зеркало из https://github.com/microsoft/oe-engine.git
setting vanilla flag per VM (#11)
This commit is contained in:
dmitsh
GitHub
Родитель
433b90704b
Коммит
7497467a90
|
|
@ -1,11 +1,11 @@
|
|||
{
|
||||
"properties": {
|
||||
"oeSdkExcluded": true,
|
||||
"vmProfiles": [
|
||||
{
|
||||
"name": "acclnx",
|
||||
"osImageName": "UbuntuServer_16.04",
|
||||
"vmSize": "Standard_DC2s"
|
||||
"vmSize": "Standard_DC2s",
|
||||
"isVanilla": true
|
||||
}
|
||||
],
|
||||
"linuxProfile": {
|
||||
|
|
|
|||
|
|
@ -104,17 +104,6 @@
|
|||
"description": "Determines whether inbound SSH/RDP connection is enabled in NSG"
|
||||
}
|
||||
},
|
||||
"oeSDKIncluded": {
|
||||
"type": "string",
|
||||
"defaultValue": "yes",
|
||||
"allowedValues": [
|
||||
"yes",
|
||||
"no"
|
||||
],
|
||||
"metadata": {
|
||||
"description": "Flag to install OE SDK."
|
||||
}
|
||||
},
|
||||
"bootDiagnostics": {
|
||||
"type": "string",
|
||||
"defaultValue": "enable",
|
||||
|
|
|
|||
|
|
@ -62,8 +62,6 @@
|
|||
}
|
||||
],
|
||||
"diagnosticsStorageAction": "[if(equals(parameters('bootDiagnostics'), 'disable'), 'nop', parameters('diagnosticsStorageAccountNewOrExisting'))]",
|
||||
"linuxExtCommand": "[if(equals(parameters('oeSDKIncluded'), 'yes'), '/bin/bash -c \"secs=600; SECONDS=0; while (( SECONDS < secs )); do if [ -e /opt/azure/acc/completed ]; then if [ $(cat /opt/azure/acc/completed) == ok ]; then /opt/azure/acc/validate.sh; exit $? ; else echo provision failed; exit 1; fi; fi; sleep 20; done; echo validation timeout; exit 1; \"', '/bin/bash -c \"exit 0\"')]",
|
||||
|
||||
"winScriptSuffix": " $inputFile = '\\AzureData\\CustomData.bin' ; $outputFile = '\\AzureData\\oeWindowsProvision.ps1' ; $inputStream = New-Object System.IO.FileStream $inputFile, ([IO.FileMode]::Open), ([IO.FileAccess]::Read), ([IO.FileShare]::Read) ; $sr = New-Object System.IO.StreamReader(New-Object System.IO.Compression.GZipStream($inputStream, [System.IO.Compression.CompressionMode]::Decompress)) ; $sr.ReadToEnd() | Out-File($outputFile) ; &$outputFile ; ",
|
||||
"winScriptArguments": "[concat('$arguments = ', variables('singleQuote'),' ',variables('singleQuote'), ' ; ')]",
|
||||
"windowsExtScript": "[concat('powershell.exe -ExecutionPolicy Unrestricted -command \"', variables('winScriptSuffix'), '\" > \\AzureData\\provisionScript.log 2>&1; exit $LASTEXITCODE')]"
|
||||
|
|
|
|||
|
|
@ -1,22 +1,33 @@
|
|||
|
||||
"{{.Name}}VMSize": {
|
||||
"type": "string",
|
||||
{{GetAllowedVMSizes}}
|
||||
"metadata": {
|
||||
"description": "The size of the Virtual Machine."
|
||||
},
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"{{.Name}}OSImageName": {
|
||||
"type": "string",
|
||||
{{GetOSImageNames}}
|
||||
"metadata": {
|
||||
"description": "OS image name"
|
||||
},
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"{{.Name}}OSDiskType": {
|
||||
"type": "string",
|
||||
{{GetOsDiskTypes}}
|
||||
"metadata": {
|
||||
"description": "Type of managed disk to create"
|
||||
},
|
||||
"type": "string"
|
||||
"description": "Type of managed disk to create."
|
||||
}
|
||||
},
|
||||
"{{.Name}}IsVanilla": {
|
||||
"type": "string",
|
||||
"defaultValue": "false",
|
||||
"allowedValues": [
|
||||
"false",
|
||||
"true"
|
||||
],
|
||||
"metadata": {
|
||||
"description": "Flag to provision vanilla VM or install OE SDK."
|
||||
}
|
||||
},
|
||||
|
|
|
|||
|
|
@ -99,7 +99,7 @@
|
|||
"type": "Microsoft.Compute/virtualMachines"
|
||||
},
|
||||
{
|
||||
"condition": "[equals(parameters('{{.Name}}OSImageName'), 'UbuntuServer_16.04')]",
|
||||
"condition": "[and(equals(parameters('{{.Name}}IsVanilla'), 'false'), equals(parameters('{{.Name}}OSImageName'), 'UbuntuServer_16.04'))]",
|
||||
"apiVersion": "2018-06-01",
|
||||
"dependsOn": [
|
||||
"{{.Name}}"
|
||||
|
|
@ -112,7 +112,7 @@
|
|||
"typeHandlerVersion": "1.4",
|
||||
"autoUpgradeMinorVersion": true,
|
||||
"settings": {
|
||||
"commandToExecute": "[variables('linuxExtCommand')]"
|
||||
"commandToExecute": "/bin/bash -c \"secs=600; SECONDS=0; while (( SECONDS < secs )); do if [ -e /opt/azure/acc/completed ]; then if [ $(cat /opt/azure/acc/completed) == ok ]; then /opt/azure/acc/validate.sh; exit $? ; else echo provision failed; exit 1; fi; fi; sleep 20; done; echo validation timeout; exit 1; \""
|
||||
}
|
||||
},
|
||||
"type": "Microsoft.Compute/virtualMachines/extensions"
|
||||
|
|
|
|||
|
|
@ -7,14 +7,14 @@
|
|||
"computername": "{{.Name}}",
|
||||
"adminUsername": "[parameters('LinuxAdminUsername')]",
|
||||
"adminPassword": "[parameters('LinuxAdminPasswordOrKey')]",
|
||||
"customData": "[if(equals(parameters('oeSDKIncluded'), 'no'), json('null'), {{GetLinuxCustomData}})]",
|
||||
"customData": "[if(equals(parameters('{{.Name}}IsVanilla'), 'true'), json('null'), {{GetLinuxCustomData}})]",
|
||||
"linuxConfiguration": "[if(equals(parameters('authenticationType'), 'password'), json('null'), variables('linuxConfiguration'))]"
|
||||
},
|
||||
"{{.Name}}WindowsOsProfile": {
|
||||
"computername": "{{.Name}}",
|
||||
"adminUsername": "[parameters('WindowsAdminUsername')]",
|
||||
"adminPassword": "[parameters('WindowsAdminPassword')]",
|
||||
"customData": "{{GetWindowsCustomData}}",
|
||||
"customData": "{{GetWindowsCustomData .}}",
|
||||
"windowsConfiguration": "[variables('windowsConfiguration')]"
|
||||
},
|
||||
"{{.Name}}LinuxStorageProfile": {
|
||||
|
|
|
|||
|
|
@ -92,6 +92,13 @@ Start-Process -Wait -FilePath $seven_zip_file -ArgumentList " /quiet /passive"
|
|||
# Install OpenSSH
|
||||
InstallOpenSSH
|
||||
|
||||
$is_vanilla = "IS_VANILLA_VM"
|
||||
if ($is_vanilla -eq "true") {
|
||||
Write-Output "Skipping Open Enclave installation."
|
||||
exit 0
|
||||
}
|
||||
Write-Output "Installing Open Enclave"
|
||||
|
||||
# Install the intel sgx drivers
|
||||
& curl.exe -o "c:/tmp/sgx_base.cab" "http://download.windowsupdate.com/d/msdownload/update/driver/drvs/2018/01/af564f2c-2bc5-43be-a863-437a5a0008cb_61e7ba0c2e17c87caf4d5d3cdf1f35f6be462b38.cab"
|
||||
& 7z x c:/tmp/sgx_base.cab -o"c:/tmp/sgx_base" -y
|
||||
|
|
|
|||
|
|
@ -10,7 +10,6 @@ type OpenEnclave struct {
|
|||
|
||||
// Properties represents the ACS cluster definition
|
||||
type Properties struct {
|
||||
OeSdkExcluded bool `json:"oeSdkExcluded"`
|
||||
VnetProfile *VnetProfile `json:"vnetProfile"`
|
||||
VMProfiles []*VMProfile `json:"vmProfiles"`
|
||||
LinuxProfile *LinuxProfile `json:"linuxProfile,omitempty"`
|
||||
|
|
@ -44,6 +43,7 @@ type VMProfile struct {
|
|||
OSDiskType string `json:"osDiskType"`
|
||||
VMSize string `json:"vmSize"`
|
||||
Ports []int `json:"ports,omitempty"`
|
||||
IsVanilla bool `json:"isVanilla"`
|
||||
}
|
||||
|
||||
// VnetProfile represents the definition of a vnet
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@ package engine
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"strconv"
|
||||
|
||||
"github.com/Microsoft/oe-engine/pkg/api"
|
||||
)
|
||||
|
|
@ -19,7 +20,7 @@ func getParameters(cs *api.OpenEnclave, generatorCode string) (paramsMap, error)
|
|||
for _, vm := range properties.VMProfiles {
|
||||
addValue(parametersMap, fmt.Sprintf("%sVMSize", vm.Name), vm.VMSize)
|
||||
addValue(parametersMap, fmt.Sprintf("%sOSImageName", vm.Name), vm.OSImageName)
|
||||
|
||||
addValue(parametersMap, fmt.Sprintf("%sIsVanilla", vm.Name), strconv.FormatBool(vm.IsVanilla))
|
||||
if len(vm.OSDiskType) > 0 {
|
||||
addValue(parametersMap, fmt.Sprintf("%sOSDiskType", vm.Name), vm.OSDiskType)
|
||||
}
|
||||
|
|
@ -53,12 +54,6 @@ func getParameters(cs *api.OpenEnclave, generatorCode string) (paramsMap, error)
|
|||
}
|
||||
}
|
||||
|
||||
if properties.LinuxProfile != nil && !cs.Properties.OeSdkExcluded {
|
||||
addValue(parametersMap, "oeSDKIncluded", "yes")
|
||||
} else {
|
||||
addValue(parametersMap, "oeSDKIncluded", "no")
|
||||
}
|
||||
|
||||
if properties.DiagnosticsProfile != nil && properties.DiagnosticsProfile.Enabled {
|
||||
addValue(parametersMap, "bootDiagnostics", "enable")
|
||||
addValue(parametersMap, "diagnosticsStorageAccountName", properties.DiagnosticsProfile.StorageAccountName)
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ import (
|
|||
"errors"
|
||||
"fmt"
|
||||
"runtime/debug"
|
||||
"strconv"
|
||||
"strings"
|
||||
"text/template"
|
||||
|
||||
|
|
@ -132,7 +133,7 @@ func (t *TemplateGenerator) getTemplateFuncMap(cs *api.OpenEnclave) template.Fun
|
|||
})
|
||||
return fmt.Sprintf("base64(concat('#cloud-config\\n\\n', '%s'))", str)
|
||||
},
|
||||
"GetWindowsCustomData": func() string {
|
||||
"GetWindowsCustomData": func(vm *api.VMProfile) string {
|
||||
if cs.Properties.WindowsProfile == nil {
|
||||
return ""
|
||||
}
|
||||
|
|
@ -143,6 +144,7 @@ func (t *TemplateGenerator) getTemplateFuncMap(cs *api.OpenEnclave) template.Fun
|
|||
}
|
||||
csStr := string(b)
|
||||
csStr = strings.Replace(csStr, "SSH_PUB_KEY", cs.Properties.WindowsProfile.SSHPubKey, -1)
|
||||
csStr = strings.Replace(csStr, "IS_VANILLA_VM", strconv.FormatBool(vm.IsVanilla), -1)
|
||||
return getBase64CustomScriptFromStr(csStr)
|
||||
},
|
||||
"GetAllowedVMSizes": func() string {
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче