Azure
/
template-building-blocks
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Added DMZ building block

This commit is contained in:
RohitSharma-pnp 2016-08-29 18:32:28 -07:00
Родитель 98b3fd9b54
Коммит b72be73ed6
20 изменённых файлов: 921 добавлений и 329 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

20
template-building-blocks.deployproj
Просмотреть файл

@ -40,6 +40,15 @@
<None Include="scripts\iisaspnet.ps1" />
<None Include="scripts\iisaspnet.ps1.zip" />
<None Include="scripts\nva.sh" />
<None Include="templates\buildingBlocks\dmz\mappers\buildingBlockSettings.json" />
<None Include="templates\buildingBlocks\dmz\mappers\loadBalancerSettings-probes.json" />
<None Include="templates\buildingBlocks\dmz\mappers\loadBalancerSettings-rules.json" />
<None Include="templates\buildingBlocks\dmz\mappers\loadBalancerSettings.json" />
<None Include="templates\buildingBlocks\dmz\mappers\routeTableSettings-nop.json" />
<None Include="templates\buildingBlocks\dmz\mappers\routeTableSettings.json" />
<None Include="templates\buildingBlocks\dmz\mappers\routeTableSettings-routes.json" />
<None Include="templates\buildingBlocks\dmz\mappers\virtualMachineSettings.json" />
<None Include="templates\buildingBlocks\dmz\scenarios\public-dmz.parameters.json" />
<None Include="templates\buildingBlocks\loadBalancer-backend-n-vm\azuredeploy.json" />
<None Include="templates\buildingBlocks\loadBalancer-backend-n-vm\scenarios\internal-loadBalancer.parameters.json" />
<None Include="templates\buildingBlocks\loadBalancer-backend-n-vm\scenarios\internal-loadBalancer-multi-backends.parameters.json" />
@ -52,11 +61,9 @@
<None Include="templates\buildingBlocks\networkSecurityGroups\azuredeploy.json" />
<None Include="templates\buildingBlocks\networkSecurityGroups\scenarios\3-nsgs-on-3-subnets.parameters.json" />
<None Include="templates\buildingBlocks\networkSecurityGroups\scenarios\multiple-nsgs-on-subnets-nics.parameters.json" />
<None Include="templates\buildingBlocks\nvas-ntier-network\azuredeploy.json" />
<None Include="templates\buildingBlocks\nvas-ntier-network\azuredeploy.parameters.json" />
<None Include="templates\buildingBlocks\nvas-ntier-network\scenarios\2-nva-gwy-vm-ipfwding-enabled.parameters.json" />
<None Include="templates\buildingBlocks\nvas-ntier-network\scenarios\network-topology.png" />
<None Include="templates\buildingBlocks\nvas-ntier-network\scenarios\setup-script.ps1" />
<None Include="templates\buildingBlocks\dmz\azuredeploy.json" />
<None Include="templates\buildingBlocks\dmz\azuredeploy.parameters.json" />
<None Include="templates\buildingBlocks\dmz\scenarios\internal-dmz.parameters.json" />
<None Include="templates\buildingBlocks\userDefinedRoutes\azuredeploy.json" />
<None Include="templates\buildingBlocks\userDefinedRoutes\scenarios\multiple-routes-on-subnets.parameters.json" />
<None Include="templates\buildingBlocks\virtualMachine-extensions\azuredeploy.json" />
@ -150,12 +157,15 @@
<None Include="templates\resources\Microsoft.Network\networkSecurityGroups\networkSecurityGroup-subnets.json" />
<None Include="templates\resources\Microsoft.Network\networkSecurityGroups\networkSecurityGroup.json" />
<None Include="templates\resources\Microsoft.Network\networkSecurityGroups\networkSecurityGroups.json" />
<None Include="templates\resources\Microsoft.Network\routeTables\routeTable-nop.json" />
<None Include="templates\resources\Microsoft.Network\routeTables\routeTable-routes.json" />
<None Include="templates\resources\Microsoft.Network\routeTables\routeTable.json" />
<None Include="templates\resources\Microsoft.Network\routeTables\routeTables.json" />
<None Include="templates\resources\Microsoft.Network\routeTables\rt-routes-no-next-hop-ip-address.json" />
<None Include="templates\resources\Microsoft.Network\routeTables\rt-routes-with-next-hop-ip-address.json" />
<None Include="templates\resources\Microsoft.Network\virtualNetworkGateways\virtualNetworkGateway.json" />
<None Include="templates\resources\Microsoft.Network\virtualNetworks\subnets-new.json" />
<None Include="templates\resources\Microsoft.Network\virtualNetworks\subnets-nop.json" />
<None Include="templates\resources\Microsoft.Network\virtualNetworks\virtualNetwork-subnets.json" />
<None Include="templates\resources\Microsoft.Network\virtualNetworks\virtualNetwork.json" />
<None Include="templates\resources\Microsoft.Storage\storageAccounts\storageAccount.json" />

232
templates/buildingBlocks/dmz/azuredeploy.json Normal file
Просмотреть файл

@ -0,0 +1,232 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentContext": {
"type": "object",
"defaultValue": {
"parentTemplateUniqueString": "bbNVAs"
}
},
"dmzSettings": {
"type": "object",
"metadata": {
"description": "Settings for DMZ"
}
},
"virtualNetworkSettings": {
"type": "object",
"metadata": {
"description": "Settings for virtual network"
}
}
},
"variables": {
"templateUniqueString": "[uniqueString(concat(string(parameters('deploymentContext')), string(parameters('dmzSettings')), string(parameters('virtualNetworkSettings'))))]",
"routeTableDeploymentName": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-nvaRt-', variables('templateUniqueString'))]",
"extensionDeploymentName": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-nvaExt-', variables('templateUniqueString'))]",
"lbDeploymentName": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-nvaLbVMs-', variables('templateUniqueString'))]",
"extensionDeploymentNamePrefix": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-deployVmExt-')]",
"subnetsDeploymentName": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-nvaSubnets-', variables('templateUniqueString'))]",
"loadBalancerTemplate": "[uri(deployment().properties.templateLink.uri, '../loadBalancer-backend-n-vm/azuredeploy.json')]",
"extensionsTemplate": "[uri(deployment().properties.templateLink.uri, '../virtualMachine-extensions/azuredeploy.json')]",
"subnetTemplates": {
"no": "[uri(deployment().properties.templateLink.uri, '../../resources/Microsoft.Network/virtualNetworks/subnets-nop.json')]",
"yes": "[uri(deployment().properties.templateLink.uri, '../../resources/Microsoft.Network/virtualNetworks/subnets-new.json')]"
},
"routeTableTemplates": {
"yes": "[uri(deployment().properties.templateLink.uri, '../../resources/Microsoft.Network/routeTables/routeTable-nop.json')]",
"no": "[uri(deployment().properties.templateLink.uri, '../userDefinedRoutes/azuredeploy.json')]"
},
"buildingBlockSettingsTemplateName": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-nvaBBParam-', variables('templateUniqueString'))]",
"buildingBlockSettingsTemplate": "[uri(deployment().properties.templateLink.uri, 'mappers/buildingBlockSettings.json')]",
"loadBalancerSettingsTemplateName": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-nvaLBParam-', variables('templateUniqueString'))]",
"loadBalancerSettingsTemplate": "[uri(deployment().properties.templateLink.uri, 'mappers/loadBalancerSettings.json')]",
"vmSettingsTemplateName": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-nvaVMParam-', variables('templateUniqueString'))]",
"vmSettingsTemplate": "[uri(deployment().properties.templateLink.uri, 'mappers/virtualMachineSettings.json')]",
"routeTableSettingsTemplateName": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-nvaRTParam-', variables('templateUniqueString'))]",
"routeTableSettingsTemplates": {
"yes": "[uri(deployment().properties.templateLink.uri, 'mappers/routeTableSettings-nop.json')]",
"no": "[uri(deployment().properties.templateLink.uri, 'mappers/routeTableSettings.json')]"
}
},
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"name": "[variables('buildingBlockSettingsTemplateName')]",
"properties": {
"mode": "Incremental",
"templateLink": { "uri": "[variables('buildingBlockSettingsTemplate')]" },
"parameters": {
"deploymentContext": {
"value": {
"parentTemplateUniqueString": "[concat(variables('templateUniqueString') , '-nvaBBParam')]"
}
},
"context": {
"value": {
"vmCount": "[parameters('dmzSettings').applianceSettings.virtualMachineSettings.count]"
}
}
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"name": "[variables('loadBalancerSettingsTemplateName')]",
"properties": {
"mode": "Incremental",
"templateLink": { "uri": "[variables('loadBalancerSettingsTemplate')]" },
"parameters": {
"deploymentContext": {
"value": {
"parentTemplateUniqueString": "[concat(variables('templateUniqueString') , '-nvaLBParam')]"
}
},
"context": {
"value": {
"dmzSettings": "[parameters('dmzSettings')]"
}
}
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"name": "[variables('vmSettingsTemplateName')]",
"properties": {
"mode": "Incremental",
"templateLink": { "uri": "[variables('vmSettingsTemplate')]" },
"parameters": {
"deploymentContext": {
"value": {
"parentTemplateUniqueString": "[concat(variables('templateUniqueString') , '-nvaVMParam')]"
}
},
"context": {
"value": {
"dmzSettings": "[parameters('dmzSettings')]"
}
}
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"name": "[variables('routeTableSettingsTemplateName')]",
"properties": {
"mode": "Incremental",
"templateLink": { "uri": "[variables('routeTableSettingsTemplates')[tolower(parameters('dmzSettings').endpoint.hasPublicEndpoint)]]" },
"parameters": {
"deploymentContext": {
"value": {
"parentTemplateUniqueString": "[concat(variables('templateUniqueString') , '-nvaRTParam')]"
}
},
"context": {
"value": {
"dmzSettings": "[parameters('dmzSettings')]"
}
}
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"name": "[variables('subnetsDeploymentName')]",
"properties": {
"mode": "Incremental",
"templateLink": { "uri": "[variables('subnetTemplates')[tolower(parameters('dmzSettings').useExistingSubnets)]]" },
"parameters": {
"deploymentContext": {
"value": {
"parentTemplateUniqueString": "[concat(variables('templateUniqueString'), '-nvaSubnets')]"
}
},
"subnets": { "value": "[parameters('dmzSettings').subnets]" },
"virtualNetworkSettings": { "value": "[parameters('virtualNetworkSettings')]" }
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"name": "[variables('lbDeploymentName')]",
"dependsOn": [
"[variables('subnetsDeploymentName')]"
],
"properties": {
"mode": "Incremental",
"templateLink": { "uri": "[variables('loadBalancerTemplate')]" },
"parameters": {
"deploymentContext": {
"value": {
"parentTemplateUniqueString": "[concat(variables('templateUniqueString'), '-nvaLbVMs')]"
}
},
"virtualMachinesSettings": { "value": "[reference(variables('vmSettingsTemplateName')).outputs.result.value]" },
"virtualNetworkSettings": { "value": "[parameters('virtualNetworkSettings')]" },
"buildingBlockSettings": { "value": "[reference(variables('buildingBlockSettingsTemplateName')).outputs.result.value]" },
"loadBalancerSettings": { "value": "[reference(variables('loadBalancerSettingsTemplateName')).outputs.result.value]" }
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"name": "[variables('routeTableDeploymentName')]",
"dependsOn": [
"[variables('lbDeploymentName')]"
],
"properties": {
"mode": "Incremental",
"templateLink": { "uri": "[variables('routeTableTemplates')[tolower(parameters('dmzSettings').endpoint.hasPublicEndpoint)]]" },
"parameters": {
"deploymentContext": {
"value": {
"parentTemplateUniqueString": "[concat(variables('templateUniqueString'), '-nvaRt')]"
}
},
"virtualNetworkSettings": { "value": "[parameters('virtualNetworkSettings')]" },
"routeTableSettings": { "value": "[reference(variables('routeTableSettingsTemplateName')).outputs.result.value]" }
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"name": "[variables('extensionDeploymentName')]",
"dependsOn": [
"[variables('lbDeploymentName')]"
],
"properties": {
"mode": "Incremental",
"templateLink": { "uri": "[variables('extensionsTemplate')]" },
"parameters": {
"deploymentContext": {
"value": {
"parentTemplateUniqueString": "[concat(variables('templateUniqueString'), '-nvaExt')]"
}
},
"virtualNetworkSettings": { "value": "[parameters('virtualNetworkSettings')]" },
"virtualMachinesExtensionSettings": { "value": "[parameters('dmzSettings').applianceSettings.virtualMachineSettings.extensions]" }
}
}
}
],
"outputs": {
"resources": {
"type": "array",
"value": "[concat(reference(variables('routeTableDeploymentName')).outputResources, reference(variables('lbDeploymentName')).outputResources, reference(variables('extensionDeploymentName')).outputResources)]"
}
}
}

69
templates/buildingBlocks/dmz/azuredeploy.parameters.json Normal file
Просмотреть файл

@ -0,0 +1,69 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"dmzSettings": {
"value": {
"endpoint": {
"hasPublicEndpoint": "no",
"internalLoadBalancerSettings": {
"privateIPAddress": "10.0.4.250",
"subnetName": "in-sn"
}
},
"applianceSettings": {
"ports": [
{
"port": 8001,
"protocol": "Tcp",
"healthProbe": "hp1"
}
],
"healthProbes": [
{
"name": "hp1",
"port": 8001,
"protocol": "Tcp",
"requestPath": "/"
}
],
"virtualMachineSettings": {
"count": 3,
"size": "Standard_DS2_v2",
"adminUsername": "testuser",
"adminPassword": "AweS0me@PW",
"sshPublicKey": "",
"osAuthenticationType": "password",
"imageReference": {
"publisher": "Canonical",
"offer": "UbuntuServer",
"sku": "14.04.5-LTS",
"version": "latest"
},
"extensions": [ ]
}
},
"securedAddressSpace": [ "10.0.1.0/24", "10.0.2.0/24" ],
"subnets": {
"useExistingSubnets": "no",
"inSubnet": {
"name": "in-sn",
"addressPrefix": "10.0.4.0/24"
},
"outSubnet": {
"name": "out-sn",
"addressPrefix": "10.0.5.0/24"
}
}
}
},
"virtualNetworkSettings": {
"value": {
"name": "bb-dev-vnet",
"resourceGroup": "ra-nva-rg"
}
}
}
}

24
templates/buildingBlocks/dmz/mappers/buildingBlockSettings.json Normal file
Просмотреть файл

@ -0,0 +1,24 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentContext": { "type": "object" },
"context": { "type": "object" }
},
"variables": {
"instance": {
"storageAccountsCount": "[parameters('context').vmCount]",
"vmCount": "[parameters('context').vmCount]",
"vmStartIndex": 1
}
},
"resources": [
],
"outputs": {
"result": {
"type": "object",
"value": "[variables('instance')]"
}
}
}

37
templates/buildingBlocks/dmz/mappers/loadBalancerSettings-probes.json Normal file
Просмотреть файл

@ -0,0 +1,37 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentContext": { "type": "object" },
"source": { "type": "object" },
"context": { "type": "object" },
"state": {
"type": "array",
"defaultValue": [ ]
},
"iteration": {
"type": "int",
"defaultValue": 0
}
},
"variables": {
"instance": [
{
"name": "[parameters('source').name]",
"port": "[parameters('source').port]",
"protocol": "[parameters('source').protocol]",
"requestPath": "[parameters('source').requestPath]"
}
]
},
"resources": [
],
"outputs": {
"collection": {
"type": "array",
"value": "[concat(parameters('state'), variables('instance'))]"
}
}
}

40
templates/buildingBlocks/dmz/mappers/loadBalancerSettings-rules.json Normal file
Просмотреть файл

@ -0,0 +1,40 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentContext": { "type": "object" },
"source": { "type": "object" },
"context": { "type": "object" },
"state": {
"type": "array",
"defaultValue": [ ]
},
"iteration": {
"type": "int",
"defaultValue": 0
}
},
"variables": {
"instance": [
{
"name": "[concat('nva-rule', parameters('iteration'))]",
"frontendPort": "[parameters('source').port]",
"backendPort": "[parameters('source').port]",
"protocol": "[parameters('source').protocol]",
"backendPoolName": "nva-lb-Bep",
"frontendIPConfigurationName": "nva-lb-fe",
"probeName": "[parameters('source').healthProbe]"
}
]
},
"resources": [
],
"outputs": {
"collection": {
"type": "array",
"value": "[concat(parameters('state'), variables('instance'))]"
}
}
}

83
templates/buildingBlocks/dmz/mappers/loadBalancerSettings.json Normal file
Просмотреть файл

@ -0,0 +1,83 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentContext": { "type": "object" },
"context": { "type": "object" }
},
"variables": {
"templateUniqueString": "[uniqueString(concat(string(parameters('deploymentContext')), string(parameters('context'))))]",
"lbRulesMapperTemplateName": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-lbRulesParams-', variables('templateUniqueString'))]",
"lbProbesMapperTemplateName": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-lbProbesParams-', variables('templateUniqueString'))]",
"collectorTemplate": "[uri(deployment().properties.templateLink.uri, '../../../resources/common/collector.json')]",
"loadBalancerType": {
"yes": "public",
"no": "internal"
}
},
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"name": "[variables('lbRulesMapperTemplateName')]",
"properties": {
"mode": "Incremental",
"templateLink": { "uri": "[variables('collectorTemplate')]" },
"parameters": {
"deploymentContext": {
"value": {
"parentTemplateUniqueString": "[concat(variables('templateUniqueString') , '-lbRulesParams')]"
}
},
"source": { "value": "[parameters('context').dmzSettings.applianceSettings.ports]" },
"context": { "value": { } },
"mapperTemplateUri": { "value": "[uri(deployment().properties.templateLink.uri, 'loadBalancerSettings-rules.json')]" }
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"name": "[variables('lbProbesMapperTemplateName')]",
"properties": {
"mode": "Incremental",
"templateLink": { "uri": "[variables('collectorTemplate')]" },
"parameters": {
"deploymentContext": {
"value": {
"parentTemplateUniqueString": "[concat(variables('templateUniqueString') , '-lbProbesParams')]"
}
},
"source": { "value": "[parameters('context').dmzSettings.applianceSettings.healthProbes]" },
"context": { "value": { } },
"mapperTemplateUri": { "value": "[uri(deployment().properties.templateLink.uri, 'loadBalancerSettings-probes.json')]" }
}
}
}
],
"outputs": {
"result": {
"type": "object",
"value": {
"name": "nva-lb",
"frontendIPConfigurations": [
{
"name": "nva-lb-fe",
"loadBalancerType": "[variables('loadBalancerType')[tolower(parameters('context').dmzSettings.endpoint.hasPublicEndpoint)]]",
"internalLoadBalancerSettings": "[parameters('context').dmzSettings.endpoint.internalLoadBalancerSettings]"
}
],
"loadBalancingRules": "[reference(variables('lbRulesMapperTemplateName')).outputs.result.value]",
"probes": "[reference(variables('lbProbesMapperTemplateName')).outputs.result.value]",
"backendPools": [
{
"name": "nva-lb-Bep",
"nicIndex": 0
}
],
"inboundNatRules": [ ]
}
}
}
}

18
templates/buildingBlocks/dmz/mappers/routeTableSettings-nop.json Normal file
Просмотреть файл

@ -0,0 +1,18 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentContext": { "type": "object" },
"context": { "type": "object" }
},
"variables": {
},
"resources": [
],
"outputs": {
"result": {
"type": "array",
"value": [ ]
}
}
}

37
templates/buildingBlocks/dmz/mappers/routeTableSettings-routes.json Normal file
Просмотреть файл

@ -0,0 +1,37 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentContext": { "type": "object" },
"source": { "type": "string" },
"context": { "type": "object" },
"state": {
"type": "array",
"defaultValue": [ ]
},
"iteration": {
"type": "int",
"defaultValue": 0
}
},
"variables": {
"instance": [
{
"name": "[concat('nva-route', parameters('iteration'))]",
"addressPrefix": "[parameters('source')]",
"nextHopType": "VirtualAppliance",
"nextHopIpAddress": "[parameters('context').loadBalancerIPAddress]"
}
]
},
"resources": [
],
"outputs": {
"collection": {
"type": "array",
"value": "[concat(parameters('state'), variables('instance'))]"
}
}
}

52
templates/buildingBlocks/dmz/mappers/routeTableSettings.json Normal file
Просмотреть файл

@ -0,0 +1,52 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentContext": { "type": "object" },
"context": { "type": "object" }
},
"variables": {
"templateUniqueString": "[uniqueString(concat(string(parameters('deploymentContext')), string(parameters('context'))))]",
"routeMapperTemplate": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-rtParams-', variables('templateUniqueString'))]",
"collectorTemplate": "[uri(deployment().properties.templateLink.uri, '../../../resources/common/collector.json')]"
},
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"name": "[variables('routeMapperTemplate')]",
"properties": {
"mode": "Incremental",
"templateLink": { "uri": "[variables('collectorTemplate')]" },
"parameters": {
"deploymentContext": {
"value": {
"parentTemplateUniqueString": "[concat(variables('templateUniqueString') , '-rtParams')]"
}
},
"source": { "value": "[parameters('context').dmzSettings.securedAddressSpace]" },
"context": {
"value": {
"loadBalancerIPAddress": "[parameters('context').dmzSettings.endpoint.internalLoadBalancerSettings.privateIPAddress]"
}
},
"mapperTemplateUri": { "value": "[uri(deployment().properties.templateLink.uri, 'routeTableSettings-routes.json')]" }
}
}
}
],
"outputs": {
"result": {
"type": "array",
"value": [
{
"name": "nva-rt1",
"subnets": [
"GatewaySubnet"
],
"routes": "[reference(variables('routeMapperTemplate')).outputs.result.value]"
}
]
}
}
}

59
templates/buildingBlocks/dmz/mappers/virtualMachineSettings.json Normal file
Просмотреть файл

@ -0,0 +1,59 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentContext": { "type": "object" },
"context": { "type": "object" }
},
"variables": {
"instance": {
"namePrefix": "nva",
"computerNamePrefix": "nva",
"size": "[parameters('context').dmzSettings.applianceSettings.virtualMachineSettings.size]",
"osType": "linux",
"adminUsername": "[parameters('context').dmzSettings.applianceSettings.virtualMachineSettings.adminUsername]",
"adminPassword": "[parameters('context').dmzSettings.applianceSettings.virtualMachineSettings.adminPassword]",
"osAuthenticationType": "[parameters('context').dmzSettings.applianceSettings.virtualMachineSettings.osAuthenticationType]",
"sshPublicKey": "[parameters('context').dmzSettings.applianceSettings.virtualMachineSettings.sshPublicKey]",
"nics": [
{
"isPublic": "false",
"subnetName": "[parameters('context').dmzSettings.subnets.inSubnet.name]",
"privateIPAllocationMethod": "dynamic",
"enableIPForwarding": true,
"dnsServers": [ ],
"isPrimary": "true"
},
{
"isPublic": "false",
"subnetName": "[parameters('context').dmzSettings.subnets.outSubnet.name]",
"privateIPAllocationMethod": "dynamic",
"enableIPForwarding": true,
"dnsServers": [ ],
"isPrimary": "false"
}
],
"imageReference": "[parameters('context').dmzSettings.applianceSettings.virtualMachineSettings.imageReference]",
"dataDisks": {
"count": 0,
"properties": { }
},
"osDisk": {
"caching": "ReadWrite"
},
"extensions": [ ],
"availabilitySet": {
"useExistingAvailabilitySet": "No",
"name": "nva"
}
}
},
"resources": [
],
"outputs": {
"result": {
"type": "object",
"value": "[variables('instance')]"
}
}
}

0
templates/buildingBlocks/nvas-ntier-network/scenarios/2-nva-gwy-vm-ipfwding-enabled.parameters.json → templates/buildingBlocks/dmz/scenarios/internal-dmz.parameters.json
Просмотреть файл

169
templates/buildingBlocks/dmz/scenarios/public-dmz.parameters.json Normal file
Просмотреть файл

@ -0,0 +1,169 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"loadBalancerSettings": {
"value": {
"name": "in-lb",
"frontendIPConfigurations": [
{
"name": "lbfe1",
"loadBalancerType": "public",
"internalLoadBalancerSettings": {
"privateIPAddress": "10.0.1.10",
"subnetName": "app0-in-sn"
}
}
],
"loadBalancingRules": [
{
"name": "lbr1",
"frontendPort": 80,
"backendPort": 80,
"protocol": "Tcp",
"backendPoolName": "lb-bep1",
"frontendIPConfigurationName": "lbfe1"
},
{
"name": "lbr2",
"frontendPort": 443,
"backendPort": 443,
"protocol": "Tcp",
"backendPoolName": "lb-bep2",
"frontendIPConfigurationName": "lbfe1"
}
],
"probes": [
{
"name": "lbp1",
"port": 80,
"protocol": "Http",
"requestPath": "/"
},
{
"name": "lbp2",
"port": 443,
"protocol": "Http",
"requestPath": "/"
}
],
"backendPools": [
{
"name": "lb-bep1",
"nicIndex": 0
},
{
"name": "lb-bep2",
"nicIndex": 0
},
{
"name": "lb-bep3",
"nicIndex": 0
}
]
}
},
"virtualMachinesSettings": {
"value": {
"namePrefix": "cn",
"computerNamePrefix": "cn",
"size": "Standard_DS2",
"adminUsername": "testuser",
"adminPassword": "AweS0me@PW",
"sshPublicKey": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCUXF5vzdgGWymJ+9GtiPxb+H0p6MDh9oAlNklKKz6zp/NkqxMaWb8JJqK5jjfseOVnQWD+BkhA5bwUlULH2UJmjZSL9SFpNqarfM62EFHe416Q/MLMjBfQ+szEm15Jha8ur2VkkzuVDQK6lSVap/B+QU1JVdYLLHi3n7T65mWkOWdOXVAKZvBO+sT2CSRNUXCupsUHjnexeVxXiHrHZq9W62VUNKSpFKSQQt3hJkYaYWsoUjlO45EeQ3f0XjYZw1dfjN6X1wDdghqdbq46XlW8+4yucFyzreJGiF0uJWY7abVHqnfZ3XtLsKvwvC29QCdDftdtRCtqW1I5NXO84XGr kirpas@KIRPASDEV02",
"osAuthenticationType": "sshPublicKey",
"nics": [
{
"isPublic": "false",
"subnetName": "app0-in-sn",
"privateIPAllocationMethod": "static",
"startingIPAddress": "10.0.1.242",
"enableIPForwarding": true,
"dnsServers": [
"10.0.0.10",
"10.0.0.11"
],
"isPrimary": "true"
},
{
"isPublic": "false",
"subnetName": "app0-out-sn",
"privateIPAllocationMethod": "dynamic",
"enableIPForwarding": true,
"dnsServers": [
"10.0.0.10",
"10.0.0.11"
],
"isPrimary": "false"
}
],
"imageReference": {
"publisher": "Canonical",
"offer": "UbuntuServer",
"sku": "14.04.4-LTS",
"version": "latest"
},
"dataDisks": {
"count": 2,
"properties": {
"diskSizeGB": 127,
"caching": "None",
"createOption": "Empty"
}
},
"osDisk": {
"caching": "ReadWrite"
},
"availabilitySet": {
"useExistingAvailabilitySet": "No",
"name": "cn"
}
},
"metadata": {
"description": "Settings for Virtual Machines"
}
},
"virtualNetworkSettings": {
"value": {
"name": "app0-vnet",
"resourceGroup": "app0-rg"
},
"metadata": {
"description": "Virtual network settings"
}
},
"buildingBlockSettings": {
"value": {
"storageAccountsCount": 1,
"vmCount": 2,
"vmStartIndex": 3
},
"metadata": {
"description": "Settings specific to the building block"
}
},
"routeTableSettings": {
"value": {
"name": "app0-in-rt",
"subnets": [
"app0-in-sn"
],
"routes": [
{
"name": "route1",
"addressPrefix": "10.0.1.10/24",
"nextHopType": "VirtualAppliance",
"nextHopIpAddress": "10.0.255.224"
},
{
"name": "route2",
"addressPrefix": "10.0.2.10/24",
"nextHopType": "VirtualAppliance",
"nextHopIpAddress": "10.0.255.224"
}
]
}
}
}
}

101
templates/buildingBlocks/nvas-ntier-network/azuredeploy.json
Просмотреть файл

@ -1,101 +0,0 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentContext": {
"type": "object",
"defaultValue": {
"parentTemplateUniqueString": "bbNVAs"
}
},
"loadBalancerSettings": {
"type": "object",
"metadata": {
"description": "Settings for infrastructure"
}
},
"virtualMachinesSettings": {
"type": "object",
"metadata": {
"description": "Settings for virtual machines"
}
},
"virtualNetworkSettings": {
"type": "object",
"metadata": {
"description": "Settings for virtual network"
}
},
"buildingBlockSettings": {
"type": "object",
"metadata": {
"description": "Settings for building block"
}
},
"routeTableSettings": {
"type": "array",
"metadata": {
"description": "Settings for route table."
}
}
},
"variables": {
"templateUniqueString": "[uniqueString(concat(string(parameters('deploymentContext')), string(parameters('loadBalancerSettings')), string(parameters('virtualMachinesSettings')), string(parameters('virtualNetworkSettings')), string(parameters('buildingBlockSettings')), string(parameters('routeTableSettings'))))]",
"location": "[resourceGroup().location]",
"vmPrefix": "[concat(parameters('virtualMachinesSettings').namePrefix, '-vm')]",
"routeTableTemplate": "[uri(deployment().properties.templateLink.uri, '../userDefinedRoutes/azuredeploy.json')]",
"loadBalancerTemplate": "[uri(deployment().properties.templateLink.uri, '../loadBalancer-backend-n-vm/azuredeploy.json')]",
"routeTableDeploymentName": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-deployRt-', variables('templateUniqueString'))]",
"lbDeploymentName": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-deployLbVMs-', variables('templateUniqueString'))]",
"extensionDeploymentNamePrefix": "[concat(parameters('deploymentContext').parentTemplateUniqueString, '-deployVmExt-')]"
},
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"name": "[variables('routeTableDeploymentName')]",
"dependsOn": [
"[variables('lbDeploymentName')]"
],
"properties": {
"mode": "Incremental",
"templateLink": { "uri": "[variables('routeTableTemplate')]" },
"parameters": {
"deploymentContext": {
"value": {
"parentTemplateUniqueString": "[concat(variables('templateUniqueString'), '-deployRt')]"
}
},
"virtualNetworkSettings": { "value": "[parameters('virtualNetworkSettings')]" },
"routeTableSettings": { "value": "[parameters('routeTableSettings')]" }
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2015-01-01",
"name": "[variables('lbDeploymentName')]",
"properties": {
"mode": "Incremental",
"templateLink": { "uri": "[variables('loadBalancerTemplate')]" },
"parameters": {
"deploymentContext": {
"value": {
"parentTemplateUniqueString": "[concat(variables('templateUniqueString'), '-deployLbVMs')]"
}
},
"virtualMachinesSettings": { "value": "[parameters('virtualMachinesSettings')]" },
"virtualNetworkSettings": { "value": "[parameters('virtualNetworkSettings')]" },
"buildingBlockSettings": { "value": "[parameters('buildingBlockSettings')]" },
"loadBalancerSettings": { "value": "[parameters('loadBalancerSettings')]" }
}
}
}
],
"outputs": {
"resources": {
"type": "array",
"value": "[concat(reference(variables('routeTableDeploymentName')).outputResources, reference(variables('lbDeploymentName')).outputResources)]"
}
}
}

127
templates/buildingBlocks/nvas-ntier-network/azuredeploy.parameters.json
Просмотреть файл

@ -1,127 +0,0 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"loadBalancerSettings": {
"value": {
"name": "nva-ilb",
"frontendIPConfigurations": [
{
"name": "lbfe1",
"loadBalancerType": "internal",
"internalLoadBalancerSettings": {
"privateIPAddress": "10.0.1.250",
"subnetName": "app1-in-subnet"
}
}
],
"loadBalancingRules": [
{
"name": "lbr1",
"frontendPort": 80,
"backendPort": 80,
"protocol": "Tcp",
"backendPoolName": "lb-bep1",
"frontendIPConfigurationName": "lbfe1"
}
],
"probes": [
{
"name": "lbp1",
"port": 80,
"protocol": "Http",
"requestPath": "/"
}
],
"backendPools": [
{
"name": "lb-bep1",
"nicIndex": 0
}
],
"inboundNatRules": [ ]
}
},
"virtualMachinesSettings": {
"value": {
"namePrefix": "ra-nva",
"computerNamePrefix": "cn",
"size": "Standard_DS2",
"osType": "linux",
"adminUsername": "testuser",
"adminPassword": "AweS0me@PW",
"sshPublicKey": "",
"osAuthenticationType": "password",
"nics": [
{
"isPublic": "false",
"subnetName": "ra-nva-in",
"privateIPAllocationMethod": "static",
"startingIPAddress": "10.0.1.242",
"isPrimary": "true",
"enableIPForwarding": true,
"dnsServers": [ ]
},
{
"isPublic": "false",
"subnetName": "ra-nva-out",
"privateIPAllocationMethod": "dynamic",
"isPrimary": "false",
"enableIPForwarding": true,
"dnsServers": [ ]
}
],
"imageReference": {
"publisher": "Canonical",
"offer": "UbuntuServer",
"sku": "14.04.5-LTS",
"version": "latest"
},
"dataDisks": {
"count": 0,
"properties": { }
},
"osDisk": {
"caching": "ReadWrite"
},
"availabilitySet": {
"useExistingAvailabilitySet": "No",
"name": "ra-nva-as"
}
}
},
"virtualNetworkSettings": {
"value": {
"name": "ra-nva-vnet",
"resourceGroup": "ra-nva-rg"
}
},
"buildingBlockSettings": {
"value": {
"storageAccountsCount": 2,
"vmCount": 2,
"vmStartIndex": 0
}
},
"routeTableSettings": {
"value": [
{
"name": "ra-nva-gw-rt",
"subnets": [
"GatewaySubnet"
],
"routes": [
{
"name": "route1",
"addressPrefix": "10.0.3.0/24",
"nextHopType": "VirtualAppliance",
"nextHopIpAddress": "10.0.255.224"
}
]
}
]
}
}
}

Двоичные данные
templates/buildingBlocks/nvas-ntier-network/scenarios/network-topology.png
Просмотреть файл

Двоичный файл не отображается.
Режим "рядом"

До

Ширина:  |  Высота:  |  Размер: 310 KiB

96
templates/buildingBlocks/nvas-ntier-network/scenarios/setup-script.ps1
Просмотреть файл

@ -1,96 +0,0 @@
Login-AzureRmAccount
Select-AzureRmSubscription -SubscriptionId '6df485a0-aafa-4020-893d-32e833d056d6'
#############################################################################
# Make sure that the following parameters match the ones in the template
$resourceGroupName='app1-rg'
$deploymentName='app1-rg-dep'
$location='East US'
$vnetName='app1-vnet'
$subnetIn='app1-in-subnet'
$subnetOut='app1-out-subnet'
#$avsetName='app1-web-as'
$vnetAddressPrefix='10.0.0.0/16'
$subnetInPrefix='10.0.1.0/24'
$subnetOutPrefix='10.0.2.0/24'
#$gatewaySubnetNamePrefix='10.0.255.224/27'
#$storageAccountVhd='app1devvmst'
#$storageAccountDiag='app1devdiag'
#$gatewaySubnetName='GatewaySubnet'
# Create new resource group
$resourceGroup = New-AzureRmResourceGroup -Name $resourceGroupName -Location $location
# Set subnet config
$subNet1=New-AzureRmVirtualNetworkSubnetConfig -Name $subnetIn -AddressPrefix $subnetInPrefix
$subNet2=New-AzureRmVirtualNetworkSubnetConfig -Name $subnetOut -AddressPrefix $subnetOutPrefix
#$subNet3=New-AzureRmVirtualNetworkSubnetConfig -Name $gatewaySubnetName -AddressPrefix $gatewaySubnetNamePrefix
# Create a new VNet
New-AzureRmVirtualNetwork -Name $vnetName -ResourceGroupName $resourceGroup.ResourceGroupName -AddressPrefix $vnetAddressPrefix -Location $location -Subnet $subNet1, $subNet2 #, $subnet3
# Create VPN gateway with a public IP
#$gwpip= New-AzureRmPublicIpAddress -Name gwpip -ResourceGroupName $resourceGroupName -Location $location -AllocationMethod Dynamic
#$vnet = Get-AzureRmVirtualNetwork -Name $vnetName -ResourceGroupName $resourceGroupName
#$subnet = Get-AzureRmVirtualNetworkSubnetConfig -Name $gatewaySubnetName -VirtualNetwork $vnet
#$gwipconfig = New-AzureRmVirtualNetworkGatewayIpConfig -Name gwipconfig1 -SubnetId $subnet.Id -PublicIpAddressId $gwpip.Id
#New-AzureRmVirtualNetworkGateway -Name vnetgw1 -ResourceGroupName $resourceGroupName -Location $location -IpConfigurations $gwipconfig -GatewayType Vpn -VpnType RouteBased -GatewaySku Standard
# Template and first parameter file URIs
$templateUri = 'https://raw.githubusercontent.com/mspnp/arm-building-blocks/kirpas/nva-buildingBlock/ARMBuildingBlocks/Templates/buildingBlocks/nvas-ntier-network/azuredeploy.json'
$templateParamUri = "https://raw.githubusercontent.com/mspnp/arm-building-blocks/kirpas/nva-buildingBlock/ARMBuildingBlocks/Templates/buildingBlocks/nvas-ntier-network/azuredeploy.parameters.json"
$outputFile = Join-Path (Get-Item -Path ".\" -Verbose).FullName -ChildPath "$resourceGroupName-template-output.json"
$result = Test-AzureRmResourceGroupDeployment -ResourceGroupName $resourceGroup.ResourceGroupName -TemplateUri $templateUri -TemplateParameterUri $templateParamUri
if($result.Count -eq 0)
{
New-AzureRmResourceGroupDeployment -Name $deploymentName -ResourceGroupName $resourceGroup.ResourceGroupName -TemplateUri $templateUri -TemplateParameterUri $templateParamUri | ConvertTo-Json | Out-File $outputFile -Force
}
else
{
$result
}
If($resourceGroup -ne $null)
{
Write-Host $resourceGroup.ResourceGroupName
try
{
Write-Host "Getting resource group:$resourceGroupName RM virtual machines type resources"
$azureVMResources = Get-AzureRMVM -ResourceGroupName $resourceGroup.ResourceGroupName -ErrorAction Stop -Verbose
Write-Host "Count of resource group:$resourceGroupName RM virtual machines type resource is $($azureVMResources.Count)"
}
catch [Microsoft.WindowsAzure.Commands.Common.ComputeCloudException],[System.MissingMethodException], [System.Management.Automation.PSInvalidOperationException]
{
Write-Host $_.Exception.Message
throw
}
}
if($azureVMResources -ne $null)
{
try
{
$extensionName = 'nva-configuration'
$fileUri = 'https://raw.githubusercontent.com/mspnp/arm-building-blocks/kirpas/nva-buildingBlock/ARMBuildingBlocks/Templates/resources/Microsoft.Compute/virtualMachines/extensions/linux/enable-iptables-routes/enable-iptables-routes.sh'
$run = 'bash enable-iptables-routes.sh'
$version = 1.8
foreach($azureVMResource in $azureVMResources)
{
Write-Host "Applying custom script extension on: " $azureVMResource.Name
$result = Set-AzureRmVMCustomScriptExtension -ResourceGroupName $resourceGroup.ResourceGroupName -VMName $azureVMResource.Name -Name $extensionName `
-FileUri $fileUri -Run $run -Location $location -TypeHandlerVersion $version -ErrorAction Stop -Verbose
}
}
catch [Microsoft.WindowsAzure.Commands.Common.ComputeCloudException],[System.MissingMethodException], [System.Management.Automation.PSInvalidOperationException]
{
Write-Host $_.Exception.Message
throw
}
}

21
templates/resources/Microsoft.Network/routeTables/routeTable-nop.json Normal file
Просмотреть файл

@ -0,0 +1,21 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentContext": {
"type": "object"
},
"virtualNetworkSettings": {
"type": "object"
},
"routeTableSettings": {
"type": "array"
}
},
"variables": {
},
"resources": [
],
"outputs": {
}
}

44
templates/resources/Microsoft.Network/virtualNetworks/subnets-new.json Normal file
Просмотреть файл

@ -0,0 +1,44 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentContext": {
"type": "object"
},
"virtualNetworkSettings": {
"type": "object"
},
"subnets": {
"type": "object"
}
},
"variables": {
"templateUniqueString": "[uniqueString(concat(string(parameters('deploymentContext')), string(parameters('virtualNetworkSettings')), string(parameters('subnets'))))]"
},
"resources": [
{
"type": "Microsoft.Network/virtualNetworks/subnets",
"apiVersion": "2016-03-30",
"name": "[concat(parameters('virtualNetworkSettings').name, '/', parameters('subnets').inSubnet.name)]",
"location": "[resourceGroup().location]",
"properties": {
"addressPrefix": "[parameters('subnets').inSubnet.addressPrefix]"
}
},
{
"type": "Microsoft.Network/virtualNetworks/subnets",
"apiVersion": "2016-03-30",
"name": "[concat(parameters('virtualNetworkSettings').name, '/', parameters('subnets').outSubnet.name)]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat(parameters('virtualNetworkSettings').name, '/', parameters('subnets').inSubnet.name)]"
],
"properties": {
"addressPrefix": "[parameters('subnets').outSubnet.addressPrefix]"
}
}
],
"outputs": {
}
}

21
templates/resources/Microsoft.Network/virtualNetworks/subnets-nop.json Normal file
Просмотреть файл

@ -0,0 +1,21 @@
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"deploymentContext": {
"type": "object"
},
"virtualNetworkSettings": {
"type": "object"
},
"subnets": {
"type": "object"
}
},
"variables": {
},
"resources": [
],
"outputs": {
}
}