Add Files for Azure Image Builder

controller/Imagebuilder-setup.sh

@@ -0,0 +1,111 @@
+# Setup resources to be able to make a new image and store it in a shared 
+# image gallery that can be used to populate a new vfxt controller version
+# in marketplace.
+
+# Environment Variables
+subscriptionID=<subid>  # Avere FreeBSD Build Environment Subscription
+location=<location>
+additionalregion=<additionallocation>
+sigResourceGroup=<rgname>
+identityName=<identityname>
+sigName=<signame>
+imageDefName=<imagedefname>
+runOutputName=<runoutputname>
+
+
+# Not all of these steps need to be run if the 
+# Shared Image Gallery already exists.
+
+
+# Create Resource Group
+az group create -n $sigResourceGroup -l $location --subscription $subscriptionID 
+
+# Create Managed Identity for azure image builder
+az identity create -g $sigResourceGroup -n $identityName --subscription $subscriptionID
+imgBuilderCliId=$(az identity show -g $sigResourceGroup -n $identityName --subscription $subscriptionID --query clientId -o tsv)
+imgBuilderId=/subscriptions/$subscriptionID/resourcegroups/$sigResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/$identityName
+
+# Add role assignment.  On the microsoft tenant, this doesn't work from 
+# unmanaged hosts. you might have to do this in the azure portal.
+az role assignment create \
+    --assignee $imgBuilderCliId \
+    --role "<role>" \    # See azure image builder for appropriate role to use here.
+    --scope /subscriptions/$subscriptionID/resourceGroups/$sigResourceGroup
+
+# Create Shared Image Gallery
+az sig create \
+    -g $sigResourceGroup --subscription $subscriptionID \
+    --gallery-name $sigName
+
+
+# Create Image Definition
+az sig image-definition create \
+   -g $sigResourceGroup --subscription $subscriptionID\
+   --gallery-name $sigName \
+   --gallery-image-definition $imageDefName \
+   --publisher Microsoft \
+   --offer vfxt-controller \
+   --sku 20_04-lts-gen2 \
+   --os-type Linux \
+   --hyper-v-generation V2 \
+   --features SecurityType=TrustedLaunchSupported
+
+# Get image template and customize it.  
+# The sleeps were needed to help the sed commands finish writing the file.
+curl https://raw.githubusercontent.com/Azure/azvmimagebuilder/master/quickquickstarts/1_Creating_a_Custom_Linux_Shared_Image_Gallery_Image/helloImageTemplateforSIG.json -o helloImageTemplateforSIG.json
+sed -i -e "s/<subscriptionID>/$subscriptionID/g" helloImageTemplateforSIG.json
+sleep 2
+sed -i -e "s/<rgName>/$sigResourceGroup/g" helloImageTemplateforSIG.json && \
+sleep 2
+sed -i -e "s/<imageDefName>/$imageDefName/g" helloImageTemplateforSIG.json && \
+sleep 2
+sed -i -e "s/<sharedImageGalName>/$sigName/g" helloImageTemplateforSIG.json && \
+sleep 2
+sed -i -e "s/<region1>/$location/g" helloImageTemplateforSIG.json && \
+sleep 2
+sed -i -e "s/<region2>/$additionalregion/g" helloImageTemplateforSIG.json && \
+sleep 2
+sed -i -e "s/<runOutputName>/$runOutputName/g" helloImageTemplateforSIG.json && \
+sleep 2
+sed -i -e "s%<imgBuilderId>%$imgBuilderId%g" helloImageTemplateforSIG.json
+sleep 2
+sed -i '/"customize": \[/,/\],/c\
+        "customize": [\
+            {\
+                "type": "Shell",\
+                "name": "InstallVfxtPy",\
+                "scriptUri": "https://raw.githubusercontent.com/Azure/AvereSDK/main/controller/install.sh"\
+            }\
+        ],' helloImageTemplateforSIG.json
+
+
+# Create Image Template
+# A Image template will need to be recreated if the InstallVfxtPy script
+# contents are updated.  If you're just wanting to pull new ubuntu updates 
+# you can just run the image template again.
+
+current_date_time=$(date +"%Y%m%d-%H%M%S")
+templatename="vfxt-controller-image-template-$current_date_time"
+
+az resource create \
+    --resource-group $sigResourceGroup \
+    --properties @helloImageTemplateforSIG.json \
+    --is-full-object \
+    --resource-type Microsoft.VirtualMachineImages/imageTemplates \
+    -n $templatename \
+    --subscription $subscriptionID
+
+# Run Image Template
+az resource invoke-action \
+     --resource-group $sigResourceGroup \
+     --resource-type  Microsoft.VirtualMachineImages/imageTemplates \
+     -n $templatename \
+     --action Run \
+     --subscription $subscriptionID
+
+# Helpful command to remove a template
+az resource delete \
+    --resource-group $sigResourceGroup \
+    -n helloImageTemplateforSIG01 \
+    --resource-type Microsoft.VirtualMachineImages/imageTemplates \
+    --subscription $subscriptionID

