microsoft
/
AzureTRE
зеркало из https://github.com/microsoft/AzureTRE.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Fix CycleCloud and SLURM deployment issues (#4050) 

* Verify CycleCloud deployment
Fixes #2406

* fix linting

* Update providers.tf

---------

Co-authored-by: Tim Allen <tim.allen@cloudkubed.com>
This commit is contained in:
Marcus Robinson 2024-09-26 14:44:25 +01:00 коммит произвёл GitHub
Родитель 87cb4f01d4
Коммит 92f1033b2d
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: B5690EEEBB952194
4 изменённых файлов: 209 добавлений и 16 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

4
docs/tre-templates/shared-services/cyclecloud.md
Просмотреть файл

@ -64,7 +64,7 @@ ls /etc/yum.repos.d/*.repo | xargs sed -i "s,# baseurl=https://repo.almalinux.or
yum -y install epel-release
ls /etc/yum.repos.d/*.repo | xargs sed -i 's/metalink/# metalink/g'
ls /etc/yum.repos.d/*.repo | xargs sed -i "s,#baseurl=https://download.fedoraproject.org/,baseurl=https://nexus-$TRE_ID.$REGION.cloudapp.azure.com/repository/fedoraproject/,g"
ls /etc/yum.repos.d/*.repo | xargs sed -i "s,#baseurl=https://download.example/pub/epel/,baseurl=https://nexus-$TRE_ID.$REGION.cloudapp.azure.com/repository/fedoraproject/pub/epel/,g"
yum -y install python3 python3-pip
@ -83,6 +83,8 @@ gpgcheck=1
gpgkey=https://nexus-$TRE_ID.$REGION.cloudapp.azure.com/repository/microsoft-keys/microsoft.asc
EOF
rpm --import https://nexus-$TRE_ID.$REGION.cloudapp.azure.com/repository/almalinux/almalinux/RPM-GPG-KEY-AlmaLinux
```
- Click Save.

21
templates/shared_services/cyclecloud/porter.yaml
Просмотреть файл

@ -1,7 +1,7 @@
---
schemaVersion: 1.0.0
name: tre-shared-service-cyclecloud
version: 0.5.6
version: 0.6.3
description: "An Azure TRE Shared Service Template for Azure Cyclecloud"
registry: azuretre
dockerfile: Dockerfile.tmpl
@ -53,6 +53,11 @@ outputs:
applyTo:
- install
- upgrade
- name: shared_subnet_address_prefixes
type: string
applyTo:
- install
- upgrade
mixins:
@ -67,10 +72,6 @@ install:
description: "Deploy Cyclecloud shared service"
vars:
tre_id: ${ bundle.parameters.tre_id }
arm_client_id: ${ bundle.credentials.azure_client_id }
arm_client_secret: ${ bundle.credentials.azure_client_secret }
arm_tenant_id: ${ bundle.credentials.azure_tenant_id }
arm_use_msi: ${ bundle.parameters.arm_use_msi }
tre_resource_id: ${ bundle.parameters.id }
arm_environment: ${ bundle.parameters.arm_environment }
backendConfig:
@ -80,16 +81,13 @@ install:
key: ${ bundle.parameters.id }
outputs:
- name: connection_uri
- name: shared_subnet_address_prefixes
upgrade:
- terraform:
description: "Update Cyclecloud shared service"
vars:
tre_id: ${ bundle.parameters.tre_id }
arm_client_id: ${ bundle.credentials.azure_client_id }
arm_client_secret: ${ bundle.credentials.azure_client_secret }
arm_tenant_id: ${ bundle.credentials.azure_tenant_id }
arm_use_msi: ${ bundle.parameters.arm_use_msi }
tre_resource_id: ${ bundle.parameters.id }
arm_environment: ${ bundle.parameters.arm_environment }
backendConfig:
@ -99,16 +97,13 @@ upgrade:
key: ${ bundle.parameters.id }
outputs:
- name: connection_uri
- name: shared_subnet_address_prefixes
uninstall:
- terraform:
description: "Delete the Cyclecloud shared service"
vars:
tre_id: ${ bundle.parameters.tre_id }
arm_client_id: ${ bundle.credentials.azure_client_id }
arm_client_secret: ${ bundle.credentials.azure_client_secret }
arm_tenant_id: ${ bundle.credentials.azure_tenant_id }
arm_use_msi: ${ bundle.parameters.arm_use_msi }
tre_resource_id: ${ bundle.parameters.id }
arm_environment: ${ bundle.parameters.arm_environment }
backendConfig:

196
templates/shared_services/cyclecloud/template_schema.json
Просмотреть файл

@ -4,8 +4,200 @@
"type": "object",
"title": "Azure CycleCloud",
"description": "Azure CycleCloud is an enterprise-friendly tool for orchestrating and managing High Performance Computing (HPC) environments on Azure.",
"required": [
],
"required": [],
"properties": {
"display_name": {
"type": "string",
"title": "Name for the shared service",
"description": "The name of the shared service to be displayed to users",
"default": "CycleCloud",
"updateable": true
},
"description": {
"type": "string",
"title": "Description of the shared service",
"description": "Description of the shared service",
"default": "Manage HPC environments on Azure",
"updateable": true
},
"overview": {
"type": "string",
"title": "Workspace Service Overview",
"description": "Long form description of the shared service, in markdown syntax",
"default": "Azure CycleCloud is an enterprise-friendly tool for orchestrating and managing High Performance Computing (HPC) environments on Azure.",
"updateable": true
}
},
"pipeline": {
"install": [
{
"stepId": "main"
},
{
"stepId": "42024559-3a88-4518-b1ea-713aebc91cfd",
"stepTitle": "Add CycleCloud rule collection to firewall",
"resourceTemplateName": "tre-shared-service-firewall",
"resourceType": "shared-service",
"resourceAction": "upgrade",
"properties": [
{
"name": "network_rule_collections",
"type": "array",
"arraySubstitutionAction": "replace",
"arrayMatchField": "name",
"value": {
"name": "nrc_svc_{{ resource.id }}_cyclecloud",
"action": "Allow",
"rules": [
{
"name": "Cyclecloud_Dependancies",
"description": "Cyclecloud Dependancies",
"source_addresses": "{{ resource.properties.shared_subnet_address_prefixes }}",
"destination_addresses": [
"AzureResourceManager"
],
"destination_ports": [
"443"
],
"protocols": [
"TCP"
]
}
]
}
},
{
"name": "rule_collections",
"type": "array",
"arraySubstitutionAction": "replace",
"arrayMatchField": "name",
"value": {
"name": "arc_svc_{{ resource.id }}_cyclecloud",
"action": "Allow",
"rules": [
{
"name": "cyclecloud",
"description": "CycleCloud",
"protocols": [
{
"port": "443",
"type": "Https"
}
],
"target_fqdns": [
"github.com",
"api.github.com",
"codeload.github.com",
"objects.githubusercontent.com"
],
"source_addresses": "{{ resource.properties.shared_subnet_address_prefixes }}"
}
]
}
}
]
}
],
"upgrade": [
{
"stepId": "main"
},
{
"stepId": "c3f95f9f-d125-4937-9403-84e4957a26b8",
"stepTitle": "Add CycleCloud rule collection from firewall",
"resourceTemplateName": "tre-shared-service-firewall",
"resourceType": "shared-service",
"resourceAction": "upgrade",
"properties": [
{
"name": "network_rule_collections",
"type": "array",
"arraySubstitutionAction": "replace",
"arrayMatchField": "name",
"value": {
"name": "nrc_svc_{{ resource.id }}_cyclecloud",
"action": "Allow",
"rules": [
{
"name": "Cyclecloud_Dependancies",
"description": "Cyclecloud Dependancies",
"source_addresses": "{{ resource.properties.shared_subnet_address_prefixes }}",
"destination_addresses": [
"AzureResourceManager"
],
"destination_ports": [
"443"
],
"protocols": [
"TCP"
]
}
]
}
},
{
"name": "rule_collections",
"type": "array",
"arraySubstitutionAction": "replace",
"arrayMatchField": "name",
"value": {
"name": "arc_svc_{{ resource.id }}_cyclecloud",
"action": "Allow",
"rules": [
{
"name": "cyclecloud",
"description": "CycleCloud",
"protocols": [
{
"port": "443",
"type": "Https"
}
],
"target_fqdns": [
"github.com",
"api.github.com",
"codeload.github.com",
"objects.githubusercontent.com"
],
"source_addresses": "{{ resource.properties.shared_subnet_address_prefixes }}"
}
]
}
}
]
}
],
"uninstall": [
{
"stepId": "c3f95f9f-d125-4937-9403-84e4957a26a8",
"stepTitle": "Remove CycleCloud rule collection from firewall",
"resourceTemplateName": "tre-shared-service-firewall",
"resourceType": "shared-service",
"resourceAction": "upgrade",
"properties": [
{
"name": "network_rule_collections",
"type": "array",
"arraySubstitutionAction": "remove",
"arrayMatchField": "name",
"value": {
"name": "nrc_svc_{{ resource.id }}_cyclecloud"
}
},
{
"name": "rule_collections",
"type": "array",
"arraySubstitutionAction": "remove",
"arrayMatchField": "name",
"value": {
"name": "arc_svc_{{ resource.id }}_cyclecloud"
}
}
]
},
{
"stepId": "main"
}
]
}
}

4
templates/shared_services/cyclecloud/terraform/outputs.tf
Просмотреть файл

@ -1,3 +1,7 @@
output "connection_uri" {
value = "https://${azurerm_private_dns_zone.cyclecloud.name}"
}
output "shared_subnet_address_prefixes" {
value = data.azurerm_subnet.shared.address_prefixes
}