployment successfully finishes, you can find the BIG-IP Management U * Click the Deployment Status, and then the Deployment. * In the "Outputs" area, you find the URLs and ports you can use to connect to the F5 cluster. -## Deploying Custom Configuration to an Azure Virtual Machine +## Deploying Custom Configuration to an Azure Virtual Machine -This sample code uses the CustomScript extension resource to configure the f5.ip_forwarding iApp on BIG-IP VE in Azure Resource Manager. +This sample code uses the CustomScript extension resource to configure the f5.ip_forwarding iApp on BIG-IP VE in Azure Resource Manager. The CustomScript extension resource name must reference the Azure virtual machine name and must have a dependency on that virtual machine. You can use only one CustomScript extension resource per virtual machine; however, you can combine multiple semicolon-delimited commands in a single extension resource definition. diff --git a/experimental/cluster/1nic/azuredeploy.json b/experimental/cluster/1nic/azuredeploy.json deleted file mode 100644 index 8dfac1bfc9..0000000000 --- a/experimental/cluster/1nic/azuredeploy.json +++ /dev/null @@ -1,518 +0,0 @@ -{ - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.1.0.0", - "parameters": { - "solutionDeploymentName": { - "type": "string", - "metadata": { - "description": "A unique name for this deployment." - } - }, - "numberOfInstances": { - "type": "int", - "defaultValue": 2, - "allowedValues": [ 2 ], - "metadata": { - "description": "The number of BIG-IP VEs that will be deployed in front of your application." - } - }, - "instanceType": { - "type": "string", - "defaultValue": "Standard_A4", - "metadata": { - "description": "The size of the Virtual Hardware Instance." - }, - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_D2", - "Standard_D3", - "Standard_D5", - "Standard_D2_v2", - "Standard_D3_v2", - "Standard_D5_v2", - "Standard_F2", - "Standard_F4" - ] - }, - "imageName": { - "defaultValue": "Good", - "allowedValues": [ - "Good", - "Better", - "Best" - ], - "metadata": { - "description": "F5 SKU (image) to deploy" - }, - "type": "string" - }, - "adminUsername": { - "type": "string", - "defaultValue": "azureuser", - "metadata": { - "description": "User name to login to the BIG-IP VE." - } - }, - "adminPassword": { - "type": "securestring", - "metadata": { - "description": "Password to login to the BIG-IP VE." - } - }, - "dnsLabel": { - "type": "string", - "metadata": { - "description": "Unique DNS Name for the Public IP used to access the BIG-IP VEs for management." - } - }, - "licenseKey1": { - "type": "string", - "defaultValue": "REQUIRED", - "metadata": { - "description": "The license token for the first F5 BIG-IP VE." - } - }, - "licenseKey2": { - "type": "string", - "defaultValue": "REQUIRED", - "metadata": { - "description": "The license token for the second F5 BIG-IP VE. This field is required when deploying two or more devices." - } - }, - "restrictedSrcAddress": { - "type": "string", - "defaultValue": "*", - "metadata": { - "description": "Restricts management access to a specific network or address. Enter a IP address or address range in CIDR notation, or asterisk for all sources." - } - }, - "tagValues": { - "type": "object", - "defaultValue": { - "application": "APP", - "environment": "ENV", - "group": "GROUP", - "owner": "OWNER", - "cost": "COST" - } - } - }, - "variables": { - "f5CloudLibsTag": "v2.1.0", - "singleQuote": "'", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) a6a9db3b89bbd014413706f22fa619c3717fac41fc99ffe875589c90e9b85a05cea227c134ea6e5b519c8fee0d12f2175368e75917f31f447ece3d92f31814af\n set hashes(f5-cloud-libs-aws.tar.gz) 90058095cc536a057378a90ed19c3afe0cecd9034e1d1816745bd5ad837939623fad034ebd2ee9bdf594f33358b50c50f49a18c2ee7588ba89645142f2217330\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature OmyfJKVQkBj+Ks6SdIc2+UNxM2xFCK4MGizGysivShzeRof0EFlEUTQiZveZ4v2SElofUp5DMVKiTIIkM00kZ7LnwqvLYIOztDFNAtMGwO6/B/zA8jLhkfnA2xzxu9fFgFn3OEsc8QwbfFS1AqCMyyacbbiczJycHtu3z0a/8sqCgiZtcQ4iXqBP4fz+8HKLA36U0jpmW+z0gQQUwpiC+AfFWcAarXMtmpwLzScldnaZ5RLo0MG8EGrHmXiWjndSR/Ii9b3+vnHnceD6+sw7e7LXPvz+jV9/rFyEQOA1QNpv0Cy4SJcuY9NRjV9KNdBobJ5N+h2PZBlgaIdLMACAVQ==\n}', variables('singleQuote'))]", - "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit\nfi\necho loaded verifyHash\necho verifying f5-cloud-libs.targ.gz\n/usr/bin/tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz\nif [ $? != 0 ]; then\necho f5-cloud-libs.tar.gz is not valid\nexit\nfi\necho verified f5-cloud-libs.tar.gz\necho expanding f5-cloud-libs.tar.gz\ntar xvfz /config/cloud/f5-cloud-libs.tar.gz -C /config/cloud\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", - "location": "[resourceGroup().location]", - "dnsLabel": "[toLower(parameters('dnsLabel'))]", - "imageNameToLower": "[toLower(parameters('imageName'))]", - "skuToUse": "[concat('f5-bigip-virtual-edition-', variables('imageNameToLower'),'-byol')]", - "virtualNetworkName": "[concat(variables('dnsLabel'),'-vnet')]", - "vnetAddressPrefix": "10.10.0.0/16", - "subnetName": "[concat(variables('dnsLabel'),'-subNet')]", - "subnetPrefix": "10.10.1.0/24", - "ipAddress": "10.10.1.", - "nicNamePrefix": "[concat(variables('dnsLabel'),'-nic')]", - "loadBalancerName": "[concat(variables('dnsLabel'),'-alb')]", - "availabilitySetName": "[concat(variables('dnsLabel'),'-avset')]", - "newStorageAccountName": "[concat(uniquestring(variables('dnsLabel')), 'stor')]", - "deviceNamePrefix": "[concat(variables('dnsLabel'),'-device')]", - "nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-nsg'))]", - "lbID": "[resourceId('Microsoft.Network/loadBalancers',variables('loadBalancerName'))]", - "frontEndIPConfigID": "[concat(variables('lbID'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", - "guiMgtID": "[concat(variables('lbID'),'/inboundNatRules/guimgt')]", - "sshMgtID": "[concat(variables('lbID'),'/inboundNatRules/sshmgt')]", - "publicIPID": "[resourceId('Microsoft.Network/publicIPAddresses',variables('dnsLabel'))]", - "vnetID": "[resourceId('Microsoft.Network/virtualNetworks',variables('virtualNetworkName'))]", - "subnetRef": "[concat(variables('vnetID'),'/subnets/',variables('subnetName'))]" - }, - "resources": [ - { - "apiVersion": "2015-06-15", - "type": "Microsoft.Network/publicIPAddresses", - "name": "[variables('dnsLabel')]", - "location": "[variables('location')]", - "tags": { - "displayName": "PublicIPAddress", - "application": "[parameters('tagValues').application]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", - "owner": "[parameters('tagValues').owner]", - "costCenter": "[parameters('tagValues').cost]" - }, - "properties": { - "publicIPAllocationMethod": "Dynamic", - "dnsSettings": { - "domainNameLabel": "[variables('dnsLabel')]" - } - } - }, - { - "apiVersion": "2015-06-15", - "type": "Microsoft.Network/virtualNetworks", - "name": "[variables('virtualNetworkName')]", - "location": "[variables('location')]", - "tags": { - "displayName": "VirtualNetwork", - "application": "[parameters('tagValues').application]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", - "owner": "[parameters('tagValues').owner]", - "costCenter": "[parameters('tagValues').cost]" - }, - "properties": { - "addressSpace": { - "addressPrefixes": [ - "[variables('vnetAddressPrefix')]" - ] - }, - "subnets": [ - { - "name": "[variables('subnetName')]", - "properties": { - "addressPrefix": "[variables('subnetPrefix')]" - } - } - ] - } - }, - { - "apiVersion": "2015-06-15", - "type": "Microsoft.Network/networkInterfaces", - "name": "[concat(variables('nicNamePrefix'),copyindex())]", - "location": "[variables('location')]", - "tags": { - "displayName": "NetworkInterface", - "application": "[parameters('tagValues').application]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", - "owner": "[parameters('tagValues').owner]", - "costCenter": "[parameters('tagValues').cost]" - }, - "dependsOn": [ - "[concat('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]", - "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'))]", - "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'),'/inboundNatRules/guimgt',copyindex())]", - "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'),'/inboundNatRules/sshmgt',copyindex())]", - "[concat('Microsoft.Network/networkSecurityGroups/', variables('dnsLabel'),'-nsg')]" - ], - "copy": { - "count": "[parameters('numberOfInstances')]", - "name": "niccopy" - }, - "properties": { - "networkSecurityGroup": { - "id": "[variables('nsgID')]" - }, - "ipConfigurations": [ - { - "name": "ipconfig1", - "properties": { - "privateIPAllocationMethod": "Static", - "privateIPAddress": "[concat(variables('ipAddress'),add(4,copyindex()))]", - "subnet": { - "id": "[variables('subnetRef')]" - }, - "loadBalancerBackendAddressPools": [ - { - "id": "[concat(variables('lbID'), '/backendAddressPools/', 'loadBalancerBackEnd')]" - } - ], - "loadBalancerInboundNatRules": [ - { - "id": "[concat(variables('lbID'), '/inboundNatRules/', 'guimgt',copyIndex())]" - }, - { - "id": "[concat(variables('lbID'), '/inboundNatRules/', 'sshmgt',copyIndex())]" - } - ] - } - } - ] - } - }, - { - "apiVersion": "2015-06-15", - "type": "Microsoft.Network/networkSecurityGroups", - "name": "[concat(variables('dnsLabel'), '-nsg')]", - "location": "[variables('location')]", - "tags": { - "displayName": "NetworkSecurityGroup", - "application": "[parameters('tagValues').application]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", - "owner": "[parameters('tagValues').owner]", - "costCenter": "[parameters('tagValues').cost]" - }, - "properties": { - "securityRules": [ - { - "name": "mgmt_allow_443", - "properties": { - "description": "", - "priority": 101, - "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", - "sourcePortRange": "*", - "destinationAddressPrefix": "*", - "destinationPortRange": "443", - "protocol": "TCP", - "direction": "Inbound", - "access": "Allow" - } - }, - { - "name": "ssh_allow_22", - "properties": { - "description": "", - "priority": 102, - "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", - "sourcePortRange": "*", - "destinationAddressPrefix": "*", - "destinationPortRange": "22", - "protocol": "TCP", - "direction": "Inbound", - "access": "Allow" - } - } - ] - } - }, - { - "apiVersion": "2015-06-15", - "dependsOn": [ - "[concat('Microsoft.Network/publicIPAddresses/', variables('dnsLabel'))]" - ], - "location": "[variables('location')]", - "tags": { - "displayName": "LoadBalancer", - "application": "[parameters('tagValues').application]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", - "owner": "[parameters('tagValues').owner]", - "costCenter": "[parameters('tagValues').cost]" - }, - "name": "[variables('loadBalancerName')]", - "properties": { - "frontendIPConfigurations": [ - { - "name": "loadBalancerFrontEnd", - "properties": { - "publicIPAddress": { - "id": "[variables('publicIPID')]" - } - } - } - ], - "backendAddressPools": [ - { - "name": "loadBalancerBackEnd" - } - ] - }, - "type": "Microsoft.Network/loadBalancers" - }, - { - "apiVersion": "2015-06-15", - "type": "Microsoft.Network/loadBalancers/inboundNatRules", - "name": "[concat(variables('loadBalancerName'),'/guimgt', copyIndex())]", - "location": "[variables('location')]", - "copy": { - "name": "lbNatLoop", - "count": "[parameters('numberOfInstances')]" - }, - "dependsOn": [ - "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'))]" - ], - "properties": { - "frontendIPConfiguration": { - "id": "[variables('frontEndIPConfigID')]" - }, - "protocol": "tcp", - "frontendPort": "[copyIndex(8443)]", - "backendPort": 443, - "enableFloatingIP": false - } - }, - { - "apiVersion": "2015-06-15", - "type": "Microsoft.Network/loadBalancers/inboundNatRules", - "name": "[concat(variables('loadBalancerName'),'/sshmgt', copyIndex())]", - "location": "[variables('location')]", - "copy": { - "name": "lbNatLoop", - "count": "[parameters('numberOfInstances')]" - }, - "dependsOn": [ - "[concat('Microsoft.Network/loadBalancers/', variables('loadBalancerName'))]" - ], - "properties": { - "frontendIPConfiguration": { - "id": "[variables('frontEndIPConfigID')]" - }, - "protocol": "tcp", - "frontendPort": "[copyIndex(8022)]", - "backendPort": 22, - "enableFloatingIP": false - } - }, - { - "apiVersion": "2015-06-15", - "location": "[variables('location')]", - "tags": { - "displayName": "AvailabilitySet", - "application": "[parameters('tagValues').application]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", - "owner": "[parameters('tagValues').owner]", - "costCenter": "[parameters('tagValues').cost]" - }, - "name": "[variables('availabilitySetName')]", - "type": "Microsoft.Compute/availabilitySets" - }, - { - "apiVersion": "2015-06-15", - "type": "Microsoft.Compute/virtualMachines", - "name": "[concat(variables('deviceNamePrefix'),copyindex())]", - "location": "[variables('location')]", - "tags": { - "displayName": "VirtualMachine", - "application": "[parameters('tagValues').application]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", - "owner": "[parameters('tagValues').owner]", - "costCenter": "[parameters('tagValues').cost]" - }, - "dependsOn": [ - "[concat('Microsoft.Network/networkInterfaces/', variables('nicNamePrefix'), copyindex())]", - "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", - "[concat('Microsoft.Storage/storageAccounts/', variables('newStorageAccountName'))]" - ], - "copy": { - "count": "[parameters('numberOfInstances')]", - "name": "devicecopy" - }, - "plan": { - "name": "[variables('skuToUse')]", - "publisher": "f5-networks", - "product": "f5-big-ip" - }, - "properties": { - "availabilitySet": { - "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" - }, - "hardwareProfile": { - "vmSize": "[parameters('instanceType')]" - }, - "osProfile": { - "computerName": "[concat(variables('deviceNamePrefix'),copyindex())]", - "adminUsername": "[parameters('adminUsername')]", - "adminPassword": "[parameters('adminPassword')]" - }, - "storageProfile": { - "imageReference": { - "publisher": "f5-networks", - "offer": "f5-big-ip", - "sku": "[variables('skuToUse')]", - "version": "12.1.21" - }, - "osDisk": { - "name": "[concat('osdisk',copyindex())]", - "vhd": { - "uri": "[concat('http://',variables('newStorageAccountName'),'.blob.core.windows.net/',variables('newStorageAccountName'),'/osDisk',copyindex(),'.vhd')]" - }, - "caching": "ReadWrite", - "createOption": "FromImage" - } - }, - "networkProfile": { - "networkInterfaces": [ - { - "id": "[concat(resourceId('Microsoft.Network/networkInterfaces',variables('nicNamePrefix')),copyindex())]" - } - ] - }, - "diagnosticsProfile": { - "bootDiagnostics": { - "enabled": true, - "storageUri": "[concat('http://',variables('newstorageAccountName'),'.blob.core.windows.net')]" - } - } - } - }, - { - "name": "[variables('newStorageAccountName')]", - "type": "Microsoft.Storage/storageAccounts", - "location": "[variables('location')]", - "tags": { - "displayName": "StorageAccount", - "application": "[parameters('tagValues').application]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", - "owner": "[parameters('tagValues').owner]", - "costCenter": "[parameters('tagValues').cost]" - }, - "apiVersion": "2015-06-15", - "properties": { - "accountType": "Standard_LRS" - } - }, - { - "type": "Microsoft.Compute/virtualMachines/extensions", - "name": "[concat(variables('deviceNamePrefix'),0,'/start')]", - "apiVersion": "2016-03-30", - "location": "[variables('location')]", - "dependsOn": [ - "[concat('Microsoft.Compute/virtualMachines/',variables('deviceNamePrefix'),0)]" - ], - "properties": { - "publisher": "Microsoft.Azure.Extensions", - "type": "CustomScript", - "typeHandlerVersion": "2.0", - "settings": { - "fileUris": [ - "[concat('https://raw.githubusercontent.com/F5Networks/f5-cloud-libs/', variables('f5CloudLibsTag'), '/dist/f5-cloud-libs.tar.gz')]" - ] - }, - "protectedSettings": { - "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', concat(variables('ipAddress'), 4), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('deviceNamePrefix'), 0, '.azuresecurity.com'), ' --ntp pool.ntp.org --license ', parameters('licenseKey1'), ' --db provision.1nicautoconfig:disable --db tmm.maxremoteloglength:2048 --module ltm:nominal --module asm:none --module afm:none; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/cluster.js --output /var/log/cluster.log --log-level debug --host ', concat(variables('ipAddress'), 4), ' -u admin --password-url file:///config/cloud/passwd --config-sync-ip ', concat(variables('ipAddress'), 4), ' --create-group --device-group Sync --sync-type sync-failover --device ', concat(variables('deviceNamePrefix'), 0, '.azuresecurity.com'), ' --auto-sync --save-on-auto-sync; rm -f /config/cloud/passwd')]" - } - } - }, - { - "type": "Microsoft.Compute/virtualMachines/extensions", - "copy": { - "name": "extensionLoop", - "count": "[sub(parameters('numberOfInstances'), 1)]" - }, - "name": "[concat(variables('deviceNamePrefix'),add(copyindex(),1),'/start')]", - "apiVersion": "2016-03-30", - "location": "[variables('location')]", - "dependsOn": [ - "[concat('Microsoft.Compute/virtualMachines/',variables('deviceNamePrefix'),add(copyindex(),1))]" - ], - "properties": { - "publisher": "Microsoft.Azure.Extensions", - "type": "CustomScript", - "typeHandlerVersion": "2.0", - "settings": { - "fileUris": [ - "[concat('https://raw.githubusercontent.com/F5Networks/f5-cloud-libs/', variables('f5CloudLibsTag'), '/dist/f5-cloud-libs.tar.gz')]" - ] - }, - "protectedSettings": { - "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', concat(variables('ipAddress'), 5), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('deviceNamePrefix'), copyindex(1), '.azuresecurity.com'), ' --ntp pool.ntp.org --license ', parameters('licenseKey2'), ' --db provision.1nicautoconfig:disable --db tmm.maxremoteloglength:2048 --module ltm:nominal --module asm:none --module afm:none; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/cluster.js --output /var/log/cluster.log --log-level debug --host ', concat(variables('ipAddress'), 5), ' -u admin --password-url file:///config/cloud/passwd --config-sync-ip ', concat(variables('ipAddress'), 5), ' --join-group --device-group Sync --sync --remote-host ', concat(variables('ipAddress'), 4), ' --remote-user admin --remote-password-url file:///config/cloud/passwd; rm -f /config/cloud/passwd')]" - } - } - } - ], - "outputs": { - "GUI-URL": { - "type": "string", - "value": "[concat('https://',reference(variables('publicIPID')).dnsSettings.fqdn,':8443')]" - }, - "SSH-URL": { - "type": "string", - "value": "[concat(reference(variables('publicIPID')).dnsSettings.fqdn,' ',8022)]" - } - } -} \ No newline at end of file diff --git a/experimental/cluster/1nic/azuredeploy.parameters.json b/experimental/cluster/1nic/azuredeploy.parameters.json deleted file mode 100644 index b169a81ce1..0000000000 --- a/experimental/cluster/1nic/azuredeploy.parameters.json +++ /dev/null @@ -1,45 +0,0 @@ -{ - "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "1.1.0.0", - "parameters": { - "solutionDeploymentName": { - "value": "GEN-UNIQUE" - }, - "numberOfInstances": { - "value": "2" - }, - "instanceType": { - "value": "Standard_A4" - }, - "imageName": { - "value": "Good" - }, - "adminUsername": { - "value": "azureuser" - }, - "adminPassword": { - "value": "GEN_UNIQUE" - }, - "dnsLabel": { - "value": "GEN-UNIQUE" - }, - "licenseKey1": { - "value": "GEN-UNIQUE" - }, - "licenseKey2": { - "value": "GEN-UNIQUE" - }, - "restrictedSrcAddress": { - "value": "*" - }, - "tagValues": { - "value": { - "application": "APP", - "environment": "ENV", - "group": "GROUP", - "owner": "OWNER", - "cost": "COST" - } - } - } -} \ No newline at end of file diff --git a/experimental/cluster/1nic/deploy_via_bash.sh b/experimental/cluster/1nic/deploy_via_bash.sh index 1d905fb95f..1a64acb553 100644 --- a/experimental/cluster/1nic/deploy_via_bash.sh +++ b/experimental/cluster/1nic/deploy_via_bash.sh @@ -1,64 +1,61 @@ #!/bin/bash -# Bash Script to deploy ARM template into Azure, using azure cli 1.0 -# Example Command: ./deploy_via_bash.sh --sdname sdname01 --nbrinstances 2 --adminusr azureuser --adminpwd 'password' --dnslabel label01 --key1 XXXX-XXXX --key2 XXXX-XXXX --rgname examplerg --azureusr loginuser --azurepwd loginpwd +## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## +## Example Command: ./deploy_via_bash.sh --licenseType PAYG --licensedBandwidth 200m --numberOfInstances 2 --adminUsername azureuser --adminPassword --dnsLabel --instanceType Standard_D2_v2 --imageName Good --restrictedSrcAddress "*" --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Paramters and Define Variables -# Specify static items, change these as needed or make them parameters (instance_type is already an optional paramter) +# Specify static items, change these as needed or make them parameters region="westus" -template_file="azuredeploy.json" -parameter_file="azuredeploy.parameters.json" -instance_type="Standard_D2_v2" -image_name="Best" -restricted_source_address="*" -tag_values="{\"application\":\"APP\",\"environment\":\"ENV\",\"group\":\"GROUP\",\"owner\":\"OWNER\",\"cost\":\"COST\"}" +restrictedSrcAddress="*" +tagValues='{"application":"APP","environment":"ENV","group":"GROUP","owner":"OWNER","cost":"COST"}' - -ARGS=`getopt -o a:b:c:d:e:f:g:h:i:j:k:l:m: --long sdname:,nbrinstances:,adminusr:,adminpwd:,insttype:,imgname:,dnslabel:,key1:,key2:,rstsrcaddr:,rgname:,azureusr:,azurepwd: -n $0 -- "$@"` +ARGS=`getopt -o a:b:c:d:e:f:g:h:i:j:k:l:m:n: --long resourceGroupName:,azureLoginUser:,azureLoginPassword:,licenseType:,licensedBandwidth:,licenseKey1:,licenseKey2:,numberOfInstances:,adminUsername:,adminPassword:,dnsLabel:,instanceType:,imageName:,restrictedSrcAddress: -n $0 -- "$@"` eval set -- "$ARGS" - # Parse the command line arguments, primarily checking full params as short params are just placeholders while true; do case "$1" in - -a|--sdname) - solution_deployment_name=$2 + -a|--resourceGroupName) + resourceGroupName=$2 shift 2;; - -b|--nbrinstances) - number_of_instances=$2 + -b|--azureLoginUser) + azureLoginUser=$2 shift 2;; - -c|--adminusr) - admin_username=$2 + -c|--azureLoginPassword) + azureLoginPassword=$2 shift 2;; - -d|--adminpwd) - admin_password=$2 + -d|--licenseType) + licenseType=$2 shift 2;; - -e|--insttype) - instance_type=$2 + -e|--licensedBandwidth) + licensedBandwidth=$2 shift 2;; - -f|--imgname) - image_name=$2 + -f|--licenseKey1) + licenseKey1=$2 shift 2;; - -g|--dnslabel) - dns_label=$2 + -g|--licenseKey2) + licenseKey2=$2 shift 2;; - -h|--key1) - license_key_1=$2 + -h|--numberOfInstances) + numberOfInstances=$2 shift 2;; - -i|--key2) - license_key_2=$2 + -i|--adminUsername) + adminUsername=$2 shift 2;; - -j|--rstsrcaddr) - restricted_source_address=$2 + -j|--adminPassword) + adminPassword=$2 shift 2;; - -k|--rgname) - resource_group_name=$2 + -k|--dnsLabel) + dnsLabel=$2 shift 2;; - -l|--azureusr) - azure_user=$2 + -l|--instanceType) + instanceType=$2 shift 2;; - -m|--azurepwd) - azure_pwd=$2 + -m|--imageName) + imageName=$2 + shift 2;; + -n|--restrictedSrcAddress) + restrictedSrcAddress=$2 shift 2;; --) shift @@ -66,11 +63,8 @@ while true; do esac done -echo "Disclaimer: Scripting to Deploy F5 Solution templates into Cloud Environments are provided as examples. They will be treated as best effort for issues that occur, feedback is encouraged." -sleep 3 - #If a required paramater is not passed, the script will prompt for it below -required_variables="solution_deployment_name number_of_instances admin_username admin_password dns_label license_key_1 license_key_2 resource_group_name azure_user azure_pwd" +required_variables="numberOfInstances adminUsername adminPassword dnsLabel instanceType imageName resourceGroupName licenseType " for variable in $required_variables do if [ -v ${!variable} ] ; then @@ -78,20 +72,49 @@ for variable in $required_variables fi done -# Login to Azure, for simplicity in this example using username and password supplied as script arguments --azureusr and --azurepwd +# Prompt for license key if not supplied and BYOL is selected +if [ $licenseType == "BYOL" ]; then + if [ -v $licenseKey1 ] ; then + read -p "Please enter value for licenseKey1:" licenseKey1 + fi + if [ -v $licenseKey2 ] ; then + read -p "Please enter value for licenseKey2:" licenseKey2 + fi + template_file="./BYOL/azuredeploy.json" + parameter_file="./BYOL/azuredeploy.parameters.json" +fi +# Prompt for license key if not supplied and PAYG is selected +if [ $licenseType == "PAYG" ]; then + if [ -v $licensedBandwidth ] ; then + read -p "Please enter value for licensedBandwidth:" licensedBandwidth + fi + template_file="./PAYG/azuredeploy.json" + parameter_file="./PAYG/azuredeploy.parameters.json" +fi + +echo "Disclaimer: Scripting to Deploy F5 Solution templates into Cloud Environments are provided as examples. They will be treated as best effort for issues that occur, feedback is encouraged." +sleep 3 + +# Login to Azure, for simplicity in this example using username and password supplied as script arguments --azureLoginUser and --azureLoginPassword # Perform Check to see if already logged in azure account show > /dev/null 2>&1 if [[ $? != 0 ]] ; then - azure login -u $azure_user -p $azure_pwd + azure login -u $azureLoginUser -p $azureLoginPassword fi - # Switch to ARM mode azure config mode arm # Create ARM Group -azure group create -n $resource_group_name -l $region +azure group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file AND parameters inline via Azure CLI, # such as can been done with Powershell...oh well! -azure group deployment create -f $template_file -g $resource_group_name -n $resource_group_name -p "{\"solutionDeploymentName\":{\"value\":\"$solution_deployment_name\"},\"numberOfInstances\":{\"value\":$number_of_instances},\"instanceType\":{\"value\":\"$instance_type\"},\"imageName\":{\"value\":\"$image_name\"},\"adminUsername\":{\"value\":\"$admin_username\"},\"adminPassword\":{\"value\":\"$admin_password\"},\"dnsLabel\":{\"value\":\"$dns_label\"},\"licenseKey1\":{\"value\":\"$license_key_1\"},\"licenseKey2\":{\"value\":\"$license_key_2\"},\"restrictedSrcAddress\":{\"value\":\"$restricted_source_address\"},\"tagValues\":{\"value\":$tag_values}}" \ No newline at end of file +if [ $licenseType == "BYOL" ]; then + azure group deployment create -f $template_file -g $resourceGroupName -n $resourceGroupName -p "{\"numberOfInstances\":{\"value\":\"$numberOfInstances\"},\"adminUsername\":{\"value\":\"$adminUsername\"},\"adminPassword\":{\"value\":\"$adminPassword\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"licenseKey1\":{\"value\":\"$licenseKey1\"},\"licenseKey2\":{\"value\":\"$licenseKey2\"}}" +elif [ $licenseType == "PAYG" ]; then + azure group deployment create -f $template_file -g $resourceGroupName -n $resourceGroupName -p "{\"numberOfInstances\":{\"value\":\"$numberOfInstances\"},\"adminUsername\":{\"value\":\"$adminUsername\"},\"adminPassword\":{\"value\":\"$adminPassword\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"licensedBandwidth\":{\"value\":\"$licensedBandwidth\"}}" +else + echo "Uh oh, shouldn't make it here! Ensure license type is either PAYG or BYOL" + exit 1 +fi \ No newline at end of file diff --git a/experimental/standalone/1nic/azuredeploy.json b/experimental/standalone/1nic/BYOL/azuredeploy.json similarity index 58% rename from experimental/standalone/1nic/azuredeploy.json rename to experimental/standalone/1nic/BYOL/azuredeploy.json index 900723a63f..c192ff882f 100644 --- a/experimental/standalone/1nic/azuredeploy.json +++ b/experimental/standalone/1nic/BYOL/azuredeploy.json @@ -1,390 +1,400 @@ { - "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "1.1.0.0", + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", + "contentVersion": "1.1.2.0", "parameters": { "adminUsername": { - "defaultValue": "azureuser", - "type": "string", + "defaultValue": "azureuser", "metadata": { "description": "User name for the Virtual Machine." - } - }, + }, + "type": "string" + }, "adminPassword": { - "type": "securestring", "metadata": { "description": "Password to login to the Virtual Machine." - } - }, + }, + "type": "securestring" + }, "dnsLabel": { - "defaultValue": "REQUIRED", - "type": "string", + "defaultValue": "REQUIRED", "metadata": { "description": "Unique DNS Name for the Public IP used to access the Virtual Machine." - } - }, + }, + "type": "string" + }, "instanceName": { - "defaultValue": "f5vm01", - "type": "string", + "defaultValue": "f5vm01", "metadata": { "description": "Name of the VM" - } - }, + }, + "type": "string" + }, "instanceType": { - "defaultValue": "Standard_D2_v2", - "metadata": { - "description": "Size of the VM" - }, - "type": "string", "allowedValues": [ - "Standard_A4", - "Standard_A9", - "Standard_A11", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_D2_v2", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_F2", + "Standard_A2", + "Standard_A3", + "Standard_A4", + "Standard_A9", + "Standard_A11", + "Standard_D2", + "Standard_D3", + "Standard_D4", + "Standard_D12", + "Standard_D13", + "Standard_D14", + "Standard_D2_v2", + "Standard_D3_v2", + "Standard_D4_v2", + "Standard_D5_v2", + "Standard_D12_v2", + "Standard_D13_v2", + "Standard_D14_v2", + "Standard_D15_v2", + "Standard_F2", "Standard_F4" - ] - }, - "imageName": { - "defaultValue": "Good", + ], + "defaultValue": "Standard_D2_v2", "metadata": { - "description": "F5 SKU(IMAGE) to Deploy" - }, - "type": "string", + "description": "Size of the VM" + }, + "type": "string" + }, + "imageName": { "allowedValues": [ - "Good", - "Better", + "Good", + "Better", "Best" - ] - }, + ], + "defaultValue": "Good", + "metadata": { + "description": "F5 SKU(IMAGE) to Deploy" + }, + "type": "string" + }, "licenseKey1": { - "defaultValue": "REQUIRED", - "type": "string", + "defaultValue": "REQUIRED", "metadata": { "description": "The license token for the F5 BIG-IP(BYOL)" - } - }, + }, + "type": "string" + }, "restrictedSrcAddress": { - "defaultValue": "*", - "type": "string", + "defaultValue": "*", "metadata": { "description": "Restricts management access to a specific network or address. Enter a IP address or address range in CIDR notation, or asterisk for all sources." - } - }, + }, + "type": "string" + }, "tagValues": { "defaultValue": { - "environment": "ENV", - "application": "APP", - "cost": "COST", - "group": "GROUP", + "application": "APP", + "cost": "COST", + "environment": "ENV", + "group": "GROUP", "owner": "OWNER" - }, + }, "type": "object" } - }, + }, "variables": { - "apiVersion": "2015-06-15", - "location": "[resourceGroup().location]", - "singleQuote": "'", - "f5CloudLibsTag": "v2.1.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) a6a9db3b89bbd014413706f22fa619c3717fac41fc99ffe875589c90e9b85a05cea227c134ea6e5b519c8fee0d12f2175368e75917f31f447ece3d92f31814af\n set hashes(f5-cloud-libs-aws.tar.gz) 90058095cc536a057378a90ed19c3afe0cecd9034e1d1816745bd5ad837939623fad034ebd2ee9bdf594f33358b50c50f49a18c2ee7588ba89645142f2217330\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature OmyfJKVQkBj+Ks6SdIc2+UNxM2xFCK4MGizGysivShzeRof0EFlEUTQiZveZ4v2SElofUp5DMVKiTIIkM00kZ7LnwqvLYIOztDFNAtMGwO6/B/zA8jLhkfnA2xzxu9fFgFn3OEsc8QwbfFS1AqCMyyacbbiczJycHtu3z0a/8sqCgiZtcQ4iXqBP4fz+8HKLA36U0jpmW+z0gQQUwpiC+AfFWcAarXMtmpwLzScldnaZ5RLo0MG8EGrHmXiWjndSR/Ii9b3+vnHnceD6+sw7e7LXPvz+jV9/rFyEQOA1QNpv0Cy4SJcuY9NRjV9KNdBobJ5N+h2PZBlgaIdLMACAVQ==\n}', variables('singleQuote'))]", - "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit\nfi\necho loaded verifyHash\necho verifying f5-cloud-libs.targ.gz\n/usr/bin/tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz\nif [ $? != 0 ]; then\necho f5-cloud-libs.tar.gz is not valid\nexit\nfi\necho verified f5-cloud-libs.tar.gz\necho expanding f5-cloud-libs.tar.gz\ntar xvfz /config/cloud/f5-cloud-libs.tar.gz -C /config/cloud\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", - "newStorageAccountName": "[concat(uniquestring(resourceGroup().id), 'stor')]", - "storageAccountType": "Standard_LRS", - "dnsLabel": "[toLower(parameters('dnsLabel'))]", - "instanceName": "[toLower(parameters('instanceName'))]", - "imageNameToLower": "[toLower(parameters('imageName'))]", - "skuToUse": "[concat('f5-bigip-virtual-edition-', variables('imageNameToLower'),'-byol')]", - "availabilitySetName": "[concat(variables('instanceName'), '-avset')]", - "nic1Name": "[concat(variables('instanceName'), '-mgmt1')]", - "defaultGw": "10.0.1.1", - "virtualNetworkName": "[concat(variables('instanceName'), '-vnet')]", - "vnetId": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]", - "vnetAddressPrefix": "10.0.0.0/16", - "nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-nsg'))]", - "subnet1Name": "MGMT_Frontend", - "subnet1Id": "[concat(variables('vnetId'), '/subnets/', variables('subnet1Name'))]", - "subnet1Prefix": "10.0.1.0/24", - "subnet1PrivateAddress": "10.0.1.4", - "publicIPAddressName": "[concat(variables('dnsLabel'), '-pip')]", - "publicIPAddressType": "Static", - "publicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]" - }, + "apiVersion": "2015-06-15", + "computeApiVersion": "2015-06-15", + "networkApiVersion": "2015-06-15", + "storageApiVersion": "2015-06-15", + "location": "[resourceGroup().location]", + "singleQuote": "'", + "f5CloudLibsTag": "v2.1.0", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) a6a9db3b89bbd014413706f22fa619c3717fac41fc99ffe875589c90e9b85a05cea227c134ea6e5b519c8fee0d12f2175368e75917f31f447ece3d92f31814af\n set hashes(f5-cloud-libs-aws.tar.gz) 90058095cc536a057378a90ed19c3afe0cecd9034e1d1816745bd5ad837939623fad034ebd2ee9bdf594f33358b50c50f49a18c2ee7588ba89645142f2217330\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature OmyfJKVQkBj+Ks6SdIc2+UNxM2xFCK4MGizGysivShzeRof0EFlEUTQiZveZ4v2SElofUp5DMVKiTIIkM00kZ7LnwqvLYIOztDFNAtMGwO6/B/zA8jLhkfnA2xzxu9fFgFn3OEsc8QwbfFS1AqCMyyacbbiczJycHtu3z0a/8sqCgiZtcQ4iXqBP4fz+8HKLA36U0jpmW+z0gQQUwpiC+AfFWcAarXMtmpwLzScldnaZ5RLo0MG8EGrHmXiWjndSR/Ii9b3+vnHnceD6+sw7e7LXPvz+jV9/rFyEQOA1QNpv0Cy4SJcuY9NRjV9KNdBobJ5N+h2PZBlgaIdLMACAVQ==\n}', variables('singleQuote'))]", + "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit\nfi\necho loaded verifyHash\necho verifying f5-cloud-libs.targ.gz\n/usr/bin/tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz\nif [ $? != 0 ]; then\necho f5-cloud-libs.tar.gz is not valid\nexit\nfi\necho verified f5-cloud-libs.tar.gz\necho expanding f5-cloud-libs.tar.gz\ntar xvfz /config/cloud/f5-cloud-libs.tar.gz -C /config/cloud\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", + "newStorageAccountName": "[concat(uniquestring(resourceGroup().id), 'stor')]", + "storageAccountType": "Standard_LRS", + "dnsLabel": "[toLower(parameters('dnsLabel'))]", + "imageNameToLower": "[toLower(parameters('imageName'))]", + "skuToUse": "[concat('f5-bigip-virtual-edition-', variables('imageNameToLower'),'-byol')]", + "offerToUse": "f5-big-ip", + "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", + "nicName": "[concat(variables('dnsLabel'), '-nic')]", + "defaultGw": "10.0.1.1", + "virtualNetworkName": "[concat(variables('dnsLabel'), '-vnet')]", + "vnetId": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]", + "vnetAddressPrefix": "10.0.0.0/16", + "nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-nsg'))]", + "publicIPAddressName": "[concat(variables('dnsLabel'), '-pip')]", + "publicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]", + "publicIPAddressType": "Static", + "subnetName": "[concat(variables('dnsLabel'),'-subnet')]", + "subnetId": "[concat(variables('vnetId'), '/subnets/', variables('subnetName'))]", + "subnetPrefix": "10.0.1.0/24", + "subnetPrivateAddress": "10.0.1.4", + "instanceName": "[toLower(parameters('instanceName'))]" + }, "resources": [ { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('publicIPAddressName')]", + "apiVersion": "[variables('networkApiVersion')]", + "location": "[variables('location')]", + "name": "[variables('publicIPAddressName')]", "properties": { "dnsSettings": { "domainNameLabel": "[variables('dnsLabel')]" - }, - "idleTimeoutInMinutes": 30, + }, + "idleTimeoutInMinutes": 30, "publicIPAllocationMethod": "[variables('publicIPAddressType')]" - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/publicIPAddresses" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('virtualNetworkName')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('virtualNetworkName')]", "properties": { "addressSpace": { "addressPrefixes": [ "[variables('vnetAddressPrefix')]" ] - }, + }, "subnets": [ { - "name": "[variables('subnet1Name')]", + "name": "[variables('subnetName')]", "properties": { - "addressPrefix": "[variables('subnet1Prefix')]" + "addressPrefix": "[variables('subnetPrefix')]" } } ] - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/virtualNetworks" - }, + }, { - "apiVersion": "[variables('apiVersion')]", + "apiVersion": "[variables('apiVersion')]", "dependsOn": [ - "[variables('vnetId')]", - "[variables('publicIPAddressId')]", + "[variables('vnetId')]", + "[variables('publicIPAddressId')]", "[concat('Microsoft.Network/networkSecurityGroups/', variables('dnsLabel'),'-nsg')]" - ], - "location": "[variables('location')]", - "name": "[variables('nic1Name')]", + ], + "location": "[variables('location')]", + "name": "[variables('nicName')]", "properties": { "ipConfigurations": [ { - "name": "[concat(variables('instanceName'), '-ipconfig1')]", + "name": "[concat(variables('instanceName'), '-ipconfig1')]", "properties": { "PublicIpAddress": { "Id": "[variables('publicIPAddressId')]" - }, - "privateIPAddress": "[variables('subnet1PrivateAddress')]", - "privateIPAllocationMethod": "Static", + }, + "privateIPAddress": "[variables('subnetPrivateAddress')]", + "privateIPAllocationMethod": "Static", "subnet": { - "id": "[variables('subnet1Id')]" + "id": "[variables('subnetId')]" } } } - ], + ], "networkSecurityGroup": { "id": "[variables('nsgID')]" } - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/networkInterfaces" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-nsg')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[concat(variables('dnsLabel'), '-nsg')]", "properties": { "securityRules": [ { - "name": "mgmt_allow_443", + "name": "mgmt_allow_443", "properties": { - "access": "Allow", - "description": "", - "destinationAddressPrefix": "*", - "destinationPortRange": "443", - "direction": "Inbound", - "priority": 101, - "protocol": "TCP", - "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "443", + "direction": "Inbound", + "priority": 101, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", "sourcePortRange": "*" } - }, + }, { - "name": "ssh_allow_22", + "name": "ssh_allow_22", "properties": { - "access": "Allow", - "description": "", - "destinationAddressPrefix": "*", - "destinationPortRange": "22", - "direction": "Inbound", - "priority": 102, - "protocol": "TCP", - "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "22", + "direction": "Inbound", + "priority": 102, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", "sourcePortRange": "*" } } ] - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/networkSecurityGroups" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('availabilitySetName')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('availabilitySetName')]", "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Compute/availabilitySets" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('newStorageAccountName')]", + "apiVersion": "[variables('storageApiVersion')]", + "location": "[variables('location')]", + "name": "[variables('newStorageAccountName')]", "properties": { "accountType": "[variables('storageAccountType')]" - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Storage/storageAccounts" - }, + }, { - "apiVersion": "[variables('apiVersion')]", + "apiVersion": "[variables('apiVersion')]", "dependsOn": [ - "[concat('Microsoft.Storage/storageAccounts/', variables('newStorageAccountName'))]", - "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", - "[concat('Microsoft.Network/networkInterfaces/', variables('nic1Name'))]" - ], - "location": "[variables('location')]", - "name": "[variables('instanceName')]", + "[concat('Microsoft.Storage/storageAccounts/', variables('newStorageAccountName'))]", + "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", + "[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]" + ], + "location": "[variables('location')]", + "name": "[variables('instanceName')]", "plan": { - "name": "[variables('skuToUse')]", - "product": "f5-big-ip", + "name": "[variables('skuToUse')]", + "product": "[variables('offerToUse')]", "publisher": "f5-networks" - }, + }, "properties": { "availabilitySet": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" - }, + }, "diagnosticsProfile": { "bootDiagnostics": { - "enabled": true, + "enabled": true, "storageUri": "[concat('http://',variables('newStorageAccountName'),'.blob.core.windows.net')]" } - }, + }, "hardwareProfile": { "vmSize": "[parameters('instanceType')]" - }, + }, "networkProfile": { "networkInterfaces": [ { - "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic1Name'))]", + "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]", "properties": { "primary": true } } ] - }, + }, "osProfile": { - "adminPassword": "[parameters('adminPassword')]", - "adminUsername": "[parameters('adminUsername')]", + "adminPassword": "[parameters('adminPassword')]", + "adminUsername": "[parameters('adminUsername')]", "computerName": "[variables('instanceName')]" - }, + }, "storageProfile": { "imageReference": { - "offer": "f5-big-ip", - "publisher": "f5-networks", - "sku": "[variables('skuToUse')]", + "offer": "[variables('offerToUse')]", + "publisher": "f5-networks", + "sku": "[variables('skuToUse')]", "version": "12.1.21" - }, + }, "osDisk": { - "caching": "ReadWrite", - "createOption": "FromImage", - "name": "osdisk", + "caching": "ReadWrite", + "createOption": "FromImage", + "name": "osdisk", "vhd": { "uri": "[concat('http://',variables('newStorageAccountName'), '.blob.core.windows.net/vhds/', variables('instanceName'), '.vhd')]" } } } - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Compute/virtualMachines" - }, + }, { - "apiVersion": "2016-03-30", + "apiVersion": "2016-03-30", "dependsOn": [ "[concat('Microsoft.Compute/virtualMachines/', variables('instanceName'))]" - ], - "location": "[variables('location')]", - "name": "[concat(variables('instanceName'),'/start')]", + ], + "location": "[variables('location')]", + "name": "[concat(variables('instanceName'),'/start')]", "properties": { "protectedSettings": { - "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', variables('subnet1PrivateAddress'), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('instanceName'), '.', resourceGroup().location, '.cloudapp.azure.com'), ' --license ', parameters('licenseKey1'), ' --ntp pool.ntp.org --db tmm.maxremoteloglength:2048 --module ltm:nominal --module afm:none; rm -f /config/cloud/passwd')]" - }, - "publisher": "Microsoft.Azure.Extensions", + "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', variables('subnetPrivateAddress'), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('instanceName'), '.', resourceGroup().location, '.cloudapp.azure.com'), ' --license ', parameters('licenseKey1'), ' --ntp pool.ntp.org --db tmm.maxremoteloglength:2048 --module ltm:nominal --module afm:none; rm -f /config/cloud/passwd')]" + }, + "publisher": "Microsoft.Azure.Extensions", "settings": { "fileUris": [ "[concat('https://raw.githubusercontent.com/F5Networks/f5-cloud-libs/', variables('f5CloudLibsTag'), '/dist/f5-cloud-libs.tar.gz')]" ] - }, - "type": "CustomScript", + }, + "type": "CustomScript", "typeHandlerVersion": "2.0" - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Compute/virtualMachines/extensions" } - ], + ], "outputs": { - "MGMT-URL": { - "type": "string", - "value": "[concat('https://', variables('dnsLabel'), '.', resourceGroup().location, '.cloudapp.azure.com')]" + "GUI-URL": { + "type": "string", + "value": "[concat('https://', variables('dnsLabel'), '.', resourceGroup().location, '.cloudapp.azure.com', ':443')]" + }, + "SSH-URL": { + "type": "string", + "value": "[concat(variables('dnsLabel'), '.', resourceGroup().location, '.cloudapp.azure.com', ' ',22)]" } } } \ No newline at end of file diff --git a/experimental/standalone/2nic_limited/azuredeploy.parameters.json b/experimental/standalone/1nic/BYOL/azuredeploy.parameters.json similarity index 67% rename from experimental/standalone/2nic_limited/azuredeploy.parameters.json rename to experimental/standalone/1nic/BYOL/azuredeploy.parameters.json index d3aa54f46b..e614acd560 100644 --- a/experimental/standalone/2nic_limited/azuredeploy.parameters.json +++ b/experimental/standalone/1nic/BYOL/azuredeploy.parameters.json @@ -1,37 +1,37 @@ { - "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "1.1.0.0", + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.1.2.0", "parameters": { "adminUsername": { "value": "azureuser" - }, + }, "adminPassword": { "value": "GEN_UNIQUE" - }, + }, "dnsLabel": { "value": "REQUIRED" - }, + }, "instanceName": { "value": "f5vm01" - }, + }, "instanceType": { "value": "Standard_D2_v2" - }, + }, "imageName": { "value": "Good" - }, + }, "licenseKey1": { "value": "REQUIRED" - }, + }, "restrictedSrcAddress": { "value": "*" - }, + }, "tagValues": { "value": { - "environment": "ENV", - "application": "APP", - "cost": "COST", - "group": "GROUP", + "application": "APP", + "cost": "COST", + "environment": "ENV", + "group": "GROUP", "owner": "OWNER" } } diff --git a/experimental/standalone/1nic/Deploy_via_PS.ps1 b/experimental/standalone/1nic/Deploy_via_PS.ps1 index fc5a4fda6a..2b5ca83110 100644 --- a/experimental/standalone/1nic/Deploy_via_PS.ps1 +++ b/experimental/standalone/1nic/Deploy_via_PS.ps1 @@ -1,9 +1,20 @@ -# Params below match to parameteres in the azuredeploy.json that are gen-unique, otherwsie pointing to -# the azuredeploy.parameters.json file for default values. Some options below are mandatory, some(such as deployment password for BIG IP) -# can be supplied inline when running this script but if they arent then the default will be used as specificed in below param arguments -# Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -adminPassword yourpassword -dnsLabel f51nicdeploy01 -instanceName f51nic -licenseKey1 XXXXX-XXXXX-XXXXX-XXXXX-XXXXX -resourceGroupName f51nicdeploy01 +## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## +## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some(such as region) can ## +## be supplied inline when running this script but if they aren't then the default will be used as specificed below. ## +## Example Command: .\Deploy_via_PS.ps1 -licenseType PAYG -licensedBandwidth 200m -adminUsername azureuser -adminPassword -dnsLabel -instanceName f5vm01 -instanceType Standard_D2_v2 -imageName Good -restrictedSrcAddress "*"-resourceGroupName param( + + [Parameter(Mandatory=$True)] + [string] + $licenseType, + + [string] + $licensedBandwidth = $(if($licenseType -eq "PAYG") { Read-Host -prompt "licensedBandwidth"}), + + [string] + $licenseKey1 = $(if($licenseType -eq "BYOL") { Read-Host -prompt "licenseKey1"}), + [Parameter(Mandatory=$True)] [string] $adminUsername, @@ -20,18 +31,16 @@ param( [string] $instanceName, + [Parameter(Mandatory=$True)] [string] - $instanceType = "Standard_D2_v2", - - [string] - $imageName = "Good", + $instanceType, [Parameter(Mandatory=$True)] [string] - $licenseKey1, + $imageName, [string] - $restrictedSrcAddress = "*", + $restrictedSrcAddress = "*", [Parameter(Mandatory=$True)] [string] @@ -66,7 +75,15 @@ New-AzureRmResourceGroup -Name $resourceGroupName -Location "$region" # Create Arm Deployment $pwd = ConvertTo-SecureString -String $adminPassword -AsPlainText -Force -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername "$adminUsername" -adminPassword $pwd -dnsLabel "$dnsLabel" -instanceName "$instanceName" -instanceType "$instanceType" -licenseKey1 "$licenseKey1" -restrictedSrcAddress "$restrictedSrcAddress" -imageName "$imageName" +if ($licenseType -eq "BYOL") { + if ($templateFilePath -eq "azuredeploy.json") { $templateFilePath = ".\BYOL\azuredeploy.json"; $parametersFilePath = ".\BYOL\azuredeploy.parameters.json" } + $deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername "$adminUsername" -adminPassword $pwd -dnsLabel "$dnsLabel" -instanceName "$instanceName" -instanceType "$instanceType" -imageName "$imageName" -restrictedSrcAddress "$restrictedSrcAddress" -licenseKey1 "$licenseKey1" +} elseif ($licenseType -eq "PAYG") { + if ($templateFilePath -eq "azuredeploy.json") { $templateFilePath = ".\PAYG\azuredeploy.json"; $parametersFilePath = ".\PAYG\azuredeploy.parameters.json" } + $deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername "$adminUsername" -adminPassword $pwd -dnsLabel "$dnsLabel" -instanceName "$instanceName" -instanceType "$instanceType" -imageName "$imageName" -restrictedSrcAddress "$restrictedSrcAddress" -licensedBandwidth "$licensedBandwidth" +} else { + Write-Error -Message "Uh oh, something went wrong! Please select valid license type of PAYG or BYOL." +} # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/experimental/standalone/1nic/PAYG/azuredeploy.json b/experimental/standalone/1nic/PAYG/azuredeploy.json new file mode 100644 index 0000000000..55588b2529 --- /dev/null +++ b/experimental/standalone/1nic/PAYG/azuredeploy.json @@ -0,0 +1,405 @@ +{ + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", + "contentVersion": "1.1.2.0", + "parameters": { + "adminUsername": { + "defaultValue": "azureuser", + "metadata": { + "description": "User name for the Virtual Machine." + }, + "type": "string" + }, + "adminPassword": { + "metadata": { + "description": "Password to login to the Virtual Machine." + }, + "type": "securestring" + }, + "dnsLabel": { + "defaultValue": "REQUIRED", + "metadata": { + "description": "Unique DNS Name for the Public IP used to access the Virtual Machine." + }, + "type": "string" + }, + "instanceName": { + "defaultValue": "f5vm01", + "metadata": { + "description": "Name of the VM" + }, + "type": "string" + }, + "instanceType": { + "allowedValues": [ + "Standard_A2", + "Standard_A3", + "Standard_A4", + "Standard_A9", + "Standard_A11", + "Standard_D2", + "Standard_D3", + "Standard_D4", + "Standard_D12", + "Standard_D13", + "Standard_D14", + "Standard_D2_v2", + "Standard_D3_v2", + "Standard_D4_v2", + "Standard_D5_v2", + "Standard_D12_v2", + "Standard_D13_v2", + "Standard_D14_v2", + "Standard_D15_v2", + "Standard_F2", + "Standard_F4" + ], + "defaultValue": "Standard_D2_v2", + "metadata": { + "description": "Size of the VM" + }, + "type": "string" + }, + "imageName": { + "allowedValues": [ + "Good", + "Better", + "Best" + ], + "defaultValue": "Good", + "metadata": { + "description": "F5 SKU(IMAGE) to Deploy" + }, + "type": "string" + }, + "licensedBandwidth": { + "allowedValues": [ + "25m", + "200m", + "1g" + ], + "defaultValue": "200m", + "metadata": { + "description": "PAYG licensed bandwidth to allocate for this image." + }, + "type": "string" + }, + "restrictedSrcAddress": { + "defaultValue": "*", + "metadata": { + "description": "Restricts management access to a specific network or address. Enter a IP address or address range in CIDR notation, or asterisk for all sources." + }, + "type": "string" + }, + "tagValues": { + "defaultValue": { + "application": "APP", + "cost": "COST", + "environment": "ENV", + "group": "GROUP", + "owner": "OWNER" + }, + "type": "object" + } + }, + "variables": { + "apiVersion": "2015-06-15", + "computeApiVersion": "2015-06-15", + "networkApiVersion": "2015-06-15", + "storageApiVersion": "2015-06-15", + "location": "[resourceGroup().location]", + "singleQuote": "'", + "f5CloudLibsTag": "v2.1.0", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) a6a9db3b89bbd014413706f22fa619c3717fac41fc99ffe875589c90e9b85a05cea227c134ea6e5b519c8fee0d12f2175368e75917f31f447ece3d92f31814af\n set hashes(f5-cloud-libs-aws.tar.gz) 90058095cc536a057378a90ed19c3afe0cecd9034e1d1816745bd5ad837939623fad034ebd2ee9bdf594f33358b50c50f49a18c2ee7588ba89645142f2217330\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature OmyfJKVQkBj+Ks6SdIc2+UNxM2xFCK4MGizGysivShzeRof0EFlEUTQiZveZ4v2SElofUp5DMVKiTIIkM00kZ7LnwqvLYIOztDFNAtMGwO6/B/zA8jLhkfnA2xzxu9fFgFn3OEsc8QwbfFS1AqCMyyacbbiczJycHtu3z0a/8sqCgiZtcQ4iXqBP4fz+8HKLA36U0jpmW+z0gQQUwpiC+AfFWcAarXMtmpwLzScldnaZ5RLo0MG8EGrHmXiWjndSR/Ii9b3+vnHnceD6+sw7e7LXPvz+jV9/rFyEQOA1QNpv0Cy4SJcuY9NRjV9KNdBobJ5N+h2PZBlgaIdLMACAVQ==\n}', variables('singleQuote'))]", + "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit\nfi\necho loaded verifyHash\necho verifying f5-cloud-libs.targ.gz\n/usr/bin/tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz\nif [ $? != 0 ]; then\necho f5-cloud-libs.tar.gz is not valid\nexit\nfi\necho verified f5-cloud-libs.tar.gz\necho expanding f5-cloud-libs.tar.gz\ntar xvfz /config/cloud/f5-cloud-libs.tar.gz -C /config/cloud\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", + "newStorageAccountName": "[concat(uniquestring(resourceGroup().id), 'stor')]", + "storageAccountType": "Standard_LRS", + "dnsLabel": "[toLower(parameters('dnsLabel'))]", + "imageNameToLower": "[toLower(parameters('imageName'))]", + "skuToUse": "[concat('f5-bigip-virtual-edition-', parameters('licensedBandwidth'), '-', variables('imageNameToLower'),'-hourly')]", + "offerToUse": "f5-big-ip-hourly", + "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", + "nicName": "[concat(variables('dnsLabel'), '-nic')]", + "defaultGw": "10.0.1.1", + "virtualNetworkName": "[concat(variables('dnsLabel'), '-vnet')]", + "vnetId": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]", + "vnetAddressPrefix": "10.0.0.0/16", + "nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-nsg'))]", + "publicIPAddressName": "[concat(variables('dnsLabel'), '-pip')]", + "publicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]", + "publicIPAddressType": "Static", + "subnetName": "[concat(variables('dnsLabel'),'-subnet')]", + "subnetId": "[concat(variables('vnetId'), '/subnets/', variables('subnetName'))]", + "subnetPrefix": "10.0.1.0/24", + "subnetPrivateAddress": "10.0.1.4", + "instanceName": "[toLower(parameters('instanceName'))]" + }, + "resources": [ + { + "apiVersion": "[variables('networkApiVersion')]", + "location": "[variables('location')]", + "name": "[variables('publicIPAddressName')]", + "properties": { + "dnsSettings": { + "domainNameLabel": "[variables('dnsLabel')]" + }, + "idleTimeoutInMinutes": 30, + "publicIPAllocationMethod": "[variables('publicIPAddressType')]" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/publicIPAddresses" + }, + { + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('virtualNetworkName')]", + "properties": { + "addressSpace": { + "addressPrefixes": [ + "[variables('vnetAddressPrefix')]" + ] + }, + "subnets": [ + { + "name": "[variables('subnetName')]", + "properties": { + "addressPrefix": "[variables('subnetPrefix')]" + } + } + ] + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/virtualNetworks" + }, + { + "apiVersion": "[variables('apiVersion')]", + "dependsOn": [ + "[variables('vnetId')]", + "[variables('publicIPAddressId')]", + "[concat('Microsoft.Network/networkSecurityGroups/', variables('dnsLabel'),'-nsg')]" + ], + "location": "[variables('location')]", + "name": "[variables('nicName')]", + "properties": { + "ipConfigurations": [ + { + "name": "[concat(variables('instanceName'), '-ipconfig1')]", + "properties": { + "PublicIpAddress": { + "Id": "[variables('publicIPAddressId')]" + }, + "privateIPAddress": "[variables('subnetPrivateAddress')]", + "privateIPAllocationMethod": "Static", + "subnet": { + "id": "[variables('subnetId')]" + } + } + } + ], + "networkSecurityGroup": { + "id": "[variables('nsgID')]" + } + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[concat(variables('dnsLabel'), '-nsg')]", + "properties": { + "securityRules": [ + { + "name": "mgmt_allow_443", + "properties": { + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "443", + "direction": "Inbound", + "priority": 101, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "sourcePortRange": "*" + } + }, + { + "name": "ssh_allow_22", + "properties": { + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "22", + "direction": "Inbound", + "priority": 102, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "sourcePortRange": "*" + } + } + ] + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/networkSecurityGroups" + }, + { + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('availabilitySetName')]", + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/availabilitySets" + }, + { + "apiVersion": "[variables('storageApiVersion')]", + "location": "[variables('location')]", + "name": "[variables('newStorageAccountName')]", + "properties": { + "accountType": "[variables('storageAccountType')]" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Storage/storageAccounts" + }, + { + "apiVersion": "[variables('apiVersion')]", + "dependsOn": [ + "[concat('Microsoft.Storage/storageAccounts/', variables('newStorageAccountName'))]", + "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", + "[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]" + ], + "location": "[variables('location')]", + "name": "[variables('instanceName')]", + "plan": { + "name": "[variables('skuToUse')]", + "product": "[variables('offerToUse')]", + "publisher": "f5-networks" + }, + "properties": { + "availabilitySet": { + "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "[concat('http://',variables('newStorageAccountName'),'.blob.core.windows.net')]" + } + }, + "hardwareProfile": { + "vmSize": "[parameters('instanceType')]" + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]", + "properties": { + "primary": true + } + } + ] + }, + "osProfile": { + "adminPassword": "[parameters('adminPassword')]", + "adminUsername": "[parameters('adminUsername')]", + "computerName": "[variables('instanceName')]" + }, + "storageProfile": { + "imageReference": { + "offer": "[variables('offerToUse')]", + "publisher": "f5-networks", + "sku": "[variables('skuToUse')]", + "version": "12.1.22" + }, + "osDisk": { + "caching": "ReadWrite", + "createOption": "FromImage", + "name": "osdisk", + "vhd": { + "uri": "[concat('http://',variables('newStorageAccountName'), '.blob.core.windows.net/vhds/', variables('instanceName'), '.vhd')]" + } + } + } + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/virtualMachines" + }, + { + "apiVersion": "2016-03-30", + "dependsOn": [ + "[concat('Microsoft.Compute/virtualMachines/', variables('instanceName'))]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('instanceName'),'/start')]", + "properties": { + "protectedSettings": { + "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', variables('subnetPrivateAddress'), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('instanceName'), '.', resourceGroup().location, '.cloudapp.azure.com'), ' --ntp pool.ntp.org --db tmm.maxremoteloglength:2048 --module ltm:nominal --module afm:none; rm -f /config/cloud/passwd')]" + }, + "publisher": "Microsoft.Azure.Extensions", + "settings": { + "fileUris": [ + "[concat('https://raw.githubusercontent.com/F5Networks/f5-cloud-libs/', variables('f5CloudLibsTag'), '/dist/f5-cloud-libs.tar.gz')]" + ] + }, + "type": "CustomScript", + "typeHandlerVersion": "2.0" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "outputs": { + "GUI-URL": { + "type": "string", + "value": "[concat('https://', variables('dnsLabel'), '.', resourceGroup().location, '.cloudapp.azure.com', ':443')]" + }, + "SSH-URL": { + "type": "string", + "value": "[concat(variables('dnsLabel'), '.', resourceGroup().location, '.cloudapp.azure.com', ' ',22)]" + } + } +} \ No newline at end of file diff --git a/experimental/standalone/1nic/PAYG/azuredeploy.parameters.json b/experimental/standalone/1nic/PAYG/azuredeploy.parameters.json new file mode 100644 index 0000000000..13207acd1e --- /dev/null +++ b/experimental/standalone/1nic/PAYG/azuredeploy.parameters.json @@ -0,0 +1,39 @@ +{ + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.1.2.0", + "parameters": { + "adminUsername": { + "value": "azureuser" + }, + "adminPassword": { + "value": "GEN_UNIQUE" + }, + "dnsLabel": { + "value": "REQUIRED" + }, + "instanceName": { + "value": "f5vm01" + }, + "instanceType": { + "value": "Standard_D2_v2" + }, + "imageName": { + "value": "Good" + }, + "licensedBandwidth": { + "value": "200m" + }, + "restrictedSrcAddress": { + "value": "*" + }, + "tagValues": { + "value": { + "application": "APP", + "cost": "COST", + "environment": "ENV", + "group": "GROUP", + "owner": "OWNER" + } + } + } +} \ No newline at end of file diff --git a/experimental/standalone/1nic/deploy_via_bash.sh b/experimental/standalone/1nic/deploy_via_bash.sh index f55f7413f0..70024e672d 100644 --- a/experimental/standalone/1nic/deploy_via_bash.sh +++ b/experimental/standalone/1nic/deploy_via_bash.sh @@ -1,57 +1,58 @@ #!/bin/bash -# Bash Script to deploy an ARM template into Azure, using azure cli 1.0 -# Example Command: ./deploy_via_bash.sh --adminusr azureuser --adminpwd 'yourpassword' --dnslabel f5dnslabel --instname f5vm01 --key1 XXXXX-XXXXX-XXXXX-XXXXX-XXXXX --rgname f5rgname --azureusr administrator@domain.com --azurepwd 'yourpassword' +## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## +## Example Command: ./deploy_via_bash.sh --licenseType PAYG --licensedBandwidth 200m --adminUsername azureuser --adminPassword --dnsLabel --instanceName f5vm01 --instanceType Standard_D2_v2 --imageName Good --restrictedSrcAddress "*" --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Paramters and Define Variables -# Specify static items, change these as needed or make them parameters (instance_type is already an optional paramter) +# Specify static items, change these as needed or make them parameters region="westus" -template_file="azuredeploy.json" -parameter_file="azuredeploy.parameters.json" -instance_type="Standard_D2_v2" -image_name="Best" -restricted_source_address="*" -tag_values="{\"application\":\"APP\",\"environment\":\"ENV\",\"group\":\"GROUP\",\"owner\":\"OWNER\",\"cost\":\"COST\"}" +restrictedSrcAddress="*" +tagValues='{"application":"APP","environment":"ENV","group":"GROUP","owner":"OWNER","cost":"COST"}' -ARGS=`getopt -o a:b:c:d:e:f:g:h:i:j:k: --long adminusr:,adminpwd:,dnslabel:,instname:,insttype:,imgname:,key1:,rstsrcaddr:,rgname:,azureusr:,azurepwd: -n $0 -- "$@"` +ARGS=`getopt -o a:b:c:d:e:f:g:h:i:j:k:l:m: --long resourceGroupName:,azureLoginUser:,azureLoginPassword:,licenseType:,licensedBandwidth:,licenseKey1:,adminUsername:,adminPassword:,dnsLabel:,instanceName:,instanceType:,imageName:,restrictedSrcAddress: -n $0 -- "$@"` eval set -- "$ARGS" - # Parse the command line arguments, primarily checking full params as short params are just placeholders while true; do case "$1" in - -a|--adminusr) - admin_username=$2 + -a|--resourceGroupName) + resourceGroupName=$2 + shift 2;; + -b|--azureLoginUser) + azureLoginUser=$2 + shift 2;; + -c|--azureLoginPassword) + azureLoginPassword=$2 shift 2;; - -b|--adminpwd) - admin_password=$2 + -d|--licenseType) + licenseType=$2 shift 2;; - -c|--dnslabel) - dns_label=$2 + -e|--licensedBandwidth) + licensedBandwidth=$2 shift 2;; - -d|--instname) - instance_name=$2 + -f|--licenseKey1) + licenseKey1=$2 shift 2;; - -e|--insttype) - instance_type=$2 + -g|--adminUsername) + adminUsername=$2 shift 2;; - -f|--imgname) - image_name=$2 + -h|--adminPassword) + adminPassword=$2 shift 2;; - -g|--key1) - license_key_1=$2 + -i|--dnsLabel) + dnsLabel=$2 shift 2;; - -h|--rstsrcaddr) - restricted_source_address=$2 + -j|--instanceName) + instanceName=$2 shift 2;; - -i|--rgname) - resource_group_name=$2 + -k|--instanceType) + instanceType=$2 shift 2;; - -j|--azureusr) - azure_user=$2 + -l|--imageName) + imageName=$2 shift 2;; - -k|--azurepwd) - azure_pwd=$2 + -m|--restrictedSrcAddress) + restrictedSrcAddress=$2 shift 2;; --) shift @@ -59,11 +60,8 @@ while true; do esac done -echo "Disclaimer: Scripting to Deploy F5 Solution templates into Cloud Environments are provided as examples. They will be treated as best effort for issues that occur, feedback is encouraged." -sleep 3 - #If a required paramater is not passed, the script will prompt for it below -required_variables="admin_username admin_password dns_label instance_name license_key_1 resource_group_name azure_user azure_pwd" +required_variables="adminUsername adminPassword dnsLabel instanceName instanceType imageName resourceGroupName licenseType " for variable in $required_variables do if [ -v ${!variable} ] ; then @@ -71,19 +69,46 @@ for variable in $required_variables fi done -# Login to Azure, for simplicity in this example using username and password supplied as script arguments --azureusr and --azurepwd +# Prompt for license key if not supplied and BYOL is selected +if [ $licenseType == "BYOL" ]; then + if [ -v $licenseKey1 ] ; then + read -p "Please enter value for licenseKey1:" licenseKey1 + fi + template_file="./BYOL/azuredeploy.json" + parameter_file="./BYOL/azuredeploy.parameters.json" +fi +# Prompt for license key if not supplied and PAYG is selected +if [ $licenseType == "PAYG" ]; then + if [ -v $licensedBandwidth ] ; then + read -p "Please enter value for licensedBandwidth:" licensedBandwidth + fi + template_file="./PAYG/azuredeploy.json" + parameter_file="./PAYG/azuredeploy.parameters.json" +fi + +echo "Disclaimer: Scripting to Deploy F5 Solution templates into Cloud Environments are provided as examples. They will be treated as best effort for issues that occur, feedback is encouraged." +sleep 3 + +# Login to Azure, for simplicity in this example using username and password supplied as script arguments --azureLoginUser and --azureLoginPassword # Perform Check to see if already logged in azure account show > /dev/null 2>&1 if [[ $? != 0 ]] ; then - azure login -u $azure_user -p $azure_pwd + azure login -u $azureLoginUser -p $azureLoginPassword fi # Switch to ARM mode azure config mode arm # Create ARM Group -azure group create -n $resource_group_name -l $region +azure group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file AND parameters inline via Azure CLI, # such as can been done with Powershell...oh well! -azure group deployment create -f $template_file -g $resource_group_name -n $resource_group_name -p "{\"adminUsername\":{\"value\":\"$admin_username\"},\"adminPassword\":{\"value\":\"$admin_password\"},\"dnsLabel\":{\"value\":\"$dns_label\"},\"instanceName\":{\"value\":\"$instance_name\"},\"instanceType\":{\"value\":\"$instance_type\"},\"licenseKey1\":{\"value\":\"$license_key_1\"},\"imageName\":{\"value\":\"$image_name\"},\"restrictedSrcAddress\":{\"value\":\"$restricted_source_address\"},\"tagValues\":{\"value\":$tag_values}}" +if [ $licenseType == "BYOL" ]; then + azure group deployment create -f $template_file -g $resourceGroupName -n $resourceGroupName -p "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"adminPassword\":{\"value\":\"$adminPassword\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceName\":{\"value\":\"$instanceName\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"licenseKey1\":{\"value\":\"$licenseKey1\"}}" +elif [ $licenseType == "PAYG" ]; then + azure group deployment create -f $template_file -g $resourceGroupName -n $resourceGroupName -p "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"adminPassword\":{\"value\":\"$adminPassword\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceName\":{\"value\":\"$instanceName\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"licensedBandwidth\":{\"value\":\"$licensedBandwidth\"}}" +else + echo "Uh oh, shouldn't make it here! Ensure license type is either PAYG or BYOL" + exit 1 +fi \ No newline at end of file diff --git a/experimental/standalone/1nic/readme.md b/experimental/standalone/1nic/readme.md index 912b05faa4..6ae03370a1 100644 --- a/experimental/standalone/1nic/readme.md +++ b/experimental/standalone/1nic/readme.md @@ -10,7 +10,7 @@ F5 is running with a single interface, where both management and data plane traf See the **[Configuration Example](#config)** section for a configuration diagram and description for this solution, as well as an important note about optionally changing the BIG-IP Management port. ## Security -This ARM template downloads helper code to configure the BIG-IP system. If your organization is security conscious and you want to verify the integrity of the template, you can open the template and ensure the following lines are present. See [Security Detail](#securitydetail) for the exact code. +This ARM template downloads helper code to configure the BIG-IP system. If your organization is security conscious and you want to verify the integrity of the template, you can open the template and ensure the following lines are present. See [Security Detail](#securitydetail) for the exact code. In the *variables* section: - In the *verifyHash* variable: search for **script-signature** and then a hashed signature. - In the *installCloudLibs* variable: ensure this includes **tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz**. @@ -22,7 +22,7 @@ Additionally, F5 provides checksums for all of our supported templates. For inst - For a list versions of the BIG-IP Virtual Edition (VE) and F5 licenses that are supported on specific hypervisors and Microsoft Azure, see https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ve-supported-hypervisor-matrix.html. -### Help +### Help We encourage you to use our [Slack channel](https://f5cloudsolutions.herokuapp.com) for discussion and assistance on F5 ARM templates. This channel is typically monitored Monday-Friday 9-5 PST by F5 employees who will offer best-effort support.