controller/README

@@ -0,0 +1,3 @@
+Scripts and files to build the vfxt-controller image via Azure Image Builder.
+
+The files in this directory are used to setup Azure Image Builder or used by Azure Image Builder to create the vfxt-controller image for publishing to the azure marketplace.  Walk though the steps in Imagebuilder-setup.sh to create the Azure Image Builder resources and to invoke the creation of the vfxt-controller image.

controller/examples/VFXT_README

@@ -0,0 +1,34 @@
+
+Please log in to the Azure service and choose the active subscription using the following commands:
+    az login --use-device-code
+    az account set --subscription <subscription UUID>
+
+Make sure you are the subscription owner when logged in with the above command.  This is required
+for the following commands.
+
+You must create a role for the Avere cluster to use.  Edit /avere-cluster.json adding in the
+subscription UUID. Then run:
+    az role definition create --role-definition /tmp/cluster.json
+
+Please accept the terms of the Avere image before creating a cluster:
+    az vm image accept-terms --urn microsoft-avere:vfxt:avere-vfxt-node:latest
+
+You can use the following provided example scripts to deploy a vFXT cluster.
+Please edit them for the specific environment configuration.
+    /create-cloudbacked-cluster
+    /create-onprembacked-cluster
+    /create-minimal-cluster
+To destroy a cluster:
+    /destroy-cluster
+
+
+Here is an example using the vFXT helper utility that is run by the above scripts:
+
+    vfxt.py --cloud-type azure  --from-environment \
+    --resource-group <> --network-resource-group <if different from resource group> \
+    --location eastus --azure-network <> --azure-subnet <> \
+    --create \
+    --cluster-name <> --admin-password <> \
+    --instance-type [Standard_D16s_v3 | Standard_E32s_v3] \
+    --azure-role avere-cluster  --cluster-range <> \
+    [ --storage-resource-group <if different> --storage-account <>  | --no-corefiler | --nfs-mount <> ]

controller/examples/add-nodes

@@ -0,0 +1,55 @@
+#!/usr/bin/env bash
+set -exu
+
+# Resource groups
+# At a minimum specify the resource group.  If the network resources live in a
+# different group, specify the network resource group.  Likewise for the storage
+# account resource group.
+RESOURCE_GROUP=
+#NETWORK_RESOURCE_GROUP=
+#STORAGE_RESOURCE_GROUP=
+
+# eastus, etc.  To list:
+# az account list-locations --query '[].name' --output tsv
+LOCATION=
+
+# Your VNET and Subnet names.
+NETWORK=
+SUBNET=
+
+# The preconfigured Azure AD role for use by the vFXT cluster nodes.  Refer to
+# the vFXT documentation.
+AVERE_CLUSTER_ROLE=
+
+# The cluster management address, this can be the Avere management address
+# or the primary IP address of one of the Avere cluster virtual machines
+CLUSTER_MGMT_ADDRESS=
+# Administrative password for the cluster
+ADMIN_PASSWORD=PLACEHOLDER
+
+# The number of nodes to add
+NODE_COUNT=1
+
+# Cluster sizing for VM and cache disks.
+INSTANCE_TYPE=Standard_D16s_v3 # or Standard_E32s_v3]
+CACHE_SIZE=1024 # or 4096, 8192
+
+# Do not edit below this line
+NRG_OPT=
+if [ -n "${NETWORK_RESOURCE_GROUP:=}" ]; then
+    NRG_OPT="--network-resource-group ${NETWORK_RESOURCE_GROUP}"
+fi
+SRG_OPT=
+if [ -n "${STORAGE_RESOURCE_GROUP:=}" ]; then
+    SRG_OPT="--storage-resource-group ${STORAGE_RESOURCE_GROUP}"
+fi
+
+vfxt.py --cloud-type azure --from-environment \
+--resource-group "${RESOURCE_GROUP}" $NRG_OPT \
+--location "${LOCATION}" --azure-network "${NETWORK}" --azure-subnet "${SUBNET}" \
+--add-nodes --nodes ${NODE_COUNT} \
+--management-address "${CLUSTER_MGMT_ADDRESS}" --admin-password "${ADMIN_PASSWORD}" \
+--instance-type "${INSTANCE_TYPE}" --node-cache-size "${CACHE_SIZE}" \
+--azure-role "${AVERE_CLUSTER_ROLE}" \
+$SRG_OPT \
+--log ~/vfxt.log

controller/examples/avere-cluster.json

@@ -0,0 +1,26 @@
+{
+    "AssignableScopes": [
+        "/subscriptions/<subscription here>"
+    ],
+    "Name": "avere-cluster",
+    "IsCustom": "true",
+    "Description": "Avere cluster runtime role",
+    "NotActions": [],
+    "Actions": [
+        "Microsoft.Compute/virtualMachines/read",
+        "Microsoft.Network/networkInterfaces/read",
+        "Microsoft.Network/networkInterfaces/write",
+        "Microsoft.Network/virtualNetworks/subnets/read",
+        "Microsoft.Network/virtualNetworks/subnets/join/action",
+        "Microsoft.Network/networkSecurityGroups/join/action",
+        "Microsoft.Resources/subscriptions/resourceGroups/read",
+        "Microsoft.Storage/storageAccounts/blobServices/containers/delete",
+        "Microsoft.Storage/storageAccounts/blobServices/containers/read",
+        "Microsoft.Storage/storageAccounts/blobServices/containers/write"
+    ],
+    "DataActions": [
+        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/delete",
+        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/read",
+        "Microsoft.Storage/storageAccounts/blobServices/containers/blobs/write"
+    ]
+}

controller/examples/create-cloudbacked-cluster

@@ -0,0 +1,70 @@
+#!/usr/bin/env bash
+set -exu
+
+# Resource groups
+# At a minimum specify the resource group.  If the network resources live in a
+# different group, specify the network resource group.  Likewise for the storage
+# account resource group.
+RESOURCE_GROUP=
+#NETWORK_RESOURCE_GROUP=
+#STORAGE_RESOURCE_GROUP=
+
+# eastus, etc.  To list:
+# az account list-locations --query '[].name' --output tsv
+LOCATION=
+
+# Your VNET and Subnet names.
+NETWORK=
+SUBNET=
+
+# The preconfigured Azure AD role for use by the vFXT cluster nodes.  Refer to
+# the vFXT documentation.
+AVERE_CLUSTER_ROLE=
+
+# For cloud (blob) backed storage, provide the storage account name for the data
+# to live within.
+STORAGE_ACCOUNT=
+
+# The cluster name should be unique within the resource group.
+CLUSTER_NAME=avere-cluster
+# Administrative password for the cluster
+ADMIN_PASSWORD=PLACEHOLDER
+
+# Cluster sizing for VM and cache disks.
+INSTANCE_TYPE=Standard_D16s_v3 # or Standard_E32s_v3]
+CACHE_SIZE=1024 # or 4096, 8192
+
+# DEBUG="--debug"
+
+# Do not edit below this line
+NRG_OPT=
+if [ -n "${NETWORK_RESOURCE_GROUP:=}" ]; then
+    NRG_OPT="--network-resource-group ${NETWORK_RESOURCE_GROUP}"
+fi
+SRG_OPT=
+if [ -n "${STORAGE_RESOURCE_GROUP:=}" ]; then
+    SRG_OPT="--storage-resource-group ${STORAGE_RESOURCE_GROUP}"
+fi
+IMG_OPT=
+if [ -n "${IMAGE_ID_VALUE:=}" ]; then
+    IMG_OPT="--image-id ${IMAGE_ID_VALUE}"
+fi
+
+SSH_OPT=
+PUBKEY=$(curl -s -f -H Metadata:true "http://169.254.169.254/metadata/instance?api-version=2019-02-01" | jq -r .compute.publicKeys[0].keyData)
+if [[ "${PUBKEY}" != "null" ]]; then
+    KEYFILE=$(mktemp)
+    echo "${PUBKEY}" > ${KEYFILE}
+    SSH_OPT="--ssh-key ${KEYFILE}"
+fi
+
+vfxt.py --cloud-type azure  --from-environment \
+--resource-group "${RESOURCE_GROUP}" $NRG_OPT \
+--location "${LOCATION}" --azure-network "${NETWORK}" --azure-subnet "${SUBNET}" \
+--create \
+--cluster-name "${CLUSTER_NAME}" --admin-password "${ADMIN_PASSWORD}" \
+--instance-type "${INSTANCE_TYPE}" --node-cache-size "${CACHE_SIZE}" \
+--azure-role "${AVERE_CLUSTER_ROLE}"  \
+--storage-account "${STORAGE_ACCOUNT}" $SRG_OPT $IMG_OPT \
+$SSH_OPT \
+--log ~/vfxt.log ${DEBUG:=}

controller/examples/create-minimal-cluster

@@ -0,0 +1,60 @@
+#!/usr/bin/env bash
+set -exu
+
+# Resource groups
+# At a minimum specify the resource group.  If the network resources live in a
+# different group, specify the network resource group.
+RESOURCE_GROUP=
+#NETWORK_RESOURCE_GROUP=
+
+# eastus, etc.  To list:
+# az account list-locations --query '[].name' --output tsv
+LOCATION=
+
+# Your VNET and Subnet names.
+NETWORK=
+SUBNET=
+
+# The preconfigured Azure AD role for use by the vFXT cluster nodes.  Refer to
+# the vFXT documentation.
+AVERE_CLUSTER_ROLE=
+
+# The cluster name should be unique within the resource group.
+CLUSTER_NAME=avere-cluster
+# Administrative password for the cluster
+ADMIN_PASSWORD=PLACEHOLDER
+
+# Cluster sizing for VM and cache disks.
+INSTANCE_TYPE=Standard_D16s_v3 # or Standard_E32s_v3]
+CACHE_SIZE=1024 # or 4096, 8192
+
+# DEBUG="--debug"
+
+# Do not edit below this line
+NRG_OPT=
+if [ -n "${NETWORK_RESOURCE_GROUP:=}" ]; then
+    NRG_OPT="--network-resource-group ${NETWORK_RESOURCE_GROUP}"
+fi
+IMG_OPT=
+if [ -n "${IMAGE_ID_VALUE:=}" ]; then
+    IMG_OPT="--image-id ${IMAGE_ID_VALUE}"
+fi
+
+SSH_OPT=
+PUBKEY=$(curl -s -f -H Metadata:true "http://169.254.169.254/metadata/instance?api-version=2019-02-01" | jq -r .compute.publicKeys[0].keyData)
+if [[ "${PUBKEY}" != "null" ]]; then
+    KEYFILE=$(mktemp)
+    echo "${PUBKEY}" > ${KEYFILE}
+    SSH_OPT="--ssh-key ${KEYFILE}"
+fi
+
+vfxt.py --cloud-type azure  --from-environment \
+--resource-group "${RESOURCE_GROUP}" $NRG_OPT \
+--location "${LOCATION}" --azure-network "${NETWORK}" --azure-subnet "${SUBNET}" \
+--create \
+--cluster-name "${CLUSTER_NAME}" --admin-password "${ADMIN_PASSWORD}" \
+--instance-type "${INSTANCE_TYPE}" --node-cache-size "${CACHE_SIZE}" \
+--azure-role "${AVERE_CLUSTER_ROLE}"  \
+--no-corefiler $IMG_OPT \
+$SSH_OPT \
+--log ~/vfxt.log ${DEBUG:=}

controller/examples/destroy-cluster

@@ -0,0 +1,36 @@
+#!/usr/bin/env bash
+set -exu
+
+# Resource groups
+# At a minimum specify the resource group.  If the network resources live in a
+# different group, specify the network resource group.
+RESOURCE_GROUP=
+#NETWORK_RESOURCE_GROUP=
+
+# eastus, etc.  To list:
+# az account list-locations --query '[].name' --output tsv
+LOCATION=
+
+# Your VNET and Subnet names.
+NETWORK=
+SUBNET=
+
+# The cluster IP address (the Avere management IP or an IP of a VM)
+CLUSTER_ADDRESS=
+# Administrative password for the cluster
+ADMIN_PASSWORD=PLACEHOLDER
+
+# DEBUG="--debug"
+
+# Do not edit below this line
+NRG_OPT=
+if [ -n "${NETWORK_RESOURCE_GROUP:=}" ]; then
+    NRG_OPT="--network-resource-group ${NETWORK_RESOURCE_GROUP}"
+fi
+
+vfxt.py --cloud-type azure  --from-environment \
+--resource-group "${RESOURCE_GROUP}" $NRG_OPT \
+--location "${LOCATION}" --azure-network "${NETWORK}" --azure-subnet "${SUBNET}" \
+--destroy \
+--management-address "${CLUSTER_ADDRESS}" --admin-password "${ADMIN_PASSWORD}" \
+--log ~/vfxt.log ${DEBUG:=}

controller/install.sh

@@ -0,0 +1,97 @@
+#!/bin/bash
+# This script is used to install the Avere vFXT controller software on an Azure VM
+# It is intended to be used with Azure Image Builder
+set -ex
+export DEBIAN_FRONTEND=noninteractive
+
+AZCLI_VERSION=2.63.0
+TERRAFORM_VERSION=1.9.4
+AVERE_TERRAFORM_PROVIDER_VERSION=1.3.3
+
+echo "Sleeping for 2 minutes to allow the VM to settle"
+sleep 120
+
+
+echo "Installing Pre-requisites"
+apt-get update
+apt-get install -y      \
+    apt-transport-https \
+    build-essential     \
+    ca-certificates     \
+    curl                \
+    dirmngr             \
+    gnupg               \
+    jq                  \
+    libssl-dev          \
+    lsb-release         \
+    nfs-common          \
+    python-dev-is-python3 \
+    python3             \
+    python3-dev         \
+    python3-pip         \
+    python-setuptools   \
+    sshpass             \
+    unzip
+
+
+echo "Installing the Azure CLI"
+mkdir -p /etc/apt/keyrings
+curl -sLS https://packages.microsoft.com/keys/microsoft.asc |
+  gpg --dearmor | tee /etc/apt/keyrings/microsoft.gpg > /dev/null
+chmod go+r /etc/apt/keyrings/microsoft.gpg
+
+AZ_DIST=$(lsb_release -cs)
+echo "Types: deb
+URIs: https://packages.microsoft.com/repos/azure-cli/
+Suites: ${AZ_DIST}
+Components: main
+Architectures: $(dpkg --print-architecture)
+Signed-by: /etc/apt/keyrings/microsoft.gpg" | tee /etc/apt/sources.list.d/azure-cli.sources
+
+apt-get update
+apt-get install -y azure-cli
+apt upgrade -y
+apt autoremove -y
+
+echo "Installing the Avere SDK"
+python3 -m pip install --upgrade pip pyOpenSSL requests urllib3 azure-cli==${AZCLI_VERSION}
+python3 -m pip install git+https://github.com/Azure/AvereSDK.git@main
+
+echo "Enabling unattended upgrades"
+cp /usr/share/unattended-upgrades/20auto-upgrades /etc/apt/apt.conf.d/20auto-upgrades
+
+
+echo "Retrieving and installing terraform"
+curl -L -o /tmp/terraform.zip https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip
+unzip /tmp/terraform.zip terraform -d /usr/local/bin
+chmod 755 /usr/local/bin/terraform
+rm /tmp/terraform.zip
+
+echo "Retrieving and installing the Avere Terraform provider"
+curl -L -o /usr/local/bin/terraform-provider-avere https://github.com/Azure/Avere/releases/download/v${AVERE_TERRAFORM_PROVIDER_VERSION}/terraform-provider-avere
+chmod 755 /usr/local/bin/terraform-provider-avere
+
+echo "Cleaning up the build tools"
+apt remove --purge -y                                     \
+    g++ gcc build-essential binutils dpkg-dev \
+    python2.7-dev python-dev cpp binutils-common    \
+    binutils-x86-64-linux-gnu     \
+    linux-libc-dev manpages-dev
+apt clean
+rm -rf /usr/src/linux*headers*
+
+
+echo "Update alternatives"
+update-alternatives --install /usr/bin/python python /usr/bin/python3 10
+
+
+mkdir -p /examples
+REPO=Azure/AvereSDK
+BRANCH=main
+curl -L -o /examples/add-nodes https://raw.githubusercontent.com/${REPO}/${BRANCH}/examples/add-nodes
+curl -L -o /examples/avere-cluster.json https://raw.githubusercontent.com/${REPO}/${BRANCH}/examples/avere-cluster.json
+curl -L -o /examples/create-cloudbacked-cluster https://raw.githubusercontent.com/${REPO}/${BRANCH}/examples/create-cloudbacked-cluster
+curl -L -o /examples/create-minimal-cluster https://raw.githubusercontent.com/${REPO}/${BRANCH}/examples/create-minimal-cluster
+curl -L -o /examples/destroy-cluster https://raw.githubusercontent.com/${REPO}/${BRANCH}/examples/destroy-cluster
+curl -L -o /examples/VFXT_README https://raw.githubusercontent.com/${REPO}/${BRANCH}/examples/VFXT_README
+printf "\nCheck out /examples/VFXT_README for help on using this Avere Controller virtual machine\n\n" > /etc/update-motd.d/99-vfxt