Azure rendering solution deployment framework

src/terraform/examples/e2e/0.Global.Foundation/functions.ps1

@@ -1,19 +1,19 @@
 $fileSystemMountPath = "C:\AzureData\fileSystemMount.bat"
 
 function StartProcess ($filePath, $argumentList, $logFile) {
-  if ($logFile -eq $null) {
+  if ($logFile) {
-    if ($argumentList -eq $null) {
+    if ($argumentList) {
-      Start-Process -FilePath $filePath -Wait
-    } else {
-      Start-Process -FilePath $filePath -ArgumentList $argumentList -Wait
-    }
-  } else {
-    if ($argumentList -eq $null) {
-      Start-Process -FilePath $filePath -Wait -RedirectStandardOutput $logFile-out -RedirectStandardError $logFile-err
-    } else {
       Start-Process -FilePath $filePath -ArgumentList $argumentList -Wait -RedirectStandardOutput $logFile-out -RedirectStandardError $logFile-err
+    } else {
+      Start-Process -FilePath $filePath -Wait -RedirectStandardOutput $logFile-out -RedirectStandardError $logFile-err
     }
     Get-Content -Path $logFile-err | Write-Host
+  } else {
+    if ($argumentList) {
+      Start-Process -FilePath $filePath -ArgumentList $argumentList -Wait
+    } else {
+      Start-Process -FilePath $filePath -Wait
+    }
   }
 }
 
@@ -45,14 +45,40 @@ function EnableFarmClient () {
   deadlinecommand.exe -ChangeRepository Direct S:\ S:\Deadline10Client.pfx ""
 }
 
-function JoinActiveDirectory ($domainName, $serverName, $adminUsername, $adminPassword) {
+function JoinActiveDirectory ($domainName, $serverName, $orgUnitPath, $adminUsername, $adminPassword) {
-  if ($domainName -ne "") {
+  if ($adminUsername -notlike "*@*") {
-    $securePassword = ConvertTo-SecureString $adminPassword -AsPlainText -Force
+    $adminUsername = "$adminUsername@$domainName"
-    $adminCredential = New-Object System.Management.Automation.PSCredential("$adminUsername@$domainName", $securePassword)
+  }
-    $adComputer = Get-ADComputer -Identity $(hostname) -Server $serverName -Credential $adminCredential -ErrorAction SilentlyContinue
+  $securePassword = ConvertTo-SecureString $adminPassword -AsPlainText -Force
-    if ($adComputer -ne $null) {
+  $adminCredential = New-Object System.Management.Automation.PSCredential($adminUsername, $securePassword)
-      Remove-ADObject -Identity $adComputer -Recursive -Confirm:$false
+
-    }
+  $adComputer = Get-ADComputer -Identity $(hostname) -Server $serverName -Credential $adminCredential -ErrorAction SilentlyContinue
-    Add-Computer -DomainName $domainName -Server $serverName -Credential $adminCredential -Force -PassThru -Verbose
+  if ($adComputer) {
+    Remove-ADObject -Identity $adComputer -Recursive -Confirm:$false
+    Start-Sleep -Seconds 5
+  }
+
+  if ($orgUnitPath -ne "") {
+    Add-Computer -DomainName $domainName -Server $serverName -Credential $adminCredential -OUPath $orgUnitPath -Force -PassThru -Verbose -Restart
+  } else {
+    Add-Computer -DomainName $domainName -Server $serverName -Credential $adminCredential -Force -PassThru -Verbose -Restart
+  }
+}
+
+function Retry ($delaySeconds, $maxCount, $scriptBlock) {
+  $count = 0
+  $exception = $null
+  do {
+    $count++
+    try {
+      $scriptBlock.Invoke()
+      $exception = $null
+    } catch {
+      $exception = $_.Exception
+      Start-Sleep -Seconds $delaySeconds
+    }
+  } while ($count -lt $maxCount)
+  if ($exception) {
+    throw $exception
   }
 }

src/terraform/examples/e2e/2.Image.Builder/compute.gallery.tf

@@ -6,9 +6,8 @@ variable "computeGallery" {
   type = object(
     {
       name = string
-      imageDefinitions = list(object(
+      imageDefinition = map(object(
         {
-          name       = string
           type       = string
           generation = string
           publisher  = string
@@ -21,29 +20,27 @@ variable "computeGallery" {
   )
 }
 
-resource "azurerm_shared_image_gallery" "gallery" {
+resource "azurerm_shared_image_gallery" "studio" {
   name                = var.computeGallery.name
   resource_group_name = azurerm_resource_group.image.name
   location            = azurerm_resource_group.image.location
 }
 
-resource "azurerm_shared_image" "definitions" {
+resource "azurerm_shared_image" "studio" {
-  count               = length(var.computeGallery.imageDefinitions)
+  for_each            = var.computeGallery.imageDefinition
-  name                = var.computeGallery.imageDefinitions[count.index].name
+  name                = each.key
   resource_group_name = azurerm_resource_group.image.name
   location            = azurerm_resource_group.image.location
-  gallery_name        = azurerm_shared_image_gallery.gallery.name
+  gallery_name        = azurerm_shared_image_gallery.studio.name
-  os_type             = var.computeGallery.imageDefinitions[count.index].type
+  os_type             = each.value.type
-  hyper_v_generation  = var.computeGallery.imageDefinitions[count.index].generation
+  hyper_v_generation  = each.value.generation
   identifier {
-    publisher = var.computeGallery.imageDefinitions[count.index].publisher
+    publisher = each.value.publisher
-    offer     = var.computeGallery.imageDefinitions[count.index].offer
+    offer     = each.value.offer
-    sku       = var.computeGallery.imageDefinitions[count.index].sku
+    sku       = each.value.sku
   }
 }
 
-output "imageDefinitionLinux" {
+output "imageDefinition" {
-  value = one([
+  value = var.computeGallery.imageDefinition
-    for imageDefinition in var.computeGallery.imageDefinitions: imageDefinition if imageDefinition.type == "Linux"
-  ])
 }

src/terraform/examples/e2e/2.Image.Builder/config.auto.tfvars

@@ -6,36 +6,32 @@ resourceGroupName = "ArtistAnywhere.Image" # Alphanumeric, underscores, hyphens,
 
 computeGallery = {
   name = "azstudio"
-  imageDefinitions = [
+  imageDefinition = {
-    {
+    Linux = {
-      name       = "Linux"
       type       = "Linux"
       generation = "V2"
       publisher  = "AlmaLinux"
       offer      = "AlmaLinux-x86_64"
       sku        = "9-Gen2"
       enablePlan = false
-    },
+    }
-    {
+    WinServer = {
-      name       = "WinServer"
       type       = "Windows"
       generation = "V2"
       publisher  = "MicrosoftWindowsServer"
       offer      = "WindowsServer"
       sku        = "2022-Datacenter-G2"
       enablePlan = false
-    },
+    }
-    {
+    WinFarm = {
-      name       = "WinFarm"
       type       = "Windows"
       generation = "V2"
       publisher  = "MicrosoftWindowsDesktop"
       offer      = "Windows-10"
       sku        = "Win10-22H2-Pro-G2"
       enablePlan = false
-    },
+    }
-    {
+    WinArtist = {
-      name       = "WinArtist"
       type       = "Windows"
       generation = "V2"
       publisher  = "MicrosoftWindowsDesktop"
@@ -43,7 +39,7 @@ computeGallery = {
       sku        = "Win11-22H2-Pro"
       enablePlan = false
     }
-  ]
+  }
 }
 
 #############################################################################################
@@ -53,7 +49,7 @@ computeGallery = {
 imageTemplates = [
   {
     name = "LnxStorageCPU"
-    image = {
+    source = {
       definitionName = "Linux"
       inputVersion   = "Latest"
     }
@@ -70,7 +66,7 @@ imageTemplates = [
   },
   {
     name = "LnxStorageGPU"
-    image = {
+    source = {
       definitionName = "Linux"
       inputVersion   = "Latest"
     }
@@ -87,7 +83,7 @@ imageTemplates = [
   },
   {
     name = "LnxScheduler"
-    image = {
+    source = {
       definitionName = "Linux"
       inputVersion   = "Latest"
     }
@@ -104,7 +100,7 @@ imageTemplates = [
   },
   {
     name = "LnxFarmCPU"
-    image = {
+    source = {
       definitionName = "Linux"
       inputVersion   = "Latest"
     }
@@ -124,7 +120,7 @@ imageTemplates = [
   },
   {
     name = "LnxFarmGPU"
-    image = {
+    source = {
       definitionName = "Linux"
       inputVersion   = "Latest"
     }
@@ -145,7 +141,7 @@ imageTemplates = [
   },
   {
     name = "LnxArtistNVIDIA"
-    image = {
+    source = {
       definitionName = "Linux"
       inputVersion   = "Latest"
     }
@@ -166,7 +162,7 @@ imageTemplates = [
   },
   {
     name = "LnxArtistAMD"
-    image = {
+    source = {
       definitionName = "Linux"
       inputVersion   = "Latest"
     }
@@ -187,7 +183,7 @@ imageTemplates = [
   },
   {
     name = "WinScheduler"
-    image = {
+    source = {
       definitionName = "WinServer"
       inputVersion   = "Latest"
     }
@@ -196,7 +192,7 @@ imageTemplates = [
       machineSize    = "Standard_D8as_v5" # https://learn.microsoft.com/azure/virtual-machines/sizes
       gpuProvider    = ""                 # NVIDIA or AMD
       outputVersion  = "1.0.0"
-      timeoutMinutes = 180
+      timeoutMinutes = 240
       osDiskSizeGB   = 512
       renderEngines = [
       ]
@@ -204,7 +200,7 @@ imageTemplates = [
   },
   {
     name = "WinFarmCPU"
-    image = {
+    source = {
       definitionName = "WinFarm"
       inputVersion   = "Latest"
     }
@@ -213,7 +209,7 @@ imageTemplates = [
       machineSize    = "Standard_D96as_v5" # https://learn.microsoft.com/azure/virtual-machines/sizes
       gpuProvider    = ""                  # NVIDIA or AMD
       outputVersion  = "2.0.0"
-      timeoutMinutes = 420
+      timeoutMinutes = 360
       osDiskSizeGB   = 480
       renderEngines = [
         "PBRT",
@@ -223,7 +219,7 @@ imageTemplates = [
   },
   {
     name = "WinFarmGPU"
-    image = {
+    source = {
       definitionName = "WinFarm"
       inputVersion   = "Latest"
     }
@@ -232,7 +228,7 @@ imageTemplates = [
       machineSize    = "Standard_NV36ads_A10_v5" # https://learn.microsoft.com/azure/virtual-machines/sizes
       gpuProvider    = ""                        # NVIDIA or AMD
       outputVersion  = "2.1.0"
-      timeoutMinutes = 420
+      timeoutMinutes = 360
       osDiskSizeGB   = 480
       renderEngines = [
         "PBRT",
@@ -243,7 +239,7 @@ imageTemplates = [
   },
   {
     name = "WinArtistNVIDIA"
-    image = {
+    source = {
       definitionName = "WinArtist"
       inputVersion   = "Latest"
     }
@@ -252,7 +248,7 @@ imageTemplates = [
       machineSize    = "Standard_NV36ads_A10_v5" # https://learn.microsoft.com/azure/virtual-machines/sizes
       gpuProvider    = "NVIDIA"                  # NVIDIA or AMD
       outputVersion  = "3.0.0"
-      timeoutMinutes = 420
+      timeoutMinutes = 360
       osDiskSizeGB   = 1024
       renderEngines = [
         "PBRT",
@@ -263,7 +259,7 @@ imageTemplates = [
   },
   {
     name = "WinArtistAMD"
-    image = {
+    source = {
       definitionName = "WinArtist"
       inputVersion   = "Latest"
     }
@@ -272,7 +268,7 @@ imageTemplates = [
       machineSize    = "Standard_NG32ads_V620_v1" # https://learn.microsoft.com/azure/virtual-machines/sizes
       gpuProvider    = "AMD"                      # NVIDIA or AMD
       outputVersion  = "3.1.0"
-      timeoutMinutes = 420
+      timeoutMinutes = 360
       osDiskSizeGB   = 1024
       renderEngines = [
         "PBRT",

src/terraform/examples/e2e/2.Image.Builder/image.builder.tf

@@ -6,7 +6,7 @@ variable "imageTemplates" {
   type = list(object(
     {
       name = string
-      image = object(
+      source = object(
         {
           definitionName = string
           inputVersion   = string
@@ -40,218 +40,152 @@ variable "binStorage" {
   }
 }
 
-resource "azurerm_role_assignment" "image" {
+locals {
+  targetRegions = [
+    for regionName in module.global.regionNames : {
+      name               = regionName
+      replicaCount       = 1
+      storageAccountType = "Standard_LRS"
+    }
+  ]
+}
+
+resource "azurerm_role_assignment" "managed_identity_operator" {
+  role_definition_name = "Managed Identity Operator" # https://learn.microsoft.com/azure/role-based-access-control/built-in-roles#managed-identity-operator
+  principal_id         = data.azurerm_user_assigned_identity.studio.principal_id
+  scope                = data.azurerm_user_assigned_identity.studio.id
+}
+
+resource "azurerm_role_assignment" "contributor" {
   role_definition_name = "Contributor" # https://learn.microsoft.com/azure/role-based-access-control/built-in-roles#contributor
   principal_id         = data.azurerm_user_assigned_identity.studio.principal_id
   scope                = azurerm_resource_group.image.id
 }
 
-resource "azurerm_resource_group_template_deployment" "image_builder" {
+resource "azapi_resource" "image_builder" {
-  name                = "ImageBuilder"
+  for_each = {
-  resource_group_name = azurerm_resource_group.image.name
+    for imageTemplate in var.imageTemplates : imageTemplate.name => imageTemplate
-  deployment_mode     = "Incremental"
+  }
-  parameters_content  = jsonencode({
+  name      = each.value.name
-    binStorage = {
+  type      = "Microsoft.VirtualMachineImages/imageTemplates@2022-07-01"
-      value = var.binStorage
+  parent_id = azurerm_resource_group.image.id
-    }
+  location  = azurerm_resource_group.image.location
-    regionNames = {
+  identity {
-      value = module.global.regionNames
+    type = "UserAssigned"
-    }
+    identity_ids = [
-    managedIdentityName = {
+      data.azurerm_user_assigned_identity.studio.id
-      value = module.global.managedIdentity.name
+    ]
-    }
+  }
-    managedIdentityResourceGroupName = {
+  body = jsonencode({
-      value = module.global.resourceGroupName
+    properties = {
-    }
+      buildTimeoutInMinutes = each.value.build.timeoutMinutes
-    computeGalleryName = {
+      vmProfile = {
-      value = var.computeGallery.name
+        vmSize       = each.value.build.machineSize
-    }
+        osDiskSizeGB = each.value.build.osDiskSizeGB
-    imageTemplates = {
+        userAssignedIdentities = [
-      value = var.imageTemplates
+          data.azurerm_user_assigned_identity.studio.id
+        ]
+      }
+      source = {
+        type      = "PlatformImage"
+        publisher = var.computeGallery.imageDefinition[each.value.source.definitionName].publisher
+        offer     = var.computeGallery.imageDefinition[each.value.source.definitionName].offer
+        sku       = var.computeGallery.imageDefinition[each.value.source.definitionName].sku
+        version   = each.value.source.inputVersion
+      }
+      customize = each.value.source.definitionName == "Linux" ? [
+        {
+          type = "Shell"
+          inline = [
+            "hostname ${each.value.name}"
+          ]
+        },
+        {
+          type = "Shell"
+          inline = [
+            ":"
+          ]
+        },
+        {
+          type        = "File"
+          sourceUri   = "https://raw.githubusercontent.com/Azure/Avere/main/src/terraform/examples/e2e/0.Global.Foundation/functions.sh"
+          destination = "/tmp/functions.sh"
+        },
+        {
+          type        = "File"
+          sourceUri   = "https://raw.githubusercontent.com/Azure/Avere/main/src/terraform/examples/e2e/2.Image.Builder/customize.sh"
+          destination = "/tmp/customize.sh"
+        },
+        {
+          type        = "File"
+          sourceUri   = "https://raw.githubusercontent.com/Azure/Avere/main/src/terraform/examples/e2e/2.Image.Builder/terminate.sh"
+          destination = "/tmp/terminate.sh"
+        },
+        {
+          type = "Shell"
+          inline = [
+            "cat /tmp/customize.sh | tr -d \r | buildConfigEncoded=${base64encode(jsonencode(merge(each.value.build, {binStorage = var.binStorage})))} /bin/bash"
+          ]
+          runElevated = false
+          runAsSystem = false
+        }
+      ] : [
+        {
+          type = "PowerShell"
+          inline = [
+            "Rename-Computer -NewName ${each.value.name}"
+          ]
+        },
+        {
+          type   = "WindowsRestart"
+          inline = null
+        },
+        {
+          type        = "File"
+          sourceUri   = "https://raw.githubusercontent.com/Azure/Avere/main/src/terraform/examples/e2e/0.Global.Foundation/functions.ps1"
+          destination = "C:\\AzureData\\functions.ps1"
+        },
+        {
+          type        = "File"
+          sourceUri   = "https://raw.githubusercontent.com/Azure/Avere/main/src/terraform/examples/e2e/2.Image.Builder/customize.ps1"
+          destination = "C:\\AzureData\\customize.ps1"
+        },
+        {
+          type        = "File"
+          sourceUri   = "https://raw.githubusercontent.com/Azure/Avere/main/src/terraform/examples/e2e/2.Image.Builder/terminate.ps1"
+          destination = "C:\\AzureData\\terminate.ps1"
+        },
+        {
+          type = "PowerShell"
+          inline = [
+            "C:\\AzureData\\customize.ps1 -buildConfigEncoded ${base64encode(jsonencode(merge(each.value.build, {binStorage = var.binStorage})))}"
+          ]
+          runElevated = true
+          runAsSystem = true
+        }
+      ]
+      distribute = [
+        {
+          type           = "SharedImage"
+          runOutputName  = "${each.value.name}-${each.value.build.outputVersion}"
+          galleryImageId = "${azurerm_shared_image.studio[each.value.source.definitionName].id}/versions/${each.value.build.outputVersion}"
+          versioning = {
+            scheme = "Latest"
+            major  = tonumber(split(".", each.value.build.outputVersion)[0])
+          }
+          targetRegions = local.targetRegions
+          artifactTags = {
+            imageTemplateName = each.value.name
+          }
+        }
+      ]
     }
   })
-  template_content = <<TEMPLATE
+  schema_validation_enabled = false
-    {
-      "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
-      "contentVersion": "1.0.0.0",
-      "parameters": {
-        "binStorage": {
-          "type": "object"
-        },
-        "regionNames": {
-          "type": "array"
-        },
-        "managedIdentityName": {
-          "type": "string"
-        },
-        "managedIdentityResourceGroupName": {
-          "type": "string"
-        },
-        "computeGalleryName": {
-          "type": "string"
-        },
-        "imageTemplates": {
-          "type": "array"
-        }
-      },
-      "variables": {
-        "apiVersionImageBuilder": "2022-07-01",
-        "apiVersionComputeGallery": "2023-07-03"
-      },
-      "functions": [
-        {
-          "namespace": "fx",
-          "members": {
-            "GetCustomizeCommandsLinux": {
-              "parameters": [
-                {
-                  "name": "imageTemplate",
-                  "type": "object"
-                },
-                {
-                  "name": "binStorage",
-                  "type": "object"
-                }
-              ],
-              "output": {
-                "type": "array",
-                "value": [
-                  {
-                    "type": "Shell",
-                    "inline": [
-                      "[concat('hostname ', parameters('imageTemplate').name)]"
-                    ]
-                  },
-                  {
-                    "type": "File",
-                    "sourceUri": "https://raw.githubusercontent.com/Azure/Avere/main/src/terraform/examples/e2e/0.Global.Foundation/functions.sh",
-                    "destination": "/tmp/functions.sh"
-                  },
-                  {
-                    "type": "File",
-                    "sourceUri": "https://raw.githubusercontent.com/Azure/Avere/main/src/terraform/examples/e2e/2.Image.Builder/customize.sh",
-                    "destination": "/tmp/customize.sh"
-                  },
-                  {
-                    "type": "File",
-                    "sourceUri": "https://raw.githubusercontent.com/Azure/Avere/main/src/terraform/examples/e2e/2.Image.Builder/terminate.sh",
-                    "destination": "/tmp/terminate.sh"
-                  },
-                  {
-                    "type": "Shell",
-                    "inline": [
-                      "[format('cat /tmp/customize.sh | tr -d \r | {0} /bin/bash', concat('buildConfigEncoded=', base64(string(union(parameters('imageTemplate').build, createObject('binStorage', parameters('binStorage')))))))]"
-                    ]
-                  }
-                ]
-              }
-            },
-            "GetCustomizeCommandsWindows": {
-              "parameters": [
-                {
-                  "name": "imageTemplate",
-                  "type": "object"
-                },
-                {
-                  "name": "binStorage",
-                  "type": "object"
-                }
-              ],
-              "output": {
-                "type": "array",
-                "value": [
-                  {
-                    "type": "PowerShell",
-                    "inline": [
-                      "[concat('Rename-Computer -NewName ', parameters('imageTemplate').name)]"
-                    ]
-                  },
-                  {
-                    "type": "WindowsRestart"
-                  },
-                  {
-                    "type": "File",
-                    "sourceUri": "https://raw.githubusercontent.com/Azure/Avere/main/src/terraform/examples/e2e/0.Global.Foundation/functions.ps1",
-                    "destination": "C:\\AzureData\\functions.ps1"
-                  },
-                  {
-                    "type": "File",
-                    "sourceUri": "https://raw.githubusercontent.com/Azure/Avere/main/src/terraform/examples/e2e/2.Image.Builder/customize.ps1",
-                    "destination": "C:\\AzureData\\customize.ps1"
-                  },
-                  {
-                    "type": "File",
-                    "sourceUri": "https://raw.githubusercontent.com/Azure/Avere/main/src/terraform/examples/e2e/2.Image.Builder/terminate.ps1",
-                    "destination": "C:\\AzureData\\terminate.ps1"
-                  },
-                  {
-                    "type": "PowerShell",
-                    "inline": [
-                      "[concat('C:\\AzureData\\customize.ps1 -buildConfigEncoded ', base64(string(union(parameters('imageTemplate').build, createObject('binStorage', parameters('binStorage'))))))]"
-                    ],
-                    "runElevated": "[if(equals(parameters('imageTemplate').build.machineType, 'Scheduler'), true(), false())]"
-                  }
-                ]
-              }
-            }
-          }
-        }
-      ],
-      "resources": [
-        {
-          "type": "Microsoft.VirtualMachineImages/imageTemplates",
-          "name": "[parameters('imageTemplates')[copyIndex()].name]",
-          "apiVersion": "[variables('apiVersionImageBuilder')]",
-          "location": "[resourceGroup().location]",
-          "identity": {
-            "type": "UserAssigned",
-            "userAssignedIdentities": {
-              "[resourceId(parameters('managedIdentityResourceGroupName'), 'Microsoft.ManagedIdentity/userAssignedIdentities', parameters('managedIdentityName'))]": {
-              }
-            }
-          },
-          "properties": {
-            "vmProfile": {
-              "vmSize": "[parameters('imageTemplates')[copyIndex()].build.machineSize]",
-              "osDiskSizeGB": "[parameters('imageTemplates')[copyIndex()].build.osDiskSizeGB]"
-            },
-            "source": {
-              "type": "PlatformImage",
-              "publisher": "[reference(resourceId('Microsoft.Compute/galleries/images', parameters('computeGalleryName'), parameters('imageTemplates')[copyIndex()].image.definitionName), variables('apiVersionComputeGallery')).identifier.publisher]",
-              "offer": "[reference(resourceId('Microsoft.Compute/galleries/images', parameters('computeGalleryName'), parameters('imageTemplates')[copyIndex()].image.definitionName), variables('apiVersionComputeGallery')).identifier.offer]",
-              "sku": "[reference(resourceId('Microsoft.Compute/galleries/images', parameters('computeGalleryName'), parameters('imageTemplates')[copyIndex()].image.definitionName), variables('apiVersionComputeGallery')).identifier.sku]",
-              "version": "[parameters('imageTemplates')[copyIndex()].image.inputVersion]"
-            },
-            "customize": "[if(equals(reference(resourceId('Microsoft.Compute/galleries/images', parameters('computeGalleryName'), parameters('imageTemplates')[copyIndex()].image.definitionName), variables('apiVersionComputeGallery')).osType, 'Windows'), fx.GetCustomizeCommandsWindows(parameters('imageTemplates')[copyIndex()], parameters('binStorage')), fx.GetCustomizeCommandsLinux(parameters('imageTemplates')[copyIndex()], parameters('binStorage')))]",
-            "buildTimeoutInMinutes": "[parameters('imageTemplates')[copyIndex()].build.timeoutMinutes]",
-            "distribute": [
-              {
-                "type": "SharedImage",
-                "runOutputName": "[concat(parameters('imageTemplates')[copyIndex()].name, '-', parameters('imageTemplates')[copyIndex()].build.outputVersion)]",
-                "galleryImageId": "[resourceId('Microsoft.Compute/galleries/images/versions', parameters('computeGalleryName'), parameters('imageTemplates')[copyIndex()].image.definitionName, parameters('imageTemplates')[copyIndex()].build.outputVersion)]",
-                "replicationRegions": "[parameters('regionNames')]",
-                "artifactTags": {
-                  "imageTemplateName": "[parameters('imageTemplates')[copyIndex()].name]"
-                }
-              }
-            ]
-          },
-          "copy": {
-            "name": "imageTemplates",
-            "count": "[length(parameters('imageTemplates'))]"
-          }
-        }
-      ],
-      "outputs": {
-      }
-    }
-  TEMPLATE
   depends_on = [
-    azurerm_shared_image.definitions
+    azurerm_role_assignment.managed_identity_operator,
+    azurerm_role_assignment.contributor
   ]
-  lifecycle {
-    ignore_changes = all
-  }
 }
 
 output "imageTemplates" {

src/terraform/examples/e2e/2.Image.Builder/main.tf

@@ -5,6 +5,10 @@ terraform {
       source  = "hashicorp/azurerm"
       version = "~>3.73.0"
     }
+    azapi = {
+      source = "azure/azapi"
+      version = "~>1.9.0"
+    }
   }
   backend "azurerm" {
     key = "2.Image.Builder"
@@ -16,9 +20,6 @@ provider "azurerm" {
     resource_group {
       prevent_deletion_if_contains_resources = false
     }
-    template_deployment {
-      delete_nested_items_during_deletion = true
-    }
   }
 }
 

src/terraform/examples/e2e/2.Image.Builder/terminate.ps1

@@ -1,5 +1,3 @@
-$ErrorActionPreference = "Stop"
-
 $scheduledEvents = (Invoke-RestMethod -Headers @{"Metadata"="true"} -Uri "http://169.254.169.254/metadata/scheduledevents?api-version=2020-07-01").Events
 foreach ($scheduledEvent in $scheduledEvents) {
   $eventType = $scheduledEvent.EventType

src/terraform/examples/e2e/2.Image.Builder/terminate.sh

@@ -1,4 +1,4 @@
-#!/bin/bash -ex
+#!/bin/bash -x
 
 scheduledEvents=$(curl -H Metadata:true "http://169.254.169.254/metadata/scheduledevents?api-version=2020-07-01" | jq -c .Events)
 for scheduledEvent in $(echo $scheduledEvents | jq -r '.[] | @base64'); do

src/terraform/examples/e2e/3.Storage/initialize.sh

@@ -1,4 +1,4 @@
-#!/bin/bash -ex
+#!/bin/bash -x
 
 cd ${binDirectory}
 

src/terraform/examples/e2e/3.Storage/terminate.sh

@@ -1,4 +1,4 @@
-#!/bin/bash -ex
+#!/bin/bash -x
 
 rootHost=${wekaClusterName}000000
 

src/terraform/examples/e2e/3.Storage/weka.tf

@@ -142,9 +142,9 @@ data "azurerm_virtual_machine_scale_set" "weka" {
 locals {
   wekaImage = merge(var.weka.machine.image, {
     plan = {
-      publisher = lower(var.weka.machine.image.plan.publisher != "" && try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.enablePlan, false) ? var.weka.machine.image.plan.publisher : try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.publisher, ""))
+      publisher = lower(var.weka.machine.image.plan.publisher != "" && try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.enablePlan, false) ? var.weka.machine.image.plan.publisher : try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.publisher, ""))
-      product   = lower(var.weka.machine.image.plan.product != "" && try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.enablePlan, false) ? var.weka.machine.image.plan.product : try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.offer, ""))
+      product   = lower(var.weka.machine.image.plan.product != "" && try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.enablePlan, false) ? var.weka.machine.image.plan.product : try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.offer, ""))
-      name      = lower(var.weka.machine.image.plan.name != "" && try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.enablePlan, false) ? var.weka.machine.image.plan.name : try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.sku, ""))
+      name      = lower(var.weka.machine.image.plan.name != "" && try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.enablePlan, false) ? var.weka.machine.image.plan.name : try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.sku, ""))
     }
   })
   wekaObjectTier = merge(var.weka.objectTier, {

src/terraform/examples/e2e/5.Render.Manager/config.auto.tfvars

@@ -6,7 +6,8 @@ resourceGroupName = "ArtistAnywhere.Scheduler" # Alphanumeric, underscores, hyph
 
 virtualMachines = [
   {
-    name = "LnxScheduler"
+    enable = false
+    name   = "LnxScheduler"
     machine = {
       size = "Standard_D8as_v5" # https://learn.microsoft.com/azure/virtual-machines/sizes
       image = {
@@ -38,32 +39,36 @@ virtualMachines = [
         disable = false
       }
     }
-    customExtension = {
+    extension = {
-      enable   = true
+      initialize = {
-      fileName = "initialize.sh"
+        enable   = true
-      parameters = {
+        fileName = "initialize.sh"
-        activeDirectory = {
+        parameters = {
-          domainName    = ""
+          activeDirectory = {
-          adminPassword = ""
+            enable        = false
-        }
+            domainName    = ""
-        autoScale = {
+            adminPassword = ""
-          enable                   = false
+          }
-          fileName                 = "scale.sh"
+          autoScale = {
-          resourceGroupName        = "ArtistAnywhere.Farm"
+            enable                   = false
-          scaleSetName             = "LnxFarmC"
+            fileName                 = "scale.sh"
-          scaleSetMachineCountMax  = 100
+            resourceGroupName        = "ArtistAnywhere.Farm"
-          jobWaitThresholdSeconds  = 300
+            scaleSetName             = "LnxFarmC"
-          workerIdleDeleteSeconds  = 600
+            scaleSetMachineCountMax  = 100
-          detectionIntervalSeconds = 60
+            jobWaitThresholdSeconds  = 300
+            workerIdleDeleteSeconds  = 600
+            detectionIntervalSeconds = 60
+          }
         }
       }
-    }
+      monitor = {
-    monitorExtension = {
+        enable = false
-      enable = false
+      }
     }
   },
   {
-    name = "" # "WinScheduler"
+    enable = false
+    name   = "WinScheduler"
     machine = {
        size = "Standard_D8as_v5" # https://learn.microsoft.com/azure/virtual-machines/sizes
        image = {
@@ -95,28 +100,31 @@ virtualMachines = [
         disable = false
       }
     }
-    customExtension = {
+    extension = {
-      enable   = true
+      initialize = {
-      fileName = "initialize.ps1"
+        enable   = true
-      parameters = {
+        fileName = "initialize.ps1"
-        activeDirectory = {
+        parameters = {
-          domainName    = "artist.studio"
+          activeDirectory = {
-          adminPassword = "P@ssword1234"
+            enable        = true
-        }
+            domainName    = "artist.studio"
-        autoScale = {
+            adminPassword = "P@ssword1234"
-          enable                   = false
+          }
-          fileName                 = "scale.ps1"
+          autoScale = {
-          resourceGroupName        = "ArtistAnywhere.Farm"
+            enable                   = false
-          scaleSetName             = "WinFarmC"
+            fileName                 = "scale.ps1"
-          scaleSetMachineCountMax  = 100
+            resourceGroupName        = "ArtistAnywhere.Farm"
-          jobWaitThresholdSeconds  = 300
+            scaleSetName             = "WinFarmC"
-          workerIdleDeleteSeconds  = 600
+            scaleSetMachineCountMax  = 100
-          detectionIntervalSeconds = 60
+            jobWaitThresholdSeconds  = 300
+            workerIdleDeleteSeconds  = 600
+            detectionIntervalSeconds = 60
+          }
         }
       }
-    }
+      monitor = {
-    monitorExtension = {
+        enable = false
-      enable = false
+      }
     }
   }
 ]

src/terraform/examples/e2e/5.Render.Manager/initialize.ps1

@@ -1,5 +1,3 @@
-$ErrorActionPreference = "Stop"
-
 $binDirectory = "C:\Users\Public\Downloads"
 Set-Location -Path $binDirectory
 
@@ -20,7 +18,7 @@ if ("${autoScale.enable}" -ne $false) {
 }
 Register-ScheduledTask -TaskName $taskName -Action $taskAction -Trigger $taskTrigger -Settings $taskSettings -User System -Force
 
-if ("${activeDirectory.domainName}" -ne "") {
+if ("${activeDirectory.enable}" -eq $true) {
   $securePassword = ConvertTo-SecureString ${activeDirectory.adminPassword} -AsPlainText -Force
   Install-ADDSForest -DomainName "${activeDirectory.domainName}" -SafeModeAdministratorPassword $securePassword -InstallDns -Force
 }

src/terraform/examples/e2e/5.Render.Manager/initialize.sh

@@ -1,4 +1,4 @@
-#!/bin/bash -ex
+#!/bin/bash -x
 
 source /etc/profile.d/aaa.sh
 

src/terraform/examples/e2e/5.Render.Manager/main.tf

@@ -142,12 +142,15 @@ resource "azurerm_resource_group" "scheduler" {
 }
 
 resource "azurerm_private_dns_a_record" "scheduler" {
+  for_each = {
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable
+  }
   name                = var.privateDns.aRecordName
   resource_group_name = data.azurerm_private_dns_zone.network.resource_group_name
   zone_name           = data.azurerm_private_dns_zone.network.name
   ttl                 = var.privateDns.ttlSeconds
   records = [
-    azurerm_network_interface.scheduler[local.virtualMachineNames[0]].private_ip_address
+    azurerm_network_interface.scheduler[each.value.name].private_ip_address
   ]
 }
 

src/terraform/examples/e2e/5.Render.Manager/scale.ps1

@@ -6,8 +6,6 @@ param (
   [int] $workerIdleDeleteSeconds
 )
 
-$ErrorActionPreference = "Stop"
-
 az login --identity
 
 $queuedTasks = 0

src/terraform/examples/e2e/5.Render.Manager/scale.sh

@@ -1,4 +1,4 @@
-#!/bin/bash -ex
+#!/bin/bash -x
 
 az login --identity
 

src/terraform/examples/e2e/5.Render.Manager/vm.tf

@@ -5,7 +5,8 @@
 variable "virtualMachines" {
   type = list(object(
     {
-      name = string
+      enable = bool
+      name   = string
       machine = object(
         {
           size = string
@@ -53,37 +54,42 @@ variable "virtualMachines" {
           )
         }
       )
-      customExtension = object(
+      extension = object(
         {
-          enable   = bool
+          initialize = object(
-          fileName = string
-          parameters = object(
             {
-              activeDirectory = object(
+              enable   = bool
+              fileName = string
+              parameters = object(
                 {
-                  domainName    = string
+                  activeDirectory = object(
-                  adminPassword = string
+                    {
-                }
+                      enable        = bool
-              )
+                      domainName    = string
-              autoScale = object(
+                      adminPassword = string
-                {
+                    }
-                  enable                   = bool
+                  )
-                  fileName                 = string
+                  autoScale = object(
-                  resourceGroupName        = string
+                    {
-                  scaleSetName             = string
+                      enable                   = bool
-                  scaleSetMachineCountMax  = number
+                      fileName                 = string
-                  jobWaitThresholdSeconds  = number
+                      resourceGroupName        = string
-                  workerIdleDeleteSeconds  = number
+                      scaleSetName             = string
-                  detectionIntervalSeconds = number
+                      scaleSetMachineCountMax  = number
+                      jobWaitThresholdSeconds  = number
+                      workerIdleDeleteSeconds  = number
+                      detectionIntervalSeconds = number
+                    }
+                  )
                 }
               )
             }
           )
-        }
+          monitor = object(
-      )
+            {
-      monitorExtension = object(
+              enable = bool
-        {
+            }
-          enable = bool
+          )
         }
       )
     }
@@ -98,22 +104,19 @@ locals {
         image = {
           id = virtualMachine.machine.image.id
           plan = {
-            publisher = lower(virtualMachine.machine.image.plan.publisher != "" && try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.enablePlan, false) ? virtualMachine.machine.image.plan.publisher : try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.publisher, ""))
+            publisher = lower(virtualMachine.machine.image.plan.publisher != "" && try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.enablePlan, false) ? virtualMachine.machine.image.plan.publisher : try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.publisher, ""))
-            product   = lower(virtualMachine.machine.image.plan.product != "" && try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.enablePlan, false) ? virtualMachine.machine.image.plan.product : try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.offer, ""))
+            product   = lower(virtualMachine.machine.image.plan.product != "" && try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.enablePlan, false) ? virtualMachine.machine.image.plan.product : try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.offer, ""))
-            name      = lower(virtualMachine.machine.image.plan.name != "" && try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.enablePlan, false) ? virtualMachine.machine.image.plan.name : try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.sku, ""))
+            name      = lower(virtualMachine.machine.image.plan.name != "" && try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.enablePlan, false) ? virtualMachine.machine.image.plan.name : try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.sku, ""))
           }
         }
       }
-    }) if virtualMachine.name != "" && virtualMachine.operatingSystem.type == "Linux"
+    }) if virtualMachine.enable && virtualMachine.operatingSystem.type == "Linux"
-  ]
-  virtualMachineNames = [
-    for virtualMachine in var.virtualMachines : virtualMachine.name if virtualMachine.name != ""
   ]
 }
 
 resource "azurerm_network_interface" "scheduler" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.name != ""
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable
   }
   name                = each.value.name
   resource_group_name = azurerm_resource_group.scheduler.name
@@ -140,7 +143,7 @@ resource "azurerm_linux_virtual_machine" "scheduler" {
   admin_password                  = module.global.keyVault.name != "" ? data.azurerm_key_vault_secret.admin_password[0].value : each.value.adminLogin.userPassword
   disable_password_authentication = each.value.adminLogin.passwordAuth.disable
   custom_data = base64encode(
-    templatefile(each.value.customExtension.parameters.autoScale.fileName, merge(each.value.customExtension.parameters, {}))
+    templatefile(each.value.extension.initialize.parameters.autoScale.fileName, merge(each.value.extension.initialize.parameters, {}))
   )
   network_interface_ids = [
     "${azurerm_resource_group.scheduler.id}/providers/Microsoft.Network/networkInterfaces/${each.value.name}"
@@ -178,7 +181,7 @@ resource "azurerm_linux_virtual_machine" "scheduler" {
 
 resource "azurerm_virtual_machine_extension" "initialize_linux" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.name != "" && virtualMachine.customExtension.enable && virtualMachine.operatingSystem.type == "Linux"
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable && virtualMachine.extension.initialize.enable && virtualMachine.operatingSystem.type == "Linux"
   }
   name                       = "Initialize"
   type                       = "CustomScript"
@@ -188,7 +191,7 @@ resource "azurerm_virtual_machine_extension" "initialize_linux" {
   virtual_machine_id         = "${azurerm_resource_group.scheduler.id}/providers/Microsoft.Compute/virtualMachines/${each.value.name}"
   settings = jsonencode({
     script: "${base64encode(
-      templatefile(each.value.customExtension.fileName, merge(each.value.customExtension.parameters, {}))
+      templatefile(each.value.extension.initialize.fileName, merge(each.value.extension.initialize.parameters, {}))
     )}"
   })
   depends_on = [
@@ -198,7 +201,7 @@ resource "azurerm_virtual_machine_extension" "initialize_linux" {
 
 resource "azurerm_virtual_machine_extension" "monitor_linux" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.name != "" && virtualMachine.monitorExtension.enable && virtualMachine.operatingSystem.type == "Linux" && module.global.monitor.name != ""
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable && virtualMachine.extension.monitor.enable && virtualMachine.operatingSystem.type == "Linux" && module.global.monitor.name != ""
   }
   name                       = "Monitor"
   type                       = "AzureMonitorLinuxAgent"
@@ -219,7 +222,7 @@ resource "azurerm_virtual_machine_extension" "monitor_linux" {
 
 resource "azurerm_windows_virtual_machine" "scheduler" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.name != "" && virtualMachine.operatingSystem.type == "Windows"
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable && virtualMachine.operatingSystem.type == "Windows"
   }
   name                = each.value.name
   resource_group_name = azurerm_resource_group.scheduler.name
@@ -229,7 +232,7 @@ resource "azurerm_windows_virtual_machine" "scheduler" {
   admin_username      = module.global.keyVault.name != "" ? data.azurerm_key_vault_secret.admin_username[0].value : each.value.adminLogin.userName
   admin_password      = module.global.keyVault.name != "" ? data.azurerm_key_vault_secret.admin_password[0].value : each.value.adminLogin.userPassword
   custom_data = base64encode(
-    templatefile(each.value.customExtension.parameters.autoScale.fileName, merge(each.value.customExtension.parameters, {}))
+    templatefile(each.value.extension.initialize.parameters.autoScale.fileName, merge(each.value.extension.initialize.parameters, {}))
   )
   network_interface_ids = [
     "${azurerm_resource_group.scheduler.id}/providers/Microsoft.Network/networkInterfaces/${each.value.name}"
@@ -252,7 +255,7 @@ resource "azurerm_windows_virtual_machine" "scheduler" {
 
 resource "azurerm_virtual_machine_extension" "initialize_windows" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.name != "" && virtualMachine.customExtension.enable && virtualMachine.operatingSystem.type == "Windows"
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable && virtualMachine.extension.initialize.enable && virtualMachine.operatingSystem.type == "Windows"
   }
   name                       = "Initialize"
   type                       = "CustomScriptExtension"
@@ -262,7 +265,7 @@ resource "azurerm_virtual_machine_extension" "initialize_windows" {
   virtual_machine_id         = "${azurerm_resource_group.scheduler.id}/providers/Microsoft.Compute/virtualMachines/${each.value.name}"
   settings = jsonencode({
     commandToExecute = "PowerShell -ExecutionPolicy Unrestricted -EncodedCommand ${textencodebase64(
-      templatefile(each.value.customExtension.fileName, merge(each.value.customExtension.parameters, {})), "UTF-16LE"
+      templatefile(each.value.extension.initialize.fileName, merge(each.value.extension.initialize.parameters, {})), "UTF-16LE"
     )}"
   })
   depends_on = [
@@ -272,7 +275,7 @@ resource "azurerm_virtual_machine_extension" "initialize_windows" {
 
 resource "azurerm_virtual_machine_extension" "monitor_windows" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.name != "" && virtualMachine.monitorExtension.enable && virtualMachine.operatingSystem.type == "Windows" && module.global.monitor.name != ""
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable && virtualMachine.extension.monitor.enable && virtualMachine.operatingSystem.type == "Windows" && module.global.monitor.name != ""
   }
   name                       = "Monitor"
   type                       = "AzureMonitorWindowsAgent"

src/terraform/examples/e2e/6.Render.Farm/batch.tf

@@ -41,16 +41,16 @@ variable "batch" {
               maxConcurrentTasks = number
             }
           )
-          fillMode = object(
-            {
-              nodePack = bool
-            }
-          )
           spot = object(
             {
               enable = bool
             }
           )
+          fillMode = object(
+            {
+              nodePack = bool
+            }
+          )
         }
       ))
     }
@@ -183,14 +183,14 @@ resource "azurerm_batch_pool" "farm" {
   network_configuration {
     subnet_id = data.azurerm_subnet.farm.id
   }
-  task_scheduling_policy {
-    node_fill_type = each.value.fillMode.nodePack ? "Pack" : "Spread"
-  }
   fixed_scale {
     target_dedicated_nodes    = each.value.spot.enable ? 0 : each.value.node.machine.count
     target_low_priority_nodes = each.value.spot.enable ? each.value.node.machine.count : 0
     node_deallocation_method  = each.value.node.deallocationMode
   }
+  task_scheduling_policy {
+    node_fill_type = each.value.fillMode.nodePack ? "Pack" : "Spread"
+  }
 }
 
 output "batchAccountEndpoint" {

src/terraform/examples/e2e/6.Render.Farm/config.auto.tfvars

@@ -6,7 +6,8 @@ resourceGroupName = "ArtistAnywhere.Farm" # Alphanumeric, underscores, hyphens,
 
 virtualMachineScaleSets = [
   {
-    name = "LnxFarmC"
+    enable = false
+    name   = "LnxFarmC"
     machine = {
       size  = "Standard_HB120rs_v3"
       count = 2
@@ -19,6 +20,10 @@ virtualMachineScaleSets = [
         }
       }
     }
+    spot = {
+      enable         = true     # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot
+      evictionPolicy = "Delete" # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot#eviction-policy
+    }
     network = {
       enableAcceleration = true
     }
@@ -42,60 +47,61 @@ virtualMachineScaleSets = [
         disable = false
       }
     }
-    customExtension = {
+    extension = {
-      enable   = true
+      initialize = {
-      fileName = "initialize.sh"
+        enable   = true
-      parameters = {
+        fileName = "initialize.sh"
-        activeDirectory = {
+        parameters = {
-          domainName    = ""
+          fileSystemMounts = [
-          serverName    = ""
+            {
-          adminUsername = ""
+              enable = false # Storage Read
-          adminPassword = ""
+              mount  = "data.artist.studio/default /mnt/data/read wekafs net=udp 0 0"
-        }
+            },
-        fileSystemMounts = [
+            {
-          {
+              enable = false # Storage Read Cache
-            enable = false # Storage Read
+              mount  = "cache.artist.studio:/mnt/data /mnt/data/read nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
-            mount  = "data.artist.studio/default /mnt/data/read wekafs net=udp 0 0"
+            },
-          },
+            {
-          {
+              enable = false # Storage Write
-            enable = false # Storage Read Cache
+              mount  = "data.artist.studio/default /mnt/data/write wekafs net=udp 0 0"
-            mount  = "cache.artist.studio:/mnt/data /mnt/data/read nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
+            },
-          },
+            {
-          {
+              enable = false # Storage Write Cache
-            enable = false # Storage Write
+              mount  = "cache.artist.studio:/mnt/data /mnt/data/write nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
-            mount  = "data.artist.studio/default /mnt/data/write wekafs net=udp 0 0"
+            },
-          },
+            {
-          {
+              enable = true # Scheduler Deadline
-            enable = false # Storage Write Cache
+              mount  = "scheduler.artist.studio:/Deadline /DeadlineServer nfs defaults 0 0"
-            mount  = "cache.artist.studio:/mnt/data /mnt/data/write nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
+            }
-          },
+          ]
-          {
+          activeDirectory = {
-            enable = true # Scheduler Deadline
+            enable        = false
-            mount  = "scheduler.artist.studio:/Deadline /DeadlineServer nfs defaults 0 0"
+            domainName    = ""
+            serverName    = ""
+            orgUnitPath   = ""
+            adminUsername = ""
+            adminPassword = ""
+          }
+          terminateNotification = { # https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-terminate-notification
+            enable       = true
+            delayTimeout = "PT5M"
           }
-        ]
-        terminateNotification = { # https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-terminate-notification
-          enable       = true
-          delayTimeout = "PT5M"
         }
       }
-    }
+      health = {
-    healthExtension = {
+        enable      = true
-      enable      = true
+        protocol    = "tcp"
-      protocol    = "tcp"
+        port        = 111
-      port        = 111
+        requestPath = ""
-      requestPath = ""
+      }
-    }
+      monitor = {
-    monitorExtension = {
+        enable = false
-      enable = false
+      }
-    }
-    spot = {
-      enable         = true     # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot
-      evictionPolicy = "Delete" # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot#eviction-policy
     }
   },
   {
-    name = "" # "LnxFarmG"
+    enable = false
+    name   = "LnxFarmG"
     machine = {
       size  = "Standard_NV36ads_A10_v5"
       count = 2
@@ -108,6 +114,10 @@ virtualMachineScaleSets = [
         }
       }
     }
+    spot = {
+      enable         = true     # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot
+      evictionPolicy = "Delete" # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot#eviction-policy
+    }
     network = {
       enableAcceleration = true
     }
@@ -131,60 +141,61 @@ virtualMachineScaleSets = [
         disable = false
       }
     }
-    customExtension = {
+    extension = {
-      enable   = true
+      initialize = {
-      fileName = "initialize.sh"
+        enable   = true
-      parameters = {
+        fileName = "initialize.sh"
-        activeDirectory = {
+        parameters = {
-          domainName    = ""
+          fileSystemMounts = [
-          serverName    = ""
+            {
-          adminUsername = ""
+              enable = false # Storage Read
-          adminPassword = ""
+              mount  = "data.artist.studio/default /mnt/data/read wekafs net=udp 0 0"
-        }
+            },
-        fileSystemMounts = [
+            {
-          {
+              enable = false # Storage Read Cache
-            enable = false # Storage Read
+              mount  = "cache.artist.studio:/mnt/data /mnt/data/read nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
-            mount  = "data.artist.studio/default /mnt/data/read wekafs net=udp 0 0"
+            },
-          },
+            {
-          {
+              enable = false # Storage Write
-            enable = false # Storage Read Cache
+              mount  = "data.artist.studio/default /mnt/data/write wekafs net=udp 0 0"
-            mount  = "cache.artist.studio:/mnt/data /mnt/data/read nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
+            },
-          },
+            {
-          {
+              enable = false # Storage Write Cache
-            enable = false # Storage Write
+              mount  = "cache.artist.studio:/mnt/data /mnt/data/write nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
-            mount  = "data.artist.studio/default /mnt/data/write wekafs net=udp 0 0"
+            },
-          },
+            {
-          {
+              enable = true # Scheduler Deadline
-            enable = false # Storage Write Cache
+              mount  = "scheduler.artist.studio:/Deadline /DeadlineServer nfs defaults 0 0"
-            mount  = "cache.artist.studio:/mnt/data /mnt/data/write nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
+            }
-          },
+          ]
-          {
+          activeDirectory = {
-            enable = true # Scheduler Deadline
+            enable        = false
-            mount  = "scheduler.artist.studio:/Deadline /DeadlineServer nfs defaults 0 0"
+            domainName    = ""
+            serverName    = ""
+            orgUnitPath   = ""
+            adminUsername = ""
+            adminPassword = ""
+          }
+          terminateNotification = { # https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-terminate-notification
+            enable       = true
+            delayTimeout = "PT5M"
           }
-        ]
-        terminateNotification = { # https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-terminate-notification
-          enable       = true
-          delayTimeout = "PT5M"
         }
       }
-    }
+      health = {
-    healthExtension = {
+        enable      = true
-      enable      = true
+        protocol    = "tcp"
-      protocol    = "tcp"
+        port        = 111
-      port        = 111
+        requestPath = ""
-      requestPath = ""
+      }
-    }
+      monitor = {
-    monitorExtension = {
+        enable = false
-      enable = false
+      }
-    }
-    spot = {
-      enable         = true     # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot
-      evictionPolicy = "Delete" # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot#eviction-policy
     }
   },
   {
-    name = "" # "WinFarmC"
+    enable = false
+    name   = "WinFarmC"
     machine = {
       size  = "Standard_HB120rs_v3"
       count = 2
@@ -197,6 +208,10 @@ virtualMachineScaleSets = [
         }
       }
     }
+    spot = {
+      enable         = true     # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot
+      evictionPolicy = "Delete" # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot#eviction-policy
+    }
     network = {
       enableAcceleration = true
     }
@@ -220,60 +235,61 @@ virtualMachineScaleSets = [
         disable = false
       }
     }
-    customExtension = {
+    extension = {
-      enable   = true
+      initialize = {
-      fileName = "initialize.ps1"
+        enable   = true
-      parameters = {
+        fileName = "initialize.ps1"
-        activeDirectory = {
+        parameters = {
-          domainName    = "artist.studio"
+          fileSystemMounts = [
-          serverName    = "WinScheduler"
+            {
-          adminUsername = "azadmin"
+              enable = false # Storage Read
-          adminPassword = "P@ssword1234"
+              mount  = "mount -o anon \\\\data.artist.studio\\default R:"
-        }
+            },
-        fileSystemMounts = [
+            {
-          {
+              enable = false # Storage Read Cache
-            enable = false # Storage Read
+              mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data R:"
-            mount  = "mount -o anon \\\\data.artist.studio\\default R:"
+            },
-          },
+            {
-          {
+              enable = false # Storage Write
-            enable = false # Storage Read Cache
+              mount  = "mount -o anon \\\\data.artist.studio\\default W:"
-            mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data R:"
+            },
-          },
+            {
-          {
+              enable = false # Storage Write Cache
-            enable = false # Storage Write
+              mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data W:"
-            mount  = "mount -o anon \\\\data.artist.studio\\default W:"
+            },
-          },
+            {
-          {
+              enable = true # Scheduler Deadline
-            enable = false # Storage Write Cache
+              mount  = "mount -o anon \\\\scheduler.artist.studio\\Deadline S:"
-            mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data W:"
+            }
-          },
+          ]
-          {
+          activeDirectory = {
-            enable = true # Scheduler Deadline
+            enable        = true
-            mount  = "mount -o anon \\\\scheduler.artist.studio\\Deadline S:"
+            domainName    = "artist.studio"
+            serverName    = "WinScheduler"
+            orgUnitPath   = ""
+            adminUsername = "azadmin"
+            adminPassword = "P@ssword1234"
+          }
+          terminateNotification = { # https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-terminate-notification
+            enable       = true
+            delayTimeout = "PT5M"
           }
-        ]
-        terminateNotification = { # https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-terminate-notification
-          enable       = true
-          delayTimeout = "PT5M"
         }
       }
-    }
+      health = {
-    healthExtension = {
+        enable      = true
-      enable      = true
+        protocol    = "tcp"
-      protocol    = "tcp"
+        port        = 445
-      port        = 445
+        requestPath = ""
-      requestPath = ""
+      }
-    }
+      monitor = {
-    monitorExtension = {
+        enable = false
-      enable = false
+      }
-    }
-    spot = {
-      enable         = true     # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot
-      evictionPolicy = "Delete" # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot#eviction-policy
     }
   },
   {
-    name = "" # "WinFarmG"
+    enable = false
+    name   = "WinFarmG"
     machine = {
       size  = "Standard_NV36ads_A10_v5"
       count = 2
@@ -286,6 +302,10 @@ virtualMachineScaleSets = [
         }
       }
     }
+    spot = {
+      enable         = true     # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot
+      evictionPolicy = "Delete" # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot#eviction-policy
+    }
     network = {
       enableAcceleration = true
     }
@@ -309,56 +329,56 @@ virtualMachineScaleSets = [
         disable = false
       }
     }
-    customExtension = {
+    extension = {
-      enable   = true
+      initialize = {
-      fileName = "initialize.ps1"
+        enable   = true
-      parameters = {
+        fileName = "initialize.ps1"
-        activeDirectory = {
+        parameters = {
-          domainName    = "artist.studio"
+          fileSystemMounts = [
-          serverName    = "WinScheduler"
+            {
-          adminUsername = "azadmin"
+              enable = false # Storage Read
-          adminPassword = "P@ssword1234"
+              mount  = "mount -o anon \\\\data.artist.studio\\default R:"
-        }
+            },
-        fileSystemMounts = [
+            {
-          {
+              enable = false # Storage Read Cache
-            enable = false # Storage Read
+              mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data R:"
-            mount  = "mount -o anon \\\\data.artist.studio\\default R:"
+            },
-          },
+            {
-          {
+              enable = false # Storage Write
-            enable = false # Storage Read Cache
+              mount  = "mount -o anon \\\\data.artist.studio\\default W:"
-            mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data R:"
+            },
-          },
+            {
-          {
+              enable = false # Storage Write Cache
-            enable = false # Storage Write
+              mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data W:"
-            mount  = "mount -o anon \\\\data.artist.studio\\default W:"
+            },
-          },
+            {
-          {
+              enable = true # Scheduler Deadline
-            enable = false # Storage Write Cache
+              mount  = "mount -o anon \\\\scheduler.artist.studio\\Deadline S:"
-            mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data W:"
+            }
-          },
+          ]
-          {
+          activeDirectory = {
-            enable = true # Scheduler Deadline
+            enable        = true
-            mount  = "mount -o anon \\\\scheduler.artist.studio\\Deadline S:"
+            domainName    = "artist.studio"
+            serverName    = "WinScheduler"
+            orgUnitPath   = ""
+            adminUsername = "azadmin"
+            adminPassword = "P@ssword1234"
+          }
+          terminateNotification = { # https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-terminate-notification
+            enable       = true
+            delayTimeout = "PT5M"
           }
-        ]
-        terminateNotification = { # https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-terminate-notification
-          enable       = true
-          delayTimeout = "PT5M"
         }
       }
-    }
+      health = {
-    healthExtension = {
+        enable      = true
-      enable      = true
+        protocol    = "tcp"
-      protocol    = "tcp"
+        port        = 445
-      port        = 445
+        requestPath = ""
-      requestPath = ""
+      }
-    }
+      monitor = {
-    monitorExtension = {
+        enable = false
-      enable = false
+      }
-    }
-    spot = {
-      enable         = true     # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot
-      evictionPolicy = "Delete" # https://learn.microsoft.com/azure/virtual-machine-scale-sets/use-spot#eviction-policy
     }
   }
 ]
@@ -377,7 +397,7 @@ batch = {
       displayName = "Linux Render Farm (CPU)"
       node = {
         image = {
-          id      = "/subscriptions/5cc0d8f1-3643-410c-8646-1a2961134bd3/resourceGroups/ArtistAnywhere.Image/providers/Microsoft.Compute/galleries/azstudio/images/Linux/versions/2.0.1"
+          id      = "/subscriptions/5cc0d8f1-3643-410c-8646-1a2961134bd3/resourceGroups/ArtistAnywhere.Image/providers/Microsoft.Compute/galleries/azstudio/images/Linux/versions/2.0.0"
           agentId = "batch.node.el 9"
         }
         machine = {
@@ -386,18 +406,18 @@ batch = {
         }
         osDisk = {
           ephemeral = {
-            enable = true
+            enable = true # https://learn.microsoft.com/azure/batch/create-pool-ephemeral-os-disk
           }
         }
         deallocationMode   = "Terminate"
         maxConcurrentTasks = 1
       }
+      spot = {
+        enable = true # https://learn.microsoft.com/azure/batch/batch-spot-vms
+      }
       fillMode = {
         nodePack = false
       }
-      spot = {
-        enable = true
-      }
     }
   ]
 }

src/terraform/examples/e2e/6.Render.Farm/initialize.ps1

@@ -1,5 +1,3 @@
-$ErrorActionPreference = "Stop"
-
 $binDirectory = "C:\Users\Public\Downloads"
 Set-Location -Path $binDirectory
 
@@ -7,10 +5,6 @@ $scriptFile = "C:\AzureData\functions.ps1"
 Copy-Item -Path "C:\AzureData\CustomData.bin" -Destination $scriptFile
 . $scriptFile
 
-if ("${activeDirectory.domainName}" -ne "") {
-  JoinActiveDirectory "${activeDirectory.domainName}" "${activeDirectory.serverName}" "${activeDirectory.adminUsername}" "${activeDirectory.adminPassword}"
-}
-
 $fileSystemMounts = ConvertFrom-Json -InputObject '${jsonencode(fileSystemMounts)}'
 foreach ($fileSystemMount in $fileSystemMounts) {
   if ($fileSystemMount.enable -eq $true) {
@@ -29,6 +23,8 @@ if ("${terminateNotification.enable}" -eq $true) {
   Register-ScheduledTask -TaskName $taskName -Action $taskAction -Trigger $taskTrigger -User System -Force
 }
 
-if ("${activeDirectory.domainName}" -ne "") {
+if ("${activeDirectory.enable}" -eq $true) {
-  Restart-Computer -Force
+  # Retry 5 10 {
+    JoinActiveDirectory ${activeDirectory.domainName} ${activeDirectory.serverName} "${activeDirectory.orgUnitPath}" ${activeDirectory.adminUsername} ${activeDirectory.adminPassword}
+  # }
 }

src/terraform/examples/e2e/6.Render.Farm/initialize.sh

@@ -1,4 +1,4 @@
-#!/bin/bash -ex
+#!/bin/bash -x
 
 source /etc/profile.d/aaa.sh
 

src/terraform/examples/e2e/6.Render.Farm/vmss.tf

@@ -5,7 +5,8 @@
 variable "virtualMachineScaleSets" {
   type = list(object(
     {
-      name = string
+      enable = bool
+      name   = string
       machine = object(
         {
           size  = string
@@ -24,6 +25,12 @@ variable "virtualMachineScaleSets" {
           )
         }
       )
+      spot = object(
+        {
+          enable         = bool
+          evictionPolicy = string
+        }
+      )
       network = object(
         {
           enableAcceleration = bool
@@ -59,53 +66,53 @@ variable "virtualMachineScaleSets" {
           )
         }
       )
-      customExtension = object(
+      extension = object(
         {
-          enable   = bool
+          initialize = object(
-          fileName = string
-          parameters = object(
             {
-              activeDirectory = object(
+              enable   = bool
+              fileName = string
+              parameters = object(
                 {
-                  domainName    = string
+                  fileSystemMounts = list(object(
-                  serverName    = string
+                    {
-                  adminUsername = string
+                      enable = bool
-                  adminPassword = string
+                      mount  = string
-                }
+                    }
-              )
+                  ))
-              fileSystemMounts = list(object(
+                  activeDirectory = object(
-                {
+                    {
-                  enable = bool
+                      enable        = bool
-                  mount  = string
+                      domainName    = string
-                }
+                      serverName    = string
-              ))
+                      orgUnitPath   = string
-              terminateNotification = object(
+                      adminUsername = string
-                {
+                      adminPassword = string
-                  enable       = bool
+                    }
-                  delayTimeout = string
+                  )
+                  terminateNotification = object(
+                    {
+                      enable       = bool
+                      delayTimeout = string
+                    }
+                  )
                 }
               )
             }
           )
-        }
+          health = object (
-      )
+            {
-      healthExtension = object(
+              enable      = bool
-        {
+              protocol    = string
-          enable      = bool
+              port        = number
-          protocol    = string
+              requestPath = string
-          port        = number
+            }
-          requestPath = string
+          )
-        }
+          monitor = object (
-      )
+            {
-      monitorExtension = object(
+              enable = bool
-        {
+            }
-          enable = bool
+          )
-        }
-      )
-      spot = object(
-        {
-          enable         = bool
-          evictionPolicy = string
         }
       )
     }
@@ -121,13 +128,13 @@ locals {
         image = {
           id = virtualMachineScaleSet.machine.image.id
           plan = {
-            publisher = lower(virtualMachineScaleSet.machine.image.plan.publisher != "" && try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.enablePlan, false) ? virtualMachineScaleSet.machine.image.plan.publisher : try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.publisher, ""))
+            publisher = lower(virtualMachineScaleSet.machine.image.plan.publisher != "" && try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.enablePlan, false) ? virtualMachineScaleSet.machine.image.plan.publisher : try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.publisher, ""))
-            product   = lower(virtualMachineScaleSet.machine.image.plan.product != "" && try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.enablePlan, false) ? virtualMachineScaleSet.machine.image.plan.product : try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.offer, ""))
+            product   = lower(virtualMachineScaleSet.machine.image.plan.product != "" && try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.enablePlan, false) ? virtualMachineScaleSet.machine.image.plan.product : try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.offer, ""))
-            name      = lower(virtualMachineScaleSet.machine.image.plan.name != "" && try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.enablePlan, false) ? virtualMachineScaleSet.machine.image.plan.name : try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.sku, ""))
+            name      = lower(virtualMachineScaleSet.machine.image.plan.name != "" && try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.enablePlan, false) ? virtualMachineScaleSet.machine.image.plan.name : try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.sku, ""))
           }
         }
       }
-    }) if virtualMachineScaleSet.name != "" && virtualMachineScaleSet.operatingSystem.type == "Linux" && var.batch.account.name == ""
+    }) if virtualMachineScaleSet.enable && virtualMachineScaleSet.operatingSystem.type == "Linux" && var.batch.account.name == ""
   ]
 }
 
@@ -192,7 +199,7 @@ resource "azurerm_linux_virtual_machine_scale_set" "farm" {
     }
   }
   dynamic extension {
-    for_each = each.value.customExtension.enable ? [1] : []
+    for_each = each.value.extension.initialize.enable ? [1] : []
     content {
       name                       = "Initialize"
       type                       = "CustomScript"
@@ -201,13 +208,13 @@ resource "azurerm_linux_virtual_machine_scale_set" "farm" {
       auto_upgrade_minor_version = true
       settings = jsonencode({
         script: "${base64encode(
-          templatefile(each.value.customExtension.fileName, merge(each.value.customExtension.parameters, {}))
+          templatefile(each.value.extension.initialize.fileName, merge(each.value.extension.initialize.parameters, {}))
         )}"
       })
     }
   }
   dynamic extension {
-    for_each = each.value.healthExtension.enable ? [1] : []
+    for_each = each.value.extension.health.enable ? [1] : []
     content {
       name                       = "Health"
       type                       = "ApplicationHealthLinux"
@@ -215,14 +222,14 @@ resource "azurerm_linux_virtual_machine_scale_set" "farm" {
       type_handler_version       = "1.0"
       auto_upgrade_minor_version = true
       settings = jsonencode({
-        protocol    = each.value.healthExtension.protocol
+        protocol    = each.value.extension.health.protocol
-        port        = each.value.healthExtension.port
+        port        = each.value.extension.health.port
-        requestPath = each.value.healthExtension.requestPath
+        requestPath = each.value.extension.health.requestPath
       })
     }
   }
   dynamic extension {
-    for_each = each.value.monitorExtension.enable && module.global.monitor.name != "" ? [1] : []
+    for_each = each.value.extension.monitor.enable && module.global.monitor.name != "" ? [1] : []
     content {
       name                       = "Monitor"
       type                       = "AzureMonitorLinuxAgent"
@@ -238,17 +245,17 @@ resource "azurerm_linux_virtual_machine_scale_set" "farm" {
     }
   }
   dynamic termination_notification {
-    for_each = each.value.customExtension.parameters.terminateNotification.enable ? [1] : []
+    for_each = each.value.extension.initialize.parameters.terminateNotification.enable ? [1] : []
     content {
-      enabled = each.value.customExtension.parameters.terminateNotification.enable
+      enabled = each.value.extension.initialize.parameters.terminateNotification.enable
-      timeout = each.value.customExtension.parameters.terminateNotification.delayTimeout
+      timeout = each.value.extension.initialize.parameters.terminateNotification.delayTimeout
     }
   }
 }
 
 resource "azurerm_windows_virtual_machine_scale_set" "farm" {
   for_each = {
-    for virtualMachineScaleSet in var.virtualMachineScaleSets : virtualMachineScaleSet.name => virtualMachineScaleSet if virtualMachineScaleSet.name != "" && virtualMachineScaleSet.operatingSystem.type == "Windows" && var.batch.account.name == ""
+    for virtualMachineScaleSet in var.virtualMachineScaleSets : virtualMachineScaleSet.name => virtualMachineScaleSet if virtualMachineScaleSet.enable && virtualMachineScaleSet.operatingSystem.type == "Windows" && var.batch.account.name == ""
   }
   name                   = each.value.name
   resource_group_name    = azurerm_resource_group.farm.name
@@ -292,7 +299,7 @@ resource "azurerm_windows_virtual_machine_scale_set" "farm" {
     ]
   }
   dynamic extension {
-    for_each = each.value.customExtension.enable ? [1] : []
+    for_each = each.value.extension.initialize.enable ? [1] : []
     content {
       name                       = "Initialize"
       type                       = "CustomScriptExtension"
@@ -301,13 +308,13 @@ resource "azurerm_windows_virtual_machine_scale_set" "farm" {
       auto_upgrade_minor_version = true
       settings = jsonencode({
         commandToExecute = "PowerShell -ExecutionPolicy Unrestricted -EncodedCommand ${textencodebase64(
-          templatefile(each.value.customExtension.fileName, merge(each.value.customExtension.parameters, {})), "UTF-16LE"
+          templatefile(each.value.extension.initialize.fileName, merge(each.value.extension.initialize.parameters, {})), "UTF-16LE"
         )}"
       })
     }
   }
   dynamic extension {
-    for_each = each.value.healthExtension.enable ? [1] : []
+    for_each = each.value.extension.health.enable ? [1] : []
     content {
       name                       = "Health"
       type                       = "ApplicationHealthWindows"
@@ -315,14 +322,14 @@ resource "azurerm_windows_virtual_machine_scale_set" "farm" {
       type_handler_version       = "1.0"
       auto_upgrade_minor_version = true
       settings = jsonencode({
-        protocol    = each.value.healthExtension.protocol
+        protocol    = each.value.extension.health.protocol
-        port        = each.value.healthExtension.port
+        port        = each.value.extension.health.port
-        requestPath = each.value.healthExtension.requestPath
+        requestPath = each.value.extension.health.requestPath
       })
     }
   }
   dynamic extension {
-    for_each = each.value.monitorExtension.enable && module.global.monitor.name != "" ? [1] : []
+    for_each = each.value.extension.monitor.enable && module.global.monitor.name != "" ? [1] : []
     content {
       name                       = "Monitor"
       type                       = "AzureMonitorWindowsAgent"
@@ -338,10 +345,10 @@ resource "azurerm_windows_virtual_machine_scale_set" "farm" {
     }
   }
   dynamic termination_notification {
-    for_each = each.value.customExtension.parameters.terminateNotification.enable ? [1] : []
+    for_each = each.value.extension.initialize.parameters.terminateNotification.enable ? [1] : []
     content {
-      enabled = each.value.customExtension.parameters.terminateNotification.enable
+      enabled = each.value.extension.initialize.parameters.terminateNotification.enable
-      timeout = each.value.customExtension.parameters.terminateNotification.delayTimeout
+      timeout = each.value.extension.initialize.parameters.terminateNotification.delayTimeout
     }
   }
 }

src/terraform/examples/e2e/7.Artist.Workstation/config.auto.tfvars

@@ -6,7 +6,8 @@ resourceGroupName = "ArtistAnywhere.Workstation" # Alphanumeric, underscores, hy
 
 virtualMachines = [
   {
-    name = "LnxArtistNVIDIA"
+    enable = false
+    name   = "LnxArtistNVIDIA"
     machine = {
       size = "Standard_NV36ads_A10_v5" # https://learn.microsoft.com/azure/virtual-machines/sizes
       image = {
@@ -37,118 +38,128 @@ virtualMachines = [
         disable = false
       }
     }
-    customExtension = {
+    extension = {
-      enable   = true
+      initialize = {
-      fileName = "initialize.sh"
+        enable   = true
-      parameters = {
+        fileName = "initialize.sh"
-        activeDirectory = {
+        parameters = {
-          domainName    = ""
+          fileSystemMounts = [
-          serverName    = ""
+            {
-          adminUsername = ""
+              enable = false # Storage Read
-          adminPassword = ""
+              mount  = "data.artist.studio/default /mnt/data wekafs net=udp 0 0"
-        }
+            },
-        fileSystemMounts = [
+            {
-          {
+              enable = false # Storage Read Cache
-            enable = false # Storage Read
+              mount  = "cache.artist.studio:/mnt/data /mnt/data nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
-            mount  = "data.artist.studio/default /mnt/data wekafs net=udp 0 0"
+            },
-          },
+            {
-          {
+              enable = false # Storage Write
-            enable = false # Storage Read Cache
+              mount  = "data.artist.studio/default /mnt/data wekafs net=udp 0 0"
-            mount  = "cache.artist.studio:/mnt/data /mnt/data nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
+            },
-          },
+            {
-          {
+              enable = false # Storage Write Cache
-            enable = false # Storage Write
+              mount  = "cache.artist.studio:/mnt/data /mnt/data nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
-            mount  = "data.artist.studio/default /mnt/data wekafs net=udp 0 0"
+            },
-          },
+            {
-          {
+              enable = true # Scheduler Deadline
-            enable = false # Storage Write Cache
+              mount  = "scheduler.artist.studio:/Deadline /DeadlineServer nfs defaults 0 0"
-            mount  = "cache.artist.studio:/mnt/data /mnt/data nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
+            }
-          },
+          ]
-          {
+          pcoipLicenseKey = ""
-            enable = true # Scheduler Deadline
+          activeDirectory = {
-            mount  = "scheduler.artist.studio:/Deadline /DeadlineServer nfs defaults 0 0"
+            enable        = false
+            domainName    = ""
+            serverName    = ""
+            orgUnitPath   = ""
+            adminUsername = ""
+            adminPassword = ""
           }
-        ]
+        }
-        pcoipLicenseKey = ""
+      }
+      monitor = {
+        enable = false
       }
     }
-    monitorExtension = {
+  },
-      enable = false
+  {
+    enable = false
+    name   = "LnxArtistAMD"
+    machine = {
+      size = "Standard_NG32ads_V620_v1" # https://learn.microsoft.com/azure/virtual-machines/sizes
+      image = {
+        id = "/subscriptions/5cc0d8f1-3643-410c-8646-1a2961134bd3/resourceGroups/ArtistAnywhere.Image/providers/Microsoft.Compute/galleries/azstudio/images/Linux/versions/3.1.0"
+        plan = {
+          publisher = ""
+          product   = ""
+          name      = ""
+        }
+      }
+    }
+    network = {
+      enableAcceleration = true
+    }
+    operatingSystem = {
+      type = "Linux"
+      disk = {
+        storageType = "Premium_LRS"
+        cachingType = "ReadWrite"
+        sizeGB      = 0
+      }
+    }
+    adminLogin = {
+      userName     = "azadmin"
+      userPassword = "P@ssword1234"
+      sshPublicKey = "" # "ssh-rsa ..."
+      passwordAuth = {
+        disable = false
+      }
+    }
+    extension = {
+      initialize = {
+        enable   = true
+        fileName = "initialize.sh"
+        parameters = {
+          fileSystemMounts = [
+            {
+              enable = false # Storage Read
+              mount  = "data.artist.studio/default /mnt/data wekafs net=udp 0 0"
+            },
+            {
+              enable = false # Storage Read Cache
+              mount  = "cache.artist.studio:/mnt/data /mnt/data nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
+            },
+            {
+              enable = false # Storage Write
+              mount  = "data.artist.studio/default /mnt/data wekafs net=udp 0 0"
+            },
+            {
+              enable = false # Storage Write Cache
+              mount  = "cache.artist.studio:/mnt/data /mnt/data nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
+            },
+            {
+              enable = true # Scheduler Deadline
+              mount  = "scheduler.artist.studio:/Deadline /DeadlineServer nfs defaults 0 0"
+            }
+          ]
+          pcoipLicenseKey = ""
+          activeDirectory = {
+            enable        = false
+            domainName    = ""
+            serverName    = ""
+            orgUnitPath   = ""
+            adminUsername = ""
+            adminPassword = ""
+          }
+        }
+      }
+      monitor = {
+        enable = false
+      }
     }
   },
-  # {
-  #   name = "LnxArtistAMD"
-  #   machine = {
-  #     size = "Standard_NG32ads_V620_v1" # https://learn.microsoft.com/azure/virtual-machines/sizes
-  #     image = {
-  #       id = "/subscriptions/5cc0d8f1-3643-410c-8646-1a2961134bd3/resourceGroups/ArtistAnywhere.Image/providers/Microsoft.Compute/galleries/azstudio/images/Linux/versions/3.1.0"
-  #       plan = {
-  #         publisher = ""
-  #         product   = ""
-  #         name      = ""
-  #       }
-  #     }
-  #   }
-  #   network = {
-  #     enableAcceleration = true
-  #   }
-  #   operatingSystem = {
-  #     type = "Linux"
-  #     disk = {
-  #       storageType = "Premium_LRS"
-  #       cachingType = "ReadWrite"
-  #       sizeGB      = 0
-  #     }
-  #   }
-  #   adminLogin = {
-  #     userName     = "azadmin"
-  #     userPassword = "P@ssword1234"
-  #     sshPublicKey = "" # "ssh-rsa ..."
-  #     passwordAuth = {
-  #       disable = false
-  #     }
-  #   }
-  #   customExtension = {
-  #     enable   = true
-  #     fileName = "initialize.sh"
-  #     parameters = {
-  #       activeDirectory = {
-  #         domainName    = ""
-  #         serverName    = ""
-  #         adminUsername = ""
-  #         adminPassword = ""
-  #       }
-  #       fileSystemMounts = [
-  #         {
-  #           enable = false # Storage Read
-  #           mount  = "data.artist.studio/default /mnt/data wekafs net=udp 0 0"
-  #         },
-  #         {
-  #           enable = false # Storage Read Cache
-  #           mount  = "cache.artist.studio:/mnt/data /mnt/data nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
-  #         },
-  #         {
-  #           enable = false # Storage Write
-  #           mount  = "data.artist.studio/default /mnt/data wekafs net=udp 0 0"
-  #         },
-  #         {
-  #           enable = false # Storage Write Cache
-  #           mount  = "cache.artist.studio:/mnt/data /mnt/data nfs hard,proto=tcp,mountproto=tcp,retry=30,nolock 0 0"
-  #         },
-  #         {
-  #           enable = true # Scheduler Deadline
-  #           mount  = "scheduler.artist.studio:/Deadline /DeadlineServer nfs defaults 0 0"
-  #         }
-  #       ]
-  #       pcoipLicenseKey = ""
-  #     }
-  #   }
-  #   monitorExtension = {
-  #     enable = false
-  #   }
-  # },
   {
-    name = "WinArtistNVIDIA"
+    enable = false
+    name   = "WinArtistNVIDIA"
     machine = {
       size = "Standard_NV36ads_A10_v5" # https://learn.microsoft.com/azure/virtual-machines/sizes
       image = {
@@ -179,116 +190,125 @@ virtualMachines = [
         disable = false
       }
     }
-    customExtension = {
+    extension = {
-      enable   = true
+      initialize = {
-      fileName = "initialize.ps1"
+        enable   = true
-      parameters = {
+        fileName = "initialize.ps1"
-        activeDirectory = {
+        parameters = {
-          domainName    = "" # "artist.studio"
+          fileSystemMounts = [
-          serverName    = "WinScheduler"
+            {
-          adminUsername = "azadmin"
+              enable = false # Storage Read
-          adminPassword = "P@ssword1234"
+              mount  = "mount -o anon \\\\data.artist.studio\\default R:"
-        }
+            },
-        fileSystemMounts = [
+            {
-          {
+              enable = false # Storage Read Cache
-            enable = false # Storage Read
+              mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data R:"
-            mount  = "mount -o anon \\\\data.artist.studio\\default R:"
+            },
-          },
+            {
-          {
+              enable = false # Storage Write
-            enable = false # Storage Read Cache
+              mount  = "mount -o anon \\\\data.artist.studio\\default W:"
-            mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data R:"
+            },
-          },
+            {
-          {
+              enable = false # Storage Write Cache
-            enable = false # Storage Write
+              mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data W:"
-            mount  = "mount -o anon \\\\data.artist.studio\\default W:"
+            },
-          },
+            {
-          {
+              enable = true # Scheduler Deadline
-            enable = false # Storage Write Cache
+              mount  = "mount -o anon \\\\scheduler.artist.studio\\Deadline S:"
-            mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data W:"
+            }
-          },
+          ]
-          {
+          pcoipLicenseKey = ""
-            enable = true # Scheduler Deadline
+          activeDirectory = {
-            mount  = "mount -o anon \\\\scheduler.artist.studio\\Deadline S:"
+            enable        = true
+            domainName    = "artist.studio"
+            serverName    = "WinScheduler"
+            orgUnitPath   = ""
+            adminUsername = "azadmin"
+            adminPassword = "P@ssword1234"
           }
-        ]
+        }
-        pcoipLicenseKey = ""
+      }
+      monitor = {
+        enable = false
       }
     }
-    monitorExtension = {
-      enable = false
-    }
   },
-  # {
+  {
-  #   name = "WinArtistAMD"
+    enable = false
-  #   machine = {
+    name   = "WinArtistAMD"
-  #     size = "Standard_NG32ads_V620_v1" # https://learn.microsoft.com/azure/virtual-machines/sizes
+    machine = {
-  #     image = {
+      size = "Standard_NG32ads_V620_v1" # https://learn.microsoft.com/azure/virtual-machines/sizes
-  #       id = "/subscriptions/5cc0d8f1-3643-410c-8646-1a2961134bd3/resourceGroups/ArtistAnywhere.Image/providers/Microsoft.Compute/galleries/azstudio/images/WinArtist/versions/3.1.0"
+      image = {
-  #       plan = {
+        id = "/subscriptions/5cc0d8f1-3643-410c-8646-1a2961134bd3/resourceGroups/ArtistAnywhere.Image/providers/Microsoft.Compute/galleries/azstudio/images/WinArtist/versions/3.1.0"
-  #         publisher = ""
+        plan = {
-  #         product   = ""
+          publisher = ""
-  #         name      = ""
+          product   = ""
-  #       }
+          name      = ""
-  #     }
+        }
-  #   }
+      }
-  #   network = {
+    }
-  #     enableAcceleration = true
+    network = {
-  #   }
+      enableAcceleration = true
-  #   operatingSystem = {
+    }
-  #     type = "Windows"
+    operatingSystem = {
-  #     disk = {
+      type = "Windows"
-  #       storageType = "Premium_LRS"
+      disk = {
-  #       cachingType = "ReadWrite"
+        storageType = "Premium_LRS"
-  #       sizeGB      = 0
+        cachingType = "ReadWrite"
-  #     }
+        sizeGB      = 0
-  #   }
+      }
-  #   adminLogin = {
+    }
-  #     userName     = "azadmin"
+    adminLogin = {
-  #     userPassword = "P@ssword1234"
+      userName     = "azadmin"
-  #     sshPublicKey = "" # "ssh-rsa ..."
+      userPassword = "P@ssword1234"
-  #     passwordAuth = {
+      sshPublicKey = "" # "ssh-rsa ..."
-  #       disable = false
+      passwordAuth = {
-  #     }
+        disable = false
-  #   }
+      }
-  #   customExtension = {
+    }
-  #     enable   = true
+    extension = {
-  #     fileName = "initialize.ps1"
+      initialize = {
-  #     parameters = {
+        enable   = true
-  #       activeDirectory = {
+        fileName = "initialize.ps1"
-  #         domainName    = "" # "artist.studio"
+        parameters = {
-  #         serverName    = "WinScheduler"
+          fileSystemMounts = [
-  #         adminUsername = "azadmin"
+            {
-  #         adminPassword = "P@ssword1234"
+              enable = false # Storage Read
-  #       }
+              mount  = "mount -o anon \\\\data.artist.studio\\default R:"
-  #       fileSystemMounts = [
+            },
-  #         {
+            {
-  #           enable = false # Storage Read
+              enable = false # Storage Read Cache
-  #           mount  = "mount -o anon \\\\data.artist.studio\\default R:"
+              mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data R:"
-  #         },
+            },
-  #         {
+            {
-  #           enable = false # Storage Read Cache
+              enable = false # Storage Write
-  #           mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data R:"
+              mount  = "mount -o anon \\\\data.artist.studio\\default W:"
-  #         },
+            },
-  #         {
+            {
-  #           enable = false # Storage Write
+              enable = false # Storage Write Cache
-  #           mount  = "mount -o anon \\\\data.artist.studio\\default W:"
+              mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data W:"
-  #         },
+            },
-  #         {
+            {
-  #           enable = false # Storage Write Cache
+              enable = true # Scheduler Deadline
-  #           mount  = "mount -o anon nolock \\\\cache.artist.studio\\mnt\\data W:"
+              mount  = "mount -o anon \\\\scheduler.artist.studio\\Deadline S:"
-  #         },
+            }
-  #         {
+          ]
-  #           enable = true # Scheduler Deadline
+          pcoipLicenseKey = ""
-  #           mount  = "mount -o anon \\\\scheduler.artist.studio\\Deadline S:"
+          activeDirectory = {
-  #         }
+            enable        = true
-  #       ]
+            domainName    = "artist.studio"
-  #       pcoipLicenseKey = ""
+            serverName    = "WinScheduler"
-  #     }
+            orgUnitPath   = ""
-  #   }
+            adminUsername = "azadmin"
-  #   monitorExtension = {
+            adminPassword = "P@ssword1234"
-  #     enable = false
+          }
-  #   }
+        }
-  # }
+      }
+      monitor = {
+        enable = false
+      }
+    }
+  }
 ]
 
 ###############################################################################################
@@ -296,6 +316,7 @@ virtualMachines = [
 ###############################################################################################
 
 trafficManager = {
+  enable = false
   profile = {
     name              = ""
     routingMethod     = "Performance"

src/terraform/examples/e2e/7.Artist.Workstation/initialize.ps1

@@ -1,5 +1,3 @@
-$ErrorActionPreference = "Stop"
-
 $binDirectory = "C:\Users\Public\Downloads"
 Set-Location -Path $binDirectory
 
@@ -7,10 +5,6 @@ $scriptFile = "C:\AzureData\functions.ps1"
 Copy-Item -Path "C:\AzureData\CustomData.bin" -Destination $scriptFile
 . $scriptFile
 
-if ("${activeDirectory.domainName}" -ne "") {
-  JoinActiveDirectory "${activeDirectory.domainName}" "${activeDirectory.serverName}" "${activeDirectory.adminUsername}" "${activeDirectory.adminPassword}"
-}
-
 $fileSystemMounts = ConvertFrom-Json -InputObject '${jsonencode(fileSystemMounts)}'
 foreach ($fileSystemMount in $fileSystemMounts) {
   if ($fileSystemMount.enable -eq $true) {
@@ -26,6 +20,8 @@ if (${pcoipLicenseKey} != "") {
   StartProcess PowerShell.exe "-ExecutionPolicy Unrestricted -File ""$installFile"" -RegistrationCode ${pcoipLicenseKey}" $binDirectory/pcoip-agent-license
 }
 
-if ("${activeDirectory.domainName}" -ne "") {
+if ("${activeDirectory.enable}" -eq $true) {
-  Restart-Computer -Force
+  # Retry 5 10 {
+    JoinActiveDirectory ${activeDirectory.domainName} ${activeDirectory.serverName} "${activeDirectory.orgUnitPath}" ${activeDirectory.adminUsername} ${activeDirectory.adminPassword}
+  # }
 }

src/terraform/examples/e2e/7.Artist.Workstation/initialize.sh

@@ -1,4 +1,4 @@
-#!/bin/bash -ex
+#!/bin/bash -x
 
 source /etc/profile.d/aaa.sh
 

src/terraform/examples/e2e/7.Artist.Workstation/main.tf

@@ -35,6 +35,7 @@ variable "resourceGroupName" {
 variable "trafficManager" {
   type = object(
     {
+      enable = bool
       profile = object(
         {
           name              = string
@@ -136,7 +137,7 @@ resource "azurerm_resource_group" "workstation" {
 ###############################################################################################
 
 resource "azurerm_traffic_manager_profile" "workstation" {
-  count                  = var.trafficManager.profile.name != "" ? 1 : 0
+  count                  = var.trafficManager.enable ? 1 : 0
   name                   = var.trafficManager.profile.name
   resource_group_name    = azurerm_resource_group.workstation.name
   traffic_routing_method = var.trafficManager.profile.routingMethod
@@ -154,7 +155,7 @@ resource "azurerm_traffic_manager_profile" "workstation" {
 
 resource "azurerm_traffic_manager_external_endpoint" "workstation" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if var.trafficManager.profile.name != "" && virtualMachine.name != ""
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable && var.trafficManager.enable
   }
   name       = each.value.name
   target     = azurerm_public_ip.workstation[each.value.name].ip_address
@@ -167,7 +168,7 @@ resource "azurerm_traffic_manager_external_endpoint" "workstation" {
 
 resource "azurerm_public_ip" "workstation" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if var.trafficManager.profile.name != "" && virtualMachine.name != ""
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable && var.trafficManager.enable
   }
   name                = each.value.name
   resource_group_name = azurerm_resource_group.workstation.name
@@ -182,6 +183,6 @@ output "resourceGroupName" {
 
 output "trafficManager" {
   value = {
-    fqdn = var.trafficManager.profile.name != "" ? azurerm_traffic_manager_profile.workstation[0].fqdn : ""
+    fqdn = var.trafficManager.enable ? azurerm_traffic_manager_profile.workstation[0].fqdn : ""
   }
 }

src/terraform/examples/e2e/7.Artist.Workstation/vm.tf

@@ -5,7 +5,8 @@
 variable "virtualMachines" {
   type = list(object(
     {
-      name = string
+      enable = bool
+      name   = string
       machine = object(
         {
           size = string
@@ -52,34 +53,40 @@ variable "virtualMachines" {
           )
         }
       )
-      customExtension = object(
+      extension = object(
         {
-          enable   = bool
+          initialize = object(
-          fileName = string
-          parameters = object(
             {
-              activeDirectory = object(
+              enable   = bool
+              fileName = string
+              parameters = object(
                 {
-                  domainName    = string
+                  fileSystemMounts = list(object(
-                  serverName    = string
+                    {
-                  adminUsername = string
+                      enable = bool
-                  adminPassword = string
+                      mount  = string
+                    }
+                  ))
+                  pcoipLicenseKey = string
+                  activeDirectory = object(
+                    {
+                      enable        = bool
+                      domainName    = string
+                      serverName    = string
+                      orgUnitPath   = string
+                      adminUsername = string
+                      adminPassword = string
+                    }
+                  )
                 }
               )
-              fileSystemMounts = list(object(
-                {
-                  enable = bool
-                  mount  = string
-                }
-              ))
-              pcoipLicenseKey = string
             }
           )
-        }
+          monitor = object(
-      )
+            {
-      monitorExtension = object(
+              enable = bool
-        {
+            }
-          enable = bool
+          )
         }
       )
     }
@@ -94,19 +101,19 @@ locals {
         image = {
           id = virtualMachine.machine.image.id
           plan = {
-            publisher = lower(virtualMachine.machine.image.plan.publisher != "" && try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.enablePlan, false) ? virtualMachine.machine.image.plan.publisher : try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.publisher, ""))
+            publisher = lower(virtualMachine.machine.image.plan.publisher != "" && try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.enablePlan, false) ? virtualMachine.machine.image.plan.publisher : try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.publisher, ""))
-            product   = lower(virtualMachine.machine.image.plan.product != "" && try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.enablePlan, false) ? virtualMachine.machine.image.plan.product : try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.offer, ""))
+            product   = lower(virtualMachine.machine.image.plan.product != "" && try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.enablePlan, false) ? virtualMachine.machine.image.plan.product : try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.offer, ""))
-            name      = lower(virtualMachine.machine.image.plan.name != "" && try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.enablePlan, false) ? virtualMachine.machine.image.plan.name : try(data.terraform_remote_state.image.outputs.imageDefinitionLinux.sku, ""))
+            name      = lower(virtualMachine.machine.image.plan.name != "" && try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.enablePlan, false) ? virtualMachine.machine.image.plan.name : try(data.terraform_remote_state.image.outputs.imageDefinition.Linux.sku, ""))
           }
         }
       }
-    }) if virtualMachine.name != "" && virtualMachine.operatingSystem.type == "Linux"
+    }) if virtualMachine.enable && virtualMachine.operatingSystem.type == "Linux"
   ]
 }
 
 resource "azurerm_network_interface" "workstation" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.name != ""
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable
   }
   name                = each.value.name
   resource_group_name = azurerm_resource_group.workstation.name
@@ -115,7 +122,7 @@ resource "azurerm_network_interface" "workstation" {
     name                          = "ipConfig"
     subnet_id                     = data.azurerm_subnet.workstation.id
     private_ip_address_allocation = "Dynamic"
-    public_ip_address_id          = var.trafficManager.profile.name != "" ? azurerm_public_ip.workstation[each.value.name].id : null
+    public_ip_address_id          = var.trafficManager.enable ? azurerm_public_ip.workstation[each.value.name].id : null
   }
   enable_accelerated_networking = each.value.network.enableAcceleration
 }
@@ -168,7 +175,7 @@ resource "azurerm_linux_virtual_machine" "workstation" {
 
 resource "azurerm_virtual_machine_extension" "initialize_linux" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.name != "" && virtualMachine.customExtension.enable && virtualMachine.operatingSystem.type == "Linux"
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable && virtualMachine.extension.initialize.enable && virtualMachine.operatingSystem.type == "Linux"
   }
   name                       = "Initialize"
   type                       = "CustomScript"
@@ -178,7 +185,7 @@ resource "azurerm_virtual_machine_extension" "initialize_linux" {
   virtual_machine_id         = "${azurerm_resource_group.workstation.id}/providers/Microsoft.Compute/virtualMachines/${each.value.name}"
   settings = jsonencode({
     script = "${base64encode(
-      templatefile(each.value.customExtension.fileName, merge(each.value.customExtension.parameters, {}))
+      templatefile(each.value.extension.initialize.fileName, merge(each.value.extension.initialize.parameters, {}))
     )}"
   })
   depends_on = [
@@ -188,7 +195,7 @@ resource "azurerm_virtual_machine_extension" "initialize_linux" {
 
 resource "azurerm_virtual_machine_extension" "monitor_linux" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.name != "" && virtualMachine.monitorExtension.enable && virtualMachine.operatingSystem.type == "Linux" && module.global.monitor.name != ""
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable && virtualMachine.extension.monitor.enable && virtualMachine.operatingSystem.type == "Linux" && module.global.monitor.name != ""
   }
   name                       = "Monitor"
   type                       = "AzureMonitorLinuxAgent"
@@ -209,7 +216,7 @@ resource "azurerm_virtual_machine_extension" "monitor_linux" {
 
 resource "azurerm_windows_virtual_machine" "workstation" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.name != "" && virtualMachine.operatingSystem.type == "Windows"
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable && virtualMachine.operatingSystem.type == "Windows"
   }
   name                = each.value.name
   resource_group_name = azurerm_resource_group.workstation.name
@@ -240,7 +247,7 @@ resource "azurerm_windows_virtual_machine" "workstation" {
 
 resource "azurerm_virtual_machine_extension" "initialize_windows" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.name != "" && virtualMachine.customExtension.enable && virtualMachine.operatingSystem.type == "Windows"
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable && virtualMachine.extension.initialize.enable && virtualMachine.operatingSystem.type == "Windows"
   }
   name                       = "Initialize"
   type                       = "CustomScriptExtension"
@@ -250,7 +257,7 @@ resource "azurerm_virtual_machine_extension" "initialize_windows" {
   virtual_machine_id         = "${azurerm_resource_group.workstation.id}/providers/Microsoft.Compute/virtualMachines/${each.value.name}"
   settings = jsonencode({
     commandToExecute = "PowerShell -ExecutionPolicy Unrestricted -EncodedCommand ${textencodebase64(
-      templatefile(each.value.customExtension.fileName, merge(each.value.customExtension.parameters, {})), "UTF-16LE"
+      templatefile(each.value.extension.initialize.fileName, merge(each.value.extension.initialize.parameters, {})), "UTF-16LE"
     )}"
   })
   depends_on = [
@@ -260,7 +267,7 @@ resource "azurerm_virtual_machine_extension" "initialize_windows" {
 
 resource "azurerm_virtual_machine_extension" "monitor_windows" {
   for_each = {
-    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.name != "" && virtualMachine.monitorExtension.enable && virtualMachine.operatingSystem.type == "Windows" && module.global.monitor.name != ""
+    for virtualMachine in var.virtualMachines : virtualMachine.name => virtualMachine if virtualMachine.enable && virtualMachine.extension.monitor.enable && virtualMachine.operatingSystem.type == "Windows" && module.global.monitor.name != ""
   }
   name                       = "Monitor"
   type                       = "AzureMonitorWindowsAgent"

src/terraform/examples/e2e/README.md

@@ -48,7 +48,7 @@ The following local installation prerequisites are required for the AAA solution
 1. Run `cd ~/e2e/0.Global.Foundation` in a local shell (Bash or PowerShell)
 1. Review and edit the config values in `module/backend.config` for your deployment
 1. Review and edit the config values in `module/variables.tf` for your deployment
-   * If a Key Vault name is specified [here](https://github.com/Azure/Avere/blob/main/src/terraform/examples/e2e/0.Global.Foundation/module/variables.tf#L40), make sure the [Key Vault Administrator](https://learn.microsoft.com/azure/role-based-access-control/built-in-roles#key-vault-administrator) role is assigned to the current user via [Role-Based Access Control (RBAC)](https://learn.microsoft.com/azure/role-based-access-control/overview).
+   * If a Key Vault name is specified [here](https://github.com/Azure/Avere/blob/main/src/terraform/examples/e2e/0.Global.Foundation/module/variables.tf#L35), make sure the [Key Vault Administrator](https://learn.microsoft.com/azure/role-based-access-control/built-in-roles#key-vault-administrator) role is assigned to the current user via [Role-Based Access Control (RBAC)](https://learn.microsoft.com/azure/role-based-access-control/overview).
 1. Review and edit the config values in `config.auto.tfvars` for your deployment
 1. Run `terraform init` to initialize the current local directory (append `-upgrade` if older providers are detected)
 1. Run `terraform apply` to generate the Terraform deployment [Plan](https://www.terraform.io/docs/cli/run/index.html#planning) (append `-destroy` to delete Azure resources)