Azure
/
aks-engine
зеркало из https://github.com/Azure/aks-engine.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
aks-engine/examples/scale-up/kubernetes_update_template....

1950 строки
90 KiB
JSON
Исходник Ответственный История

{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"agentpool1Count": {
"allowedValues": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77,
78,
79,
80,
81,
82,
83,
84,
85,
86,
87,
88,
89,
90,
91,
92,
93,
94,
95,
96,
97,
98,
99,
100
],
"defaultValue": 3,
"metadata": {
"description": "The number of agents for the cluster. This value can be from 1 to 100"
},
"type": "int"
},
"agentpool1Offset": {
"allowedValues": [
0,
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77,
78,
79,
80,
81,
82,
83,
84,
85,
86,
87,
88,
89,
90,
91,
92,
93,
94,
95,
96,
97,
98,
99,
100
],
"defaultValue": 0,
"metadata": {
"description": "The offset into the agent pool where to start creating agents. This value can be from 0 to 100"
},
"type": "int"
},
"agentpool1Subnet": {
"defaultValue": "10.240.0.0/16",
"metadata": {
"description": "Sets the subnet of agent pool 'agentpool1'."
},
"type": "string"
},
"agentpool1VMSize": {
"allowedValues": [
"Standard_A10",
"Standard_A11",
"Standard_A2",
"Standard_A2_v2",
"Standard_A2m_v2",
"Standard_A3",
"Standard_A4",
"Standard_A4_v2",
"Standard_A4m_v2",
"Standard_A5",
"Standard_A6",
"Standard_A7",
"Standard_A8",
"Standard_A8_v2",
"Standard_A8m_v2",
"Standard_A9",
"Standard_D11",
"Standard_D11_v2",
"Standard_D12",
"Standard_D12_v2",
"Standard_D13",
"Standard_D13_v2",
"Standard_D14",
"Standard_D14_v2",
"Standard_D15_v2",
"Standard_D2",
"Standard_D2_v2",
"Standard_D3",
"Standard_D3_v2",
"Standard_D4",
"Standard_D4_v2",
"Standard_D5_v2",
"Standard_DS11",
"Standard_DS11_v2",
"Standard_DS12",
"Standard_DS12_v2",
"Standard_DS13",
"Standard_DS13_v2",
"Standard_DS14",
"Standard_DS14_v2",
"Standard_DS15_v2",
"Standard_DS2",
"Standard_DS2_v2",
"Standard_DS3",
"Standard_DS3_v2",
"Standard_DS4",
"Standard_DS4_v2",
"Standard_DS5_v2",
"Standard_F16",
"Standard_F16s",
"Standard_F2",
"Standard_F2s",
"Standard_F4",
"Standard_F4s",
"Standard_F8",
"Standard_F8s",
"Standard_G1",
"Standard_G2",
"Standard_G3",
"Standard_G4",
"Standard_G5",
"Standard_GS1",
"Standard_GS2",
"Standard_GS3",
"Standard_GS4",
"Standard_GS5",
"Standard_H16",
"Standard_H16m",
"Standard_H16mr",
"Standard_H16r",
"Standard_H8",
"Standard_H8m",
"Standard_NC12",
"Standard_NC24",
"Standard_NC24r",
"Standard_NC6",
"Standard_NV12",
"Standard_NV24",
"Standard_NV6"
],
"defaultValue": "Standard_D2_v2",
"metadata": {
"description": "The size of the Virtual Machine."
},
"type": "string"
},
"agentpool2Count": {
"allowedValues": [
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77,
78,
79,
80,
81,
82,
83,
84,
85,
86,
87,
88,
89,
90,
91,
92,
93,
94,
95,
96,
97,
98,
99,
100
],
"defaultValue": 3,
"metadata": {
"description": "The number of agents for the cluster. This value can be from 1 to 100"
},
"type": "int"
},
"agentpool2Offset": {
"allowedValues": [
0,
1,
2,
3,
4,
5,
6,
7,
8,
9,
10,
11,
12,
13,
14,
15,
16,
17,
18,
19,
20,
21,
22,
23,
24,
25,
26,
27,
28,
29,
30,
31,
32,
33,
34,
35,
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77,
78,
79,
80,
81,
82,
83,
84,
85,
86,
87,
88,
89,
90,
91,
92,
93,
94,
95,
96,
97,
98,
99,
100
],
"defaultValue": 0,
"metadata": {
"description": "The offset into the agent pool where to start creating agents. This value can be from 0 to 100"
},
"type": "int"
},
"agentpool2Subnet": {
"defaultValue": "10.240.0.0/16",
"metadata": {
"description": "Sets the subnet of agent pool 'agentpool2'."
},
"type": "string"
},
"agentpool2VMSize": {
"allowedValues": [
"Standard_A10",
"Standard_A11",
"Standard_A2",
"Standard_A2_v2",
"Standard_A2m_v2",
"Standard_A3",
"Standard_A4",
"Standard_A4_v2",
"Standard_A4m_v2",
"Standard_A5",
"Standard_A6",
"Standard_A7",
"Standard_A8",
"Standard_A8_v2",
"Standard_A8m_v2",
"Standard_A9",
"Standard_D11",
"Standard_D11_v2",
"Standard_D12",
"Standard_D12_v2",
"Standard_D13",
"Standard_D13_v2",
"Standard_D14",
"Standard_D14_v2",
"Standard_D15_v2",
"Standard_D2",
"Standard_D2_v2",
"Standard_D3",
"Standard_D3_v2",
"Standard_D4",
"Standard_D4_v2",
"Standard_D5_v2",
"Standard_DS11",
"Standard_DS11_v2",
"Standard_DS12",
"Standard_DS12_v2",
"Standard_DS13",
"Standard_DS13_v2",
"Standard_DS14",
"Standard_DS14_v2",
"Standard_DS15_v2",
"Standard_DS2",
"Standard_DS2_v2",
"Standard_DS3",
"Standard_DS3_v2",
"Standard_DS4",
"Standard_DS4_v2",
"Standard_DS5_v2",
"Standard_F16",
"Standard_F16s",
"Standard_F2",
"Standard_F2s",
"Standard_F4",
"Standard_F4s",
"Standard_F8",
"Standard_F8s",
"Standard_G1",
"Standard_G2",
"Standard_G3",
"Standard_G4",
"Standard_G5",
"Standard_GS1",
"Standard_GS2",
"Standard_GS3",
"Standard_GS4",
"Standard_GS5",
"Standard_H16",
"Standard_H16m",
"Standard_H16mr",
"Standard_H16r",
"Standard_H8",
"Standard_H8m",
"Standard_NC12",
"Standard_NC24",
"Standard_NC24r",
"Standard_NC6",
"Standard_NV12",
"Standard_NV24",
"Standard_NV6"
],
"defaultValue": "Standard_D2_v2",
"metadata": {
"description": "The size of the Virtual Machine."
},
"type": "string"
},
"apiServerCertificate": {
"metadata": {
"description": "The base 64 server certificate used on the master"
},
"type": "string"
},
"apiServerPrivateKey": {
"metadata": {
"description": "The base 64 server private key used on the master."
},
"type": "securestring"
},
"caCertificate": {
"metadata": {
"description": "The base 64 certificate authority certificate"
},
"type": "string"
},
"clientCertificate": {
"metadata": {
"description": "The base 64 client certificate used to communicate with the master"
},
"type": "string"
},
"clientPrivateKey": {
"metadata": {
"description": "The base 64 client private key used to communicate with the master"
},
"type": "securestring"
},
"dockerEngineDownloadRepo": {
"defaultValue": "https://apt.dockerproject.org/repo",
"metadata": {
"description": "The docker engine download url for kubernetes."
},
"type": "string"
},
"firstConsecutiveStaticIP": {
"defaultValue": "10.240.255.5",
"metadata": {
"description": "Sets the static IP of the first master"
},
"type": "string"
},
"kubeConfigCertificate": {
"metadata": {
"description": "The base 64 certificate used by cli to communicate with the master"
},
"type": "string"
},
"kubeConfigPrivateKey": {
"metadata": {
"description": "The base 64 private key used by cli to communicate with the master"
},
"type": "securestring"
},
"kubernetesAddonManagerSpec": {
"defaultValue": "",
"metadata": {
"description": "The container spec for hyperkube."
},
"type": "string"
},
"kubernetesAddonResizerSpec": {
"defaultValue": "",
"metadata": {
"description": "The container spec for addon-resizer."
},
"type": "string"
},
"kubernetesDNSMasqSpec": {
"defaultValue": "",
"metadata": {
"description": "The container spec for kube-dnsmasq-amd64."
},
"type": "string"
},
"kubernetesDashboardSpec": {
"defaultValue": "",
"metadata": {
"description": "The container spec for kubernetes-dashboard-amd64."
},
"type": "string"
},
"kubernetesExecHealthzSpec": {
"defaultValue": "",
"metadata": {
"description": "The container spec for exechealthz-amd64."
},
"type": "string"
},
"kubernetesHeapsterSpec": {
"defaultValue": "",
"metadata": {
"description": "The container spec for heapster."
},
"type": "string"
},
"kubernetesHyperkubeSpec": {
"defaultValue": "",
"metadata": {
"description": "The container spec for hyperkube."
},
"type": "string"
},
"kubernetesKubeDNSSpec": {
"defaultValue": "",
"metadata": {
"description": "The container spec for kubedns-amd64."
},
"type": "string"
},
"kubernetesPodInfraContainerSpec": {
"defaultValue": "",
"metadata": {
"description": "The container spec for pod infra."
},
"type": "string"
},
"linuxAdminUsername": {
"metadata": {
"description": "User name for the Linux Virtual Machines (SSH or Password)."
},
"type": "string"
},
"masterEndpointDNSNamePrefix": {
"metadata": {
"description": "Sets the Domain name label for the master IP Address. The concatenation of the domain name label and the regional DNS zone make up the fully qualified domain name associated with the public IP address."
},
"type": "string"
},
"masterSubnet": {
"defaultValue": "10.240.0.0/16",
"metadata": {
"description": "Sets the subnet of the master node(s)."
},
"type": "string"
},
"masterVMSize": {
"allowedValues": [
"Standard_A10",
"Standard_A11",
"Standard_A2",
"Standard_A2_v2",
"Standard_A2m_v2",
"Standard_A3",
"Standard_A4",
"Standard_A4_v2",
"Standard_A4m_v2",
"Standard_A5",
"Standard_A6",
"Standard_A7",
"Standard_A8",
"Standard_A8_v2",
"Standard_A8m_v2",
"Standard_A9",
"Standard_D11",
"Standard_D11_v2",
"Standard_D12",
"Standard_D12_v2",
"Standard_D13",
"Standard_D13_v2",
"Standard_D14",
"Standard_D14_v2",
"Standard_D15_v2",
"Standard_D2",
"Standard_D2_v2",
"Standard_D3",
"Standard_D3_v2",
"Standard_D4",
"Standard_D4_v2",
"Standard_D5_v2",
"Standard_DS11",
"Standard_DS11_v2",
"Standard_DS12",
"Standard_DS12_v2",
"Standard_DS13",
"Standard_DS13_v2",
"Standard_DS14",
"Standard_DS14_v2",
"Standard_DS15_v2",
"Standard_DS2",
"Standard_DS2_v2",
"Standard_DS3",
"Standard_DS3_v2",
"Standard_DS4",
"Standard_DS4_v2",
"Standard_DS5_v2",
"Standard_F16",
"Standard_F16s",
"Standard_F2",
"Standard_F2s",
"Standard_F4",
"Standard_F4s",
"Standard_F8",
"Standard_F8s",
"Standard_G1",
"Standard_G2",
"Standard_G3",
"Standard_G4",
"Standard_G5",
"Standard_GS1",
"Standard_GS2",
"Standard_GS3",
"Standard_GS4",
"Standard_GS5",
"Standard_H16",
"Standard_H16m",
"Standard_H16mr",
"Standard_H16r",
"Standard_H8",
"Standard_H8m",
"Standard_NC12",
"Standard_NC24",
"Standard_NC24r",
"Standard_NC6",
"Standard_NV12",
"Standard_NV24",
"Standard_NV6"
],
"metadata": {
"description": "The size of the Virtual Machine."
},
"type": "string"
},
"nameSuffix": {
"defaultValue": "31559618",
"metadata": {
"description": "A string hash of the master DNS name to uniquely identify the cluster."
},
"type": "string"
},
"servicePrincipalClientId": {
"metadata": {
"description": "Client ID (used by cloudprovider)"
},
"type": "securestring"
},
"servicePrincipalClientSecret": {
"metadata": {
"description": "The Service Principal Client Secret."
},
"type": "securestring"
},
"sshRSAPublicKey": {
"metadata": {
"description": "SSH public key used for auth to all Linux machines. Not Required. If not set, you must provide a password key."
},
"type": "string"
},
"targetEnvironment": {
"defaultValue": "AzurePublicCloud",
"metadata": {
"description": "The azure deploy environment. Currently support: AzurePublicCloud, AzureChinaCloud"
},
"type": "string"
}
},
"variables": {
"agentpool1AccountName": "[concat(variables('storageAccountBaseName'), 'agnt0')]",
"agentpool1AvailabilitySet": "[concat('agentpool1-availabilitySet-', variables('nameSuffix'))]",
"agentpool1Count": "[parameters('agentpool1Count')]",
"agentpool1Index": 0,
"agentpool1Offset": "[parameters('agentpool1Offset')]",
"agentpool1StorageAccountOffset": "[mul(variables('maxStorageAccountsPerAgent'),variables('agentpool1Index'))]",
"agentpool1StorageAccountsCount": "[add(div(variables('agentpool1Count'), variables('maxVMsPerStorageAccount')), mod(add(mod(variables('agentpool1Count'), variables('maxVMsPerStorageAccount')),2), add(mod(variables('agentpool1Count'), variables('maxVMsPerStorageAccount')),1)))]",
"agentpool1SubnetName": "[variables('subnetName')]",
"agentpool1VMNamePrefix": "[concat(variables('orchestratorName'), '-agentpool1-', variables('nameSuffix'), '-')]",
"agentpool1VMSize": "[parameters('agentpool1VMSize')]",
"agentpool1VnetSubnetID": "[variables('vnetSubnetID')]",
"agentpool2AccountName": "[concat(variables('storageAccountBaseName'), 'agnt1')]",
"agentpool2AvailabilitySet": "[concat('agentpool2-availabilitySet-', variables('nameSuffix'))]",
"agentpool2Count": "[parameters('agentpool2Count')]",
"agentpool2Index": 1,
"agentpool2Offset": "[parameters('agentpool2Offset')]",
"agentpool2StorageAccountOffset": "[mul(variables('maxStorageAccountsPerAgent'),variables('agentpool2Index'))]",
"agentpool2StorageAccountsCount": "[add(div(variables('agentpool2Count'), variables('maxVMsPerStorageAccount')), mod(add(mod(variables('agentpool2Count'), variables('maxVMsPerStorageAccount')),2), add(mod(variables('agentpool2Count'), variables('maxVMsPerStorageAccount')),1)))]",
"agentpool2SubnetName": "[variables('subnetName')]",
"agentpool2VMNamePrefix": "[concat(variables('orchestratorName'), '-agentpool2-', variables('nameSuffix'), '-')]",
"agentpool2VMSize": "[parameters('agentpool2VMSize')]",
"agentpool2VnetSubnetID": "[variables('vnetSubnetID')]",
"apiServerCertificate": "[parameters('apiServerCertificate')]",
"apiServerPrivateKey": "[parameters('apiServerPrivateKey')]",
"apiVersionDefault": "2016-03-30",
"apiVersionStorage": "2015-06-15",
"caCertificate": "[parameters('caCertificate')]",
"clientCertificate": "[parameters('clientCertificate')]",
"clientPrivateKey": "[parameters('clientPrivateKey')]",
"dockerEngineDownloadRepo": "[parameters('dockerEngineDownloadRepo')]",
"dockerEngineVersion": "1.12.*",
"kubeConfigCertificate": "[parameters('kubeConfigCertificate')]",
"kubeConfigPrivateKey": "[parameters('kubeConfigPrivateKey')]",
"kubeDnsServiceIp": "10.0.0.10",
"kubeServiceCidr": "10.0.0.0/16",
"kubernetesAddonManagerSpec": "[parameters('kubernetesAddonManagerSpec')]",
"kubernetesAddonResizerSpec": "[parameters('kubernetesAddonResizerSpec')]",
"kubernetesDNSMasqSpec": "[parameters('kubernetesDNSMasqSpec')]",
"kubernetesDashboardSpec": "[parameters('kubernetesDashboardSpec')]",
"kubernetesExecHealthzSpec": "[parameters('kubernetesExecHealthzSpec')]",
"kubernetesHeapsterSpec": "[parameters('kubernetesHeapsterSpec')]",
"kubernetesHyperkubeSpec": "[parameters('kubernetesHyperkubeSpec')]",
"kubernetesKubeDNSSpec": "[parameters('kubernetesKubeDNSSpec')]",
"kubernetesPodInfraContainerSpec": "[parameters('kubernetesPodInfraContainerSpec')]",
"location": "[resourceGroup().location]",
"masterAvailabilitySet": "[concat('master-availabilityset-', variables('nameSuffix'))]",
"masterCount": 1,
"masterEtcdClientPort": 2379,
"masterEtcdClientURLs": [
"[concat('http://', variables('masterPrivateIpAddrs')[0], ':', variables('masterEtcdClientPort'))]",
"[concat('http://', variables('masterPrivateIpAddrs')[1], ':', variables('masterEtcdClientPort'))]",
"[concat('http://', variables('masterPrivateIpAddrs')[2], ':', variables('masterEtcdClientPort'))]",
"[concat('http://', variables('masterPrivateIpAddrs')[3], ':', variables('masterEtcdClientPort'))]",
"[concat('http://', variables('masterPrivateIpAddrs')[4], ':', variables('masterEtcdClientPort'))]"
],
"masterEtcdClusterStates": [
"[concat(variables('masterVMNames')[0], '=', variables('masterEtcdPeerURLs')[0])]",
"[concat(variables('masterVMNames')[0], '=', variables('masterEtcdPeerURLs')[0], ',', variables('masterVMNames')[1], '=', variables('masterEtcdPeerURLs')[1], ',', variables('masterVMNames')[2], '=', variables('masterEtcdPeerURLs')[2])]",
"[concat(variables('masterVMNames')[0], '=', variables('masterEtcdPeerURLs')[0], ',', variables('masterVMNames')[1], '=', variables('masterEtcdPeerURLs')[1], ',', variables('masterVMNames')[2], '=', variables('masterEtcdPeerURLs')[2], ',', variables('masterVMNames')[3], '=', variables('masterEtcdPeerURLs')[3], ',', variables('masterVMNames')[4], '=', variables('masterEtcdPeerURLs')[4])]"
],
"masterEtcdPeerURLs": [
"[concat('http://', variables('masterPrivateIpAddrs')[0], ':', variables('masterEtcdServerPort'))]",
"[concat('http://', variables('masterPrivateIpAddrs')[1], ':', variables('masterEtcdServerPort'))]",
"[concat('http://', variables('masterPrivateIpAddrs')[2], ':', variables('masterEtcdServerPort'))]",
"[concat('http://', variables('masterPrivateIpAddrs')[3], ':', variables('masterEtcdServerPort'))]",
"[concat('http://', variables('masterPrivateIpAddrs')[4], ':', variables('masterEtcdServerPort'))]"
],
"masterEtcdServerPort": 2380,
"masterFirstAddrComment": "these MasterFirstAddrComment are used to place multiple masters consecutively in the address space",
"masterFirstAddrOctet4": "[variables('masterFirstAddrOctets')[3]]",
"masterFirstAddrOctets": "[split(parameters('firstConsecutiveStaticIP'),'.')]",
"masterFirstAddrPrefix": "[concat(variables('masterFirstAddrOctets')[0],'.',variables('masterFirstAddrOctets')[1],'.',variables('masterFirstAddrOctets')[2],'.')]",
"masterFqdnPrefix": "[toLower(parameters('masterEndpointDNSNamePrefix'))]",
"masterInternalLbID": "[resourceId('Microsoft.Network/loadBalancers',variables('masterInternalLbName'))]",
"masterInternalLbIPConfigID": "[concat(variables('masterInternalLbID'),'/frontendIPConfigurations/', variables('masterInternalLbIPConfigName'))]",
"masterInternalLbIPConfigName": "[concat(variables('orchestratorName'), '-master-internal-lbFrontEnd-', variables('nameSuffix'))]",
"masterInternalLbIPOffset": 10,
"masterInternalLbIp": "[concat(variables('masterFirstAddrPrefix'), add(variables('masterInternalLbIPOffset'), int(variables('masterFirstAddrOctet4'))))]",
"masterInternalLbName": "[concat(variables('orchestratorName'), '-master-internal-lb-', variables('nameSuffix'))]",
"masterLbBackendPoolName": "[concat(variables('orchestratorName'), '-master-pool-', variables('nameSuffix'))]",
"masterLbID": "[resourceId('Microsoft.Network/loadBalancers',variables('masterLbName'))]",
"masterLbIPConfigID": "[concat(variables('masterLbID'),'/frontendIPConfigurations/', variables('masterLbIPConfigName'))]",
"masterLbIPConfigName": "[concat(variables('orchestratorName'), '-master-lbFrontEnd-', variables('nameSuffix'))]",
"masterLbName": "[concat(variables('orchestratorName'), '-master-lb-', variables('nameSuffix'))]",
"masterPrivateIp": "[parameters('firstConsecutiveStaticIP')]",
"masterPrivateIpAddrs": [
"[concat(variables('masterFirstAddrPrefix'), add(0, int(variables('masterFirstAddrOctet4'))))]",
"[concat(variables('masterFirstAddrPrefix'), add(1, int(variables('masterFirstAddrOctet4'))))]",
"[concat(variables('masterFirstAddrPrefix'), add(2, int(variables('masterFirstAddrOctet4'))))]",
"[concat(variables('masterFirstAddrPrefix'), add(3, int(variables('masterFirstAddrOctet4'))))]",
"[concat(variables('masterFirstAddrPrefix'), add(4, int(variables('masterFirstAddrOctet4'))))]"
],
"masterPublicIPAddressName": "[concat(variables('orchestratorName'), '-master-ip-', variables('masterFqdnPrefix'), '-', variables('nameSuffix'))]",
"masterStorageAccountName": "[concat(variables('storageAccountBaseName'), 'mstr0')]",
"masterVMNamePrefix": "[concat(variables('orchestratorName'), '-master-', variables('nameSuffix'), '-')]",
"masterVMNames": [
"[concat(variables('masterVMNamePrefix'), '0')]",
"[concat(variables('masterVMNamePrefix'), '1')]",
"[concat(variables('masterVMNamePrefix'), '2')]",
"[concat(variables('masterVMNamePrefix'), '3')]",
"[concat(variables('masterVMNamePrefix'), '4')]"
],
"masterVMSize": "[parameters('masterVMSize')]",
"maxStorageAccountsPerAgent": "[div(variables('maxVMsPerPool'),variables('maxVMsPerStorageAccount'))]",
"maxVMsPerPool": 100,
"maxVMsPerStorageAccount": 20,
"nameSuffix": "[parameters('nameSuffix')]",
"nsgID": "[resourceId('Microsoft.Network/networkSecurityGroups',variables('nsgName'))]",
"nsgName": "[concat(variables('masterVMNamePrefix'), 'nsg')]",
"orchestratorName": "k8s",
"osImageOffer": "UbuntuServer",
"osImagePublisher": "Canonical",
"osImageSKU": "16.04.0-LTS",
"osImageVersion": "16.04.201705080",
"primaryAvailablitySetName": "[concat('agentpool1-availabilitySet-',variables('nameSuffix'))]",
"provisionScript": "H4sIAAAAAAAA/9RYX3PbuBF/x6fY0Hpop0dJblOnp5zvhpHoHGtZcinKnfSS0UEkaKGmAA4A+s/59N07ACmKFCnFSfpyfvBQwG9/+weLXQAnr3pLynpLLFcInXz9HzqBWeD4Aczcoe8GMHICB2xwhz9PYeTNnHdjd/RN/OgELihJIgkxF/Ar/i0TpPtfydmvKHAnziRYeKNzq/N8urHQbP5u4gazoe9dB950Usz8dWMh351N5/7QXbz3p/NrPfq3jYXG06Gjgfr361Je//r7xkITN/j31L9czNzh3PeCDzvZs42Fbjw/mDvjRYHSw2+0ouk8cBeB9lsP/WNjoWvfu3L8DwvnxvHGzjtvrLlmuZ7vtVbXv/GG7uLa9yZD79oZL4Zjz9051j+GycNucDoCl/N37tgNNO7GCdzFpfvBzOkYBI7/3g0W7uTG86eTK3eSi+lAoBO4wlIRAZwlTyBJKIiSyLn2tGLXb/DpaA2dxdD1A+/CGzqB8fZUh+3KmQWuv7j418jE9fSsMGs4nVx47xsib+rTWwU6cM7oypvMZ65vRr7P7fRiaDULqASyTtXTd6BWhMEDASwIMK6AMz0Ea+MhojH88gu8Avs3sDrPrVwbCz59emt4EAAACVccrINqGWd2oRpLma0puy2UAeMRsZAhaRVfXDvBz+dWj6iwd5ctiWBEEdkLiVCyh1MqibgnontHnixDongWrg7abdg2OTJcrXkE/bPXr18I5w8MBOdqoP+9SCYPy+EY/g5LLMnZa7DtiIQ8IvDjZ3lJIslLYr4f7wcu7sp4xxS17YSjwQ4TSpjKI11G+RDJxkL1+B4FNiJ7BL2NaQvkcESP8CHnP3PfXfxzNp0ccH9XUSuO70k1/G2bbyZQE4QV/PADuNOLIhUaiGez+FaY8CyyBlbnuVm1NtZ3OUgRhpnyImugucpuUM7LbClDQVNFOduimi2ihGMcDU0SlNjDhbkpNDM18zOCebUuhQWRPBMheS94luai9UZVIhMeYu1GDtr2raqnjKgJXpOql7tpEmaCqiejZ4dqb3Cl1H2Ncq/f7XzgmSIBXiZkh600wRKXCrrG4sm5xzTBS5pQ9TSr8h/qkhsLbZA7vfjWU4o7GcH0onpM+bZjiSQK7EfdkR4wVeZwojdVqBJQHARJuVAgszAkUsZZAmGSmY6wIjhRKxRnLNQLCoTJTJDLXPRPf4Z8AxRUMc9YdH5qhrQGCpTB82m3e9bvb95CxM2M/tNdDWwCvUyKns6WxJzvtiZ9KoFlU9v+1VT1a1NLQfBdORLT8lMmhKSQ2xVxlldsY0KnSgc2I9AvlNcUG+yr0mBtasRDXcGPWJrXxq1LjAsoZCIamUZPmVQ4SSphT4q+WVI8UlXYXXEppmiD9pfEVWFUrod8koqstVqpeApEhZEZF2uwRQy9eyx6CV3q2hr1IhLjLFF7goJIhYXKZZvqRsaVFoWE6c1VuHqAszKZf870MHlx6rxqLANlMX97aAmkwiqT0PmpHlwjf9Q4Q7Ht8HXOQq/MDa8T13369hyt8R1O0pph2xwzBu7MqyRUaxbpjZ0QdXhd73LAgYXdztaIH5XAoSpLxhHiUCV2AT+ioIpqeuBsT6G14pQfHr4wzb6yQh2QKCqqrVO1hjearM5PFpyD1bcq1K30UCstuWPtedjufL+BqefkXl428n9/66USfodbQVIoLwB/IPde3iVqaj63Cyu2f/FOfBBUmY045Cymt2Ue766dI88/7634mvQ65aWz19U694AX3tg979QEe6FhNcD1XUQF2CnUIZWrW6fOVbl77TQPdp9tRC+EV+j1yf1Nv99OpifP6pNG1EzrW/wsi2P6eJ6fyXGadvMbQ8jXFqrkY/OgbhLU0eDhijI8NGf6tiVu1RJqmeIX7YbMQpX0OoGISlPmEn57qy+AONanq/zlAnim0qwoeUTBXx4rV0pk2zbCKb0hQlLOBnB/iopSIgfI3paVQR4eIhSNaYgVsXGmVlwfo+0IKzyAj1an/gTy0So06i07gJVSqRz0ep3Ki0i3sz27dzs7rxEAw2tiKCvgjxYKOVPkUeWG5d+FYYWVTRE9m8nmlI2jNWUGcEhZJgRhyt4qaiLuKIsGkG8jpJUYw9roKtqMMYXR1PBXglqGsv2JqPCnELwjT60Cl+6Hjxay4MfW/D8BUbTEtlyRZZbYj7pqnGyfbjCLzHMCqp7PUK2ro3orrgibZ7SveWraq1V53lavCJURd3sK3WvU5v3j//BSlu8XrzhUh3ydJkSRvdM1+l8AAAD//5Ntm+5KFgAA",
"registerSchedulable": "false",
"resourceGroup": "[resourceGroup().name]",
"routeTableID": "[resourceId('Microsoft.Network/routeTables', variables('routeTableName'))]",
"routeTableName": "[concat(variables('masterVMNamePrefix'),'routetable')]",
"servicePrincipalClientId": "[parameters('servicePrincipalClientId')]",
"servicePrincipalClientSecret": "[parameters('servicePrincipalClientSecret')]",
"sshKeyPath": "[concat('/home/',variables('username'),'/.ssh/authorized_keys')]",
"sshNatPorts": [
22,
2201,
2202,
2203,
2204
],
"sshPublicKeyData": "[parameters('sshRSAPublicKey')]",
"storageAccountBaseName": "[uniqueString(concat(variables('masterFqdnPrefix'),resourceGroup().location))]",
"storageAccountPrefixes": [
"0",
"6",
"c",
"i",
"o",
"u",
"1",
"7",
"d",
"j",
"p",
"v",
"2",
"8",
"e",
"k",
"q",
"w",
"3",
"9",
"f",
"l",
"r",
"x",
"4",
"a",
"g",
"m",
"s",
"y",
"5",
"b",
"h",
"n",
"t",
"z"
],
"storageAccountPrefixesCount": "[length(variables('storageAccountPrefixes'))]",
"subnet": "[parameters('masterSubnet')]",
"subnetName": "[concat(variables('orchestratorName'), '-subnet')]",
"subscriptionId": "[subscription().subscriptionId]",
"targetEnvironment": "[parameters('targetEnvironment')]",
"tenantId": "[subscription().tenantId]",
"username": "[parameters('linuxAdminUsername')]",
"virtualNetworkName": "[concat(variables('orchestratorName'), '-vnet-', variables('nameSuffix'))]",
"vmSizesMap": {
"Standard_A10": {
"storageAccountType": "Standard_LRS"
},
"Standard_A11": {
"storageAccountType": "Standard_LRS"
},
"Standard_A2": {
"storageAccountType": "Standard_LRS"
},
"Standard_A2_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_A2m_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_A3": {
"storageAccountType": "Standard_LRS"
},
"Standard_A4": {
"storageAccountType": "Standard_LRS"
},
"Standard_A4_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_A4m_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_A5": {
"storageAccountType": "Standard_LRS"
},
"Standard_A6": {
"storageAccountType": "Standard_LRS"
},
"Standard_A7": {
"storageAccountType": "Standard_LRS"
},
"Standard_A8": {
"storageAccountType": "Standard_LRS"
},
"Standard_A8_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_A8m_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_A9": {
"storageAccountType": "Standard_LRS"
},
"Standard_D11": {
"storageAccountType": "Standard_LRS"
},
"Standard_D11_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_D12": {
"storageAccountType": "Standard_LRS"
},
"Standard_D12_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_D13": {
"storageAccountType": "Standard_LRS"
},
"Standard_D13_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_D14": {
"storageAccountType": "Standard_LRS"
},
"Standard_D14_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_D15_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_D2": {
"storageAccountType": "Standard_LRS"
},
"Standard_D2_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_D3": {
"storageAccountType": "Standard_LRS"
},
"Standard_D3_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_D4": {
"storageAccountType": "Standard_LRS"
},
"Standard_D4_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_D5_v2": {
"storageAccountType": "Standard_LRS"
},
"Standard_DS11": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS11_v2": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS12": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS12_v2": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS13": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS13_v2": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS14": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS14_v2": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS15_v2": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS2": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS2_v2": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS3": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS3_v2": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS4": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS4_v2": {
"storageAccountType": "Premium_LRS"
},
"Standard_DS5_v2": {
"storageAccountType": "Premium_LRS"
},
"Standard_F16": {
"storageAccountType": "Standard_LRS"
},
"Standard_F16s": {
"storageAccountType": "Premium_LRS"
},
"Standard_F2": {
"storageAccountType": "Standard_LRS"
},
"Standard_F2s": {
"storageAccountType": "Premium_LRS"
},
"Standard_F4": {
"storageAccountType": "Standard_LRS"
},
"Standard_F4s": {
"storageAccountType": "Premium_LRS"
},
"Standard_F8": {
"storageAccountType": "Standard_LRS"
},
"Standard_F8s": {
"storageAccountType": "Premium_LRS"
},
"Standard_G1": {
"storageAccountType": "Standard_LRS"
},
"Standard_G2": {
"storageAccountType": "Standard_LRS"
},
"Standard_G3": {
"storageAccountType": "Standard_LRS"
},
"Standard_G4": {
"storageAccountType": "Standard_LRS"
},
"Standard_G5": {
"storageAccountType": "Standard_LRS"
},
"Standard_GS1": {
"storageAccountType": "Premium_LRS"
},
"Standard_GS2": {
"storageAccountType": "Premium_LRS"
},
"Standard_GS3": {
"storageAccountType": "Premium_LRS"
},
"Standard_GS4": {
"storageAccountType": "Premium_LRS"
},
"Standard_GS5": {
"storageAccountType": "Premium_LRS"
},
"Standard_H16": {
"storageAccountType": "Standard_LRS"
},
"Standard_H16m": {
"storageAccountType": "Standard_LRS"
},
"Standard_H16mr": {
"storageAccountType": "Standard_LRS"
},
"Standard_H16r": {
"storageAccountType": "Standard_LRS"
},
"Standard_H8": {
"storageAccountType": "Standard_LRS"
},
"Standard_H8m": {
"storageAccountType": "Standard_LRS"
},
"Standard_NC12": {
"storageAccountType": "Standard_LRS"
},
"Standard_NC24": {
"storageAccountType": "Standard_LRS"
},
"Standard_NC24r": {
"storageAccountType": "Standard_LRS"
},
"Standard_NC6": {
"storageAccountType": "Standard_LRS"
},
"Standard_NV12": {
"storageAccountType": "Standard_LRS"
},
"Standard_NV24": {
"storageAccountType": "Standard_LRS"
},
"Standard_NV6": {
"storageAccountType": "Standard_LRS"
}
},
"vmsPerStorageAccount": 20,
"vnetCidr": "10.0.0.0/8",
"vnetID": "[resourceId('Microsoft.Network/virtualNetworks',variables('virtualNetworkName'))]",
"vnetSubnetID": "[concat(variables('vnetID'),'/subnets/',variables('subnetName'))]"
},
"resources": [
{
"apiVersion": "[variables('apiVersionDefault')]",
"copy": {
"count": "[sub(variables('agentpool1Count'), variables('agentpool1Offset'))]",
"name": "loop"
},
"dependsOn": [
"[variables('vnetID')]"
],
"location": "[variables('location')]",
"name": "[concat(variables('agentpool1VMNamePrefix'), 'nic-', copyIndex(variables('agentpool1Offset')))]",
"properties": {
"enableIPForwarding": true,
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[variables('agentpool1VnetSubnetID')]"
}
}
}
]
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "[variables('apiVersionStorage')]",
"copy": {
"count": "[variables('agentpool1StorageAccountsCount')]",
"name": "loop"
},
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/', variables('masterPublicIPAddressName'))]"
],
"location": "[variables('location')]",
"name": "[concat(variables('storageAccountPrefixes')[mod(add(copyIndex(),variables('agentpool1StorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('storageAccountPrefixes')[div(add(copyIndex(),variables('agentpool1StorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('agentpool1AccountName'))]",
"properties": {
"accountType": "[variables('vmSizesMap')[variables('agentpool1VMSize')].storageAccountType]"
},
"type": "Microsoft.Storage/storageAccounts"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"location": "[variables('location')]",
"name": "[variables('agentpool1AvailabilitySet')]",
"properties": {},
"type": "Microsoft.Compute/availabilitySets"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"copy": {
"count": "[sub(variables('agentpool1Count'), variables('agentpool1Offset'))]",
"name": "vmLoopNode"
},
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/',variables('storageAccountPrefixes')[mod(add(div(copyIndex(variables('agentpool1Offset')),variables('maxVMsPerStorageAccount')),variables('agentpool1StorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('storageAccountPrefixes')[div(add(div(copyIndex(variables('agentpool1Offset')),variables('maxVMsPerStorageAccount')),variables('agentpool1StorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('agentpool1AccountName'))]",
"[concat('Microsoft.Network/networkInterfaces/', variables('agentpool1VMNamePrefix'), 'nic-', copyIndex(variables('agentpool1Offset')))]",
"[concat('Microsoft.Compute/availabilitySets/', variables('agentpool1AvailabilitySet'))]"
],
"location": "[variables('location')]",
"name": "[concat(variables('agentpool1VMNamePrefix'), copyIndex(variables('agentpool1Offset')))]",
"properties": {
"availabilitySet": {
"id": "[resourceId('Microsoft.Compute/availabilitySets',variables('agentpool1AvailabilitySet'))]"
},
"hardwareProfile": {
"vmSize": "[variables('agentpool1VMSize')]"
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces',concat(variables('agentpool1VMNamePrefix'), 'nic-', copyIndex(variables('agentpool1Offset'))))]"
}
]
},
"osProfile": {
"adminUsername": "[variables('username')]",
"computername": "[concat(variables('agentpool1VMNamePrefix'), copyIndex(variables('agentpool1Offset')))]",
"customData": "[base64(concat('#cloud-config\n\n# { { { variable } } }\n\nruncmd:\n- apt-get update\n- apt-get install -y apt-transport-https ca-certificates\n- curl --retry 5 -fsSL https://apt.dockerproject.org/gpg | apt-key add -\n- echo \"deb ',variables('dockerEngineDownloadRepo'),' ubuntu-xenial main\" | sudo tee /etc/apt/sources.list.d/docker.list\n- \"echo \\\"Package: docker-engine\\nPin: version ',variables('dockerEngineVersion'),'\\nPin-Priority: 550\\n\\\" > /etc/apt/preferences.d/docker.pref\"\n- apt-get update\n- apt-get install -y docker-engine\n- systemctl restart docker\n- mkdir -p /etc/kubernetes/manifests\n- usermod -aG docker ',variables('username'),'\n\nwrite_files:\n- path: \"/etc/systemd/system/docker.service.d/clear_mount_propagation_flags.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n MountFlags=shared\n\n- path: \"/etc/systemd/system/docker.service.d/overlay.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n ExecStart=\n ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=overlay\n\n- path: \"/etc/docker/daemon.json\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n {\n \"live-restore\": true\n }\n\n- path: \"/etc/kubernetes/certs/ca.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('caCertificate'),'\n\n- path: \"/etc/kubernetes/certs/apiserver.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('apiserverCertificate'),'\n\n- path: \"/etc/kubernetes/certs/client.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('clientCertificate'),'\n\n- path: \"/var/lib/kubelet/kubeconfig\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Config\n clusters:\n - name: localcluster\n cluster:\n certificate-authority: /etc/kubernetes/certs/ca.crt\n server: https://',variables('masterInternalLbIp'),':443\n users:\n - name: client\n user:\n client-certificate: /etc/kubernetes/certs/client.crt\n client-key: /etc/kubernetes/certs/client.key\n contexts:\n - context:\n cluster: localcluster\n user: client\n name: localclustercontext\n current-context: localclustercontext\n\n- path: \"/etc/systemd/system/kubectl-extract.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubectl extraction\n Requires=docker.service\n After=docker.service\n ConditionPathExists=!/usr/local/bin/kubectl\n\n [Service]\n Type=oneshot\n ExecStartPre=/bin/mkdir -p /tmp/kubectldir\n ExecStart=/usr/bin/docker run --rm -v /tmp/kubectldir:/opt/kubectldir ',variables('kubernetesHyperkubeSpec'),' /bin/bash -c \"cp /hyperkube /opt/kubectldir/\"\n ExecStartPost=/bin/mv /tmp/kubectldir/hyperkube /usr/local/bin/kubectl\n ExecStartPost=/bin/chmod a+x /usr/local/bin/kubectl\n\n- path: \"/etc/systemd/system/kubelet.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubelet\n Requires=docker.service\n After=docker.service\n\n [Service]\n Restart=always\n ExecStartPre=/bin/mkdir -p /var/lib/kubelet\n ExecStartPre=/bin/mount --bind /var/lib/kubelet /var/lib/kubelet\n ExecStartPre=/bin/mount --make-shared /var/lib/kubelet\n ExecStart=/usr/bin/docker run \\\n --name=kubelet \\\n --net=host \\\n --pid=host \\\n --privileged \\\n --volume=/dev:/dev \\\n --volume=/sys:/sys:ro \\\n --volume=/var/run:/var/run:rw \\\n --volume=/var/lib/docker/:/var/lib/docker:rw \\\n --volume=/var/lib/kubelet/:/var/lib/kubelet:shared \\\n --volume=/var/log:/var/log:rw \\\n --volume=/etc/kubernetes/:/etc/kubernetes/:ro \\\n --volume=/srv/kubernetes/:/srv/kubernetes/:ro \\\n ',variables('kubernetesHyperkubeSpec'),' \\\n /hyperkube kubelet \\\n --api-servers=\"https://',variables('masterInternalLbIp'),':443\" \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --pod-infra-container-image=\"',variables('kubernetesPodInfraContainerSpec'),'\" \\\n --address=0.0.0.0 \\\n --allow-privileged=true \\\n --enable-server \\\n --enable-debugging-handlers \\\n --pod-manifest-path=/etc/kubernetes/manifests \\\n --cluster-dns=',variables('kubeDnsServiceIP'),' \\\n --cluster-domain=cluster.local \\\n --cloud-provider=azure \\\n --cloud-config=/etc/kubernetes/azure.json \\\n --azure-container-registry-config=/etc/kubernetes/azure.json \\\n --hairpin-mode=promiscuous-bridge \\\n --network-plugin=kubenet \\\n --v=2\n ExecStop=/usr/bin/docker stop -t 10 kubelet\n ExecStopPost=/usr/bin/docker rm -f kubelet\n\n [Install]\n WantedBy=multi-user.target\n\n- path: \"/opt/azure/containers/provision.sh\"\n permissions: \"0744\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n ',variables('provisionScript'),'\n'))]",
"linuxConfiguration": {
"disablePasswordAuthentication": "true",
"ssh": {
"publicKeys": [
{
"keyData": "[parameters('sshRSAPublicKey')]",
"path": "[variables('sshKeyPath')]"
}
]
}
}
},
"storageProfile": {
"imageReference": {
"offer": "[variables('osImageOffer')]",
"publisher": "[variables('osImagePublisher')]",
"sku": "[variables('osImageSKU')]",
"version": "[variables('osImageVersion')]"
},
"osDisk": {
"caching": "ReadWrite",
"createOption": "FromImage",
"name": "[concat(variables('agentpool1VMNamePrefix'), copyIndex(variables('agentpool1Offset')),'-osdisk')]",
"vhd": {
"uri": "[concat(reference(concat('Microsoft.Storage/storageAccounts/',variables('storageAccountPrefixes')[mod(add(div(copyIndex(variables('agentpool1Offset')),variables('maxVMsPerStorageAccount')),variables('agentpool1StorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('storageAccountPrefixes')[div(add(div(copyIndex(variables('agentpool1Offset')),variables('maxVMsPerStorageAccount')),variables('agentpool1StorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('agentpool1AccountName')),variables('apiVersionStorage')).primaryEndpoints.blob,'osdisk/', variables('agentpool1VMNamePrefix'), copyIndex(variables('agentpool1Offset')), '-osdisk.vhd')]"
}
}
}
},
"tags": {
"creationSource": "[concat('acsengine-', variables('agentpool1VMNamePrefix'), copyIndex(variables('agentpool1Offset')))]"
},
"type": "Microsoft.Compute/virtualMachines"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"copy": {
"count": "[sub(variables('agentpool1Count'), variables('agentpool1Offset'))]",
"name": "vmLoopNode"
},
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachines/', variables('agentpool1VMNamePrefix'), copyIndex(variables('agentpool1Offset')))]"
],
"location": "[resourceGroup().location]",
"name": "[concat(variables('agentpool1VMNamePrefix'), copyIndex(variables('agentpool1Offset')),'/cse', copyIndex(variables('agentpool1Offset')))]",
"properties": {
"autoUpgradeMinorVersion": true,
"protectedSettings": {
"commandToExecute": "[concat('/usr/bin/nohup /bin/bash -c \"/bin/bash /opt/azure/containers/provision.sh ',variables('tenantID'),' ',variables('subscriptionId'),' ',variables('resourceGroup'),' ',variables('location'),' ',variables('subnetName'),' ',variables('nsgName'),' ',variables('virtualNetworkName'),' ',variables('routeTableName'),' ',variables('primaryAvailablitySetName'),' ',variables('servicePrincipalClientId'),' ',variables('servicePrincipalClientSecret'),' ',variables('clientPrivateKey'),' ',variables('targetEnvironment'),' >> /var/log/azure/cluster-provision.log 2>&1 &\" &')]"
},
"publisher": "Microsoft.OSTCExtensions",
"settings": {},
"type": "CustomScriptForLinux",
"typeHandlerVersion": "1.5"
},
"type": "Microsoft.Compute/virtualMachines/extensions"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"copy": {
"count": "[sub(variables('agentpool2Count'), variables('agentpool2Offset'))]",
"name": "loop"
},
"dependsOn": [
"[variables('vnetID')]"
],
"location": "[variables('location')]",
"name": "[concat(variables('agentpool2VMNamePrefix'), 'nic-', copyIndex(variables('agentpool2Offset')))]",
"properties": {
"enableIPForwarding": true,
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[variables('agentpool2VnetSubnetID')]"
}
}
}
]
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "[variables('apiVersionStorage')]",
"copy": {
"count": "[variables('agentpool2StorageAccountsCount')]",
"name": "loop"
},
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/', variables('masterPublicIPAddressName'))]"
],
"location": "[variables('location')]",
"name": "[concat(variables('storageAccountPrefixes')[mod(add(copyIndex(),variables('agentpool2StorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('storageAccountPrefixes')[div(add(copyIndex(),variables('agentpool2StorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('agentpool2AccountName'))]",
"properties": {
"accountType": "[variables('vmSizesMap')[variables('agentpool2VMSize')].storageAccountType]"
},
"type": "Microsoft.Storage/storageAccounts"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"location": "[variables('location')]",
"name": "[variables('agentpool2AvailabilitySet')]",
"properties": {},
"type": "Microsoft.Compute/availabilitySets"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"copy": {
"count": "[sub(variables('agentpool2Count'), variables('agentpool2Offset'))]",
"name": "vmLoopNode"
},
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/',variables('storageAccountPrefixes')[mod(add(div(copyIndex(variables('agentpool2Offset')),variables('maxVMsPerStorageAccount')),variables('agentpool2StorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('storageAccountPrefixes')[div(add(div(copyIndex(variables('agentpool2Offset')),variables('maxVMsPerStorageAccount')),variables('agentpool2StorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('agentpool2AccountName'))]",
"[concat('Microsoft.Network/networkInterfaces/', variables('agentpool2VMNamePrefix'), 'nic-', copyIndex(variables('agentpool2Offset')))]",
"[concat('Microsoft.Compute/availabilitySets/', variables('agentpool2AvailabilitySet'))]"
],
"location": "[variables('location')]",
"name": "[concat(variables('agentpool2VMNamePrefix'), copyIndex(variables('agentpool2Offset')))]",
"properties": {
"availabilitySet": {
"id": "[resourceId('Microsoft.Compute/availabilitySets',variables('agentpool2AvailabilitySet'))]"
},
"hardwareProfile": {
"vmSize": "[variables('agentpool2VMSize')]"
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces',concat(variables('agentpool2VMNamePrefix'), 'nic-', copyIndex(variables('agentpool2Offset'))))]"
}
]
},
"osProfile": {
"adminUsername": "[variables('username')]",
"computername": "[concat(variables('agentpool2VMNamePrefix'), copyIndex(variables('agentpool2Offset')))]",
"customData": "[base64(concat('#cloud-config\n\n# { { { variable } } }\n\nruncmd:\n- apt-get update\n- apt-get install -y apt-transport-https ca-certificates\n- curl --retry 5 -fsSL https://apt.dockerproject.org/gpg | apt-key add -\n- echo \"deb ',variables('dockerEngineDownloadRepo'),' ubuntu-xenial main\" | sudo tee /etc/apt/sources.list.d/docker.list\n- \"echo \\\"Package: docker-engine\\nPin: version ',variables('dockerEngineVersion'),'\\nPin-Priority: 550\\n\\\" > /etc/apt/preferences.d/docker.pref\"\n- apt-get update\n- apt-get install -y docker-engine\n- systemctl restart docker\n- mkdir -p /etc/kubernetes/manifests\n- usermod -aG docker ',variables('username'),'\n\nwrite_files:\n- path: \"/etc/systemd/system/docker.service.d/clear_mount_propagation_flags.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n MountFlags=shared\n\n- path: \"/etc/systemd/system/docker.service.d/overlay.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n ExecStart=\n ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=overlay\n\n- path: \"/etc/docker/daemon.json\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n {\n \"live-restore\": true\n }\n\n- path: \"/etc/kubernetes/certs/ca.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('caCertificate'),'\n\n- path: \"/etc/kubernetes/certs/apiserver.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('apiserverCertificate'),'\n\n- path: \"/etc/kubernetes/certs/client.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('clientCertificate'),'\n\n- path: \"/var/lib/kubelet/kubeconfig\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Config\n clusters:\n - name: localcluster\n cluster:\n certificate-authority: /etc/kubernetes/certs/ca.crt\n server: https://',variables('masterInternalLbIp'),':443\n users:\n - name: client\n user:\n client-certificate: /etc/kubernetes/certs/client.crt\n client-key: /etc/kubernetes/certs/client.key\n contexts:\n - context:\n cluster: localcluster\n user: client\n name: localclustercontext\n current-context: localclustercontext\n\n- path: \"/etc/systemd/system/kubectl-extract.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubectl extraction\n Requires=docker.service\n After=docker.service\n ConditionPathExists=!/usr/local/bin/kubectl\n\n [Service]\n Type=oneshot\n ExecStartPre=/bin/mkdir -p /tmp/kubectldir\n ExecStart=/usr/bin/docker run --rm -v /tmp/kubectldir:/opt/kubectldir ',variables('kubernetesHyperkubeSpec'),' /bin/bash -c \"cp /hyperkube /opt/kubectldir/\"\n ExecStartPost=/bin/mv /tmp/kubectldir/hyperkube /usr/local/bin/kubectl\n ExecStartPost=/bin/chmod a+x /usr/local/bin/kubectl\n\n- path: \"/etc/systemd/system/kubelet.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubelet\n Requires=docker.service\n After=docker.service\n\n [Service]\n Restart=always\n ExecStartPre=/bin/mkdir -p /var/lib/kubelet\n ExecStartPre=/bin/mount --bind /var/lib/kubelet /var/lib/kubelet\n ExecStartPre=/bin/mount --make-shared /var/lib/kubelet\n ExecStart=/usr/bin/docker run \\\n --name=kubelet \\\n --net=host \\\n --pid=host \\\n --privileged \\\n --volume=/dev:/dev \\\n --volume=/sys:/sys:ro \\\n --volume=/var/run:/var/run:rw \\\n --volume=/var/lib/docker/:/var/lib/docker:rw \\\n --volume=/var/lib/kubelet/:/var/lib/kubelet:shared \\\n --volume=/var/log:/var/log:rw \\\n --volume=/etc/kubernetes/:/etc/kubernetes/:ro \\\n --volume=/srv/kubernetes/:/srv/kubernetes/:ro \\\n ',variables('kubernetesHyperkubeSpec'),' \\\n /hyperkube kubelet \\\n --api-servers=\"https://',variables('masterInternalLbIp'),':443\" \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --pod-infra-container-image=\"',variables('kubernetesPodInfraContainerSpec'),'\" \\\n --address=0.0.0.0 \\\n --allow-privileged=true \\\n --enable-server \\\n --enable-debugging-handlers \\\n --pod-manifest-path=/etc/kubernetes/manifests \\\n --cluster-dns=',variables('kubeDnsServiceIP'),' \\\n --cluster-domain=cluster.local \\\n --cloud-provider=azure \\\n --cloud-config=/etc/kubernetes/azure.json \\\n --azure-container-registry-config=/etc/kubernetes/azure.json \\\n --hairpin-mode=promiscuous-bridge \\\n --network-plugin=kubenet \\\n --v=2\n ExecStop=/usr/bin/docker stop -t 10 kubelet\n ExecStopPost=/usr/bin/docker rm -f kubelet\n\n [Install]\n WantedBy=multi-user.target\n\n- path: \"/opt/azure/containers/provision.sh\"\n permissions: \"0744\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n ',variables('provisionScript'),'\n'))]",
"linuxConfiguration": {
"disablePasswordAuthentication": "true",
"ssh": {
"publicKeys": [
{
"keyData": "[parameters('sshRSAPublicKey')]",
"path": "[variables('sshKeyPath')]"
}
]
}
}
},
"storageProfile": {
"imageReference": {
"offer": "[variables('osImageOffer')]",
"publisher": "[variables('osImagePublisher')]",
"sku": "[variables('osImageSKU')]",
"version": "[variables('osImageVersion')]"
},
"osDisk": {
"caching": "ReadWrite",
"createOption": "FromImage",
"name": "[concat(variables('agentpool2VMNamePrefix'), copyIndex(variables('agentpool2Offset')),'-osdisk')]",
"vhd": {
"uri": "[concat(reference(concat('Microsoft.Storage/storageAccounts/',variables('storageAccountPrefixes')[mod(add(div(copyIndex(variables('agentpool2Offset')),variables('maxVMsPerStorageAccount')),variables('agentpool2StorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('storageAccountPrefixes')[div(add(div(copyIndex(variables('agentpool2Offset')),variables('maxVMsPerStorageAccount')),variables('agentpool2StorageAccountOffset')),variables('storageAccountPrefixesCount'))],variables('agentpool2AccountName')),variables('apiVersionStorage')).primaryEndpoints.blob,'osdisk/', variables('agentpool2VMNamePrefix'), copyIndex(variables('agentpool2Offset')), '-osdisk.vhd')]"
}
}
}
},
"tags": {
"creationSource": "[concat('acsengine-', variables('agentpool2VMNamePrefix'), copyIndex(variables('agentpool2Offset')))]"
},
"type": "Microsoft.Compute/virtualMachines"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"copy": {
"count": "[sub(variables('agentpool2Count'), variables('agentpool2Offset'))]",
"name": "vmLoopNode"
},
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachines/', variables('agentpool2VMNamePrefix'), copyIndex(variables('agentpool2Offset')))]"
],
"location": "[resourceGroup().location]",
"name": "[concat(variables('agentpool2VMNamePrefix'), copyIndex(variables('agentpool2Offset')),'/cse', copyIndex(variables('agentpool2Offset')))]",
"properties": {
"autoUpgradeMinorVersion": true,
"protectedSettings": {
"commandToExecute": "[concat('/usr/bin/nohup /bin/bash -c \"/bin/bash /opt/azure/containers/provision.sh ',variables('tenantID'),' ',variables('subscriptionId'),' ',variables('resourceGroup'),' ',variables('location'),' ',variables('subnetName'),' ',variables('nsgName'),' ',variables('virtualNetworkName'),' ',variables('routeTableName'),' ',variables('primaryAvailablitySetName'),' ',variables('servicePrincipalClientId'),' ',variables('servicePrincipalClientSecret'),' ',variables('clientPrivateKey'),' ',variables('targetEnvironment'),' >> /var/log/azure/cluster-provision.log 2>&1 &\" &')]"
},
"publisher": "Microsoft.OSTCExtensions",
"settings": {},
"type": "CustomScriptForLinux",
"typeHandlerVersion": "1.5"
},
"type": "Microsoft.Compute/virtualMachines/extensions"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"location": "[variables('location')]",
"name": "[variables('masterAvailabilitySet')]",
"properties": {},
"type": "Microsoft.Compute/availabilitySets"
},
{
"apiVersion": "[variables('apiVersionStorage')]",
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/', variables('masterPublicIPAddressName'))]"
],
"location": "[variables('location')]",
"name": "[variables('masterStorageAccountName')]",
"properties": {
"accountType": "[variables('vmSizesMap')[variables('masterVMSize')].storageAccountType]"
},
"type": "Microsoft.Storage/storageAccounts"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"dependsOn": [
"[concat('Microsoft.Network/routeTables/', variables('routeTableName'))]"
],
"location": "[variables('location')]",
"name": "[variables('virtualNetworkName')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[variables('vnetCidr')]"
]
},
"subnets": [
{
"name": "[variables('subnetName')]",
"properties": {
"addressPrefix": "[variables('subnet')]",
"networkSecurityGroup": {
"id": "[variables('nsgID')]"
},
"routeTable": {
"id": "[variables('routeTableID')]"
}
}
}
]
},
"type": "Microsoft.Network/virtualNetworks"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"location": "[variables('location')]",
"name": "[variables('routeTableName')]",
"type": "Microsoft.Network/routeTables"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/', variables('masterPublicIPAddressName'))]"
],
"location": "[variables('location')]",
"name": "[variables('masterLbName')]",
"properties": {
"backendAddressPools": [
{
"name": "[variables('masterLbBackendPoolName')]"
}
],
"frontendIPConfigurations": [
{
"name": "[variables('masterLbIPConfigName')]",
"properties": {
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses',variables('masterPublicIPAddressName'))]"
}
}
}
],
"loadBalancingRules": [
{
"name": "LBRuleHTTPS",
"properties": {
"backendAddressPool": {
"id": "[concat(variables('masterLbID'), '/backendAddressPools/', variables('masterLbBackendPoolName'))]"
},
"backendPort": 443,
"enableFloatingIP": false,
"frontendIPConfiguration": {
"id": "[variables('masterLbIPConfigID')]"
},
"frontendPort": 443,
"idleTimeoutInMinutes": 5,
"loadDistribution": "Default",
"probe": {
"id": "[concat(variables('masterLbID'),'/probes/tcpHTTPSProbe')]"
},
"protocol": "tcp"
}
}
],
"probes": [
{
"name": "tcpHTTPSProbe",
"properties": {
"intervalInSeconds": "5",
"numberOfProbes": "2",
"port": 443,
"protocol": "tcp"
}
}
]
},
"type": "Microsoft.Network/loadBalancers"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"dependsOn": [
"[variables('vnetID')]"
],
"location": "[variables('location')]",
"name": "[variables('masterInternalLbName')]",
"properties": {
"backendAddressPools": [
{
"name": "[variables('masterLbBackendPoolName')]"
}
],
"frontendIPConfigurations": [
{
"name": "[variables('masterInternalLbIPConfigName')]",
"properties": {
"privateIPAddress": "[variables('masterInternalLbIp')]",
"privateIPAllocationMethod": "Static",
"subnet": {
"id": "[variables('vnetSubnetID')]"
}
}
}
],
"loadBalancingRules": [
{
"name": "InternalLBRuleHTTPS",
"properties": {
"backendAddressPool": {
"id": "[concat(variables('masterInternalLbID'), '/backendAddressPools/', variables('masterLbBackendPoolName'))]"
},
"backendPort": 4443,
"enableFloatingIP": false,
"frontendIPConfiguration": {
"id": "[variables('masterInternalLbIPConfigID')]"
},
"frontendPort": 443,
"idleTimeoutInMinutes": 5,
"protocol": "tcp"
}
}
],
"probes": [
{
"name": "tcpHTTPSProbe",
"properties": {
"intervalInSeconds": "5",
"numberOfProbes": "2",
"port": 4443,
"protocol": "tcp"
}
}
]
},
"type": "Microsoft.Network/loadBalancers"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"location": "[variables('location')]",
"name": "[variables('masterPublicIPAddressName')]",
"properties": {
"dnsSettings": {
"domainNameLabel": "[variables('masterFqdnPrefix')]"
},
"publicIPAllocationMethod": "Dynamic"
},
"type": "Microsoft.Network/publicIPAddresses"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"copy": {
"count": "[variables('masterCount')]",
"name": "masterLbLoopNode"
},
"dependsOn": [
"[variables('masterLbID')]"
],
"location": "[variables('location')]",
"name": "[concat(variables('masterLbName'), '/', 'SSH-', variables('masterVMNamePrefix'), copyIndex())]",
"properties": {
"backendPort": 22,
"enableFloatingIP": false,
"frontendIPConfiguration": {
"id": "[variables('masterLbIPConfigID')]"
},
"frontendPort": "[variables('sshNatPorts')[copyIndex()]]",
"protocol": "tcp"
},
"type": "Microsoft.Network/loadBalancers/inboundNatRules"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"copy": {
"count": "[variables('masterCount')]",
"name": "nicLoopNode"
},
"dependsOn": [
"[variables('vnetID')]",
"[concat(variables('masterLbID'),'/inboundNatRules/SSH-',variables('masterVMNamePrefix'),copyIndex())]",
"[variables('masterInternalLbName')]"
],
"location": "[variables('location')]",
"name": "[concat(variables('masterVMNamePrefix'), 'nic-', copyIndex())]",
"properties": {
"enableIPForwarding": true,
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"loadBalancerBackendAddressPools": [
{
"id": "[concat(variables('masterLbID'), '/backendAddressPools/', variables('masterLbBackendPoolName'))]"
},
{
"id": "[concat(variables('masterInternalLbID'), '/backendAddressPools/', variables('masterLbBackendPoolName'))]"
}
],
"loadBalancerInboundNatRules": [
{
"id": "[concat(variables('masterLbID'),'/inboundNatRules/SSH-',variables('masterVMNamePrefix'),copyIndex())]"
}
],
"privateIPAddress": "[concat(variables('masterFirstAddrPrefix'), copyIndex(int(variables('masterFirstAddrOctet4'))))]",
"privateIPAllocationMethod": "Static",
"subnet": {
"id": "[variables('vnetSubnetID')]"
}
}
}
]
},
"type": "Microsoft.Network/networkInterfaces"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"copy": {
"count": "[variables('masterCount')]",
"name": "vmLoopNode"
},
"dependsOn": [
"[concat('Microsoft.Network/networkInterfaces/', variables('masterVMNamePrefix'), 'nic-', copyIndex())]",
"[concat('Microsoft.Compute/availabilitySets/',variables('masterAvailabilitySet'))]",
"[variables('masterStorageAccountName')]"
],
"location": "[variables('location')]",
"name": "[concat(variables('masterVMNamePrefix'), copyIndex())]",
"properties": {
"availabilitySet": {
"id": "[resourceId('Microsoft.Compute/availabilitySets',variables('masterAvailabilitySet'))]"
},
"hardwareProfile": {
"vmSize": "[variables('masterVMSize')]"
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces',concat(variables('masterVMNamePrefix'),'nic-', copyIndex()))]"
}
]
},
"osProfile": {
"adminUsername": "[variables('username')]",
"computername": "[concat(variables('masterVMNamePrefix'), copyIndex())]",
"customData": "[base64(concat('#cloud-config\n\n# { { { variable } } }\n\npackages:\n - etcd\n - jq\n - traceroute\n\nruncmd:\n- /bin/echo DAEMON_ARGS=--name \"',variables('masterVMNames')[copyIndex()],'\" --initial-advertise-peer-urls \"',variables('masterEtcdPeerURLs')[copyIndex()],'\" --listen-peer-urls \"',variables('masterEtcdPeerURLs')[copyIndex()],'\" --advertise-client-urls \"',variables('masterEtcdClientURLs')[copyIndex()],'\" --listen-client-urls \"',concat(variables('masterEtcdClientURLs')[copyIndex()], ',http://127.0.0.1:', variables('masterEtcdClientPort')),'\" --initial-cluster-token \"k8s-etcd-cluster\" --initial-cluster \"',variables('masterEtcdClusterStates')[div(variables('masterCount'), 2)],'\" --initial-cluster-state \"new\" | tee -a /etc/default/etcd\n- apt-get update\n- apt-get install -y apt-transport-https ca-certificates\n- curl --retry 5 -fsSL https://apt.dockerproject.org/gpg | apt-key add -\n- echo \"deb ',variables('dockerEngineDownloadRepo'),' ubuntu-xenial main\" | sudo tee /etc/apt/sources.list.d/docker.list\n- \"echo \\\"Package: docker-engine\\nPin: version ',variables('dockerEngineVersion'),'\\nPin-Priority: 550\\n\\\" > /etc/apt/preferences.d/docker.pref\"\n- apt-get update\n- apt-get install -y docker-engine\n- systemctl restart docker\n- mkdir -p /etc/kubernetes/manifests\n- usermod -aG docker ',variables('username'),'\n\nwrite_files:\n- path: \"/etc/systemd/system/docker.service.d/clear_mount_propagation_flags.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n MountFlags=shared\n\n- path: \"/etc/systemd/system/docker.service.d/overlay.conf\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Service]\n ExecStart=\n ExecStart=/usr/bin/docker daemon -H fd:// --storage-driver=overlay\n\n- path: \"/etc/docker/daemon.json\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n {\n \"live-restore\": true\n }\n\n- path: \"/etc/kubernetes/certs/ca.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('caCertificate'),'\n\n- path: \"/etc/kubernetes/certs/apiserver.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('apiServerCertificate'),'\n\n- path: \"/etc/kubernetes/certs/client.crt\"\n permissions: \"0644\"\n encoding: \"base64\"\n owner: \"root\"\n content: |\n ',variables('clientCertificate'),'\n\n- path: \"/var/lib/kubelet/kubeconfig\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n apiVersion: v1\n kind: Config\n clusters:\n - name: localcluster\n cluster:\n certificate-authority: /etc/kubernetes/certs/ca.crt\n server: ',concat('https://', variables('masterPrivateIpAddrs')[copyIndex()], ':443'),'\n users:\n - name: client\n user:\n client-certificate: /etc/kubernetes/certs/client.crt\n client-key: /etc/kubernetes/certs/client.key\n contexts:\n - context:\n cluster: localcluster\n user: client\n name: localclustercontext\n current-context: localclustercontext\n\n- path: /etc/kubernetes/manifests/kube-apiserver.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/6SUzW7bMBCE734KQmczStIADYQoQOEW6CEN0gTofU2ubdb863KpwH36grKcH8lJC9Q+kcP9djRLCaL5gZRM8I2ourNqtjVeN6K6C7qaOWTQwNDMhPDgsBHVNi9RQjQJqUOqBiFFUE9q2iVGVyQLS7SpVAvBBqkRKnimYGW04LHfV8HF4NFzI16zZymiKrWbkPgW+THQthFMudQVDhiPNNDl2/7KzzhYF/WqyOSRMX3dRaSyfIiorg8HVXAOSgDDupCrenM4W73cnnTpd6UE7UwqicrhadvbQ0Q3ZoVqpyzOb4wzfA9+jTR/QOqMwk9Khex5/hlXkC0/cCBY48JCSvN7TCGTwu85MEz6acKU2tOT/j9WrQ2PMpLpjMU16pFsfEKVCWUMxO3l6eW4/qV8cfFhpCobspaRQmc0Ugu/M+HRIyr4lVm3NbKqn4dQ9wUnP1Pwk7Z9JlLZnBhJmiippNX2IxwSWxhN16NCZKXlfi6p3TDHpq7Pzj/22Zw1Vw4K7gsrvbAGPd8F4qOIXzlQdpIQdFsu3TjWw/BlP7R2AC/KYsxjm6RCYrkyFicRFCXVT7wTRXykvgwQGOUWd/+G2eJuMojywFLBewAFRwwchgH7G/o/JtL+VsslqC163Zasz0dnuvbisNMFmx1+K12HN/3V246s5HP7Z4wQrpTcAW8aUY1cVlNOByStWfYsi/wmqAOqrVnWL87tHY4/Q8eNlS9Zj3rix3cc/s3d27SJzT8BAAD//3URH4TmBQAA\n\n- path: /etc/kubernetes/manifests/kube-controller-manager.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/4yTT4/TQAzF7/0Uo9wnaVcrWEWbPSIuoEpI3F3HbYfOPzxOoHx65G66hXS7kNt4fn7vxfJAdl+Ji0uxNdW4qhYHF/vWVOvUV4tAAj0ItAtjIgRqTXUYNmQxReHkPbENEGFHXE1EyYAvWDkWoaBXHjbki8oYI464NZOEzR4ineqYQk6RorTmhsmiZEIV2acin0l+JD60RnhQAcXBReLJxv5HYv1cgJ1ij8pxJKHy8ZiJ9fglEz6dQUwhgM5mOqtF1ezPbPVn+bbd6draAEWIu9Xd+3pZL+tV+7B8WM4YVcUUt27XNSNw492m0ZonaS53sybwPiEI2Zh6suh6Lp1OaIahHzTACehWy/ru/l6DNKt3N0AdZvf4HPvD9z6umbbu59MVnYbeZk6j64k7+DXwtbMi5/8iweYy+ObUUH8rKc66OCWxCHbrPF11IbGUBqFGlllfIR4dkgXENESxmd2o0znQ8S0tyE47iesDHWeSnqAntuQJ5bXRjt3duTImPwT6pM7lr72ZVpME7cX7omNM0J41yL411Sxida0zAlvvNnbajptCsy1S7jni/M28Hkyf3UnqRT+/kfBf6W6rXcX8HQAA//+MbUgupQQAAA==\n\n- path: /etc/kubernetes/manifests/kube-scheduler.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/4SST4/aMBDF7/kUlu8mgUuR1fTcSyukSr1PnCmx8D/Zk1R8+9VAIGwWdn3zvPd+PA+BZP9iLjYGLeS0ldXJhl4LeYi9rDwS9ECgKyECeNRCnsYOVTED9qPDLGehJDCLei6EniUHHbrCaSHIYtbCxEA5OpUcBLzMTfQpBgykxXt2VRIazg6x0G+k/zGftKA8co45YAPmma5e9+NjPRxZ/c5yDkhYfp4TZr7+SWh+3Iwmeg+h1/OVwbIeblb5OP7wI5epUh4KYW63u2+bZtNstnrf7JuVh2Emhn/22NYT5NrZruaZQ6oXbRVyCD1mhQ4NtbyHlT61u9tkim70+CuOgcrjW+YlIRm1bGLBCOE5cgAatJA1kqmf2e6cCbJytlNz9Zeg1RPZd224/veeF+MP4IK689MnDb9q95r2pOb1vAUAAP//QKFYEiUDAAA=\n\n- path: /etc/kubernetes/manifests/kube-addon-manager.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/3yQzU7DMAzH730Ka/eqcNglQkg8QGESEneTWFvUJQ6xU9S3R+kX22XH2L//h4PJf1EWz9HA+NwMPjoDJ3ZNIEWHiqYBiBjIwFC+qUXnOLYBI54prytJaLe9TKIUGoDxxlUS2epzYdF30l/OgwHNhRoAy1HRR8pSifZRFoAPeCYDL3WdIynJW2X6BflMZF9nLpNwyZZmz2XwU0h0fwPYVAwcw/4OFDhPBo5PvZ+HI19LoJ5L3GRbubmXrMpQgRPqxcChI7Xdf7duAQ97B3Qf8Trtpy8Jd3ffWNfPmn1XeXqY8RcAAP//D9wkjsgBAAA=\n\n- path: /etc/kubernetes/addons/kube-dns-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/3xQwUoDMRC95yuG3lO7iCBztRcRpFD1ns2+Q9hsEjKTgn8vcbugoCWXvDfvvXmMK+EDVUJOTJfBzCFNTGfUS/AwC9RNTh0bouhGROk/ovlRrCuFaW4j7JRkZduImqCQfch3PjZRVCtrFtNOa8PuD2VyC5he2ojj69kQrfhHdCekOL+x8imKxUiB732um55PTMNh399wMEQlV/3ua6+JW88+YHq4X0HNmn2OTO/H02+xVV9uGd6eukEQ4TXX/y7zFQAA//8ZlC5KYQEAAA==\n\n- path: /etc/kubernetes/addons/kube-dns-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/8xW32/bNhB+919x0F4nRW6RNSPmAkNSrMDQzpizvcx7oMlLRIQiGd7RiDvsfx8kOxatOplTDEP5ZNzPz/fdfZAM5neMZLwTsJ5O7ozTAn7FYI2SbLy79I6jtxbjpEWWWrIUEwArV2ip+wVwl1YYHTJSZfyZsokYY0kY10ahgIJjwmIbeUGlDEH0KaV21FvXQ//vJwBOtjhElIORglSPHtoQYzuhgKoDEbeAScCrCQChRcU+itObMrbBSsZtSv5Puyed89yPgx5NAKQa1MlirKQNjaxGY4iGjZK2DF4LKIoT09hbjLtOUPzx17K4w82yEMviclfwR629o1+c3SyLb5eFD128j33MuwdDTMvi7z8f++U8PT2Ml7F4ZHwAj0x0T3nH0jiM+8YlyHibwSihKEvtW2ncbNeqsl5JWxWjGEdl8JFn07o+fz04TStvUcAPA+qf0wqvPi4WAdXbfZg1a3RINI9+hUN7gBtpbIp43USkxlst4DzzNszhJ+Q8ASBIbgQUZw1Ky82nsmutHRWHQT6ygIv6oj4wd6R3W/3++nqeOYwzbKS9Qis3C1TeaRLwXZ5KSSkkynBOMy+bFn3iferwH4Yjyjnu0B2wsGdq3uPuh5zV31bpOOjJyTwhevbKWwG/Xc2/pCCr8EzR68uhaESpzVESn6Vpn/YEQdMvJuh1fRIFEcmnqJByfNa0hukQcYutjxsB0zf1B5N5It4npHG0Cqmfa3u0Rlbi6M0pqRosyXzC7qLq0bU5X3ao7Xpk71QA42z66k1VV3U1/WZ0jX2Q9bfljVTGGt7MyudO9erj4oOk+8NT3a9GK+n+5I09vl0vX9Snt/Rf9vP4lFs9c2S9v0shF1aNNzJZrmitqgPZg/1o4e2ZxvWZS9aO5puine3FZzen4j/rK3pKT+z+mfT1Ib1Od9I3st8ng/zcPrx7QPV+W/r/k+/PJghfnXzvoJ58DCPcT8npC2Xp/AWqdFyUsgra0dxbozYCrrZLuXM4r3Fx8N3WvRXy+AvJkwBrXHr4JwAA//+O/Dp4ugoAAA==\n\n- path: /etc/kubernetes/addons/kube-proxy-daemonset.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/5RUO4/bPBDs/SsW6nk8t8L3pUmKNHkABtLT1JxNmA+Fu3Tsfx9Qii3pHspFFTG7nJ2dsWl69wOZXYot4SKI9cj6vN1DzHZzcrFr6ZNBSHEH2QSI6YyYdkPkzR6e64noVPbIEQJ+cElbX1iQFSOfnUVLjeSCZui0KfQpIko7XFJ9TpfrUBGH3FJMHTZE0QQ866gQ98becL6yIGy4h60iBKH3RjAKmgut31zsuowXUohuI8aLUYyLyHcyVcmCid3ErqjRx2uPXLmbGbwco6hRqrbYFJ/c4X99Nll7t9cV8xA91SYSF8yhWvrf5Pnn26hdD/than3FxPHL4FSyxcyQCv4sYFlgRLYvLW0fH8MdZdiSnVw/pii4yLy9z+7sPA7oWqqR30vn5EvAl1TinF9RqMh3I8eWGg2xmtlriyzczGjHPZi9GkrqmFgWwk33Lfrrs5mvsE+WvaSHWDXV/5n+PdHNExlrfxtTN/0K+ZXyaYGPfs5+grVxkDJP44+0wlnz0WRoawYH3ZOzZmHCisPr3O9Z+42l14nfimslrPp/3cHDSsoTZX3IHpbvU+KWvIvl8jsAAP//tEWDlf4EAAA=\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/4xSTYvcMAy951eIuWdmh1LomlIoHeilh4EpvSvOY8esYhtLSTf/vrg7HwlsP3QST0/PT7I4hx8oGlJ0hBdDrKnupn0H433zHGLv6IAsaR4QrRlg3LOxa4iEO4jWjOh57FAiDLoNaedlVENpFWUKHo42VkZsXpkftOWc3aKl7VnPXeLS/2ZMV0PTfvt+u2+IIg/4Y0MtamZ/YbQ6q2FoNMNXbwVZgmd1VJUUAm+pvLoe2Pz522KMf9szDFnYcBFYrKOGrLT+Z9irzRo+ReMQUW4KLXF5Ukc3wTDwExx9vOsdrnKnDP9pTTyOIsckwc+OPstPnvVWlzAhQvVYUoe7YaKzWf4KW0JEme3saLPbrNFUzNHjw+PDAg4xWGA5QHg+wafYq6N3S4aFAWm0t4p//ej7o4sNt/etHd+yk0uy5JM4+v7leMFj6nFaHUKNevHb9R0ndSQhji/U/AoAAP//WoCbXSkDAAA=\n\n- path: /etc/kubernetes/addons/kubernetes-dashboard-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/4yOsU4EMQxE+3yFdX3g6O78EQgJid6bjCC63SSyvSfd36NkKagQ3Wg843nSywfUSqtM95dwKzUzvUPvJSFscMniwoFolQWrDUV02xdohcOeSntO624OjXa0mE6uO05H8mJReudflZjFvpYmmgNRlQ1/Hq1L+klEe5hjC9aRBkdv6hMoTsl0Oc9NF/2Ev03rer4O07AieVP+F5Q/OpheW8Z4Er4DAAD//6UyTnEjAQAA\n\n- path: /etc/kubernetes/addons/kube-heapster-service.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/2yOvWrEMBCEez3F4l75q4yeIGUgkH4tD4mwLIndtSFvf8h2cQfXDcN++w239APRVEug/d0tqcyBviF7inArjGc2Do4o84SsPREt2wQpMOhLqq8xb2oQrycVaDDZMDy5LLwi0Ce4dcARncXfY6GN+5eOev1Xw+q0IXZ1q2LHBn/EQOPboTGWX9jXVY0fjkiREa3KtXhUz63duW4BAAD//6ozJXX5AAAA\n\n- path: /etc/kubernetes/addons/kube-heapster-deployment.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/6xUX2vbThB816c49Pw7xf41gfSoCiFJ6UPThAQKpSpmc9pUh+9f71bGaul3L5IlR1bsEEL1ZGZ3Z9Zzc8c5T5bKloJdoNeuMWgpiR6lSBgL6LWSEAWbJ4wRGq+BsK0wNvS0n3SWQFkMcUA4UwZ+oGDvlvU9BouE8SOCj4ThzqN83/e1s8aALcUW4Cw9qvrWdIxyHl0dJOaPlFmsjYHQLMArUaRF+jhgwaBgA9EWDrghiY+CLfizxkg7GGPS14KdzswOaNC40Ag2P55dqVFFK6NeTbDPrbOydPYWo/r1Ise8KxcWrG0mlklf56czM0FxTQG62iw7mRY3G+bdgnvn+objJ2WqAsbK6TI/mVTKbbjy4Uj4ap79n834PRJk8+naQ6LyA1HwTmvuMShX5m9m7TddNZIyQC7kuPbOoiUF+lA8eGfdq0NycuCM374wIy+aR7saH/kKdI0fgjO7fA8KdXmLD7toj98AVYIZJCiBIGs9GLVtLLn6uri5vlh8Pru6/Pdq0YN8VvLu5ux80LWuxDvUKMmFsUAXmNEboNyRi4JpZet1srFvIzkMabhHPfJ9eRo5eL/ndVhhiMpZwTbZ7HGw1hGQcnZEEmWFZa0xZKB9NV1IBkVKgubelYKNnqXnx8hpDL0SS7/9LtIlNkUqivS8J+yehXhtdVOk/xWp822/C13P5VpFikX653urF3esM0Cy+rRjxCEbpiaAV18GCNeEtv0Zj1bz9iDmydjtsdP76fc5PLFO192VjBhWSqJgKYUa23+0TZDoRnhsIqFJnlzmnjr5GwAA//9Ky8Hp3AYAAA==\n\n- path: /etc/kubernetes/addons/default-storage-class.yaml\n permissions: \"0644\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n H4sIAAAAAAAA/1zPMU4EMQyF4T6nsLZP0HYoLUdAovdMHshKNlnZzhScHmUZkKB++f7IMcbAd3mDmoyeyXwofyDVZ0syno7rBudrqNJLptfv8aWxWbjBubBzDkSdb8hU8M6zeSDi3oezy+i2ZvrJ7kumlUx1btAOx+MfsXjq+HiT6eI6cQlEjTe0M/MX7W2aQ6NBD9nxa+46DlnnQPM/wp9TEYtYDV8BAAD//2p7hGT6AAAA\n\n- path: \"/etc/systemd/system/kubectl-extract.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubectl extraction\n Requires=docker.service\n After=docker.service\n ConditionPathExists=!/usr/local/bin/kubectl\n\n [Service]\n Type=oneshot\n ExecStartPre=/bin/mkdir -p /tmp/kubectldir\n ExecStart=/usr/bin/docker run --rm -v /tmp/kubectldir:/opt/kubectldir ',variables('kubernetesHyperkubeSpec'),' /bin/bash -c \"cp /hyperkube /opt/kubectldir/\"\n ExecStartPost=/bin/mv /tmp/kubectldir/hyperkube /usr/local/bin/kubectl\n ExecStartPost=/bin/chmod a+x /usr/local/bin/kubectl\n\n\n- path: \"/etc/systemd/system/kubelet.service\"\n permissions: \"0644\"\n owner: \"root\"\n content: |\n [Unit]\n Description=Kubelet\n Requires=docker.service\n After=docker.service\n\n [Service]\n Restart=always\n ExecStartPre=/bin/mkdir -p /var/lib/kubelet\n # Azure does not support two LoadBalancers(LB) sharing the same nic and backend port.\n # As a workaround, the Internal LB(ILB) listens for apiserver traffic on port 4443 and the External LB(ELB) on port 443\n # This IPTable rule then redirects ILB traffic to port 443 in the prerouting chain\n ExecStartPre=/bin/bash -c \"iptables -t nat -A PREROUTING -p tcp --dport 4443 -j REDIRECT --to-port 443\"\n ExecStartPre=/bin/sed -i \"s|<kubernetesAddonManagerSpec>|',variables('kubernetesAddonManagerSpec'),'|g\" \"/etc/kubernetes/manifests/kube-addon-manager.yaml\"\n ExecStartPre=/bin/sed -i \"s|<kubernetesHyperkubeSpec>|',variables('kubernetesHyperkubeSpec'),'|g; s|<kubeServiceCidr>|',variables('kubeServiceCidr'),'|g; s|<masterEtcdClientPort>|',variables('masterEtcdClientPort'),'|g; s|<masterCount>|',variables('masterCount'),'|g\" \"/etc/kubernetes/manifests/kube-apiserver.yaml\"\n ExecStartPre=/bin/sed -i \"s|<kubernetesHyperkubeSpec>|',variables('kubernetesHyperkubeSpec'),'|g; s|<masterFqdnPrefix>|',variables('masterFqdnPrefix'),'|g\" \"/etc/kubernetes/manifests/kube-controller-manager.yaml\"\n ExecStartPre=/bin/sed -i \"s|<kubernetesHyperkubeSpec>|',variables('kubernetesHyperkubeSpec'),'|g\" \"/etc/kubernetes/manifests/kube-scheduler.yaml\"\n ExecStartPre=/bin/sed -i \"s|<kubernetesHyperkubeSpec>|',variables('kubernetesHyperkubeSpec'),'|g\" \"/etc/kubernetes/addons/kube-proxy-daemonset.yaml\"\n ExecStartPre=/bin/sed -i \"s|<kubernetesKubeDNSSpec>|',variables('kubernetesKubeDNSSpec'),'|g; s|<kubernetesDNSMasqSpec>|',variables('kubernetesDNSMasqSpec'),'|g; s|<kubernetesExecHealthzSpec>|',variables('kubernetesExecHealthzSpec'),'|g\" \"/etc/kubernetes/addons/kube-dns-deployment.yaml\"\n ExecStartPre=/bin/sed -i \"s|<kubernetesHeapsterSpec>|',variables('kubernetesHeapsterSpec'),'|g; s|<kubernetesAddonResizerSpec>|',variables('kubernetesAddonResizerSpec'),'|g\" \"/etc/kubernetes/addons/kube-heapster-deployment.yaml\"\n ExecStartPre=/bin/sed -i \"s|<kubernetesDashboardSpec>|',variables('kubernetesDashboardSpec'),'|g\" \"/etc/kubernetes/addons/kubernetes-dashboard-deployment.yaml\"\n ExecStartPre=/bin/mount --bind /var/lib/kubelet /var/lib/kubelet\n ExecStartPre=/bin/mount --make-shared /var/lib/kubelet\n ExecStart=/usr/bin/docker run \\\n --name=kubelet \\\n --net=host \\\n --pid=host \\\n --privileged \\\n --volume=/dev:/dev \\\n --volume=/sys:/sys:ro \\\n --volume=/var/run:/var/run:rw \\\n --volume=/var/lib/docker/:/var/lib/docker:rw \\\n --volume=/var/lib/kubelet/:/var/lib/kubelet:shared \\\n --volume=/var/log:/var/log:rw \\\n --volume=/etc/kubernetes/:/etc/kubernetes:ro \\\n --volume=/srv/kubernetes/:/srv/kubernetes:ro \\\n ',variables('kubernetesHyperkubeSpec'),' \\\n /hyperkube kubelet \\\n --api-servers=\"',concat('https://', variables('masterPrivateIpAddrs')[copyIndex()], ':443'),'\" \\\n --kubeconfig=/var/lib/kubelet/kubeconfig \\\n --pod-infra-container-image=\"',variables('kubernetesPodInfraContainerSpec'),'\" \\\n --address=0.0.0.0 \\\n --allow-privileged=true \\\n --enable-server \\\n --enable-debugging-handlers \\\n --pod-manifest-path=/etc/kubernetes/manifests \\\n --cluster-dns=',variables('kubeDnsServiceIP'),' \\\n --cluster-domain=cluster.local \\\n --register-schedulable=',variables('registerSchedulable'),' \\\n --cloud-provider=azure \\\n --cloud-config=/etc/kubernetes/azure.json \\\n --hairpin-mode=promiscuous-bridge \\\n --network-plugin=kubenet \\\n --azure-container-registry-config=/etc/kubernetes/azure.json \\\n --v=2\n ExecStop=/usr/bin/docker stop -t 10 kubelet\n ExecStopPost=/usr/bin/docker rm -f kubelet\n\n [Install]\n WantedBy=multi-user.target\n\n- path: \"/opt/azure/containers/provision.sh\"\n permissions: \"0744\"\n encoding: gzip\n owner: \"root\"\n content: !!binary |\n ',variables('provisionScript'),'\n'))]",
"linuxConfiguration": {
"disablePasswordAuthentication": "true",
"ssh": {
"publicKeys": [
{
"keyData": "[variables('sshPublicKeyData')]",
"path": "[variables('sshKeyPath')]"
}
]
}
}
},
"storageProfile": {
"imageReference": {
"offer": "[variables('osImageOffer')]",
"publisher": "[variables('osImagePublisher')]",
"sku": "[variables('osImageSku')]",
"version": "[variables('osImageVersion')]"
},
"osDisk": {
"caching": "ReadWrite",
"createOption": "FromImage",
"name": "[concat(variables('masterVMNamePrefix'), copyIndex(),'-osdisk')]",
"vhd": {
"uri": "[concat(reference(concat('Microsoft.Storage/storageAccounts/',variables('masterStorageAccountName')),variables('apiVersionStorage')).primaryEndpoints.blob,'vhds/',variables('masterVMNamePrefix'),copyIndex(),'-osdisk.vhd')]"
}
}
}
},
"tags": {
"creationSource": "[concat('acsengine-', variables('masterVMNamePrefix'), copyIndex())]"
},
"type": "Microsoft.Compute/virtualMachines"
},
{
"apiVersion": "[variables('apiVersionDefault')]",
"copy": {
"count": "[variables('masterCount')]",
"name": "vmLoopNode"
},
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachines/', variables('masterVMNamePrefix'), copyIndex())]"
],
"location": "[resourceGroup().location]",
"name": "[concat(variables('masterVMNamePrefix'), copyIndex(),'/cse', copyIndex())]",
"properties": {
"autoUpgradeMinorVersion": true,
"protectedSettings": {
"commandToExecute": "[concat('/usr/bin/nohup /bin/bash -c \"/bin/bash /opt/azure/containers/provision.sh ',variables('tenantID'),' ',variables('subscriptionId'),' ',variables('resourceGroup'),' ',variables('location'),' ',variables('subnetName'),' ',variables('nsgName'),' ',variables('virtualNetworkName'),' ',variables('routeTableName'),' ',variables('primaryAvailablitySetName'),' ',variables('servicePrincipalClientId'),' ',variables('servicePrincipalClientSecret'),' ',variables('clientPrivateKey'),' ',variables('targetEnvironment'),' ',variables('apiServerPrivateKey'),' ',variables('caCertificate'),' ',variables('masterFqdnPrefix'),' ',variables('kubeConfigCertificate'),' ',variables('kubeConfigPrivateKey'),' ',variables('username'),' >> /var/log/azure/cluster-provision.log 2>&1 &\" &')]"
},
"publisher": "Microsoft.OSTCExtensions",
"settings": {},
"type": "CustomScriptForLinux",
"typeHandlerVersion": "1.5"
},
"type": "Microsoft.Compute/virtualMachines/extensions"
}
],
"outputs": {
"agentStorageAccountCount": {
"type": "int",
"value": "[variables('agentStorageAccountsCount')]"
},
"agentStorageAccountOffset": {
"type": "int",
"value": "[variables('agentStorageAccountOffset')]"
},
"agentStorageAccountPrefixes": {
"type": "array",
"value": "[variables('storageAccountPrefixes')]"
},
"agentStorageAccountSuffix": {
"type": "string",
"value": "[variables('storageAccountBaseName')]"
},
"masterFQDN": {
"type": "string",
"value": "[reference(concat('Microsoft.Network/publicIPAddresses/', variables('masterPublicIPAddressName'))).dnsSettings.fqdn]"
}
}
}
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку