зеркало из https://github.com/microsoft/lisa.git
ip_service_tags
New security standard will require all IPs to be tagged. Please note this IP tagging system is different from general resource tagging.
This commit is contained in:
Kameron Carr
LiliDeng
Родитель
02c80fcbe2
Коммит
c2b16f2d27
|
|
@ -46,6 +46,9 @@ param data_disks array
|
||||||
@description('whether to use ultra disk')
|
@description('whether to use ultra disk')
|
||||||
param is_ultradisk bool = false
|
param is_ultradisk bool = false
|
||||||
|
|
||||||
|
@description('IP Service Tags')
|
||||||
|
param ip_service_tags object
|
||||||
|
|
||||||
var vnet_id = virtual_network_name_resource.id
|
var vnet_id = virtual_network_name_resource.id
|
||||||
var node_count = length(nodes)
|
var node_count = length(nodes)
|
||||||
var availability_set_name_value = 'lisa-availabilitySet'
|
var availability_set_name_value = 'lisa-availabilitySet'
|
||||||
|
|
@ -59,6 +62,10 @@ var use_availability_zones = (availability_type == 'availability_zone')
|
||||||
var availability_set_value = (use_availability_set ? getAvailabilitySetId(availability_set_name_value): null)
|
var availability_set_value = (use_availability_set ? getAvailabilitySetId(availability_set_name_value): null)
|
||||||
var combined_vm_tags = union(tags, vm_tags)
|
var combined_vm_tags = union(tags, vm_tags)
|
||||||
var combined_aset_tags = union(tags, availability_set_tags)
|
var combined_aset_tags = union(tags, availability_set_tags)
|
||||||
|
var ip_tags = [for key in objectKeys(ip_service_tags): {
|
||||||
|
ipTagType: key
|
||||||
|
tag: ip_service_tags[key]
|
||||||
|
}]
|
||||||
|
|
||||||
func isCvm(node object) bool => bool((!empty(node.vhd)) && (!empty(node.vhd.vmgs_path)))
|
func isCvm(node object) bool => bool((!empty(node.vhd)) && (!empty(node.vhd.vmgs_path)))
|
||||||
|
|
||||||
|
|
@ -254,6 +261,7 @@ resource nodes_public_ip 'Microsoft.Network/publicIPAddresses@2020-05-01' = [for
|
||||||
name: '${nodes[i].name}-public-ip'
|
name: '${nodes[i].name}-public-ip'
|
||||||
properties: {
|
properties: {
|
||||||
publicIPAllocationMethod: ((is_ultradisk || use_availability_zones) ? 'Static' : 'Dynamic')
|
publicIPAllocationMethod: ((is_ultradisk || use_availability_zones) ? 'Static' : 'Dynamic')
|
||||||
|
ipTags: (empty(ip_tags) ? null : ip_tags)
|
||||||
}
|
}
|
||||||
sku: {
|
sku: {
|
||||||
name: ((is_ultradisk || use_availability_zones) ? 'Standard' : 'Basic')
|
name: ((is_ultradisk || use_availability_zones) ? 'Standard' : 'Basic')
|
||||||
|
|
|
||||||
|
|
@ -5,8 +5,8 @@
|
||||||
"metadata": {
|
"metadata": {
|
||||||
"_generator": {
|
"_generator": {
|
||||||
"name": "bicep",
|
"name": "bicep",
|
||||||
"version": "0.28.1.47646",
|
"version": "0.30.23.60470",
|
||||||
"templateHash": "1630470125196944168"
|
"templateHash": "17909783643222378721"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"functions": [
|
"functions": [
|
||||||
|
|
@ -511,9 +511,25 @@
|
||||||
"metadata": {
|
"metadata": {
|
||||||
"description": "whether to use ultra disk"
|
"description": "whether to use ultra disk"
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
"ip_service_tags": {
|
||||||
|
"type": "object",
|
||||||
|
"metadata": {
|
||||||
|
"description": "IP Service Tags"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"variables": {
|
"variables": {
|
||||||
|
"copy": [
|
||||||
|
{
|
||||||
|
"name": "ip_tags",
|
||||||
|
"count": "[length(objectKeys(parameters('ip_service_tags')))]",
|
||||||
|
"input": {
|
||||||
|
"ipTagType": "[objectKeys(parameters('ip_service_tags'))[copyIndex('ip_tags')]]",
|
||||||
|
"tag": "[parameters('ip_service_tags')[objectKeys(parameters('ip_service_tags'))[copyIndex('ip_tags')]]]"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
],
|
||||||
"vnet_id": "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtual_network_name'))]",
|
"vnet_id": "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtual_network_name'))]",
|
||||||
"node_count": "[length(parameters('nodes'))]",
|
"node_count": "[length(parameters('nodes'))]",
|
||||||
"availability_set_name_value": "lisa-availabilitySet",
|
"availability_set_name_value": "lisa-availabilitySet",
|
||||||
|
|
@ -579,7 +595,8 @@
|
||||||
"location": "[parameters('location')]",
|
"location": "[parameters('location')]",
|
||||||
"tags": "[parameters('tags')]",
|
"tags": "[parameters('tags')]",
|
||||||
"properties": {
|
"properties": {
|
||||||
"publicIPAllocationMethod": "[if(or(parameters('is_ultradisk'), variables('use_availability_zones')), 'Static', 'Dynamic')]"
|
"publicIPAllocationMethod": "[if(or(parameters('is_ultradisk'), variables('use_availability_zones')), 'Static', 'Dynamic')]",
|
||||||
|
"ipTags": "[if(empty(variables('ip_tags')), null(), variables('ip_tags'))]"
|
||||||
},
|
},
|
||||||
"sku": {
|
"sku": {
|
||||||
"name": "[if(or(parameters('is_ultradisk'), variables('use_availability_zones')), 'Standard', 'Basic')]"
|
"name": "[if(or(parameters('is_ultradisk'), variables('use_availability_zones')), 'Standard', 'Basic')]"
|
||||||
|
|
@ -770,8 +787,8 @@
|
||||||
"metadata": {
|
"metadata": {
|
||||||
"_generator": {
|
"_generator": {
|
||||||
"name": "bicep",
|
"name": "bicep",
|
||||||
"version": "0.28.1.47646",
|
"version": "0.30.23.60470",
|
||||||
"templateHash": "10740733774987815957"
|
"templateHash": "12249187708601787514"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"functions": [
|
"functions": [
|
||||||
|
|
|
||||||
|
|
@ -1154,6 +1154,7 @@ class AzureArmParameter:
|
||||||
data_disks: List[DataDiskSchema] = field(default_factory=list)
|
data_disks: List[DataDiskSchema] = field(default_factory=list)
|
||||||
vm_tags: Dict[str, Any] = field(default_factory=dict)
|
vm_tags: Dict[str, Any] = field(default_factory=dict)
|
||||||
tags: Dict[str, Any] = field(default_factory=dict)
|
tags: Dict[str, Any] = field(default_factory=dict)
|
||||||
|
ip_service_tags: Dict[str, str] = field(default_factory=dict)
|
||||||
|
|
||||||
virtual_network_resource_group: str = ""
|
virtual_network_resource_group: str = ""
|
||||||
virtual_network_name: str = AZURE_VIRTUAL_NETWORK_NAME
|
virtual_network_name: str = AZURE_VIRTUAL_NETWORK_NAME
|
||||||
|
|
|
||||||
|
|
@ -279,6 +279,7 @@ class AzurePlatformSchema:
|
||||||
vm_tags: Optional[Dict[str, Any]] = field(default=None)
|
vm_tags: Optional[Dict[str, Any]] = field(default=None)
|
||||||
tags: Optional[Dict[str, Any]] = field(default=None)
|
tags: Optional[Dict[str, Any]] = field(default=None)
|
||||||
use_public_address: bool = field(default=True)
|
use_public_address: bool = field(default=True)
|
||||||
|
ip_service_tags: Optional[Dict[str, str]] = field(default=None)
|
||||||
|
|
||||||
virtual_network_resource_group: str = field(default="")
|
virtual_network_resource_group: str = field(default="")
|
||||||
virtual_network_name: str = field(default=AZURE_VIRTUAL_NETWORK_NAME)
|
virtual_network_name: str = field(default=AZURE_VIRTUAL_NETWORK_NAME)
|
||||||
|
|
@ -1058,6 +1059,7 @@ class AzurePlatform(Platform):
|
||||||
copied_fields = [
|
copied_fields = [
|
||||||
"vm_tags",
|
"vm_tags",
|
||||||
"tags",
|
"tags",
|
||||||
|
"ip_service_tags",
|
||||||
]
|
]
|
||||||
availability_copied_fields = [
|
availability_copied_fields = [
|
||||||
"availability_set_tags",
|
"availability_set_tags",
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче