Azure
/
AzureStack-Tools
зеркало из https://github.com/Azure/AzureStack-Tools.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Merge branch 'renamestaging' into vnext

This commit is contained in:
MatthewMcGlynn 2017-06-27 14:06:54 -07:00 коммит произвёл GitHub
Родитель 97f182c98a 495da3d409
Коммит 713fa64e5b
34 изменённых файлов: 2775 добавлений и 4368 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

50
CanaryValidator/Canary.Tests.ps1
Просмотреть файл

@ -196,62 +196,62 @@ while ($runCount -le $NumberOfIterations)
{
Invoke-Usecase -Name 'GetAzureStackInfraRole' -Description "List all infrastructure roles" -UsecaseBlock `
{
Get-AzSInfraRole -AzureStackCredentials $ServiceAdminCredentials -TenantID $TenantID -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzsInfrastructureRole -Location $ResourceLocation
}
Invoke-Usecase -Name 'GetAzureStackInfraRoleInstance' -Description "List all infrastructure role instances" -UsecaseBlock `
{
Get-AzSInfraRoleInstance -AzureStackCredentials $ServiceAdminCredentials -TenantID $TenantID -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzsInfrastructureRoleInstance -Location $ResourceLocation
}
Invoke-Usecase -Name 'GetAzureStackLogicalNetwork' -Description "List all logical networks" -UsecaseBlock `
{
Get-AzSLogicalNetwork -AzureStackCredentials $ServiceAdminCredentials -TenantID $TenantID -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzsLogicalNetwork -Location $ResourceLocation
}
Invoke-Usecase -Name 'GetAzureStackStorageCapacity' -Description "List storage capacity" -UsecaseBlock `
{
Get-AzSStorageSubsystem -AzureStackCredentials $ServiceAdminCredentials -TenantID $TenantID -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzSStorageSubsystem -Location $ResourceLocation
}
Invoke-Usecase -Name 'GetAzureStackStorageShare' -Description "List all storage file shares" -UsecaseBlock `
{
Get-AzSStorageShare -AzureStackCredentials $ServiceAdminCredentials -TenantID $TenantID -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzsStorageShare -Location $ResourceLocation
}
Invoke-Usecase -Name 'GetAzureStackScaleUnit' -Description "List Azure Stack scale units in specified Region" -UsecaseBlock `
{
Get-AzSScaleUnit -AzureStackCredentials $ServiceAdminCredentials -TenantID $TenantID -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzsScaleUnit -Location $ResourceLocation
}
Invoke-Usecase -Name 'GetAzureStackScaleUnitNode' -Description "List nodes in scale unit" -UsecaseBlock `
{
Get-AzSScaleUnitNode -AzureStackCredentials $ServiceAdminCredentials -TenantID $TenantID -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzsScaleUnitNode -Location $ResourceLocation
}
Invoke-Usecase -Name 'GetAzureStackIPPool' -Description "List all IP pools" -UsecaseBlock `
{
Get-AzSIPPool -AzureStackCredentials $ServiceAdminCredentials -TenantID $TenantID -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzsIpPool -Location $ResourceLocation
}
Invoke-Usecase -Name 'GetAzureStackMacPool' -Description "List all MAC address pools " -UsecaseBlock `
{
Get-AzSMacPool -AzureStackCredentials $ServiceAdminCredentials -TenantID $TenantID -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzsMacPool -Location $ResourceLocation
}
Invoke-Usecase -Name 'GetAzureStackGatewayPool' -Description "List all gateway pools" -UsecaseBlock `
{
Get-AzSGatewayPool -AzureStackCredentials $ServiceAdminCredentials -TenantID $TenantID -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzsGatewayPool -Location $ResourceLocation
}
Invoke-Usecase -Name 'GetAzureStackSLBMux' -Description "List all SLB MUX instances" -UsecaseBlock `
{
Get-AzSSLBMUX -AzureStackCredentials $ServiceAdminCredentials -TenantID $TenantID -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzsSlbMux -Location $ResourceLocation
}
Invoke-Usecase -Name 'GetAzureStackGateway' -Description "List all gateway" -UsecaseBlock `
{
Get-AzSGateway -AzureStackCredentials $ServiceAdminCredentials -TenantID $TenantID -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzsGateway -Location $ResourceLocation
}
}
@ -259,7 +259,7 @@ while ($runCount -le $NumberOfIterations)
{
Invoke-Usecase -Name 'GetAzureStackAlert' -Description "List all alerts" -UsecaseBlock `
{
Get-AzSAlert -TenantID $TenantID -AzureStackCredentials $ServiceAdminCredentials -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzsAlert -Location $ResourceLocation
}
}
@ -267,12 +267,12 @@ while ($runCount -le $NumberOfIterations)
{
Invoke-Usecase -Name 'GetAzureStackUpdateSummary' -Description "List summary of updates status" -UsecaseBlock `
{
Get-AzSUpdateLocation -TenantID $TenantID -AzureStackCredentials $ServiceAdminCredentials -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzSUpdateLocation -Location $ResourceLocation
}
Invoke-Usecase -Name 'GetAzureStackUpdateToApply' -Description "List all updates that can be applied" -UsecaseBlock `
{
Get-AzSUpdate -TenantID $TenantID -AzureStackCredentials $ServiceAdminCredentials -EnvironmentName $SvcAdminEnvironmentName -region $ResourceLocation
Get-AzsUpdate -Location $ResourceLocation
}
}
@ -282,7 +282,7 @@ while ($runCount -le $NumberOfIterations)
{
if (-not (Get-AzureRmVMImage -Location $ResourceLocation -PublisherName "MicrosoftWindowsServer" -Offer "WindowsServer" -Sku "2016-Datacenter-Core" -ErrorAction SilentlyContinue))
{
New-Server2016VMImage -ISOPath $WindowsISOPath -TenantId $TenantID -EnvironmentName $SvcAdminEnvironmentName -Location $ResourceLocation -Version Core -AzureStackCredentials $ServiceAdminCredentials -CreateGalleryItem $false
New-AzsServer2016VMImage -ISOPath $WindowsISOPath -Location $ResourceLocation -Version Core -CreateGalleryItem $false
}
}
}
@ -302,7 +302,7 @@ while ($runCount -le $NumberOfIterations)
}
New-Item -Path $CanaryCustomImageFolder -ItemType Directory
$CustomVHDPath = CopyImage -ImagePath $LinuxImagePath -OutputFolder $CanaryCustomImageFolder
Add-VMImage -publisher $linuxImagePublisher -offer $linuxImageOffer -sku $LinuxOSSku -version $linuxImageVersion -osDiskLocalPath $CustomVHDPath -osType Linux -tenantID $TenantID -azureStackCredentials $ServiceAdminCredentials -Location $ResourceLocation -CreateGalleryItem $false -EnvironmentName $SvcAdminEnvironmentName
Add-AzsVMImage -publisher $linuxImagePublisher -offer $linuxImageOffer -sku $LinuxOSSku -version $linuxImageVersion -osDiskLocalPath $CustomVHDPath -osType Linux -Location $ResourceLocation -CreateGalleryItem $false
Remove-Item $CanaryCustomImageFolder -Force -Recurse
}
}
@ -404,7 +404,7 @@ while ($runCount -le $NumberOfIterations)
{
Invoke-Usecase -Name 'ListAssignedRoles' -Description "List assigned roles to Service Principle - $($servicePrincipal.DisplayName)" -UsecaseBlock `
{
Get-AzureRmRoleAssignment -ObjectId $servicePrincipal.Id -ErrorAction Stop
Get-AzureRmRoleAssignment -ObjectId $servicePrincipal.Id -ErrorAction Stop
}
$allAssignedRoles = Get-AzureRmRoleAssignment -ObjectId $servicePrincipal.Id -ErrorAction Stop
@ -412,12 +412,12 @@ while ($runCount -le $NumberOfIterations)
{
Invoke-Usecase -Name 'AssignReaderRole' -Description "Assign Reader role to Service Principle - $($servicePrincipal.DisplayName)" -UsecaseBlock `
{
New-AzureRmRoleAssignment -Scope "/Subscriptions/$subscriptionID" -RoleDefinitionName $readerRole.Name -ObjectId $servicePrincipal.Id -ErrorAction Stop
New-AzureRmRoleAssignment -Scope "/Subscriptions/$subscriptionID" -RoleDefinitionName $readerRole.Name -ObjectId $servicePrincipal.Id -ErrorAction Stop
}
Invoke-Usecase -Name 'VerifyReaderRoleAssignment' -Description "Verify if the Service Principle has got Reader role assigned successfully" -UsecaseBlock `
{
if (-not (Get-AzureRmRoleAssignment -RoleDefinitionName $readerRole.Name -Scope "/Subscriptions/$subscriptionID" -ErrorAction Stop))
if (-not (Get-AzureRmRoleAssignment -RoleDefinitionName $readerRole.Name -Scope "/Subscriptions/$subscriptionID" -ErrorAction Stop))
{
throw [System.Exception] "Unable to assign role ($readerRole.Name) to Service Principle ($servicePrincipal.Id) for subscription $tenantSubscriptionName"
}
@ -427,7 +427,7 @@ while ($runCount -le $NumberOfIterations)
{
Invoke-Usecase -Name 'RemoveReaderRoleAssignment' -Description "Remove Reader role assignment from Service Principle - $($servicePrincipal.DisplayName)" -UsecaseBlock `
{
Remove-AzureRmRoleAssignment -Scope "/Subscriptions/$subscriptionID" -RoleDefinitionName $readerRole.Name -ObjectId $servicePrincipal.Id -Force -ErrorAction Stop
Remove-AzureRmRoleAssignment -Scope "/Subscriptions/$subscriptionID" -RoleDefinitionName $readerRole.Name -ObjectId $servicePrincipal.Id -Force -ErrorAction Stop
}
}
}
@ -435,7 +435,7 @@ while ($runCount -le $NumberOfIterations)
Invoke-Usecase -Name 'ListExistingRoleDefinitions' -Description "List existing Role Definitions" -UsecaseBlock `
{
$availableRoles = Get-AzureRmRoleDefinition -ErrorAction Stop
$availableRoles = Get-AzureRmRoleDefinition -ErrorAction Stop
if (-not $availableRoles)
{
throw [System.Exception] "No roles are available."
@ -458,7 +458,7 @@ while ($runCount -le $NumberOfIterations)
{
Invoke-Usecase -Name 'CustomRoleDefinition' -Description "Create a custom Role Definition - $customRoleName" -UsecaseBlock `
{
$role = Get-AzureRmRoleDefinition -Name Reader
$role = Get-AzureRmRoleDefinition -Name Reader
$role.Id = $null
$role.Name = $customRoleName
$role.Description = "Custom role definition for Canary"
@ -477,14 +477,14 @@ while ($runCount -le $NumberOfIterations)
{
Invoke-Usecase -Name 'RemoveCustomRoleDefinition' -Description "Remove custom role definition - $customRoleName" -UsecaseBlock `
{
Remove-AzureRmRoleDefinition -Name $customRoleName -Scope "/Subscriptions/$subscriptionID" -Force -ErrorAction Stop
Remove-AzureRmRoleDefinition -Name $customRoleName -Scope "/Subscriptions/$subscriptionID" -Force -ErrorAction Stop
}
}
}
Invoke-Usecase -Name 'GetProviderOperations' -Description "Get provider operations for all resource providers" -UsecaseBlock `
{
$resourceProviders = Get-AzureRmResourceProvider -ListAvailable
$resourceProviders = Get-AzureRmResourceProvider -ListAvailable
# Some of the RPs have not implemented their operations API yet. So update this exclusion list whenever any RP implements its operations API
$rpOperationsExclusionList = @("Microsoft.Compute", "Microsoft.Commerce", "Microsoft.Gallery", "Microsoft.Insights")
$totalOperationsPerRP = @()

25
CanaryValidator/README.md
Просмотреть файл

@ -4,14 +4,16 @@ Canary validator provides a breadth customer experience with the Azure Stack dep
Instructions are relative to the .\CanaryValidator directory.
Canary can be invoked either as Service Administrator or Tenant Administrator.
# Download Canary
## Download Canary
```powershell
Invoke-WebRequest https://github.com/Azure/AzureStack-Tools/archive/master.zip -OutFile master.zip
Expand-Archive master.zip -DestinationPath . -Force
Set-Location -Path ".\AzureStack-Tools-master\CanaryValidator" -PassThru
```
# To execute Canary as Tenant Administrator (if Windows Server 2016 or Windows Server 2012-R2 images are already present in the PIR)
## To execute Canary as Tenant Administrator (if Windows Server 2016 or Windows Server 2012-R2 images are already present in the PIR)
```powershell
# Install-Module -Name 'AzureRm.Bootstrapper' -Scope CurrentUser
# Install-AzureRmProfile -profile '2017-03-09-profile' -Force -Scope CurrentUser
@ -21,7 +23,8 @@ $ServiceAdminCreds = New-Object System.Management.Automation.PSCredential "<Ser
.\Canary.Tests.ps1 -TenantID "<TenantID from Azure Active Directory>" -AdminArmEndpoint "<Administrative ARM endpoint>" -ServiceAdminCredentials $ServiceAdminCreds -TenantArmEndpoint "<Tenant ARM endpoint>" -TenantAdminCredentials $TenantAdminCreds
```
# To execute Canary as Tenant Administrator (if Windows Server 2016 or Windows Server 2012-R2 images are not present in PIR)
## To execute Canary as Tenant Administrator (if Windows Server 2016 or Windows Server 2012-R2 images are not present in PIR)
```powershell
# Download the WS2016 ISO image from: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016, and place it on your local machine
# Install-Module -Name 'AzureRm.Bootstrapper' -Scope CurrentUser
@ -32,7 +35,8 @@ $ServiceAdminCreds = New-Object System.Management.Automation.PSCredential "<Ser
.\Canary.Tests.ps1 -TenantID "<TenantID from Azure Active Directory>" -AdminArmEndpoint "<Administrative ARM endpoint>" -ServiceAdminCredentials $ServiceAdminCreds -TenantArmEndpoint "<Tenant ARM endpoint>" -TenantAdminCredentials $TenantAdminCreds -WindowsISOPath "<path where the WS2016 ISO is present>"
```
# To execute Canary as Service Administrator
## To execute Canary as Service Administrator
```powershell
# Install-Module -Name 'AzureRm.Bootstrapper' -Scope CurrentUser
# Install-AzureRmProfile -profile '2017-03-09-profile' -Force -Scope CurrentUser
@ -41,7 +45,8 @@ $ServiceAdminCreds = New-Object System.Management.Automation.PSCredential "<Ser
.\Canary.Tests.ps1 -TenantID "<TenantID from Azure Active Directory>" -AdminArmEndpoint "<Administrative ARM endpoint>" -ServiceAdminCredentials $ServiceAdminCreds
```
# To list the usecases in Canary
## To list the usecases in Canary
```powershell
# Install-Module -Name 'AzureRm.Bootstrapper' -Scope CurrentUser
# Install-AzureRmProfile -profile '2017-03-09-profile' -Force -Scope CurrentUser
@ -100,7 +105,8 @@ Sample output:
DeleteUtilitiesResourceGroup
```
# To exclude certain usecases from getting executed
## To exclude certain usecases from getting executed
```powershell
# Install-Module -Name 'AzureRm.Bootstrapper' -Scope CurrentUser
# Install-AzureRmProfile -profile '2017-03-09-profile' -Force -Scope CurrentUser
@ -110,10 +116,12 @@ $ServiceAdminCreds = New-Object System.Management.Automation.PSCredential "<Ser
.\Canary.Tests.ps1 -TenantID "<TenantID from Azure Active Directory>" -AdminArmEndpoint "<Administrative ARM endpoint>" -ServiceAdminCredentials $ServiceAdminCreds -ExclusionList "ListFabricResourceProviderInfo","ListUpdateResourceProviderInfo"
```
# Reading the results & logs
## Reading the results & logs
Canary generates log files in the TMP directory ($env:TMP). The logs can be found under the directory "CanaryLogs[DATETIME]". There are two types of logs generated, a text log and a JSON log. JSON log provides a quick and easy view of all the usecases and their corresponding results. Text log provides a more detailed output of each usecase execution, its output and results.
Each usecase entry in the JSON log consists of the following fields.
- Name
- Description
- StartTime
@ -121,5 +129,4 @@ Each usecase entry in the JSON log consists of the following fields.
- Result
- Exception (in case a scenario fails)
The exception field is helpful to debug failed usecases.
The exception field is helpful to debug failed use cases.

309
CloudCapabilities/AzureRM.CloudCapabilities.psm1
Просмотреть файл

@ -5,186 +5,159 @@
<#
.SYNOPSIS
Get Cloud Capabilities (ARM resources, Api-version, VM Extensions, VM Images, VMSizes etc) for Azure Stack and Azure.
#>
function Get-AzureRMCloudCapabilities()
{
[CmdletBinding()]
function Get-AzureRMCloudCapability() {
[CmdletBinding()]
[OutputType([string])]
Param(
[Parameter(HelpMessage = 'Json output file')]
[Parameter(HelpMessage = 'Json output file')]
[String] $OutputPath = "AzureCloudCapabilities.Json",
[Parameter(HelpMessage='Cloud Capabilities for the specified location')]
[String] $Location,
[Parameter(HelpMessage = 'Cloud Capabilities for the specified location')]
[String] $Location,
[Parameter(HelpMessage = 'Set this to get compute resource provider Capabilities like Extensions, Images, Sizes')]
[Switch] $IncludeComputeCapabilities,
[Parameter(HelpMessage = 'Set this to get compute resource provider Capabilities like Extensions, Images, Sizes')]
[Switch] $IncludeComputeCapabilities,
[Parameter(HelpMessage = 'Set this to get storage resource provider Capabilities like Sku')]
[Switch] $IncludeStorageCapabilities
[Parameter(HelpMessage = 'Set this to get storage resource provider Capabilities like Sku')]
[Switch] $IncludeStorageCapabilities
)
$sw = [Diagnostics.Stopwatch]::StartNew()
Write-Verbose "Getting CloudCapabilities for location: '$location'"
$providerNamespaces = (Get-AzureRmResourceProvider -ListAvailable -Location $location -ErrorAction Stop).ProviderNamespace
$resources = @()
foreach ($providerNamespace in $providerNamespaces)
{
Write-Verbose "Working on $providerNamespace provider namespace"
try
{
$resourceTypes = (Get-AzureRmResourceProvider -ProviderNamespace $providerNamespace -Location $location -ErrorAction Stop).ResourceTypes
foreach ($resourceType in $resourceTypes)
{
$result = "" | Select-Object ProviderNamespace, ResourceTypeName, Locations, ApiVersions
$result.ProviderNamespace = $providerNamespace
$result.ResourceTypeName = $resourceType.ResourceTypeName
$result.Locations = $resourceType.Locations
$result.ApiVersions = $resourceType.ApiVersions
$resources += , $result
}
}
catch
{
Write-Error "Error occurred processing $providerNamespace provider namespace.Exception: " $_.Exception.Message
}
}
$capabilities = @{}
$capabilities.Add("resources", $resources) | Out-Null
if ($IncludeComputeCapabilities)
{
Write-Verbose "Getting VMSizes for $location"
try
{
$vmSizes = (Get-AzureRmVMSize -Location $location -ErrorAction Stop| Where-Object {$_.Name -like "*"}).Name
if ($vmSizes)
{
$capabilities.Add("VMSizes", $vmSizes)
}
else
{
Write-Verbose "No VMSizes found for $location"
}
}
catch
{
Write-Error "Error occurred processing VMSizes for $location. Exception: " $_.Exception.Message
}
Write-Verbose "Getting VMImages and Extensions for location $location"
try
{
$publishers = Get-AzureRmVMImagePublisher -Location $location | Where-Object { $_.PublisherName -like "*" }
}
catch
{
Write-Error "Error occurred processing VMimagePublisher for $location. Exception: " $_.Exception.Message
}
if ($publishers)
{
$imageList = New-Object System.Collections.ArrayList
$extensionList = New-Object System.Collections.ArrayList
foreach ($publisherObj in $publishers)
{
$publisher = $publisherObj.PublisherName
$offers = Get-AzureRmVMImageOffer -Location $location -PublisherName $publisher
if ($offers -ne $null)
{
$offerList = New-Object System.Collections.ArrayList
foreach ($offerObj in $offers)
{
$offer = $offerObj.Offer
$skuList = New-Object System.Collections.ArrayList
$skus = Get-AzureRmVMImageSku -Location $location -PublisherName $publisher -Offer $offer
foreach ($skuObj in $skus)
{
$sku = $skuObj.Skus
Write-Verbose "Getting VMImage for publisher:$publisher , Offer:$offer , sku:$sku , location: $location"
$images = Get-AzureRmVMImage -Location $location -PublisherName $publisher -Offer $offer -sku $sku
$versions = $images.Version
if ($versions.Count -le 1)
{
$versions = @($versions)
}
$skuDict = @{"skuName" = $sku; "versions" = $versions}
$skuList.Add($skuDict) | Out-Null
}
$sw = [Diagnostics.Stopwatch]::StartNew()
Write-Verbose "Getting CloudCapabilities for location: '$location'"
$providerNamespaces = (Get-AzureRmResourceProvider -ListAvailable -Location $location -ErrorAction Stop).ProviderNamespace
$resources = @()
foreach ($providerNamespace in $providerNamespaces) {
Write-Verbose "Working on $providerNamespace provider namespace"
try {
$resourceTypes = (Get-AzureRmResourceProvider -ProviderNamespace $providerNamespace -Location $location -ErrorAction Stop).ResourceTypes
foreach ($resourceType in $resourceTypes) {
$result = "" | Select-Object ProviderNamespace, ResourceTypeName, Locations, ApiVersions
$result.ProviderNamespace = $providerNamespace
$result.ResourceTypeName = $resourceType.ResourceTypeName
$result.Locations = $resourceType.Locations
$result.ApiVersions = $resourceType.ApiVersions
$resources += , $result
}
}
catch {
Write-Error "Error occurred processing $providerNamespace provider namespace.Exception: " $_.Exception.Message
}
}
$offerDict = @{ "offerName" = $offer; "skus" = $skuList }
$offerList.Add($offerDict) | Out-Null
}
$capabilities = @{}
$capabilities.Add("resources", $resources) | Out-Null
$publisherDict = @{ "publisherName" = $publisher; "offers"= $offerList;"location" = $location }
$imageList.Add($publisherDict) | Out-Null
}
else
{
$types = Get-AzureRmVMExtensionImageType -Location $location -PublisherName $publisher
$typeList = New-Object System.Collections.ArrayList
if ($types -ne $null)
{
foreach ($type in $types.Type)
{
Write-Verbose "Getting VMExtension for publisher:$publisher , Type:$type , location: $location"
$extensions = Get-AzureRmVMExtensionImage -Location $location -PublisherName $publisher -Type $type
$versions = $extensions.Version
if ($versions.Count -le 1)
{
$versions = @($versions)
}
$typeDict = @{ "type" = $type; "versions" = $versions }
$typeList.Add($typeDict) | Out-Null
}
$publisherDict = @{ "publisher" = $publisher; "types" = $typeList;"location" = $location }
$extensionList.Add($publisherDict) | Out-Null
}
else
{
"none @ " + $publisher
}
}
}
$capabilities.Add("VMExtensions", $extensionList)
$capabilities.Add("VMImages", $imageList)
}
}
if ($IncludeStorageCapabilities)
{
Write-Verbose "Getting Storage Sku supported for $location"
try
{
$storageSkus = Get-AzureRmResource -ResourceType "Microsoft.Storage/Skus" -ResourceName "/"
if ($storageSkus)
{
$skuList = New-Object System.Collections.ArrayList
$storageKind = $storageSkus| Select-Object Kind | Get-Unique -AsString
foreach ($kind in $storageKind.Kind)
{
$skus= ($storageSkus | Where-Object { $_.Kind -eq $kind }).Name
$kindDict = @{ "kind" = $kind; "skus" = $skus }
$skuList.Add($kindDict) | Out-Null
}
$capabilities.Add("StorageSkus", $skuList)
}
else
{
Write-Verbose "No StorageSkus found for $location"
}
}
catch
{
Write-Error "Error occurred processing StorageSkus for $location. Exception: " $_.Exception.Message
}
}
$capabilitiesJson = ConvertTo-Json $capabilities -Depth 10
$capabilitiesJson | Out-File $OutputPath
if ($IncludeComputeCapabilities) {
Write-Verbose "Getting VMSizes for $location"
try {
$vmSizes = (Get-AzureRmVMSize -Location $location -ErrorAction Stop| Where-Object {$_.Name -like "*"}).Name
if ($vmSizes) {
$capabilities.Add("VMSizes", $vmSizes)
}
else {
Write-Verbose "No VMSizes found for $location"
}
}
catch {
Write-Error "Error occurred processing VMSizes for $location. Exception: " $_.Exception.Message
}
$sw.Stop()
$time = $sw.Elapsed
"Cloud Capabilities JSON Generation Complete"
"Time Elapsed = " + [math]::floor($time.TotalMinutes) + " min " + $time.Seconds + " sec"
Write-Verbose "Getting VMImages and Extensions for location $location"
try {
$publishers = Get-AzureRmVMImagePublisher -Location $location | Where-Object { $_.PublisherName -like "*" }
}
catch {
Write-Error "Error occurred processing VMimagePublisher for $location. Exception: " $_.Exception.Message
}
if ($publishers) {
$imageList = New-Object System.Collections.ArrayList
$extensionList = New-Object System.Collections.ArrayList
foreach ($publisherObj in $publishers) {
$publisher = $publisherObj.PublisherName
$offers = Get-AzureRmVMImageOffer -Location $location -PublisherName $publisher
if ($offers) {
$offerList = New-Object System.Collections.ArrayList
foreach ($offerObj in $offers) {
$offer = $offerObj.Offer
$skuList = New-Object System.Collections.ArrayList
$skus = Get-AzureRmVMImageSku -Location $location -PublisherName $publisher -Offer $offer
foreach ($skuObj in $skus) {
$sku = $skuObj.Skus
Write-Verbose "Getting VMImage for publisher:$publisher , Offer:$offer , sku:$sku , location: $location"
$images = Get-AzureRmVMImage -Location $location -PublisherName $publisher -Offer $offer -sku $sku
$versions = $images.Version
if ($versions.Count -le 1) {
$versions = @($versions)
}
$skuDict = @{"skuName" = $sku; "versions" = $versions}
$skuList.Add($skuDict) | Out-Null
}
$offerDict = @{ "offerName" = $offer; "skus" = $skuList }
$offerList.Add($offerDict) | Out-Null
}
$publisherDict = @{ "publisherName" = $publisher; "offers" = $offerList; "location" = $location }
$imageList.Add($publisherDict) | Out-Null
}
else {
$types = Get-AzureRmVMExtensionImageType -Location $location -PublisherName $publisher
$typeList = New-Object System.Collections.ArrayList
if ($types) {
foreach ($type in $types.Type) {
Write-Verbose "Getting VMExtension for publisher:$publisher , Type:$type , location: $location"
$extensions = Get-AzureRmVMExtensionImage -Location $location -PublisherName $publisher -Type $type
$versions = $extensions.Version
if ($versions.Count -le 1) {
$versions = @($versions)
}
$typeDict = @{ "type" = $type; "versions" = $versions }
$typeList.Add($typeDict) | Out-Null
}
$publisherDict = @{ "publisher" = $publisher; "types" = $typeList; "location" = $location }
$extensionList.Add($publisherDict) | Out-Null
}
else {
"none @ " + $publisher
}
}
}
$capabilities.Add("VMExtensions", $extensionList)
$capabilities.Add("VMImages", $imageList)
}
}
if ($IncludeStorageCapabilities) {
Write-Verbose "Getting Storage Sku supported for $location"
try {
$storageSkus = Get-AzureRmResource -ResourceType "Microsoft.Storage/Skus" -ResourceName "/"
if ($storageSkus) {
$skuList = New-Object System.Collections.ArrayList
$storageKind = $storageSkus| Select-Object Kind | Get-Unique -AsString
foreach ($kind in $storageKind.Kind) {
$skus = ($storageSkus | Where-Object { $_.Kind -eq $kind }).Name
$kindDict = @{ "kind" = $kind; "skus" = $skus }
$skuList.Add($kindDict) | Out-Null
}
$capabilities.Add("StorageSkus", $skuList)
}
else {
Write-Verbose "No StorageSkus found for $location"
}
}
catch {
Write-Error "Error occurred processing StorageSkus for $location. Exception: " $_.Exception.Message
}
}
$capabilitiesJson = ConvertTo-Json $capabilities -Depth 10
$capabilitiesJson | Out-File $OutputPath
$sw.Stop()
$time = $sw.Elapsed
"Cloud Capabilities JSON Generation Complete"
"Time Elapsed = " + [math]::floor($time.TotalMinutes) + " min " + $time.Seconds + " sec"
}

7
CloudCapabilities/README.md
Просмотреть файл

@ -1,11 +1,16 @@
# Get Cloud Capabilities
Instructions below are relative to the .\CloudCapabilities folder of the [AzureStack-Tools repo](..).
To get VMImages, Extensions & Sizes available in the cloud, add -IncludeComputeCapabilities
To get StorageSkus available in the cloud, add -IncludeStorageCapabilities
```powershell
Import-Module ".\AzureRM.CloudCapabilities.psm1"
```
# Prerequisites
## Prerequisites
Connected Azure or AzureStack powershell environment (Refer [AzureStack-Tools repo/Connect](../Connect) for connecting to an Azure Stack instance. )
```powershell

859
ComputeAdmin/AzureStack.ComputeAdmin.psm1
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

113
ComputeAdmin/README.md
Просмотреть файл

@ -1,4 +1,5 @@
# Azure Stack Compute Administration
Instructions below are relative to the .\ComputeAdmin folder of the [AzureStack-Tools repo](..).
Make sure you have the following module prerequisites installed:
@ -6,45 +7,53 @@ Make sure you have the following module prerequisites installed:
```powershell
Install-Module -Name 'AzureRm.Bootstrapper' -Scope CurrentUser
Install-AzureRmProfile -profile '2017-03-09-profile' -Force -Scope CurrentUser
Install-Module -Name AzureStack -RequiredVersion 1.2.9 -Scope CurrentUser
Install-Module -Name AzureStack -RequiredVersion 1.2.10 -Scope CurrentUser
```
Then make sure the following modules are imported:
```powershell
Import-Module ..\Connect\AzureStack.Connect.psm1
Import-Module .\AzureStack.ComputeAdmin.psm1
```
You will need to reference your Azure Stack Administrator environment. To create an administrator environment use the below. The ARM endpoint below is the administrator default for a one-node environment.
## Add PowerShell environment
You will need to login to your Azure Stack Administrator environment. To create an administrator environment use the below. The ARM endpoint below is the administrator default for a one-node environment.
```powershell
Add-AzureStackAzureRmEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external"
Add-AzureRMEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external"
```
Adding a VM Image requires that you obtain the value of your Directory Tenant ID. For **Azure Active Directory** environments provide your directory tenant name:
Then login:
```powershell
$TenantID = Get-DirectoryTenantID -AADTenantName "<mydirectorytenant>.onmicrosoft.com" -EnvironmentName AzureStackAdmin
Login-AzureRmAccount -EnvironmentName "AzureStackAdmin"
```
----
If you are **not** using your home directory tenant, you will need to supply the tenant ID to your login command. You may find it easiest to obtain using the Connect tool. For **Azure Active Directory** environments provide your directory tenant name:
```powershell
$TenantID = Get-AzsDirectoryTenantId -AADTenantName "<mydirectorytenant>.onmicrosoft.com" -EnvironmentName AzureStackAdmin
```
For **ADFS** environments use the following:
```powershell
$TenantID = Get-DirectoryTenantID -ADFS -EnvironmentName AzureStackAdmin
$TenantID = Get-AzsDirectoryTenantId -ADFS -EnvironmentName AzureStackAdmin
```
## Add the WS2016 Evaluation VM Image
The New-Server2016VMImage allows you to add a Windows Server 2016 Evaluation VM Image to your Azure Stack Marketplace.
The New-AzsServer2016VMImage allows you to add a Windows Server 2016 Evaluation VM Image to your Azure Stack Marketplace.
As a prerequisite, you need to obtain the Windows Server 2016 Evaluation ISO which can be found [here](https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016).
An example usage is the following:
```powershell
$ISOPath = "<Path to ISO>"
New-Server2016VMImage -ISOPath $ISOPath -TenantId $TenantID -EnvironmentName "AzureStackAdmin"
New-AzsServer2016VMImage -ISOPath $ISOPath
```
Please make sure to specify the correct administrator ARM endpoint for your environment.
This command may show a **popup prompt that can be ignored** without issue.
@ -55,31 +64,25 @@ Please note that to use this image for **installing additional Azure Stack servi
## Add a VM image to the Marketplace with PowerShell
1. Prepare a Windows or Linux operating system virtual hard disk image in VHD format (not VHDX).
- For Windows images, the article [Upload a Windows VM image to Azure for Resource Manager deployments](https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-windows-upload-image/) contains image preparation instructions in the **Prepare the VHD for upload** section.
- For Linux images, follow the steps to
- For Windows images, the article [Upload a Windows VM image to Azure for Resource Manager deployments](https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-windows-upload-image/) contains image preparation instructions in the **Prepare the VHD for upload** section.
- For Linux images, follow the steps to
prepare the image or use an existing Azure Stack Linux image as described in
the article [Deploy Linux virtual machines on Azure
Stack](https://azure.microsoft.com/en-us/documentation/articles/azure-stack-linux/).
2. Add the VM image by invoking the Add-VMImage cmdlet.
- Include the publisher, offer, SKU, and version for the VM image. These parameters are used by Azure Resource Manager templates that reference the VM image.
- Specify osType as Windows or Linux.
- Include your Azure Active Directory tenant ID in the form *&lt;mydirectory&gt;*.onmicrosoft.com.
- The following is an example invocation of the script:
1. Add the VM image by invoking the Add-AzsVMImage cmdlet.
You will need to reference your Azure Stack Administrator environment. To create an administrator environment use the below. The ARM endpoint below is the administrator default for a one-node environment.
- Include the publisher, offer, SKU, and version for the VM image. These parameters are used by Azure Resource Manager templates that reference the VM image.
- Specify osType as Windows or Linux.
- The following is an example invocation of the script:
```powershell
Add-AzureStackAzureRmEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external"
Add-AzsVMImage -publisher "Canonical" -offer "UbuntuServer" -sku "14.04.3-LTS" -version "1.0.0" -osType Linux -osDiskLocalPath 'C:\Users\<me>\Desktop\UbuntuServer.vhd'
```
```powershell
Add-VMImage -publisher "Canonical" -offer "UbuntuServer" -sku "14.04.3-LTS" -version "1.0.0" -osType Linux -osDiskLocalPath 'C:\Users\<me>\Desktop\UbuntuServer.vhd' -tenantID <GUID AADTenant> -EnvironmentName "AzureStackAdmin"
```
Note: The cmdlet requests credentials for adding the VM image. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Uploads the local VHD to a newly created temporary storage account
- Adds the VM image to the VM image repository
@ -88,79 +91,49 @@ The command does the following:
To verify that the command ran successfully, go to Marketplace in the portal, and then verify that the VM image is available in the **Virtual Machines** category.
## Remove a VM Image with PowerShell
Run the below command to remove an uploaded VM image. After removal, tenants will no longer be able to deploy virtual machines with this image.
You will need to reference your Azure Stack Administrator environment. To create an administrator environment use the below. The ARM endpoint below is the administrator default for a one-node environment.
```powershell
Add-AzureStackAzureRmEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external"
```
```powershell
Remove-VMImage -publisher "Canonical" -offer "UbuntuServer" -sku "14.04.3-LTS" -version "1.0.0" -tenantID <GUID AADTenant> -EnvironmentName "AzureStackAdmin"
Remove-AzsVMImage -publisher "Canonical" -offer "UbuntuServer" -sku "14.04.3-LTS" -version "1.0.0"
```
Note: This cmdlet will remove the associated Marketplace item unless the -KeepMarketplaceItem parameter is specified.
## Add a VM extension to the Compute with PowerShell
You will need to reference your Azure Stack Administrator environment. To create an administrator environment use the below. The ARM endpoint below is the administrator default for a one-node environment.
```powershell
Add-AzureStackAzureRmEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external"
```
An example usage is the following:
```powershell
$path = "<Path to vm extension zip>"
Add-VMExtension -publisher "Publisher" -type "Type" -version "1.0.0.0" -extensionLocalPath $path -osType Windows -tenantID $TenantID -azureStackCredentials $azureStackCredentials -EnvironmentName "AzureStackAdmin"
```
# Remove a VM extension with PowerShell
You will need to reference your Azure Stack Administrator environment. To create an administrator environment use the below. The ARM endpoint below is the administrator default for a one-node environment.
```powershell
Add-AzureStackAzureRmEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external"
```
Run the below command to remove an uploaded VM extension.
```powershell
Remove-VMExtension -publisher "Publisher" -type "Type" -version "1.0.0.0" -osType Windows -tenantID $TenantID -azureStackCredentials $azureStackCredentials -EnvironmentName "AzureStackAdmin"
```
## VM Scale Set gallery item
VM Scale Set allows deployment of multi-VM collections. To add a gallery item with VM Scale Set:
1. Add evaluation Windows Server 2016 image using New-Server2016VMImage as described above.
1. Add evaluation Windows Server 2016 image using New-AzsServer2016VMImage as described above.
2. For linux support, download Ubuntu Server 16.04 and add it using Add-VmImage with the following parameters -publisher "Canonical" -offer "UbuntuServer" -sku "16.04-LTS"
1. For linux support, download Ubuntu Server 16.04 and add it using Add-AzsVMImage with the following parameters -publisher "Canonical" -offer "UbuntuServer" -sku "16.04-LTS"
3. Add VM Scale Set gallery item as follows
1. Add VM Scale Set gallery item as follows
```powershell
$TenantId = "<AAD Tenant Id used to connect to AzureStack>"
$Arm = "<AzureStack administrative Azure Resource Manager endpoint URL>"
$Location = "<The location name of your AzureStack Environment>"
Add-AzureStackAzureRmEnvironment -Name AzureStackAdmin -ArmEndpoint $Arm
Add-AzsEnvironment -Name AzureStackAdmin -ArmEndpoint $Arm
$Password = ConvertTo-SecureString -AsPlainText -Force "<your AzureStack admin user password>"
$User = "<your AzureStack admin user name>"
$Creds = New-Object System.Management.Automation.PSCredential $User, $Password
Login-AzureRmAccount -EnvironmentName AzureStackAdmin -Credential $Creds -TenantId $TenantId
$AzsEnv = Get-AzureRmEnvironment AzureStackAdmin
$AzsEnvContext = Add-AzureRmAccount -Environment $AzsEnv -Credential $Creds
Select-AzureRmProfile -Profile $AzsEnvContext
Select-AzureRmSubscription -SubscriptionName "Default Provider Subscription"
Add-AzureStackVMSSGalleryItem -Location $Location
```
Add-AzsVMSSGalleryItem -Location $Location
To remove VM Scale Set gallery item run the following command:
```powershell
Remove-AzureStackVMSSGalleryItem
Remove-AzsVMSSGalleryItem
```
Note that gallery item is not removed immediately. You could run the above command several times to determine when the item is actually gone.

45
ComputeAdmin/Tests/ComputeAdmin.Tests.ps1
Просмотреть файл

@ -11,13 +11,13 @@ Describe $script:ModuleName {
Should Not Be $null
}
It 'Add-VMImage should be exported' {
Get-Command -Name Add-VMImage -ErrorAction SilentlyContinue |
It 'Add-AzsVMImage should be exported' {
Get-Command -Name Add-AzsVMImage -ErrorAction SilentlyContinue |
Should Not Be $null
}
It 'Remove-VMImage should be exported' {
Get-Command -Name Remove-VMImage -ErrorAction SilentlyContinue |
It 'Remove-AzsVMImage should be exported' {
Get-Command -Name Remove-AzsVMImage -ErrorAction SilentlyContinue |
Should Not Be $null
}
}
@ -28,17 +28,11 @@ InModuleScope $script:ModuleName {
$HostComputer = $global:HostComputer
$ArmEndpoint = $global:ArmEndpoint
$natServer = $global:natServer
$AdminUser= $global:AdminUser
$AdminUser = $global:AdminUser
$AadServiceAdmin = $global:AadServiceAdmin
$AdminPassword = $global:AdminPassword
$AadServiceAdminPassword = $global:AadServiceAdminPassword
$stackLoginCreds = $global:AzureStackLoginCredentials
$VPNConnectionName = $global:VPNConnectionName
$AadTenant = $global:AadTenantID
$EnvironmentName = $global:EnvironmentName
# Generate Fake VHD for testing image upload
@ -59,38 +53,38 @@ InModuleScope $script:ModuleName {
Describe 'ComputeAdmin - Functional Tests' {
It 'CreateGalleryItem = "$false" -and title = specified should throw' {
{ Add-VMImage -publisher $publisher -offer $offer -sku $sku -version $version -osType $osType -osDiskLocalPath $osDiskPath -tenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredential $stackLoginCreds -CreateGalleryItem $false -title 'testTitle' } |
{ Add-AzsVMImage -publisher $publisher -offer $offer -sku $sku -version $version -osType $osType -osDiskLocalPath $osDiskPath -CreateGalleryItem $false -title 'testTitle' } |
Should Throw
}
It 'CreateGalleryItem = "$false" -and description = specified should throw' {
{ Add-VMImage -publisher $publisher -offer $offer -sku $sku -version $version -osType $osType -osDiskLocalPath $osDiskPath -tenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredential $stackLoginCreds -CreateGalleryItem $false -title 'testTitle' -CreateGalleryItem $false -description 'testdescription' } | Should Throw
{ Add-AzsVMImage -publisher $publisher -offer $offer -sku $sku -version $version -osType $osType -osDiskLocalPath $osDiskPath -CreateGalleryItem $false -title 'testTitle' -CreateGalleryItem $false -description 'testdescription' } | Should Throw
}
It 'Add-VMImage via local path and upload to storage account should succeed' {
{ Add-VMImage -publisher $publisher -offer $offer -sku $sku -version $version -osType $osType -osDiskLocalPath $osDiskPath -tenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredential $stackLoginCreds -CreateGalleryItem $false } |
It 'Add-AzsVMImage via local path and upload to storage account should succeed' {
{ Add-AzsVMImage -publisher $publisher -offer $offer -sku $sku -version $version -osType $osType -osDiskLocalPath $osDiskPath -CreateGalleryItem $false } |
Should Not Throw
}
It 'Remove-VMImage should successfully remove added VM Image' {
{ Remove-VMImage -publisher $publisher -offer $offer -sku $sku -version $version -tenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredential $stackLoginCreds} |
It 'Remove-AzsVMImage should successfully remove added VM Image' {
{ Remove-AzsVMImage -publisher $publisher -offer $offer -sku $sku -version $version} |
Should Not Throw
}
It 'Add-VMImage via local path and upload to storage account with gallery item should succeed' {
{ Add-VMImage -publisher $publisher -offer $offer -sku $gallerySku -version $version -osType $osType -osDiskLocalPath $osDiskPath -tenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredential $stackLoginCreds } |
It 'Add-AzsVMImage via local path and upload to storage account with gallery item should succeed' {
{ Add-AzsVMImage -publisher $publisher -offer $offer -sku $gallerySku -version $version -osType $osType -osDiskLocalPath $osDiskPath } |
Should Not Throw
}
It 'Remove-VMImage and Removing Marketplace Item should successfully complete' {
It 'Remove-AzsVMImage and Removing Marketplace Item should successfully complete' {
{
Remove-VMImage -publisher $publisher -offer $offer -sku $gallerySku -version $version -tenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredential $stackLoginCreds
Remove-AzsVMImage -publisher $publisher -offer $offer -sku $gallerySku -version $version
Get-AzureRMGalleryItem | Where-Object {$_.Name -contains "$publisher.$offer$gallerySku.$version"} | Remove-AzureRMGalleryItem
} | Should Not Throw
}
It 'Adding Ubuntu Linux 16.04 Image and Marketplace Item Succeeds' {
{ Add-VMImage -publisher "Canonical" -offer "UbuntuServer" -sku "16.04.1-LTS" -version "1.0.4" -osType Linux -EnvironmentName $EnvironmentName -osDiskLocalPath $ubuntuPath -tenantID $AadTenant -AzureStackCredential $stackLoginCreds} |
{ Add-AzsVMImage -publisher "Canonical" -offer "UbuntuServer" -sku "16.04.1-LTS" -version "1.0.4" -osType Linux -osDiskLocalPath $ubuntuPath} |
Should Not Throw
}
@ -100,9 +94,10 @@ InModuleScope $script:ModuleName {
$newOffer = "UbuntuServer"
$newSKU = "16.04.1-LTS"
$newVersion = "1.0.4"
Remove-VMImage -publisher $newPub -offer $newOffer -sku $newSKU -version $newVersion -tenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredential $stackLoginCreds
Remove-AzsVMImage -publisher $newPub -offer $newOffer -sku $newSKU -version $newVersion
$GalleryItemName = "$newOffer$newSKU"
$GalleryItemName = $GalleryItemName -replace "\.","-"
$GalleryItemName = $GalleryItemName -replace "\.", "-"
Get-AzureRMGalleryItem | Where-Object {$_.Name -contains "$newPub.$GalleryItemName.$newVersion"} | Remove-AzureRMGalleryItem
} | Should Not Throw
}
@ -112,4 +107,4 @@ InModuleScope $script:ModuleName {
Remove-Item $ubuntuPath
Remove-Item $osDiskPath
Remove-Item $dataDiskPath
}
}

318
Connect/AzureStack.Connect.psm1
Просмотреть файл

@ -4,198 +4,25 @@
#requires -Version 4.0
#requires -Modules AzureRM.Profile, VpnClient, AzureRM.AzureStackAdmin
<#
.SYNOPSIS
Registers all providers on the all subscription
#>
function Register-AllAzureRmProvidersOnAllSubscriptions {
foreach($s in (Get-AzureRmSubscription)) {
Select-AzureRmSubscription -SubscriptionId $s.SubscriptionId | Out-Null
Write-Progress $($s.SubscriptionId + " : " + $s.SubscriptionName)
Register-AllAzureRmProviders
}
}
Export-ModuleMember Register-AllAzureRmProvidersOnAllSubscriptions
<#
.SYNOPSIS
Registers all providers on the newly created subscription
#>
function Register-AllAzureRmProviders {
Get-AzureRmResourceProvider -ListAvailable | Register-AzureRmResourceProvider -Force
}
Export-ModuleMember Register-AllAzureRmProviders
<#
.SYNOPSIS
Obtains Aazure Active Directory tenant that was used when deploying the Azure Stack instance
#>
function Get-AzureStackAadTenant {
param (
[parameter(mandatory=$true, HelpMessage="Azure Stack One Node host address or name such as '1.2.3.4'")]
[string] $HostComputer,
[Parameter(HelpMessage="The Domain suffix of the environment VMs")]
[string] $DomainSuffix = 'azurestack.local',
[parameter(HelpMessage="Administrator user name of this Azure Stack Instance")]
[string] $User = "administrator",
[parameter(mandatory=$true, HelpMessage="Administrator password used to deploy this Azure Stack instance")]
[securestring] $Password
)
$Domain = $DomainSuffix
$UserCred = "$Domain\$User"
$credential = New-Object System.Management.Automation.PSCredential -ArgumentList $UserCred, $Password
Write-Verbose "Remoting to the Azure Stack host $HostComputer..." -Verbose
return Invoke-Command -ComputerName "$HostComputer" -Credential $credential -ScriptBlock `
{
Write-Verbose "Retrieving Azure Stack configuration..." -Verbose
$configFile = Get-ChildItem -Path C:\EceStore -Recurse | Where-Object {-not $_.PSIsContainer} | Sort-Object Length -Descending | Select-Object -First 1
$customerConfig = [xml] (Get-Content -Path $configFile.FullName)
$Parameters = $customerConfig.CustomerConfiguration
$fabricRole = $Parameters.Role.Roles.Role | Where-Object {$_.Id -eq "Fabric"}
$allFabricRoles = $fabricRole.Roles.ChildNodes
$idProviderRole = $allFabricRoles | Where-Object {$_.Id -eq "IdentityProvider"}
$idProviderRole.PublicInfo.AADTenant.Id
}
}
Export-ModuleMember Get-AzureStackAadTenant
<#
.SYNOPSIS
Adds Azure Stack environment to use with AzureRM command-lets when targeting Azure Stack
#>
function Add-AzureStackAzureRmEnvironment {
param (
[Parameter(mandatory=$true, HelpMessage="The Admin ARM endpoint of the Azure Stack Environment")]
[string] $ArmEndpoint,
[parameter(mandatory=$true, HelpMessage="Azure Stack environment name for use with AzureRM commandlets")]
[string] $Name
)
if(!$ARMEndpoint.Contains('https://')){
if($ARMEndpoint.Contains('http://')){
$ARMEndpoint = $ARMEndpoint.Substring(7)
$ARMEndpoint = 'https://' + $ARMEndpoint
}else{
$ARMEndpoint = 'https://' + $ARMEndpoint
}
}
$ArmEndpoint = $ArmEndpoint.TrimEnd("/")
$Domain = ""
try {
$uriARMEndpoint = [System.Uri] $ArmEndpoint
$i = $ArmEndpoint.IndexOf('.')
$Domain = ($ArmEndpoint.Remove(0,$i+1)).TrimEnd('/')
}
catch {
Write-Error "The specified ARM endpoint was invalid"
}
$ResourceManagerEndpoint = $ArmEndpoint
$stackdomain = $Domain
Write-Verbose "Retrieving endpoints from the $ResourceManagerEndpoint..." -Verbose
$endpoints = Invoke-RestMethod -Method Get -Uri "$($ResourceManagerEndpoint.ToString().TrimEnd('/'))/metadata/endpoints?api-version=2015-01-01" -ErrorAction Stop
$AzureKeyVaultDnsSuffix="vault.$($stackdomain)".ToLowerInvariant()
$AzureKeyVaultServiceEndpointResourceId= $("https://vault.$stackdomain".ToLowerInvariant())
$StorageEndpointSuffix = ($stackdomain).ToLowerInvariant()
$aadAuthorityEndpoint = $endpoints.authentication.loginEndpoint
$azureEnvironmentParams = @{
Name = $Name
ActiveDirectoryEndpoint = $endpoints.authentication.loginEndpoint.TrimEnd('/') + "/"
ActiveDirectoryServiceEndpointResourceId = $endpoints.authentication.audiences[0]
ResourceManagerEndpoint = $ResourceManagerEndpoint
GalleryEndpoint = $endpoints.galleryEndpoint
GraphEndpoint = $endpoints.graphEndpoint
GraphAudience = $endpoints.graphEndpoint
StorageEndpointSuffix = $StorageEndpointSuffix
AzureKeyVaultDnsSuffix = $AzureKeyVaultDnsSuffix
AzureKeyVaultServiceEndpointResourceId = $AzureKeyVaultServiceEndpointResourceId
EnableAdfsAuthentication = $aadAuthorityEndpoint.TrimEnd("/").EndsWith("/adfs", [System.StringComparison]::OrdinalIgnoreCase)
}
$armEnv = Get-AzureRmEnvironment -Name $Name
if($armEnv -ne $null) {
Write-Verbose "Updating AzureRm environment $Name" -Verbose
Remove-AzureRmEnvironment -Name $Name -Force | Out-Null
}
else {
Write-Verbose "Adding AzureRm environment $Name" -Verbose
}
return Add-AzureRmEnvironment @azureEnvironmentParams
}
Export-ModuleMember Add-AzureStackAzureRmEnvironment
<#
.SYNOPSIS
Obtains Azure Stack NAT address from the Azure Stack One Node instance
#>
function Get-AzureStackNatServerAddress {
param (
[parameter(mandatory=$true, HelpMessage="Azure Stack One Node host address or name such as '1.2.3.4'")]
[string] $HostComputer,
[Parameter(HelpMessage="The Domain suffix of the environment VMs")]
[string] $DomainSuffix = 'azurestack.local',
[parameter(HelpMessage="NAT computer name in this Azure Stack Instance")]
[string] $natServer = "azs-bgpnat01",
[parameter(HelpMessage="Administrator user name of this Azure Stack Instance")]
[string] $User = "administrator",
[parameter(mandatory=$true, HelpMessage="Administrator password used to deploy this Azure Stack instance")]
[securestring] $Password
)
$Domain = $DomainSuffix
$UserCred = "$Domain\$User"
$credential = New-Object System.Management.Automation.PSCredential -ArgumentList $UserCred, $Password
$nat = "$natServer.$Domain"
Write-Verbose "Remoting to the Azure Stack host $HostComputer..." -Verbose
return Invoke-Command -ComputerName "$HostComputer" -Credential $credential -ScriptBlock `
{
Write-Verbose "Remoting to the Azure Stack NAT server $using:nat..." -Verbose
Invoke-Command -ComputerName "$using:nat" -Credential $using:credential -ScriptBlock `
{
Write-Verbose "Obtaining external IP..." -Verbose
Get-NetIPConfiguration | Where-Object { $_.IPv4DefaultGateway -ne $null } | ForEach-Object { $_.IPv4Address.IPAddress }
}
}
}
Export-ModuleMember Get-AzureStackNatServerAddress
<#
.SYNOPSIS
Add VPN connection to an Azure Stack instance
#>
function Add-AzureStackVpnConnection {
function Add-AzsVpnConnection {
param (
[parameter(HelpMessage="Azure Stack VPN Connection Name such as 'my-poc'")]
[parameter(HelpMessage = "Azure Stack VPN Connection Name such as 'my-poc'")]
[string] $ConnectionName = "azurestack",
[parameter(mandatory=$true, HelpMessage="External IP of the Azure Stack Host such as '1.2.3.4'")]
[parameter(mandatory = $true, HelpMessage = "External IP of the Azure Stack NAT VM such as '1.2.3.4'")]
[string] $ServerAddress,
[parameter(mandatory=$true, HelpMessage="Administrator password used to deploy this Azure Stack instance")]
[parameter(mandatory = $true, HelpMessage = "Administrator password used to deploy this Azure Stack instance")]
[securestring] $Password
)
$existingConnection = Get-VpnConnection -Name $ConnectionName -ErrorAction Ignore
if ($existingConnection -ne $null) {
if ($existingConnection) {
Write-Verbose "Updating Azure Stack VPN connection named $ConnectionName" -Verbose
rasdial $ConnectionName /d
Remove-VpnConnection -name $ConnectionName -Force -ErrorAction Ignore
@ -216,21 +43,22 @@ function Add-AzureStackVpnConnection {
return $connection
}
Export-ModuleMember Add-AzureStackVpnConnection
Export-ModuleMember -Function 'Add-AzsVpnConnection'
<#
.SYNOPSIS
Connects to Azure Stack via VPN
#>
function Connect-AzureStackVpn {
function Connect-AzsVpn {
param (
[parameter(HelpMessage="Azure Stack VPN Connection Name such as 'my-poc'")]
[parameter(HelpMessage = "Azure Stack VPN Connection Name such as 'my-poc'")]
[string] $ConnectionName = "azurestack",
[parameter(HelpMessage="Administrator user name of this Azure Stack Instance")]
[parameter(HelpMessage = "Administrator user name of this Azure Stack Instance")]
[string] $User = "administrator",
[parameter(mandatory=$true, HelpMessage="Administrator password used to deploy this Azure Stack instance")]
[parameter(mandatory = $true, HelpMessage = "Administrator password used to deploy this Azure Stack instance")]
[securestring] $Password,
[parameter(HelpMessage="Indicate whether to retrieve and trust certificates from the environment after establishing a VPN connection")]
[parameter(HelpMessage = "Indicate whether to retrieve and trust certificates from the environment after establishing a VPN connection")]
[bool] $RetrieveCertificates = $true
)
@ -244,7 +72,7 @@ function Connect-AzureStackVpn {
$azshome = "$env:USERPROFILE\Documents\$ConnectionName"
if ($RetrieveCertificates){
if ($RetrieveCertificates) {
Write-Verbose "Connection-specific files will be saved in $azshome" -Verbose
New-Item $azshome -ItemType Directory -Force | Out-Null
@ -257,8 +85,8 @@ function Connect-AzureStackVpn {
Write-Verbose "Retrieving Azure Stack Root Authority certificate..." -Verbose
$cert = Invoke-Command -ComputerName "$hostIP" -ScriptBlock { Get-ChildItem cert:\currentuser\root | where-object {$_.Subject -like "*AzureStackSelfSignedRootCert*"} } -Credential $credential
if($cert -ne $null) {
if($cert.GetType().IsArray) {
if ($cert) {
if ($cert.GetType().IsArray) {
$cert = $cert[0] # take any that match the subject if multiple certs were deployed
}
@ -281,118 +109,36 @@ function Connect-AzureStackVpn {
}
Export-ModuleMember Connect-AzureStackVpn
Export-ModuleMember -Function 'Connect-AzsVpn'
<#
.SYNOPSIS
Retrieve the admin token and subscription ID needed to make REST calls directly to Azure Resource Manager
Connecting to your environment requires that you obtain the value of your Directory Tenant ID.
For **Azure Active Directory** environments provide your directory tenant name.
#>
function Get-AzureStackAdminSubTokenHeader {
param (
[parameter(mandatory=$true, HelpMessage="Name of the Azure Stack Environment")]
[string] $EnvironmentName,
[parameter(mandatory=$true, HelpMessage="TenantID of Identity Tenant")]
[string] $tenantID,
[parameter(HelpMessage="Credentials to retrieve token header for")]
[System.Management.Automation.PSCredential] $azureStackCredentials,
[parameter(HelpMessage="Name of the Administrator subscription")]
[string] $subscriptionName = "Default Provider Subscription"
)
$azureStackEnvironment = Get-AzureRmEnvironment -Name $EnvironmentName -ErrorAction SilentlyContinue
if($azureStackEnvironment -ne $null) {
$ARMEndpoint = $azureStackEnvironment.ResourceManagerUrl
}
else {
Write-Error "The Azure Stack Admin environment with the name $EnvironmentName does not exist. Create one with Add-AzureStackAzureRmEnvironment." -ErrorAction Stop
}
if(-not $azureStackCredentials){
$azureStackCredentials = Get-Credential
}
try{
Invoke-RestMethod -Method Get -Uri "$($ARMEndpoint.ToString().TrimEnd('/'))/metadata/endpoints?api-version=2015-01-01" -ErrorAction Stop | Out-Null
}catch{
Write-Error "The specified ARM endpoint: $ArmEndpoint is not valid for this environment. Please make sure you are using the correct administrator ARM endpoint for this environment." -ErrorAction Stop
}
$authority = $azureStackEnvironment.ActiveDirectoryAuthority
$activeDirectoryServiceEndpointResourceId = $azureStackEnvironment.ActiveDirectoryServiceEndpointResourceId
Login-AzureRmAccount -EnvironmentName $EnvironmentName -TenantId $tenantID -Credential $azureStackCredentials | Out-Null
try {
$subscription = Get-AzureRmSubscription -SubscriptionName $subscriptionName
}
catch {
Write-Error "Verify that the login credentials are for the administrator and that the specified ARM endpoint: $ArmEndpoint is the valid administrator ARM endpoint for this environment." -ErrorAction Stop
}
$subscription | Select-AzureRmSubscription | Out-Null
$powershellClientId = "0a7bdc5c-7b57-40be-9939-d4c5fc7cd417"
$savedWarningPreference = $WarningPreference
$WarningPreference = 'SilentlyContinue'
$adminToken = Get-AzureStackToken `
-Authority $authority `
-Resource $activeDirectoryServiceEndpointResourceId `
-AadTenantId $tenantID `
-ClientId $powershellClientId `
-Credential $azureStackCredentials
$WarningPreference = $savedWarningPreference
$headers = @{ Authorization = ("Bearer $adminToken") }
return $subscription.SubscriptionId, $headers
}
Export-ModuleMember Get-AzureStackAdminSubTokenHeader
function Get-AADTenantGUID () {
function Get-AzsDirectoryTenantId () {
[CmdletBinding(DefaultParameterSetName = 'AzureActiveDirectory')]
param(
[parameter(mandatory=$true, HelpMessage="AAD Directory Tenant <myaadtenant.onmicrosoft.com>")]
[string] $AADTenantName = "",
[parameter(mandatory=$false, HelpMessage="Azure Cloud")]
[ValidateSet("AzureCloud","AzureChinaCloud","AzureUSGovernment","AzureGermanCloud")]
[string] $AzureCloud = "AzureCloud"
)
$ADauth = (Get-AzureRmEnvironment -Name $AzureCloud).ActiveDirectoryAuthority
$endpt = "{0}{1}/.well-known/openid-configuration" -f $ADauth, $AADTenantName
$OauthMetadata = (Invoke-WebRequest -UseBasicParsing $endpt).Content | ConvertFrom-Json
$AADid = $OauthMetadata.Issuer.Split('/')[3]
$AADid
}
Export-ModuleMember Get-AADTenantGUID
function Get-DirectoryTenantID () {
[CmdletBinding(DefaultParameterSetName='AzureActiveDirectory')]
param(
[Parameter(Mandatory=$true, ParameterSetName='ADFS')]
[Parameter(Mandatory = $true, ParameterSetName = 'ADFS')]
[switch] $ADFS,
[parameter(mandatory=$true,ParameterSetName='AzureActiveDirectory', HelpMessage="AAD Directory Tenant <myaadtenant.onmicrosoft.com>")]
[string] $AADTenantName = "",
[parameter(mandatory = $true, ParameterSetName = 'AzureActiveDirectory', HelpMessage = "AAD Directory Tenant <myaadtenant.onmicrosoft.com>")]
[string] $AADTenantName,
[Parameter(Mandatory=$true, ParameterSetName='ADFS')]
[Parameter(Mandatory=$true, ParameterSetName='AzureActiveDirectory')]
[Parameter(Mandatory = $true, ParameterSetName = 'ADFS')]
[Parameter(Mandatory = $true, ParameterSetName = 'AzureActiveDirectory')]
[string] $EnvironmentName
)
$ADauth = (Get-AzureRmEnvironment -Name $EnvironmentName).ActiveDirectoryAuthority
if($ADFS -eq $true){
if(-not (Get-AzureRmEnvironment -Name $EnvironmentName).EnableAdfsAuthentication){
if ($ADFS -eq $true) {
if (-not (Get-AzureRmEnvironment -Name $EnvironmentName).EnableAdfsAuthentication) {
Write-Error "This environment is not configured to do ADFS authentication." -ErrorAction Stop
}
return $(Invoke-RestMethod $("{0}/.well-known/openid-configuration" -f $ADauth.TrimEnd('/'))).issuer.TrimEnd('/').Split('/')[-1]
}else{
}
else {
$endpt = "{0}{1}/.well-known/openid-configuration" -f $ADauth, $AADTenantName
$OauthMetadata = (Invoke-WebRequest -UseBasicParsing $endpt).Content | ConvertFrom-Json
$AADid = $OauthMetadata.Issuer.Split('/')[3]
@ -400,4 +146,4 @@ function Get-DirectoryTenantID () {
}
}
Export-ModuleMember Get-DirectoryTenantID
Export-ModuleMember Get-AzsDirectoryTenantId

Двоичные данные
Connect/EnvironmentAdd.gif Normal file
Просмотреть файл

Двоичный файл не отображается.
Режим "рядом"

После

Ширина:  |  Высота:  |  Размер: 2.8 MiB

66
Connect/README.md
Просмотреть файл

@ -1,12 +1,14 @@
# Connection Scripts
As a prerequisite, make sure that you installed the correct PowerShell modules and versions:
```powershell
Install-Module -Name 'AzureRm.Bootstrapper' -Scope CurrentUser
Install-AzureRmProfile -profile '2017-03-09-profile' -Force -Scope CurrentUser
Install-Module -Name AzureStack -RequiredVersion 1.2.9 -Scope CurrentUser
Install-Module -Name AzureStack -RequiredVersion 1.2.10 -Scope CurrentUser
```
This tool set allows you to connect to an Azure Stack PoC (Proof of Concept) instance from an external personal laptop. You can then access the portal or log into that environment via PowerShell.
This tool set allows you to connect to an Azure Stack Development Kit (ASDK) instance from an external personal laptop. You can then access the portal or log into that environment via PowerShell.
Instructions below are relative to the .\Connect folder of the [AzureStack-Tools repo](..).
@ -14,22 +16,24 @@ Instructions below are relative to the .\Connect folder of the [AzureStack-Tools
Import-Module .\AzureStack.Connect.psm1
```
# VPN to Azure Stack Proof of Concept
## VPN to Azure Stack Development Kit
The [Connect to Azure Stack](https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-connect-azure-stack) document describes ways to connect to your Azure Stack Proof of Concept environment.
![VPN to Azure Stack Development Kit](https://github.com/Azure/AzureStack-Tools/raw/renamestaging/Connect/VPNConnection.gif)
One method is to establish a split tunnel VPN connection to an Azure Stack PoC.
This allows your client computer to become part of the Azure Stack PoC network system and therefore resolve Azure Stack endpoints.
The [Connect to Azure Stack](https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-connect-azure-stack) document describes ways to connect to your Azure Stack Development Kit environment.
The tool will also download root certificate of the targeted Azure Stack PoC instance locally to your client computer.
One method is to establish a split tunnel VPN connection to an Azure Stack Development Kit.
This allows your client computer to become part of the Azure Stack Development Kit network system and therefore resolve Azure Stack endpoints.
The tool will also download the root certificate of the targeted Azure Stack Development Kit instance locally to your client computer.
This will ensure that SSL sites of the target Azure Stack installation are trusted by your client when accessed from the browser or from the command-line tools.
To connect to Azure Stack PoC via VPN, first locate the host IP address of the target installation.
To connect to an Azure Stack Development Kit via VPN, you will need to know the host IP address of the target installation.
The commands below need to access the Azure Stack PoC host computer, so it needs to be a trusted host in PowerShell. Run PowerShell as administrator and modify TrustedHosts as follows.
The commands below need to access the Azure Stack Development Kit host computer, so it needs to be a trusted host in PowerShell. Run PowerShell as administrator and modify TrustedHosts as follows.
```powershell
# Add Azure Stack PoC host to the trusted hosts on your client computer
# Add Azure Stack Development Kit host to the trusted hosts on your client computer
Set-Item wsman:\localhost\Client\TrustedHosts -Value "<Azure Stack host IP address>" -Concatenate
```
@ -43,43 +47,43 @@ Then connect your client computer to the environment as follows.
```powershell
# Create VPN connection entry for the current user
Add-AzureStackVpnConnection -ServerAddress <Host IP Address> -Password $Password
Add-AzsVpnConnection -ServerAddress <Host IP Address> -Password $Password
# Connect to the Azure Stack instance. This command can be used multiple times.
Connect-AzureStackVpn -Password $Password
Connect-AzsVpn -Password $Password
```
## Configure Azure Stack PowerShell Environment
![Adding Azure Stack Environment](https://github.com/Azure/AzureStack-Tools/raw/renamestaging/Connect/EnvironmentAdd.gif)
# Configure Azure Stack PowerShell Environment
One method of deploying templates and interacting with your Azure Stack PoC is to access it via PowerShell.
One method of deploying templates and interacting with your Azure Stack Development Kit is to access it via PowerShell.
See the [Azure Stack Install PowerShell](https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-connect-powershell) article to download and install the correct PowerShell modules for Azure Stack.
AzureRM cmdlets can be targeted at multiple Azure clouds such as Azure China, Government, and Azure Stack.
To target your Azure Stack instance as a tenant, an AzureRM environment needs to be registered as follows. The ARM endpoint below is the tenant default for a one-node environment. AzureRM cmdlets can be targeted at multiple Azure clouds such as Azure China, Government, and Azure Stack.
To target your Azure Stack instance as a tenant, an AzureRM environment needs to be registered as follows. The ARM endpoint below is the tenant default for a one-node environment.
```powershell
Add-AzureStackAzureRmEnvironment -Name AzureStack -ArmEndpoint "https://management.local.azurestack.external"
Add-AzureRMEnvironment -Name AzureStack -ArmEndpoint "https://management.local.azurestack.external"
```
To create an administrator environment use the below. The ARM endpoint below is the administrator default for a one-node environment.
```powershell
Add-AzureStackAzureRmEnvironment -Name AzureStackAdmin -ArmEndpoint "https://adminmanagement.local.azurestack.external"
Add-AzureRMEnvironment -Name AzureStackAdmin -ArmEndpoint "https://adminmanagement.local.azurestack.external"
```
Connecting to your environment requires that you obtain the value of your Directory Tenant ID. For **Azure Active Directory** environments provide your directory tenant name:
```powershell
$TenantID = Get-DirectoryTenantID -AADTenantName "<mydirectorytenant>.onmicrosoft.com" -EnvironmentName AzureStackAdmin
$TenantID = Get-AzsDirectoryTenantId -AADTenantName "<mydirectorytenant>.onmicrosoft.com" -EnvironmentName AzureStackAdmin
```
For **ADFS** environments use the following:
```powershell
$TenantID = Get-DirectoryTenantID -ADFS -EnvironmentName AzureStackAdmin
$TenantID = Get-AzsDirectoryTenantId -ADFS -EnvironmentName AzureStackAdmin
```
After registering the AzureRM environment, cmdlets can be easily targeted at your Azure Stack instance. For example:
@ -93,25 +97,3 @@ Similarly, for targeting the administrator endpoints:
```powershell
Login-AzureRmAccount -EnvironmentName "AzureStackAdmin" -TenantId $TenantID
```
## Register Azure RM Providers on new subscriptions
If you are intending to use newly created subscriptions via PowerShell, CLI or direct API calls before deploying any templates or using the Portal, you need to ensure that resource providers are registered on the subscription.
To register providers on the current subscription, do the following.
```powershell
Register-AllAzureRmProviders
```
To register all resource providers on all your subscriptions after logging in using Add-AzureRmAccount do the following. Note that this can take a while.
```powershell
Register-AllAzureRmProvidersOnAllSubscriptions
```
These registrations are idempotent and can be run multiple times. If provider has already been registered, it will simply be reported in the output.

