diff --git a/README.md b/README.md index a692e9cb27..899c038047 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,9 @@ | :eyes: | ***Notice***: These legacy templates are now in maintenance mode and are being replaced by our next-generation templates available in the [Cloud Templates 2.0 GitHub repo](https://github.com/F5Networks/f5-azure-arm-templates-v2). We recommend you adopt the next-generation templates as soon as is feasible. | |---------------|:------------------------| +| :warning: | ***Warning***: Due to vulnerabilities related to [CVE-2022-1388](https://support.f5.com/csp/article/K23605346), do not use templates unless using a custom image (template parameter = customImage or customImageUrn). Updated images are pending publication to Marketplace. For existing deployments, F5 recommends [upgrading to a patched software version](https://support.f5.com/csp/article/K84205182). Production should never expose the BIG-IP Management interface to the Internet. Always ensure `restrictedSrcAddress` has been set to a trusted source network. Please see [K23605346: BIG-IP iControl REST vulnerability CVE-2022-1388](https://support.f5.com/csp/article/K23605346) for more information and latest updates.| +|---------------|:------------------------| + ## Introduction Welcome to the GitHub repository for F5's ARM templates for Azure deployments. All of the templates in this repository have been developed by F5 Networks engineers. This repository contains one main directory: *supported*. @@ -50,7 +53,7 @@ All known issues are on GitHub for better tracking and visibility. See issues wi ### Copyright -Copyright 2014-2021 F5 Networks Inc. +Copyright 2014-2022 F5 Networks Inc. ### License diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/bigip_version_parameters.yaml index c46e43f6a6..53750cb419 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/bigip_version_parameters.yaml @@ -26,7 +26,7 @@ DNS PROVIDER USER: dewpt EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/parameters.yaml index b337e09447..f3db005ba8 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/parameters.yaml @@ -29,7 +29,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/postpub_parameters.yaml index 754d99bde8..5ec74ec394 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/postpub_parameters.yaml @@ -29,7 +29,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/prepub_parameters.yaml index 7566087826..e5b54dce19 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/prepub_parameters.yaml @@ -28,7 +28,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/bigip_version_parameters.yaml index 4125dd09da..4d59d352c6 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/bigip_version_parameters.yaml @@ -24,7 +24,7 @@ DNS PROVIDER USER: dewpt EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/parameters.yaml index 888316da78..561939514a 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/parameters.yaml @@ -27,7 +27,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/postpub_parameters.yaml index 888316da78..561939514a 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/postpub_parameters.yaml @@ -27,7 +27,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/prepub_parameters.yaml index 34cb5d27ab..60f88fc76d 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/prepub_parameters.yaml @@ -27,7 +27,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/prepub_parameters_v14.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/prepub_parameters_v14.yaml index b579024079..b684f99087 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/prepub_parameters_v14.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/prepub_parameters_v14.yaml @@ -27,7 +27,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:14.1.404001 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/prepub_parameters_v15.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/prepub_parameters_v15.yaml index 7d0c793171..18d3ae3a29 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/prepub_parameters_v15.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/prepub_parameters_v15.yaml @@ -27,7 +27,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:15.1.400000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/bigip_version_parameters.yaml index ee61741e67..afb44045c8 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/bigip_version_parameters.yaml @@ -25,7 +25,7 @@ DNS PROVIDER USER: dewpt EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/parameters.yaml index c1a067cfa3..a43cb5a1d1 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/parameters.yaml @@ -28,7 +28,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/postpub_parameters.yaml index f72026244b..88f7482fb2 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/postpub_parameters.yaml @@ -28,7 +28,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/prepub_parameters.yaml index d75170f972..c22602e11a 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/prepub_parameters.yaml @@ -28,7 +28,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/bigip_version_parameters.yaml index d51a3d03b1..81faddc8db 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/bigip_version_parameters.yaml @@ -22,7 +22,7 @@ DNS PROVIDER PASSWORD: B!gdns2017 DNS PROVIDER USER: dewpt IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/parameters.yaml index 1a912d4089..775fe6c605 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/parameters.yaml @@ -25,7 +25,7 @@ EXT ALB EXISTS: 'Yes' IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/postpub_parameters.yaml index 1a912d4089..775fe6c605 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/postpub_parameters.yaml @@ -25,7 +25,7 @@ EXT ALB EXISTS: 'Yes' IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/prepub_parameters.yaml index b00f183a8e..758ecb923b 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/prepub_parameters.yaml @@ -24,7 +24,7 @@ EXT ALB EXISTS: 'Yes' IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/bigip_version_parameters.yaml index 1401fb04b0..6fdc4c5b36 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/bigip_version_parameters.yaml @@ -26,7 +26,7 @@ DNS PROVIDER USER: dewpt EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/parameters.yaml index 87f7cda82c..fb94962855 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/parameters.yaml @@ -28,7 +28,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/postpub_parameters.yaml index 87f7cda82c..fb94962855 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/postpub_parameters.yaml @@ -28,7 +28,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/prepub_parameters.yaml index b00f526b31..d107c0e931 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/prepub_parameters.yaml @@ -27,7 +27,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/bigip_version_parameters.yaml index 95dbe7c490..e7a26a8dad 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/bigip_version_parameters.yaml @@ -24,7 +24,7 @@ DNS PROVIDER USER: dewpt EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/parameters.yaml index 687ffb03d7..e6c42ff9b1 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/parameters.yaml @@ -26,7 +26,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/postpub_parameters.yaml index 687ffb03d7..e6c42ff9b1 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/postpub_parameters.yaml @@ -26,7 +26,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/prepub_parameters.yaml index 200404d04c..eae47cbe3b 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/prepub_parameters.yaml @@ -25,7 +25,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: '' IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/bigip_version_parameters.yaml index 7dbf0a3d0d..1e48dd8af0 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/bigip_version_parameters.yaml @@ -26,7 +26,7 @@ DNS PROVIDER USER: dewpt EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/parameters.yaml index 932e2f04d7..40aecb85b4 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/parameters.yaml @@ -29,7 +29,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/postpub_parameters.yaml index 4ec7c9c569..0942d32600 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/postpub_parameters.yaml @@ -29,7 +29,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/prepub_parameters.yaml index 1273a5f0ae..0d5aad4b0a 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/prepub_parameters.yaml @@ -28,7 +28,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/bigip_version_parameters.yaml index 3f10e15805..87e892e84c 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/bigip_version_parameters.yaml @@ -24,7 +24,7 @@ DNS PROVIDER USER: dewpt EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: Best25Mbps -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/parameters.yaml index fefe31b5e9..653af36fe8 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/parameters.yaml @@ -27,7 +27,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/postpub_parameters.yaml index f1c1bab001..e57dc6c914 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/postpub_parameters.yaml @@ -27,7 +27,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/prepub_parameters.yaml index 6e3c48e2f7..2eb11115be 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/prepub_parameters.yaml @@ -26,7 +26,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/bigip_version_parameters.yaml index 1967ee0006..6e2841dda0 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/bigip_version_parameters.yaml @@ -25,7 +25,7 @@ DNS PROVIDER USER: dewpt EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/parameters.yaml index 0ebc36505e..cd15a3a893 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/parameters.yaml @@ -28,7 +28,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/postpub_parameters.yaml index 0ebc36505e..cd15a3a893 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/postpub_parameters.yaml @@ -28,7 +28,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/prepub_parameters.yaml index 0ab5d1bcc0..91db6450dc 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/prepub_parameters.yaml @@ -27,7 +27,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/bigip_version_parameters.yaml index 7a2d70d28c..6cebc6e892 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/bigip_version_parameters.yaml @@ -23,7 +23,7 @@ DNS PROVIDER USER: dewpt EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: Best25Mbps -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/parameters.yaml index a2516de680..18a0a1d7cd 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/parameters.yaml @@ -26,7 +26,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/postpub_parameters.yaml index 25442a225d..4487cee17a 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/postpub_parameters.yaml @@ -26,7 +26,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/prepub_parameters.yaml index 5a9c8e3d42..b0daed29f8 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/prepub_parameters.yaml @@ -25,7 +25,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/prepub_parameters_v14.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/prepub_parameters_v14.yaml index 9240ed0195..fea0a0e70b 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/prepub_parameters_v14.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/prepub_parameters_v14.yaml @@ -25,7 +25,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:14.1.404001 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/prepub_parameters_v15.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/prepub_parameters_v15.yaml index ce3eff27ee..a146de2dfd 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/prepub_parameters_v15.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/prepub_parameters_v15.yaml @@ -25,7 +25,7 @@ EXTERNAL IP COUNT: 1 IAPP SERVICE LIST: dewpt-waf-service IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:15.1.400000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/bigip_version_parameters.yaml index 1174093cde..8faf71b5af 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/bigip_version_parameters.yaml @@ -19,7 +19,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/parameters.yaml index 905d3d7508..1d0877ae21 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/parameters.yaml @@ -22,7 +22,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/postpub_parameters.yaml index 905d3d7508..1d0877ae21 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/postpub_parameters.yaml @@ -22,7 +22,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/prepub_parameters.yaml index 75cab9bb9b..c154423022 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/prepub_parameters.yaml @@ -21,7 +21,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/bigip_version_parameters.yaml index 4b3a4c6e88..8b33061bd0 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/bigip_version_parameters.yaml @@ -19,7 +19,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""},"licenseKey2":{"value":""}' LICENSE POOL: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/parameters.yaml index 560d92e4c4..123dd33454 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/parameters.yaml @@ -22,7 +22,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:16.1.201000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""},"licenseKey2":{"value":""}' LICENSE POOL: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/postpub_parameters.yaml index 73dc1a738b..3651572605 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/postpub_parameters.yaml @@ -22,7 +22,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: f5-networks:f5-big-ip-byol:f5-big-all-2slot-byol:16.1.201000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""},"licenseKey2":{"value":""}' LICENSE POOL: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/prepub_parameters.yaml index 92a07df667..b4f9b35dd8 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/byol/prepub_parameters.yaml @@ -21,7 +21,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: f5-networks:f5-big-ip-byol:f5-big-all-2slot-byol:16.1.201000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""},"licenseKey2":{"value":""}' LICENSE POOL: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/bigip_version_parameters.yaml index 772ed1c7d1..89a7439b57 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/bigip_version_parameters.yaml @@ -17,7 +17,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/parameters.yaml index 3d1224f85d..3338d54029 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/parameters.yaml @@ -20,7 +20,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:16.1.201000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/postpub_parameters.yaml index f7f19b055f..b886d90803 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/postpub_parameters.yaml @@ -20,7 +20,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:16.1.201000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/prepub_parameters.yaml index 95fd3591a0..6863bba828 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/prepub_parameters.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:16.1.201000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/prepub_parameters_v14.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/prepub_parameters_v14.yaml index b5be680ba7..49287eb2d7 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/prepub_parameters_v14.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/prepub_parameters_v14.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:14.1.404001 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/prepub_parameters_v15.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/prepub_parameters_v15.yaml index dd60960625..8e48293aa1 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/prepub_parameters_v15.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-api/n-nic/existing-stack/payg/prepub_parameters_v15.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:15.1.400000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/bigip_version_parameters.yaml index 782abc0287..e31d2efa8b 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/bigip_version_parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/parameters.yaml index f5e66a2b7d..df206af973 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/parameters.yaml @@ -20,7 +20,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/postpub_parameters.yaml index 49088ea142..8956c5eb16 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/postpub_parameters.yaml @@ -21,7 +21,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/prepub_parameters.yaml index 67f1095b87..38f8e3ba8c 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/prepub_parameters.yaml @@ -20,7 +20,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/bigip_version_parameters.yaml index f9253bcb09..eca9b535c0 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/bigip_version_parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""},"licenseKey2":{"value":""}' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/parameters.yaml index 35398cfd8d..76b08b0b25 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/parameters.yaml @@ -21,7 +21,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""},"licenseKey2":{"value":""}' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/postpub_parameters.yaml index a2790b5248..87a4c1903d 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/postpub_parameters.yaml @@ -21,7 +21,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""},"licenseKey2":{"value":""}' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/prepub_parameters.yaml index 345e572a16..2e21a8ef00 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/byol/prepub_parameters.yaml @@ -20,7 +20,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""},"licenseKey2":{"value":""}' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/bigip_version_parameters.yaml index 373f87e411..1e490d9e36 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/bigip_version_parameters.yaml @@ -16,7 +16,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/parameters.yaml index 394fa0ee8c..d984c5aa6d 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/parameters.yaml @@ -19,7 +19,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/postpub_parameters.yaml index a5cbb35cea..e7067b8483 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/postpub_parameters.yaml @@ -19,7 +19,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/prepub_parameters.yaml index ed424b5658..ad0be0a495 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/1nic/existing-stack/payg/prepub_parameters.yaml @@ -18,7 +18,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/bigip_version_parameters.yaml index 4cfbba0d18..f55fcde952 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/bigip_version_parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/parameters.yaml index 1441bfb55a..bf1e28c2ce 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/parameters.yaml @@ -21,7 +21,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/postpub_parameters.yaml index 1441bfb55a..bf1e28c2ce 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/postpub_parameters.yaml @@ -21,7 +21,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/prepub_parameters.yaml index 01205f276d..5ceb04b56e 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/prepub_parameters.yaml @@ -21,7 +21,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/bigip_version_parameters.yaml index 97102c646a..883fa3be6d 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/bigip_version_parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""},"licenseKey2":{"value":""}' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/parameters.yaml index 90d485fb45..6e14b7b307 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/parameters.yaml @@ -21,7 +21,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""},"licenseKey2":{"value":""}' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/postpub_parameters.yaml index 90d485fb45..6e14b7b307 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/postpub_parameters.yaml @@ -21,7 +21,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""},"licenseKey2":{"value":""}' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/prepub_parameters.yaml index 1b7301a790..3f9a911d1d 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/byol/prepub_parameters.yaml @@ -20,7 +20,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""},"licenseKey2":{"value":""}' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/bigip_version_parameters.yaml index 128e7c586d..88a9139326 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/bigip_version_parameters.yaml @@ -16,7 +16,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Better10Gbps INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/parameters.yaml index 1a8b5e1e75..ede62d0715 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/parameters.yaml @@ -19,7 +19,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/postpub_parameters.yaml index 1a8b5e1e75..ede62d0715 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/postpub_parameters.yaml @@ -19,7 +19,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/prepub_parameters.yaml index 03f4fe507a..a0cc08852a 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/prepub_parameters.yaml @@ -19,7 +19,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/prepub_parameters_v14.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/prepub_parameters_v14.yaml index bd9f5c4de0..9e4acb53de 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/prepub_parameters_v14.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/prepub_parameters_v14.yaml @@ -19,7 +19,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:14.1.404001 INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/prepub_parameters_v15.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/prepub_parameters_v15.yaml index f583ea6422..817636f0bd 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/prepub_parameters_v15.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/failover/same-net/via-lb/3nic/existing-stack/payg/prepub_parameters_v15.yaml @@ -19,7 +19,7 @@ EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:15.1.400000 INSTANCE PARAM: ',"numberOfInstances":{"value":2}' -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/bigip_version_parameters.yaml index f256199efb..c60b4876c3 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/bigip_version_parameters.yaml @@ -17,7 +17,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/parameters.yaml index e12809ad50..81823596c7 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/parameters.yaml @@ -20,7 +20,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/postpub_parameters.yaml index e12809ad50..81823596c7 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/postpub_parameters.yaml @@ -20,7 +20,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/prepub_parameters.yaml index 12bc5d604c..463336fd86 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/bigiq/prepub_parameters.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/bigip_version_parameters.yaml index c05db11546..8611ec4fa9 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/bigip_version_parameters.yaml @@ -16,7 +16,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/parameters.yaml index 91752d67ca..1e443d47ae 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/parameters.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/postpub_parameters.yaml index 91752d67ca..1e443d47ae 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/postpub_parameters.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/prepub_parameters.yaml index 48453fc2fa..216b3aeb65 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/byol/prepub_parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/bigip_version_parameters.yaml index 656d89d7c7..cfbd4aee83 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/bigip_version_parameters.yaml @@ -15,7 +15,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Better25Mbps -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/parameters.yaml index d9b2cb107b..a7cb69daca 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Better25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/postpub_parameters.yaml index a2b4740b16..f47ab4ee2d 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/postpub_parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Better25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/prepub_parameters.yaml index a611ab4bb5..2f35abd5d0 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/prepub_parameters.yaml @@ -17,7 +17,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Better25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/prepub_parameters_v14.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/prepub_parameters_v14.yaml index f80ebbb6f5..076e84c864 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/prepub_parameters_v14.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/prepub_parameters_v14.yaml @@ -17,7 +17,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Better25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:14.1.404001 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/prepub_parameters_v15.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/prepub_parameters_v15.yaml index aecf9b0239..5b9c123d1f 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/prepub_parameters_v15.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/1nic/existing-stack/payg/prepub_parameters_v15.yaml @@ -17,7 +17,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Better25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:15.1.400000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/bigip_version_parameters.yaml index bca9b49475..d302dc0ff3 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/bigip_version_parameters.yaml @@ -17,7 +17,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/parameters.yaml index d5c446f37f..eae6bc9e23 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/parameters.yaml @@ -20,7 +20,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/postpub_parameters.yaml index d5c446f37f..eae6bc9e23 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/postpub_parameters.yaml @@ -20,7 +20,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/prepub_parameters.yaml index 55ae30621e..fd860eb3c8 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/bigiq/prepub_parameters.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/bigip_version_parameters.yaml index e601e531e9..e0c60b8246 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/bigip_version_parameters.yaml @@ -16,7 +16,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/parameters.yaml index c1fe2f8fe0..2e8149ca91 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/parameters.