Tips-Of-Mine/terraform
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update per PR and MSI fixes

Browse Source
This commit is contained in:
Jeffrey Cline 2018-02-16 15:27:45 -08:00
parent f3425a7e04
commit 70abd42b4e
5 changed files with 25 additions and 215 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
solution_template/vm-linux-terraform/createUiDefinition.json
View File

@ -56,119 +56,15 @@
"visible": true
}
],
"steps": [
{
"name": "firstStep",
"label": "Virtual Machine Settings",
"bladeTitle": "Virtual Machine Settings",
"subLabel": {
"preValidation": "",
"postValidation": "Done"
},
"elements": [
{
"name": "vmSize",
"type": "Microsoft.Compute.SizeSelector",
"label": "Size",
"toolTip": "",
"recommendedSizes": [
"Standard_DS2_v2",
"Standard_DS1_v2",
"Standard_DS11_v2"
],
"osPlatform": "Linux",
"count": 1,
"visible": true
},
{
"name": "vmDiskType",
"type": "Microsoft.Common.OptionsGroup",
"label": "VM disk type",
"defaultValue": "SSD",
"toolTip": "Premium disks (SSD) are backed by solid state drives and offer consistent, low-latency performance. They provide the best balance between price and performance, and are ideal for I/O-intensive applications and production workloads. Standard disks (HDD) are backed by magnetic drives and are preferable for applications where data is accessed infrequently.",
"constraints": {
"allowedValues": [
{
"label": "SSD",
"value": "Premium_LRS"
},
{
"label": "HDD",
"value": "Standard_LRS"
}
]
},
"visible": true
},
{
"name": "sptype",
"type": "Microsoft.Common.DropDown",
"label": "Service Principal Integration",
"defaultValue": "Auto(MSI)",
"toolTip": "The service pricipal will be added into Terraform as a credential for authenticating with Azure. 'Auto' means that the principal will be created by MSI (Managed Service Identity). 'Manual' means the principal should be created by user and be filled in below.",
"constraints": {
"allowedValues": [
{
"label": "Auto(MSI)",
"value": "msi"
},
{
"label": "Manual",
"value": "manual"
}
]
},
"visible": true
},
{
"name": "spSection",
"type": "Microsoft.Common.Section",
"label": "Service Principal",
"elements": [
{
"name": "principalId",
"type": "Microsoft.Common.TextBox",
"label": "Application ID",
"defaultValue": "",
"toolTip": "",
"constraints": {
"required": true,
"regex": "^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}$",
"validationMessage": "Must be a valid UUID."
},
"visible": true
},
{
"name": "spsecret",
"type": "Microsoft.Common.PasswordBox",
"label": {
"password":"Secret",
"confirmPassword": ""
},
"toolTip": "",
"options": {
"hideConfirmation": true
},
"visible": true
}
],
"visible": "[equals(steps('firstStep').sptype,'manual')]"
}
]
}
],
"outputs": {
"adminPassword": "[basics('authType').password]",
"adminSSHPublicKey": "[basics('authType').sshPublicKey]",
"adminUserName": "[basics('userName')]",
"authenticationType": "[basics('authType').authenticationType]",
"storageAccountType": "[steps('firstStep').vmDiskType]",
"vmName": "[basics('vmName')]",
"vmSize": "[steps('firstStep').vmSize]",
"vmSize": "Standard_D1_V2",
"location": "[location()]",
"spType": "[steps('firstStep').sptype]",
"principalId": "[steps('firstStep').spSection.principalId]",
"spSecret": "[steps('firstStep').spSection.spsecret]"
"spType": "msi"
}
}
}

53
solution_template/vm-linux-terraform/mainTemplate.json
View File

@ -7,7 +7,7 @@
"artifactsBaseUrl": "",
"description": "The base URI where artifacts required by this template are located. When the template is deployed using the accompanying scripts, a private location in the subscription will be used and this value will be automatically generated."
},
"defaultValue": "https://raw.githubusercontent.com/Azure/terraform/vm-linux-terraform",
"defaultValue": "https://raw.githubusercontent.com/Azure/terraform/master/solution_template/vm-linux-terraform",
"type": "string"
},
"artifactsLocationSasToken": {
@ -50,34 +50,6 @@
"type": "string",
"defaultValue": "[resourceGroup().location]"
},
"storageAccountType": {
"defaultValue": "Standard_LRS",
"metadata": {
"description": "Storage Account Type"
},
"type": "string"
},
"principalId":{
"defaultValue": "",
"metadata": {
"description": "The Service Principal Id"
},
"type": "string"
},
"spSecret":{
"defaultValue": "",
"metadata": {
"description": "The Service Principal secret"
},
"type": "string"
},
"spType":{
"defaultValue": "msi",
"metadata": {
"description": "The type of service principal injected into Terraform (can be 'msi' or 'manual')."
},
"type": "string"
},
"vmName": {
"metadata": {
"description": "Virtual Machine Name (also used as a prefix for other resources)"
@ -126,7 +98,7 @@
"type": "Microsoft.Storage/storageAccounts",
"name": "[variables('infraStorageAccountName')]",
"apiVersion": "2017-10-01",
"location": "[resourceGroup().location]",
"location": "[parameters('location')]",
"sku": {
"name": "Standard_LRS"
},
@ -137,7 +109,7 @@
"type": "Microsoft.Storage/storageAccounts",
"name": "[variables('stateStorageAccountName')]",
"apiVersion": "2017-10-01",
"location": "[resourceGroup().location]",
"location": "[parameters('location')]",
"sku": {
"name": "Standard_LRS"
},
@ -148,7 +120,7 @@
"apiVersion": "2017-11-01",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[variables('publicIPAddressName')]",
"location": "[resourceGroup().location]",
"location": "[parameters('location')]",
"properties": {
"publicIPAllocationMethod": "Dynamic",
"dnsSettings": {
@ -160,7 +132,7 @@
"apiVersion": "2017-11-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[variables('virtualNetworkName')]",
"location": "[resourceGroup().location]",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
@ -181,7 +153,7 @@
"name": "[variables('networkSecurityGroupName')]",
"type": "Microsoft.Network/networkSecurityGroups",
"apiVersion": "2017-11-01",
"location": "[resourceGroup().location]",
"location": "[parameters('location')]",
"properties": {
"securityRules": [
{
@ -218,7 +190,7 @@
"apiVersion": "2017-11-01",
"type": "Microsoft.Network/networkInterfaces",
"name": "[variables('nicName')]",
"location": "[resourceGroup().location]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Network/publicIPAddresses/', variables('publicIPAddressName'))]",
"[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]"
@ -247,7 +219,7 @@
"apiVersion": "2017-12-01",
"type": "Microsoft.Compute/virtualMachines",
"name": "[parameters('vmName')]",
"location": "[resourceGroup().location]",
"location": "[parameters('location')]",
"identity": {
"type": "SystemAssigned"
},
@ -265,7 +237,7 @@
"imageReference": {
"publisher": "Canonical",
"offer": "UbuntuServer",
"sku": "17.10",
"sku": "16.04-LTS",
"version": "latest"
}
},
@ -288,7 +260,7 @@
"type": "Microsoft.Compute/virtualMachines/extensions",
"name": "[concat(parameters('vmName'),'/MSILinuxExtension')]",
"apiVersion": "2017-12-01",
"location": "[resourceGroup().location]",
"location": "[parameters('location')]",
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachines/', parameters('vmName'))]"
],
@ -320,7 +292,7 @@
"name": "[concat(parameters('vmName'),'/customscriptextension')]",
"type": "Microsoft.Compute/virtualMachines/extensions",
"apiVersion": "2017-03-30",
"location": "[resourceGroup().location]",
"location": "[parameters('location')]",
"dependsOn": [
"[resourceId('Microsoft.Authorization/roleAssignments', guid(resourceGroup().id))]"
],
@ -333,12 +305,11 @@
"fileUris": [
"[concat(parameters('artifactsLocation'), '/scripts/infra.sh', parameters('artifactsLocationSasToken'))]",
"[concat(parameters('artifactsLocation'), '/scripts/install.sh', parameters('artifactsLocationSasToken'))]",
"[concat(parameters('artifactsLocation'), '/scripts/desktop.sh', parameters('artifactsLocationSasToken'))]",
"[concat(parameters('artifactsLocation'), '/scripts/azureProviderAndCreds.tf', parameters('artifactsLocationSasToken'))]"
]
},
"protectedSettings": {
"commandToExecute": "[concat('bash infra.sh && bash install.sh ', variables('installParm1'), variables('installParm2'), variables('installParm3'), ' -k ', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('stateStorageAccountName')), providers('Microsoft.Storage', 'storageAccounts').apiVersions[0]).keys[0].value, ' -l ', reference(concat(resourceId('Microsoft.Compute/virtualMachines/', parameters('vmName')),'/providers/Microsoft.ManagedIdentity/Identities/default'),'2015-08-31-PREVIEW').principalId)]"
"commandToExecute": "[concat('bash infra.sh && bash install.sh ', variables('installParm1'), variables('installParm2'), variables('installParm3'), ' -k ', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('stateStorageAccountName')), '2017-10-01').keys[0].value, ' -l ', reference(concat(resourceId('Microsoft.Compute/virtualMachines/', parameters('vmName')),'/providers/Microsoft.ManagedIdentity/Identities/default'),'2015-08-31-PREVIEW').principalId)]"
}
}
}

56
solution_template/vm-linux-terraform/scripts/desktop.sh
View File

@ -1,56 +0,0 @@
#!/bin/bash
logger -t devvm "Desktop Install started: $?"
sudo apt-get -y update
sudo apt-get -q=2 -y install xrdp
logger -t devvm "XRDP installed: $?"
logger -t devvm "Installing Mate Desktop ..."
sudo dpkg --configure -a
sudo apt-add-repository -y ppa:ubuntu-mate-dev/ppa
sudo apt-add-repository -y ppa:ubuntu-mate-dev/trusty-mate
sudo apt-get -y update
sudo apt-get -y upgrade
sudo apt-get install -q=2 --no-install-recommends -m ubuntu-mate-core
sudo apt-get install -q=2 --no-install-recommends -m ubuntu-mate-desktop
logger -t devvm "Mate Desktop installed. $?"
echo mate-session >~/.xsession
sudo service xrdp restart
# FIxes the issue with Ubuntu desktop being blank.
sudo sed -i -e 's/console/anybody/g' /etc/X11/Xwrapper.config
logger -t devvm "Mate Desktop configured. $?"
logger -t devvm "Installing VSCode: $?"
curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg
sudo mv microsoft.gpg /etc/apt/trusted.gpg.d/microsoft.gpg
sudo sh -c 'echo "deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main" > /etc/apt/sources.list.d/vscode.list'
sudo apt-get update
sudo apt-get install -y code
logger -t devvm "VSCode Installed: $?"
logger -t devvm "Success"
exit 0

6
solution_template/vm-linux-terraform/scripts/infra.sh
View File

@ -2,7 +2,11 @@
apt-get update
wget -O terraform.zip https://releases.hashicorp.com/terraform/0.11.1/terraform_0.11.1_linux_amd64.zip?_ga=2.228206621.1801000149.1512425211-1345627201.1504718143
retry=0
while true;do
wget -O terraform.zip https://releases.hashicorp.com/terraform/0.11.1/terraform_0.11.1_linux_amd64.zip?_ga=2.228206621.1801000149.1512425211-1345627201.1504718143 && break || ((retry++))
((retry >= 10)) && break
done
apt-get install unzip

17
solution_template/vm-linux-terraform/scripts/install.sh
View File

@ -12,8 +12,7 @@
# 3 - k: Storage account key (password)
# 4 - l: MSI client id (principal id)
# 5 - u: User account name
# 6 - d: Ubuntu Desktop GUI for developement
# 7 - h: help
# 6 - h: help
# Note :
# This script has only been tested on Ubuntu 12.04 LTS & 14.04 LTS and must be root
@ -31,7 +30,6 @@ help()
echo "- k: Storage account key (password)"
echo "- l: MSI client id (principal id)"
echo "- u: User account name"
echo "- d: Ubuntu Desktop GUI"
echo "- h: help"
}
@ -114,8 +112,11 @@ chmod 666 $ACCESSKEYFILE
chown $USERNAME:$USERNAME $ACCESSKEYFILE
touch $TFENVFILE
echo "export ARM_SUBSCRIPTION_ID =\"$SUBSCRIPTION_ID\"" >> $TFENVFILE
echo "export ARM_CLIENT_ID =\"$MSI_PRINCIPAL_ID\"" >> $TFENVFILE
echo "export ARM_SUBSCRIPTION_ID=\"$SUBSCRIPTION_ID\"" >> $TFENVFILE
echo "export ARM_CLIENT_ID=\"$MSI_PRINCIPAL_ID\"" >> $TFENVFILE
echo "az login" >> $TFENVFILE
echo "spID=$(az resource list -n hostname --query [*].identity.principalId --out tsv)" >> $TFENVFILE
echo "az role assignment create --assignee \"$spID\" --role 'b24988ac-6180-42a0-ab88-20f7382dd24c' --scope /subscriptions/\"$SUBSCRIPTION_ID\" >> $TFENVFILE
chmod 755 $TFENVFILE
chown $USERNAME:$USERNAME $TFENVFILE
@ -124,9 +125,3 @@ logger -t devvm "Creating the container for remote state"
az login --msi
az storage container create -n terraform-state --account-name $STORAGE_ACCOUNT_NAME --account-key $STORAGE_ACCOUNT_KEY
logger -t devvm "Container for remote state created: $?"
if [[ -v DESKTOPINSTALL ]]; then
echo "Installing Mate Desktop"
bash ./desktop.sh
echo "Desktop installed"
fi