73
Connect/Tests/Connect.Tests.ps1
Просмотреть файл

@ -12,39 +12,19 @@ Describe $script:ModuleName {
Get-Module -Name $script:ModuleName |
Should Not Be $null
}
It 'Register-AllAzureRmProvidersOnAllSubscriptions should be exported' {
Get-Command -Name Register-AllAzureRmProvidersOnAllSubscriptions -ErrorAction SilentlyContinue |
Should Not Be $null
}
It 'Register-AllAzureRmProviders should be exported' {
Get-Command -Name Register-AllAzureRmProviders -ErrorAction SilentlyContinue |
Should Not Be $null
}
It 'Get-AzureStackAadTenant should be exported' {
Get-Command -Name Get-AzureStackAadTenant -ErrorAction SilentlyContinue |
Should Not Be $null
}
It 'Add-AzureStackAzureRmEnvironment should be exported' {
Get-Command -Name Add-AzureStackAzureRmEnvironment -ErrorAction SilentlyContinue |
It 'Add-AzsEnvironment should be exported' {
Get-Command -Name Add-AzsEnvironment -ErrorAction SilentlyContinue |
Should Not Be $null
}
It 'Get-AzureStackNatServerAddress should be exported' {
Get-Command -Name Get-AzureStackNatServerAddress -ErrorAction SilentlyContinue |
It 'Add-AzsVpnConnection should be exported' {
Get-Command -Name Add-AzsVpnConnection -ErrorAction SilentlyContinue |
Should Not Be $null
}
It 'Add-AzureStackVpnConnection should be exported' {
Get-Command -Name Add-AzureStackVpnConnection -ErrorAction SilentlyContinue |
Should Not Be $null
}
It 'Connect-AzureStackVpn should be exported' {
Get-Command -Name Connect-AzureStackVpn -ErrorAction SilentlyContinue |
It 'Connect-AzsVpn should be exported' {
Get-Command -Name Connect-AzsVpn -ErrorAction SilentlyContinue |
Should Not Be $null
}
}
@ -68,36 +48,25 @@ InModuleScope $script:ModuleName {
$EnvironmentName = $global:EnvironmentName
Set-Item wsman:\localhost\Client\TrustedHosts -Value $HostComputer -Concatenate
Set-Item wsman:\localhost\Client\TrustedHosts -Value azs-ca01.azurestack.local -Concatenate
Set-Item wsman:\localhost\Client\TrustedHosts -Value Azs-ca01.azurestack.local -Concatenate
Describe 'ConnectModule - Accessing Environment Data' {
It 'Recovered AAD Tenant ID should be correct' {
$global:AadTenantID = Get-AzureStackAadTenant -HostComputer $HostComputer -User $AdminUser -Password $AdminPassword
Write-Verbose "Aad Tenant ID is $global:AadTenantID" -Verbose
$global:AadTenantID | Should Not Be $null
}
It 'Get-AzureStackNatServerAddress should return valid NAT address' {
$script:NatIPAddress = Get-AzureStackNatServerAddress -natServer $natServer -HostComputer $HostComputer -User $AdminUser -Password $AdminPassword
Write-Verbose "Returned NAT IP Address of $natIPAddress" -Verbose
[IPAddress]$script:NatIPAddress | Should Not Be $null
}
It 'Add-AzureStackVpnConnection should correctly return a VPN connection to a One Node' {
Add-AzureStackVpnConnection -ServerAddress $script:NatIPAddress -ConnectionName $VPNConnectionName -Password $AdminPassword
It 'Add-AzsVpnConnection should correctly return a VPN connection to a One Node' {
Add-AzsVpnConnection -ServerAddress $script:NatIPAddress -ConnectionName $VPNConnectionName -Password $AdminPassword
Get-VpnConnection -Name $VPNConnectionName | Should Not Be $null
}
It 'Connect-AzureStackVpn should successfully connect to a One Node environment' {
{Connect-AzureStackVpn -ConnectionName $VPNConnectionName -User $AdminUser -Password $AdminPassword} | Should Not Throw
It 'Connect-AzsVpn should successfully connect to a One Node environment' {
{Connect-AzsVpn -ConnectionName $VPNConnectionName -User $AdminUser -Password $AdminPassword} | Should Not Throw
}
It 'Add-AzureStackAzureRmEnvironment should successfully add a an administrator environment' {
Add-AzureStackAzureRmEnvironment -ArmEndpoint $armEndpoint -Name $EnvironmentName
It 'Add-AzsEnvironment should successfully add a an administrator environment' {
Add-AzsEnvironment -ArmEndpoint $armEndpoint -Name $EnvironmentName
Get-AzureRmEnvironment -Name $EnvironmentName | Should Not Be $null
}
It 'User should be able to login to environment successfully created by Add-AzureStackAzureRmEnvironment' {
It 'User should be able to login to environment successfully created by Add-AzsEnvironment' {
Write-Verbose "Aad Tenant ID is $global:AadTenantID" -Verbose
Write-Verbose "Passing credential to Login-AzureRmAccount" -Verbose
{Login-AzureRmAccount -EnvironmentName $EnvironmentName -TenantId $global:AadTenantID -Credential $global:AzureStackLoginCredentials} | Should Not Throw
@ -107,25 +76,25 @@ InModuleScope $script:ModuleName {
Get-AzureRmResourceGroup | Should Not Be $null
}
It 'Get-AzureStackAdminSubTokenHeader should retrieve a valid admin token' {
$subID, $headers = Get-AzureStackAdminSubTokenHeader -TenantID $global:AadTenantID -EnvironmentName $EnvironmentName -AzureStackCredentials $stackLoginCreds
It 'Get-AzsAdminSubTokenheader should retrieve a valid admin token' {
$subID, $headers = Get-AzsAdminSubTokenheader -TenantID $global:AadTenantID -EnvironmentName $EnvironmentName -AzureStackCredentials $stackLoginCreds
Write-Verbose "Admin subscription ID was $subID" -Verbose
Write-Verbose "Acquired token was $headers.Authorization" -Verbose
$headers.Authorization | Should Not Be $null
$subID | Should Not Be $null
}
It 'Register-AllAzureRmProviders should register all resource providers for the current subscription' {
Register-AllAzureRmProviders
It 'Register-AzsProvider should register all resource providers for the current subscription' {
Register-AzsProvider
$unRegisteredProviders = Get-AzureRmResourceProvider | Where-Object {$_.RegistrationState -ne "Registered"}
$unRegisteredProviders | Should Be $null
}
It 'Register-AllAzureRmProvidersOnAllSubscriptions should register all resource providers for all subscriptions' {
Register-AllAzureRmProvidersOnAllSubscriptions
It 'Register-AzsProviderOnAllSubscriptions should register all resource providers for all subscriptions' {
Register-AzsProviderOnAllSubscriptions
$unRegisteredProviders = Get-AzureRmResourceProvider | Where-Object {$_.RegistrationState -ne "Registered"}
$unRegisteredProviders | Should Be $null
}
}
}
}

Двоичные данные
Connect/VPNConnection.gif Normal file
Просмотреть файл

Двоичный файл не отображается.
Режим "рядом"

После

Ширина:  |  Высота:  |  Размер: 5.7 MiB

Двоичные данные
Deployment/Deployment.gif Normal file
Просмотреть файл

Двоичный файл не отображается.
Режим "рядом"

После

Ширина:  |  Высота:  |  Размер: 3.0 MiB

8
Deployment/README.md
Просмотреть файл

@ -26,7 +26,7 @@ $LocalPath = 'c:\AzureStack_Installer'
New-Item $LocalPath -Type directory
# Download file
Invoke-WebRequest $uri -OutFile ($LocalPath + '\' + asdk-installer.ps1)
Invoke-WebRequest $uri -OutFile ($LocalPath + '\' + 'asdk-installer.ps1')
```
## Prepare the SafeOS for deployment
@ -65,7 +65,7 @@ Click install to start the deployment wizard. Select the preferred identity prov
- **Azure Cloud** : Azure Active Directory
- **ADFS** : Local ADFS instance as part of the installation
If you selected Azure Cloud, specify the credentials of an account with the Global Admin role in an Azure Active Directory tenant. This account will also be used to administer your Azure Stack Development Kit. If this account is part of multiple active directory tenants you can check the tenantID and override the default value with the name of the desired directory tenant for the installation.
If you selected Azure Cloud, specify the Azure Active Directory tenant (e.g. azurestack.onmicrosoft.com).
Submit the local administrator password. This value submitted has to match the current configured local administrator password.
@ -73,7 +73,9 @@ In the network interface screen, select the adapter that will be used for the Az
The network configuration screen allows you to specify the settings for the BGPNAT vm. The default settings uses DHCP for the BGPNAT vm. You can set it to static, but only use this parameter if DHCP cant assign a valid IP address for Azure Stack to access the Internet. A static IP address needs to be specified with the subnetmask length (e.g. 10.0.0.5/24). Optionally you can specify the TimeServer, DNS Server and VLAN ID.
The summary screen displays the PowerSheel script that will be executed. Click deploy start the deployment of the Azure Stack Development Kit.
The summary screen displays the PowerShell script that will be executed. Click deploy start the deployment of the Azure Stack Development Kit.
> Note: When you have selected Azure Cloud as the identity provider, you will be prompted 2 to 3 minutes after the deployment has started. Please ensure you submit your Azure AD credentials.
## Rerun and gather logs

321
Deployment/asdk-installer.ps1
Просмотреть файл

@ -29,10 +29,11 @@ The Azure Stack Development Kit installer UI script is based on PowerShell and t
#region Text
$Text_Generic = @{}
$Text_Generic.Password_NotMatch = "Passwords do not match"
$Text_Generic.Regex_Fqdn = "An FQDN can only contain A-Z, a-z, 0-9 and a hyphen"
$Text_Generic.Regex_Computername = "Computername must be 15 characters or less and can only contain A-Z, a-z, 0-9 and a hyphen"
$Text_Generic.Regex_EmailAddress = "Please specify valid email address"
$Text_Generic.Regex_IpAddress = "Ip Address must be specified in the x.x.x.x format"
$Text_Generic.Regex_IpAddressCidr = "Ip Address must be specified in the x.x.x.x/x format"
$Text_Generic.Regex_LocalAdmin = "The specified password does not match the current local administrator password"
$Text_SafeOS = @{}
$Text_SafeOS.Mode_Title = "Prepare for Deployment"
@ -41,15 +42,15 @@ $Text_SafeOS.Mode_LeftContent = "Prepare the Cloudbuilder vhdx"
$Text_SafeOS.Mode_RightTitle = "Online documentation"
$Text_SafeOS.Mode_RightContent = "Read the online documentation."
$Text_SafeOS.Prepare_Title = "Select Cloudbuilder vhdx"
$Text_SafeOS.Prepare_VHDX_IsMounted = "This VHDX is already mounted"
$Text_SafeOS.Prepare_VHDX_IsMounted = "This vhdx is already mounted"
$Text_SafeOS.Prepare_VHDX_InvalidPath = "Not a valid Path"
$Text_SafeOS.Prepare_Drivers_InvalidPath = "Not a valid Path"
$Text_SafeOS.Unattend_Title = "Prepare Unattend File"
$Text_SafeOS.Unattend_Title = "Optional settings"
$Text_SafeOS.NetInterface_Title = "Select Network Interface for the Azure Stack host"
$Text_SafeOS.NetInterface_Warning = "Select the network interface that will be configured for the host of the Azure Stack Development Kit. Ensure you have network connectivity to the selected network adapter before proceeding."
$Text_SafeOS.NetConfig_Title = "Azure Stack host IP configuration"
$Text_SafeOS.Job_Title = "Preparing cloudbuilder vhdx"
$Text_SafeOS.Summary_Content = "The Cloudbuilder VHD is prepared succesfully. Please reboot. The server will boot from the CloudBuilder VHD and you can start the installation after signing in as the administrator."
$Text_SafeOS.Job_Title = "Preparing the environment"
$Text_SafeOS.Summary_Content = "The cloudbuilder vhdx is prepared succesfully. Please reboot. The server will boot from the CloudBuilder VHD and you can start the installation after signing in as the administrator."
$Text_SafeOS.Mode_RightLink = "https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-run-powershell-script"
$Text_Install = @{}
@ -65,6 +66,7 @@ $Text_Install.NetConfig_Title = "Network Configuration for BGPNAT01"
$Text_Install.Credentials_Title = "Specify Identity Provider and Credentials"
$Text_Install.Summary_Title = "Summary"
$Text_Install.Summary_Content = "The following script will be used for deploying the Development Kit"
$Text_Install.Summary_Warning = "You will be prompted for your Azure AD credentials 2-3 minutes after the installation starts"
$Text_Rerun = @{}
$Text_Rerun.Mode_Title = "Rerun Installation"
@ -588,27 +590,27 @@ $Xaml = @'
<CheckBox x:Name="Control_Unattend_Chb_LocalAdmin" VerticalAlignment="Center" Content="Configure local admin account" Margin="0,0,0,10" IsChecked="True" />
<StackPanel x:Name="Control_Unattend_Stp_LocalAdmin" Visibility="Visible">
<StackPanel Orientation="Horizontal" Margin="25,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Username:" Width="100" HorizontalAlignment="Left"/>
<TextBox BorderBrush="#ABADB3" Width="425" Text="Administrator" IsEnabled="False" />
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Username:" Width="120" HorizontalAlignment="Left"/>
<TextBox BorderBrush="#ABADB3" Width="405" Text="Administrator" IsEnabled="False" />
</StackPanel>
<StackPanel Orientation="Horizontal" Margin="25,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Password:" Width="100" HorizontalAlignment="Left"/>
<PasswordBox x:Name="Control_Unattend_Pwb_LocalPassword" BorderBrush="#ABADB3" Width="425" />
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Password:" Width="120" HorizontalAlignment="Left"/>
<PasswordBox x:Name="Control_Unattend_Pwb_LocalPassword" BorderBrush="#ABADB3" Width="405" />
</StackPanel>
<StackPanel Orientation="Horizontal" Margin="25,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Confirm Pwd:" Width="100" HorizontalAlignment="Left"/>
<PasswordBox x:Name="Control_Unattend_Pwb_LocalPasswordConfirm" BorderBrush="#ABADB3" Width="425" IsEnabled="False" />
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Confirm Password:" Width="120" HorizontalAlignment="Left"/>
<PasswordBox x:Name="Control_Unattend_Pwb_LocalPasswordConfirm" BorderBrush="#ABADB3" Width="405" IsEnabled="False" />
</StackPanel>
</StackPanel>
<CheckBox x:Name="Control_Unattend_Chb_Computername" VerticalAlignment="Center" Content="Computername" Margin="0,0,0,10" />
<StackPanel x:Name="Control_Unattend_Stp_Computername" Visibility="Collapsed">
<TextBox x:Name="Control_Unattend_Tbx_Computername" BorderBrush="#ABADB3" Width="425" Text="" HorizontalAlignment="Right"/>
<TextBox x:Name="Control_Unattend_Tbx_Computername" BorderBrush="#ABADB3" Width="405" Text="" HorizontalAlignment="Right"/>
</StackPanel>
<CheckBox x:Name="Control_Unattend_Chb_TimeZone" VerticalAlignment="Center" Content="Time Zone" Margin="0,0,0,10" />
<StackPanel x:Name="Control_Unattend_Stp_TimeZone" Visibility="Collapsed">
<StackPanel Orientation="Horizontal" Margin="25,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Timezone:" Width="100" HorizontalAlignment="Left"/>
<ComboBox x:Name="Control_Unattend_Cbx_Timezone" Foreground="#EBEBEB" FontFamily="Segoe UI" FontSize="14" Width="425" />
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Timezone:" Width="120" HorizontalAlignment="Left"/>
<ComboBox x:Name="Control_Unattend_Cbx_Timezone" Foreground="#EBEBEB" FontFamily="Segoe UI" FontSize="14" Width="405" />
</StackPanel>
</StackPanel>
<CheckBox x:Name="Control_Unattend_Chb_StaticIP" VerticalAlignment="Center" Content="Static IP configuration" Margin="0,0,0,10" />
@ -626,37 +628,24 @@ $Xaml = @'
<StackPanel Orientation="Horizontal" Margin="0,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Type:" Width="100" HorizontalAlignment="Left"/>
<ComboBox Width="450" x:Name="Control_Creds_Cbx_Idp" Foreground="#EBEBEB" FontFamily="Segoe UI" FontSize="14" >
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Type:" Width="120" HorizontalAlignment="Left"/>
<ComboBox Width="430" x:Name="Control_Creds_Cbx_Idp" Foreground="#EBEBEB" FontFamily="Segoe UI" FontSize="14" >
</ComboBox>
</StackPanel>
<StackPanel x:Name="Control_Creds_Stp_AAD" Visibility="Visible">
<StackPanel Orientation="Horizontal" Margin="0,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Username:" Width="100" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_Creds_Tbx_AADUsername" BorderBrush="#ABADB3" Width="450" IsEnabled="False" />
</StackPanel>
<StackPanel Orientation="Horizontal" Margin="0,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Password:" Width="100" HorizontalAlignment="Left"/>
<PasswordBox x:Name="Control_Creds_Pwb_AADPassword" BorderBrush="#ABADB3" Width="450" IsEnabled="False" />
</StackPanel>
<StackPanel Orientation="Horizontal" Margin="0,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Confirm Pwd:" Width="100" HorizontalAlignment="Left"/>
<PasswordBox x:Name="Control_Creds_Pwb_AADPasswordConfirm" BorderBrush="#ABADB3" Width="450" IsEnabled="False"/>
</StackPanel>
<StackPanel Orientation="Horizontal" Margin="0,0,0,10">
<CheckBox x:Name="Control_Creds_Chb_AADTenant" VerticalAlignment="Center" Content="Tenant:" Width="100" IsEnabled="False" />
<TextBox x:Name="Control_Creds_Tbx_AADTenant" BorderBrush="#ABADB3" Width="450" IsEnabled="False" />
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="AAD Tenant:" Width="120" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_Creds_Tbx_AADTenant" BorderBrush="#ABADB3" Width="430" IsEnabled="False" />
</StackPanel>
</StackPanel>
<StackPanel x:Name="Control_Creds_Stp_LocalPassword" Visibility="Visible">
<TextBlock FontSize="16" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Local Administrator Password" Margin="0,0,0,10"/>
<StackPanel Orientation="Horizontal" Margin="0,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Password:" Width="100" HorizontalAlignment="Left"/>
<PasswordBox x:Name="Control_Creds_Pwb_LocalPassword" BorderBrush="#ABADB3" Width="450" IsEnabled="False" />
</StackPanel>
<StackPanel Orientation="Horizontal" Margin="0,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Confirm Pwd:" Width="100" HorizontalAlignment="Left"/>
<PasswordBox x:Name="Control_Creds_Pwb_LocalPasswordConfirm" BorderBrush="#ABADB3" Width="450" IsEnabled="False" />
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Password:" Width="120" HorizontalAlignment="Left"/>
<Grid>
<PasswordBox x:Name="Control_Creds_Pwb_LocalPassword" BorderBrush="#ABADB3" Width="430"/>
<Path x:Name="Control_Creds_Pth_LocalPassword" SnapsToDevicePixels="False" StrokeThickness="3" Data="M2,10 L8,16 L15,5" Stroke="#92D050" Margin="300,0,0,0" Visibility="Hidden"/>
</Grid>
</StackPanel>
</StackPanel>
</StackPanel>
@ -726,30 +715,30 @@ $Xaml = @'
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Static" Width="100" HorizontalAlignment="Left" Padding="5,0,0,0"/>
</RadioButton>
<StackPanel Orientation="Horizontal" Margin="0,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Ip Address:" Width="100" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_NetConfig_Tbx_IpAddress" BorderBrush="#ABADB3" Width="450" IsEnabled="False"/>
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Ip Address:" Width="120" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_NetConfig_Tbx_IpAddress" BorderBrush="#ABADB3" Width="430" IsEnabled="False"/>
</StackPanel>
<StackPanel Orientation="Horizontal" Margin="0,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Gateway:" Width="100" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_NetConfig_Tbx_Gateway" BorderBrush="#ABADB3" Width="450" IsEnabled="False"/>
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Gateway:" Width="120" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_NetConfig_Tbx_Gateway" BorderBrush="#ABADB3" Width="430" IsEnabled="False"/>
</StackPanel>
<StackPanel Orientation="Horizontal" Margin="0,0,0,10" x:Name="Control_NetConfig_Stp_DNS">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="DNS:" Width="100" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_NetConfig_Tbx_DNS" BorderBrush="#ABADB3" Width="450" IsEnabled="False"/>
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="DNS:" Width="120" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_NetConfig_Tbx_DNS" BorderBrush="#ABADB3" Width="430" IsEnabled="False"/>
</StackPanel>
<StackPanel x:Name="Control_NetConfig_Stp_Optional">
<TextBlock FontSize="16" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Optional Configuration" Margin="0,0,0,10"/>
<StackPanel Orientation="Horizontal" Margin="0,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="VLAN ID:" Width="100" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_NetConfig_Tbx_VlanID" BorderBrush="#ABADB3" Width="450" />
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="VLAN ID:" Width="120" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_NetConfig_Tbx_VlanID" BorderBrush="#ABADB3" Width="430" />
</StackPanel>
<StackPanel Orientation="Horizontal" Margin="0,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="DNS Forwarder:" Width="100" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_NetConfig_Tbx_DnsForwarder" BorderBrush="#ABADB3" Width="450"/>
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="DNS Forwarder:" Width="120" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_NetConfig_Tbx_DnsForwarder" BorderBrush="#ABADB3" Width="430"/>
</StackPanel>
<StackPanel Orientation="Horizontal" Margin="0,0,0,10">
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Time Server:" Width="100" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_NetConfig_Tbx_TimeServer" BorderBrush="#ABADB3" Width="450" />
<TextBlock FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" Text="Time Server:" Width="120" HorizontalAlignment="Left"/>
<TextBox x:Name="Control_NetConfig_Tbx_TimeServer" BorderBrush="#ABADB3" Width="430" />
</StackPanel>
</StackPanel>
</StackPanel>
@ -780,15 +769,14 @@ $Xaml = @'
<ColumnDefinition Width="550"/>
</Grid.ColumnDefinitions>
<Grid.RowDefinitions>
<RowDefinition />
<RowDefinition />
<RowDefinition/>
<RowDefinition/>
<RowDefinition />
<RowDefinition />
</Grid.RowDefinitions>
<TextBlock x:Name="Control_Summary_Tbl_Header1" Grid.Row="0" TextWrapping="Wrap" FontSize="16" FontFamily="Segoe UI" Foreground="#EBEBEB" HorizontalAlignment="Left" Margin="0,0,0,10" />
<TextBlock x:Name="Control_Summary_Tbl_Header2" Grid.Row="2" TextWrapping="Wrap" FontSize="16" FontFamily="Segoe UI" Foreground="#EBEBEB" HorizontalAlignment="Left" Margin="0,0,0,10" />
<TextBlock x:Name="Control_Summary_Tbl_Content1" Grid.Row="1" TextWrapping="Wrap" FontSize="14" FontFamily="Segoe UI" Foreground="#A0A0A0" HorizontalAlignment="Left" Margin="0,0,0,10" />
<TextBlock x:Name="Control_Summary_Tbl_Content2" Grid.Row="3" TextWrapping="Wrap" FontSize="14" FontFamily="Segoe UI" Foreground="#A0A0A0" HorizontalAlignment="Left" Margin="0,0,0,10" />
<TextBox x:Name="Control_Summary_Tbx_Content1" Grid.Row="1" TextWrapping="Wrap" FontSize="14" FontFamily="Segoe UI" Foreground="#A0A0A0" HorizontalAlignment="Left" Margin="0,0,0,10" Padding="5" Width="550" IsReadOnly="True" Visibility="Collapsed" BorderBrush="#ABADB3" />
<TextBlock x:Name="Control_Summary_Tbl_Content1" Grid.Row="2" TextWrapping="Wrap" FontSize="14" FontFamily="Segoe UI" Foreground="#EBEBEB" HorizontalAlignment="Left" Margin="0,0,0,10" />
<Path x:Name="Control_Summary_Pth_Content1" Grid.Row="2" SnapsToDevicePixels="False" StrokeThickness="1" Data="M13,10H11V6H13M13,14H11V12H13M20,2H4A2,2 0 0,0 2,4V22L6,18H20A2,2 0 0,0 22,16V4C22,2.89 21.1,2 20,2Z" Fill="Orange" Margin="0,3,0,0" Visibility="Collapsed"/>
</Grid>
</StackPanel>
<StackPanel Orientation="Horizontal" HorizontalAlignment="Right">
@ -829,6 +817,7 @@ $Xaml = @'
#region Get XAML and create variables
Add-Type -AssemblyName PresentationFramework
Add-Type -assemblyname system.DirectoryServices.accountmanagement
[xml]$Xaml = $Xaml
@ -866,12 +855,12 @@ $syncHash.Control_Unattend_Cbx_Timezone.AddChild($_.DisplayName)
#region Regex
$Regex = @{}
$Regex.Fqdn = @'
(?=^.{4,253}$)(^((?!-)[a-zA-Z0-9-]{1,63}(?<!-)\.)+[a-zA-Z]{2,63}$)
'@
$Regex.Computername = @'
(?![0-9]{1,15}$)[a-zA-Z0-9-]{1,15}
'@
$Regex.EmailAddress = @'
?:(?:[\w`~!#$%^&*\-=+;:{}'|,?\/]+(?:(?:\.(?:"(?:\\?[\w`~!#$%^&*\-=+;:{}'|,?\/\.()<>\[\] @]|\\"|\\\\)*"|[\w`~!#$%^&*\-=+;:{}'|,?\/]+))*\.[\w`~!#$%^&*\-=+;:{}'|,?\/]+)?)|(?:"(?:\\?[\w`~!#$%^&*\-=+;:{}'|,?\/\.()<>\[\] @]|\\"|\\\\)+"))@(?:[a-zA-Z\d\-]+(?:\.[a-zA-Z\d\-]+)*|\[\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\]
'@
$Regex.IpAddress = @'
([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]
'@
@ -1419,20 +1408,25 @@ Function F_Reboot {
#endregion
}
Function F_Verify_LocalAdminCreds {
$dsa = New-Object System.DirectoryServices.AccountManagement.PrincipalContext([System.DirectoryServices.AccountManagement.ContextType]::Machine)
$pass = $syncHash.Control_Creds_Pwb_LocalPassword.Password
if ($dsa.ValidateCredentials('Administrator', $pass)){
}
else {
F_Regex -field 'Control_Creds_Pwb_LocalPassword' -field_value $syncHash.Control_Creds_Pwb_LocalPassword.Password -nocondition -message $Text_Generic.Regex_LocalAdmin
}
}
Function F_VerifyFields_Creds {
if (
($syncHash.Control_Creds_Cbx_Idp.SelectedItem -eq 'ADFS' -and
($syncHash.Control_Creds_Pwb_LocalPassword.Password -and ($syncHash.Control_Creds_Pwb_LocalPassword.BorderBrush.color -ne "#FFFF0000")) -and
($syncHash.Control_Creds_Pwb_LocalPasswordConfirm.Password) -and ($syncHash.Control_Creds_Pwb_LocalPasswordConfirm.BorderBrush.color -ne "#FFFF0000")) -or
($syncHash.Control_Creds_Pwb_LocalPassword.Password.Length -gt 0)) -or
(
$syncHash.Control_Creds_Cbx_Idp.SelectedItem -ne 'ADFS' -and
$syncHash.Control_Creds_Cbx_Idp.SelectedItem -and
($syncHash.Control_Creds_Tbx_AADUsername.Text -and ($syncHash.Control_Creds_Tbx_AADUsername.BorderBrush.color -ne "#FFFF0000")) -and
($syncHash.Control_Creds_Pwb_AADPassword.Password -and ($syncHash.Control_Creds_Pwb_AADPassword.BorderBrush.color -ne "#FFFF0000")) -and
($syncHash.Control_Creds_Pwb_AADPasswordConfirm.Password -and ($syncHash.Control_Creds_Pwb_AADPasswordConfirm.BorderBrush.color -ne "#FFFF0000")) -and
($syncHash.Control_Creds_Tbx_AADTenant.Text -and ($syncHash.Control_Creds_Tbx_AADTenant.color -ne "#FFFF0000")) -and
($syncHash.Control_Creds_Pwb_LocalPassword.Password -and ($syncHash.Control_Creds_Pwb_LocalPassword.BorderBrush.color -ne "#FFFF0000")) -and
($syncHash.Control_Creds_Pwb_LocalPasswordConfirm.Password -and ($syncHash.Control_Creds_Pwb_LocalPasswordConfirm.BorderBrush.color -ne "#FFFF0000")))
($syncHash.Control_Creds_Tbx_AADTenant.Text -and ($syncHash.Control_Creds_Tbx_AADTenant.BorderBrush.color -ne "#FFFF0000")) -and
($syncHash.Control_Creds_Pwb_LocalPassword.Password.Length -gt 0))
) {
$syncHash.Control_Creds_Btn_Next.IsEnabled = $true
}
@ -1567,66 +1561,63 @@ Function F_Summary {
If ($Script:Initialized -eq "CloudBuilder_Install"){
$syncHash.Control_Summary_Tbl_Header1.Text = $Text_Install.Summary_Content
$syncHash.Control_Summary_Tbl_Content1.Inlines.Clear()
$syncHash.Control_Summary_Tbx_Content1.Visibility = "Visible"
$syncHash.Control_Summary_Tbx_Content1.Text = $null
If ($synchash.Control_Creds_Cbx_Idp.SelectedItem -eq 'Azure Cloud'){
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add('$InfraAzureDirectoryTenantAdminCredential = ')
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add("New-Object System.Management.Automation.PSCredential (")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add($synchash.Control_Creds_Tbx_AADUsername.Text)
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(", ")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add($syncHash.Control_Creds_Pwb_AADPassword.PasswordChar.ToString() * $syncHash.Control_Creds_Pwb_AADPassword.Password.Length)
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(")")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add((New-Object System.Windows.Documents.LineBreak))
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add((New-Object System.Windows.Documents.LineBreak))
}
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(".\InstallAzureStackPOC.ps1")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(" -AdminPassword ")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add($syncHash.Control_Creds_Pwb_LocalPassword.PasswordChar.ToString() * $syncHash.Control_Creds_Pwb_LocalPassword.Password.Length)
$InstallScript += '$adminpass = ConvertTo-SecureString ' + "'" + ($syncHash.Control_Creds_Pwb_LocalPassword.PasswordChar.ToString() * $syncHash.Control_Creds_Pwb_LocalPassword.Password.Length) +"'" + '-AsPlainText -Force'
$InstallScript += "`r`n"
$InstallScript += 'cd C:\CloudDeployment\Setup'
$InstallScript += "`r`n"
$InstallScript += '.\InstallAzureStackPOC.ps1 -AdminPassword $adminpass'
If ($synchash.Control_Creds_Cbx_Idp.SelectedItem -eq 'Azure Cloud'){
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(" -InfraAzureDirectoryTenantAdminCredential ")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add('$InfraAzureDirectoryTenantAdminCredential')
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(" -InfraAzureDirectoryTenantName ")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add($synchash.Control_Creds_Tbx_AADTenant.Text)
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(" -AzureEnvironment ")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add($synchash.Control_Creds_Cbx_Idp.SelectedItem)
$InstallScript += " -InfraAzureDirectoryTenantName "
$InstallScript += $synchash.Control_Creds_Tbx_AADTenant.Text
}
If ($synchash.Control_Creds_Cbx_Idp.SelectedItem -eq 'ADFS'){
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(" -UseADFS ")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add('$true')
$InstallScript += " -UseADFS"
}
If ($synchash.Control_NetConfig_Rbt_Static.IsChecked){
$NetworkID = F_GetNetworkID
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(" -NatIPv4Subnet ")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add($NetworkID)
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(" -NatIPv4Address ")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add($synchash.Control_NetConfig_Tbx_IpAddress.Text.Split("/")[0])
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(" -NatIPv4DefaultGateway ")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add($synchash.Control_NetConfig_Tbx_Gateway.Text)
$InstallScript += " -NatIPv4Subnet "
$InstallScript += $NetworkID
$InstallScript += " -NatIPv4Address "
$InstallScript += $synchash.Control_NetConfig_Tbx_IpAddress.Text.Split("/")[0]
$InstallScript += " -NatIPv4DefaultGateway "
$InstallScript += $synchash.Control_NetConfig_Tbx_Gateway.Text
}
If ($synchash.Control_NetConfig_Tbx_VlanID.Text.Length -gt 0){
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(" -PublicVLan ")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add($synchash.Control_NetConfig_Tbx_VlanID.Text)
$InstallScript += " -PublicVLan "
$InstallScript += $synchash.Control_NetConfig_Tbx_VlanID.Text
}
If ($synchash.Control_NetConfig_Tbx_DnsForwarder.Text.Length -gt 0){
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(" -EnvironmentDNS ")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add($synchash.Control_NetConfig_Tbx_DnsForwarder.Text)
$InstallScript += " -EnvironmentDNS "
$InstallScript += $synchash.Control_NetConfig_Tbx_DnsForwarder.Text
}
If ($synchash.Control_NetConfig_Tbx_TimeServer.Text.Length -gt 0){
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add(" -TimeServer ")
$syncHash.Control_Summary_Tbl_Content1.Inlines.Add($synchash.Control_NetConfig_Tbx_TimeServer.Text)
$InstallScript += " -TimeServer "
$InstallScript += $synchash.Control_NetConfig_Tbx_TimeServer.Text
}
$syncHash.Control_Summary_Tbx_Content1.Text = $InstallScript
If ($synchash.Control_Creds_Cbx_Idp.SelectedItem -eq 'Azure Cloud'){
$syncHash.Control_Summary_Pth_Content1.Visibility = "Visible"
$syncHash.Control_Summary_Tbl_Content1.Margin = "35,0,0,10"
$SyncHash.Control_Summary_Tbl_Content1.Text = $Text_Install.Summary_Warning
}
}
If ($Script:Initialized -eq "SafeOS"){
$syncHash.Control_Summary_Tbl_Header1.Text = $Text_SafeOS.Summary_Content
$syncHash.Control_Summary_Tbl_Content1.Text = $Text_SafeOS.Summary_Content
}
}
Function F_Install {
@ -1653,28 +1644,16 @@ Function F_Install {
}
#endregion
#region Install Optional Creds
Write-Host "Defining installation parameters" -ForegroundColor Cyan
If ($synchash.Control_Creds_Cbx_Idp.SelectedItem -eq 'Azure Cloud'){
'$aadpass = ConvertTo-SecureString "' + $syncHash.Control_Creds_Pwb_AADPassword.Password + '" -AsPlainText -Force' | Add-Content $filepath
'$InfraAzureDirectoryTenantAdminCredential = New-Object System.Management.Automation.PSCredential ("' + $synchash.Control_Creds_Tbx_AADUsername.Text + '", $aadpass)' | Add-Content $filepath
#$InfraAzureDirectoryTenantAdminCredential = New-Object System.Management.Automation.PSCredential ($synchash.Control_Creds_Tbx_AADUsername.Text, $syncHash.Control_Creds_Pwb_AADPassword.SecurePassword)
}
#endregion
#region Install Arguments
'$adminpass = ConvertTo-SecureString "' + $syncHash.Control_Creds_Pwb_LocalPassword.Password + '" -AsPlainText -Force' | Add-Content $filepath
Write-Host "Defining installation parameters" -ForegroundColor Cyan
'$adminpass = ConvertTo-SecureString ' + "'" + $syncHash.Control_Creds_Pwb_LocalPassword.Password + "'" + ' -AsPlainText -Force' | Add-Content $filepath
"cd C:\CloudDeployment\Setup" | Add-Content $filepath
".\InstallAzureStackPOC.ps1" | Add-Content $filepath -NoNewline
' -AdminPassword $adminpass' | Add-Content $filepath -NoNewline
If ($synchash.Control_Creds_Cbx_Idp.SelectedItem -eq 'Azure Cloud'){
' -InfraAzureDirectoryTenantAdminCredential $InfraAzureDirectoryTenantAdminCredential' | Add-Content $filepath -NoNewline
' -InfraAzureDirectoryTenantName "' + $synchash.Control_Creds_Tbx_AADTenant.Text + '"' | Add-Content $filepath -NoNewline
#' -AzureEnvironment "' + $synchash.Control_Creds_Cbx_Idp.SelectedItem + '"' | Add-Content $filepath -NoNewline
}
If ($synchash.Control_Creds_Cbx_Idp.SelectedItem -eq 'ADFS'){
@ -1970,7 +1949,7 @@ $syncHash.Control_Header_Tbl_Title.Text = $Text_Install.Mode_Title
})
$syncHash.Control_Creds_Btn_Next.Add_Click({
F_Regex -field 'Control_Creds_Tbx_AADUsername' -field_value $syncHash.Control_Creds_Tbx_AADUsername.Text -regex $Regex.EmailAddress -message $Text_Generic.Regex_EmailAddress
F_Verify_LocalAdminCreds
If (!($Script:validation_error)){
$syncHash.Control_Creds_Stp.Visibility = "Collapsed"
$syncHash.Control_NetInterface_Stp.Visibility = "Visible"
@ -1987,121 +1966,27 @@ If (!($Script:validation_error)){
$syncHash.Control_Creds_Cbx_Idp.Add_SelectionChanged({
If ($syncHash.Control_Creds_Cbx_Idp.SelectedItem -eq 'ADFS'){
$syncHash.Control_Creds_Tbx_AADUsername.Clear()
$syncHash.Control_Creds_Tbx_AADUsername.IsEnabled = $false
$syncHash.Control_Creds_Pwb_AADPassword.Clear()
$syncHash.Control_Creds_Pwb_AADPassword.IsEnabled = $false
$syncHash.Control_Creds_Pwb_AADPasswordConfirm.Clear()
$syncHash.Control_Creds_Pwb_AADPasswordConfirm.IsEnabled = $false
$syncHash.Control_Creds_Chb_AADTenant.IsChecked = $false
$syncHash.Control_Creds_Chb_AADTenant.IsEnabled = $false
$syncHash.Control_Creds_Tbx_AADTenant.Clear()
$syncHash.Control_Creds_Tbx_AADTenant.IsEnabled = $false
$syncHash.Control_Creds_Pwb_LocalPassword.IsEnabled = $true
}
Else {
$syncHash.Control_Creds_Tbx_AADUsername.IsEnabled = $true
$syncHash.Control_Creds_Pwb_AADPassword.IsEnabled = $true
$syncHash.Control_Creds_Tbx_AADTenant.Clear()
$syncHash.Control_Creds_Tbx_AADTenant.IsEnabled = $true
$syncHash.Control_Creds_Pwb_LocalPassword.IsEnabled = $true
}
F_VerifyFields_Creds
})
$syncHash.Control_Creds_Tbx_AADUsername.Add_TextChanged({
F_VerifyFields_Creds
If ($syncHash.Control_Creds_Tbx_AADUsername.Text -match "@"){
$syncHash.Control_Creds_Tbx_AADTenant.Text = ($syncHash.Control_Creds_Tbx_AADUsername.Text -split "@")[1]
$syncHash.Control_Creds_Chb_AADTenant.IsEnabled = $true
}
})
$syncHash.Control_Creds_Tbx_AADUsername.Add_LostFocus({
F_Regex -field 'Control_Creds_Tbx_AADUsername' -field_value $syncHash.Control_Creds_Tbx_AADUsername.Text -regex $Regex.EmailAddress -message $Text_Generic.Regex_EmailAddress
})
$syncHash.Control_Creds_Pwb_AADPassword.Add_PasswordChanged({
#Enable the confirmation box if the First box contains any characters
If (($syncHash.Control_Creds_Pwb_AADPassword.Password) -and (!($syncHash.Control_Creds_Pwb_AADPasswordConfirm.IsEnabled))) {
$syncHash.Control_Creds_Pwb_AADPasswordConfirm.IsEnabled = $true
}
#Match the password with the confirmation field (only if it contains a value) while typing
If ($syncHash.Control_Creds_Pwb_AADPasswordConfirm.Password){
If ($syncHash.Control_Creds_Pwb_AADPassword.Password -cne $syncHash.Control_Creds_Pwb_AADPasswordConfirm.Password) {
F_Regex -field 'Control_Creds_Pwb_AADPassword'-nocondition -message $Text_Generic.Password_NotMatch
F_VerifyFields_Creds
}
Else {
F_Regex -field 'Control_Creds_Pwb_AADPassword'
F_Regex -field 'Control_Creds_Pwb_AADPasswordConfirm'
F_VerifyFields_Creds
}
}
})
$syncHash.Control_Creds_Pwb_AADPasswordConfirm.Add_PasswordChanged({
#Match the password with the confirmation field (only if it contains a value) while typing
If ($syncHash.Control_Creds_Pwb_AADPassword.Password){
If ($syncHash.Control_Creds_Pwb_AADPasswordConfirm.Password -cne $syncHash.Control_Creds_Pwb_AADPassword.Password) {
F_Regex -field 'Control_Creds_Pwb_AADPasswordConfirm'-nocondition -message $Text_Generic.Password_NotMatch
F_VerifyFields_Creds
}
Else {
F_Regex -field 'Control_Creds_Pwb_AADPasswordConfirm'
F_Regex -field 'Control_Creds_Pwb_AADPassword'
F_VerifyFields_Creds
}
}
})
$syncHash.Control_Creds_Chb_AADTenant.Add_Click({
if ($syncHash.Control_Creds_Chb_AADTenant.IsChecked){
$syncHash.Control_Creds_Tbx_AADTenant.IsEnabled = $true
F_VerifyFields_Creds
}
else {
$syncHash.Control_Creds_Tbx_AADTenant.IsEnabled = $false
$syncHash.Control_Creds_Tbx_AADTenant.Text = ($syncHash.Control_Creds_Tbx_AADUsername.Text -split "@")[1]
}
})
$syncHash.Control_Creds_Tbx_AADTenant.Add_TextChanged({
F_Regex -field 'Control_Creds_Tbx_AADTenant' -field_value $syncHash.Control_Creds_Tbx_AADTenant.Text -regex $Regex.Fqdn -message $Text_Generic.Regex_Fqdn
F_VerifyFields_Creds
})
$syncHash.Control_Creds_Pwb_LocalPassword.Add_PasswordChanged({
#Enable the confirmation box if the First box contains any characters
If (($syncHash.Control_Creds_Pwb_LocalPassword.Password) -and (!($syncHash.Control_Creds_Pwb_LocalPasswordConfirm.IsEnabled))) {
$syncHash.Control_Creds_Pwb_LocalPasswordConfirm.IsEnabled = $true
}
#Match the password with the confirmation field (only if it contains a value) while typing
If ($syncHash.Control_Creds_Pwb_LocalPasswordConfirm.Password){
If ($syncHash.Control_Creds_Pwb_LocalPassword.Password -cne $syncHash.Control_Creds_Pwb_LocalPasswordConfirm.Password) {
F_Regex -field 'Control_Creds_Pwb_LocalPassword'-nocondition -message $Text_Generic.Password_NotMatch
F_VerifyFields_Creds
}
Else {
F_Regex -field 'Control_Creds_Pwb_LocalPassword'
F_Regex -field 'Control_Creds_Pwb_LocalPasswordConfirm'
F_VerifyFields_Creds
}
}
F_Regex -field 'Control_Creds_Pwb_LocalPassword'
F_VerifyFields_Creds
})
$syncHash.Control_Creds_Pwb_LocalPasswordConfirm.Add_PasswordChanged({
#Match the password with the confirmation field (only if it contains a value) while typing
If ($syncHash.Control_Creds_Pwb_LocalPassword.Password){
If ($syncHash.Control_Creds_Pwb_LocalPasswordConfirm.Password -cne $syncHash.Control_Creds_Pwb_LocalPassword.Password) {
F_Regex -field 'Control_Creds_Pwb_LocalPasswordConfirm'-nocondition -message $Text_Generic.Password_NotMatch
F_VerifyFields_Creds
}
Else {
F_Regex -field 'Control_Creds_Pwb_LocalPasswordConfirm'
F_Regex -field 'Control_Creds_Pwb_LocalPassword'
F_VerifyFields_Creds
}
}
})
#endregion Events Creds
#region Events NetInterface
@ -2226,8 +2111,8 @@ $syncHash.Control_Job_Btn_Next.Add_Click({
$syncHash.Control_Job_Stp.Visibility = "Collapsed"
if ($Script:Initialized -eq "SafeOS"){
$syncHash.Control_Summary_Stp.Visibility = "Visible"
$syncHash.Control_Summary_Btn_Previous.Content = "Close"
$syncHash.Control_Summary_Btn_Next.Content = "Reboot"
$syncHash.Control_Summary_Btn_Previous.Content = "Reboot later"
$syncHash.Control_Summary_Btn_Next.Content = "Reboot now"
F_Summary
}
})

58
Identity/AzureStack.Identity.psm1
Просмотреть файл

@ -8,11 +8,12 @@
This function fetches the OpenID configuration metadata from the identity system and parses the Directory TenantID out of it.
Azure Stack AD FS is configured to be a single tenanted identity system with a TenantID.
.EXAMPLE
Get-DirectoryTenantIdentifier -authority https://login.windows.net/microsoft.onmicrosoft.com
Get-AzsDirectoryTenantIdentifier -authority https://login.windows.net/microsoft.onmicrosoft.com
.EXAMPLE
Get-DirectoryTenantIdentifier -authority https://adfs.local.azurestack.external/adfs
Get-AzsDirectoryTenantIdentifier -authority https://adfs.local.azurestack.external/adfs
#>
function Get-DirectoryTenantIdentifier {
function Get-AzsDirectoryTenantidentifier {
[CmdletBinding()]
Param
(
@ -25,17 +26,20 @@ function Get-DirectoryTenantIdentifier {
return $(Invoke-RestMethod $("{0}/.well-known/openid-configuration" -f $authority.TrimEnd('/'))).issuer.TrimEnd('/').Split('/')[-1]
}
Export-ModuleMember -Function 'Get-AzsDirectoryTenantidentifier'
<#
.Synopsis
This function is used to create a Service Principal on teh AD Graph
.DESCRIPTION
The command creates a certificate in the cert store of the local user and uses that certificate to create a Service Principal in the Azure Stack Stamp Active Directory.
.EXAMPLE
$servicePrincipal = New-ADGraphServicePrincipal -DisplayName "mySPApp" -AdminCredential $(Get-Credential) -Verbose
$servicePrincipal = New-AzsAdGraphServicePrincipal -DisplayName "mySPApp" -AdminCredential $(Get-Credential) -Verbose
.EXAMPLE
$servicePrincipal = New-ADGraphServicePrincipal -DisplayName "mySPApp" -AdminCredential $(Get-Credential) -DeleteAndCreateNew -Verbose
$servicePrincipal = New-AzsAdGraphServicePrincipal -DisplayName "mySPApp" -AdminCredential $(Get-Credential) -DeleteAndCreateNew -Verbose
#>
function New-ADGraphServicePrincipal {
function New-AzsAdGraphServicePrincipal {
[CmdletBinding()]
Param
(
@ -46,9 +50,9 @@ function New-ADGraphServicePrincipal {
$DisplayName,
# Adfs Machine name
[Parameter(Mandatory = $true , Position = 1)]
[Parameter(Mandatory = $true, Position = 1)]
[string]
$AdfsMachineName = "azs-adfs01.azurestack.local",
$AdfsMachineName,
# Domain Administrator Credential to create Service Principal
[Parameter(Mandatory = $true,
@ -91,13 +95,13 @@ function New-ADGraphServicePrincipal {
Write-Verbose -Message "Creating new application group with name '$applicationGroupName'."
$applicationParameters = @{
Name = $applicationGroupName
Description = $applicationGroupDescription
ClientType = 'Confidential'
ClientId = $shellSiteApplicationId
ClientDisplayName = $shellSiteDisplayName
Name = $applicationGroupName
Description = $applicationGroupDescription
ClientType = 'Confidential'
ClientId = $shellSiteApplicationId
ClientDisplayName = $shellSiteDisplayName
ClientRedirectUris = $shellSiteRedirectUri
ClientDescription = $shellSiteClientDescription
ClientDescription = $shellSiteClientDescription
ClientCertificates = $ClientCertificate
}
$defaultTimeOut = New-TimeSpan -Minutes 10
@ -105,9 +109,9 @@ function New-ADGraphServicePrincipal {
Write-Verbose -Message "Shell Site ApplicationGroup: $($applicationGroup | ConvertTo-Json)"
return [pscustomobject]@{
ObjectId = $applicationGroup.Identifier
ObjectId = $applicationGroup.Identifier
ApplicationId = $applicationParameters.ClientId
Thumbprint = $ClientCertificate.Thumbprint
Thumbprint = $ClientCertificate.Thumbprint
}
}
$domainAdminSession = New-PSSession -ComputerName $AdfsMachineName -Credential $AdminCredential -Authentication Credssp -Verbose
@ -238,9 +242,10 @@ function Get-AzureRmUserRefreshToken([Microsoft.Azure.Commands.Profile.Models.PS
$azureStackDirectoryTenant = "<homeDirectoryTenant>.onmicrosoft.com"
$guestDirectoryTenantToBeOnboarded = "<guestDirectoryTenant>.onmicrosoft.com"
Register-GuestDirectoryTenantToAzureStack -AdminResourceManagerEndpoint $adminARMEndpoint -DirectoryTenantName $azureStackDirectoryTenant -GuestDirectoryTenantName $guestDirectoryTenantToBeOnboarded
Register-AzsGuestDirectoryTenant -AdminResourceManagerEndpoint $adminARMEndpoint -DirectoryTenantName $azureStackDirectoryTenant -GuestDirectoryTenantName $guestDirectoryTenantToBeOnboarded
#>
function Register-GuestDirectoryTenantToAzureStack {
function Register-AzsGuestDirectoryTenant {
[CmdletBinding()]
param
(
@ -311,6 +316,8 @@ function Register-GuestDirectoryTenantToAzureStack {
}
}
Export-ModuleMember -Function 'Publish-AzsApplicationsToARM'
<#
.Synopsis
Consents to the given Azure Stack instance within the callers's Azure Directory Tenant.
@ -320,10 +327,11 @@ Consents to the given Azure Stack instance within the callers's Azure Directory
$tenantARMEndpoint = "https://management.local.azurestack.external"
$myDirectoryTenantName = "<guestDirectoryTenant>.onmicrosoft.com"
Register-AzureStackWithMyDirectoryTenant -TenantResourceManagerEndpoint $tenantARMEndpoint `
Register-AzsWithMyDirectoryTenant -TenantResourceManagerEndpoint $tenantARMEndpoint `
-DirectoryTenantName $myDirectoryTenantName -Verbose -Debug
#>
function Register-AzureStackWithMyDirectoryTenant {
function Register-AzsWithMyDirectoryTenant {
[CmdletBinding()]
param
(
@ -362,7 +370,7 @@ function Register-AzureStackWithMyDirectoryTenant {
$refreshToken = Get-AzureRmUserRefreshToken -azureEnvironment $azureEnvironment -directoryTenantId $azureStackEnvironment.AdTenant -AutomationCredential $AutomationCredential
# Initialize the Graph PowerShell module to communicate with the correct graph service
$graphEnvironment = Resolve-GraphEnvironment $azureEnvironment
$graphEnvironment = ResolveGraphEnvironment $azureEnvironment
Initialize-GraphEnvironment -Environment $graphEnvironment -DirectoryTenantId $DirectoryTenantName -RefreshToken $refreshToken
# Initialize the service principal for the Azure Stack Resource Manager application (allows us to acquire a token to ARM). If not specified, the sign-up flow must be completed via the Azure Stack portal first.
@ -382,11 +390,11 @@ function Register-AzureStackWithMyDirectoryTenant {
# Call Azure Stack Resource Manager to retrieve the list of registered applications which need to be initialized in the onboarding directory tenant
$armAccessToken = (Get-GraphToken -Resource $azureStackEnvironment.ActiveDirectoryServiceEndpointResourceId -UseEnvironmentData).access_token
$applicationRegistrationParams = @{
Method = [Microsoft.PowerShell.Commands.WebRequestMethod]::Get
Method = [Microsoft.PowerShell.Commands.WebRequestMethod]::Get
Headers = @{ Authorization = "Bearer $armAccessToken" }
Uri = "$($TenantResourceManagerEndpoint.ToString().TrimEnd('/'))/applicationRegistrations?api-version=2014-04-01-preview"
Uri = "$($TenantResourceManagerEndpoint.ToString().TrimEnd('/'))/applicationRegistrations?api-version=2014-04-01-preview"
}
$applicationRegistrations = Invoke-RestMethod @applicationRegistrationParams | Select -ExpandProperty value
$applicationRegistrations = Invoke-RestMethod @applicationRegistrationParams | Select-Object -ExpandProperty value
# Identify which permissions have already been granted to each registered application and which additional permissions need consent
$permissions = @()
@ -447,4 +455,4 @@ Export-ModuleMember -Function @(
"Register-GuestDirectoryTenantToAzureStack",
"Get-DirectoryTenantIdentifier",
"New-ADGraphServicePrincipal"
)
)

778
Identity/GraphAPI/GraphAPI.psm1
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

4
Identity/README.md
Просмотреть файл

@ -18,7 +18,7 @@ Import-Module ..\Identity\AzureStack.Identity.psm1
This function is used to get the Directory Tenant Guid. This method works for both AAD and AD FS.
```powershell
$directoryTenantId = Get-DirectoryTenantIdentifier -Authority "<DirectoryTenantUrl>"
$directoryTenantId = Get-AzsDirectoryTenantIdentifier -Authority "<DirectoryTenantUrl>"
```
An example of an authority for AAD is `https://login.windows.net/microsoft.onmicrosoft.com`
@ -29,7 +29,7 @@ and for AD FS is `https://adfs.local.azurestack.external/adfs`.
You can create a Service Principal by executing the following command after importing the Identity module
```powershell
$servicePrincipal = New-ADGraphServicePrincipal -DisplayName "<YourServicePrincipalName>" -AdminCredential $(Get-Credential) -Verbose
$servicePrincipal = New-AzsAdGraphServicePrincipal -DisplayName "<YourServicePrincipalName>" -AdminCredential $(Get-Credential) -Verbose
```
After the Service Principal is created, you should open your Azure Stack Portal to provide the appropriate level of RBAC to it. You can do this from the Access Control (IAM) tab of any resource. After the RBAC is given, you can login using the service principal as follows:

1074
Infrastructure/AzureStack.Infra.psm1
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

281
Infrastructure/README.md
Просмотреть файл

@ -3,13 +3,6 @@
Instructions below are relative to the .\Infrastructure folder of the [AzureStack-Tools repo](..).
This also requires the Azure Stack Connect Module to be imported before running any of the commands. The Module can also be found in the [AzureStack-Tools repo](..).
Whats new for TP3:
- New Cmdlet Name Prefix
- API Resource Name changes
- New cmdlets
- Use of Azure Stack Connect Module
## Import the Module
```powershell
@ -17,32 +10,29 @@ Import-Module .\AzureStack.Infra.psm1
```
## Add PowerShell environment
```powershell
Import-Module .\AzureStack.Connect.psm1
```
You will need to reference your Azure Stack Administrator environment. To create an administrator environment use the below. The ARM endpoint below is the administrator default for a one-node environment.
You will need to login to your Azure Stack Administrator environment. To create an administrator environment use the below. The ARM endpoint below is the administrator default for a one-node environment.
```powershell
Add-AzureStackAzureRmEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external"
```
Connecting to your environment requires that you obtain the value of your Directory Tenant ID. For **Azure Active Directory** environments provide your directory tenant name:
```powershell
$TenantID = Get-DirectoryTenantID -AADTenantName "<mydirectorytenant>.onmicrosoft.com" -EnvironmentName AzureStackAdmin
```
For **ADFS** environments use the following:
```powershell
$TenantID = Get-DirectoryTenantID -ADFS -EnvironmentName AzureStackAdmin
Add-AzureRMEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external"
```
Then login:
```powershell
Login-AzureRmAccount -EnvironmentName "AzureStackAdmin" -TenantId $TenantID
Login-AzureRmAccount -EnvironmentName "AzureStackAdmin"
```
----
If you are **not** using your home directory tenant, you will need to supply the tenant ID to your login command. You may find it easiest to obtain using the Connect tool. For **Azure Active Directory** environments provide your directory tenant name:
```powershell
$TenantID = Get-AzsDirectoryTenantId -AADTenantName "<mydirectorytenant>.onmicrosoft.com" -EnvironmentName AzureStackAdmin
```
For **ADFS** environments use the following:
```powershell
$TenantID = Get-AzsDirectoryTenantId -ADFS -EnvironmentName AzureStackAdmin
```
## Individual Command Usage
@ -54,465 +44,344 @@ Explains each individual command and shows how to use it
List active and closed Infrastructure Alerts
```powershell
$credential = Get-Credential
Get-AzSAlert -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsAlert
```
Note: The cmdlet requires credentials to retrieve Alerts. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Retrieves Active & Closed Alerts
### Close Infrastructure Alerts
Close any active Infrastructure Alert. Run Get-AzureStackAlert to get the AlertID, required to close a specific Alert.
Close any active Infrastructure Alert. Run Get-AzsAlert to get the AlertID, required to close a specific Alert.
```powershell
$credential = Get-Credential
Close-AzSAlert -AzureStackCredentials $credential -TenantID $TenantID -AlertID "ID" -EnvironmentName "AzureStackAdmin"
Close-AzsAlert -AlertID "ID"
```
Note: The cmdlet requires credentials to close active Alert. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Close active Alert
### Get Region Update Summary
### Get Update Location
Review details about the Region related to updates.
Review the Update Summary for a specified region.
```powershell
$credential = Get-Credential
Get-AzSUpdateLocation -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsUpdateSummary
```
Note: The cmdlet requires credentials to retrieve Update Location. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Retrieves details about the update location
- Retrieves Region Update Summary
### Get Azure Stack Update
Retrieves list of Azure Stack Updates
```powershell
$credential = Get-Credential
Get-AzSUpdate -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsUpdate
```
Note: The cmdlet requires credentials to retrieve Azure Stack Updates. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- List Azure Stack Updates
### Apply Azure Stack Update
Applies a specific Azure Stack Update that is downloaded and applicable. Run Get-AzureStackUpdate to retrieve Update Version first
```powershell
$credential = Get-Credential
Install-AzSUpdate -AzureStackCredentials $credential -TenantID $TenantID -vupdate "Update Version" -EnvironmentName "AzureStackAdmin"
Install-AzsUpdate -Update "Update Version"
```
Note: The cmdlet requires credentials to apply a specific Update. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Applies specified Update
### Get Azure Stack Update Run
Should be used to validate a specific Update Run or look at previous update runs
```powershell
$credential = Get-Credential
Get-AzSUpdateRun -AzureStackCredentials $credential -TenantID $TenantID -vupdate "Update Version" -EnvironmentName "AzureStackAdmin"
Get-AzsUpdateRun -Update "Update Version"
```
Note: The cmdlet requires credentials to retrieve Update Run information. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Lists Update Run information for a specific Azure Stack update
### List Infrastructure Roles
Does list all Infrastructure Roles
```powershell
$credential = Get-Credential
Get-AzSInfraRole -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsInfrastructureRole
```
Note: The cmdlet requires credentials to retrieve Infrastructure Roles. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Lists Infrastructure Roles
### List Infrastructure Role Instance
Does list all Infrastructure Role Instances (Note: Does not return Directory Management VM in One Node deployment)
```powershell
$credential = Get-Credential
Get-AzSInfraRoleInstance -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsInfrastructureRoleInstance
```
Note: The cmdlet requires credentials to retrieve Infrastructure Role Instances. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Lists Infrastructure Role Instances
### List Scale Unit
Does list all Scale Units in a specified Region
```powershell
$credential = Get-Credential
Get-AzSScaleUnit -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsScaleUnit
```
Note: The cmdlet requires credentials to retrieve Scale Units. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Lists Scale Units
### List Scale Unit Nodes
Does list all Scale Units Nodes
```powershell
$credential = Get-Credential
Get-AzSScaleUnitNode -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsScaleUnitNode
```
Note: The cmdlet requires credentials to retrieve all Scale Unit Nodes. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Lists Scale Unit Nodes
### List Logical Networks
Does list all logical Networks by ID
```powershell
$credential = Get-Credential
Get-AzSLogicalNetwork -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsLogicalNetwork
```
Note: The cmdlet requires credentials to retrieve logical Networks. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Lists logical Networks
### List Storage Capacity
### List Storage Subsystem
Does return details about the Storage Subsystem
Does return the total capacity of the storage subsystem
```powershell
$credential = Get-Credential
Get-AzSStorageSubsystem -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsStorageCapacity
```
Note: The cmdlet requires credentials to retrieve storage subsystem details. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Lists detail about the storage subsystem
- Lists total storage capacity for the storage subsystem
### List Storage Shares
Does list all file shares in the storage subsystem
```powershell
$credential = Get-Credential
Get-AzSStorageShare -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsStorageShare
```
Note: The cmdlet requires credentials to retrieve file shares. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Retrieves all file shares
### List IP Pools
Does list all IP Pools
```powershell
$credential = Get-Credential
Get-AzSIPPool -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsIpPool
```
Note: The cmdlet requires credentials to retrieve IP Pools. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Retrieves all IP Pools
### List MAC Address Pools
Does list all MAC Address Pool
```powershell
$credential = Get-Credential
Get-AzSMacPool -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsMacPool
```
Note: The cmdlet requires credentials to retrieve all MAC Address Pools. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Retrieves all MAC Address Pools
### List Gateway Pools
Does list all Gateway Pools
```powershell
$credential = Get-Credential
Get-AzSGatewayPool -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsGatewayPool
```
Note: The cmdlet requires credentials to retrieve the Gateway Pools. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Retrieves all Gateway Pools
### List SLB MUX
Does list all SLB MUX Instances
```powershell
$credential = Get-Credential
Get-AzSSLBMUX -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzSLBMux
```
Note: The cmdlet requires credentials to retrieve all SLB MUX instances. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Retrieves all SLB MUX instances
### List Gateway Instances
Does list all Gateway Instances
```powershell
$credential = Get-Credential
Get-AzSGateway -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsGateway
```
Note: The cmdlet requires credentials to retrieve all Gateway instances. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Retrieves all Gateway instances
### Start Infra Role Instance
Does start an Infra Role Instance
```powershell
$credential = Get-Credential
Start-AzSInfraRoleInstance -AzureStackCredentials $credential -TenantID $TenantID -Name "InfraRoleInstanceName" -EnvironmentName "AzureStackAdmin"
Start-AzsInfrastructureRoleInstance -Name "InfraRoleInstanceName"
```
Note: The cmdlet requires credentials to start an infra role instance. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Starts an Infra Role instance
### Stop Infra Role Instance
Does stop an Infra Role Instance
```powershell
$credential = Get-Credential
Stop-AzSInfraRoleInstance -AzureStackCredentials $credential -TenantID $TenantID -Name "InfraRoleInstanceName" -EnvironmentName "AzureStackAdmin"
Stop-AzsInfrastructureRoleInstance -Name "InfraRoleInstanceName"
```
Note: The cmdlet requires credentials to stop an infra role instance. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Stops an Infra Role instance
### Restart Infra Role Instance
Does restart an Infra Role Instance
Does Restart an Infra Role Instance
```powershell
$credential = Get-Credential
Restart-AzSInfraRoleInstance -AzureStackCredentials $credential -TenantID $TenantID -Name "InfraRoleInstanceName" -EnvironmentName "AzureStackAdmin"
Restart-AzsInfrastructureRoleInstance -Name "InfraRoleInstanceName"
```
Note: The cmdlet requires credentials to restart an infra role instance. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Restart an Infra Role instance
### Add IP Pool
Does add an IP Pool
```powershell
$credential = Get-Credential
Add-AzSIPPool -AzureStackCredentials $credential -TenantID $TenantID -Name "PoolName" -StartIPAddress "192.168.55.1" -EndIPAddress "192.168.55.254" -AddressPrefix "192.168.0./24" -EnvironmentName "AzureStackAdmin"
Add-AzsIpPool -Name "PoolName" -StartIPAddress "192.168.55.1" -EndIPAddress "192.168.55.254" -AddressPrefix "192.168.0./24"
```
Note: The cmdlet requires credentials to add an IP Pool. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Adds an IP Pool
### Enable Maintenance Mode
Does put a ScaleUnitNode in Maintenance Mode
```powershell
$credential = Get-Credential
Disable-AzSScaleUnitNode -TenantId $TenantID -AzureStackCredentials $credential -EnvironmentName "AzureStackAdmin" -Name NodeName
Disable-AzsScaleUnitNode -Name NodeName
```
Note: The cmdlet requires credentials to enable Maintenance Mode. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Enables Maintenance Mode for a specified ScaleUnitNode
### Disable Maintenance Mode
Does resume a ScaleUnitNode from Maintenance Mode
```powershell
$credential = Get-Credential
Enable-AzSScaleUnitNode -TenantId $TenantID -AzureStackCredentials $credential -EnvironmentName "AzureStackAdmin" -Name NodeName
Enable-AzsScaleUnitNode -Name NodeName
```
Note: The cmdlet requires credentials to disable Maintenance Mode. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Resume from Maintenance Mode for a specified ScaleUnitNode
### Show Region Capacity
Does show capacity for specified Region
```powershell
$credential = Get-Credential
Get-AzSRegionCapacity -TenantId $TenantID -AzureStackCredentials $credential -EnvironmentName "AzureStackAdmin"
Get-AzsLocationCapacity
```
Note: The cmdlet requires credentials to display region capacity information. Provide the administrator Azure Active Directory credentials, such as *&lt;Admin Account&gt;*@*&lt;mydirectory&gt;*.onmicrosoft.com or the ADFS credentials, to the prompt.
The command does the following:
- Authenticates to the Azure Stack environment
- Retrieves Region Capacity information
## Scenario Command Usage
Demonstrates using multiple commands together for an end to end scenario.
### Recover an Infrastructure Role Instance that has an Alert assigned.
### Recover an Infrastructure Role Instance that has an Alert assigned
```powershell
#Retrieve all Alerts and apply a filter to only show active Alerts
$Active=Get-AzSAlert -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"|where {$_.state -eq "active"}
$Active=Get-AzsAlert | Where {$_.State -eq "active"}
$Active
#Stop Infra Role Instance
Stop-AzSInfraRoleInstance -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin" -Name $Active.resourceName
Stop-AzsInfrastructureRoleInstance -Name $Active.ResourceName
#Start Infra Role Instance
Start-AzSInfraRoleInstance -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin" -Name $Active.resourceName
Start-AzsInfrastructureRoleInstance -Name $Active.resourceName
#Validate if error is resolved (Can take up to 3min)
Get-AzSAlert -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"|where {$_.state -eq "active"}
Get-AzsAlert | Where {$_.State -eq "active"}
```
### Increase Public IP Pool Capacity
```powershell
#Retrieve all Alerts and apply a filter to only show active Alerts
$Active=Get-AzSAlert -AzureStackCredentials $cred -TenantID $TenantID -EnvironmentName "AzureStackAdmin"|where {$_.state -eq "active"}
$Active=Get-AzsAlert | Where {$_.State -eq "active"}
$Active
#Review IP Pool Allocation
Get-AzSIPPool -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsIpPool
#Add New Public IP Pool
Add-AzSIPPool -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin" -Name "NewPublicIPPool" -StartIPAddress "192.168.80.0" -EndIPAddress "192.168.80.255" -AddressPrefix "192.168.80.0/24"
Add-AzsIpPool -Name "NewPublicIPPool" -StartIPAddress "192.168.80.0" -EndIPAddress "192.168.80.255" -AddressPrefix "192.168.80.0/24"
#Validate new IP Pool
Get-AzSIPPool -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsIpPool
```
### Apply Update to Azure Stack
```powershell
#Review Current Region Update Summary
Get-AzSUpdateSummary -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsUpdateSummary
#Check for available and applicable updates
Get-AzSUpdate -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsUpdate
#Apply Update
Install-AzSUpdate -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin" -vupdate "2.0.0.0"
Install-AzsUpdate -Update "2.0.0.0"
#Check Update Run
Get-AzSUpdateRun -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin" -vupdate "2.0.0.0"
Get-AzsUpdateRun -Update "2.0.0.0"
#Review Region Update Summary after successful run
Get-AzSUpdateSummary -AzureStackCredentials $credential -TenantID $TenantID -EnvironmentName "AzureStackAdmin"
Get-AzsUpdateSummary
```
### Perform FRU procedure
```powershell
#Review current ScaleUnitNode State
$node=Get-AzSScaleUnitNode -TenantId $TenantID -AzureStackCredentials $credentials-EnvironmentName AzureStackAdmin
$node.properties | fl
$node=Get-AzsScaleUnitNode
$node | fl
#Enable Maintenance Mode for that node which drains all active resources
Disable-AzSScaleUnitNode -TenantId $TenantID -AzureStackCredentials $credential -EnvironmentName "AzureStackAdmin" -Name $node.name
Disable-AzsScaleUnitNode -Name $node.name
#Power Off Server using build in KVN or physical power button
#BMC IP Address is returned by previous command $node.properties | fl
@ -520,14 +389,13 @@ Disable-AzSScaleUnitNode -TenantId $TenantID -AzureStackCredentials $credential
#Power On Server using build in KVN or physical power button
#Resume ScaleUnitNode from Maintenance Mode
Enable-AzSScaleUnitNode -TenantId $TenantID -AzureStackCredentials $credential -EnvironmentName "AzureStackAdmin" -Name $node.name
Enable-AzsScaleUnitNode -Name $node.name
#Validate ScaleUnitNode Status
$node=Get-AzSScaleUnitNode -TenantId $TenantID -AzureStackCredentials $credentials-EnvironmentName AzureStackAdmin
$node.properties | fl
$node=Get-AzsScaleUnitNode
$node | fl
```
### Set Azure Stack's Latitude and Longitude
This command modifies an Azure Stack instance's latitude and longitude location
@ -540,7 +408,6 @@ $latitude = '12.972442'
$longitude = '77.580643'
$regionName = 'local'
$TenantID = Get-DirectoryTenantID -AADTenantName $directoryName -EnvironmentName AzureStackAdmin
Set-AzSLocationInformation -TenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredentials $credential -Region $regionName -Latitude $latitude -Longitude $longitude
Set-AzsLocationInformation -Region $regionName -Latitude $latitude -Longitude $longitude
```

57
Infrastructure/Tests/Infra.Tests.ps1
Просмотреть файл

@ -11,8 +11,8 @@ Describe $script:ModuleName {
Should Not Be $null
}
It 'Get-AzSAlert should be exported' {
Get-Command -Name Get-AzSAlert -ErrorAction SilentlyContinue |
It 'Get-AzsAlert should be exported' {
Get-Command -Name Get-AzsAlert -ErrorAction SilentlyContinue |
Should Not Be $null
}
}
@ -23,67 +23,56 @@ InModuleScope $script:ModuleName {
$HostComputer = $global:HostComputer
$ArmEndpoint = $global:ArmEndpoint
$natServer = $global:natServer
$AdminUser= $global:AdminUser
$AdminUser = $global:AdminUser
$AadServiceAdmin = $global:AadServiceAdmin
$AdminPassword = $global:AdminPassword
$AadServiceAdminPassword = $global:AadServiceAdminPassword
$stackLoginCreds = $global:AzureStackLoginCredentials
$VPNConnectionName = $global:VPNConnectionName
$AadTenant = $global:AadTenantID
$EnvironmentName = $global:EnvironmentName
Describe 'Infra - Functional Tests' {
It 'Get-AzSAlert should not throw' {
{ Get-AzSAlert -TenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredentials $stackLoginCreds } |
It 'Get-AzsAlert should not throw' {
{ Get-AzsAlert } |
Should Not Throw
}
It 'Get-AzSScaleUnit should not throw' {
{ Get-AzSAlert -TenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredentials $stackLoginCreds } |
It 'Get-AzsScaleUnit should not throw' {
{ Get-AzsAlert } |
Should Not Throw
}
It 'Get-AzSScaleUnitNode should not throw' {
{ Get-AzSScaleUnitNode -TenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredentials $stackLoginCreds } |
It 'Get-AzsScaleUnitNode should not throw' {
{ Get-AzsScaleUnitNode } |
Should Not Throw
}
It 'Get-AzSStorageCapacity should not throw' {
{ Get-AzSStorageCapacity -TenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredentials $stackLoginCreds } |
It 'Get-AzsStorageCapacity should not throw' {
{ Get-AzsStorageCapacity } |
Should Not Throw
}
It 'Get-AzSInfraRole should not throw' {
{ Get-AzSInfraRole -TenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredentials $stackLoginCreds } |
It 'Get-AzsInfraRole should not throw' {
{ Get-AzsInfraRole } |
Should Not Throw
}
It 'Get-AzSInfraRoleInstance should not throw' {
{ Get-AzSInfraRoleInstance -TenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredentials $stackLoginCreds } |
It 'Get-AzsInfraRoleInstance should not throw' {
{ Get-AzsInfraRoleInstance } |
Should Not Throw
}
It 'Get-AzSStorageShare should not throw' {
{ Get-AzSStorageShare -TenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredentials $stackLoginCreds } |
It 'Get-AzsStorageShare should not throw' {
{ Get-AzsStorageShare } |
Should Not Throw
}
It 'Get-AzSlogicalnetwork should not throw' {
{ Get-AzSlogicalnetwork -TenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredentials $stackLoginCreds } |
It 'Get-Azslogicalnetwork should not throw' {
{ Get-Azslogicalnetwork } |
Should Not Throw
}
It 'Get-AzSUpdateSummary should not throw' {
{ Get-AzSUpdateSummary -TenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredentials $stackLoginCreds } |
It 'Get-AzsUpdateSummary should not throw' {
{ Get-AzsUpdateSummary } |
Should Not Throw
}
It 'Get-AzSUpdate should not throw' {
{ Get-AzSUpdate -TenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredentials $stackLoginCreds } |
It 'Get-AzsUpdate should not throw' {
{ Get-AzsUpdate } |
Should Not Throw
}
It 'Set-AzSLocationInformation should not throw' {
{ Set-AzSLocationInformation -TenantID $AadTenant -EnvironmentName $EnvironmentName -AzureStackCredentials $stackLoginCreds -Region 'local' -Latitude '12.972442' -Longitude '77.580643'} |
Should Not Throw
}
}

22
Policy/AzureStack.Policy.psm1
Просмотреть файл

@ -8,8 +8,8 @@
.SYNOPSIS
Produces Azure Resource Manager Policy document to apply to restrict Azure subscriptions to Azure Stack compatible functionality
#>
function Get-AzureStackRmPolicy
{
function Get-AzsPolicy {
$defaults = [System.IO.Path]::GetDirectoryName($PSCommandPath)
$providerMetadata = ConvertFrom-Json (Get-Content -Path ($defaults + "\AzureStack.Provider.Metadata.json") -Raw)
@ -18,10 +18,8 @@ function Get-AzureStackRmPolicy
$allowResources = @()
foreach ($p in $providerMetadata.value)
{
foreach ($r in $p.resourceTypes)
{
foreach ($p in $providerMetadata.value) {
foreach ($r in $p.resourceTypes) {
$allowResources += @{ field = "type"; equals = $p.namespace + "/" + $r.ResourceType}
$allowResources += @{ field = "type"; like = $p.namespace + "/" + $r.ResourceType + "/*" }
}
@ -31,7 +29,7 @@ function Get-AzureStackRmPolicy
$storageSkuField = "Microsoft.Storage/storageAccounts/sku.name"
$policy = @{
if = @{
if = @{
not = @{
allOf = @(
@{
@ -43,13 +41,13 @@ function Get-AzureStackRmPolicy
@{
allOf = @(
@{
field = $vmSkuField;
field = $vmSkuField;
exists = "true"
},
@{
not = @{
field = $vmSkuField;
in = $vmSkus
in = $vmSkus
}
}
)
@ -57,13 +55,13 @@ function Get-AzureStackRmPolicy
@{
allOf = @(
@{
field = $storageSkuField;
field = $storageSkuField;
exists = "true"
},
@{
not = @{
field = $storageSkuField;
in = $storageSkus
in = $storageSkus
}
}
)
@ -82,4 +80,4 @@ function Get-AzureStackRmPolicy
ConvertTo-Json $policy -Depth 100
}
Export-ModuleMember Get-AzureStackRmPolicy
Export-ModuleMember Get-AzsPolicy

4
Policy/README.md
Просмотреть файл

@ -11,7 +11,7 @@ Login-AzureRmAccount
$s = Select-AzureRmSubscription -SubscriptionName "<sub name>"
$subId = $s.Subscription.SubscriptionId
$policy = New-AzureRmPolicyDefinition -Name AzureStack -Policy (Get-AzureStackRmPolicy)
$policy = New-AzureRmPolicyDefinition -Name AzureStack -Policy (Get-AzsPolicy)
New-AzureRmPolicyAssignment -Name AzureStack -PolicyDefinition $policy -Scope /subscriptions/$subId
```
@ -25,7 +25,9 @@ New-AzureRmPolicyAssignment -Name AzureStack -PolicyDefinition $policy -Scope /s
```
To remove the Azure Stack policy, run this command with the same scope used when the policy was applied:
```powershell
Remove-AzureRmPolicyAssignment -Name AzureStack -Scope /subscriptions/$subId/resourceGroups/$rgName
Remove-AzureRmPolicyAssignment -Name AzureStack -Scope /subscriptions/$subId
```

28
README.md
Просмотреть файл

@ -1,13 +1,8 @@
# Azure Stack Technical Preview Version
These tools are meant for use with **Azure Stack Technical Preview 3 Refresh**. Azure Stack Technical Preview 3 (March build) users can still use the tools in the [TP3.N](https://github.com/Azure/AzureStack-Tools/tree/TP3.N).
These tools are meant for use with **Azure Stack Development Kit**. Azure Stack Technical Preview 3 Refresh users can still use the tools in the [TP3-Refresh](https://github.com/Azure/AzureStack-Tools/tree/TP3-Refresh).
A few notes for this release:
- Default ARM endpoints have changed in this release.
- Tools have been updated to include an EnvironmentName parameter.
- Make sure to use the the Net35 parameter when uploading a Server 2016 image for use with deploying the PaaS services
# Tools for using Azure and Azure Stack
## Tools for using Azure and Azure Stack
To use these tools, obtain Azure Stack compatible Azure PowerShell module. Unless you've installed from other sources, one way to do it is to obtain from public package repositories as follows. Note that both of these could still be used to operate against Azure as well as Azure Stack, but may lack some of the latest Azure features.
@ -16,12 +11,12 @@ For PowerShell, install the following:
```powershell
Install-Module -Name 'AzureRm.Bootstrapper' -Scope CurrentUser
Install-AzureRmProfile -profile '2017-03-09-profile' -Force -Scope CurrentUser
Install-Module -Name AzureStack -RequiredVersion 1.2.9 -Scope CurrentUser
Install-Module -Name AzureStack -RequiredVersion 1.2.10 -Scope CurrentUser
```
Obtain the tools by cloning the git repository.
```
```commandline
git clone https://github.com/Azure/AzureStack-Tools.git --recursive
cd AzureStack-Tools
```
@ -33,44 +28,50 @@ invoke-webrequest https://github.com/Azure/AzureStack-Tools/archive/master.zip -
expand-archive master.zip -DestinationPath . -Force
cd AzureStack-Tools-master
```
Instructions below are relative to the root of the repo.
## [Azure Resource Manager policy for Azure Stack](Policy)
Constrains Azure subscription to the capabilities available in the Azure Stack.
- Apply Azure Stack policy to Azure subscriptions and resource groups
## [Deployment of Azure Stack](Deployment)
Helps prepare for Azure Stack deployment.
- Prepare to Deploy (boot from VHD)
- Prepare to Redeploy (boot back to original/base OS)
- Prepare to Deploy (boot from VHD)
- Prepare to Redeploy (boot back to original/base OS)
## [Connecting to Azure Stack](Connect)
Connect to an Azure Stack instance from your personal computer/laptop.
- Connect via VPN to an Azure Stack installation
- Configure Azure Stack PowerShell environment
- Prepare new subscriptions for use in PowerShell and CLI
## [Setting up Identity for Azure Stack](Identity)
Create and manage identity related objects and configurations for Azure Stack
- Create Service Principals in a disconnected topology
## [Azure Stack Service Administration](ServiceAdmin)
Manage plans and subscriptions in Azure Stack.
- Add default (unlimited) plans and quotas so that tenants can create new subscriptions
## [Azure Stack Compute Administration](ComputeAdmin)
Manage compute (VM) service in Azure Stack.
- Add VM Image to the Azure Stack Marketplace
## [Azure Stack Infrastructure Administration](Infrastructure)
Manage Azure Stack Infrastructure
- Get Infrastructure Roles
- Get Infrastructure Role Instances
- Start Infrastructure Role Instance
@ -97,6 +98,7 @@ Manage Azure Stack Infrastructure
## [AzureRM Template Validator](TemplateValidator)
Validate Azure ARM Template Capabilities
- resources - Types, Location, Apiversion
- Compute Capabilities - extensions, images, sizes
- Storage Capabilities - skus

8
Registration/README.md
Просмотреть файл

@ -1,10 +1,12 @@
# Registration
This script must be run from the Host machine. As a prerequisite, make sure that you have an Azure subscription and that you have installed Azure PowerShell:
```powershell
Install-Module -Name AzureRM
Install-Module -Name AzureRM
```
This script helps you to run through the steps of registering your Azure Stack with your Azure subscription. Additional details can be found in the [documentation](https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-register).
This script helps you to run through the steps of registering your Azure Stack with your Azure subscription. Additional details can be found in the [documentation](https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-register).
To run the script:
@ -12,4 +14,4 @@ To run the script:
RegisterWithAzure.ps1 -azureDirectory YourDirectory -azureSubscriptionId YourGUID -azureSubscriptionOwner YourAccountName
```
You will be prompted for your Azure credentials one more time as well as prompted to click "Enter" twice as the script runs.
You will be prompted for your Azure credentials one more time as well as prompted to click "Enter" twice as the script runs.

42
Registration/RegisterWithAzure.ps1
Просмотреть файл

@ -1,4 +1,4 @@
# Copyright (c) Microsoft Corporation. All rights reserved.
# Copyright (c) Microsoft Corporation. All rights reserved.
# See LICENSE.txt in the project root for license information.
<#
@ -58,28 +58,28 @@ This script must be run from the Host machine of the POC.
[CmdletBinding()]
param(
[Parameter(Mandatory=$false)]
[Parameter(Mandatory = $false)]
[PSCredential] $azureCredential,
[Parameter(Mandatory=$true)]
[Parameter(Mandatory = $true)]
[String] $azureAccountId,
[Parameter(Mandatory=$true)]
[Parameter(Mandatory = $true)]
[String] $azureSubscriptionId,
[Parameter(Mandatory=$true)]
[Parameter(Mandatory = $true)]
[String] $azureDirectoryTenantName,
[Parameter(Mandatory=$false)]
[Parameter(Mandatory = $false)]
[String] $azureEnvironment = "AzureCloud",
[Parameter(Mandatory=$false)]
[Parameter(Mandatory = $false)]
[String] $azureResourceManagerEndpoint = "https://management.azure.com",
[Parameter(Mandatory=$false)]
[Switch] $enableSyndication = $true,
[Parameter(Mandatory = $false)]
[bool] $enableSyndication = $true,
[Parameter(Mandatory=$false)]
[Parameter(Mandatory = $false)]
[Switch] $reportUsage = $false
)
@ -88,7 +88,7 @@ param(
#requires -RunAsAdministrator
$ErrorActionPreference = [System.Management.Automation.ActionPreference]::Stop
$VerbosePreference = [System.Management.Automation.ActionPreference]::Continue
$VerbosePreference = [System.Management.Automation.ActionPreference]::Continue
Import-Module C:\CloudDeployment\ECEngine\EnterpriseCloudEngine.psd1 -Force
Set-Location C:\CloudDeployment\Setup\Activation\Bridge
@ -98,13 +98,11 @@ Set-Location C:\CloudDeployment\Setup\Activation\Bridge
#
$versionInfo = [xml] (Get-Content -Path C:\CloudDeployment\Configuration\Version\version.xml)
$minVersion = "1.0.170501.1"
if($versionInfo.Version -lt $minVersion)
{
$minVersion = "1.0.170501.1"
if ($versionInfo.Version -lt $minVersion) {
Write-Error -Message "Script only applicable for Azure Stack builds $minVersion or later"
}
else
{
else {
Write-Verbose -Message "Running registration on build $($versionInfo.Version)" -Verbose
}
@ -115,13 +113,11 @@ else
Import-Module C:\CloudDeployment\Setup\Common\AzureADConfiguration.psm1 -ErrorAction Stop
$AzureDirectoryTenantId = Get-TenantIdFromName -azureEnvironment $azureEnvironment -tenantName $azureDirectoryTenantName
if(-not $azureCredential)
{
if (-not $azureCredential) {
Write-Verbose "Prompt user to enter Azure Credentials to get refresh token"
$tenantDetails = Get-AzureADTenantDetails -AzureEnvironment $azureEnvironment -AADDirectoryTenantName $azureDirectoryTenantName
}
else
{
else {
Write-Verbose "Using provided Azure Credentials to get refresh token"
$tenantDetails = Get-AzureADTenantDetails -AzureEnvironment $azureEnvironment -AADDirectoryTenantName $azureDirectoryTenantName -AADAdminCredential $azureCredential
}
@ -194,12 +190,10 @@ $regResponse = Get-Content -path $activationDataFile
$bytes = [System.Text.Encoding]::UTF8.GetBytes($regResponse)
$activationCode = [Convert]::ToBase64String($bytes)
try
{
try {
.\Activate-Bridge.ps1 -activationCode $activationCode -AzureResourceManagerEndpoint $azureResourceManagerEndpoint -Verbose
}
catch
{
catch {
$exceptionMessage = $_.Exception.Message
if($exceptionMessage.Contains("Application is currently being upgraded"))

328
ServiceAdmin/AzureStack.ServiceAdmin.psm1
Просмотреть файл

@ -2,239 +2,159 @@
# See LICENSE.txt in the project root for license information.
#requires -Version 4.0
#requires -Modules AzureStack.Connect
<#
.SYNOPSIS
Creates "default" tenant offer with unlimited quotas across Compute, Network, Storage and KeyVault services.
#>
function New-AzSTenantOfferAndQuotas
{
param (
[parameter(HelpMessage="Name of the offer to be made advailable to tenants")]
[string] $Name ="default",
[parameter(HelpMessage="Azure Stack region in which to define plans and quotas")]
[string]$Location = "local",
[Parameter(HelpMessage="If this parameter is not specified all quotas are assigned. Provide a sub selection of quotas in this parameter if you do not want all quotas assigned.")]
[ValidateSet('Compute','Network','Storage','KeyVault','Subscriptions',IgnoreCase =$true)]
[array]$ServiceQuotas,
[parameter(Mandatory=$true,HelpMessage="The name of the AzureStack environment")]
[string] $EnvironmentName,
[parameter(Mandatory=$true,HelpMessage="Azure Stack service administrator credential")]
[pscredential] $azureStackCredentials,
[parameter(mandatory=$true, HelpMessage="TenantID of Identity Tenant")]
[string] $tenantID
)
$azureStackEnvironment = Get-AzureRmEnvironment -Name $EnvironmentName -ErrorAction SilentlyContinue
if($azureStackEnvironment -ne $null) {
$ARMEndpoint = $azureStackEnvironment.ResourceManagerUrl
}
else {
Write-Error "The Azure Stack Admin environment with the name $EnvironmentName does not exist. Create one with Add-AzureStackAzureRmEnvironment." -ErrorAction Stop
}
Write-Verbose "Obtaining token from AAD..." -Verbose
$subscription, $headers = (Get-AzureStackAdminSubTokenHeader -TenantId $tenantId -AzureStackCredentials $azureStackCredentials -EnvironmentName $EnvironmentName)
Write-Verbose "Creating quotas..." -Verbose
$Quotas = @()
if ((!($ServiceQuotas)) -or ($ServiceQuotas -match 'Compute')){ $Quotas += New-ComputeQuota -AdminUri $armEndPoint -SubscriptionId $subscription -AzureStackTokenHeader $headers -ArmLocation $Location }
if ((!($ServiceQuotas)) -or ($ServiceQuotas -match 'Network')){ $Quotas += New-NetworkQuota -AdminUri $armEndPoint -SubscriptionId $subscription -AzureStackTokenHeader $headers -ArmLocation $Location }
if ((!($ServiceQuotas)) -or ($ServiceQuotas -match 'Storage')){ $Quotas += New-StorageQuota -AdminUri $armEndPoint -SubscriptionId $subscription -AzureStackTokenHeader $headers -ArmLocation $Location }
if ((!($ServiceQuotas)) -or ($ServiceQuotas -match 'KeyVault')){ $Quotas += Get-KeyVaultQuota -AdminUri $armEndPoint -SubscriptionId $subscription -AzureStackTokenHeader $headers -ArmLocation $Location }
if ((!($ServiceQuotas)) -or ($ServiceQuotas -match 'Subscriptions')){ $Quotas += Get-SubscriptionsQuota -AdminUri $armEndpoint -SubscriptionId $subscription -AzureStackTokenHeader $headers -ArmLocation $Location }
Write-Verbose "Creating resource group for plans and offers..." -Verbose
if (Get-AzureRmResourceGroup -Name $Name -ErrorAction SilentlyContinue)
{
Remove-AzureRmResourceGroup -Name $Name -Force -ErrorAction Stop
}
New-AzureRmResourceGroup -Name $Name -Location $Location -ErrorAction Stop
Write-Verbose "Creating plan..." -Verbose
$plan = New-AzureRMPlan -Name $Name -DisplayName $Name -ArmLocation $Location -ResourceGroup $Name -QuotaIds $Quotas
Write-Verbose "Creating public offer..." -Verbose
$offer = New-AzureRMOffer -Name $Name -DisplayName $Name -State Public -BasePlanIds @($plan.Id) -ArmLocation $Location -ResourceGroup $Name
return $offer
}
Export-ModuleMember New-AzSTenantOfferAndQuotas
function Get-SubscriptionsQuota
{
function Add-AzsStorageQuota {
param(
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $AdminUri,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $SubscriptionId,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[hashtable] $AzureStackTokenHeader,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $ArmLocation
)
$getSubscriptionsQuota = @{
Uri = "{0}/subscriptions/{1}/providers/Microsoft.Subscriptions.Admin/locations/{2}/quotas?api-version=2015-11-01" -f $AdminUri, $SubscriptionId, $ArmLocation
Method = "GET"
Headers = $AzureStackTokenHeader
ContentType = "application/json"
}
$subscriptionsQuota = Invoke-RestMethod @getSubscriptionsQuota
$subscriptionsQuota.value.Id
}
function New-StorageQuota
{
param(
[string] $Name ="default",
[string] $Name = "default",
[int] $CapacityInGb = 1000,
[int] $NumberOfStorageAccounts = 2000,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $AdminUri,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $SubscriptionId,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[hashtable] $AzureStackTokenHeader,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $ArmLocation
)
[string] $Location = $null
)
$Location = Get-AzsHomeLocation -Location $Location
$ApiVersion = "2015-12-01-preview"
$uri = "{0}/subscriptions/{1}/providers/Microsoft.Storage.Admin/locations/{2}/quotas/{3}?api-version={4}" -f $AdminUri, $SubscriptionId, $ArmLocation, $Name, $ApiVersion
$RequestBody = @"
{
"name":"$Name",
"location":"$ArmLocation",
"properties": {
"capacityInGb": $CapacityInGb,
"numberOfStorageAccounts": $NumberOfStorageAccounts
$params = @{
ResourceName = "{0}/{1}" -f $Location, $Name
ResourceType = "Microsoft.Storage.Admin/locations/quotas"
ApiVersion = "2015-12-01-preview"
Properties = @{
capacityInGb = $CapacityInGb
numberOfStorageAccounts = $NumberOfStorageAccounts
}
}
"@
$storageQuota = Invoke-RestMethod -Method Put -Uri $uri -Body $RequestBody -ContentType 'application/json' -Headers $AzureStackTokenHeader
$storageQuota.Id
New-AzsServiceQuota @params
}
function New-ComputeQuota
{
function Add-AzsComputeQuota {
param(
[string] $Name ="default",
[string] $Name = "default",
[int] $VmCount = 1000,
[int] $MemoryLimitMB = 1048576,
[int] $CoresLimit = 1000,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $AdminUri,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $SubscriptionId,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[hashtable] $AzureStackTokenHeader,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $ArmLocation
)
[string] $Location = $null
)
$ApiVersion = "2015-12-01-preview"
$uri = "{0}/subscriptions/{1}/providers/Microsoft.Compute.Admin/locations/{2}/quotas/{3}?api-version={4}" -f $AdminUri, $SubscriptionId, $ArmLocation, $Name, $ApiVersion
$RequestBody = @"
{
"name":"$Name",
"type":"Microsoft.Compute.Admin/quotas",
"location":"$ArmLocation",
"properties":{
"virtualMachineCount":$VmCount,
"memoryLimitMB":$MemoryLimitMB,
"coresLimit":$CoresLimit
$Location = Get-AzsHomeLocation -Location $Location
$params = @{
ResourceName = "{0}/{1}" -f $Location, $Name
ResourceType = "Microsoft.Compute.Admin/locations/quotas"
ApiVersion = "2015-12-01-preview"
Properties = @{
virtualMachineCount = $VmCount
memoryLimitMB = $MemoryLimitMB
coresLimit = $CoresLimit
}
}
"@
$computeQuota = Invoke-RestMethod -Method Put -Uri $uri -Body $RequestBody -ContentType 'application/json' -Headers $AzureStackTokenHeader
$computeQuota.Id
New-AzsServiceQuota @params
}
function New-NetworkQuota
{
function Add-AzsNetworkQuota {
param(
[string] $Name ="default",
[int] $PublicIpsPerSubscription = 500,
[int] $VNetsPerSubscription = 500,
[int] $GatewaysPerSubscription = 10,
[int] $ConnectionsPerSubscription = 20,
[int] $LoadBalancersPerSubscription = 500,
[int] $NicsPerSubscription = 1000,
[int] $SecurityGroupsPerSubscription = 500,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $AdminUri,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $SubscriptionId,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[hashtable] $AzureStackTokenHeader,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $ArmLocation
[string] $Name = "default",
[int] $PublicIpsPerSubscription = 500,
[int] $VNetsPerSubscription = 500,
[int] $GatewaysPerSubscription = 10,
[int] $ConnectionsPerSubscription = 20,
[int] $LoadBalancersPerSubscription = 500,
[int] $NicsPerSubscription = 1000,
[int] $SecurityGroupsPerSubscription = 500,
[string] $Location = $null
)
$ApiVersion = "2015-06-15"
$uri = "{0}/subscriptions/{1}/providers/Microsoft.Network.Admin/locations/{2}/quotas/{3}?api-version={4}" -f $AdminUri, $SubscriptionId, $ArmLocation, $Name, $ApiVersion
$id = "/subscriptions/{0}/providers/Microsoft.Network.Admin/locations/{1}/quotas/{2}" -f $SubscriptionId, $ArmLocation, $quotaName
$RequestBody = @"
{
"id":"$id",
"name":"$Name",
"type":"Microsoft.Network.Admin/quotas",
"location":"$ArmLocation",
"properties":{
"maxPublicIpsPerSubscription":$PublicIpsPerSubscription,
"maxVnetsPerSubscription":$VNetsPerSubscription,
"maxVirtualNetworkGatewaysPerSubscription":$GatewaysPerSubscription,
"maxVirtualNetworkGatewayConnectionsPerSubscription":$ConnectionsPerSubscription,
"maxLoadBalancersPerSubscription":$LoadBalancersPerSubscription,
"maxNicsPerSubscription":$NicsPerSubscription,
"maxSecurityGroupsPerSubscription":$SecurityGroupsPerSubscription,
$Location = Get-AzsHomeLocation -Location $Location
$params = @{
ResourceName = "{0}/{1}" -f $Location, $Name
ResourceType = "Microsoft.Network.Admin/locations/quotas"
ApiVersion = "2015-06-15"
Properties = @{
maxPublicIpsPerSubscription = $PublicIpsPerSubscription
maxVnetsPerSubscription = $VNetsPerSubscription
maxVirtualNetworkGatewaysPerSubscription = $GatewaysPerSubscription
maxVirtualNetworkGatewayConnectionsPerSubscription = $ConnectionsPerSubscription
maxLoadBalancersPerSubscription = $LoadBalancersPerSubscription
maxNicsPerSubscription = $NicsPerSubscription
maxSecurityGroupsPerSubscription = $SecurityGroupsPerSubscription
}
}
"@
$networkQuota = Invoke-RestMethod -Method Put -Uri $uri -Body $RequestBody -ContentType 'application/json' -Headers $AzureStackTokenHeader
$networkQuota.Id
New-AzsServiceQuota @params
}
function Get-KeyVaultQuota
{
function Get-AzsSubscriptionsQuota {
param(
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $AdminUri,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $SubscriptionId,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[hashtable] $AzureStackTokenHeader,
[parameter(Mandatory=$true)]
[ValidateNotNullOrEmpty()]
[string] $ArmLocation
)
[string] $Location
)
$uri = "{0}/subscriptions/{1}/providers/Microsoft.Keyvault.Admin/locations/{2}/quotas?api-version=2014-04-01-preview" -f $AdminUri, $SubscriptionId, $ArmLocation
$kvQuota = Invoke-RestMethod -Method Get -Uri $uri -Headers $AzureStackTokenHeader -ContentType 'application/json'
$kvQuota.Value.Id
$Location = Get-AzsHomeLocation -Location $Location
$params = @{
ResourceName = $Location
ResourceType = "Microsoft.Subscriptions.Admin/locations/quotas"
ApiVersion = "2015-11-01"
}
Get-AzsServiceQuota @params
}
function Get-AzsKeyVaultQuota {
param(
[string] $Location
)
$Location = Get-AzsHomeLocation -Location $Location
$params = @{
ResourceName = $Location
ResourceType = "Microsoft.Keyvault.Admin/locations/quotas"
ApiVersion = "2014-04-01-preview"
}
Get-AzsServiceQuota @params
}
function Get-AzsHomeLocation {
param(
[string] $Location
)
if ($Location) {
return $Location
}
$locationResource = Get-AzsLocation
return $locationResource.Name
}
function New-AzsServiceQuota {
param(
[string] $ResourceName,
[string] $ResourceType,
[string] $ApiVersion,
[PSObject] $Properties
)
$serviceQuota = New-AzureRmResource -ResourceName $ResourceName -ResourceType $ResourceType -ApiVersion $ApiVersion -Properties $Properties -Force
$serviceQuota.ResourceId
}
function Get-AzsServiceQuota {
param(
[string] $ResourceName,
[string] $ResourceType,
[string] $ApiVersion
)
$serviceQuota = Get-AzureRmResource -ResourceName $ResourceName -ApiVersion $ApiVersion -ResourceType $ResourceType
$serviceQuota.ResourceId
}

20
ServiceAdmin/README.md
Просмотреть файл

@ -9,35 +9,25 @@ Install-Module -Name 'AzureRm.Bootstrapper' -Scope CurrentUser
Install-AzureRmProfile -profile '2017-03-09-profile' -Force -Scope CurrentUser
Install-Module -Name AzureStack -RequiredVersion 1.2.9 -Scope CurrentUser
```
Then make sure the following modules are imported:
```powershell
Import-Module ..\Connect\AzureStack.Connect.psm1
Import-Module .\AzureStack.ServiceAdmin.psm1
```
You will need to reference your Azure Stack Administrator environment. To create an administrator environment use the below. The ARM endpoint below is the administrator default for a one-node environment.
```powershell
Add-AzureStackAzureRmEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external"
Add-AzsEnvironment -Name "AzureStackAdmin" -ArmEndpoint "https://adminmanagement.local.azurestack.external"
```
Creating quotas/offers/plans requires that you obtain the value of your Directory Tenant ID. For **Azure Active Directory** environments provide your directory tenant name:
```powershell
$TenantID = Get-DirectoryTenantID -AADTenantName "<mydirectorytenant>.onmicrosoft.com" -EnvironmentName AzureStackAdmin
```
For **ADFS** environments use the following:
```powershell
$TenantID = Get-DirectoryTenantID -ADFS -EnvironmentName AzureStackAdmin
```
## Create default plan and quota for tenants
```powershell
New-AzSTenantOfferAndQuotas -tenantID $TenantID -EnvironmentName "AzureStackAdmin"
Add-AzsTenantOfferAndQuota
```
Tenants can now see the "default" offer available to them and can subscribe to it. The offer includes unlimited compute, network, storage and key vault usage.
Tenants can now see the "default" offer available to them and can subscribe to it. The offer includes unlimited compute, network, storage and key vault usage.

28
ServiceAdmin/Tests/ServiceAdmin.Tests.ps1
Просмотреть файл

@ -10,38 +10,12 @@ Describe $script:ModuleName {
Get-Module -Name $script:ModuleName |
Should Not Be $null
}
It 'New-AzSTenantOfferAndQuotas should be exported' {
Get-Command -Name New-AzSTenantOfferAndQuotas -ErrorAction SilentlyContinue |
Should Not Be $null
}
}
}
InModuleScope $script:ModuleName {
$HostComputer = $global:HostComputer
$ArmEndpoint = $global:ArmEndpoint
$natServer = $global:natServer
$AdminUser= $global:AdminUser
$AadServiceAdmin = $global:AadServiceAdmin
$AdminPassword = $global:AdminPassword
$AadServiceAdminPassword = $global:AadServiceAdminPassword
$stackLoginCreds = $global:AzureStackLoginCredentials
$VPNConnectionName = $global:VPNConnectionName
$AadTenant = $global:AadTenantID
$EnvironmentName = $global:EnvironmentName
Describe 'ServiceAdmin - Functional Tests' {
It 'New-AzSTenantOfferAndQuotas should create Quotas, Plan and Offer' {
{ New-AzSTenantOfferAndQuotas -tenantID $AadTenant -AzureStackCredentials $stackLoginCreds -EnvironmentName $EnvironmentName } |
Should Not Throw
}
}
}
}

1994
TemplateValidator/AzureRM.TemplateValidator.psm1
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

23
TemplateValidator/README.md
Просмотреть файл

@ -1,28 +1,37 @@
# Validate Azure ARM Template Capabilities
Instructions below are relative to the .\TemplateValidator folder of the [AzureStack-Tools repo](..).
To Validate Compute Capabilities such as Images, Extensions & Sizes available in the CloudCapabilities.json add -IncludeComputeCapabilities
To Validate Storage Capabilities such as Skus available in the CloudCapabilities.json add -IncludeStorageCapabilities
```powershell
Import-Module ".\AzureRM.TemplateValidator.psm1"
```
# Prerequisites
## Prerequisites
Create CloudCapabilities.json by using Get-AzureRMCloudCapabilities tool [AzureStack-Tools repo/CloudCapabilities](../CloudCapabilities). or use the provided sample AzureStackCapabilities_TP3.json in this folder
For Azure/AzureStack quickstart templates, git clone from below links
https://github.com/Azure/AzureStack-QuickStart-Templates/
https://github.com/Azure/Azure-QuickStart-Templates/
# Usage
`https://github.com/Azure/AzureStack-QuickStart-Templates/`
`https://github.com/Azure/Azure-QuickStart-Templates/`
## Usage
```powershell
$TemplatePath = "<Provide Template(s) Path>"
$CapabilitiesPath = ".\AzureStackCapabilities_TP3.json"
Test-AzureRMTemplate -TemplatePath $TemplatePath -CapabilitiesPath $CapabilitiesPath -Verbose #-IncludeComputeCapabilities -IncludeStorageCapabilities
```
#Reporting Usage
Passed - Validation passed. The template has all the Capabilities to deploy on the validated Cloud
## Reporting Usage
Passed - Validation passed. The template has all the Capabilities to deploy on the validated Cloud
NotSupported - The template Capabilities is currently not supported on the validated cloud
Exception - Exception in processing and validating the template
Recommend - The template has all the Capabilities to deploy on the validated Cloud but has recommendations for best practices
Warning - Changes are required either in Template or the validated cloud to deploy succesfully
# TroubleShooting
## TroubleShooting
For "NotSupported" - Refer the region specific capability JSON for the supported capabilities.
For Warnings(in Console Output) such as "No StorageSkus found in region specific Capabilities JSON file.", Please run Get-AzureRMCloudCapabilities with -IncludeComputeCapabilities and -IncludeStorageCapabilities

20
ToolTestingUtils/ToolTestingScript.ps1
Просмотреть файл

@ -1,19 +1,19 @@
param (
[parameter(mandatory=$true, HelpMessage="Azure Stack One Node host address or name such as '1.2.3.4'")]
[parameter(mandatory = $true, HelpMessage = "Azure Stack One Node host address or name such as '1.2.3.4'")]
[string] $HostComputer,
[Parameter(mandatory=$true, HelpMessage="The Admin ARM endpoint of the Azure Stack Environment")]
[Parameter(mandatory = $true, HelpMessage = "The Admin ARM endpoint of the Azure Stack Environment")]
[string] $ArmEndpoint,
[parameter(HelpMessage="NAT computer name in this Azure Stack Instance")]
[string] $natServer = "AzS-BGPNAT01",
[parameter(HelpMessage="Administrator user name of this Azure Stack Instance")]
[parameter(HelpMessage = "NAT computer name in this Azure Stack Instance")]
[string] $natServer = "Azs-BGPNAT01",
[parameter(HelpMessage = "Administrator user name of this Azure Stack Instance")]
[string] $AdminUser = "administrator",
[parameter(HelpMessage="Administrator Azure Stack Environment Name")]
[parameter(HelpMessage = "Administrator Azure Stack Environment Name")]
[string] $EnvironmentName = "AzureStackAdmin",
[parameter(mandatory=$true, HelpMessage="Administrator password used to deploy this Azure Stack instance")]
[parameter(mandatory = $true, HelpMessage = "Administrator password used to deploy this Azure Stack instance")]
[securestring] $AdminPassword,
[parameter(mandatory=$true, HelpMessage="The AAD service admin user name of this Azure Stack Instance")]
[parameter(mandatory = $true, HelpMessage = "The AAD service admin user name of this Azure Stack Instance")]
[string] $AzureStackServiceAdmin,
[parameter(mandatory=$true, HelpMessage="AAD Service Admin password used to deploy this Azure Stack instance")]
[parameter(mandatory = $true, HelpMessage = "AAD Service Admin password used to deploy this Azure Stack instance")]
[securestring] $AzureStackServiceAdminPassword
)
@ -27,7 +27,7 @@ $global:AzureStackServiceAdmin = $AzureStackServiceAdmin
$global:AzureStackServiceAdminPassword = $AzureStackServiceAdminPassword
$global:EnvironmentName = $EnvironmentName
$ServiceAdminCreds = New-Object System.Management.Automation.PSCredential "$global:AzureStackServiceAdmin", ($global:AzureStackServiceAdminPassword)
$ServiceAdminCreds = New-Object System.Management.Automation.PSCredential "$global:AzureStackServiceAdmin", ($global:AzureStackServiceAdminPassword)
$global:AzureStackLoginCredentials = $ServiceAdminCreds
$global:VPNConnectionName = "AzureStackTestVPN"

5
Usage/README.md
Просмотреть файл

@ -1,3 +1,5 @@
# PreReqs
As a prerequisite, make sure that you installed the correct PowerShell modules and versions:
```powershell
@ -5,7 +7,6 @@ Install-Module -Name 'AzureRm.Bootstrapper' -Scope CurrentUser
Install-AzureRmProfile -profile '2017-03-09-profile' -Force -Scope CurrentUser
Install-Module -Name AzureStack -RequiredVersion 1.2.9 -Scope CurrentUser
```
```
Use this script to extract usage data from the AzureStack Usage API's and export it to a CSV file
For more information on Billing and Usage see [here](https://docs.microsoft.com/en-us/azure/azure-stack/azure-stack-billing-and-chargeback)
```

175
Usage/Usagesummary.ps1
Просмотреть файл

@ -1,26 +1,22 @@
<#
<#
.Synopsis
Exports usage meters from Azure Stack to a csv file
.DESCRIPTION
Long description
.EXAMPLE
Export-AzureStackUsageDetails -StartTime 2/15/2017 -EndTime 2/16/2017 -AzureStackDomain azurestack.local -AADDomain mydir.onmicrosoft.com -Granularity Hourly
Export-AzsUsage -StartTime 2/15/2017 -EndTime 2/16/2017 -Granularity Hourly
#>
function Export-AzureStackUsage {
function Export-AzsUsage {
Param
(
[Parameter(Mandatory = $true)]
[datetime]
$StartTime,
[Parameter(Mandatory = $true)]
[datetime]
$EndTime ,
[Parameter(Mandatory = $true)]
[String]
$AzureStackDomain ,
[Parameter(Mandatory = $true)]
[String]
$AADDomain ,
[Parameter(Mandatory = $false)]
[ValidateSet("Hourly", "Daily")]
[String]
@ -29,15 +25,9 @@ function Export-AzureStackUsage {
[String]
$CsvFile = "UsageSummary.csv",
[Parameter (Mandatory = $false)]
[PSCredential]
$Credential,
[Parameter(Mandatory = $false)]
[Switch]
$TenantUsage,
[Parameter(Mandatory = $false)]
[String]
$Subscription,
[Parameter(Mandatory = $false)]
[Switch]
$Force
)
@ -66,115 +56,80 @@ function Export-AzureStackUsage {
}
#Output Files
if (Test-Path -Path $CsvFile -ErrorAction SilentlyContinue) {
if ($Force) {
if (Test-Path -Path $CsvFile -ErrorAction SilentlyContinue)
{
if ($Force)
{
Remove-Item -Path $CsvFile -Force
}
else {
Write-Host "$CsvFile alreday exists use -Force to overwrite"
Write-Error "'$CsvFile' already exists use -Force to overwrite"
return
}
}
New-Item -Path $CsvFile -ItemType File | Out-Null
#get auth metadata and acquire token for REST call
$api = 'adminmanagement'
if ($TenantUsage) {
$api = 'management'
}
$uri = 'https://{0}.{1}/metadata/endpoints?api-version=1.0' -f $api, $AzureStackDomain
$endpoints = (Invoke-RestMethod -Uri $uri -Method Get)
$activeDirectoryServiceEndpointResourceId = $endpoints.authentication.audiences[0]
$loginEndpoint = $endpoints.authentication.loginEndpoint
$authority = $loginEndpoint + $AADDomain + '/'
$powershellClientId = '0a7bdc5c-7b57-40be-9939-d4c5fc7cd417'
#region Auth
if ($Credential) {
$adminToken = Get-AzureStackToken `
-Authority $authority `
-Resource $activeDirectoryServiceEndpointResourceId `
-AadTenantId $AADDomain `
-ClientId $powershellClientId `
-Credential $Credential
}
else {
$adminToken = Get-AzureStackToken `
-Authority $authority `
-Resource $activeDirectoryServiceEndpointResourceId `
-AadTenantId $AADDomain `
-ClientId $powershellClientId
}
if (!$adminToken) {
Return
}
#endregion
#Setup REST call variables
$headers = @{ Authorization = (('Bearer {0}' -f $adminToken)) }
$armEndpoint = 'https://{0}.{1}' -f $api, $AzureStackDomain
if (!$Subscription) {
#Get default subscription ID
$uri = $armEndpoint + '/subscriptions?api-version=2015-01-01'
$result = Invoke-RestMethod -Method GET -Uri $uri -Headers $headers
$Subscription = $result.value[0].subscriptionId
}
$usageResourceType = "Microsoft.Commerce/locations/subscriberUsageAggregates"
#build usage uri
if (!$TenantUsage) {
$uri = $armEndpoint + '/subscriptions/{0}/providers/Microsoft.Commerce/subscriberUsageAggregates?api-version=2015-06-01-preview&reportedstartTime={1:s}Z&reportedEndTime={2:s}Z&showDetails=true&aggregationGranularity={3}' -f $Subscription, $StartTime, $EndTime, $Granularity
if ($TenantUsage)
{
$usageResourceType = "Microsoft.Commerce/locations/UsageAggregates"
}
else {
$uri = $armEndpoint + '/subscriptions/{0}/providers/Microsoft.Commerce/UsageAggregates?api-version=2015-06-01-preview&reportedstartTime={1:s}Z&reportedEndTime={2:s}Z&showDetails=true&aggregationGranularity={3}' -f $Subscription, $StartTime, $EndTime, $Granularity
}
Do {
$result = Invoke-RestMethod -Method GET -Uri $uri -Headers $headers -ErrorVariable RestError -Verbose
if ($RestError) {
return
}
$usageSummary = @()
$uri = $result.NextLink
$count = $result.value.Count
$Total += $count
$result.value | ForEach-Object {
$record = New-Object -TypeName System.Object
$resourceInfo = ($_.Properties.InstanceData |ConvertFrom-Json).'Microsoft.Resources'
$resourceText = $resourceInfo.resourceUri.Replace('\', '/')
$subscription = $resourceText.Split('/')[2]
$resourceType = $resourceText.Split('/')[7]
$resourceName = $resourceText.Split('/')[8]
#$record | Add-Member -Name Name -MemberType NoteProperty -Value $_.Name
#$record | Add-Member -Name Type -MemberType NoteProperty -Value $_.Type
$record | Add-Member -Name MeterId -MemberType NoteProperty -Value $_.Properties.MeterId
if ($meters.ContainsKey($_.Properties.MeterId)) {
$record | Add-Member -Name MeterName -MemberType NoteProperty -Value $meters[$_.Properties.MeterId]
}
$record | Add-Member -Name Quantity -MemberType NoteProperty -Value $_.Properties.Quantity
$record | Add-Member -Name UsageStartTime -MemberType NoteProperty -Value $_.Properties.UsageStartTime
$record | Add-Member -Name UsageEndTime -MemberType NoteProperty -Value $_.Properties.UsageEndTime
$record | Add-Member -Name additionalInfo -MemberType NoteProperty -Value $resourceInfo.additionalInfo
$record | Add-Member -Name location -MemberType NoteProperty -Value $resourceInfo.location
$record | Add-Member -Name tags -MemberType NoteProperty -Value $resourceInfo.tags
$record | Add-Member -Name subscription -MemberType NoteProperty -Value $subscription
$record | Add-Member -Name resourceType -MemberType NoteProperty -Value $resourceType
$record | Add-Member -Name resourceName -MemberType NoteProperty -Value $resourceName
$record | Add-Member -Name resourceUri -MemberType NoteProperty -Value $resourceText
$usageSummary += $record
}
$usageSummary | Export-Csv -Path $CsvFile -Append -NoTypeInformation
if ($PSBoundParameters.ContainsKey(Debug)) {
$result.value | Export-Csv -Path "$CsvFile.raw" -Append -NoTypeInformation
}
$params = @{
ResourceName = '../'
ResourceType = $usageResourceType
ApiVersion = "2015-06-01-preview"
ODataQuery = "reportedStartTime={0:s}&reportedEndTime={1:s}&showDetails=true&aggregationGranularity={2}" -f $StartTime, $EndTime, $Granularity
}
While ($count -ne 0)
$result = Get-AzureRmResource @params -ErrorVariable RestError -Verbose
if ($RestError)
{
return
}
$usageSummary = @()
$count = $result.Count
$Total += $count
$result | ForEach-Object
{
$record = New-Object -TypeName System.Object
$resourceInfo = ($_.Properties.InstanceData | ConvertFrom-Json).'Microsoft.Resources'
$resourceText = $resourceInfo.resourceUri.Replace('\', '/')
$subscription = $resourceText.Split('/')[2]
$resourceType = $resourceText.Split('/')[7]
$resourceName = $resourceText.Split('/')[8]
#$record | Add-Member -Name Name -MemberType NoteProperty -Value $_.Name
#$record | Add-Member -Name Type -MemberType NoteProperty -Value $_.Type
$record | Add-Member -Name MeterId -MemberType NoteProperty -Value $_.Properties.MeterId
if ($meters.ContainsKey($_.Properties.MeterId)) {
$record | Add-Member -Name MeterName -MemberType NoteProperty -Value $meters[$_.Properties.MeterId]
}
$record | Add-Member -Name Quantity -MemberType NoteProperty -Value $_.Properties.Quantity
$record | Add-Member -Name UsageStartTime -MemberType NoteProperty -Value $_.Properties.UsageStartTime
$record | Add-Member -Name UsageEndTime -MemberType NoteProperty -Value $_.Properties.UsageEndTime
$record | Add-Member -Name additionalInfo -MemberType NoteProperty -Value $resourceInfo.additionalInfo
$record | Add-Member -Name location -MemberType NoteProperty -Value $resourceInfo.location
$record | Add-Member -Name tags -MemberType NoteProperty -Value $resourceInfo.tags
$record | Add-Member -Name subscription -MemberType NoteProperty -Value $subscription
$record | Add-Member -Name resourceType -MemberType NoteProperty -Value $resourceType
$record | Add-Member -Name resourceName -MemberType NoteProperty -Value $resourceName
$record | Add-Member -Name resourceUri -MemberType NoteProperty -Value $resourceText
$usageSummary += $record
}
$usageSummary | Export-Csv -Path $CsvFile -Append -NoTypeInformation
if ($PSBoundParameters.ContainsKey('Debug'))
{
$result | Export-Csv -Path "$CsvFile.raw" -Append -NoTypeInformation
}
Write-Host "Complete - $Total Usage records written to $CsvFile"
}
#Main
$aadCred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList '<user@domain>', (ConvertTo-SecureString -String 'XXX' -AsPlainText -Force)
Export-AzureStackUsage -StartTime 3/1/2017 -EndTime 3/13/2017 -AzureStackDomain 'local.azurestack.external' -AADDomain '<domain>' -Credential $aadCred -Granularity Hourly -Debug -Force
Export-AzsUsage -StartTime 6/10/2017 -EndTime 6/11/2017 -Granularity Hourly -Force