Azure
/
AzureStack-QuickStart-Templates
зеркало из https://github.com/Azure/AzureStack-QuickStart-Templates.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Update Ethereum PoA template (#422) 

* Updated PoA templates

* updated readme file

* use securestring for password

* typo

* test - personal fork

* remove personal fork test
This commit is contained in:
Ali Nikravesh 2019-02-28 09:18:49 -08:00 коммит произвёл Krishna Nithin
Родитель ab17e160b8
Коммит b00fb93c00
21 изменённых файлов: 476 добавлений и 2451 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

103
ethereum-consortium-blockchain-poa/README.md
Просмотреть файл

@ -6,7 +6,9 @@ This template deploys all of the resources required for Ethereum POA.
- Ubuntu Server 16.04 LTS (any version)
- Custom Script for Linux 2.0
* Create a service principal and save it's ID and secret
* Create a service principal.
- On AAD environment save service principal's ID and secret.
- On ADFS environment, save service principal's ID and Thumbprint. In addition, create a keyvault with a secret and store service principal's certificate in the keyvault's secret.
* On your subscription, assign Contributor role to your service principal
* Install MetaMask extension on Chrome
@ -18,41 +20,30 @@ This template deploys all of the resources required for Ethereum POA.
| Parameter Name | Value |
|----------------|:----------------------------------------:|
| Location | Location of your Azure Stack environment |
| location | Location of your Azure Stack environment |
| isJoiningExistingNetwork | False - This should be false for leader deployment |
| regionCount | 1 - This is always 1 for Azure Stack |
| Location_1 | Location of your Azure Stack environment |
| Location_2 | N/A (don't change the default value) |
| Location_3 | N/A (don't change the default value) |
| Location_4 | N/A (don't change the default value) |
| Location_5 | N/A (don't change the default value) |
| AuthType | password |
| AdminUserName | Username of your Linux admin account |
| AdminPassword | Password of your Linux admin account |
| AdminSSHKey | You can use SSH Keys instead of password to access your Linux account |
| EthereumNetworkID | Arbitary value less than 2147483647 |
| ConsortiumMemberID | The ID associated with each member of the consortium network. This ID should be unique in the network |
| EthereumAdminPublicKey | Ethereum account address that is used for participating in PoA member management. Use address of the MetaMask account that was created on Step 1 |
| DeployUsingPublicIP | True |
| NumVLNodesRegion | Number of load balanced validator nodes |
| VlNodeVMSize | Standard_D1_v2 |
| VlStorageAccountType | Standard_LRS |
| ConnectionSharedKey | N/A |
| ConsortiumMemberGatewayId | N/A |
| ConsortiumDataURL | N/A for leader deployment |
| TransactionPermissioningContract | N/A |
| PublicRPCEndpoint | True |
| OmsDeploy | False |
| omsWorkspaceId | N/A |
| omsPrimaryKey | N/A |
| omsLocation | N/A |
| emailAddress | N/A |
| enableSshAccess | True |
| azureStackDeployment | True |
| authType | password or sshPublicKey |
| adminUserName | Username of your Linux admin account |
| adminPassword | Password of your Linux admin account |
| adminSSHKey | You can use SSH Keys instead of password to access your Linux account |
| ethereumNetworkID | Arbitary value less than 2147483647 |
| consortiumMemberID | The ID associated with each member of the consortium network. This ID should be unique in the network |
| ethereumAdminPublicKey | Ethereum account address that is used for participating in PoA member management. Use address of the MetaMask account that was created on Step 1 |
| numVLNodesRegion | Number of load balanced validator nodes |
| vlNodeVMSize | Size of the virtual machine for transaction nodes |
| vlStorageAccountType | Type of managed disks to create. Allowed values: Standard_LRS, Premium_LRS |
| consortiumDataURL | N/A for leader deployment |
| publicRPCEndpoint | True - This should be True for Azure Stack environments |
| enableSshAccess | Enables or Disables the Network Security Group rule to allow SSH port access |
| servicePrincipalId | Service principal ID |
| servicePrincipalSecret | Service principal secret |
| endpointFqdn | Azure Stack environment FQDN |
| tenantId | Azure stack tenant ID |
| tenantId | Azure stack tenant ID |
| deployUsingPublicIP | True |
| isAdfs | Set to True if using template on ADFS environment |
| certKeyVaultId | Only for ADFS environments - The ID of the KeyVault that holds ADFS service principal certificate |
| certSecretUrl | Only for ADFS environments - The URL of the secret that holds ADFS service principal certificate |
## Member deployment
@ -64,41 +55,29 @@ This template deploys all of the resources required for Ethereum POA.
| Parameter Name | Value |
|----------------|:----------------------------------------:|
| Location | Location of your Azure Stack environment |
| location | Location of your Azure Stack environment |
| isJoiningExistingNetwork | True - This should be true for joining member deployment |
| regionCount | 1 - This is always 1 for Azure Stack |
| Location_1 | Location of your Azure Stack environment |
| Location_2 | N/A (don't change the default value) |
| Location_3 | N/A (don't change the default value) |
| Location_4 | N/A (don't change the default value) |
| Location_5 | N/A (don't change the default value) |
| AuthType | password |
| AdminUserName | Username of your Linux admin account |
| AdminPassword | Password of your Linux admin account |
| AdminSSHKey | You can use SSH Keys instead of password to access your Linux account |
| EthereumNetworkID | Same as leader Network ID |
| ConsortiumMemberID | The ID associated with each member of the consortium network. This ID should be unique in the network |
| EthereumAdminPublicKey | Ethereum account address that is used for participating in PoA member management. Use address of the MetaMask account that was created on Step 1 |
| DeployUsingPublicIP | True |
| NumVLNodesRegion | Number of load balanced validator nodes |
| VlNodeVMSize | Standard_D1_v2 |
| VlStorageAccountType | Standard_LRS |
| ConnectionSharedKey | N/A |
| ConsortiumMemberGatewayId | N/A |
| ConsortiumDataURL | ConsortiumDataURL from leader deployment output from step 2 |
| TransactionPermissioningContract | N/A |
| PublicRPCEndpoint | True |
| OmsDeploy | False |
| omsWorkspaceId | N/A |
| omsPrimaryKey | N/A |
| omsLocation | N/A |
| emailAddress | N/A |
| enableSshAccess | True |
| azureStackDeployment | True |
| authType | password or sshPublicKey |
| adminUserName | Username of your Linux admin account |
| adminPassword | Password of your Linux admin account |
| adminSSHKey | You can use SSH Keys instead of password to access your Linux account |
| ethereumNetworkID | Same as leader Network ID |
| consortiumMemberID | The ID associated with each member of the consortium network. This ID should be unique in the network |
| ethereumAdminPublicKey | Ethereum account address that is used for participating in PoA member management. Use address of the MetaMask account that was created on Step 1 |
| numVLNodesRegion | Number of load balanced validator nodes |
| vlNodeVMSize | Size of the virtual machine for transaction nodes |
| vlStorageAccountType | Type of managed disks to create. Allowed values: Standard_LRS, Premium_LRS |
| consortiumDataURL | ConsortiumDataURL from leader deployment output from step 2 |
| publicRPCEndpoint | True - This should be True for Azure Stack environments |
| enableSshAccess | Enables or Disables the Network Security Group rule to allow SSH port access |
| servicePrincipalId | Service principal ID |
| servicePrincipalSecret | Service principal secret |
| endpointFqdn | Azure Stack environment FQDN |
| tenantId | Azure stack tenant ID |
| tenantId | Azure stack tenant ID |
| deployUsingPublicIP | True |
| isAdfs | Set to True if using template on ADFS environment |
| certKeyVaultId | Only for ADFS environments - The ID of the KeyVault that holds ADFS service principal certificate |
| certSecretUrl | Only for ADFS environments - The URL of the secret that holds ADFS service principal certificate |
## Troubleshoot deployment issues
To review the deployment logs for errors/failure :

40
ethereum-consortium-blockchain-poa/common/build.cmd
Просмотреть файл

@ -1,40 +0,0 @@
REM Build docker image and publish to DOCKER_REPOSITORY
REM !/bin/bash
REM Example build.cmd poadev.azurecr.io xxxyyy "xxx1yyy1" poa-etheradmin:latest poa-ethstat:latest
set DOCKER_REPOSITORY=%1
set USERNAME=%2
set PASSWORD=%3
set IMAGE_NAME_ETHERADMIN=%4
set IMAGE_NAME_ETHSTAT=%5
set IMAGE_NAME_VALIDATOR=%6
set IMAGE_NAME_ORCHESTRATOR=%7
echo %{USERNAME}%@%{DOCKER_REPOSITORY}%
docker login %DOCKER_REPOSITORY% -u %USERNAME% -p %PASSWORD%
REM Build etheradmin
cd etheradmin
docker build -t "%DOCKER_REPOSITORY%/%IMAGE_NAME_ETHERADMIN%" .
docker push "%DOCKER_REPOSITORY%/%IMAGE_NAME_ETHERADMIN%"
cd ..
REM Build ethstat
cd ethstat
docker build -t "%DOCKER_REPOSITORY%/%IMAGE_NAME_ETHSTAT%" .
docker push "%DOCKER_REPOSITORY%/%IMAGE_NAME_ETHSTAT%"
cd ..
REM Build validator
cd validator
docker build -t "%DOCKER_REPOSITORY%/%IMAGE_NAME_VALIDATOR%" .
docker push "%DOCKER_REPOSITORY%/%IMAGE_NAME_VALIDATOR%"
cd ..
REM Build orchestrator
cd ..
cd contracts/contracts
docker build -t "%DOCKER_REPOSITORY%/%IMAGE_NAME_ORCHESTRATOR%" .
docker push "%DOCKER_REPOSITORY%/%IMAGE_NAME_ORCHESTRATOR%"

41
ethereum-consortium-blockchain-poa/common/build.sh
Просмотреть файл

@ -1,41 +0,0 @@
# Build docker image and publish to DOCKER_REPOSITORY
#!/bin/bash
# Example ./build.sh "poadev.azurecr.io" "xxxyyy" "xxx1yyy1" "poa-etheradmin:latest" "poa-ethstat:latest"
DOCKER_REPOSITORY=$1
USERNAME=$2
PASSWORD=$3
IMAGE_NAME_ETHERADMIN=$4
IMAGE_NAME_ETHSTAT=$5
IMAGE_NAME_VALIDATOR=$6
IMAGE_NAME_ORCHESTRATOR=$7
echo ${USERNAME}@${DOCKER_REPOSITORY}
docker login $DOCKER_REPOSITORY -u $USERNAME -p $PASSWORD
# Build etheradmin
cd etheradmin
docker build -t "$DOCKER_REPOSITORY/$IMAGE_NAME_ETHERADMIN" .
docker push "$DOCKER_REPOSITORY/$IMAGE_NAME_ETHERADMIN"
cd ..
# Build ethstat
cd ethstat
docker build -t "$DOCKER_REPOSITORY/$IMAGE_NAME_ETHSTAT" .
docker push "$DOCKER_REPOSITORY/$IMAGE_NAME_ETHSTAT"
cd ..
# Build validator
cd validator
docker build -t "$DOCKER_REPOSITORY/$IMAGE_NAME_VALIDATOR" .
docker push "$DOCKER_REPOSITORY/$IMAGE_NAME_VALIDATOR"
cd ..
# Build orchestrator
cd ..
cd contracts/contracts
docker build -t "$DOCKER_REPOSITORY/$IMAGE_NAME_ORCHESTRATOR" .
docker push "$DOCKER_REPOSITORY/$IMAGE_NAME_ORCHESTRATOR"

573
ethereum-consortium-blockchain-poa/common/mainTemplate.json
Просмотреть файл

@ -1,10 +1,11 @@
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"apiProfile": "2018-03-01-hybrid",
"parameters": {
"location": {
"type": "string",
"defaultValue": "redmond",
"defaultValue": "",
"metadata": {
"description": "Resource group location for current deployment"
}
@ -16,55 +17,6 @@
"description": "Will this deployment be joining an existing ethereum network?"
}
},
"regionCount": {
"type": "int",
"defaultValue": 1,
"allowedValues": [
1,
2,
3,
4,
5
],
"metadata": {
"description": "Select the number of region(s) to deploy virtual machines into."
}
},
"location_1": {
"type": "string",
"defaultValue": "redmond",
"metadata": {
"description": "Select the first region."
}
},
"location_2": {
"type": "string",
"defaultValue": "eastus2",
"metadata": {
"description": "Select the second region."
}
},
"location_3": {
"type": "string",
"defaultValue": "centralus",
"metadata": {
"description": "Select the third region."
}
},
"location_4": {
"type": "string",
"defaultValue": "eastus",
"metadata": {
"description": "Select the fourth region."
}
},
"location_5": {
"type": "string",
"defaultValue": "westus",
"metadata": {
"description": "Select the fifth region."
}
},
"authType": {
"type": "string",
"defaultValue": "password",
@ -123,13 +75,6 @@
"description": "Ethereum account address that is used for participating in PoA member management"
}
},
"deployUsingPublicIP":{
"type": "bool",
"defaultValue": true,
"metadata": {
"description": "Deploy using Public IP space or behind Vnet Gateway"
}
},
"numVLNodesRegion": {
"type": "int",
"defaultValue": 2,
@ -173,20 +118,6 @@
"description": "Type of managed disks to create"
}
},
"connectionSharedKey": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Shared Key for the Gateway Connection"
}
},
"consortiumMemberGatewayId": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The ResourceId of the Consortium Member VNet Gateawy to which to connect to"
}
},
"consortiumDataURL": {
"type": "string",
"defaultValue": "",
@ -194,13 +125,6 @@
"description": "The URL pointing to the consortium configuration data provided by another member's deployment"
}
},
"transactionPermissioningContract": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Bytecode for the permissioning contract"
}
},
"publicRPCEndpoint": {
"type": "bool",
"defaultValue": true,
@ -208,60 +132,10 @@
"description": "Should RPC endpoint be exposed over public IP?"
}
},
"baseUrl": {
"type": "string",
"metadata": {
"description": "The base URL for dependent assets",
"artifactsBaseUrl": ""
},
"defaultValue": "https://raw.githubusercontent.com/azure/AzureStack-QuickStart-Templates/master/ethereum-consortium-blockchain-poa/common"
},
"omsDeploy": {
"type": "bool",
"defaultValue": false
},
"msiDeploy": {
"type": "bool",
"defaultValue": false
},
"omsWorkspaceId": {
"type": "string",
"defaultValue": ""
},
"omsPrimaryKey": {
"type": "string",
"defaultValue": ""
},
"omsLocation": {
"type": "string",
"defaultValue": "eastus",
"metadata": {
"description": "Select region to deploy the Log Analytics instance"
},
"allowedValues": [
"eastus",
"westcentralus",
"canadacentral",
"westeurope",
"uksouth",
"southeastasia",
"australiasoutheast",
"centralindia",
"japaneast",
"usgovvirginia"
]
},
"emailAddress": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Email for deployment notification"
}
},
"enableSshAccess":
{
"type": "bool",
"defaultValue": true,
"defaultValue": false,
"metadata": {
"description": "Enables or Disables the Network Security Group rule to allow SSH port access"
}
@ -269,7 +143,7 @@
"servicePrincipalId":
{
"type": "string",
"defaultValue": "454c6c39-2ff0-4342-8ed5-8450af307701",
"defaultValue": "",
"metadata": {
"description": "Optional - Service principal ID for environments that do not support MSI."
}
@ -277,7 +151,7 @@
"servicePrincipalSecret":
{
"type": "string",
"defaultValue": "sJIJGsiO+nO3FLDN76FFEMluGRaB3dqSRODKFtmhHgI=",
"defaultValue": "",
"metadata": {
"description": "Optional - Service principal secret for environments that do not support MSI."
}
@ -285,7 +159,7 @@
"endpointFqdn":
{
"type": "string",
"defaultValue": "redmond.ext-n22r1002.masd.stbtest.microsoft.com",
"defaultValue": "",
"metadata": {
"description": "The FQDN of the Azure Stack environemt. (e.g. local.azurestack.external)."
}
@ -293,78 +167,51 @@
"tenantId":
{
"type": "string",
"defaultValue": "73103a66-894e-4622-8ca7-da73c5c00c0b",
"defaultValue": "",
"metadata": {
"description": "The name or ID or the AAD tenant. (e.g. mydomain.onmicrosoft.com)."
}
},
"dockerRepository":
{
"deployUsingPublicIP": {
"type": "bool",
"defaultValue": true
},
"isAdfs": {
"type": "bool",
"defaultValue": false
},
"certKeyVaultId": {
"type": "string",
"defaultValue": "blockchainazurestack.azurecr.io",
"defaultValue": "",
"metadata": {
"description": "Docker repository"
"description": "The ID of the KeyVault that holds ADFS service principal certificate"
}
},
"dockerLogin":
{
"certSecretUrl": {
"type": "string",
"defaultValue": "blockchainazurestack",
"defaultValue": "",
"metadata": {
"description": "Docker user name"
}
},
"dockerPassword":
{
"type": "string",
"defaultValue": "37xdgrQJbLdnbYh9W=Y7xsidIIRzeGZU",
"metadata": {
"description": "Docker password"
}
},
"dockerImagePoaOrchestrator":
{
"type": "string",
"defaultValue": "orchestrator:latest18",
"metadata": {
"description": "Docker Orchestrator repository"
}
},
"dockerImageEtheradmin":
{
"type": "string",
"defaultValue": "etheradmin:latest18",
"metadata": {
"description": "Docker EtherAdmin repository"
}
},
"dockerImageEthstat":
{
"type": "string",
"defaultValue": "ethstat:latest18",
"metadata": {
"description": "Docker Ethstat repository"
}
},
"dockerImageValidator":
{
"type": "string",
"defaultValue": "validator:latest18",
"metadata": {
"description": "Docker Validator repository"
"description": "The URL of the secret that holds ADFS service principal certificate"
}
}
},
"variables": {
"baseUrl": "[parameters('baseUrl')]",
"accessType": "[if(parameters('msiDeploy'), 'MSI', 'SPN')]",
"regionCount": 1,
"transactionPermissioningContract": "",
"dockerRepository": "ethererumregistry.azurecr.io",
"dockerLogin": "ethererumregistry",
"dockerPassword": "yn0SK6sDw/FvP2Rg9FlaqYbuB6OPrMoZ",
"dockerImagePoaOrchestrator": "orchestrator:hybrid",
"dockerImageEtheradmin": "etheradmin:hybrid",
"dockerImageEthstat": "ethstat:hybrid",
"dockerImageValidator": "validator:hybrid",
"baseUrl": "https://raw.githubusercontent.com/Azure/AzureStack-QuickStart-Templates/master/ethereum-consortium-blockchain-poa/common/",
"accessType": "SPN",
"vmssDeploymentNames": "vmss-deploy",
"deploymentMode": "[if(parameters('isJoiningExistingNetwork'),'Member', 'Leader')]",
"deploymentGuid": "[if(parameters('isJoiningExistingNetwork'),'pid-fff6cb36-716f-46e8-bd34-10b25aabce22', 'pid-a5842b51-d2c6-486a-82e7-2bc2257ff545')]",
"poaScriptUrl": "[uri(variables('baseUrl'),'scripts/configure-poa.sh')]",
"poaScriptUrl": "[concat(variables('baseUrl'),'/scripts/configure-poa.sh')]",
"poaScriptFilename": "configure-poa.sh",
"notificationScriptUrl": "[uri(variables('baseUrl'),'scripts/trigger-deployment-email.sh')]",
"notificationScriptUrl": "[uri(variables('baseUrl'),'scripts/trigger-deployment-email.sh')]",
"notificationFilename": "trigger-deployment-email.sh",
"namePrefix": "eth",
"namingInfix": "[toLower(take(concat(variables('namePrefix'),uniqueString(resourceGroup().id),parameters('location')), 9))]",
"maxPeers": 30,
@ -375,24 +222,12 @@
"sshNATFrontEndEndingPort": 4050,
"ethRpcPort": 8540,
"ethNetworkPort": 30300,
"dockerRepository": "[parameters('dockerRepository')]",
"dockerLogin": "[parameters('dockerLogin')]",
"dockerPassword": "[parameters('dockerPassword')]",
"dockerImagePoaOrchestrator": "[parameters('dockerImagePoaOrchestrator')]",
"dockerImageEtheradmin": "[parameters('dockerImageEtheradmin')]",
"dockerImageEthstat": "[parameters('dockerImageEthstat')]",
"dockerImageValidator": "[parameters('dockerImageValidator')]",
"linkedUrls": {
"vmssSetupUrl": "[uri(variables('baseUrl'),concat('nested/vmss-', if(parameters('msiDeploy'), 'with', 'without'), 'Extension.json'))]",
"vmssConfigUrl": "[uri(variables('baseUrl'),'nested/vmss-config.json')]",
"vmssNotificationUrl": "[uri(variables('baseUrl'),'nested/vmss-notification.json')]",
"connectionsSetupUrl": "[uri(variables('baseUrl'),'nested/connections.json')]",
"networkResourcesUrl": "[uri(variables('baseUrl'),'nested/network-resources.json')]",
"loadBalancerUrl": "[uri(variables('baseUrl'),'nested/network-resources.loadBalancer.json')]",
"vnetgatewayUrl": "[uri(variables('baseUrl'),'nested/vnet-gateway.json')]",
"omsDeployUrl": "[uri(variables('baseUrl'),concat('nested/oms-', if(and(parameters('omsDeploy'), empty(parameters('omsWorkspaceId'))), 'DeployNew', 'Existing'), '.json'))]",
"keyVaultDeployUrl": "[uri(variables('baseUrl'),'nested/createKeyVault.json')]",
"storageDeployUrl": "[uri(variables('baseUrl'),'nested/storage.json')]"
"vmssSetupUrl": "[concat(variables('baseUrl'),'/nested/vmss.json')]",
"networkResourcesUrl": "[concat(variables('baseUrl'),'/nested/network-resources.json')]",
"loadBalancerUrl": "[concat(variables('baseUrl'),'/nested/network-resources.loadBalancer.json')]",
"keyVaultDeployUrl": "[concat(variables('baseUrl'),'/nested/createKeyVault.json')]",
"storageDeployUrl": "[concat(variables('baseUrl'),'/nested/storage.json')]"
},
"vnetName": "[concat(variables('namingInfix'), '-vnet')]",
"vlSubnetName": "snet-vl",
@ -464,19 +299,12 @@
"ethereumNetworkID": "[parameters('ethereumNetworkID')]",
"maxPeers": "[variables('maxPeers')]",
"ethNetworkPort": "[variables('ethNetworkPort')]",
"numBootNodes": "[if(lessOrEquals(mul(parameters('numVLNodesRegion'), parameters('regionCount')),2),1,2)]",
"numVLNodes": "[mul(parameters('numVLNodesRegion'), parameters('regionCount'))]",
"numBootNodes": "[if(lessOrEquals(mul(parameters('numVLNodesRegion'), variables('regionCount')),2),1,2)]",
"numVLNodes": "[mul(parameters('numVLNodesRegion'), variables('regionCount'))]",
"vlVMNamePrefix": "vl",
"adminSitePort": "[variables('adminSitePort')]",
"consortiumId": "[parameters('consortiumMemberId')]"
},
"connectionSettings": {
"connectionName": "conn",
"gatewayName": "[variables('gatewaySettings').gatewayName]",
"connectionSharedKey": "[parameters('connectionSharedKey')]",
"regionCount": "[parameters('regionCount')]",
"connectionMemName": "conn-to-other-gateway"
},
"vnetSettings": [
{
"vnetName": "[concat(variables('vnetName'),'-',variables('suffixArray')[0])]",
@ -610,11 +438,7 @@
}
],
"locationArray": [
"[parameters('location_1')]",
"[parameters('location_2')]",
"[parameters('location_3')]",
"[parameters('location_4')]",
"[parameters('location_5')]"
"[parameters('location')]"
],
"suffixArray": [
"reg1",
@ -623,32 +447,16 @@
"reg4",
"reg5"
],
"copy": [
{
"name": "vmssDeploymentNames",
"count": "[parameters('regionCount')]",
"input": {
"name": "[concat('vmss-dep-',variables('suffixArray')[copyIndex('vmssDeploymentNames')])]"
}
}
],
"scriptReqVmss":
{
"fileUri": "[variables('poaScriptUrl')]",
"filename": "[variables('poaScriptFilename')]",
"consortiumData": "[parameters('consortiumDataURL')]",
"mode": "[variables('deploymentMode')]"
},
"scriptReqNotification": {
"fileUri": "[variables('notificationScriptUrl')]",
"filename": "[variables('notificationFilename')]"
},
"omsWorkspaceName": "[concat(variables('namingInfix'),'-oms')]",
"sendEmailNotification": "[not(equals(parameters('emailAddress'), ''))]"
{
"fileUri": "[variables('poaScriptUrl')]",
"filename": "[variables('poaScriptFilename')]",
"consortiumData": "[parameters('consortiumDataURL')]",
"mode": "[variables('deploymentMode')]"
}
},
"resources": [
{
"apiVersion": "2018-02-01",
"name": "[variables('deploymentGuid')]",
"type": "Microsoft.Resources/deployments",
"properties": {
@ -661,12 +469,9 @@
}
},
{
"apiVersion": "2018-02-01",
"name": "keyVaultDeploy",
"type": "Microsoft.Resources/deployments",
"dependsOn": [
"vmssDeployLoop"
],
"dependsOn": [],
"properties": {
"mode": "Incremental",
"templateLink": {
@ -685,9 +490,9 @@
"Copy": [
{
"name": "accessPolicies",
"count": "[parameters('regionCount')]",
"count": "[variables('regionCount')]",
"input": {
"objectId": "[if(parameters('msiDeploy'), reference(variables('vmssDeploymentNames')[copyIndex('accessPolicies')].name).outputs.Result.value.vmssPrincipalId, parameters('servicePrincipalId'))]",
"objectId": "[parameters('servicePrincipalId')]",
"tenantId": "[subscription().tenantId]",
"permissions": {
"keys": [
@ -706,33 +511,6 @@
}
},
{
"apiVersion": "2018-02-01",
"name": "deployOMS",
"type": "Microsoft.Resources/deployments",
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "[variables('linkedUrls').omsDeployUrl]",
"contentVersion": "1.0.0.0"
},
"parameters": {
"workspaceName": {
"value": "[variables('omsWorkspaceName')]"
},
"location": {
"value": "[parameters('omsLocation')]"
},
"omsWorkspaceId": {
"value": "[parameters('omsWorkspaceId')]"
},
"omsPrimaryKey": {
"value": "[parameters('omsPrimaryKey')]"
}
}
}
},
{
"apiVersion": "2018-02-01",
"name": "network-resources-deploy",
"type": "Microsoft.Resources/deployments",
"properties": {
@ -746,7 +524,7 @@
"value": "[variables('vnetSettings')]"
},
"regionCount": {
"value": "[parameters('regionCount')]"
"value": "[variables('regionCount')]"
},
"locationArray": {
"value": "[variables('locationArray')]"
@ -825,15 +603,14 @@
}
},
{
"apiVersion": "2018-02-01",
"name": "[variables('vmssDeploymentNames')[copyIndex()].name]",
"name": "[variables('vmssDeploymentNames')]",
"type": "Microsoft.Resources/deployments",
"dependsOn": [
"network-resources-deploy"
],
"copy": {
"name": "vmssDeployLoop",
"count": "[parameters('regionCount')]"
"count": "[variables('regionCount')]"
},
"properties": {
"mode": "Incremental",
@ -860,84 +637,30 @@
"vnetName": {
"value": "[variables('vnetSettings')[copyIndex()].vnetName]"
},
"omsWorkspaceId": {
"value": "[reference('deployOMS').outputs.workspaceId.value]"
},
"omsPrimaryKey": {
"value": "[reference('deployOMS').outputs.primarySharedKey.value]"
},
"mustDeployVnetGateway":{
"value": "[variables('mustDeployVnetGateway')]"
}
}
}
},
{
"apiVersion": "2018-02-01",
"name": "[concat(variables('vmssDeploymentNames')[copyIndex()].name, '-config')]",
"type": "Microsoft.Resources/deployments",
"dependsOn": [
"vmssDeployLoop"
],
"copy": {
"name": "vmssConfigLoop",
"count": "[parameters('regionCount')]"
},
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "[variables('linkedUrls').vmssConfigUrl]",
"contentVersion": "1.0.0.0"
},
"parameters": {
"authenticationSettings": {
"value": "[variables('authenticationSettings')]"
},
"vlVmssSettings": {
"value": "[variables('vlVmssSettings')]"
},
"extensionSettings": {
"value": "[variables('extensionSettings')]"
},
"consortiumDataUrl": {
"value": "[if(parameters('isJoiningExistingNetwork'), parameters('consortiumDataURL'), concat('http://',reference('network-resources-deploy').outputs.lbFqdnReg1.value))]"
},
"scriptReq": {
"value": "[variables('scriptReqVmss')]"
},
"location": {
"value": "[variables('locationArray')[copyIndex()]]"
},
"suffix": {
"value": "[variables('suffixArray')[copyIndex()]]"
},
"omsWorkspaceId": {
"value": "[reference('deployOMS').outputs.workspaceId.value]"
},
"omsPrimaryKey": {
"value": "[reference('deployOMS').outputs.primarySharedKey.value]"
"extensionSettings": {
"value": "[variables('extensionSettings')]"
},
"keyVaultUrl": {
"value": "[reference('keyVaultDeploy').outputs.KeyVaultUrl.value]"
},
"keyVaultName": {
"value": "[variables('keyVaultSettings').name]"
},
"rgName": {
"value": "[resourceGroup().name]"
},
"storageAccountName": {
"value": "[reference('storageDeploy').outputs.StorageAccountName.value]"
},
"storagePrimaryKey": {
"value": "[reference('storageDeploy').outputs.StoragePrimaryKey.value]"
},
"transactionPermissioningContract": {
"value": "[parameters('transactionPermissioningContract')]"
},
"ethRpcPort": {
"value": "[variables('ethRpcPort')]"
},
"transactionPermissioningContract": {
"value": "[variables('transactionPermissioningContract')]"
},
"dockerRepository": {
"value": "[variables('dockerRepository')]"
},
@ -959,117 +682,28 @@
"dockerImageValidator": {
"value": "[variables('dockerImageValidator')]"
},
"mustDeployVnetGateway":{
"value": "[variables('mustDeployVnetGateway')]"
"rgName": {
"value": "[resourceGroup().name]"
},
"keyVaultName": {
"value": "[variables('keyVaultSettings').name]"
},
"isAdfs": {
"value": "[parameters('isAdfs')]"
},
"certKeyVaultId": {
"value": "[parameters('certKeyVaultId')]"
},
"certSecretUrl": {
"value": "[parameters('certSecretUrl')]"
},
"consortiumDataUrl": {
"value": "[if(parameters('isJoiningExistingNetwork'), parameters('consortiumDataURL'), concat('http://',reference('network-resources-deploy').outputs.lbFqdnReg1.value))]"
}
}
}
},
{
"apiVersion": "2018-02-01",
"name": "vnet-gateway-deploy",
"type": "Microsoft.Resources/deployments",
"dependsOn": [
"network-resources-deploy"
],
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "[variables('linkedUrls').vnetgatewayUrl]",
"contentVersion": "1.0.0.0"
},
"parameters": {
"vnetSettings": {
"value": "[variables('vnetSettings')]"
},
"regionCount": {
"value": "[parameters('regionCount')]"
},
"locationArray": {
"value": "[variables('locationArray')]"
},
"suffixArray": {
"value": "[variables('suffixArray')]"
},
"gatewayPublicIPName": {
"value": "[variables('gatewaySettings').gatewayPublicIPName]"
},
"gatewayName": {
"value": "[variables('gatewaySettings').gatewayName]"
},
"gatewaySubnetName": {
"value": "[variables('gatewaySettings').gatewaySubnetName]"
},
"gatewaySku": {
"value": "[variables('gatewaySettings').gatewaySku]"
},
"mustDeployVnetGateway": {
"value": "[variables('mustDeployVnetGateway')]"
}
}
}
},
{
"condition": "[and(variables('mustDeployVnetGateway'), greater(parameters('regionCount'),1))]",
"apiVersion": "2018-02-01",
"name": "connections-deploy",
"type": "Microsoft.Resources/deployments",
"dependsOn": [
"vnet-gateway-deploy"
],
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "[variables('linkedUrls').connectionsSetupUrl]",
"contentVersion": "1.0.0.0"
},
"parameters": {
"connectionName": {
"value": "[variables('connectionSettings').connectionName]"
},
"locationArray": {
"value": "[variables('locationArray')]"
},
"suffixArray": {
"value": "[variables('suffixArray')]"
},
"regionCount": {
"value": "[variables('connectionSettings').regionCount]"
},
"connectionSharedKey": {
"value": "[uniqueString(resourceGroup().id)]"
},
"gatewayName": {
"value": "[variables('connectionSettings').gatewayName]"
}
}
}
},
{
"condition": "[and(parameters('isJoiningExistingNetwork'), variables('mustDeployVnetGateway'))]",
"apiVersion": "2017-10-01",
"type": "Microsoft.Network/connections",
"dependsOn": [
"vnet-gateway-deploy"
],
"name": "[concat(variables('connectionSettings').connectionMemName)]",
"location": "[variables('locationArray')[0]]",
"comments": "This is the VPN connection to a consortium member",
"properties": {
"virtualNetworkGateway1": {
"id": "[resourceId('Microsoft.Network/virtualNetworkGateways',concat(variables('connectionSettings').gatewayName,'-',variables('suffixArray')[0]))]"
},
"virtualNetworkGateway2": {
"id": "[parameters('consortiumMemberGatewayId')]"
},
"connectionType": "Vnet2Vnet",
"sharedKey": "[parameters('connectionSharedKey')]",
"routingWeight": 3,
"enableBGP": true
}
},
{
"apiVersion": "2018-02-01",
"name": "storageDeploy",
"type": "Microsoft.Resources/deployments",
"dependsOn": [],
@ -1084,56 +718,7 @@
"value": "[variables('storageSettings').name]"
},
"location": {
"value": "[parameters('location_1')]"
}
}
}
},
{
"apiVersion": "2018-02-01",
"name": "PostDeploymentNotification",
"type": "Microsoft.Resources/deployments",
"dependsOn": [
"vmssDeployLoop",
"vnet-gateway-deploy"
],
"condition": "[variables('sendEmailNotification')]",
"properties": {
"mode": "Incremental",
"templateLink": {
"uri": "[variables('linkedUrls').vmssNotificationUrl]",
"contentVersion": "1.0.0.0"
},
"parameters": {
"vlVmssSettings": {
"value": "[variables('vlVmssSettings')]"
},
"suffix": {
"value": "[variables('suffixArray')[0]]"
},
"scriptReq": {
"value": "[variables('scriptReqNotification')]"
},
"location": {
"value": "[variables('locationArray')[0]]"
},
"emailAddress": {
"value": "[parameters('emailAddress')]"
},
"admin_site": {
"value": "[concat('http://',reference('network-resources-deploy').outputs.lbFqdnReg1.value)]"
},
"oms_portal_url": {
"value": "[if(and(parameters('omsDeploy'), empty(parameters('omsWorkspaceId'))), reference('deployOMS').outputs.portalUrl.value, '')]"
},
"ethereum_rpc_endpoint": {
"value": "[concat('http://',reference('network-resources-deploy').outputs.lbFqdnReg1.value, ':', variables('ethRpcPort'))]"
},
"consortium_data_URL": {
"value": "[concat('http://',reference('network-resources-deploy').outputs.lbFqdnReg1.value)]"
},
"consortium_member_gateway_id_region1": {
"value": "[if(variables('mustDeployVnetGateway'), resourceId('Microsoft.Network/virtualNetworkGateways', concat(variables('gatewaySettings').gatewayName, '-', variables('suffixArray')[0])), '')]"
"value": "[parameters('location')]"
}
}
}
@ -1144,10 +729,6 @@
"type": "string",
"value": "[concat('http://',reference('network-resources-deploy').outputs.lbFqdnReg1.value)]"
},
"oms_portal_url": {
"type": "string",
"value": "[if(and(parameters('omsDeploy'), empty(parameters('omsWorkspaceId'))), reference('deployOMS').outputs.portalUrl.value, 'OMS Portal not deployed')]"
},
"ethereum_rpc_endpoint": {
"type": "string",
"value": "[concat('http://',reference('network-resources-deploy').outputs.lbFqdnReg1.value, ':', variables('ethRpcPort'))]"

78
ethereum-consortium-blockchain-poa/common/mainTemplate.parameters.json
Просмотреть файл

@ -1,78 +0,0 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"value": "redmond"
},
"ethereumAdminPublicKey": {
"value": "0x7E5F4552091A69125d5DfCb7b8C2659029395Bdf"
},
"adminUsername": {
"value": "azureAdmin"
},
"adminPassword": {
"value": "Containers44"
},
"adminSSHKey": {
"value": ""
},
"consortiumMemberId": {
"value": 0
},
"vlNodeVMSize": {
"value": "Standard_D1_v2"
},
"vlStorageAccountType": {
"value" : "Standard_LRS"
},
"consortiumMemberGatewayId": {
"value": ""
},
"consortiumDataURL": {
"value": ""
},
"omsDeploy": {
"value": false
},
"msiDeploy": {
"value": false
},
"servicePrincipalId": {
"value": "7def3ae7-992a-492e-88fe-94e2053e74c7"
},
"servicePrincipalSecret": {
"value": "f9eilhdz/hr8GDIwc39uSxfwo+e+6eoV6wCoJrb8TBU="
},
"endpointFqdn": {
"value": "redmond.ext-n22r1002.masd.stbtest.microsoft.com"
},
"tenantId": {
"value": "8272fdc6-5ec8-4aed-b10c-c09e3221910c"
},
"dockerRepository": {
"value": "blockchainazurestack.azurecr.io"
},
"dockerLogin": {
"value": "blockchainazurestack"
},
"dockerPassword": {
"value": "37xdgrQJbLdnbYh9W=Y7xsidIIRzeGZU"
},
"dockerImagePoaOrchestrator": {
"value": "orchestrator"
},
"dockerImageEtheradmin": {
"value": "etheradmin"
},
"dockerImageEthstat": {
"value": "ethstat"
},
"dockerImageValidator": {
"value": "validator"
},
"enableSshAccess": {
"value": true
}
}
}

71
ethereum-consortium-blockchain-poa/common/nested/connections.json
Просмотреть файл

@ -1,71 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"connectionName": {
"type": "string"
},
"locationArray": {
"type": "array"
},
"suffixArray": {
"type": "array"
},
"regionCount": {
"type": "int"
},
"connectionSharedKey": {
"type": "securestring"
},
"gatewayName": {
"type": "string"
}
},
"variables": {},
"resources": [
{
"apiVersion": "2017-10-01",
"type": "Microsoft.Network/connections",
"name": "[concat(parameters('connectionName'),'-',parameters('suffixArray')[copyIndex()],'-to-',parameters('suffixArray')[copyIndex(1)])]",
"location": "[parameters('locationArray')[copyIndex()]]",
"copy": {
"name": "loop",
"count": "[sub(parameters('regionCount'),1)]"
},
"properties": {
"virtualNetworkGateway1": {
"id": "[resourceId('Microsoft.Network/virtualNetworkGateways',concat(parameters('gatewayName'),'-',parameters('suffixArray')[copyIndex()]))]"
},
"virtualNetworkGateway2": {
"id": "[resourceId('Microsoft.Network/virtualNetworkGateways',concat(parameters('gatewayName'),'-',parameters('suffixArray')[copyIndex(1)]))]"
},
"connectionType": "Vnet2Vnet",
"sharedKey": "[parameters('connectionSharedKey')]",
"routingWeight": 3,
"enableBGP": true
}
},
{
"apiVersion": "2017-10-01",
"type": "Microsoft.Network/connections",
"name": "[concat(parameters('connectionName'),'-',parameters('suffixArray')[copyIndex(1)],'-to-',parameters('suffixArray')[copyIndex()])]",
"location": "[parameters('locationArray')[copyIndex(1)]]",
"copy": {
"name": "loop",
"count": "[sub(parameters('regionCount'),1)]"
},
"properties": {
"virtualNetworkGateway1": {
"id": "[resourceId('Microsoft.Network/virtualNetworkGateways',concat(parameters('gatewayName'),'-',parameters('suffixArray')[copyIndex(1)]))]"
},
"virtualNetworkGateway2": {
"id": "[resourceId('Microsoft.Network/virtualNetworkGateways',concat(parameters('gatewayName'),'-',parameters('suffixArray')[copyIndex()]))]"
},
"connectionType": "Vnet2Vnet",
"sharedKey": "[parameters('connectionSharedKey')]",
"routingWeight": 3,
"enableBGP": true
}
}
]
}

2
ethereum-consortium-blockchain-poa/common/nested/createKeyVault.json
Просмотреть файл

@ -22,8 +22,8 @@
"resources": [
{
"type": "Microsoft.KeyVault/vaults",
"name": "[parameters('keyVaultName')]",
"apiVersion": "2016-10-01",
"name": "[parameters('keyVaultName')]",
"location": "[parameters('keyVaultLocation')]",
"dependsOn": [],
"properties": {

8
ethereum-consortium-blockchain-poa/common/nested/network-resources.json
Просмотреть файл

@ -1,6 +1,7 @@
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"apiProfile": "2018-03-01-hybrid",
"parameters": {
"vnetSettings": {
"type": "array"
@ -89,7 +90,6 @@
"variables": {},
"resources": [
{
"apiVersion": "2017-10-01",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[parameters('vnetSettings')[copyIndex()].vlNsgName]",
"location": "[parameters('locationArray')[copyIndex()]]",
@ -173,7 +173,6 @@
}
},
{
"apiVersion": "2017-10-01",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('vnetSettings')[copyIndex()].vnetName]",
"location": "[parameters('locationArray')[copyIndex()]]",
@ -214,7 +213,6 @@
}
},
{
"apiVersion": "2018-02-01",
"name": "[concat('network-resources-lb', copyIndex())]",
"type": "Microsoft.Resources/deployments",
"copy": {
@ -290,13 +288,15 @@
},
"currentRegionCount":{
"value": "[copyIndex()]"
},
"ethNetworkPort":{
"value": "[parameters('ethNetworkPort')]"
}
}
}
},
{
"condition": "[parameters('mustDeployVnetGateway')]",
"apiVersion": "2017-10-01",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[concat(parameters('gatewayPublicIPName'),'-',parameters('suffixArray')[copyIndex()])]",
"location": "[parameters('locationArray')[copyIndex()]]",

23
ethereum-consortium-blockchain-poa/common/nested/network-resources.loadBalancer.json
Просмотреть файл

@ -1,6 +1,7 @@
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"apiProfile": "2018-03-01-hybrid",
"parameters": {
"regionCount": {
"type": "int"
@ -58,6 +59,9 @@
},
"currentRegionCount": {
"type": "int"
},
"ethNetworkPort": {
"type": "int"
}
},
"variables": {
@ -77,7 +81,6 @@
},
"resources": [
{
"apiVersion": "2017-10-01",
"name": "[concat(parameters('loadBalancerName'),'-',parameters('suffixArray')[parameters('currentRegionCount')])]",
"type": "Microsoft.Network/loadBalancers",
"location": "[parameters('locationArray')[parameters('currentRegionCount')]]",
@ -131,6 +134,24 @@
},
"loadDistribution": "SourceIPProtocol"
}
},
{
"name": "LB-Rule3",
"properties": {
"frontendIPConfiguration": {
"id": "[concat(resourceId('Microsoft.Network/loadBalancers', concat(parameters('loadBalancerName'),'-',parameters('suffixArray')[parameters('currentRegionCount')])),'/frontendIPConfigurations/',parameters('lbFrontEndIpConfigName'))]"
},
"backendAddressPool": {
"id": "[concat(resourceId('Microsoft.Network/loadBalancers', concat(parameters('loadBalancerName'),'-',parameters('suffixArray')[parameters('currentRegionCount')])),'/backendAddressPools/', parameters('backendAddressPoolName'))]"
},
"protocol": "Tcp",
"frontendPort": "[parameters('ethNetworkPort')]",
"backendPort": "[parameters('ethNetworkPort')]",
"idleTimeoutInMinutes": 5,
"probe": {
"id": "[concat(resourceId('Microsoft.Network/loadBalancers', concat(parameters('loadBalancerName'),'-',parameters('suffixArray')[parameters('currentRegionCount')])),'/probes/lbProbe1')]"
}
}
}
],
"probes": [

998
ethereum-consortium-blockchain-poa/common/nested/oms-DeployNew.json
Просмотреть файл

@ -1,998 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"workspaceName": {
"type": "string",
"metadata": {
"description": "workspaceName"
}
},
"dataRetention": {
"type": "int",
"defaultValue": 30,
"minValue": 7,
"maxValue": 730,
"metadata": {
"description": "Number of days of retention. Free plans can only have 7 days, Standalone and OMS plans include 30 days for free"
}
},
"location": {
"type": "string",
"defaultValue": "eastus"
},
"omsWorkspaceId": {
"type": "string"
},
"omsPrimaryKey": {
"type": "string"
}
},
"variables": {
"serviceTier" : "Standalone"
},
"resources": [
{
"apiVersion": "2017-04-26-preview",
"type": "Microsoft.OperationalInsights/workspaces",
"name": "[parameters('workspaceName')]",
"location": "[parameters('location')]",
"properties": {
"sku": {
"Name": "[variables('serviceTier')]"
},
"retention": "[parameters('dataRetention')]"
},
"resources": [
{
"apiVersion": "2015-11-01-preview",
"type": "datasources",
"name": "sampleSyslog1",
"dependsOn": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"kind": "LinuxSyslog",
"properties": {
"syslogName": "kern",
"syslogSeverities": [
{
"severity": "emerg"
},
{
"severity": "alert"
},
{
"severity": "crit"
},
{
"severity": "err"
},
{
"severity": "warning"
}
]
}
},
{
"apiVersion": "2015-11-01-preview",
"type": "datasources",
"name": "sampleSyslogCollection1",
"dependsOn": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"kind": "LinuxSyslogCollection",
"properties": {
"state": "Enabled"
}
},
{
"apiVersion": "2015-11-01-preview",
"type": "datasources",
"name": "linuxDiskPerf",
"dependsOn": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"kind": "LinuxPerformanceObject",
"properties": {
"performanceCounters": [
{
"counterName": "% Used Inodes"
},
{
"counterName": "Free Megabytes"
},
{
"counterName": "% Used Space"
},
{
"counterName": "Disk Transfers/sec"
},
{
"counterName": "Disk Reads/sec"
},
{
"counterName": "Disk Writes/sec"
}
],
"objectName": "Logical Disk",
"instanceName": "*",
"intervalSeconds": 10
}
},
{
"apiVersion": "2015-11-01-preview",
"type": "datasources",
"name": "linuxMemoryPerf",
"dependsOn": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"kind": "LinuxPerformanceObject",
"properties": {
"performanceCounters": [
{
"counterName": "% Available Memory"
},
{
"counterName": "Available MBytes Memory"
},
{
"counterName": "Used Memory MBytes"
}
],
"objectName": "Memory",
"instanceName": "*",
"intervalSeconds": 10
}
},
{
"apiVersion": "2015-11-01-preview",
"type": "datasources",
"name": "linuxNetworkPerf",
"dependsOn": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"kind": "LinuxPerformanceObject",
"properties": {
"performanceCounters": [
{
"counterName": "Total Bytes Transmitted"
},
{
"counterName": "Total Bytes Received"
},
{
"counterName": "Total Bytes"
}
],
"objectName": "Network",
"instanceName": "*",
"intervalSeconds": 10
}
},
{
"apiVersion": "2015-11-01-preview",
"type": "datasources",
"name": "linuxProcessorPerf",
"dependsOn": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"kind": "LinuxPerformanceObject",
"properties": {
"performanceCounters": [
{
"counterName": "% Processor Time"
}
],
"objectName": "Processor",
"instanceName": "*",
"intervalSeconds": 10
}
},
{
"apiVersion": "2015-11-01-preview",
"type": "datasources",
"name": "linuxSystemPerf",
"dependsOn": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"kind": "LinuxPerformanceObject",
"properties": {
"performanceCounters": [
{
"counterName": "Uptime"
}
],
"objectName": "System",
"instanceName": "*",
"intervalSeconds": 60
}
},
{
"apiVersion": "2015-11-01-preview",
"type": "datasources",
"name": "sampleLinuxPerfCollection1",
"dependsOn": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"kind": "LinuxPerformanceCollection",
"properties": {
"state": "Enabled"
}
},
{
"apiVersion": "2015-11-01-preview",
"type": "datasources",
"name": "DataSource_CustomLogCollection",
"dependsOn": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"kind": "CustomLogCollection",
"properties": {
"state": "LinuxLogsEnabled"
}
},
{
"apiVersion": "2015-11-01-preview",
"type": "datasources",
"name": "parityLogCustomLog",
"dependsOn": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"kind": "CustomLog",
"properties": {
"customLogName": "ParityLog_CL",
"description": "Parity client log",
"extractions": [
{
"extractionName": "TimeGenerated",
"extractionType": "DateTime",
"extractionProperties": {
"dateTimeExtraction": {
"regex": [
{
"matchIndex": 0,
"pattern": "((\\d{2})|(\\d{4}))-([0-1]\\d)-(([0-3]\\d)|(\\d))\\s((\\d)|([0-1]\\d)|(2[0-4])):[0-5][0-9]:[0-5][0-9]"
}
]
}
}
}
],
"inputs": [
{
"location": {
"fileSystemLocations": {
"linuxFileTypeLogPaths": [
"/var/log/parity/parity.log"
],
"windowsFileTypeLogPaths": null
}
},
"recordDelimiter": {
"regexDelimiter": {
"matchIndex": 0,
"numberdGroup": null,
"pattern": "(^.*((\\d{2})|(\\d{4}))-([0-1]\\d)-(([0-3]\\d)|(\\d))\\s((\\d)|([0-1]\\d)|(2[0-4])):[0-5][0-9]:[0-5][0-9].*$)"
}
}
}
]
}
},
{
"apiVersion": "2015-11-01-preview",
"type": "datasources",
"name": "configCustomLog",
"dependsOn": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"kind": "CustomLog",
"properties": {
"customLogName": "ConfigLog_CL",
"description": "Configuration Log File",
"inputs": [
{
"location": {
"fileSystemLocations": {
"linuxFileTypeLogPaths": [
"/var/log/deployment/config.log"
]
}
},
"recordDelimiter": {
"regexDelimiter": {
"pattern": "\\n",
"matchIndex": 0,
"matchIndexSpecified": true,
"numberedGroup": null
}
}
}
],
"extractions": [
{
"extractionName": "TimeGenerated",
"extractionType": "DateTime",
"extractionProperties": {
"dateTimeExtraction": {
"regex": null,
"joinStringRegex": null
}
}
}
]
}
},
{
"apiVersion": "2015-11-01-preview",
"type": "datasources",
"name": "adminSiteCustomLog",
"dependsOn": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"kind": "CustomLog",
"properties": {
"customLogName": "AdminSiteLog_CL",
"description": "Admin Site Log File",
"inputs": [
{
"location": {
"fileSystemLocations": {
"linuxFileTypeLogPaths": [
"/var/log/adminsite/etheradmin.log"
]
}
},
"recordDelimiter": {
"regexDelimiter": {
"pattern": "\\n",
"matchIndex": 0,
"matchIndexSpecified": true,
"numberedGroup": null
}
}
}
],
"extractions": [
{
"extractionName": "TimeGenerated",
"extractionType": "DateTime",
"extractionProperties": {
"dateTimeExtraction": {
"regex": null,
"joinStringRegex": null
}
}
}
]
}
},
{
"apiVersion": "2015-11-01-preview",
"type": "datasources",
"name": "statsCustomLog",
"dependsOn": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"kind": "CustomLog",
"properties": {
"customLogName": "StatsLog_CL",
"description": "Stats Log File",
"inputs": [
{
"location": {
"fileSystemLocations": {
"linuxFileTypeLogPaths": [
"/var/log/stats/ethstat.log"
]
}
},
"recordDelimiter": {
"regexDelimiter": {
"pattern": "\\n",
"matchIndex": 0,
"matchIndexSpecified": true,
"numberedGroup": null
}
}
}
],
"extractions": [
{
"extractionName": "TimeGenerated",
"extractionType": "DateTime",
"extractionProperties": {
"dateTimeExtraction": {
"regex": null,
"joinStringRegex": null
}
}
}
]
}
},
{
"apiVersion": "2015-11-01-preview",
"name": "Node Overview",
"type": "views",
"dependson": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"properties": {
"Id": "Node Overview",
"Name": "Node Overview",
"Source": "Local",
"Version": 2,
"Dashboard": [
{
"Id": "NumberTileListBuilderBlade",
"Type": "Blade",
"Version": 0,
"Configuration": {
"General": {
"title": "# of active nodes in last 30 minutes",
"newGroup": false,
"icon": "",
"useIcon": false
},
"Tile": {
"Legend": "# of Validator Nodes",
"Query": "Heartbeat | where TimeGenerated >= ago(30m) | summarize dcountif(Computer, Computer startswith('vl-'))",
"NavigationSelect": {}
},
"List": {
"Query": "Perf | where CounterName == \"Uptime\" | where TimeGenerated > ago(30m) | summarize (LastUpdate, Uptime) = argmax(TimeGenerated, CounterValue / 86400) by Computer | order by Uptime asc ",
"HideGraph": false,
"enableSparklines": false,
"ColumnsTitle": {
"Name": "Validator",
"Value": "Uptime (Days)"
},
"Color": "#0072c6",
"thresholds": {
"isEnabled": false,
"values": [
{
"name": "Normal",
"threshold": "Default",
"color": "#009e49",
"isDefault": true
},
{
"name": "Warning",
"threshold": "60",
"color": "#fcd116",
"isDefault": false
},
{
"name": "Error",
"threshold": "90",
"color": "#ba141a",
"isDefault": false
}
]
},
"NameDSVSeparator": "",
"NavigationQuery": "search {selected item} | sort by TimeGenerated desc",
"NavigationSelect": {
"NavigationQuery": "search {selected item} | sort by TimeGenerated desc"
}
}
}
},
{
"Id": "LineChartCalloutStackedBuilderBlade",
"Type": "Blade",
"Version": 0,
"Configuration": {
"General": {
"title": "Validator Node Performance",
"newGroup": false
},
"charts": [
{
"Header": {
"Title": "Avg Proc Usage",
"Subtitle": "Average Processor Usage % per node (15m intervals)"
},
"LineChart": {
"Query": "Perf | where Computer startswith \"vl-\" | where ObjectName == \"Processor\" and InstanceName == \"_Total\" | summarize AvgProcUsage = avg(CounterValue) by Computer, bin(TimeGenerated, 15m)",
"yAxis": {
"isLogarithmic": false,
"units": {
"baseUnitType": "",
"baseUnit": "",
"displayUnit": ""
},
"customLabel": ""
},
"NavigationSelect": {}
}
},
{
"Header": {
"Title": "% Available Memory",
"Subtitle": "Percentage of available memory per node (15m intervals)"
},
"LineChart": {
"Query": "Perf | where Computer startswith \"vl-\" and ObjectName == \"Memory\" and CounterName == \"% Available Memory\" | summarize PercentAvailableMemory = avg(CounterValue) by Computer, bin(TimeGenerated, 15m)",
"yAxis": {
"isLogarithmic": false,
"units": {
"baseUnitType": "",
"baseUnit": "",
"displayUnit": ""
},
"customLabel": ""
},
"NavigationSelect": {}
}
},
{
"Header": {
"Title": "% Used Disk Space",
"Subtitle": "Percentage of used disk space per node and mount (15m intervals)"
},
"LineChart": {
"Query": "Perf | where Computer startswith \"vl-\" and ObjectName == \"Logical Disk\" and CounterName == \"% Used Space\" and InstanceName !startswith \"_\" | project TimeGenerated , CounterValue , DiskName = strcat(Computer, \" - \" , InstanceName ) | summarize PercentUsedSpace = avg(CounterValue) by DiskName, bin(TimeGenerated, 15m)",
"yAxis": {
"isLogarithmic": false,
"units": {
"baseUnitType": "",
"baseUnit": "",
"displayUnit": ""
},
"customLabel": ""
},
"NavigationSelect": {}
}
}
]
}
}
],
"Filters": [],
"OverviewTile": {
"Id": "SingleNumberBuilderTile",
"Type": "OverviewTile",
"Version": 2,
"Configuration": {
"Tile": {
"Legend": "Nodes reporting heartbeats in past 30 minutes",
"Query": "Heartbeat | where TimeGenerated >= ago(30m) | summarize dcount(Computer)"
},
"Advanced": {
"DataFlowVerification": {
"Enabled": true,
"Query": "Heartbeat | limit 1 | project TimeGenerated",
"Message": "Waiting for nodes to report to Log Analytics"
}
}
}
}
}
},
{
"apiVersion": "2015-11-01-preview",
"name": "Network Stats",
"type": "views",
"dependson": [
"[concat('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName'))]"
],
"properties": {
"Id": "Average Block Time",
"Name": "Average Block Time",
"Source": "Local",
"Version": 2,
"Dashboard": [
{
"Id": "TwoNumberTileListBuilderBlade",
"Type": "Blade",
"Version": 0,
"Configuration": {
"General": {
"title": "Block Overview",
"newGroup": false,
"icon": "",
"useIcon": false
},
"Tile": {
"Legend": "Highest Reported Block",
"Query": "MinedBlock_CL | where TimeGenerated > ago(1h) | summarize BestBlock = max(BlockNumber_d)"
},
"SecondTile": {
"Legend": "Avg Block Time (Sec)",
"Query": "let UniqueBlocks = MinedBlock_CL | where BlockTimestamp_t > ago(24h) | distinct BlockNumber_d, BlockTimestamp_t, BlockHash_s, BlockParentHash_s; UniqueBlocks | join ( UniqueBlocks ) on $left.BlockHash_s == $right.BlockParentHash_s | extend BlockTime = datetime_diff('second', BlockTimestamp_t1, BlockTimestamp_t ) | summarize avg(BlockTime) "
},
"List": {
"Query": "let UniqueBlocks = MinedBlock_CL | where BlockTimestamp_t > ago(24h) | distinct BlockNumber_d, BlockTimestamp_t, BlockHash_s, BlockParentHash_s; UniqueBlocks | join (UniqueBlocks) on $left.BlockHash_s == $right.BlockParentHash_s | extend BlockTime = datetime_diff('second', BlockTimestamp_t1, BlockTimestamp_t ) | order by BlockNumber_d1 desc | project BlockNumber_d = trim_end(\".0\", tostring(BlockNumber_d1)), BlockTime",
"HideGraph": false,
"enableSparklines": false,
"ColumnsTitle": {
"Name": "Block",
"Value": "Time (Sec)"
},
"Color": "#0072c6",
"thresholds": {
"isEnabled": false,
"values": [
{
"name": "Normal",
"threshold": "Default",
"color": "#009e49",
"isDefault": true
},
{
"name": "Warning",
"threshold": "60",
"color": "#fcd116",
"isDefault": false
},
{
"name": "Error",
"threshold": "90",
"color": "#ba141a",
"isDefault": false
}
]
},
"NameDSVSeparator": "",
"NavigationQuery": "MinedBlock_CL| where {selected item}",
"NavigationSelect": {
"NavigationQuery": "MinedBlock_CL| where {selected item}"
}
},
"Blade": {
"NavigationSelect": {}
}
}
},
{
"Id": "TwoNumberTileListBuilderBlade",
"Type": "Blade",
"Version": 0,
"Configuration": {
"General": {
"title": "Nodes",
"newGroup": false,
"icon": "",
"useIcon": false
},
"Tile": {
"Legend": "Last hour active nodes",
"Query": "MinedBlock_CL | where TimeGenerated > ago(1h) | distinct NodeProvider_s | count "
},
"SecondTile": {
"Legend": "Total Nodes",
"Query": "MinedBlock_CL | distinct NodeProvider_s | count "
},
"List": {
"Query": "let CurrentNodes = MinedBlock_CL | where TimeGenerated > ago(1h) | summarize BlocksReported = dcount(BlockNumber_d) by NodeProvider_s ; MinedBlock_CL | where TimeGenerated > ago(7d) | distinct NodeProvider_s | join kind = leftouter (CurrentNodes) on NodeProvider_s | project NodeProvider_s, BlocksReported = coalesce(BlocksReported, 0)",
"HideGraph": false,
"enableSparklines": false,
"operation": "Summary",
"ColumnsTitle": {
"Name": "Node",
"Value": "Blocks Reported last hour"
},
"Color": "#0072c6",
"thresholds": {
"isEnabled": false,
"values": [
{
"name": "Normal",
"threshold": "Default",
"color": "#009e49",
"isDefault": true
},
{
"name": "Warning",
"threshold": "60",
"color": "#fcd116",
"isDefault": false
},
{
"name": "Error",
"threshold": "90",
"color": "#ba141a",
"isDefault": false
}
]
},
"NameDSVSeparator": "",
"NavigationQuery": "MinedBlock_CL| where {selected item}| sort by BlockNumber_d desc | render table",
"NavigationSelect": {
"NavigationQuery": "MinedBlock_CL| where {selected item}| sort by BlockNumber_d desc | render table"
}
},
"Blade": {
"NavigationSelect": {}
}
}
},
{
"Id": "LineChartCalloutStackedBuilderBlade",
"Type": "Blade",
"Version": 0,
"Configuration": {
"General": {
"title": "Validator Overview",
"newGroup": false
},
"charts": [
{
"Header": {
"Title": "RPC Requests/sec",
"Subtitle": "Avg RPC Requests per second"
},
"LineChart": {
"Query": "ParityLog_CL | where RawData matches regex \".+INFO import\\\\s+(\\\\d+)\\\\/(\\\\d+) peers\" | extend Rpc_Requests_Sec = extract(\".*RPC:.*conn,\\\\s+(\\\\d+).*req\\\\/s\", 1, RawData, typeof(int)) | summarize Requests = avg(Rpc_Requests_Sec) by bin(TimeGenerated, 5m) | order by TimeGenerated desc",
"yAxis": {
"isLogarithmic": false,
"units": {
"baseUnitType": "",
"baseUnit": "",
"displayUnit": ""
},
"customLabel": ""
},
"NavigationSelect": {}
}
},
{
"Header": {
"Title": "Transactions",
"Subtitle": "Transactions per minute"
},
"LineChart": {
"Query": "MinedBlock_CL | distinct BlockNumber_d, BlockTimestamp_t, BlockTransactionCount_d | summarize sum(BlockTransactionCount_d) by bin(BlockTimestamp_t, 1m) | project Transactions = sum_BlockTransactionCount_d, TimeGenerated = BlockTimestamp_t ",
"yAxis": {
"isLogarithmic": false,
"units": {
"baseUnitType": "",
"baseUnit": "",
"displayUnit": ""
},
"customLabel": ""
},
"NavigationSelect": {}
}
},
{
"Header": {
"Title": "Gas Used",
"Subtitle": "Gas used per minute"
},
"LineChart": {
"Query": "MinedBlock_CL | distinct BlockNumber_d, BlockTimestamp_t, BlockGasUsed_d | summarize GasUsed = sum(BlockGasUsed_d) by bin(BlockTimestamp_t, 1m) | project GasUsed, TimeGenerated = BlockTimestamp_t ",
"yAxis": {
"isLogarithmic": false,
"units": {
"baseUnitType": "",
"baseUnit": "",
"displayUnit": ""
},
"customLabel": ""
},
"NavigationSelect": {}
}
}
]
}
},
{
"Id": "LineChartCalloutBuilderBlade",
"Type": "Blade",
"Version": 0,
"Configuration": {
"General": {
"title": "Propagation",
"newGroup": false,
"icon": "",
"useIcon": false
},
"Header": {
"Title": "Network Progagation",
"Subtitle": ""
},
"LineChart": {
"Query": "let LatestPeerCount = toscalar(MinedBlock_CL | where TimeGenerated > ago(1h) | distinct NodeProvider_s | count); MinedBlock_CL | where TimeGenerated > ago(12h) | summarize PeerCount = count(), MinTime = min(ListenerReceivedTimestamp_t), MaxTime = max(ListenerReceivedTimestamp_t) by BlockNumber_d | where PeerCount >= (LatestPeerCount / 1.5) | extend BlockPropagationTime = datetime_diff('Millisecond', MaxTime,MinTime) | order by BlockNumber_d desc | project BlockNumber_d = trim_end(\".0\", tostring(BlockNumber_d)), BlockPropagationTime",
"Callout": {
"Title": "Avg MS",
"Series": "",
"Operation": "Average"
},
"yAxis": {
"isLogarithmic": false,
"units": {
"baseUnitType": "TimeRange",
"baseUnit": "Milliseconds",
"displayUnit": "Milliseconds"
},
"customLabel": "Avg Prop Time"
},
"NavigationSelect": {}
},
"List": {
"Query": "let LatestPeerCount = toscalar(MinedBlock_CL | where TimeGenerated > ago(1h) | distinct NodeProvider_s | count); MinedBlock_CL | where TimeGenerated > ago(12h) | summarize PeerCount = count(), MinTime = min(ListenerReceivedTimestamp_t), MaxTime = max(ListenerReceivedTimestamp_t) by BlockNumber_d | where PeerCount >= (LatestPeerCount / 1.5) | extend BlockPropagationTime = datetime_diff('Millisecond', MaxTime,MinTime) | order by BlockNumber_d desc | project BlockNumber_d = trim_end(\".0\", tostring(BlockNumber_d)), BlockPropagationTime",
"HideGraph": false,
"enableSparklines": false,
"operation": "Summary",
"ColumnsTitle": {
"Name": "Block",
"Value": "Propagation Time (MS)"
},
"Color": "#0072c6",
"thresholds": {
"isEnabled": true,
"values": [
{
"name": "Normal",
"threshold": "Default",
"color": "#009e49",
"isDefault": true
},
{
"name": "Warning",
"threshold": "750",
"color": "#fcd116",
"isDefault": false
},
{
"name": "Error",
"threshold": "1000",
"color": "#ba141a",
"isDefault": false
}
]
},
"NameDSVSeparator": "",
"NavigationQuery": "MinedBlock_CL | where {selected item} | render table",
"NavigationSelect": {
"NavigationQuery": "MinedBlock_CL | where {selected item} | render table"
}
}
}
},
{
"Id": "TwoTrendsAndListBuilderBlade",
"Type": "Blade",
"Version": 0,
"Configuration": {
"General": {
"title": "BLOCKS ADDED DURING SELECTED TIME RANGE",
"newGroup": false,
"icon": "",
"useIcon": false
},
"Trend1": {
"Legend": "Blocks Added",
"LegendColor": "#00188f",
"ChartQuery": "MinedBlock_CL | summarize dcount(BlockNumber_d) by bin(BlockTimestamp_t, 15m)",
"Calculation": {
"Operation": "Sum"
}
},
"Trend2": {
"Legend": "Transactions",
"LegendColor": "#0072c6",
"ChartQuery": "MinedTransaction_CL | summarize FirstTimeStamp = min(ListenerReceivedTimestamp_t) by BlockNumber_d, TransactionHash_s | project Transaction = TransactionHash_s, FirstTimeStamp | summarize count(Transaction) by bin(FirstTimeStamp, 15m)",
"Calculation": {
"Operation": "Sum"
}
},
"List": {
"Query": "MinedBlock_CL | summarize dcount(BlockHash_s) by BlockExtraData_s | order by BlockExtraData_s asc ",
"HideGraph": false,
"enableSparklines": false,
"operation": "Summary",
"ColumnsTitle": {
"Name": "Consortium Member",
"Value": "Blocks Added"
},
"Color": "#00d8cc",
"thresholds": {
"isEnabled": false,
"values": [
{
"name": "Normal",
"threshold": "Default",
"color": "#009e49",
"isDefault": true
},
{
"name": "Warning",
"threshold": "60",
"color": "#fcd116",
"isDefault": false
},
{
"name": "Error",
"threshold": "90",
"color": "#ba141a",
"isDefault": false
}
]
},
"NameDSVSeparator": "",
"NavigationQuery": "MinedBlock_CL | where {selected item} | order by BlockNumber_d desc",
"NavigationSelect": {
"NavigationQuery": "MinedBlock_CL | where {selected item} | order by BlockNumber_d desc"
}
},
"Blade": {
"NavigationSelect": {}
}
}
},
{
"Id": "NotableQueriesBuilderBlade",
"Type": "Blade",
"Version": 0,
"Configuration": {
"General": {
"title": "List of queries",
"newGroup": false,
"preselectedFilters": "",
"renderMode": "grid"
},
"queries": [
{
"query": "PendingTransaction_CL | join kind = leftanti (MinedTransaction_CL) on TransactionHash_s",
"displayName": "Pending Transactions"
},
{
"query": "let UniqueBlocks = MinedBlock_CL | where BlockTimestamp_t > ago(24h) | distinct BlockNumber_d, BlockTimestamp_t, BlockHash_s, BlockParentHash_s; UniqueBlocks | join ( UniqueBlocks ) on $left.BlockHash_s == $right.BlockParentHash_s | extend BlockTime = datetime_diff('second', BlockTimestamp_t1, BlockTimestamp_t ) | order by BlockNumber_d1 desc | project Block = trim_end(\".0\", tostring(BlockNumber_d1)), BlockTime",
"displayName": "Time Per Block"
}
]
}
}
],
"Filters": [],
"OverviewTile": {
"Id": "DoubleNumberBuilderTile",
"Type": "OverviewTile",
"Version": 2,
"Configuration": {
"TileOne": {
"Legend": "Average Block Time (Seconds)",
"Query": "let UniqueBlocks = MinedBlock_CL | where BlockTimestamp_t > ago(24h) | distinct BlockNumber_d, BlockTimestamp_t, BlockHash_s, BlockParentHash_s; UniqueBlocks | join ( UniqueBlocks ) on $left.BlockHash_s == $right.BlockParentHash_s | extend BlockTime = datetime_diff('second', BlockTimestamp_t1, BlockTimestamp_t ) | summarize avg(BlockTime)"
},
"TileTwo": {
"Legend": "Last Reported Block Number (Seconds Ago)",
"Query": "MinedBlock_CL | summarize max(BlockTimestamp_t) | project SecondsAgo = datetime_diff('second', now(), max_BlockTimestamp_t )"
},
"Advanced": {
"DataFlowVerification": {
"Enabled": true,
"Query": "search * | where Type == 'MinedBlock_CL' | take 1",
"Message": "Waiting on data from network"
}
}
}
}
}
}
]
}
],
"outputs": {
"workspaceName": {
"type": "string",
"value": "[parameters('workspaceName')]"
},
"workspaceId": {
"type": "string",
"value": "[reference(parameters('workspaceName'), '2017-04-26-preview').customerId]"
},
"portalUrl": {
"type": "string",
"value": "[reference(parameters('workspaceName'), '2017-04-26-preview').portalUrl]"
},
"primarySharedKey": {
"type": "string",
"value": "[listKeys(resourceId('Microsoft.OperationalInsights/workspaces/', parameters('workspaceName')), '2017-04-26-preview').primarySharedKey]"
}
}
}

51
ethereum-consortium-blockchain-poa/common/nested/oms-Existing.json
Просмотреть файл

@ -1,51 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"workspaceName": {
"type": "string",
"metadata": {
"description": "workspaceName"
}
},
"dataRetention": {
"type": "int",
"defaultValue": 30,
"minValue": 7,
"maxValue": 730,
"metadata": {
"description": "Number of days of retention. Free plans can only have 7 days, Standalone and OMS plans include 30 days for free"
}
},
"location": {
"type": "string",
"defaultValue": "eastus"
},
"omsWorkspaceId": {
"type": "string"
},
"omsPrimaryKey": {
"type": "string"
}
},
"variables": {},
"resources": [],
"outputs": {
"workspaceName": {
"type": "string",
"value": "[parameters('workspaceName')]"
},
"workspaceId": {
"type": "string",
"value": "[parameters('omsWorkspaceId')]"
},
"portalUrl": {
"type": "string",
"value": "Contact the OMS Workspace ID provider for URL and credentials"
},
"primarySharedKey": {
"type": "string",
"value": "[parameters('omsPrimaryKey')]"
}
}
}

27
ethereum-consortium-blockchain-poa/common/nested/storage.json
Просмотреть файл

@ -1,6 +1,7 @@
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"apiProfile": "2018-03-01-hybrid",
"parameters": {
"storageAccountName": {
"type": "string"
@ -14,33 +15,11 @@
{
"type": "Microsoft.Storage/storageAccounts",
"name": "[parameters('storageAccountName')]",
"apiVersion": "2016-01-01",
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
"name": "Standard_LRS"
},
"kind": "Storage",
"location": "[parameters('location')]",
"properties": {
"encryption": {
"services": {
"blob": {
"enabled": true
},
"file": {
"enabled": true
}
},
"keySource": "Microsoft.Storage"
},
"networkAcls": {
"bypass": "AzureServices",
"virtualNetworkRules": [],
"ipRules": [],
"defaultAction": "Allow"
},
"supportsHttpsTrafficOnly": false
}
"location": "[parameters('location')]"
}
],
"outputs": {

123
ethereum-consortium-blockchain-poa/common/nested/vmss-config.json
Просмотреть файл

@ -1,123 +0,0 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"authenticationSettings": {
"type": "secureObject"
},
"vlVmssSettings": {
"type": "object"
},
"extensionSettings": {
"type": "object"
},
"consortiumDataUrl": {
"type": "string"
},
"scriptReq": {
"type": "object"
},
"location": {
"type": "string"
},
"suffix": {
"type": "string"
},
"omsWorkspaceId": {
"type": "string"
},
"omsPrimaryKey": {
"type": "securestring"
},
"keyVaultUrl": {
"type": "string"
},
"keyVaultName": {
"type": "string"
},
"rgName": {
"type": "string"
},
"storageAccountName": {
"type": "string"
},
"storagePrimaryKey": {
"type": "securestring"
},
"transactionPermissioningContract": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "Bytecode for the permissioning contract"
}
},
"ethRpcPort": {
"type": "int"
},
"dockerRepository": {
"type": "string"
},
"dockerLogin": {
"type": "string"
},
"dockerPassword": {
"type": "string"
},
"dockerImagePoaOrchestrator": {
"type": "string"
},
"dockerImageEtheradmin": {
"type": "string"
},
"dockerImageEthstat": {
"type": "string"
},
"dockerImageValidator": {
"type": "string"
},
"mustDeployVnetGateway": {
"type": "bool"
}
},
"variables": {
"consortium-data": "[parameters('consortiumDataUrl')]",
"mode": "[parameters('scriptReq').mode]",
"artifactsLocationURL": "[parameters('extensionSettings').artifactsLocationURL]",
"ethereumNetworkID": "[parameters('extensionSettings').ethereumNetworkID]",
"numBootNodes": "[parameters('extensionSettings').numBootNodes]",
"numVLNodes": "[parameters('extensionSettings').numVLNodes]",
"adminSitePort": "[parameters('extensionSettings').adminSitePort]",
"consortiumMemberId": "[parameters('extensionSettings').consortiumId]",
"adminUsername": "[parameters('authenticationSettings').adminUsername]",
"adminId": "[parameters('authenticationSettings').adminId]",
"accessType": "[parameters('authenticationSettings').accessType]",
"servicePrincipalId": "[parameters('authenticationSettings').servicePrincipalId]",
"servicePrincipalSecret": "[parameters('authenticationSettings').servicePrincipalSecret]",
"endpointFqdn": "[parameters('authenticationSettings').endpointFqdn]",
"tenantId": "[parameters('authenticationSettings').tenantId]",
"vlVmssName": "[concat(parameters('vlVmssSettings').vmssName, '-',parameters('suffix'))]"
},
"resources": [
{
"type": "Microsoft.Compute/virtualMachineScaleSets/extensions",
"name": "[concat(variables('vlVmssName'),'/config')]",
"apiVersion": "2017-03-30",
"location": "[parameters('location')]",
"properties": {
"publisher": "Microsoft.Azure.Extensions",
"type": "CustomScript",
"typeHandlerVersion": "2.0",
"autoUpgradeMinorVersion": true,
"forceUpdateTag": "1.0",
"settings": {
"fileUris": [
"[parameters('scriptReq').fileUri]"
]
},
"protectedSettings": {
"commandToExecute": "[concat('/bin/bash ', parameters('scriptReq').filename, ' \"', variables('adminUsername'), '\" \"', variables('artifactsLocationURL'), '\" \"', variables('numBootNodes'), '\" \"', variables('numVLNodes'), '\" \"', variables('mode'), '\" \"', parameters('omsWorkspaceId'), '\" \"', parameters('omsPrimaryKey'), '\" \"', parameters('keyVaultUrl'), '\" \"', parameters('storageAccountName'), '\" \"', parameters('storagePrimaryKey'), '\" \"', parameters('ethRpcPort'), '\" \"', variables('adminSitePort'), '\" \"', variables('consortiumMemberId'), '\" \"', variables('ethereumNetworkID'),'\" \"', variables('adminId'),'\" \"', parameters('transactionPermissioningContract'),'\" \"',variables('consortium-data'),'\" \"',parameters('dockerRepository'),'\" \"',parameters('dockerLogin'),'\" \"',parameters('dockerPassword'),'\" \"',parameters('dockerImagePoaOrchestrator'),'\" \"',parameters('dockerImageEtheradmin'),'\" \"',parameters('dockerImageEthstat'),'\" \"',parameters('dockerImageValidator'), '\" \"',parameters('mustDeployVnetGateway'), '\" \"',variables('accessType'), '\" \"',variables('servicePrincipalId'), '\" \"',variables('servicePrincipalSecret'), '\" \"',variables('endpointFqdn'), '\" \"',variables('tenantId'), '\" \"',parameters('keyVaultName'), '\" \"',parameters('rgName'), '\"')]"
}
}
}
]
}

62
ethereum-consortium-blockchain-poa/common/nested/vmss-notification.json
Просмотреть файл

@ -1,62 +0,0 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"vlVmssSettings": {
"type": "object"
},
"suffix": {
"type": "string"
},
"scriptReq": {
"type": "object"
},
"location": {
"type": "string"
},
"emailAddress": {
"type": "string"
},
"admin_site": {
"type": "string"
},
"oms_portal_url": {
"type": "string"
},
"ethereum_rpc_endpoint": {
"type": "string"
},
"consortium_data_URL": {
"type": "string"
},
"consortium_member_gateway_id_region1": {
"type": "string"
}
},
"variables": {
"vlVmssName": "[concat(parameters('vlVmssSettings').vmssName, '-',parameters('suffix'))]"
},
"resources": [
{
"type": "Microsoft.Compute/virtualMachineScaleSets/extensions",
"name": "[concat(variables('vlVmssName'),'/config')]",
"apiVersion": "2017-03-30",
"location": "[parameters('location')]",
"properties": {
"publisher": "Microsoft.Azure.Extensions",
"type": "CustomScript",
"typeHandlerVersion": "2.0",
"autoUpgradeMinorVersion": true,
"forceUpdateTag": "1.0",
"settings": {
"fileUris": [
"[parameters('scriptReq').fileUri]"
]
},
"protectedSettings": {
"commandToExecute": "[concat('/bin/bash ', parameters('scriptReq').filename, ' \"', parameters('emailAddress'), '\" \"', parameters('admin_site'), '\" \"', parameters('ethereum_rpc_endpoint'), '\" \"', parameters('oms_portal_url'), '\" \"', parameters('consortium_data_URL'), '\" \"', parameters('consortium_member_gateway_id_region1'), '\"')]"
}
}
}
]
}

207
ethereum-consortium-blockchain-poa/common/nested/vmss-withExtension.json
Просмотреть файл

@ -1,207 +0,0 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"authenticationSettings": {
"type": "secureObject"
},
"vlVmssSettings": {
"type": "object"
},
"ubuntuImage": {
"type": "object"
},
"location": {
"type": "string"
},
"suffix": {
"type": "string"
},
"vnetName": {
"type": "string"
},
"omsWorkspaceId": {
"type": "string"
},
"omsPrimaryKey": {
"type": "securestring"
},
"mustDeployVnetGateway": {
"type": "bool"
}
},
"variables": {
"linuxConfiguration": {
"disablePasswordAuthentication": true,
"ssh": {
"publicKeys": [
{
"path": "[concat('/home/',variables('adminUsername'),'/.ssh/authorized_keys')]",
"keyData": "[variables('sshPublicKey')]"
}
]
}
},
"vlOsProfile": {
"computerNamePrefix": "[variables('vlVmssName')]",
"adminUsername": "[variables('adminUsername')]",
"adminPassword": "[variables('adminPassword')]",
"linuxConfiguration": "[if(equals(variables('authenticationType'), 'sshPublicKey'), variables('linuxConfiguration'), json('null'))]"
},
"authenticationType": "[parameters('authenticationSettings').authenticationType]",
"sshPublicKey": "[parameters('authenticationSettings').sshPublicKey]",
"adminUsername": "[parameters('authenticationSettings').adminUsername]",
"adminPassword": "[parameters('authenticationSettings').adminPassword]",
"vlVmssName": "[concat(parameters('vlVmssSettings').vmssName, '-',parameters('suffix'))]",
"vlNodeVMSize": "[parameters('vlVmssSettings').nodeVMSize]",
"vlCapacity": "[parameters('vlVmssSettings').vlCapacity]",
"vlStorageAccountType": "[parameters('vlVmssSettings').storageAccountType]",
"vlNicName": "[parameters('vlVmssSettings').nicName]",
"vlIpConfigName": "[parameters('vlVmssSettings').ipConfigName]",
"vnetName": "[parameters('vnetName')]",
"vlSubnetName": "[parameters('vlVmssSettings').subnetName]",
"loadBalancerName": "[concat(parameters('vlVmssSettings').loadBalancerName,'-',parameters('suffix'))]",
"lbBackendAddressPoolName": "[parameters('vlVmssSettings').loadBalancerBackendAddressPoolName]",
"lbInboundNatRuleNamePrefix": "[parameters('vlVmssSettings').loadBalancerInboundNatRuleNamePrefix]",
"publicIpConfiguration": [
{
"name": "[variables('vlIpConfigName')]",
"properties": {
"subnet": {
"id": "[concat(resourceId('Microsoft.Network/virtualNetworks',variables('vnetName')),'/subnets/',variables('vlSubnetName'))]"
},
"loadBalancerBackendAddressPools": [
{
"id": "[concat(resourceId('Microsoft.Network/loadBalancers', variables('loadBalancerName')), '/backendAddressPools/',variables('lbBackendAddressPoolName'))]"
}
],
"loadBalancerInboundNatPools": [
{
"id": "[concat(resourceId('Microsoft.Network/loadBalancers', variables('loadBalancerName')), '/inboundNatPools/',variables('lbInboundNatRuleNamePrefix'))]"
}
],
"publicipaddressconfiguration": {
"name": "pub1",
"properties": {
"idleTimeoutInMinutes": 15
}
}
}
}
],
"gatewayIpConfiguration":[
{
"name": "[variables('vlIpConfigName')]",
"properties": {
"subnet": {
"id": "[concat(resourceId('Microsoft.Network/virtualNetworks',variables('vnetName')),'/subnets/',variables('vlSubnetName'))]"
},
"loadBalancerBackendAddressPools": [
{
"id": "[concat(resourceId('Microsoft.Network/loadBalancers', variables('loadBalancerName')), '/backendAddressPools/',variables('lbBackendAddressPoolName'))]"
}
],
"loadBalancerInboundNatPools": [
{
"id": "[concat(resourceId('Microsoft.Network/loadBalancers', variables('loadBalancerName')), '/inboundNatPools/',variables('lbInboundNatRuleNamePrefix'))]"
}
]
}
}
]
},
"resources": [
{
"type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[variables('vlVmssName')]",
"location": "[parameters('location')]",
"identity": {
"type": "SystemAssigned"
},
"apiVersion": "2016-03-30",
"sku": {
"name": "[variables('vlNodeVMSize')]",
"tier": "Standard",
"capacity": "[variables('vlCapacity')]"
},
"properties": {
"singlePlacementGroup": true,
"overprovision": false,
"upgradePolicy": {
"mode": "Automatic"
},
"virtualMachineProfile": {
"storageProfile": {
"osDisk": {
"createOption": "FromImage",
"caching": "ReadWrite",
"managedDisk": {
"storageAccountType": "[variables('vlStorageAccountType')]"
}
},
"imageReference": "[parameters('ubuntuImage')]"
},
"osProfile": "[variables('vlOsProfile')]",
"networkProfile": {
"networkInterfaceConfigurations": [
{
"name": "[variables('vlNicName')]",
"properties": {
"primary": true,
"ipConfigurations": "[if(parameters('mustDeployVnetGateway'), variables('gatewayIpConfiguration'), variables('publicIpConfiguration'))]"
}
}
]
},
"extensionProfile": {
"extensions": [
{
"name": "MSILinuxExtension",
"properties": {
"publisher": "Microsoft.ManagedIdentity",
"type": "ManagedIdentityExtensionForLinux",
"typeHandlerVersion": "1.0",
"autoUpgradeMinorVersion": true,
"settings": {
"port": 50342
},
"protectedSettings": {}
}
}
]
}
}
}
},
{
"type": "Microsoft.Compute/virtualMachineScaleSets/extensions",
"name": "[concat(variables('vlVmssName'),'/omsAgentDeploy')]",
"apiVersion": "2016-03-30",
"dependsOn": [
"[variables('vlVmssName')]"
],
"condition": "[not(empty( parameters('omsWorkspaceId')))]",
"location": "[parameters('location')]",
"properties": {
"publisher": "Microsoft.EnterpriseCloud.Monitoring",
"type": "OmsAgentForLinux",
"typeHandlerVersion": "1.4",
"settings": {
"workspaceId": "[parameters('omsWorkspaceId')]"
},
"protectedSettings": {
"workspaceKey": "[parameters('omsPrimaryKey')]"
}
}
}
],
"outputs": {
"Result": {
"type": "object",
"value": {
"name": "[variables('vlVmssName')]",
"vmssPrincipalId": "[reference(concat(resourceId('Microsoft.Compute/virtualMachineScaleSets/', variables('vlVmssName')),'/providers/Microsoft.ManagedIdentity/Identities/default'),'2015-08-31-PREVIEW').principalId]"
}
}
}
}

153
ethereum-consortium-blockchain-poa/common/nested/vmss-withoutExtension.json → ethereum-consortium-blockchain-poa/common/nested/vmss.json
Просмотреть файл

@ -1,9 +1,10 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"apiProfile": "2018-03-01-hybrid",
"parameters": {
"authenticationSettings": {
"type": "secureObject"
"type": "object"
},
"vlVmssSettings": {
"type": "object"
@ -20,14 +21,68 @@
"vnetName": {
"type": "string"
},
"omsWorkspaceId": {
"type": "string"
},
"omsPrimaryKey": {
"type": "securestring"
},
"mustDeployVnetGateway": {
"type": "bool"
},
"scriptReq": {
"type": "object"
},
"extensionSettings": {
"type": "object"
},
"keyVaultUrl": {
"type": "string"
},
"storageAccountName": {
"type": "string"
},
"storagePrimaryKey": {
"type": "string"
},
"ethRpcPort": {
"type": "int"
},
"transactionPermissioningContract": {
"type": "string"
},
"dockerRepository": {
"type": "string"
},
"dockerLogin": {
"type": "string"
},
"dockerPassword": {
"type": "string"
},
"dockerImagePoaOrchestrator": {
"type": "string"
},
"dockerImageEtheradmin": {
"type": "string"
},
"dockerImageEthstat": {
"type": "string"
},
"dockerImageValidator": {
"type": "string"
},
"rgName": {
"type": "string"
},
"keyVaultName": {
"type": "string"
},
"isAdfs": {
"type": "bool"
},
"certKeyVaultId": {
"type": "string"
},
"certSecretUrl": {
"type": "string"
},
"consortiumDataUrl": {
"type": "string"
}
},
"variables": {
@ -42,13 +97,34 @@
]
}
},
"vlOsProfile": {
"vlOsProfileAad": {
"computerNamePrefix": "[variables('vlVmssName')]",
"adminUsername": "[variables('adminUsername')]",
"adminPassword": "[variables('adminPassword')]",
"customData": "[base64(concat('#cloud-config\n\nwrite_files:\n- path: \"/opt/azure/containers/script.sh\"\n permissions: \"0744\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/5yOwUrDUBBF9/mKoQhdJfMFLmrMQhBBa3dCGSejefDy5jEzqeLXi3VhydL9Oede4UlhezdXtYCYBEw1oN9BKHioSbdtfBkVuAKeyDCnV/wgepcS2ItFektMId5VmQEXN8zKlNEnMkGmli8gpC+/kDq2+K0vdaSQdoU3jXyejz0Nj4dh/7w/9rvjzeHh9n64RglG94w/gq+H/souI7QJWoHNyxX9K7SBMyPllEzLLCW+AwAA//8nbcUONgEAAA==\n\nruncmd:\n - /opt/azure/containers/script.sh'))]",
"linuxConfiguration": "[if(equals(variables('authenticationType'), 'sshPublicKey'), variables('linuxConfiguration'), json('null'))]"
},
"vlOsProfileAdfs": {
"computerNamePrefix": "[variables('vlVmssName')]",
"adminUsername": "[variables('adminUsername')]",
"adminPassword": "[variables('adminPassword')]",
"secrets": [
{
"sourceVault": {
"id": "[parameters('certKeyVaultId')]"
},
"vaultCertificates": [
{
"certificateUrl": "[parameters('certSecretUrl')]"
}
]
}
],
"customData": "[base64(concat('#cloud-config\n\nwrite_files:\n- path: \"/opt/azure/containers/script.sh\"\n permissions: \"0744\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/5yOwUrDUBBF9/mKoQhdJfMFLmrMQhBBa3dCGSejefDy5jEzqeLXi3VhydL9Oede4UlhezdXtYCYBEw1oN9BKHioSbdtfBkVuAKeyDCnV/wgepcS2ItFektMId5VmQEXN8zKlNEnMkGmli8gpC+/kDq2+K0vdaSQdoU3jXyejz0Nj4dh/7w/9rvjzeHh9n64RglG94w/gq+H/souI7QJWoHNyxX9K7SBMyPllEzLLCW+AwAA//8nbcUONgEAAA==\n\nruncmd:\n - /opt/azure/containers/script.sh'))]",
"linuxConfiguration": "[if(equals(variables('authenticationType'), 'sshPublicKey'), variables('linuxConfiguration'), json('null'))]"
},
"isADFS": "[if(parameters('isAdfs'), 'adfs', '')]",
"vlOsProfile": "[if(parameters('isAdfs'), variables('vlOsProfileAdfs'), variables('vlOsProfileAad'))]",
"authenticationType": "[parameters('authenticationSettings').authenticationType]",
"sshPublicKey": "[parameters('authenticationSettings').sshPublicKey]",
"adminUsername": "[parameters('authenticationSettings').adminUsername]",
@ -103,14 +179,29 @@
]
}
}
]
],
"mode": "[parameters('scriptReq').mode]",
"artifactsLocationURL": "[parameters('extensionSettings').artifactsLocationURL]",
"ethereumNetworkID": "[parameters('extensionSettings').ethereumNetworkID]",
"numBootNodes": "[parameters('extensionSettings').numBootNodes]",
"numVLNodes": "[parameters('extensionSettings').numVLNodes]",
"adminSitePort": "[parameters('extensionSettings').adminSitePort]",
"consortiumMemberId": "[parameters('extensionSettings').consortiumId]",
"adminId": "[parameters('authenticationSettings').adminId]",
"accessType": "[parameters('authenticationSettings').accessType]",
"servicePrincipalId": "[parameters('authenticationSettings').servicePrincipalId]",
"servicePrincipalSecret": "[parameters('authenticationSettings').servicePrincipalSecret]",
"endpointFqdn": "[parameters('authenticationSettings').endpointFqdn]",
"tenantId": "[parameters('authenticationSettings').tenantId]",
"consortium-data": "[parameters('consortiumDataUrl')]",
"omsWorkspaceId": "",
"omsPrimaryKey": ""
},
"resources": [
{
"type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[variables('vlVmssName')]",
"location": "[parameters('location')]",
"apiVersion": "2017-03-30",
"sku": {
"name": "[variables('vlNodeVMSize')]",
"tier": "Standard",
@ -144,30 +235,30 @@
}
}
]
},
"extensionProfile": {
"extensions": [
{
"name": "[concat(variables('vlVmssName'),'-config')]",
"properties": {
"publisher": "Microsoft.Azure.Extensions",
"type": "CustomScript",
"settings": {
"fileUris" : [
"[parameters('scriptReq').fileUri]"
]
},
"typeHandlerVersion": "2.0",
"autoUpgradeMinorVersion": true,
"protectedSettings": {
"commandToExecute": "[concat('/bin/bash ', parameters('scriptReq').filename, ' \"', variables('adminUsername'), '\" \"', variables('artifactsLocationURL'), '\" \"', variables('numBootNodes'), '\" \"', variables('numVLNodes'), '\" \"', variables('mode'), '\" \"', variables('omsWorkspaceId'), '\" \"', variables('omsPrimaryKey'), '\" \"', parameters('keyVaultUrl'), '\" \"', parameters('storageAccountName'), '\" \"', parameters('storagePrimaryKey'), '\" \"', parameters('ethRpcPort'), '\" \"', variables('adminSitePort'), '\" \"', variables('consortiumMemberId'), '\" \"', variables('ethereumNetworkID'),'\" \"', variables('adminId'),'\" \"', parameters('transactionPermissioningContract'),'\" \"',variables('consortium-data'),'\" \"',parameters('dockerRepository'),'\" \"',parameters('dockerLogin'),'\" \"',parameters('dockerPassword'),'\" \"',parameters('dockerImagePoaOrchestrator'),'\" \"',parameters('dockerImageEtheradmin'),'\" \"',parameters('dockerImageEthstat'),'\" \"',parameters('dockerImageValidator'), '\" \"',parameters('mustDeployVnetGateway'), '\" \"',variables('accessType'), '\" \"',variables('servicePrincipalId'), '\" \"',variables('servicePrincipalSecret'), '\" \"',variables('endpointFqdn'), '\" \"',variables('tenantId'), '\" \"',parameters('rgName'), '\" \"',parameters('keyVaultName'), '\" \"',variables('isADFS'), '\"')]"
}
}
}
]
}
}
}
},
{
"type": "Microsoft.Compute/virtualMachineScaleSets/extensions",
"name": "[concat(variables('vlVmssName'),'/omsAgentDeploy')]",
"apiVersion": "2017-03-30",
"dependsOn": [
"[variables('vlVmssName')]"
],
"condition": "[not(empty( parameters('omsWorkspaceId')))]",
"location": "[parameters('location')]",
"properties": {
"publisher": "Microsoft.EnterpriseCloud.Monitoring",
"type": "OmsAgentForLinux",
"typeHandlerVersion": "1.4",
"settings": {
"workspaceId": "[parameters('omsWorkspaceId')]"
},
"protectedSettings": {
"workspaceKey": "[parameters('omsPrimaryKey')]"
}
}
}
],
"outputs": {

79
ethereum-consortium-blockchain-poa/common/nested/vnet-gateway.json
Просмотреть файл

@ -1,79 +0,0 @@
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vnetSettings": {
"type": "array"
},
"regionCount": {
"type": "int"
},
"locationArray": {
"type": "array"
},
"suffixArray": {
"type": "array"
},
"gatewayPublicIPName": {
"type": "string"
},
"gatewayName": {
"type": "string"
},
"gatewaySubnetName": {
"type": "string"
},
"gatewaySku": {
"type": "string"
},
"mustDeployVnetGateway": {
"type": "bool"
}
},
"variables": {},
"resources": [
{
"condition": "[parameters('mustDeployVnetGateway')]",
"apiVersion": "2017-10-01",
"type": "Microsoft.Network/virtualNetworkGateways",
"name": "[concat(parameters('gatewayName'),'-',parameters('suffixArray')[copyIndex()])]",
"location": "[parameters('locationArray')[copyIndex()]]",
"copy": {
"name": "loop",
"count": "[parameters('regionCount')]"
},
"properties": {
"ipConfigurations": [
{
"name": "vNetGatewayConfig",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[concat(resourceId('Microsoft.Network/virtualNetworks', parameters('vnetSettings')[copyIndex()].vnetName),'/subnets/',parameters('gatewaySubnetName'))]"
},
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses',concat(parameters('gatewayPublicIPName'),'-',parameters('suffixArray')[copyIndex()]))]"
}
}
}
],
"gatewayType": "Vpn",
"sku": {
"name": "[parameters('gatewaySku')]",
"tier": "[parameters('gatewaySku')]"
},
"vpnType": "RouteBased",
"enableBgp": true,
"bgpSettings": {
"asn": "[parameters('vnetSettings')[copyIndex()].gatewayAsn]"
}
}
}
],
"outputs": {
"gatewayIdReg1": {
"type": "string",
"value": "[resourceId('Microsoft.Network/virtualNetworkGateways',concat(parameters('gatewayName'),'-',parameters('suffixArray')[0]))]"
}
}
}

96
ethereum-consortium-blockchain-poa/common/scripts/configure-poa.sh
Просмотреть файл

@ -95,16 +95,6 @@ acquire_lease_on_container()
storageAccountName=$2
accountKey=$3
################################################
# Copy required certificates for Azure CLI
################################################
setup_cli_certificates
################################################
# Configure Cloud Endpoints in Azure CLI
################################################
configure_endpoints
az storage container create --name $containerName --account-name $storageAccountName --account-key $accountKey --fail-on-exist;
if [ $? -ne 0 ]; then
echo "Attempt to create the lease container on storage account has failed." >> $CONFIG_LOG_FILE_PATH;
@ -166,13 +156,13 @@ orchestrate_poa()
isSuccessful=""
for LOOPCOUNT in `seq 1 $NumAttempt`; do
if [ "$ACCESS_TYPE" = "SPN" ]; then
ACCESS_TOKEN=$(get_access_token_spn "$ENDPOINTS_FQDN" "$SPN_APPID" "$SPN_KEY" "$AAD_TENANTID");
else
ACCESS_TOKEN=$(get_access_token);
fi
containerId=$(sudo docker run -d -v $DEPLOYMENT_LOG_PATH:$DEPLOYMENT_LOG_PATH -v $PARITY_DEV_PATH:$PARITY_DEV_PATH -e NODE_ENV=production -e NodeCount=$NodeCount -e MODE=$MODE -e KEY_VAULT_BASE_URL=$KEY_VAULT_BASE_URL -e STORAGE_ACCOUNT=$STORAGE_ACCOUNT -e CONTAINER_NAME=$CONTAINER_NAME -e STORAGE_ACCOUNT_KEY=$STORAGE_ACCOUNT_KEY -e ETH_NETWORK_ID=$ETH_NETWORK_ID -e VALIDATOR_ADMIN_ACCOUNT=$VALIDATOR_ADMIN_ACCOUNT -e CONSORTIUM_DATA_URL=$CONSORTIUM_DATA_URL -e ACCESS_TOKEN=$ACCESS_TOKEN -e CONFIG_LOG_FILE_PATH=$CONFIG_LOG_FILE_PATH -e TRANSACTION_PERMISSION_CONTRACT=$TRANSACTION_PERMISSION_CONTRACT -e AAD_TENANTID=$AAD_TENANTID -e SPN_KEY=$SPN_KEY -e SPN_APPID=$SPN_APPID -e RG_NAME=$RG_NAME -e KV_NAME=$KV_NAME --network host $ORCHESTRATOR_DOCKER_IMAGE);
# if [ "$ACCESS_TYPE" = "SPN" ]; then
# ACCESS_TOKEN=$(get_access_token_spn "$ENDPOINTS_FQDN" "$SPN_APPID" "$SPN_KEY" "$AAD_TENANTID");
# else
# ACCESS_TOKEN=$(get_access_token);
# fi
ACCESS_TOKEN=""
containerId=$(sudo docker run -d -v $DEPLOYMENT_LOG_PATH:$DEPLOYMENT_LOG_PATH -v $PARITY_DEV_PATH:$PARITY_DEV_PATH -v $CERTIFICATE_PATH:$CERTIFICATE_PATH -e NODE_ENV=production -e NodeCount=$NodeCount -e MODE=$MODE -e KEY_VAULT_BASE_URL=$KEY_VAULT_BASE_URL -e STORAGE_ACCOUNT=$STORAGE_ACCOUNT -e CONTAINER_NAME=$CONTAINER_NAME -e STORAGE_ACCOUNT_KEY=$STORAGE_ACCOUNT_KEY -e ETH_NETWORK_ID=$ETH_NETWORK_ID -e VALIDATOR_ADMIN_ACCOUNT=$VALIDATOR_ADMIN_ACCOUNT -e CONSORTIUM_DATA_URL=$CONSORTIUM_DATA_URL -e ACCESS_TOKEN=$ACCESS_TOKEN -e CONFIG_LOG_FILE_PATH=$CONFIG_LOG_FILE_PATH -e TRANSACTION_PERMISSION_CONTRACT="$TRANSACTION_PERMISSION_CONTRACT" -e AAD_TENANTID=$AAD_TENANTID -e SPN_KEY=$SPN_KEY -e SPN_APPID=$SPN_APPID -e RG_NAME=$RG_NAME -e KV_NAME=$KV_NAME -e ENDPOINTS_FQDN=$ENDPOINTS_FQDN -e IS_ADFS=$IS_ADFS --network host $ORCHESTRATOR_DOCKER_IMAGE);
if [ $? -ne 0 ]; then
unsuccessful_exit "Unable to run docker image $ORCHESTRATOR_DOCKER_IMAGE." 8;
break;
@ -200,7 +190,7 @@ orchestrate_poa()
setup_rc_local()
{
echo "===== Started setup_rc_local =====";
echo -e '#!/bin/bash' "\nsudo -u $AZUREUSER /bin/bash $HOMEDIR/configure-validator.sh \"$AZUREUSER\" \"$NodeCount\" \"$KEY_VAULT_BASE_URL\" \"$STORAGE_ACCOUNT\" \"$CONTAINER_NAME\" \"$STORAGE_ACCOUNT_KEY\" \"$VALIDATOR_ADMIN_ACCOUNT\" \"$NUM_BOOT_NODES\" \"$RPC_PORT\" \"$OMS_WORKSPACE_ID\" \"$OMS_PRIMARY_KEY\" \"$ADMIN_SITE_PORT\" \"$CONSORTIUM_MEMBER_ID\" \"$MODE\" \"$CONSORTIUM_DATA_URL\" \"$DOCKER_REPOSITORY\" \"$DOCKER_LOGIN\" \"$DOCKER_PASSWORD\" \"$DOCKER_IMAGE_ETHERADMIN\" \"$DOCKER_IMAGE_ETHSTAT\" \"$DOCKER_IMAGE_VALIDATOR\" \"$MUST_DEPLOY_GATEWAY\" \"$ACCESS_TYPE\" \"$ENDPOINTS_FQDN\" \"$SPN_APPID\" \"$SPN_KEY\" \"$AAD_TENANTID\" >> $CONFIG_LOG_FILE_PATH 2>&1 & " | sudo tee /etc/rc.local 2>&1 1>/dev/null
echo -e '#!/bin/bash' "\nsudo -u $AZUREUSER /bin/bash $HOMEDIR/configure-validator.sh \"$AZUREUSER\" \"$NodeCount\" \"$KEY_VAULT_BASE_URL\" \"$STORAGE_ACCOUNT\" \"$CONTAINER_NAME\" \"$STORAGE_ACCOUNT_KEY\" \"$VALIDATOR_ADMIN_ACCOUNT\" \"$NUM_BOOT_NODES\" \"$RPC_PORT\" \"$OMS_WORKSPACE_ID\" \"$OMS_PRIMARY_KEY\" \"$ADMIN_SITE_PORT\" \"$CONSORTIUM_MEMBER_ID\" \"$MODE\" \"$CONSORTIUM_DATA_URL\" \"$DOCKER_REPOSITORY\" \"$DOCKER_LOGIN\" \"$DOCKER_PASSWORD\" \"$DOCKER_IMAGE_ETHERADMIN\" \"$DOCKER_IMAGE_ETHSTAT\" \"$DOCKER_IMAGE_VALIDATOR\" \"$MUST_DEPLOY_GATEWAY\" \"$ACCESS_TYPE\" \"$ENDPOINTS_FQDN\" \"$SPN_APPID\" \"$SPN_KEY\" \"$AAD_TENANTID\" \"$RG_NAME\" \"$IS_ADFS\" >> $CONFIG_LOG_FILE_PATH 2>&1 & " | sudo tee /etc/rc.local 2>&1 1>/dev/null
if [ $? -ne 0 ]; then
unsuccessful_exit "Failed to setup rc.local for restart on VM reboot." 3;
fi
@ -240,6 +230,27 @@ setup_cli_certificates()
export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
sudo sed -i -e "\$aREQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt" /etc/environment
fi
if [[ ! -z "$IS_ADFS" ]]; then
#if [[ $SPN_KEY != *"servicePrincipalCertificate.pem"* ]]; then
spCertName="$SPN_KEY.crt"
spCertKey="$SPN_KEY.prv"
sudo cp /var/lib/waagent/$spCertName /home/
sudo cp /var/lib/waagent/$spCertKey /home/
sudo cat /home/$spCertName /home/$spCertKey > /home/servicePrincipalCertificate.pem
sudo chmod 644 /home/servicePrincipalCertificate.pem
#SPN_KEY=/home/servicePrincipalCertificate.pem
az cloud register -n AzureStackCloud --endpoint-resource-manager "https://management.$ENDPOINTS_FQDN" --suffix-storage-endpoint "$ENDPOINTS_FQDN" --suffix-keyvault-dns ".vault.$ENDPOINTS_FQDN"
az cloud set -n AzureStackCloud
az cloud update --profile 2018-03-01-hybrid
az login --service-principal -u $SPN_APPID -p /home/servicePrincipalCertificate.pem --tenant $AAD_TENANTID
#fi
else
az cloud register -n AzureStackCloud --endpoint-resource-manager "https://management.$ENDPOINTS_FQDN" --suffix-storage-endpoint "$ENDPOINTS_FQDN" --suffix-keyvault-dns ".vault.$ENDPOINTS_FQDN"
az cloud set -n AzureStackCloud
az cloud update --profile 2018-03-01-hybrid
az login --service-principal -u $SPN_APPID -p $SPN_KEY --tenant $AAD_TENANTID
fi
}
configure_endpoints()
@ -289,11 +300,49 @@ ENDPOINTS_FQDN=${29}
AAD_TENANTID=${30}
RG_NAME=${31}
KV_NAME=${32}
IS_ADFS=${33}
# Echo out the parameters
echo "--- configure-poa.sh starting up ---"
echo "AZUREUSER = $AZUREUSER"
echo "ARTIFACTS_URL_PREFIX = $ARTIFACTS_URL_PREFIX"
echo "NUM_BOOT_NODES = $NUM_BOOT_NODES"
echo "NodeCount = $NodeCount"
echo "MODE=$MODE"
echo "OMS_WORKSPACE_ID=$OMS_WORKSPACE_ID"
echo "OMS_PRIMARY_KEY=$OMS_PRIMARY_KEY"
echo "KEY_VAULT_BASE_URL = $KEY_VAULT_BASE_URL"
echo "STORAGE_ACCOUNT = $STORAGE_ACCOUNT"
echo "STORAGE_ACCOUNT_KEY = $STORAGE_ACCOUNT_KEY"
echo "RPC_PORT = $RPC_PORT"
echo "ADMIN_SITE_PORT = $ADMIN_SITE_PORT"
echo "CONSORTIUM_MEMBER_ID = $CONSORTIUM_MEMBER_ID"
echo "ETH_NETWORK_ID = $ETH_NETWORK_ID"
echo "VALIDATOR_ADMIN_ACCOUNT = $VALIDATOR_ADMIN_ACCOUNT"
echo "TRANSACTION_PERMISSION_CONTRACT = $TRANSACTION_PERMISSION_CONTRACT"
echo "CONSORTIUM_DATA_URL=$CONSORTIUM_DATA_URL"
echo "DOCKER_REPOSITORY=$DOCKER_REPOSITORY"
echo "DOCKER_LOGIN=$DOCKER_LOGIN"
echo "DOCKER_PASSWORD=$DOCKER_PASSWORD"
echo "DOCKER_IMAGE_POA_ORCHESTRATOR = $DOCKER_IMAGE_POA_ORCHESTRATOR"
echo "DOCKER_IMAGE_ETHERADMIN=$DOCKER_IMAGE_ETHERADMIN"
echo "DOCKER_IMAGE_ETHSTAT=$DOCKER_IMAGE_ETHSTAT"
echo "DOCKER_IMAGE_VALIDATOR = $DOCKER_IMAGE_VALIDATOR"
echo "MUST_DEPLOY_GATEWAY=$MUST_DEPLOY_GATEWAY"
echo "ACCESS_TYPE=$ACCESS_TYPE"
echo "SPN_APPID=$SPN_APPID"
echo "SPN_KEY=$SPN_KEY"
echo "ENDPOINTS_FQDN=$ENDPOINTS_FQDN"
echo "AAD_TENANTID=$AAD_TENANTID"
echo "RG_NAME = $RG_NAME"
echo "KV_NAME = $KV_NAME"
echo "IS_ADFS = $IS_ADFS"
#####################################################################################
# Log Folder Locations
#####################################################################################
DEPLOYMENT_LOG_PATH="/var/log/deployment"
CERTIFICATE_PATH="/var/lib/waagent"
PARITY_LOG_PATH="/var/log/parity"
PARITY_RUN_PATH="/opt/parity"
ADMINSITE_LOG_PATH="/var/log/adminsite"
@ -363,6 +412,9 @@ wget_with_retry "${ARTIFACTS_URL_PREFIX}/scripts/run-validator.sh";
cd "$HOMEDIR";
setup_dependencies
# Add user to docker group and install docker
sudo usermod -aG docker ${USER}
install_docker
################################################
# Copy required certificates for Azure CLI
################################################
@ -371,11 +423,7 @@ setup_cli_certificates
################################################
# Configure Cloud Endpoints in Azure CLI
################################################
configure_endpoints
# Add user to docker group and install docker
sudo usermod -aG docker ${USER}
install_docker
#configure_endpoints
sudo -u $AZUREUSER /bin/bash -c "mkdir -p $ETHERADMIN_HOME/public";
download_docker_images
@ -391,7 +439,7 @@ fi
# Run validator node.
################################################################################################
setup_rc_local
sudo -u $AZUREUSER /bin/bash /home/$AZUREUSER/configure-validator.sh "$AZUREUSER" "$NodeCount" "$KEY_VAULT_BASE_URL" "$STORAGE_ACCOUNT" "$CONTAINER_NAME" "$STORAGE_ACCOUNT_KEY" "$VALIDATOR_ADMIN_ACCOUNT" "$NUM_BOOT_NODES" "$RPC_PORT" "$OMS_WORKSPACE_ID" "$OMS_PRIMARY_KEY" "$ADMIN_SITE_PORT" "$CONSORTIUM_MEMBER_ID" "$MODE" "$CONSORTIUM_DATA_URL" "$DOCKER_REPOSITORY" "$DOCKER_LOGIN" "$DOCKER_PASSWORD" "$DOCKER_IMAGE_ETHERADMIN" "$DOCKER_IMAGE_ETHSTAT" "$DOCKER_IMAGE_VALIDATOR" "$MUST_DEPLOY_GATEWAY" "$ACCESS_TYPE" "$ENDPOINTS_FQDN" "$SPN_APPID" "$SPN_KEY" "$AAD_TENANTID" >> $CONFIG_LOG_FILE_PATH 2>&1 &
sudo -u $AZUREUSER /bin/bash /home/$AZUREUSER/configure-validator.sh "$AZUREUSER" "$NodeCount" "$KEY_VAULT_BASE_URL" "$STORAGE_ACCOUNT" "$CONTAINER_NAME" "$STORAGE_ACCOUNT_KEY" "$VALIDATOR_ADMIN_ACCOUNT" "$NUM_BOOT_NODES" "$RPC_PORT" "$OMS_WORKSPACE_ID" "$OMS_PRIMARY_KEY" "$ADMIN_SITE_PORT" "$CONSORTIUM_MEMBER_ID" "$MODE" "$CONSORTIUM_DATA_URL" "$DOCKER_REPOSITORY" "$DOCKER_LOGIN" "$DOCKER_PASSWORD" "$DOCKER_IMAGE_ETHERADMIN" "$DOCKER_IMAGE_ETHSTAT" "$DOCKER_IMAGE_VALIDATOR" "$MUST_DEPLOY_GATEWAY" "$ACCESS_TYPE" "$ENDPOINTS_FQDN" "$SPN_APPID" "$SPN_KEY" "$AAD_TENANTID" "$RG_NAME" "$IS_ADFS" >> $CONFIG_LOG_FILE_PATH 2>&1 &
############### Deployment Completed #########################
echo "Commands succeeded. Exiting";

54
ethereum-consortium-blockchain-poa/common/scripts/configure-validator.sh
Просмотреть файл

@ -26,16 +26,44 @@ setup_docker() {
setup_cli_certificates()
{
if [ "$ACCESS_TYPE" = "SPN" ]; then
if [ "$ACCESS_TYPE" = "SPN" ]; then
sudo cp /var/lib/waagent/Certificates.pem /usr/local/share/ca-certificates/azsCertificate.crt
sudo update-ca-certificates
export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
sudo sed -i -e "\$aREQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt" /etc/environment
fi
if [[ ! -z "$IS_ADFS" ]]; then
#if [[ $SPN_KEY != *"servicePrincipalCertificate.pem"* ]]; then
spCertName="$SPN_KEY.crt"
spCertKey="$SPN_KEY.prv"
sudo cp /var/lib/waagent/$spCertName /home/
sudo cp /var/lib/waagent/$spCertKey /home/
sudo cat /home/$spCertName /home/$spCertKey > /home/servicePrincipalCertificate.pem
sudo chmod 644 /home/servicePrincipalCertificate.pem
#SPN_KEY=/home/servicePrincipalCertificate.pem
az cloud register -n AzureStackCloud --endpoint-resource-manager "https://management.$ENDPOINTS_FQDN" --suffix-storage-endpoint "$ENDPOINTS_FQDN" --suffix-keyvault-dns ".vault.$ENDPOINTS_FQDN"
az cloud set -n AzureStackCloud
az cloud update --profile 2018-03-01-hybrid
az login --service-principal -u $SPN_APPID -p /home/servicePrincipalCertificate.pem --tenant $AAD_TENANTID
#fi
else
az cloud register -n AzureStackCloud --endpoint-resource-manager "https://management.$ENDPOINTS_FQDN" --suffix-storage-endpoint "$ENDPOINTS_FQDN" --suffix-keyvault-dns ".vault.$ENDPOINTS_FQDN"
az cloud set -n AzureStackCloud
az cloud update --profile 2018-03-01-hybrid
az login --service-principal -u $SPN_APPID -p $SPN_KEY --tenant $AAD_TENANTID
fi
}
configure_endpoints()
{
if [ "$ACCESS_TYPE" = "SPN" ]; then
sudo cp /var/lib/waagent/Certificates.pem /usr/local/share/ca-certificates/azsCertificate.crt
sudo update-ca-certificates
export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
sudo sed -i -e "\$aREQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt" /etc/environment
fi
az cloud register -n AzureStackCloud --endpoint-resource-manager "https://management.$ENDPOINTS_FQDN" --suffix-storage-endpoint "$ENDPOINTS_FQDN" --suffix-keyvault-dns ".vault.$ENDPOINTS_FQDN"
az cloud set -n AzureStackCloud
az cloud update --profile 2018-03-01-hybrid
@ -45,7 +73,7 @@ configure_endpoints()
alreadyLoggedEthStatWarning=0;
start_ethstat() {
if [[ -z "$OMS_WORKSPACE_ID" ]];
if [ -z "$OMS_WORKSPACE_ID" -a "$ACCESS_TYPE" != "SPN" ];
then
if [ $alreadyLoggedEthStatWarning -eq 0 ];
then
@ -77,8 +105,17 @@ start_admin_website(){
if [ ! -z $cid ]; then
sudo docker kill $cid
fi
#if [ "$ACCESS_TYPE" = "SPN" ]; then
# STORAGE_DNS_SUFFIX=$ENDPOINTS_FQDN
#else
# STORAGE_DNS_SUFFIX="core.windows.net"
#fi
containerId=$(sudo docker run -d -v $ADMINSITE_LOG_PATH:$ADMINSITE_LOG_PATH -v $PARITY_VOLUME:$PARITY_VOLUME -v $ETHERADMIN_HOME/public:/usr/src/app/share -e NODE_ENV=production -e listenPort="$ADMIN_SITE_PORT" -e consortiumId="$CONSORTIUM_MEMBER_ID" -e azureStorageAccount="$STORAGE_ACCOUNT" -e azureStorageAccessKey="$STORAGE_ACCOUNT_KEY" -e containerName="$CONTAINER_NAME" -e identityBlobPrefix="$BLOB_NAME_PREFIX" -e ethRpcPort="$RPC_PORT" -e validatorListBlobName="$VALIDATOR_LIST_BLOB_NAME" -e paritySpecBlobName="$PARITY_SPEC_BLOB_NAME" -e valSetContractBlobName="$VALSET_CONTRACT_BLOB_NAME" -e adminContractBlobName="$ADMIN_CONTRACT_BLOB_NAME" -e adminContractABIBlobName="$ADMIN_CONTRACT_ABI_BLOB_NAME" -e adminSiteLogFile="$ADMINSITE_LOG_FILE" --network host $ETHERADMIN_DOCKER_IMAGE);
STORAGE_DNS_SUFFIX=$ENDPOINTS_FQDN
STORAGE_API_VERSION="2017-04-17"
containerId=$(sudo docker run -d -v "/var/lib/waagent/":"/var/lib/waagent/" -v $ADMINSITE_LOG_PATH:$ADMINSITE_LOG_PATH -v $PARITY_VOLUME:$PARITY_VOLUME -v $ETHERADMIN_HOME/public:/usr/src/app/share -e NODE_ENV=production -e listenPort="$ADMIN_SITE_PORT" -e consortiumId="$CONSORTIUM_MEMBER_ID" -e azureStorageAccount="$STORAGE_ACCOUNT" -e azureStorageAccessKey="$STORAGE_ACCOUNT_KEY" -e containerName="$CONTAINER_NAME" -e identityBlobPrefix="$BLOB_NAME_PREFIX" -e ethRpcPort="$RPC_PORT" -e validatorListBlobName="$VALIDATOR_LIST_BLOB_NAME" -e paritySpecBlobName="$PARITY_SPEC_BLOB_NAME" -e valSetContractBlobName="$VALSET_CONTRACT_BLOB_NAME" -e adminContractBlobName="$ADMIN_CONTRACT_BLOB_NAME" -e adminContractABIBlobName="$ADMIN_CONTRACT_ABI_BLOB_NAME" -e adminSiteLogFile="$ADMINSITE_LOG_FILE" -e storageDnsSuffix="$STORAGE_DNS_SUFFIX" -e storageApiVersion="$STORAGE_API_VERSION" -e userCert="$CERT_FILE" -e AZURE_STORAGE_DNS_SUFFIX="$STORAGE_DNS_SUFFIX" -e NODE_EXTRA_CA_CERTS="$CERT_FILE" --network host $ETHERADMIN_DOCKER_IMAGE);
if [ $? -ne 0 ]; then
unsuccessful_exit "Unable to run docker image $ETHADMIN_DOCKER_IMAGE." 32;
fi
@ -93,7 +130,7 @@ start_admin_website(){
# Starts a validator node.
run_validator()
{
sudo -u $AZUREUSER /bin/bash /home/$AZUREUSER/run-validator.sh "$AZUREUSER" "$NODE_COUNT" "$STORAGE_ACCOUNT" "$CONTAINER_NAME" "$STORAGE_ACCOUNT_KEY" "$ADMINID" "$NUM_BOOT_NODES" "$RPC_PORT" "$MODE" "$VALIDATOR_DOCKER_IMAGE" "$CONSORTIUM_DATA_URL" "$MUST_DEPLOY_GATEWAY" "$ACCESS_TYPE" "$ENDPOINTS_FQDN" "$SPN_APPID" "$SPN_KEY" "$AAD_TENANTID" >> $CONFIG_LOG_FILE_PATH 2>&1 &
sudo -u $AZUREUSER /bin/bash /home/$AZUREUSER/run-validator.sh "$AZUREUSER" "$NODE_COUNT" "$STORAGE_ACCOUNT" "$CONTAINER_NAME" "$STORAGE_ACCOUNT_KEY" "$ADMINID" "$NUM_BOOT_NODES" "$RPC_PORT" "$MODE" "$VALIDATOR_DOCKER_IMAGE" "$CONSORTIUM_DATA_URL" "$MUST_DEPLOY_GATEWAY" "$ACCESS_TYPE" "$ENDPOINTS_FQDN" "$SPN_APPID" "$SPN_KEY" "$AAD_TENANTID" "$RG_NAME" "$IS_ADFS" >> $CONFIG_LOG_FILE_PATH 2>&1 &
}
join_leaders_network() {
@ -136,7 +173,7 @@ is_etheradmin_up(){
is_ethstat_up(){
id=$(sudo docker ps | grep '-ethstat' | awk '{print $1}');
if [ ! -z $id ]; then echo 1; else echo 0; fi
if [ ! -z "$id" -a "$ACCESS_TYPE" = "SPN" ]; then echo 1; else echo 0; fi
}
####################################################################################
@ -173,6 +210,8 @@ ENDPOINTS_FQDN=${24}
SPN_APPID=${25}
SPN_KEY=${26}
AAD_TENANTID=${27}
RG_NAME=${28}
IS_ADFS=${29}
# Echo out the parameters
echo "--- configure-validator.sh starting up ---"
@ -202,6 +241,8 @@ echo "ENDPOINTS_FQDN=$ENDPOINTS_FQDN"
echo "SPN_APPID=$SPN_APPID"
echo "SPN_KEY=$SPN_KEY"
echo "AAD_TENANTID=$AAD_TENANTID"
echo "RG_NAME=$RG_NAME"
echo "IS_ADFS=$IS_ADFS"
#####################################################################################
# Log Folder Locations
@ -210,6 +251,7 @@ PARITY_LOG_PATH="/var/log/parity"
ADMINSITE_LOG_PATH="/var/log/adminsite"
STATS_LOG_PATH="/var/log/stats"
DEPLOYMENT_LOG_PATH="/var/log/deployment"
CERT_FILE="/var/lib/waagent/Certificates.pem"
CONFIG_LOG_FILE_PATH="$DEPLOYMENT_LOG_PATH/config.log";
ADMINSITE_LOG_FILE="$ADMINSITE_LOG_PATH/etheradmin.log"
ETHSTAT_LOG_FILE="$STATS_LOG_PATH/ethstat.log"
@ -241,7 +283,7 @@ setup_cli_certificates
################################################
# Configure Cloud Endpoints in Azure CLI
################################################
configure_endpoints
#configure_endpoints
##########################################################################################################
# Wait for orchestrator to finish

8
ethereum-consortium-blockchain-poa/common/scripts/poa-utility.sh
Просмотреть файл

@ -20,6 +20,14 @@ unsuccessful_exit()
exit $2;
}
get_ip_address()
{
rgName=$1
publicIp=$(az network public-ip list -g $rgName -o json | jq '.[0]' | jq -r ".ipAddress")
echo $publicIp;
}
# Use MSI to get access token for authenticating to azure key vault
get_access_token()
{

130
ethereum-consortium-blockchain-poa/common/scripts/run-validator.sh
Просмотреть файл

@ -10,37 +10,9 @@
# Include utility script
. ~/poa-utility.sh
setup_cli_certificates()
{
if [ "$ACCESS_TYPE" = "SPN" ]; then
sudo cp /var/lib/waagent/Certificates.pem /usr/local/share/ca-certificates/azsCertificate.crt
sudo update-ca-certificates
export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
sudo sed -i -e "\$aREQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt" /etc/environment
fi
}
configure_endpoints()
{
az cloud register -n AzureStackCloud --endpoint-resource-manager "https://management.$ENDPOINTS_FQDN" --suffix-storage-endpoint "$ENDPOINTS_FQDN" --suffix-keyvault-dns ".vault.$ENDPOINTS_FQDN"
az cloud set -n AzureStackCloud
az cloud update --profile 2018-03-01-hybrid
az login --service-principal -u $SPN_APPID -p $SPN_KEY --tenant $AAD_TENANTID
}
# Iterate through lease records and attempt to acquire a new lease
acquire_lease()
{
################################################
# Copy required certificates for Azure CLI
################################################
setup_cli_certificates
################################################
# Configure Cloud Endpoints in Azure CLI
################################################
configure_endpoints
leaseId="";
# TODO: List blobs and iterate through instead of iterating through downloaded files
@ -62,16 +34,6 @@ acquire_lease()
# Renew an existing lease
renew_lease()
{
################################################
# Copy required certificates for Azure CLI
################################################
setup_cli_certificates
################################################
# Configure Cloud Endpoints in Azure CLI
################################################
configure_endpoints
az storage blob lease renew --blob-name $PASSPHRASE_FILE_NAME --container-name $CONTAINER_NAME --lease-id $LEASE_ID --account-name $STORAGE_ACCOUNT --account-key $STORAGE_ACCOUNT_KEY > /dev/null;
if [ $? -ne 0 ]; then
echo "Attempt to renew lease with lease id $LEASE_ID failed."
@ -85,28 +47,38 @@ renew_lease()
start_node()
{
blobname=$1;
ipAddress=""
# Get passphrase from KeyVault and store it in password file
echo "HRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR" >> /var/log/deployment/config.log
PASSPHRASE_URI=$(cat "$CONFIGDIR/$blobname" | jq -r ".passphraseUri");
if [ -z $PASSPHRASE_URI ]; then
unsuccessful_exit "Unable to start validator node. Passphrase url should not be empty." 40
fi
keyVaultUrl="$PASSPHRASE_URI?api-version=2016-10-01";
if [ "$ACCESS_TYPE" = "SPN" ]; then
accessToken=$(get_access_token_spn "$ENDPOINTS_FQDN" "$SPN_APPID" "$SPN_KEY" "$AAD_TENANTID");
else
accessToken=$(get_access_token);
#accessToken=$(get_access_token_spn "$ENDPOINTS_FQDN" "$SPN_APPID" "$SPN_KEY" "$AAD_TENANTID");
ipAddress=$(get_ip_address "$RG_NAME");
#else
# accessToken=$(get_access_token);
fi
keyVaultResponse=$(curl $keyVaultUrl -H "Content-Type: application/json" -H "Authorization: Bearer $accessToken");
proto="$(echo $PASSPHRASE_URI | grep :// | sed -e's,^\(.*://\).*,\1,g')"
url="$(echo ${PASSPHRASE_URI/$proto/})"
IFS='.' read -r -a kvName <<< $url
IFS='.' read -r -a blob <<< $blobname
#keyVaultResponse=$(curl $keyVaultUrl -H "Content-Type: application/json" -H "Authorization: Bearer $accessToken");
keyVaultResponse=`az keyvault secret show -n $blob --vault-name $kvName`
echo "Get KeyVault secret response: $keyVaultResponse";
passphrase=$(echo $keyVaultResponse | jq -r ".value");
if [ -z $passphrase ]; then
if [ -z $passphrase ]; then
unsuccessful_exit "Unable to start validator node. Passphrase should not be empty." 41
fi
sudo docker run -d -v $PARITY_DATA_PATH:$PARITY_DATA_PATH -v $HOMEDIR:$HOMEDIR -v $DEPLOYMENT_LOG_PATH:$DEPLOYMENT_LOG_PATH -v $PARITY_LOG_PATH:$PARITY_LOG_PATH -e AZUREUSER=$AZUREUSER -e STORAGE_ACCOUNT=$STORAGE_ACCOUNT -e CONTAINER_NAME=$CONTAINER_NAME -e STORAGE_ACCOUNT_KEY=$STORAGE_ACCOUNT_KEY -e ADMINID=$ADMINID -e NUM_BOOT_NODES=$NUM_BOOT_NODES -e RPC_PORT=$RPC_PORT -e PASSPHRASE=$passphrase -e PASSPHRASE_FILE_NAME=$blobname -e PASSPHRASE_URI=$PASSPHRASE_URI -e MODE=$MODE -e LEASE_ID=$LEASE_ID -e CONSORTIUM_DATA_URL=$CONSORTIUM_DATA_URL -e MUST_DEPLOY_GATEWAY=$MUST_DEPLOY_GATEWAY -e CONFIG_LOG_FILE_PATH=$CONFIG_LOG_FILE_PATH -e PARITY_LOG_FILE_PATH=$PARITY_LOG_FILE_PATH --network host --restart on-failure $DOCKER_IMAGE_VALIDATOR
sudo docker run -d -v $PARITY_DATA_PATH:$PARITY_DATA_PATH -v $HOMEDIR:$HOMEDIR -v $DEPLOYMENT_LOG_PATH:$DEPLOYMENT_LOG_PATH -v $PARITY_LOG_PATH:$PARITY_LOG_PATH -v $CERTIFICATE_PATH:$CERTIFICATE_PATH -e AZUREUSER=$AZUREUSER -e STORAGE_ACCOUNT=$STORAGE_ACCOUNT -e CONTAINER_NAME=$CONTAINER_NAME -e STORAGE_ACCOUNT_KEY=$STORAGE_ACCOUNT_KEY -e ADMINID=$ADMINID -e NUM_BOOT_NODES=$NUM_BOOT_NODES -e RPC_PORT=$RPC_PORT -e PASSPHRASE=$passphrase -e PASSPHRASE_FILE_NAME=$blobname -e PASSPHRASE_URI=$PASSPHRASE_URI -e MODE=$MODE -e LEASE_ID=$LEASE_ID -e CONSORTIUM_DATA_URL=$CONSORTIUM_DATA_URL -e MUST_DEPLOY_GATEWAY=$MUST_DEPLOY_GATEWAY -e CONFIG_LOG_FILE_PATH=$CONFIG_LOG_FILE_PATH -e PARITY_LOG_FILE_PATH=$PARITY_LOG_FILE_PATH -e ACCESS_TYPE=$ACCESS_TYPE -e ENDPOINTS_FQDN=$ENDPOINTS_FQDN -e SPN_APPID=$SPN_APPID -e SPN_KEY=$SPN_KEY -e AAD_TENANTID=$AAD_TENANTID -e IP_ADDRESS=$ipAddress --network host --restart on-failure $DOCKER_IMAGE_VALIDATOR
if [ $? -ne 0 ]; then
unsuccessful_exit "Unable to run docker image $VALIDATOR_DOCKER_IMAGE." 42;
fi
@ -136,6 +108,45 @@ stop_node()
reset_state;
}
setup_cli_certificates()
{
if [ "$ACCESS_TYPE" = "SPN" ]; then
sudo cp /var/lib/waagent/Certificates.pem /usr/local/share/ca-certificates/azsCertificate.crt
sudo update-ca-certificates
export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
sudo sed -i -e "\$aREQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt" /etc/environment
fi
if [[ ! -z "$IS_ADFS" ]]; then
#if [[ $SPN_KEY != *"servicePrincipalCertificate.pem"* ]]; then
spCertName="$SPN_KEY.crt"
spCertKey="$SPN_KEY.prv"
sudo cp /var/lib/waagent/$spCertName /home/
sudo cp /var/lib/waagent/$spCertKey /home/
sudo cat /home/$spCertName /home/$spCertKey > /home/servicePrincipalCertificate.pem
sudo chmod 644 /home/servicePrincipalCertificate.pem
#SPN_KEY=/home/servicePrincipalCertificate.pem
az cloud register -n AzureStackCloud --endpoint-resource-manager "https://management.$ENDPOINTS_FQDN" --suffix-storage-endpoint "$ENDPOINTS_FQDN" --suffix-keyvault-dns ".vault.$ENDPOINTS_FQDN"
az cloud set -n AzureStackCloud
az cloud update --profile 2018-03-01-hybrid
az login --service-principal -u $SPN_APPID -p /home/servicePrincipalCertificate.pem --tenant $AAD_TENANTID
#fi
else
az cloud register -n AzureStackCloud --endpoint-resource-manager "https://management.$ENDPOINTS_FQDN" --suffix-storage-endpoint "$ENDPOINTS_FQDN" --suffix-keyvault-dns ".vault.$ENDPOINTS_FQDN"
az cloud set -n AzureStackCloud
az cloud update --profile 2018-03-01-hybrid
az login --service-principal -u $SPN_APPID -p $SPN_KEY --tenant $AAD_TENANTID
fi
}
configure_endpoints()
{
az cloud register -n AzureStackCloud --endpoint-resource-manager "https://management.$ENDPOINTS_FQDN" --suffix-storage-endpoint "$ENDPOINTS_FQDN" --suffix-keyvault-dns ".vault.$ENDPOINTS_FQDN"
az cloud set -n AzureStackCloud
az cloud update --profile 2018-03-01-hybrid
az login --service-principal -u $SPN_APPID -p $SPN_KEY --tenant $AAD_TENANTID
}
####################################################################################
# Parameters : Validate that all arguments are supplied
####################################################################################
@ -155,11 +166,13 @@ CONSORTIUM_DATA_URL=${11}
MUST_DEPLOY_GATEWAY=${12}
# Hybrid environment arguments
ACCESS_TYPE=${26}
ENDPOINTS_FQDN=${27}
SPN_APPID=${28}
SPN_KEY=${29}
AAD_TENANTID=${30}
ACCESS_TYPE=${13}
ENDPOINTS_FQDN=${14}
SPN_APPID=${15}
SPN_KEY=${16}
AAD_TENANTID=${17}
RG_NAME=${18}
IS_ADFS=${19}
# Echo out the parameters
echo "--- configure-validator.sh starting up ---"
@ -180,6 +193,8 @@ echo "ENDPOINTS_FQDN=$ENDPOINTS_FQDN"
echo "SPN_APPID=$SPN_APPID"
echo "SPN_KEY=$SPN_KEY"
echo "AAD_TENANTID=$AAD_TENANTID"
echo "RG_NAME=$RG_NAME"
echo "IS_ADFS = $IS_ADFS"
#####################################################################################
# Log Folder Locations
@ -195,16 +210,27 @@ CONFIGDIR="$HOMEDIR/config";
PASSPHRASE_FILE_NAME="";
LEASE_ID="";
RENEW_INTERVAL_IN_SECS=10;
LEASE_DURATION_IN_SECS=30;
LEASE_DURATION_IN_SECS=60;
BOOT_NODES_FILE="$HOMEDIR/bootnodes.txt";
PASSPHRASE_URI="";
PARITY_VOLUME="/opt/parity";
POA_NETWORK_UPFILE="$HOMEDIR/networkup.txt";
PARITY_DATA_PATH="/opt/parity"
CERTIFICATE_PATH="/var/lib/waagent/"
PARITY_LOG_FILE_PATH="/var/log/parity/parity.log"
PARITY_IPC_PATH="/opt/parity/jsonrpc.ipc"
PARITY_LOG_PATH="/var/log/parity"
################################################
# Copy required certificates for Azure CLI
################################################
setup_cli_certificates
################################################
# Configure Cloud Endpoints in Azure CLI
################################################
#configure_endpoints
reset_state;
##################################################################################################