While this template has been created by F5 Networks, it is in the experimental directory and therefore has not completed full testing and is subject to change. F5 Networks does not offer technical support for templates in the experimental directory. For supported templates, see the templates in the **supported** directory. @@ -39,7 +39,12 @@ You have three options for deploying this template: Use this button to deploy the template: - +## BYOL + + + +## PAYG(Hourly) + @@ -62,8 +67,8 @@ Use this button to deploy the template: ```powershell # Params below match to parameters in the azuredeploy.json that are gen-unique, otherwise pointing to # the azuredeploy.parameters.json file for default values. Some options below are mandatory, some(such as deployment password for BIG IP) - # can be supplied inline when running this script but if they arent then the default will be used as specified in below param arguments - # Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -adminPassword yourpassword -dnsLabel f51nicdeploy01 -instanceName f51nic -licenseKey1 XXXXX-XXXXX-XXXXX-XXXXX-XXXXX -resourceGroupName f51nicdeploy01 -EmailTo user@f5.com + # can be supplied inline when running this script but if they arent then the default will be used as specificed in below param arguments + # Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -adminPassword yourpassword -dnsLabel f5dnslabel01 -instanceName f5vm01 -licenseType BYOL -licenseKey1 XXXXX-XXXXX-XXXXX-XXXXX-XXXXX -resourceGroupName f5rg01 param( [Parameter(Mandatory=$True)] @@ -86,11 +91,15 @@ Use this button to deploy the template: $instanceType = "Standard_D2_v2", [string] - $imageName = "Best", + $imageName = "Good", [Parameter(Mandatory=$True)] + [ValidateSet("PAYG","BYOL")] + [string] + $licenseType, + [string] - $licenseKey1, + $licenseKey1 = $(if($licenseType -eq "BYOL") { Read-Host -prompt "licenseKey1"}), [string] $restrictedSrcAddress = "*", @@ -128,10 +137,19 @@ Use this button to deploy the template: # Create Arm Deployment $pwd = ConvertTo-SecureString -String $adminPassword -AsPlainText -Force + if ($licenseType -eq "BYOL") { + if ($templateFilePath -eq "azuredeploy.json") { $templateFilePath = ".\BYOL\azuredeploy.json"; $parametersFilePath = ".\BYOL\azuredeploy.parameters.json" } $deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername "$adminUsername" -adminPassword $pwd -dnsLabel "$dnsLabel" -instanceName "$instanceName" -instanceType "$instanceType" -licenseKey1 "$licenseKey1" -restrictedSrcAddress "$restrictedSrcAddress" -imageName "$imageName" + } elseif ($licenseType -eq "PAYG") { + if ($templateFilePath -eq "azuredeploy.json") { $templateFilePath = ".\PAYG\azuredeploy.json"; $parametersFilePath = ".\PAYG\azuredeploy.parameters.json" } + $deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername "$adminUsername" -adminPassword $pwd -dnsLabel "$dnsLabel" -instanceName "$instanceName" -instanceType "$instanceType" -restrictedSrcAddress "$restrictedSrcAddress" -imageName "$imageName" + } else { + Write-Error -Message "Uh oh, shouldn't make it here! Please select valid license type..." + } # Print Output of Deployment to Console $deployment + ``` ======= @@ -142,19 +160,19 @@ Use this button to deploy the template: #!/bin/bash # Bash Script to deploy an ARM template into Azure, using azure cli 1.0 - # Example Command: ./deploy_via_bash.sh --adminusr azureuser --adminpwd 'yourpassword' --dnslabel f5dnslabel --instname f5vm01 --key1 XXXXX-XXXXX-XXXXX-XXXXX-XXXXX --rgname f5rgname --azureusr administrator@domain.com --azurepwd 'yourpassword' + # Example Command: ./deploy_via_bash.sh --adminusr azureuser --adminpwd 'yourpassword' --dnslabel f5dnslabel --instname f5vm01 --rgname f5rgname --lictype payg --azureusr administrator@domain.com --azurepwd 'yourpassword' - # Assign Script Parameters and Define Variables - # Specify static items, change these as needed or make them parameters (instance_type is already an optional parameter) + # Assign Script Paramters and Define Variables + # Specify static items, change these as needed or make them parameters (instance_type is already an optional paramter) region="westus" - template_file="azuredeploy.json" - parameter_file="azuredeploy.parameters.json" + template_file="./PAYG/azuredeploy.json" + parameter_file="./PAYG/azuredeploy.parameters.json" instance_type="Standard_D2_v2" image_name="Best" restricted_source_address="*" tag_values="{\"application\":\"APP\",\"environment\":\"ENV\",\"group\":\"GROUP\",\"owner\":\"OWNER\",\"cost\":\"COST\"}" - ARGS=`getopt -o a:b:c:d:e:f:g:h:i:j:k: --long adminusr:,adminpwd:,dnslabel:,instname:,insttype:,imgname:,key1:,rstsrcaddr:,rgname:,azureusr:,azurepwd: -n $0 -- "$@"` + ARGS=`getopt -o a:b:c:d:e:f:g:h:i:j:k:l: --long adminusr:,adminpwd:,dnslabel:,instname:,insttype:,imgname:,lictype:,key1:,rstsrcaddr:,rgname:,azureusr:,azurepwd: -n $0 -- "$@"` eval set -- "$ARGS" @@ -179,19 +197,22 @@ Use this button to deploy the template: -f|--imgname) image_name=$2 shift 2;; - -g|--key1) + -g|--lictype) + license_type=$2 + shift 2;; + -h|--key1) license_key_1=$2 shift 2;; - -h|--rstsrcaddr) + -i|--rstsrcaddr) restricted_source_address=$2 shift 2;; - -i|--rgname) + -j|--rgname) resource_group_name=$2 shift 2;; - -j|--azureusr) + -k|--azureusr) azure_user=$2 shift 2;; - -k|--azurepwd) + -l|--azurepwd) azure_pwd=$2 shift 2;; --) @@ -199,18 +220,25 @@ Use this button to deploy the template: break;; esac done - - echo "Disclaimer: Scripting to Deploy F5 Solution templates into Cloud Environments are provided as examples. They will be treated as best effort for issues that occur, feedback is encouraged." - sleep 3 - #If a required parameter is not passed, the script will prompt for it below - required_variables="admin_username admin_password dns_label instance_name license_key_1 resource_group_name azure_user azure_pwd" + required_variables="admin_username admin_password dns_label instance_name license_type resource_group_name azure_user azure_pwd" for variable in $required_variables do if [ -v ${!variable} ] ; then read -p "Please enter value for $variable:" $variable fi done + # Prompt for license key if not supplied and byol is selected + if [ $license_type == "byol" ]; then + if [ -v $license_key_1 ] ; then + read -p "Please enter value for license_key_1:" license_key_1 + fi + template_file="./BYOL/azuredeploy.json" + parameter_file="./BYOL/azuredeploy.parameters.json" + fi + + echo "Disclaimer: Scripting to Deploy F5 Solution templates into Cloud Environments are provided as examples. They will be treated as best effort for issues that occur, feedback is encouraged." + sleep 3 # Login to Azure, for simplicity in this example using username and password supplied as script arguments --azureusr and --azurepwd # Perform Check to see if already logged in @@ -227,8 +255,14 @@ Use this button to deploy the template: # Deploy ARM Template, right now cannot specify parameter file AND parameters inline via Azure CLI, # such as can been done with Powershell...oh well! - azure group deployment create -f $template_file -g $resource_group_name -n $resource_group_name -p "{\"adminUsername\":{\"value\":\"$admin_username\"},\"adminPassword\":{\"value\":\"$admin_password\"},\"dnsLabel\":{\"value\":\"$dns_label\"},\"instanceName\":{\"value\":\"$instance_name\"},\"instanceType\":{\"value\":\"$instance_type\"},\"licenseKey1\":{\"value\":\"$license_key_1\"},\"imageName\":{\"value\":\"$image_name\"},\"restrictedSrcAddress\":{\"value\":\"$restricted_source_address\"},\"tagValues\":{\"value\":$tag_values}}" - + if [ $license_type == "byol" ]; then + azure group deployment create -f $template_file -g $resource_group_name -n $resource_group_name -p "{\"adminUsername\":{\"value\":\"$admin_username\"},\"adminPassword\":{\"value\":\"$admin_password\"},\"dnsLabel\":{\"value\":\"$dns_label\"},\"instanceName\":{\"value\":\"$instance_name\"},\"instanceType\":{\"value\":\"$instance_type\"},\"licenseKey1\":{\"value\":\"$license_key_1\"},\"imageName\":{\"value\":\"$image_name\"},\"restrictedSrcAddress\":{\"value\":\"$restricted_source_address\"},\"tagValues\":{\"value\":$tag_values}}" + elif [ $license_type == "payg" ]; then + azure group deployment create -f $template_file -g $resource_group_name -n $resource_group_name -p "{\"adminUsername\":{\"value\":\"$admin_username\"},\"adminPassword\":{\"value\":\"$admin_password\"},\"dnsLabel\":{\"value\":\"$dns_label\"},\"instanceName\":{\"value\":\"$instance_name\"},\"instanceType\":{\"value\":\"$instance_type\"},\"imageName\":{\"value\":\"$image_name\"},\"restrictedSrcAddress\":{\"value\":\"$restricted_source_address\"},\"tagValues\":{\"value\":$tag_values}}" + else + echo "Uh oh, shouldn't make it here! Ensure license type is either payg or byol" + exit 1 + fi ``` ## Configuration Example @@ -238,16 +272,16 @@ The following is a simple configuration diagram for this single NIC deployment. ![Single NIC configuration example](images/azure-1nic-sm.png) ### Changing the BIG-IP Configuration Utility (GUI) port -The Management port shown in the example diagram is **443**, however you can alternatively use **8443** in your configuration if you need to use port 443 for application traffic. To change the Management port, see [Changing the Configuration utility port](https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ve-setup-msft-azure-12-0-0/2.html#GUID-3E6920CD-A8CD-456C-AC40-33469DA6922E) for instructions. -***Important***: If you perform the procedure to change the port, you must check the Azure Network Security Group associated with the interface on the BIG-IP that was deployed and adjust the ports accordingly. +The Management port shown in the example diagram is **443**, however you can alternatively use **8443** in your configuration if you need to use port 443 for application traffic. To change the Management port, see [Changing the Configuration utility port](https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ve-setup-msft-azure-12-0-0/2.html#GUID-3E6920CD-A8CD-456C-AC40-33469DA6922E) for instructions. +***Important***: If you perform the procedure to change the port, you must check the Azure Network Security Group associated with the interface on the BIG-IP that was deployed and adjust the ports accordingly. ## Documentation The ***BIG-IP Virtual Edition and Microsoft Azure: Setup*** guide (https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ve-setup-msft-azure-12-1-0.html) decribes how to create the configuration manually without using the ARM template. -## Deploying Custom Configuration to an Azure Virtual Machine +## Deploying Custom Configuration to an Azure Virtual Machine -This sample code uses the CustomScript extension resource to configure the f5.ip_forwarding iApp on BIG-IP VE in Azure Resource Manager. +This sample code uses the CustomScript extension resource to configure the f5.ip_forwarding iApp on BIG-IP VE in Azure Resource Manager. The CustomScript extension resource name must reference the Azure virtual machine name and must have a dependency on that virtual machine. You can use only one CustomScript extension resource per virtual machine; however, you can combine multiple semicolon-delimited commands in a single extension resource definition. @@ -295,7 +329,7 @@ Note the hashed script-signature may be different in your template.
## Filing Issues -If you find an issue, we would love to hear about it. +If you find an issue, we would love to hear about it. You have a choice when it comes to filing issues: - Use the **Issues** link on the GitHub menu bar in this repository for items such as enhancement or feature requests and non-urgent bug fixes. Tell us as much as you can about what you found and how you found it. - Contact F5 Technical support via your typical method for more time sensitive changes and other issues requiring immediate support. diff --git a/experimental/standalone/2nic_limited/azuredeploy.json b/experimental/standalone/2nic_limited/BYOL/azuredeploy.json similarity index 58% rename from experimental/standalone/2nic_limited/azuredeploy.json rename to experimental/standalone/2nic_limited/BYOL/azuredeploy.json index 358ba14ac5..562fbb4481 100644 --- a/experimental/standalone/2nic_limited/azuredeploy.json +++ b/experimental/standalone/2nic_limited/BYOL/azuredeploy.json @@ -1,437 +1,447 @@ { - "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "1.1.0.0", + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", + "contentVersion": "1.1.2.0", "parameters": { "adminUsername": { - "defaultValue": "azureuser", - "type": "string", + "defaultValue": "azureuser", "metadata": { "description": "User name for the Virtual Machine." - } - }, + }, + "type": "string" + }, "adminPassword": { - "type": "securestring", "metadata": { "description": "Password to login to the Virtual Machine." - } - }, + }, + "type": "securestring" + }, "dnsLabel": { - "defaultValue": "REQUIRED", - "type": "string", + "defaultValue": "REQUIRED", "metadata": { "description": "Unique DNS Name for the Public IP used to access the Virtual Machine." - } - }, + }, + "type": "string" + }, "instanceName": { - "defaultValue": "f5vm01", - "type": "string", + "defaultValue": "f5vm01", "metadata": { "description": "Name of the VM" - } - }, + }, + "type": "string" + }, "instanceType": { - "defaultValue": "Standard_D2_v2", - "metadata": { - "description": "Size of the VM" - }, - "type": "string", "allowedValues": [ - "Standard_A4", - "Standard_A9", - "Standard_A11", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_D2_v2", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_F2", + "Standard_A2", + "Standard_A3", + "Standard_A4", + "Standard_A9", + "Standard_A11", + "Standard_D2", + "Standard_D3", + "Standard_D4", + "Standard_D12", + "Standard_D13", + "Standard_D14", + "Standard_D2_v2", + "Standard_D3_v2", + "Standard_D4_v2", + "Standard_D5_v2", + "Standard_D12_v2", + "Standard_D13_v2", + "Standard_D14_v2", + "Standard_D15_v2", + "Standard_F2", "Standard_F4" - ] - }, - "imageName": { - "defaultValue": "Good", + ], + "defaultValue": "Standard_D2_v2", "metadata": { - "description": "F5 SKU(IMAGE) to Deploy" - }, - "type": "string", + "description": "Size of the VM" + }, + "type": "string" + }, + "imageName": { "allowedValues": [ - "Good", - "Better", + "Good", + "Better", "Best" - ] - }, + ], + "defaultValue": "Good", + "metadata": { + "description": "F5 SKU(IMAGE) to Deploy" + }, + "type": "string" + }, "licenseKey1": { - "defaultValue": "REQUIRED", - "type": "string", + "defaultValue": "REQUIRED", "metadata": { "description": "The license token for the F5 BIG-IP(BYOL)" - } - }, + }, + "type": "string" + }, "restrictedSrcAddress": { - "defaultValue": "*", - "type": "string", + "defaultValue": "*", "metadata": { "description": "Restricts management access to a specific network or address. Enter a IP address or address range in CIDR notation, or asterisk for all sources." - } - }, + }, + "type": "string" + }, "tagValues": { "defaultValue": { - "environment": "ENV", - "application": "APP", - "cost": "COST", - "group": "GROUP", + "application": "APP", + "cost": "COST", + "environment": "ENV", + "group": "GROUP", "owner": "OWNER" - }, + }, "type": "object" } - }, + }, "variables": { - "apiVersion": "2015-06-15", - "location": "[resourceGroup().location]", - "singleQuote": "'", - "f5CloudLibsTag": "v2.1.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) a6a9db3b89bbd014413706f22fa619c3717fac41fc99ffe875589c90e9b85a05cea227c134ea6e5b519c8fee0d12f2175368e75917f31f447ece3d92f31814af\n set hashes(f5-cloud-libs-aws.tar.gz) 90058095cc536a057378a90ed19c3afe0cecd9034e1d1816745bd5ad837939623fad034ebd2ee9bdf594f33358b50c50f49a18c2ee7588ba89645142f2217330\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature OmyfJKVQkBj+Ks6SdIc2+UNxM2xFCK4MGizGysivShzeRof0EFlEUTQiZveZ4v2SElofUp5DMVKiTIIkM00kZ7LnwqvLYIOztDFNAtMGwO6/B/zA8jLhkfnA2xzxu9fFgFn3OEsc8QwbfFS1AqCMyyacbbiczJycHtu3z0a/8sqCgiZtcQ4iXqBP4fz+8HKLA36U0jpmW+z0gQQUwpiC+AfFWcAarXMtmpwLzScldnaZ5RLo0MG8EGrHmXiWjndSR/Ii9b3+vnHnceD6+sw7e7LXPvz+jV9/rFyEQOA1QNpv0Cy4SJcuY9NRjV9KNdBobJ5N+h2PZBlgaIdLMACAVQ==\n}', variables('singleQuote'))]", - "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit\nfi\necho loaded verifyHash\necho verifying f5-cloud-libs.targ.gz\n/usr/bin/tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz\nif [ $? != 0 ]; then\necho f5-cloud-libs.tar.gz is not valid\nexit\nfi\necho verified f5-cloud-libs.tar.gz\necho expanding f5-cloud-libs.tar.gz\ntar xvfz /config/cloud/f5-cloud-libs.tar.gz -C /config/cloud\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", - "newStorageAccountName": "[concat(uniquestring(resourceGroup().id), 'stor')]", - "storageAccountType": "Standard_LRS", - "dnsLabel": "[toLower(parameters('dnsLabel'))]", - "instanceName": "[toLower(parameters('instanceName'))]", - "imageNameToLower": "[toLower(parameters('imageName'))]", - "skuToUse": "[concat('f5-bigip-virtual-edition-', variables('imageNameToLower'),'-byol')]", - "availabilitySetName": "[concat(variables('instanceName'), '-avset')]", - "nic1Name": "[concat(variables('instanceName'), '-mgmt1')]", - "defaultGw": "10.0.1.1", - "virtualNetworkName": "[concat(variables('instanceName'), '-vnet')]", - "vnetId": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]", - "vnetAddressPrefix": "10.0.0.0/16", - "nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-nsg'))]", - "subnet1Name": "MGMT_Frontend", - "subnet1Id": "[concat(variables('vnetId'), '/subnets/', variables('subnet1Name'))]", - "subnet1Prefix": "10.0.1.0/24", - "subnet1PrivateAddress": "10.0.1.4", - "publicIPAddressName": "[concat(variables('dnsLabel'), '-pip')]", - "publicIPAddressType": "Static", - "publicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]", - "subnet2Name": "Web", - "subnet2Id": "[concat(variables('vnetId'), '/subnets/', variables('subnet2Name'))]", - "subnet2Prefix": "10.0.2.0/24", - "subnet2PrivateAddress": "10.0.2.4", - "nic2Name": "[concat(variables('instanceName'), '-nic2')]" - }, + "apiVersion": "2015-06-15", + "computeApiVersion": "2015-06-15", + "networkApiVersion": "2015-06-15", + "storageApiVersion": "2015-06-15", + "location": "[resourceGroup().location]", + "singleQuote": "'", + "f5CloudLibsTag": "v2.1.0", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) a6a9db3b89bbd014413706f22fa619c3717fac41fc99ffe875589c90e9b85a05cea227c134ea6e5b519c8fee0d12f2175368e75917f31f447ece3d92f31814af\n set hashes(f5-cloud-libs-aws.tar.gz) 90058095cc536a057378a90ed19c3afe0cecd9034e1d1816745bd5ad837939623fad034ebd2ee9bdf594f33358b50c50f49a18c2ee7588ba89645142f2217330\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature OmyfJKVQkBj+Ks6SdIc2+UNxM2xFCK4MGizGysivShzeRof0EFlEUTQiZveZ4v2SElofUp5DMVKiTIIkM00kZ7LnwqvLYIOztDFNAtMGwO6/B/zA8jLhkfnA2xzxu9fFgFn3OEsc8QwbfFS1AqCMyyacbbiczJycHtu3z0a/8sqCgiZtcQ4iXqBP4fz+8HKLA36U0jpmW+z0gQQUwpiC+AfFWcAarXMtmpwLzScldnaZ5RLo0MG8EGrHmXiWjndSR/Ii9b3+vnHnceD6+sw7e7LXPvz+jV9/rFyEQOA1QNpv0Cy4SJcuY9NRjV9KNdBobJ5N+h2PZBlgaIdLMACAVQ==\n}', variables('singleQuote'))]", + "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit\nfi\necho loaded verifyHash\necho verifying f5-cloud-libs.targ.gz\n/usr/bin/tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz\nif [ $? != 0 ]; then\necho f5-cloud-libs.tar.gz is not valid\nexit\nfi\necho verified f5-cloud-libs.tar.gz\necho expanding f5-cloud-libs.tar.gz\ntar xvfz /config/cloud/f5-cloud-libs.tar.gz -C /config/cloud\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", + "newStorageAccountName": "[concat(uniquestring(resourceGroup().id), 'stor')]", + "storageAccountType": "Standard_LRS", + "dnsLabel": "[toLower(parameters('dnsLabel'))]", + "imageNameToLower": "[toLower(parameters('imageName'))]", + "skuToUse": "[concat('f5-bigip-virtual-edition-', variables('imageNameToLower'),'-byol')]", + "offerToUse": "f5-big-ip", + "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", + "nicName": "[concat(variables('dnsLabel'), '-nic')]", + "defaultGw": "10.0.1.1", + "virtualNetworkName": "[concat(variables('dnsLabel'), '-vnet')]", + "vnetId": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]", + "vnetAddressPrefix": "10.0.0.0/16", + "nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-nsg'))]", + "publicIPAddressName": "[concat(variables('dnsLabel'), '-pip')]", + "publicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]", + "publicIPAddressType": "Static", + "subnetName": "[concat(variables('dnsLabel'),'-subnet')]", + "subnetId": "[concat(variables('vnetId'), '/subnets/', variables('subnetName'))]", + "subnetPrefix": "10.0.1.0/24", + "subnetPrivateAddress": "10.0.1.4", + "instanceName": "[toLower(parameters('instanceName'))]", + "subnet2Name": "[concat(variables('dnsLabel'),'-subnet2')]", + "subnet2Id": "[concat(variables('vnetId'), '/subnets/', variables('subnet2Name'))]", + "subnet2Prefix": "10.0.2.0/24", + "subnet2PrivateAddress": "10.0.2.4", + "nic2Name": "[concat(variables('dnsLabel'), '-nic2')]" + }, "resources": [ { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('publicIPAddressName')]", + "apiVersion": "[variables('networkApiVersion')]", + "location": "[variables('location')]", + "name": "[variables('publicIPAddressName')]", "properties": { "dnsSettings": { "domainNameLabel": "[variables('dnsLabel')]" - }, - "idleTimeoutInMinutes": 30, + }, + "idleTimeoutInMinutes": 30, "publicIPAllocationMethod": "[variables('publicIPAddressType')]" - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/publicIPAddresses" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('virtualNetworkName')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('virtualNetworkName')]", "properties": { "addressSpace": { "addressPrefixes": [ "[variables('vnetAddressPrefix')]" ] - }, + }, "subnets": [ { - "name": "[variables('subnet1Name')]", + "name": "[variables('subnetName')]", "properties": { - "addressPrefix": "[variables('subnet1Prefix')]" + "addressPrefix": "[variables('subnetPrefix')]" } - }, + }, { - "name": "[variables('subnet2Name')]", + "name": "[variables('subnet2Name')]", "properties": { "addressPrefix": "[variables('subnet2Prefix')]" } } ] - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/virtualNetworks" - }, + }, { - "apiVersion": "[variables('apiVersion')]", + "apiVersion": "[variables('apiVersion')]", "dependsOn": [ - "[variables('vnetId')]", - "[variables('publicIPAddressId')]", + "[variables('vnetId')]", + "[variables('publicIPAddressId')]", "[concat('Microsoft.Network/networkSecurityGroups/', variables('dnsLabel'),'-nsg')]" - ], - "location": "[variables('location')]", - "name": "[variables('nic1Name')]", + ], + "location": "[variables('location')]", + "name": "[variables('nicName')]", "properties": { "ipConfigurations": [ { - "name": "[concat(variables('instanceName'), '-ipconfig1')]", + "name": "[concat(variables('instanceName'), '-ipconfig1')]", "properties": { "PublicIpAddress": { "Id": "[variables('publicIPAddressId')]" - }, - "privateIPAddress": "[variables('subnet1PrivateAddress')]", - "privateIPAllocationMethod": "Static", + }, + "privateIPAddress": "[variables('subnetPrivateAddress')]", + "privateIPAllocationMethod": "Static", "subnet": { - "id": "[variables('subnet1Id')]" + "id": "[variables('subnetId')]" } } } - ], + ], "networkSecurityGroup": { "id": "[variables('nsgID')]" } - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/networkInterfaces" - }, + }, { - "apiVersion": "[variables('apiVersion')]", + "apiVersion": "[variables('apiVersion')]", "dependsOn": [ "[variables('vnetId')]" - ], - "location": "[variables('location')]", - "name": "[variables('nic2Name')]", + ], + "location": "[variables('location')]", + "name": "[variables('nic2Name')]", "properties": { "ipConfigurations": [ { - "name": "[concat(variables('instanceName'), '-ipconfig2')]", + "name": "[concat(variables('instanceName'), '-ipconfig2')]", "properties": { - "privateIPAddress": "[variables('subnet2PrivateAddress')]", - "privateIPAllocationMethod": "Static", + "privateIPAddress": "[variables('subnet2PrivateAddress')]", + "privateIPAllocationMethod": "Static", "subnet": { "id": "[variables('subnet2Id')]" } } } ] - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/networkInterfaces" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-nsg')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[concat(variables('dnsLabel'), '-nsg')]", "properties": { "securityRules": [ { - "name": "mgmt_allow_443", + "name": "mgmt_allow_443", "properties": { - "access": "Allow", - "description": "", - "destinationAddressPrefix": "*", - "destinationPortRange": "443", - "direction": "Inbound", - "priority": 101, - "protocol": "TCP", - "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "443", + "direction": "Inbound", + "priority": 101, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", "sourcePortRange": "*" } - }, + }, { - "name": "ssh_allow_22", + "name": "ssh_allow_22", "properties": { - "access": "Allow", - "description": "", - "destinationAddressPrefix": "*", - "destinationPortRange": "22", - "direction": "Inbound", - "priority": 102, - "protocol": "TCP", - "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "22", + "direction": "Inbound", + "priority": 102, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", "sourcePortRange": "*" } } ] - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/networkSecurityGroups" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('availabilitySetName')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('availabilitySetName')]", "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Compute/availabilitySets" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('newStorageAccountName')]", + "apiVersion": "[variables('storageApiVersion')]", + "location": "[variables('location')]", + "name": "[variables('newStorageAccountName')]", "properties": { "accountType": "[variables('storageAccountType')]" - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Storage/storageAccounts" - }, + }, { - "apiVersion": "[variables('apiVersion')]", + "apiVersion": "[variables('apiVersion')]", "dependsOn": [ - "[concat('Microsoft.Storage/storageAccounts/', variables('newStorageAccountName'))]", - "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", - "[concat('Microsoft.Network/networkInterfaces/', variables('nic1Name'))]" - ], - "location": "[variables('location')]", - "name": "[variables('instanceName')]", + "[concat('Microsoft.Storage/storageAccounts/', variables('newStorageAccountName'))]", + "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", + "[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]" + ], + "location": "[variables('location')]", + "name": "[variables('instanceName')]", "plan": { - "name": "[variables('skuToUse')]", - "product": "f5-big-ip", + "name": "[variables('skuToUse')]", + "product": "[variables('offerToUse')]", "publisher": "f5-networks" - }, + }, "properties": { "availabilitySet": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" - }, + }, "diagnosticsProfile": { "bootDiagnostics": { - "enabled": true, + "enabled": true, "storageUri": "[concat('http://',variables('newStorageAccountName'),'.blob.core.windows.net')]" } - }, + }, "hardwareProfile": { "vmSize": "[parameters('instanceType')]" - }, + }, "networkProfile": { "networkInterfaces": [ { - "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic1Name'))]", + "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]", "properties": { "primary": true } - }, + }, { - "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic2Name'))]", + "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic2Name'))]", "properties": { "primary": false } } ] - }, + }, "osProfile": { - "adminPassword": "[parameters('adminPassword')]", - "adminUsername": "[parameters('adminUsername')]", + "adminPassword": "[parameters('adminPassword')]", + "adminUsername": "[parameters('adminUsername')]", "computerName": "[variables('instanceName')]" - }, + }, "storageProfile": { "imageReference": { - "offer": "f5-big-ip", - "publisher": "f5-networks", - "sku": "[variables('skuToUse')]", + "offer": "[variables('offerToUse')]", + "publisher": "f5-networks", + "sku": "[variables('skuToUse')]", "version": "12.1.21" - }, + }, "osDisk": { - "caching": "ReadWrite", - "createOption": "FromImage", - "name": "osdisk", + "caching": "ReadWrite", + "createOption": "FromImage", + "name": "osdisk", "vhd": { "uri": "[concat('http://',variables('newStorageAccountName'), '.blob.core.windows.net/vhds/', variables('instanceName'), '.vhd')]" } } } - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Compute/virtualMachines" - }, + }, { - "apiVersion": "2016-03-30", + "apiVersion": "2016-03-30", "dependsOn": [ "[concat('Microsoft.Compute/virtualMachines/', variables('instanceName'))]" - ], - "location": "[variables('location')]", - "name": "[concat(variables('instanceName'),'/start')]", + ], + "location": "[variables('location')]", + "name": "[concat(variables('instanceName'),'/start')]", "properties": { "protectedSettings": { - "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', variables('subnet1PrivateAddress'), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('instanceName'), '.', resourceGroup().location, '.cloudapp.azure.com'), ' --license ', parameters('licenseKey1'), ' --ntp pool.ntp.org --db tmm.maxremoteloglength:2048 --module ltm:nominal --module afm:none; f5-rest-node /config/cloud/f5-cloud-libs/scripts/network.js --output /var/log/network.log --host ', variables('subnet1PrivateAddress'), ' -u admin -p ', parameters('adminPassword'), ' --multi-nic --default-gw ', variables('defaultGw'), ' --vlan vlan_mgmt,1.0 --vlan vlan_1,1.1 --self-ip self_mgmt,', variables('subnet1PrivateAddress'), ',vlan_mgmt --self-ip self_1,', variables('subnet2PrivateAddress'), ',vlan_1 --log-level debug --background --force-reboot; rm -f /config/cloud/passwd')]" - }, - "publisher": "Microsoft.Azure.Extensions", + "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', variables('subnetPrivateAddress'), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('instanceName'), '.', resourceGroup().location, '.cloudapp.azure.com'), ' --license ', parameters('licenseKey1'), ' --ntp pool.ntp.org --db tmm.maxremoteloglength:2048 --module ltm:nominal --module afm:none; f5-rest-node /config/cloud/f5-cloud-libs/scripts/network.js --output /var/log/network.log --host ', variables('subnetPrivateAddress'), ' -u admin -p ', parameters('adminPassword'), ' --multi-nic --default-gw ', variables('defaultGw'), ' --vlan vlan_mgmt,1.0 --vlan vlan_1,1.1 --self-ip self_mgmt,', variables('subnetPrivateAddress'), ',vlan_mgmt --self-ip self_1,', variables('subnet2PrivateAddress'), ',vlan_1 --log-level debug --background --force-reboot; rm -f /config/cloud/passwd')]" + }, + "publisher": "Microsoft.Azure.Extensions", "settings": { "fileUris": [ "[concat('https://raw.githubusercontent.com/F5Networks/f5-cloud-libs/', variables('f5CloudLibsTag'), '/dist/f5-cloud-libs.tar.gz')]" ] - }, - "type": "CustomScript", + }, + "type": "CustomScript", "typeHandlerVersion": "2.0" - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Compute/virtualMachines/extensions" } - ], + ], "outputs": { - "MGMT-URL": { - "type": "string", - "value": "[concat('https://', variables('dnsLabel'), '.', resourceGroup().location, '.cloudapp.azure.com')]" + "GUI-URL": { + "type": "string", + "value": "[concat('https://', variables('dnsLabel'), '.', resourceGroup().location, '.cloudapp.azure.com', ':443')]" + }, + "SSH-URL": { + "type": "string", + "value": "[concat(variables('dnsLabel'), '.', resourceGroup().location, '.cloudapp.azure.com', ' ',22)]" } } } \ No newline at end of file diff --git a/experimental/standalone/1nic/azuredeploy.parameters.json b/experimental/standalone/2nic_limited/BYOL/azuredeploy.parameters.json similarity index 67% rename from experimental/standalone/1nic/azuredeploy.parameters.json rename to experimental/standalone/2nic_limited/BYOL/azuredeploy.parameters.json index d3aa54f46b..e614acd560 100644 --- a/experimental/standalone/1nic/azuredeploy.parameters.json +++ b/experimental/standalone/2nic_limited/BYOL/azuredeploy.parameters.json @@ -1,37 +1,37 @@ { - "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "1.1.0.0", + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.1.2.0", "parameters": { "adminUsername": { "value": "azureuser" - }, + }, "adminPassword": { "value": "GEN_UNIQUE" - }, + }, "dnsLabel": { "value": "REQUIRED" - }, + }, "instanceName": { "value": "f5vm01" - }, + }, "instanceType": { "value": "Standard_D2_v2" - }, + }, "imageName": { "value": "Good" - }, + }, "licenseKey1": { "value": "REQUIRED" - }, + }, "restrictedSrcAddress": { "value": "*" - }, + }, "tagValues": { "value": { - "environment": "ENV", - "application": "APP", - "cost": "COST", - "group": "GROUP", + "application": "APP", + "cost": "COST", + "environment": "ENV", + "group": "GROUP", "owner": "OWNER" } } diff --git a/experimental/standalone/2nic_limited/Deploy_via_PS.ps1 b/experimental/standalone/2nic_limited/Deploy_via_PS.ps1 index 4795826d8d..2b5ca83110 100644 --- a/experimental/standalone/2nic_limited/Deploy_via_PS.ps1 +++ b/experimental/standalone/2nic_limited/Deploy_via_PS.ps1 @@ -1,9 +1,20 @@ -# Params below match to parameteres in the azuredeploy.json that are gen-unique, otherwsie pointing to -# the azuredeploy.parameters.json file for default values. Some options below are mandatory, some(such as deployment password for BIG IP) -# can be supplied inline when running this script but if they arent then the default will be used as specificed in below param arguments -# Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -adminPassword yourpassword -dnsLabel f52nicdeploy01 -instanceName f52nic -licenseKey1 XXXXX-XXXXX-XXXXX-XXXXX-XXXXX -resourceGroupName f52nicdeploy01 +## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## +## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some(such as region) can ## +## be supplied inline when running this script but if they aren't then the default will be used as specificed below. ## +## Example Command: .\Deploy_via_PS.ps1 -licenseType PAYG -licensedBandwidth 200m -adminUsername azureuser -adminPassword -dnsLabel -instanceName f5vm01 -instanceType Standard_D2_v2 -imageName Good -restrictedSrcAddress "*"-resourceGroupName param( + + [Parameter(Mandatory=$True)] + [string] + $licenseType, + + [string] + $licensedBandwidth = $(if($licenseType -eq "PAYG") { Read-Host -prompt "licensedBandwidth"}), + + [string] + $licenseKey1 = $(if($licenseType -eq "BYOL") { Read-Host -prompt "licenseKey1"}), + [Parameter(Mandatory=$True)] [string] $adminUsername, @@ -20,18 +31,16 @@ param( [string] $instanceName, + [Parameter(Mandatory=$True)] [string] - $instanceType = "Standard_D2_v2", - - [string] - $imageName = "Good", + $instanceType, [Parameter(Mandatory=$True)] [string] - $licenseKey1, + $imageName, [string] - $restrictedSrcAddress = "*", + $restrictedSrcAddress = "*", [Parameter(Mandatory=$True)] [string] @@ -66,7 +75,15 @@ New-AzureRmResourceGroup -Name $resourceGroupName -Location "$region" # Create Arm Deployment $pwd = ConvertTo-SecureString -String $adminPassword -AsPlainText -Force -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername "$adminUsername" -adminPassword $pwd -dnsLabel "$dnsLabel" -instanceName "$instanceName" -instanceType "$instanceType" -licenseKey1 "$licenseKey1" -restrictedSrcAddress "$restrictedSrcAddress" -imageName "$imageName" +if ($licenseType -eq "BYOL") { + if ($templateFilePath -eq "azuredeploy.json") { $templateFilePath = ".\BYOL\azuredeploy.json"; $parametersFilePath = ".\BYOL\azuredeploy.parameters.json" } + $deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername "$adminUsername" -adminPassword $pwd -dnsLabel "$dnsLabel" -instanceName "$instanceName" -instanceType "$instanceType" -imageName "$imageName" -restrictedSrcAddress "$restrictedSrcAddress" -licenseKey1 "$licenseKey1" +} elseif ($licenseType -eq "PAYG") { + if ($templateFilePath -eq "azuredeploy.json") { $templateFilePath = ".\PAYG\azuredeploy.json"; $parametersFilePath = ".\PAYG\azuredeploy.parameters.json" } + $deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername "$adminUsername" -adminPassword $pwd -dnsLabel "$dnsLabel" -instanceName "$instanceName" -instanceType "$instanceType" -imageName "$imageName" -restrictedSrcAddress "$restrictedSrcAddress" -licensedBandwidth "$licensedBandwidth" +} else { + Write-Error -Message "Uh oh, something went wrong! Please select valid license type of PAYG or BYOL." +} # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/experimental/standalone/2nic_limited/PAYG/azuredeploy.json b/experimental/standalone/2nic_limited/PAYG/azuredeploy.json new file mode 100644 index 0000000000..e21e55ad63 --- /dev/null +++ b/experimental/standalone/2nic_limited/PAYG/azuredeploy.json @@ -0,0 +1,452 @@ +{ + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", + "contentVersion": "1.1.2.0", + "parameters": { + "adminUsername": { + "defaultValue": "azureuser", + "metadata": { + "description": "User name for the Virtual Machine." + }, + "type": "string" + }, + "adminPassword": { + "metadata": { + "description": "Password to login to the Virtual Machine." + }, + "type": "securestring" + }, + "dnsLabel": { + "defaultValue": "REQUIRED", + "metadata": { + "description": "Unique DNS Name for the Public IP used to access the Virtual Machine." + }, + "type": "string" + }, + "instanceName": { + "defaultValue": "f5vm01", + "metadata": { + "description": "Name of the VM" + }, + "type": "string" + }, + "instanceType": { + "allowedValues": [ + "Standard_A2", + "Standard_A3", + "Standard_A4", + "Standard_A9", + "Standard_A11", + "Standard_D2", + "Standard_D3", + "Standard_D4", + "Standard_D12", + "Standard_D13", + "Standard_D14", + "Standard_D2_v2", + "Standard_D3_v2", + "Standard_D4_v2", + "Standard_D5_v2", + "Standard_D12_v2", + "Standard_D13_v2", + "Standard_D14_v2", + "Standard_D15_v2", + "Standard_F2", + "Standard_F4" + ], + "defaultValue": "Standard_D2_v2", + "metadata": { + "description": "Size of the VM" + }, + "type": "string" + }, + "imageName": { + "allowedValues": [ + "Good", + "Better", + "Best" + ], + "defaultValue": "Good", + "metadata": { + "description": "F5 SKU(IMAGE) to Deploy" + }, + "type": "string" + }, + "licensedBandwidth": { + "allowedValues": [ + "25m", + "200m", + "1g" + ], + "defaultValue": "200m", + "metadata": { + "description": "PAYG licensed bandwidth to allocate for this image." + }, + "type": "string" + }, + "restrictedSrcAddress": { + "defaultValue": "*", + "metadata": { + "description": "Restricts management access to a specific network or address. Enter a IP address or address range in CIDR notation, or asterisk for all sources." + }, + "type": "string" + }, + "tagValues": { + "defaultValue": { + "application": "APP", + "cost": "COST", + "environment": "ENV", + "group": "GROUP", + "owner": "OWNER" + }, + "type": "object" + } + }, + "variables": { + "apiVersion": "2015-06-15", + "computeApiVersion": "2015-06-15", + "networkApiVersion": "2015-06-15", + "storageApiVersion": "2015-06-15", + "location": "[resourceGroup().location]", + "singleQuote": "'", + "f5CloudLibsTag": "v2.1.0", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) a6a9db3b89bbd014413706f22fa619c3717fac41fc99ffe875589c90e9b85a05cea227c134ea6e5b519c8fee0d12f2175368e75917f31f447ece3d92f31814af\n set hashes(f5-cloud-libs-aws.tar.gz) 90058095cc536a057378a90ed19c3afe0cecd9034e1d1816745bd5ad837939623fad034ebd2ee9bdf594f33358b50c50f49a18c2ee7588ba89645142f2217330\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature OmyfJKVQkBj+Ks6SdIc2+UNxM2xFCK4MGizGysivShzeRof0EFlEUTQiZveZ4v2SElofUp5DMVKiTIIkM00kZ7LnwqvLYIOztDFNAtMGwO6/B/zA8jLhkfnA2xzxu9fFgFn3OEsc8QwbfFS1AqCMyyacbbiczJycHtu3z0a/8sqCgiZtcQ4iXqBP4fz+8HKLA36U0jpmW+z0gQQUwpiC+AfFWcAarXMtmpwLzScldnaZ5RLo0MG8EGrHmXiWjndSR/Ii9b3+vnHnceD6+sw7e7LXPvz+jV9/rFyEQOA1QNpv0Cy4SJcuY9NRjV9KNdBobJ5N+h2PZBlgaIdLMACAVQ==\n}', variables('singleQuote'))]", + "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit\nfi\necho loaded verifyHash\necho verifying f5-cloud-libs.targ.gz\n/usr/bin/tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz\nif [ $? != 0 ]; then\necho f5-cloud-libs.tar.gz is not valid\nexit\nfi\necho verified f5-cloud-libs.tar.gz\necho expanding f5-cloud-libs.tar.gz\ntar xvfz /config/cloud/f5-cloud-libs.tar.gz -C /config/cloud\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", + "newStorageAccountName": "[concat(uniquestring(resourceGroup().id), 'stor')]", + "storageAccountType": "Standard_LRS", + "dnsLabel": "[toLower(parameters('dnsLabel'))]", + "imageNameToLower": "[toLower(parameters('imageName'))]", + "skuToUse": "[concat('f5-bigip-virtual-edition-', parameters('licensedBandwidth'), '-', variables('imageNameToLower'),'-hourly')]", + "offerToUse": "f5-big-ip-hourly", + "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", + "nicName": "[concat(variables('dnsLabel'), '-nic')]", + "defaultGw": "10.0.1.1", + "virtualNetworkName": "[concat(variables('dnsLabel'), '-vnet')]", + "vnetId": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]", + "vnetAddressPrefix": "10.0.0.0/16", + "nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-nsg'))]", + "publicIPAddressName": "[concat(variables('dnsLabel'), '-pip')]", + "publicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]", + "publicIPAddressType": "Static", + "subnetName": "[concat(variables('dnsLabel'),'-subnet')]", + "subnetId": "[concat(variables('vnetId'), '/subnets/', variables('subnetName'))]", + "subnetPrefix": "10.0.1.0/24", + "subnetPrivateAddress": "10.0.1.4", + "instanceName": "[toLower(parameters('instanceName'))]", + "subnet2Name": "[concat(variables('dnsLabel'),'-subnet2')]", + "subnet2Id": "[concat(variables('vnetId'), '/subnets/', variables('subnet2Name'))]", + "subnet2Prefix": "10.0.2.0/24", + "subnet2PrivateAddress": "10.0.2.4", + "nic2Name": "[concat(variables('dnsLabel'), '-nic2')]" + }, + "resources": [ + { + "apiVersion": "[variables('networkApiVersion')]", + "location": "[variables('location')]", + "name": "[variables('publicIPAddressName')]", + "properties": { + "dnsSettings": { + "domainNameLabel": "[variables('dnsLabel')]" + }, + "idleTimeoutInMinutes": 30, + "publicIPAllocationMethod": "[variables('publicIPAddressType')]" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/publicIPAddresses" + }, + { + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('virtualNetworkName')]", + "properties": { + "addressSpace": { + "addressPrefixes": [ + "[variables('vnetAddressPrefix')]" + ] + }, + "subnets": [ + { + "name": "[variables('subnetName')]", + "properties": { + "addressPrefix": "[variables('subnetPrefix')]" + } + }, + { + "name": "[variables('subnet2Name')]", + "properties": { + "addressPrefix": "[variables('subnet2Prefix')]" + } + } + ] + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/virtualNetworks" + }, + { + "apiVersion": "[variables('apiVersion')]", + "dependsOn": [ + "[variables('vnetId')]", + "[variables('publicIPAddressId')]", + "[concat('Microsoft.Network/networkSecurityGroups/', variables('dnsLabel'),'-nsg')]" + ], + "location": "[variables('location')]", + "name": "[variables('nicName')]", + "properties": { + "ipConfigurations": [ + { + "name": "[concat(variables('instanceName'), '-ipconfig1')]", + "properties": { + "PublicIpAddress": { + "Id": "[variables('publicIPAddressId')]" + }, + "privateIPAddress": "[variables('subnetPrivateAddress')]", + "privateIPAllocationMethod": "Static", + "subnet": { + "id": "[variables('subnetId')]" + } + } + } + ], + "networkSecurityGroup": { + "id": "[variables('nsgID')]" + } + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "[variables('apiVersion')]", + "dependsOn": [ + "[variables('vnetId')]" + ], + "location": "[variables('location')]", + "name": "[variables('nic2Name')]", + "properties": { + "ipConfigurations": [ + { + "name": "[concat(variables('instanceName'), '-ipconfig2')]", + "properties": { + "privateIPAddress": "[variables('subnet2PrivateAddress')]", + "privateIPAllocationMethod": "Static", + "subnet": { + "id": "[variables('subnet2Id')]" + } + } + } + ] + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/networkInterfaces" + }, + { + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[concat(variables('dnsLabel'), '-nsg')]", + "properties": { + "securityRules": [ + { + "name": "mgmt_allow_443", + "properties": { + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "443", + "direction": "Inbound", + "priority": 101, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "sourcePortRange": "*" + } + }, + { + "name": "ssh_allow_22", + "properties": { + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "22", + "direction": "Inbound", + "priority": 102, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "sourcePortRange": "*" + } + } + ] + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Network/networkSecurityGroups" + }, + { + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('availabilitySetName')]", + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/availabilitySets" + }, + { + "apiVersion": "[variables('storageApiVersion')]", + "location": "[variables('location')]", + "name": "[variables('newStorageAccountName')]", + "properties": { + "accountType": "[variables('storageAccountType')]" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Storage/storageAccounts" + }, + { + "apiVersion": "[variables('apiVersion')]", + "dependsOn": [ + "[concat('Microsoft.Storage/storageAccounts/', variables('newStorageAccountName'))]", + "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", + "[concat('Microsoft.Network/networkInterfaces/', variables('nicName'))]" + ], + "location": "[variables('location')]", + "name": "[variables('instanceName')]", + "plan": { + "name": "[variables('skuToUse')]", + "product": "[variables('offerToUse')]", + "publisher": "f5-networks" + }, + "properties": { + "availabilitySet": { + "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" + }, + "diagnosticsProfile": { + "bootDiagnostics": { + "enabled": true, + "storageUri": "[concat('http://',variables('newStorageAccountName'),'.blob.core.windows.net')]" + } + }, + "hardwareProfile": { + "vmSize": "[parameters('instanceType')]" + }, + "networkProfile": { + "networkInterfaces": [ + { + "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nicName'))]", + "properties": { + "primary": true + } + }, + { + "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic2Name'))]", + "properties": { + "primary": false + } + } + ] + }, + "osProfile": { + "adminPassword": "[parameters('adminPassword')]", + "adminUsername": "[parameters('adminUsername')]", + "computerName": "[variables('instanceName')]" + }, + "storageProfile": { + "imageReference": { + "offer": "[variables('offerToUse')]", + "publisher": "f5-networks", + "sku": "[variables('skuToUse')]", + "version": "12.1.22" + }, + "osDisk": { + "caching": "ReadWrite", + "createOption": "FromImage", + "name": "osdisk", + "vhd": { + "uri": "[concat('http://',variables('newStorageAccountName'), '.blob.core.windows.net/vhds/', variables('instanceName'), '.vhd')]" + } + } + } + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/virtualMachines" + }, + { + "apiVersion": "2016-03-30", + "dependsOn": [ + "[concat('Microsoft.Compute/virtualMachines/', variables('instanceName'))]" + ], + "location": "[variables('location')]", + "name": "[concat(variables('instanceName'),'/start')]", + "properties": { + "protectedSettings": { + "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', variables('subnetPrivateAddress'), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('instanceName'), '.', resourceGroup().location, '.cloudapp.azure.com'), ' --ntp pool.ntp.org --db tmm.maxremoteloglength:2048 --module ltm:nominal --module afm:none; f5-rest-node /config/cloud/f5-cloud-libs/scripts/network.js --output /var/log/network.log --host ', variables('subnetPrivateAddress'), ' -u admin -p ', parameters('adminPassword'), ' --multi-nic --default-gw ', variables('defaultGw'), ' --vlan vlan_mgmt,1.0 --vlan vlan_1,1.1 --self-ip self_mgmt,', variables('subnetPrivateAddress'), ',vlan_mgmt --self-ip self_1,', variables('subnet2PrivateAddress'), ',vlan_1 --log-level debug --background --force-reboot; rm -f /config/cloud/passwd')]" + }, + "publisher": "Microsoft.Azure.Extensions", + "settings": { + "fileUris": [ + "[concat('https://raw.githubusercontent.com/F5Networks/f5-cloud-libs/', variables('f5CloudLibsTag'), '/dist/f5-cloud-libs.tar.gz')]" + ] + }, + "type": "CustomScript", + "typeHandlerVersion": "2.0" + }, + "tags": { + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", + "owner": "[parameters('tagValues').owner]" + }, + "type": "Microsoft.Compute/virtualMachines/extensions" + } + ], + "outputs": { + "GUI-URL": { + "type": "string", + "value": "[concat('https://', variables('dnsLabel'), '.', resourceGroup().location, '.cloudapp.azure.com', ':443')]" + }, + "SSH-URL": { + "type": "string", + "value": "[concat(variables('dnsLabel'), '.', resourceGroup().location, '.cloudapp.azure.com', ' ',22)]" + } + } +} \ No newline at end of file diff --git a/experimental/standalone/2nic_limited/PAYG/azuredeploy.parameters.json b/experimental/standalone/2nic_limited/PAYG/azuredeploy.parameters.json new file mode 100644 index 0000000000..13207acd1e --- /dev/null +++ b/experimental/standalone/2nic_limited/PAYG/azuredeploy.parameters.json @@ -0,0 +1,39 @@ +{ + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.1.2.0", + "parameters": { + "adminUsername": { + "value": "azureuser" + }, + "adminPassword": { + "value": "GEN_UNIQUE" + }, + "dnsLabel": { + "value": "REQUIRED" + }, + "instanceName": { + "value": "f5vm01" + }, + "instanceType": { + "value": "Standard_D2_v2" + }, + "imageName": { + "value": "Good" + }, + "licensedBandwidth": { + "value": "200m" + }, + "restrictedSrcAddress": { + "value": "*" + }, + "tagValues": { + "value": { + "application": "APP", + "cost": "COST", + "environment": "ENV", + "group": "GROUP", + "owner": "OWNER" + } + } + } +} \ No newline at end of file diff --git a/experimental/standalone/2nic_limited/deploy_via_bash.sh b/experimental/standalone/2nic_limited/deploy_via_bash.sh index f55f7413f0..70024e672d 100644 --- a/experimental/standalone/2nic_limited/deploy_via_bash.sh +++ b/experimental/standalone/2nic_limited/deploy_via_bash.sh @@ -1,57 +1,58 @@ #!/bin/bash -# Bash Script to deploy an ARM template into Azure, using azure cli 1.0 -# Example Command: ./deploy_via_bash.sh --adminusr azureuser --adminpwd 'yourpassword' --dnslabel f5dnslabel --instname f5vm01 --key1 XXXXX-XXXXX-XXXXX-XXXXX-XXXXX --rgname f5rgname --azureusr administrator@domain.com --azurepwd 'yourpassword' +## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## +## Example Command: ./deploy_via_bash.sh --licenseType PAYG --licensedBandwidth 200m --adminUsername azureuser --adminPassword --dnsLabel --instanceName f5vm01 --instanceType Standard_D2_v2 --imageName Good --restrictedSrcAddress "*" --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Paramters and Define Variables -# Specify static items, change these as needed or make them parameters (instance_type is already an optional paramter) +# Specify static items, change these as needed or make them parameters region="westus" -template_file="azuredeploy.json" -parameter_file="azuredeploy.parameters.json" -instance_type="Standard_D2_v2" -image_name="Best" -restricted_source_address="*" -tag_values="{\"application\":\"APP\",\"environment\":\"ENV\",\"group\":\"GROUP\",\"owner\":\"OWNER\",\"cost\":\"COST\"}" +restrictedSrcAddress="*" +tagValues='{"application":"APP","environment":"ENV","group":"GROUP","owner":"OWNER","cost":"COST"}' -ARGS=`getopt -o a:b:c:d:e:f:g:h:i:j:k: --long adminusr:,adminpwd:,dnslabel:,instname:,insttype:,imgname:,key1:,rstsrcaddr:,rgname:,azureusr:,azurepwd: -n $0 -- "$@"` +ARGS=`getopt -o a:b:c:d:e:f:g:h:i:j:k:l:m: --long resourceGroupName:,azureLoginUser:,azureLoginPassword:,licenseType:,licensedBandwidth:,licenseKey1:,adminUsername:,adminPassword:,dnsLabel:,instanceName:,instanceType:,imageName:,restrictedSrcAddress: -n $0 -- "$@"` eval set -- "$ARGS" - # Parse the command line arguments, primarily checking full params as short params are just placeholders while true; do case "$1" in - -a|--adminusr) - admin_username=$2 + -a|--resourceGroupName) + resourceGroupName=$2 + shift 2;; + -b|--azureLoginUser) + azureLoginUser=$2 + shift 2;; + -c|--azureLoginPassword) + azureLoginPassword=$2 shift 2;; - -b|--adminpwd) - admin_password=$2 + -d|--licenseType) + licenseType=$2 shift 2;; - -c|--dnslabel) - dns_label=$2 + -e|--licensedBandwidth) + licensedBandwidth=$2 shift 2;; - -d|--instname) - instance_name=$2 + -f|--licenseKey1) + licenseKey1=$2 shift 2;; - -e|--insttype) - instance_type=$2 + -g|--adminUsername) + adminUsername=$2 shift 2;; - -f|--imgname) - image_name=$2 + -h|--adminPassword) + adminPassword=$2 shift 2;; - -g|--key1) - license_key_1=$2 + -i|--dnsLabel) + dnsLabel=$2 shift 2;; - -h|--rstsrcaddr) - restricted_source_address=$2 + -j|--instanceName) + instanceName=$2 shift 2;; - -i|--rgname) - resource_group_name=$2 + -k|--instanceType) + instanceType=$2 shift 2;; - -j|--azureusr) - azure_user=$2 + -l|--imageName) + imageName=$2 shift 2;; - -k|--azurepwd) - azure_pwd=$2 + -m|--restrictedSrcAddress) + restrictedSrcAddress=$2 shift 2;; --) shift @@ -59,11 +60,8 @@ while true; do esac done -echo "Disclaimer: Scripting to Deploy F5 Solution templates into Cloud Environments are provided as examples. They will be treated as best effort for issues that occur, feedback is encouraged." -sleep 3 - #If a required paramater is not passed, the script will prompt for it below -required_variables="admin_username admin_password dns_label instance_name license_key_1 resource_group_name azure_user azure_pwd" +required_variables="adminUsername adminPassword dnsLabel instanceName instanceType imageName resourceGroupName licenseType " for variable in $required_variables do if [ -v ${!variable} ] ; then @@ -71,19 +69,46 @@ for variable in $required_variables fi done -# Login to Azure, for simplicity in this example using username and password supplied as script arguments --azureusr and --azurepwd +# Prompt for license key if not supplied and BYOL is selected +if [ $licenseType == "BYOL" ]; then + if [ -v $licenseKey1 ] ; then + read -p "Please enter value for licenseKey1:" licenseKey1 + fi + template_file="./BYOL/azuredeploy.json" + parameter_file="./BYOL/azuredeploy.parameters.json" +fi +# Prompt for license key if not supplied and PAYG is selected +if [ $licenseType == "PAYG" ]; then + if [ -v $licensedBandwidth ] ; then + read -p "Please enter value for licensedBandwidth:" licensedBandwidth + fi + template_file="./PAYG/azuredeploy.json" + parameter_file="./PAYG/azuredeploy.parameters.json" +fi + +echo "Disclaimer: Scripting to Deploy F5 Solution templates into Cloud Environments are provided as examples. They will be treated as best effort for issues that occur, feedback is encouraged." +sleep 3 + +# Login to Azure, for simplicity in this example using username and password supplied as script arguments --azureLoginUser and --azureLoginPassword # Perform Check to see if already logged in azure account show > /dev/null 2>&1 if [[ $? != 0 ]] ; then - azure login -u $azure_user -p $azure_pwd + azure login -u $azureLoginUser -p $azureLoginPassword fi # Switch to ARM mode azure config mode arm # Create ARM Group -azure group create -n $resource_group_name -l $region +azure group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file AND parameters inline via Azure CLI, # such as can been done with Powershell...oh well! -azure group deployment create -f $template_file -g $resource_group_name -n $resource_group_name -p "{\"adminUsername\":{\"value\":\"$admin_username\"},\"adminPassword\":{\"value\":\"$admin_password\"},\"dnsLabel\":{\"value\":\"$dns_label\"},\"instanceName\":{\"value\":\"$instance_name\"},\"instanceType\":{\"value\":\"$instance_type\"},\"licenseKey1\":{\"value\":\"$license_key_1\"},\"imageName\":{\"value\":\"$image_name\"},\"restrictedSrcAddress\":{\"value\":\"$restricted_source_address\"},\"tagValues\":{\"value\":$tag_values}}" +if [ $licenseType == "BYOL" ]; then + azure group deployment create -f $template_file -g $resourceGroupName -n $resourceGroupName -p "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"adminPassword\":{\"value\":\"$adminPassword\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceName\":{\"value\":\"$instanceName\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"licenseKey1\":{\"value\":\"$licenseKey1\"}}" +elif [ $licenseType == "PAYG" ]; then + azure group deployment create -f $template_file -g $resourceGroupName -n $resourceGroupName -p "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"adminPassword\":{\"value\":\"$adminPassword\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceName\":{\"value\":\"$instanceName\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"licensedBandwidth\":{\"value\":\"$licensedBandwidth\"}}" +else + echo "Uh oh, shouldn't make it here! Ensure license type is either PAYG or BYOL" + exit 1 +fi \ No newline at end of file diff --git a/experimental/standalone/2nic_limited/readme.md b/experimental/standalone/2nic_limited/readme.md index ce15288495..90bbb54e43 100644 --- a/experimental/standalone/2nic_limited/readme.md +++ b/experimental/standalone/2nic_limited/readme.md @@ -9,7 +9,7 @@ This solution uses an ARM template to launch a 2-NIC deployment of a cloud-focus See the **[Configuration Example](#config)** section for a configuration diagram and description for this solution, as well as an important note about optionally changing the BIG-IP Management port. ## Security -This ARM template downloads helper code to configure the BIG-IP system. If your organization is security conscious and you want to verify the integrity of the template, you can open the template and ensure the following lines are present. See [Security Detail](#securitydetail) for the exact code. +This ARM template downloads helper code to configure the BIG-IP system. If your organization is security conscious and you want to verify the integrity of the template, you can open the template and ensure the following lines are present. See [Security Detail](#securitydetail) for the exact code. In the *variables* section: - In the *verifyHash* variable: search for **script-signature** and then a hashed signature. @@ -22,7 +22,7 @@ Additionally, F5 provides checksums for all of our supported templates. For inst - For a list versions of the BIG-IP Virtual Edition (VE) and F5 licenses that are supported on specific hypervisors and Microsoft Azure, see https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ve-supported-hypervisor-matrix.html. -### Help +### Help We encourage you to use our [Slack channel](https://f5cloudsolutions.herokuapp.com) for discussion and assistance on F5 ARM templates. This channel is typically monitored Monday-Friday 9-5 PST by F5 employees who will offer best-effort support.
While this template has been created by F5 Networks, it is in the experimental directory and therefore has not completed full testing and is subject to change. F5 Networks does not offer technical support for templates in the experimental directory. For supported templates, see the templates in the **supported** directory. @@ -39,8 +39,15 @@ You have three options for deploying this template: Use this button to deploy the template: - +## BYOL + + +## PAYG(Hourly) + + + + ### Template parameters @@ -62,8 +69,8 @@ Use this button to deploy the template: ```powershell # Params below match to parameters in the azuredeploy.json that are gen-unique, otherwise pointing to # the azuredeploy.parameters.json file for default values. Some options below are mandatory, some(such as deployment password for BIG IP) - # can be supplied inline when running this script but if they arent then the default will be used as specified in below param arguments - # Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -adminPassword yourpassword -dnsLabel f52nicdeploy01 -instanceName f52nic -licenseKey1 XXXXX-XXXXX-XXXXX-XXXXX-XXXXX -resourceGroupName f52nicdeploy01 -EmailTo user@f5.com + # can be supplied inline when running this script but if they arent then the default will be used as specificed in below param arguments + # Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -adminPassword yourpassword -dnsLabel f5dnslabel01 -instanceName f5vm01 -licenseType BYOL -licenseKey1 XXXXX-XXXXX-XXXXX-XXXXX-XXXXX -resourceGroupName f5rg01 param( [Parameter(Mandatory=$True)] @@ -86,11 +93,15 @@ Use this button to deploy the template: $instanceType = "Standard_D2_v2", [string] - $imageName = "Best", + $imageName = "Good", [Parameter(Mandatory=$True)] + [ValidateSet("PAYG","BYOL")] [string] - $licenseKey1, + $licenseType, + + [string] + $licenseKey1 = $(if($licenseType -eq "BYOL") { Read-Host -prompt "licenseKey1"}), [string] $restrictedSrcAddress = "*", @@ -128,10 +139,19 @@ Use this button to deploy the template: # Create Arm Deployment $pwd = ConvertTo-SecureString -String $adminPassword -AsPlainText -Force + if ($licenseType -eq "BYOL") { + if ($templateFilePath -eq "azuredeploy.json") { $templateFilePath = ".\BYOL\azuredeploy.json"; $parametersFilePath = ".\BYOL\azuredeploy.parameters.json" } $deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername "$adminUsername" -adminPassword $pwd -dnsLabel "$dnsLabel" -instanceName "$instanceName" -instanceType "$instanceType" -licenseKey1 "$licenseKey1" -restrictedSrcAddress "$restrictedSrcAddress" -imageName "$imageName" + } elseif ($licenseType -eq "PAYG") { + if ($templateFilePath -eq "azuredeploy.json") { $templateFilePath = ".\PAYG\azuredeploy.json"; $parametersFilePath = ".\PAYG\azuredeploy.parameters.json" } + $deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername "$adminUsername" -adminPassword $pwd -dnsLabel "$dnsLabel" -instanceName "$instanceName" -instanceType "$instanceType" -restrictedSrcAddress "$restrictedSrcAddress" -imageName "$imageName" + } else { + Write-Error -Message "Uh oh, shouldn't make it here! Please select valid license type..." + } # Print Output of Deployment to Console $deployment + ``` ======= @@ -142,19 +162,19 @@ Use this button to deploy the template: #!/bin/bash # Bash Script to deploy an ARM template into Azure, using azure cli 1.0 - # Example Command: ./deploy_via_bash.sh --adminusr azureuser --adminpwd 'yourpassword' --dnslabel f5dnslabel --instname f5vm01 --key1 XXXXX-XXXXX-XXXXX-XXXXX-XXXXX --rgname f5rgname --azureusr administrator@domain.com --azurepwd 'yourpassword' + # Example Command: ./deploy_via_bash.sh --adminusr azureuser --adminpwd 'yourpassword' --dnslabel f5dnslabel --instname f5vm01 --rgname f5rgname --lictype payg --azureusr administrator@domain.com --azurepwd 'yourpassword' - # Assign Script Parameters and Define Variables + # Assign Script Paramters and Define Variables # Specify static items, change these as needed or make them parameters (instance_type is already an optional paramter) region="westus" - template_file="azuredeploy.json" - parameter_file="azuredeploy.parameters.json" + template_file="./PAYG/azuredeploy.json" + parameter_file="./PAYG/azuredeploy.parameters.json" instance_type="Standard_D2_v2" image_name="Best" restricted_source_address="*" tag_values="{\"application\":\"APP\",\"environment\":\"ENV\",\"group\":\"GROUP\",\"owner\":\"OWNER\",\"cost\":\"COST\"}" - ARGS=`getopt -o a:b:c:d:e:f:g:h:i:j:k: --long adminusr:,adminpwd:,dnslabel:,instname:,insttype:,imgname:,key1:,rstsrcaddr:,rgname:,azureusr:,azurepwd: -n $0 -- "$@"` + ARGS=`getopt -o a:b:c:d:e:f:g:h:i:j:k:l: --long adminusr:,adminpwd:,dnslabel:,instname:,insttype:,imgname:,lictype:,key1:,rstsrcaddr:,rgname:,azureusr:,azurepwd: -n $0 -- "$@"` eval set -- "$ARGS" @@ -179,19 +199,22 @@ Use this button to deploy the template: -f|--imgname) image_name=$2 shift 2;; - -g|--key1) + -g|--lictype) + license_type=$2 + shift 2;; + -h|--key1) license_key_1=$2 shift 2;; - -h|--rstsrcaddr) + -i|--rstsrcaddr) restricted_source_address=$2 shift 2;; - -i|--rgname) + -j|--rgname) resource_group_name=$2 shift 2;; - -j|--azureusr) + -k|--azureusr) azure_user=$2 shift 2;; - -k|--azurepwd) + -l|--azurepwd) azure_pwd=$2 shift 2;; --) @@ -199,18 +222,25 @@ Use this button to deploy the template: break;; esac done - - echo "Disclaimer: Scripting to Deploy F5 Solution templates into Cloud Environments are provided as examples. They will be treated as best effort for issues that occur, feedback is encouraged." - sleep 3 - #If a required parameter is not passed, the script will prompt for it below - required_variables="admin_username admin_password dns_label instance_name license_key_1 resource_group_name azure_user azure_pwd" + required_variables="admin_username admin_password dns_label instance_name license_type resource_group_name azure_user azure_pwd" for variable in $required_variables do if [ -v ${!variable} ] ; then read -p "Please enter value for $variable:" $variable fi done + # Prompt for license key if not supplied and byol is selected + if [ $license_type == "byol" ]; then + if [ -v $license_key_1 ] ; then + read -p "Please enter value for license_key_1:" license_key_1 + fi + template_file="./BYOL/azuredeploy.json" + parameter_file="./BYOL/azuredeploy.parameters.json" + fi + + echo "Disclaimer: Scripting to Deploy F5 Solution templates into Cloud Environments are provided as examples. They will be treated as best effort for issues that occur, feedback is encouraged." + sleep 3 # Login to Azure, for simplicity in this example using username and password supplied as script arguments --azureusr and --azurepwd # Perform Check to see if already logged in @@ -227,12 +257,17 @@ Use this button to deploy the template: # Deploy ARM Template, right now cannot specify parameter file AND parameters inline via Azure CLI, # such as can been done with Powershell...oh well! - azure group deployment create -f $template_file -g $resource_group_name -n $resource_group_name -p "{\"adminUsername\":{\"value\":\"$admin_username\"},\"adminPassword\":{\"value\":\"$admin_password\"},\"dnsLabel\":{\"value\":\"$dns_label\"},\"instanceName\":{\"value\":\"$instance_name\"},\"instanceType\":{\"value\":\"$instance_type\"},\"licenseKey1\":{\"value\":\"$license_key_1\"},\"imageName\":{\"value\":\"$image_name\"},\"restrictedSrcAddress\":{\"value\":\"$restricted_source_address\"},\"tagValues\":{\"value\":$tag_values}}" - - + if [ $license_type == "byol" ]; then + azure group deployment create -f $template_file -g $resource_group_name -n $resource_group_name -p "{\"adminUsername\":{\"value\":\"$admin_username\"},\"adminPassword\":{\"value\":\"$admin_password\"},\"dnsLabel\":{\"value\":\"$dns_label\"},\"instanceName\":{\"value\":\"$instance_name\"},\"instanceType\":{\"value\":\"$instance_type\"},\"licenseKey1\":{\"value\":\"$license_key_1\"},\"imageName\":{\"value\":\"$image_name\"},\"restrictedSrcAddress\":{\"value\":\"$restricted_source_address\"},\"tagValues\":{\"value\":$tag_values}}" + elif [ $license_type == "payg" ]; then + azure group deployment create -f $template_file -g $resource_group_name -n $resource_group_name -p "{\"adminUsername\":{\"value\":\"$admin_username\"},\"adminPassword\":{\"value\":\"$admin_password\"},\"dnsLabel\":{\"value\":\"$dns_label\"},\"instanceName\":{\"value\":\"$instance_name\"},\"instanceType\":{\"value\":\"$instance_type\"},\"imageName\":{\"value\":\"$image_name\"},\"restrictedSrcAddress\":{\"value\":\"$restricted_source_address\"},\"tagValues\":{\"value\":$tag_values}}" + else + echo "Uh oh, shouldn't make it here! Ensure license type is either payg or byol" + exit 1 + fi ``` -## Configuration Example +## Configuration Example The following is a simple configuration diagram for this 2 NIC deployment. In a 2 NIC scenario, one NIC is external and the other is internal. It is important to remember that you continue to have only one public IP address, and the external NIC is shared between management and data plane traffic. In this example, the External VLAN uses **eth0** and the Internal VLAN uses **eth1**. @@ -240,15 +275,15 @@ In this example, the External VLAN uses **eth0** and the Internal VLAN uses **et ![2 NIC configuration example](images/azure-2nic-sm.png) ### Changing the BIG-IP Configuration Utility (GUI) port -The Management port shown in the example diagram is **443**, however you can alternatively use **8443** in your configuration if you need to use port 443 for application traffic. To change the Management port, see [Changing the Configuration utility port](https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ve-setup-msft-azure-12-0-0/2.html#GUID-3E6920CD-A8CD-456C-AC40-33469DA6922E) for instructions. -***Important***: If you perform the procedure to change the port, you must check the Azure Network Security Group associated with the interface on the BIG-IP that was deployed and adjust the ports accordingly. +The Management port shown in the example diagram is **443**, however you can alternatively use **8443** in your configuration if you need to use port 443 for application traffic. To change the Management port, see [Changing the Configuration utility port](https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ve-setup-msft-azure-12-0-0/2.html#GUID-3E6920CD-A8CD-456C-AC40-33469DA6922E) for instructions. +***Important***: If you perform the procedure to change the port, you must check the Azure Network Security Group associated with the interface on the BIG-IP that was deployed and adjust the ports accordingly. ## Documentation The ***BIG-IP Virtual Edition and Microsoft Azure: Setup*** guide (https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ve-setup-msft-azure-12-1-0/4.html) decribes how to create the configuration manually without using the ARM template. -## Deploying Custom Configuration to an Azure Virtual Machine +## Deploying Custom Configuration to an Azure Virtual Machine -This sample code uses the CustomScript extension resource to configure the f5.ip_forwarding iApp on BIG-IP VE in Azure Resource Manager. +This sample code uses the CustomScript extension resource to configure the f5.ip_forwarding iApp on BIG-IP VE in Azure Resource Manager. The CustomScript extension resource name must reference the Azure virtual machine name and must have a dependency on that virtual machine. You can use only one CustomScript extension resource per virtual machine; however, you can combine multiple semicolon-delimited commands in a single extension resource definition. @@ -295,7 +330,7 @@ Note the hashed script-signature may be different in your template.
## Filing Issues -If you find an issue, we would love to hear about it. +If you find an issue, we would love to hear about it. You have a choice when it comes to filing issues: - Use the **Issues** link on the GitHub menu bar in this repository for items such as enhancement or feature requests and non-urgent bug fixes. Tell us as much as you can about what you found and how you found it. - Contact F5 Technical support via your typical method for more time sensitive changes and other issues requiring immediate support. diff --git a/supported/cluster/1nic/azuredeploy.json b/supported/cluster/1nic/azuredeploy.json index 8dfac1bfc9..13778f0e06 100644 --- a/supported/cluster/1nic/azuredeploy.json +++ b/supported/cluster/1nic/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", - "contentVersion": "1.1.0.0", + "contentVersion": "1.1.2.0", "parameters": { "solutionDeploymentName": { "type": "string", diff --git a/supported/cluster/1nic/azuredeploy.parameters.json b/supported/cluster/1nic/azuredeploy.parameters.json index b169a81ce1..89d194b4f8 100644 --- a/supported/cluster/1nic/azuredeploy.parameters.json +++ b/supported/cluster/1nic/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "1.1.0.0", + "contentVersion": "1.1.2.0", "parameters": { "solutionDeploymentName": { "value": "GEN-UNIQUE" diff --git a/supported/standalone/1nic/azuredeploy.json b/supported/standalone/1nic/azuredeploy.json index 900723a63f..58a73f0ab2 100644 --- a/supported/standalone/1nic/azuredeploy.json +++ b/supported/standalone/1nic/azuredeploy.json @@ -1,389 +1,389 @@ { - "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "1.1.0.0", + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", + "contentVersion": "1.1.2.0", "parameters": { "adminUsername": { - "defaultValue": "azureuser", - "type": "string", + "defaultValue": "azureuser", + "type": "string", "metadata": { "description": "User name for the Virtual Machine." } - }, + }, "adminPassword": { - "type": "securestring", + "type": "securestring", "metadata": { "description": "Password to login to the Virtual Machine." } - }, + }, "dnsLabel": { - "defaultValue": "REQUIRED", - "type": "string", + "defaultValue": "REQUIRED", + "type": "string", "metadata": { "description": "Unique DNS Name for the Public IP used to access the Virtual Machine." } - }, + }, "instanceName": { - "defaultValue": "f5vm01", - "type": "string", + "defaultValue": "f5vm01", + "type": "string", "metadata": { "description": "Name of the VM" } - }, + }, "instanceType": { - "defaultValue": "Standard_D2_v2", + "defaultValue": "Standard_D2_v2", "metadata": { "description": "Size of the VM" - }, - "type": "string", + }, + "type": "string", "allowedValues": [ - "Standard_A4", - "Standard_A9", - "Standard_A11", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_D2_v2", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_F2", + "Standard_A4", + "Standard_A9", + "Standard_A11", + "Standard_D2", + "Standard_D3", + "Standard_D4", + "Standard_D12", + "Standard_D13", + "Standard_D14", + "Standard_D2_v2", + "Standard_D3_v2", + "Standard_D4_v2", + "Standard_D5_v2", + "Standard_D12_v2", + "Standard_D13_v2", + "Standard_D14_v2", + "Standard_D15_v2", + "Standard_F2", "Standard_F4" ] - }, + }, "imageName": { - "defaultValue": "Good", + "defaultValue": "Good", "metadata": { "description": "F5 SKU(IMAGE) to Deploy" - }, - "type": "string", + }, + "type": "string", "allowedValues": [ - "Good", - "Better", + "Good", + "Better", "Best" ] - }, + }, "licenseKey1": { - "defaultValue": "REQUIRED", - "type": "string", + "defaultValue": "REQUIRED", + "type": "string", "metadata": { "description": "The license token for the F5 BIG-IP(BYOL)" } - }, + }, "restrictedSrcAddress": { - "defaultValue": "*", - "type": "string", + "defaultValue": "*", + "type": "string", "metadata": { "description": "Restricts management access to a specific network or address. Enter a IP address or address range in CIDR notation, or asterisk for all sources." } - }, + }, "tagValues": { "defaultValue": { - "environment": "ENV", - "application": "APP", - "cost": "COST", - "group": "GROUP", + "environment": "ENV", + "application": "APP", + "cost": "COST", + "group": "GROUP", "owner": "OWNER" - }, + }, "type": "object" } - }, + }, "variables": { - "apiVersion": "2015-06-15", - "location": "[resourceGroup().location]", - "singleQuote": "'", - "f5CloudLibsTag": "v2.1.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) a6a9db3b89bbd014413706f22fa619c3717fac41fc99ffe875589c90e9b85a05cea227c134ea6e5b519c8fee0d12f2175368e75917f31f447ece3d92f31814af\n set hashes(f5-cloud-libs-aws.tar.gz) 90058095cc536a057378a90ed19c3afe0cecd9034e1d1816745bd5ad837939623fad034ebd2ee9bdf594f33358b50c50f49a18c2ee7588ba89645142f2217330\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature OmyfJKVQkBj+Ks6SdIc2+UNxM2xFCK4MGizGysivShzeRof0EFlEUTQiZveZ4v2SElofUp5DMVKiTIIkM00kZ7LnwqvLYIOztDFNAtMGwO6/B/zA8jLhkfnA2xzxu9fFgFn3OEsc8QwbfFS1AqCMyyacbbiczJycHtu3z0a/8sqCgiZtcQ4iXqBP4fz+8HKLA36U0jpmW+z0gQQUwpiC+AfFWcAarXMtmpwLzScldnaZ5RLo0MG8EGrHmXiWjndSR/Ii9b3+vnHnceD6+sw7e7LXPvz+jV9/rFyEQOA1QNpv0Cy4SJcuY9NRjV9KNdBobJ5N+h2PZBlgaIdLMACAVQ==\n}', variables('singleQuote'))]", - "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit\nfi\necho loaded verifyHash\necho verifying f5-cloud-libs.targ.gz\n/usr/bin/tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz\nif [ $? != 0 ]; then\necho f5-cloud-libs.tar.gz is not valid\nexit\nfi\necho verified f5-cloud-libs.tar.gz\necho expanding f5-cloud-libs.tar.gz\ntar xvfz /config/cloud/f5-cloud-libs.tar.gz -C /config/cloud\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", - "newStorageAccountName": "[concat(uniquestring(resourceGroup().id), 'stor')]", - "storageAccountType": "Standard_LRS", - "dnsLabel": "[toLower(parameters('dnsLabel'))]", - "instanceName": "[toLower(parameters('instanceName'))]", - "imageNameToLower": "[toLower(parameters('imageName'))]", - "skuToUse": "[concat('f5-bigip-virtual-edition-', variables('imageNameToLower'),'-byol')]", - "availabilitySetName": "[concat(variables('instanceName'), '-avset')]", - "nic1Name": "[concat(variables('instanceName'), '-mgmt1')]", - "defaultGw": "10.0.1.1", - "virtualNetworkName": "[concat(variables('instanceName'), '-vnet')]", - "vnetId": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]", - "vnetAddressPrefix": "10.0.0.0/16", - "nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-nsg'))]", - "subnet1Name": "MGMT_Frontend", - "subnet1Id": "[concat(variables('vnetId'), '/subnets/', variables('subnet1Name'))]", - "subnet1Prefix": "10.0.1.0/24", - "subnet1PrivateAddress": "10.0.1.4", - "publicIPAddressName": "[concat(variables('dnsLabel'), '-pip')]", - "publicIPAddressType": "Static", + "apiVersion": "2015-06-15", + "location": "[resourceGroup().location]", + "singleQuote": "'", + "f5CloudLibsTag": "v2.1.0", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) a6a9db3b89bbd014413706f22fa619c3717fac41fc99ffe875589c90e9b85a05cea227c134ea6e5b519c8fee0d12f2175368e75917f31f447ece3d92f31814af\n set hashes(f5-cloud-libs-aws.tar.gz) 90058095cc536a057378a90ed19c3afe0cecd9034e1d1816745bd5ad837939623fad034ebd2ee9bdf594f33358b50c50f49a18c2ee7588ba89645142f2217330\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature OmyfJKVQkBj+Ks6SdIc2+UNxM2xFCK4MGizGysivShzeRof0EFlEUTQiZveZ4v2SElofUp5DMVKiTIIkM00kZ7LnwqvLYIOztDFNAtMGwO6/B/zA8jLhkfnA2xzxu9fFgFn3OEsc8QwbfFS1AqCMyyacbbiczJycHtu3z0a/8sqCgiZtcQ4iXqBP4fz+8HKLA36U0jpmW+z0gQQUwpiC+AfFWcAarXMtmpwLzScldnaZ5RLo0MG8EGrHmXiWjndSR/Ii9b3+vnHnceD6+sw7e7LXPvz+jV9/rFyEQOA1QNpv0Cy4SJcuY9NRjV9KNdBobJ5N+h2PZBlgaIdLMACAVQ==\n}', variables('singleQuote'))]", + "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit\nfi\necho loaded verifyHash\necho verifying f5-cloud-libs.targ.gz\n/usr/bin/tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz\nif [ $? != 0 ]; then\necho f5-cloud-libs.tar.gz is not valid\nexit\nfi\necho verified f5-cloud-libs.tar.gz\necho expanding f5-cloud-libs.tar.gz\ntar xvfz /config/cloud/f5-cloud-libs.tar.gz -C /config/cloud\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", + "newStorageAccountName": "[concat(uniquestring(resourceGroup().id), 'stor')]", + "storageAccountType": "Standard_LRS", + "dnsLabel": "[toLower(parameters('dnsLabel'))]", + "instanceName": "[toLower(parameters('instanceName'))]", + "imageNameToLower": "[toLower(parameters('imageName'))]", + "skuToUse": "[concat('f5-bigip-virtual-edition-', variables('imageNameToLower'),'-byol')]", + "availabilitySetName": "[concat(variables('instanceName'), '-avset')]", + "nic1Name": "[concat(variables('instanceName'), '-mgmt1')]", + "defaultGw": "10.0.1.1", + "virtualNetworkName": "[concat(variables('instanceName'), '-vnet')]", + "vnetId": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]", + "vnetAddressPrefix": "10.0.0.0/16", + "nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-nsg'))]", + "subnet1Name": "MGMT_Frontend", + "subnet1Id": "[concat(variables('vnetId'), '/subnets/', variables('subnet1Name'))]", + "subnet1Prefix": "10.0.1.0/24", + "subnet1PrivateAddress": "10.0.1.4", + "publicIPAddressName": "[concat(variables('dnsLabel'), '-pip')]", + "publicIPAddressType": "Static", "publicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]" - }, + }, "resources": [ { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('publicIPAddressName')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('publicIPAddressName')]", "properties": { "dnsSettings": { "domainNameLabel": "[variables('dnsLabel')]" - }, - "idleTimeoutInMinutes": 30, + }, + "idleTimeoutInMinutes": 30, "publicIPAllocationMethod": "[variables('publicIPAddressType')]" - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/publicIPAddresses" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('virtualNetworkName')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('virtualNetworkName')]", "properties": { "addressSpace": { "addressPrefixes": [ "[variables('vnetAddressPrefix')]" ] - }, + }, "subnets": [ { - "name": "[variables('subnet1Name')]", + "name": "[variables('subnet1Name')]", "properties": { "addressPrefix": "[variables('subnet1Prefix')]" } } ] - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/virtualNetworks" - }, + }, { - "apiVersion": "[variables('apiVersion')]", + "apiVersion": "[variables('apiVersion')]", "dependsOn": [ - "[variables('vnetId')]", - "[variables('publicIPAddressId')]", + "[variables('vnetId')]", + "[variables('publicIPAddressId')]", "[concat('Microsoft.Network/networkSecurityGroups/', variables('dnsLabel'),'-nsg')]" - ], - "location": "[variables('location')]", - "name": "[variables('nic1Name')]", + ], + "location": "[variables('location')]", + "name": "[variables('nic1Name')]", "properties": { "ipConfigurations": [ { - "name": "[concat(variables('instanceName'), '-ipconfig1')]", + "name": "[concat(variables('instanceName'), '-ipconfig1')]", "properties": { "PublicIpAddress": { "Id": "[variables('publicIPAddressId')]" - }, - "privateIPAddress": "[variables('subnet1PrivateAddress')]", - "privateIPAllocationMethod": "Static", + }, + "privateIPAddress": "[variables('subnet1PrivateAddress')]", + "privateIPAllocationMethod": "Static", "subnet": { "id": "[variables('subnet1Id')]" } } } - ], + ], "networkSecurityGroup": { "id": "[variables('nsgID')]" } - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/networkInterfaces" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-nsg')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[concat(variables('dnsLabel'), '-nsg')]", "properties": { "securityRules": [ { - "name": "mgmt_allow_443", + "name": "mgmt_allow_443", "properties": { - "access": "Allow", - "description": "", - "destinationAddressPrefix": "*", - "destinationPortRange": "443", - "direction": "Inbound", - "priority": 101, - "protocol": "TCP", - "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "443", + "direction": "Inbound", + "priority": 101, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", "sourcePortRange": "*" } - }, + }, { - "name": "ssh_allow_22", + "name": "ssh_allow_22", "properties": { - "access": "Allow", - "description": "", - "destinationAddressPrefix": "*", - "destinationPortRange": "22", - "direction": "Inbound", - "priority": 102, - "protocol": "TCP", - "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "22", + "direction": "Inbound", + "priority": 102, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", "sourcePortRange": "*" } } ] - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/networkSecurityGroups" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('availabilitySetName')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('availabilitySetName')]", "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Compute/availabilitySets" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('newStorageAccountName')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('newStorageAccountName')]", "properties": { "accountType": "[variables('storageAccountType')]" - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Storage/storageAccounts" - }, + }, { - "apiVersion": "[variables('apiVersion')]", + "apiVersion": "[variables('apiVersion')]", "dependsOn": [ - "[concat('Microsoft.Storage/storageAccounts/', variables('newStorageAccountName'))]", - "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", + "[concat('Microsoft.Storage/storageAccounts/', variables('newStorageAccountName'))]", + "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", "[concat('Microsoft.Network/networkInterfaces/', variables('nic1Name'))]" - ], - "location": "[variables('location')]", - "name": "[variables('instanceName')]", + ], + "location": "[variables('location')]", + "name": "[variables('instanceName')]", "plan": { - "name": "[variables('skuToUse')]", - "product": "f5-big-ip", + "name": "[variables('skuToUse')]", + "product": "f5-big-ip", "publisher": "f5-networks" - }, + }, "properties": { "availabilitySet": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" - }, + }, "diagnosticsProfile": { "bootDiagnostics": { - "enabled": true, + "enabled": true, "storageUri": "[concat('http://',variables('newStorageAccountName'),'.blob.core.windows.net')]" } - }, + }, "hardwareProfile": { "vmSize": "[parameters('instanceType')]" - }, + }, "networkProfile": { "networkInterfaces": [ { - "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic1Name'))]", + "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic1Name'))]", "properties": { "primary": true } } ] - }, + }, "osProfile": { - "adminPassword": "[parameters('adminPassword')]", - "adminUsername": "[parameters('adminUsername')]", + "adminPassword": "[parameters('adminPassword')]", + "adminUsername": "[parameters('adminUsername')]", "computerName": "[variables('instanceName')]" - }, + }, "storageProfile": { "imageReference": { - "offer": "f5-big-ip", - "publisher": "f5-networks", - "sku": "[variables('skuToUse')]", + "offer": "f5-big-ip", + "publisher": "f5-networks", + "sku": "[variables('skuToUse')]", "version": "12.1.21" - }, + }, "osDisk": { - "caching": "ReadWrite", - "createOption": "FromImage", - "name": "osdisk", + "caching": "ReadWrite", + "createOption": "FromImage", + "name": "osdisk", "vhd": { "uri": "[concat('http://',variables('newStorageAccountName'), '.blob.core.windows.net/vhds/', variables('instanceName'), '.vhd')]" } } } - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Compute/virtualMachines" - }, + }, { - "apiVersion": "2016-03-30", + "apiVersion": "2016-03-30", "dependsOn": [ "[concat('Microsoft.Compute/virtualMachines/', variables('instanceName'))]" - ], - "location": "[variables('location')]", - "name": "[concat(variables('instanceName'),'/start')]", + ], + "location": "[variables('location')]", + "name": "[concat(variables('instanceName'),'/start')]", "properties": { "protectedSettings": { "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', variables('subnet1PrivateAddress'), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('instanceName'), '.', resourceGroup().location, '.cloudapp.azure.com'), ' --license ', parameters('licenseKey1'), ' --ntp pool.ntp.org --db tmm.maxremoteloglength:2048 --module ltm:nominal --module afm:none; rm -f /config/cloud/passwd')]" - }, - "publisher": "Microsoft.Azure.Extensions", + }, + "publisher": "Microsoft.Azure.Extensions", "settings": { "fileUris": [ "[concat('https://raw.githubusercontent.com/F5Networks/f5-cloud-libs/', variables('f5CloudLibsTag'), '/dist/f5-cloud-libs.tar.gz')]" ] - }, - "type": "CustomScript", + }, + "type": "CustomScript", "typeHandlerVersion": "2.0" - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Compute/virtualMachines/extensions" } - ], + ], "outputs": { "MGMT-URL": { - "type": "string", + "type": "string", "value": "[concat('https://', variables('dnsLabel'), '.', resourceGroup().location, '.cloudapp.azure.com')]" } } diff --git a/supported/standalone/1nic/azuredeploy.parameters.json b/supported/standalone/1nic/azuredeploy.parameters.json index d3aa54f46b..ecf3697f23 100644 --- a/supported/standalone/1nic/azuredeploy.parameters.json +++ b/supported/standalone/1nic/azuredeploy.parameters.json @@ -1,37 +1,37 @@ { - "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "1.1.0.0", + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.1.2.0", "parameters": { "adminUsername": { "value": "azureuser" - }, + }, "adminPassword": { "value": "GEN_UNIQUE" - }, + }, "dnsLabel": { "value": "REQUIRED" - }, + }, "instanceName": { "value": "f5vm01" - }, + }, "instanceType": { "value": "Standard_D2_v2" - }, + }, "imageName": { "value": "Good" - }, + }, "licenseKey1": { "value": "REQUIRED" - }, + }, "restrictedSrcAddress": { "value": "*" - }, + }, "tagValues": { "value": { - "environment": "ENV", - "application": "APP", - "cost": "COST", - "group": "GROUP", + "environment": "ENV", + "application": "APP", + "cost": "COST", + "group": "GROUP", "owner": "OWNER" } } diff --git a/supported/standalone/2nic_limited/azuredeploy.json b/supported/standalone/2nic_limited/azuredeploy.json index 358ba14ac5..dff64b8903 100644 --- a/supported/standalone/2nic_limited/azuredeploy.json +++ b/supported/standalone/2nic_limited/azuredeploy.json @@ -1,436 +1,436 @@ { - "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "1.1.0.0", + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", + "contentVersion": "1.1.2.0", "parameters": { "adminUsername": { - "defaultValue": "azureuser", - "type": "string", + "defaultValue": "azureuser", + "type": "string", "metadata": { "description": "User name for the Virtual Machine." } - }, + }, "adminPassword": { - "type": "securestring", + "type": "securestring", "metadata": { "description": "Password to login to the Virtual Machine." } - }, + }, "dnsLabel": { - "defaultValue": "REQUIRED", - "type": "string", + "defaultValue": "REQUIRED", + "type": "string", "metadata": { "description": "Unique DNS Name for the Public IP used to access the Virtual Machine." } - }, + }, "instanceName": { - "defaultValue": "f5vm01", - "type": "string", + "defaultValue": "f5vm01", + "type": "string", "metadata": { "description": "Name of the VM" } - }, + }, "instanceType": { - "defaultValue": "Standard_D2_v2", + "defaultValue": "Standard_D2_v2", "metadata": { "description": "Size of the VM" - }, - "type": "string", + }, + "type": "string", "allowedValues": [ - "Standard_A4", - "Standard_A9", - "Standard_A11", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_D2_v2", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_F2", + "Standard_A4", + "Standard_A9", + "Standard_A11", + "Standard_D2", + "Standard_D3", + "Standard_D4", + "Standard_D12", + "Standard_D13", + "Standard_D14", + "Standard_D2_v2", + "Standard_D3_v2", + "Standard_D4_v2", + "Standard_D5_v2", + "Standard_D12_v2", + "Standard_D13_v2", + "Standard_D14_v2", + "Standard_D15_v2", + "Standard_F2", "Standard_F4" ] - }, + }, "imageName": { - "defaultValue": "Good", + "defaultValue": "Good", "metadata": { "description": "F5 SKU(IMAGE) to Deploy" - }, - "type": "string", + }, + "type": "string", "allowedValues": [ - "Good", - "Better", + "Good", + "Better", "Best" ] - }, + }, "licenseKey1": { - "defaultValue": "REQUIRED", - "type": "string", + "defaultValue": "REQUIRED", + "type": "string", "metadata": { "description": "The license token for the F5 BIG-IP(BYOL)" } - }, + }, "restrictedSrcAddress": { - "defaultValue": "*", - "type": "string", + "defaultValue": "*", + "type": "string", "metadata": { "description": "Restricts management access to a specific network or address. Enter a IP address or address range in CIDR notation, or asterisk for all sources." } - }, + }, "tagValues": { "defaultValue": { - "environment": "ENV", - "application": "APP", - "cost": "COST", - "group": "GROUP", + "environment": "ENV", + "application": "APP", + "cost": "COST", + "group": "GROUP", "owner": "OWNER" - }, + }, "type": "object" } - }, + }, "variables": { - "apiVersion": "2015-06-15", - "location": "[resourceGroup().location]", - "singleQuote": "'", - "f5CloudLibsTag": "v2.1.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) a6a9db3b89bbd014413706f22fa619c3717fac41fc99ffe875589c90e9b85a05cea227c134ea6e5b519c8fee0d12f2175368e75917f31f447ece3d92f31814af\n set hashes(f5-cloud-libs-aws.tar.gz) 90058095cc536a057378a90ed19c3afe0cecd9034e1d1816745bd5ad837939623fad034ebd2ee9bdf594f33358b50c50f49a18c2ee7588ba89645142f2217330\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature OmyfJKVQkBj+Ks6SdIc2+UNxM2xFCK4MGizGysivShzeRof0EFlEUTQiZveZ4v2SElofUp5DMVKiTIIkM00kZ7LnwqvLYIOztDFNAtMGwO6/B/zA8jLhkfnA2xzxu9fFgFn3OEsc8QwbfFS1AqCMyyacbbiczJycHtu3z0a/8sqCgiZtcQ4iXqBP4fz+8HKLA36U0jpmW+z0gQQUwpiC+AfFWcAarXMtmpwLzScldnaZ5RLo0MG8EGrHmXiWjndSR/Ii9b3+vnHnceD6+sw7e7LXPvz+jV9/rFyEQOA1QNpv0Cy4SJcuY9NRjV9KNdBobJ5N+h2PZBlgaIdLMACAVQ==\n}', variables('singleQuote'))]", - "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit\nfi\necho loaded verifyHash\necho verifying f5-cloud-libs.targ.gz\n/usr/bin/tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz\nif [ $? != 0 ]; then\necho f5-cloud-libs.tar.gz is not valid\nexit\nfi\necho verified f5-cloud-libs.tar.gz\necho expanding f5-cloud-libs.tar.gz\ntar xvfz /config/cloud/f5-cloud-libs.tar.gz -C /config/cloud\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", - "newStorageAccountName": "[concat(uniquestring(resourceGroup().id), 'stor')]", - "storageAccountType": "Standard_LRS", - "dnsLabel": "[toLower(parameters('dnsLabel'))]", - "instanceName": "[toLower(parameters('instanceName'))]", - "imageNameToLower": "[toLower(parameters('imageName'))]", - "skuToUse": "[concat('f5-bigip-virtual-edition-', variables('imageNameToLower'),'-byol')]", - "availabilitySetName": "[concat(variables('instanceName'), '-avset')]", - "nic1Name": "[concat(variables('instanceName'), '-mgmt1')]", - "defaultGw": "10.0.1.1", - "virtualNetworkName": "[concat(variables('instanceName'), '-vnet')]", - "vnetId": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]", - "vnetAddressPrefix": "10.0.0.0/16", - "nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-nsg'))]", - "subnet1Name": "MGMT_Frontend", - "subnet1Id": "[concat(variables('vnetId'), '/subnets/', variables('subnet1Name'))]", - "subnet1Prefix": "10.0.1.0/24", - "subnet1PrivateAddress": "10.0.1.4", - "publicIPAddressName": "[concat(variables('dnsLabel'), '-pip')]", - "publicIPAddressType": "Static", - "publicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]", - "subnet2Name": "Web", - "subnet2Id": "[concat(variables('vnetId'), '/subnets/', variables('subnet2Name'))]", - "subnet2Prefix": "10.0.2.0/24", - "subnet2PrivateAddress": "10.0.2.4", + "apiVersion": "2015-06-15", + "location": "[resourceGroup().location]", + "singleQuote": "'", + "f5CloudLibsTag": "v2.1.0", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) a6a9db3b89bbd014413706f22fa619c3717fac41fc99ffe875589c90e9b85a05cea227c134ea6e5b519c8fee0d12f2175368e75917f31f447ece3d92f31814af\n set hashes(f5-cloud-libs-aws.tar.gz) 90058095cc536a057378a90ed19c3afe0cecd9034e1d1816745bd5ad837939623fad034ebd2ee9bdf594f33358b50c50f49a18c2ee7588ba89645142f2217330\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature OmyfJKVQkBj+Ks6SdIc2+UNxM2xFCK4MGizGysivShzeRof0EFlEUTQiZveZ4v2SElofUp5DMVKiTIIkM00kZ7LnwqvLYIOztDFNAtMGwO6/B/zA8jLhkfnA2xzxu9fFgFn3OEsc8QwbfFS1AqCMyyacbbiczJycHtu3z0a/8sqCgiZtcQ4iXqBP4fz+8HKLA36U0jpmW+z0gQQUwpiC+AfFWcAarXMtmpwLzScldnaZ5RLo0MG8EGrHmXiWjndSR/Ii9b3+vnHnceD6+sw7e7LXPvz+jV9/rFyEQOA1QNpv0Cy4SJcuY9NRjV9KNdBobJ5N+h2PZBlgaIdLMACAVQ==\n}', variables('singleQuote'))]", + "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit\nfi\necho loaded verifyHash\necho verifying f5-cloud-libs.targ.gz\n/usr/bin/tmsh run cli script verifyHash /config/cloud/f5-cloud-libs.tar.gz\nif [ $? != 0 ]; then\necho f5-cloud-libs.tar.gz is not valid\nexit\nfi\necho verified f5-cloud-libs.tar.gz\necho expanding f5-cloud-libs.tar.gz\ntar xvfz /config/cloud/f5-cloud-libs.tar.gz -C /config/cloud\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", + "newStorageAccountName": "[concat(uniquestring(resourceGroup().id), 'stor')]", + "storageAccountType": "Standard_LRS", + "dnsLabel": "[toLower(parameters('dnsLabel'))]", + "instanceName": "[toLower(parameters('instanceName'))]", + "imageNameToLower": "[toLower(parameters('imageName'))]", + "skuToUse": "[concat('f5-bigip-virtual-edition-', variables('imageNameToLower'),'-byol')]", + "availabilitySetName": "[concat(variables('instanceName'), '-avset')]", + "nic1Name": "[concat(variables('instanceName'), '-mgmt1')]", + "defaultGw": "10.0.1.1", + "virtualNetworkName": "[concat(variables('instanceName'), '-vnet')]", + "vnetId": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]", + "vnetAddressPrefix": "10.0.0.0/16", + "nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-nsg'))]", + "subnet1Name": "MGMT_Frontend", + "subnet1Id": "[concat(variables('vnetId'), '/subnets/', variables('subnet1Name'))]", + "subnet1Prefix": "10.0.1.0/24", + "subnet1PrivateAddress": "10.0.1.4", + "publicIPAddressName": "[concat(variables('dnsLabel'), '-pip')]", + "publicIPAddressType": "Static", + "publicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]", + "subnet2Name": "Web", + "subnet2Id": "[concat(variables('vnetId'), '/subnets/', variables('subnet2Name'))]", + "subnet2Prefix": "10.0.2.0/24", + "subnet2PrivateAddress": "10.0.2.4", "nic2Name": "[concat(variables('instanceName'), '-nic2')]" - }, + }, "resources": [ { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('publicIPAddressName')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('publicIPAddressName')]", "properties": { "dnsSettings": { "domainNameLabel": "[variables('dnsLabel')]" - }, - "idleTimeoutInMinutes": 30, + }, + "idleTimeoutInMinutes": 30, "publicIPAllocationMethod": "[variables('publicIPAddressType')]" - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/publicIPAddresses" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('virtualNetworkName')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('virtualNetworkName')]", "properties": { "addressSpace": { "addressPrefixes": [ "[variables('vnetAddressPrefix')]" ] - }, + }, "subnets": [ { - "name": "[variables('subnet1Name')]", + "name": "[variables('subnet1Name')]", "properties": { "addressPrefix": "[variables('subnet1Prefix')]" } - }, + }, { - "name": "[variables('subnet2Name')]", + "name": "[variables('subnet2Name')]", "properties": { "addressPrefix": "[variables('subnet2Prefix')]" } } ] - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/virtualNetworks" - }, + }, { - "apiVersion": "[variables('apiVersion')]", + "apiVersion": "[variables('apiVersion')]", "dependsOn": [ - "[variables('vnetId')]", - "[variables('publicIPAddressId')]", + "[variables('vnetId')]", + "[variables('publicIPAddressId')]", "[concat('Microsoft.Network/networkSecurityGroups/', variables('dnsLabel'),'-nsg')]" - ], - "location": "[variables('location')]", - "name": "[variables('nic1Name')]", + ], + "location": "[variables('location')]", + "name": "[variables('nic1Name')]", "properties": { "ipConfigurations": [ { - "name": "[concat(variables('instanceName'), '-ipconfig1')]", + "name": "[concat(variables('instanceName'), '-ipconfig1')]", "properties": { "PublicIpAddress": { "Id": "[variables('publicIPAddressId')]" - }, - "privateIPAddress": "[variables('subnet1PrivateAddress')]", - "privateIPAllocationMethod": "Static", + }, + "privateIPAddress": "[variables('subnet1PrivateAddress')]", + "privateIPAllocationMethod": "Static", "subnet": { "id": "[variables('subnet1Id')]" } } } - ], + ], "networkSecurityGroup": { "id": "[variables('nsgID')]" } - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/networkInterfaces" - }, + }, { - "apiVersion": "[variables('apiVersion')]", + "apiVersion": "[variables('apiVersion')]", "dependsOn": [ "[variables('vnetId')]" - ], - "location": "[variables('location')]", - "name": "[variables('nic2Name')]", + ], + "location": "[variables('location')]", + "name": "[variables('nic2Name')]", "properties": { "ipConfigurations": [ { - "name": "[concat(variables('instanceName'), '-ipconfig2')]", + "name": "[concat(variables('instanceName'), '-ipconfig2')]", "properties": { - "privateIPAddress": "[variables('subnet2PrivateAddress')]", - "privateIPAllocationMethod": "Static", + "privateIPAddress": "[variables('subnet2PrivateAddress')]", + "privateIPAllocationMethod": "Static", "subnet": { "id": "[variables('subnet2Id')]" } } } ] - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/networkInterfaces" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-nsg')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[concat(variables('dnsLabel'), '-nsg')]", "properties": { "securityRules": [ { - "name": "mgmt_allow_443", + "name": "mgmt_allow_443", "properties": { - "access": "Allow", - "description": "", - "destinationAddressPrefix": "*", - "destinationPortRange": "443", - "direction": "Inbound", - "priority": 101, - "protocol": "TCP", - "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "443", + "direction": "Inbound", + "priority": 101, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", "sourcePortRange": "*" } - }, + }, { - "name": "ssh_allow_22", + "name": "ssh_allow_22", "properties": { - "access": "Allow", - "description": "", - "destinationAddressPrefix": "*", - "destinationPortRange": "22", - "direction": "Inbound", - "priority": 102, - "protocol": "TCP", - "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", + "access": "Allow", + "description": "", + "destinationAddressPrefix": "*", + "destinationPortRange": "22", + "direction": "Inbound", + "priority": 102, + "protocol": "TCP", + "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", "sourcePortRange": "*" } } ] - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Network/networkSecurityGroups" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('availabilitySetName')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('availabilitySetName')]", "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Compute/availabilitySets" - }, + }, { - "apiVersion": "[variables('apiVersion')]", - "location": "[variables('location')]", - "name": "[variables('newStorageAccountName')]", + "apiVersion": "[variables('apiVersion')]", + "location": "[variables('location')]", + "name": "[variables('newStorageAccountName')]", "properties": { "accountType": "[variables('storageAccountType')]" - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Storage/storageAccounts" - }, + }, { - "apiVersion": "[variables('apiVersion')]", + "apiVersion": "[variables('apiVersion')]", "dependsOn": [ - "[concat('Microsoft.Storage/storageAccounts/', variables('newStorageAccountName'))]", - "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", + "[concat('Microsoft.Storage/storageAccounts/', variables('newStorageAccountName'))]", + "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", "[concat('Microsoft.Network/networkInterfaces/', variables('nic1Name'))]" - ], - "location": "[variables('location')]", - "name": "[variables('instanceName')]", + ], + "location": "[variables('location')]", + "name": "[variables('instanceName')]", "plan": { - "name": "[variables('skuToUse')]", - "product": "f5-big-ip", + "name": "[variables('skuToUse')]", + "product": "f5-big-ip", "publisher": "f5-networks" - }, + }, "properties": { "availabilitySet": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" - }, + }, "diagnosticsProfile": { "bootDiagnostics": { - "enabled": true, + "enabled": true, "storageUri": "[concat('http://',variables('newStorageAccountName'),'.blob.core.windows.net')]" } - }, + }, "hardwareProfile": { "vmSize": "[parameters('instanceType')]" - }, + }, "networkProfile": { "networkInterfaces": [ { - "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic1Name'))]", + "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic1Name'))]", "properties": { "primary": true } - }, + }, { - "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic2Name'))]", + "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('nic2Name'))]", "properties": { "primary": false } } ] - }, + }, "osProfile": { - "adminPassword": "[parameters('adminPassword')]", - "adminUsername": "[parameters('adminUsername')]", + "adminPassword": "[parameters('adminPassword')]", + "adminUsername": "[parameters('adminUsername')]", "computerName": "[variables('instanceName')]" - }, + }, "storageProfile": { "imageReference": { - "offer": "f5-big-ip", - "publisher": "f5-networks", - "sku": "[variables('skuToUse')]", + "offer": "f5-big-ip", + "publisher": "f5-networks", + "sku": "[variables('skuToUse')]", "version": "12.1.21" - }, + }, "osDisk": { - "caching": "ReadWrite", - "createOption": "FromImage", - "name": "osdisk", + "caching": "ReadWrite", + "createOption": "FromImage", + "name": "osdisk", "vhd": { "uri": "[concat('http://',variables('newStorageAccountName'), '.blob.core.windows.net/vhds/', variables('instanceName'), '.vhd')]" } } } - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Compute/virtualMachines" - }, + }, { - "apiVersion": "2016-03-30", + "apiVersion": "2016-03-30", "dependsOn": [ "[concat('Microsoft.Compute/virtualMachines/', variables('instanceName'))]" - ], - "location": "[variables('location')]", - "name": "[concat(variables('instanceName'),'/start')]", + ], + "location": "[variables('location')]", + "name": "[concat(variables('instanceName'),'/start')]", "properties": { "protectedSettings": { "commandToExecute": "[concat('mkdir /config/cloud && cp f5-cloud-libs.tar.gz* /config/cloud; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; /usr/bin/install -b -m 400 /dev/null /config/cloud/passwd; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', parameters('adminPassword'), ' >> /config/cloud/passwd; unset IFS; bash /config/installCloudLibs.sh; /usr/bin/f5-rest-node /config/cloud/f5-cloud-libs/scripts/onboard.js --output /var/log/onboard.log --log-level debug --host ', variables('subnet1PrivateAddress'), ' -u admin --password-url file:///config/cloud/passwd --hostname ', concat(variables('instanceName'), '.', resourceGroup().location, '.cloudapp.azure.com'), ' --license ', parameters('licenseKey1'), ' --ntp pool.ntp.org --db tmm.maxremoteloglength:2048 --module ltm:nominal --module afm:none; f5-rest-node /config/cloud/f5-cloud-libs/scripts/network.js --output /var/log/network.log --host ', variables('subnet1PrivateAddress'), ' -u admin -p ', parameters('adminPassword'), ' --multi-nic --default-gw ', variables('defaultGw'), ' --vlan vlan_mgmt,1.0 --vlan vlan_1,1.1 --self-ip self_mgmt,', variables('subnet1PrivateAddress'), ',vlan_mgmt --self-ip self_1,', variables('subnet2PrivateAddress'), ',vlan_1 --log-level debug --background --force-reboot; rm -f /config/cloud/passwd')]" - }, - "publisher": "Microsoft.Azure.Extensions", + }, + "publisher": "Microsoft.Azure.Extensions", "settings": { "fileUris": [ "[concat('https://raw.githubusercontent.com/F5Networks/f5-cloud-libs/', variables('f5CloudLibsTag'), '/dist/f5-cloud-libs.tar.gz')]" ] - }, - "type": "CustomScript", + }, + "type": "CustomScript", "typeHandlerVersion": "2.0" - }, + }, "tags": { - "application": "[parameters('tagValues').application]", - "costCenter": "[parameters('tagValues').cost]", - "environment": "[parameters('tagValues').environment]", - "group": "[parameters('tagValues').group]", + "application": "[parameters('tagValues').application]", + "costCenter": "[parameters('tagValues').cost]", + "environment": "[parameters('tagValues').environment]", + "group": "[parameters('tagValues').group]", "owner": "[parameters('tagValues').owner]" - }, + }, "type": "Microsoft.Compute/virtualMachines/extensions" } - ], + ], "outputs": { "MGMT-URL": { - "type": "string", + "type": "string", "value": "[concat('https://', variables('dnsLabel'), '.', resourceGroup().location, '.cloudapp.azure.com')]" } } diff --git a/supported/standalone/2nic_limited/azuredeploy.parameters.json b/supported/standalone/2nic_limited/azuredeploy.parameters.json index d3aa54f46b..ecf3697f23 100644 --- a/supported/standalone/2nic_limited/azuredeploy.parameters.json +++ b/supported/standalone/2nic_limited/azuredeploy.parameters.json @@ -1,37 +1,37 @@ { - "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "1.1.0.0", + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", + "contentVersion": "1.1.2.0", "parameters": { "adminUsername": { "value": "azureuser" - }, + }, "adminPassword": { "value": "GEN_UNIQUE" - }, + }, "dnsLabel": { "value": "REQUIRED" - }, + }, "instanceName": { "value": "f5vm01" - }, + }, "instanceType": { "value": "Standard_D2_v2" - }, + }, "imageName": { "value": "Good" - }, + }, "licenseKey1": { "value": "REQUIRED" - }, + }, "restrictedSrcAddress": { "value": "*" - }, + }, "tagValues": { "value": { - "environment": "ENV", - "application": "APP", - "cost": "COST", - "group": "GROUP", + "environment": "ENV", + "application": "APP", + "cost": "COST", + "group": "GROUP", "owner": "OWNER" } }