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/postpub_parameters.yaml index c1fe2f8fe0..2e8149ca91 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/postpub_parameters.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/prepub_parameters.yaml index ea2fcf4071..055d3b97e5 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/byol/prepub_parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: f5-networks:f5-big-ip-byol:f5-big-all-2slot-byol:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/bigip_version_parameters.yaml index 9cd403ffcb..96e282b41e 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/bigip_version_parameters.yaml @@ -15,7 +15,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Better25Mbps -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/parameters.yaml index 657421de9a..2e6998a53c 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: PerAppVeAdvancedWaf25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/postpub_parameters.yaml index 184a685e96..728846804a 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/postpub_parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: PerAppVeAdvancedWaf25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/prepub_parameters.yaml index dcd6bdba93..5c8bea944d 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/prepub_parameters.yaml @@ -17,7 +17,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: PerAppVeAdvancedWaf25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/prepub_parameters_v14.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/prepub_parameters_v14.yaml index 24ee431c0a..72dc4601ca 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/prepub_parameters_v14.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/prepub_parameters_v14.yaml @@ -17,7 +17,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: PerAppVeAdvancedWaf25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:14.1.404001 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/prepub_parameters_v15.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/prepub_parameters_v15.yaml index 6fe7b9d2db..dd15aa07f4 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/prepub_parameters_v15.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/2nic/existing-stack/payg/prepub_parameters_v15.yaml @@ -17,7 +17,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: PerAppVeAdvancedWaf25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:15.1.400000 -INSTANCE TYPE: Standard_D4s_v3 +INSTANCE TYPE: Standard_D4s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/bigip_version_parameters.yaml index ecb2ed09f9..d7ce8af251 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/bigip_version_parameters.yaml @@ -17,7 +17,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/parameters.yaml index d158326dfc..f8b1c0624f 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/parameters.yaml @@ -20,7 +20,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/postpub_parameters.yaml index d158326dfc..f8b1c0624f 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/postpub_parameters.yaml @@ -20,7 +20,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/prepub_parameters.yaml index 9d119dfc06..c7391bf31d 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/bigiq/prepub_parameters.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/bigip_version_parameters.yaml index 4dc3cd4d4b..b72e318f50 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/bigip_version_parameters.yaml @@ -16,7 +16,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '"bigIqLicensePoolName":{"value":""},"bigIqLicenseSkuKeyword1":{"value":"F5-BIG-MSP-BT-1G"},"bigIqLicenseUnitOfMeasure":{"value":"yearly"}' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/parameters.yaml index 57543a804e..b93492ad5d 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/parameters.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '"bigIqLicensePoolName":{"value":""},"bigIqLicenseSkuKeyword1":{"value":"F5-BIG-MSP-BT-1G"},"bigIqLicenseUnitOfMeasure":{"value":"yearly"}' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/postpub_parameters.yaml index 57543a804e..b93492ad5d 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/postpub_parameters.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '"bigIqLicensePoolName":{"value":""},"bigIqLicenseSkuKeyword1":{"value":"F5-BIG-MSP-BT-1G"},"bigIqLicenseUnitOfMeasure":{"value":"yearly"}' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/prepub_parameters.yaml index 3884661491..e1fe392e4d 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/byol/prepub_parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '"bigIqLicensePoolName":{"value":""},"bigIqLicenseSkuKeyword1":{"value":"F5-BIG-MSP-BT-1G"},"bigIqLicenseUnitOfMeasure":{"value":"yearly"}' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/bigip_version_parameters.yaml index 5a8a092683..b5f3c54d15 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/bigip_version_parameters.yaml @@ -15,7 +15,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best200Mbps -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/parameters.yaml index 4cd10b1c7d..42f8794ebc 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/postpub_parameters.yaml index 7a4f206074..310d610613 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/postpub_parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Better1Gbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/prepub_parameters.yaml index 6178ebf24f..86819bcf47 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/prepub_parameters.yaml @@ -17,7 +17,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 2 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/prepub_parameters_v14.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/prepub_parameters_v14.yaml index 94bdea2234..914f538537 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/prepub_parameters_v14.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/prepub_parameters_v14.yaml @@ -17,7 +17,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 2 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:14.1.404001 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/prepub_parameters_v15.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/prepub_parameters_v15.yaml index 3f360e7f86..b6d99f2330 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/prepub_parameters_v15.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/3nic/existing-stack/payg/prepub_parameters_v15.yaml @@ -17,7 +17,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 2 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:15.1.201000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/bigip_version_parameters.yaml index 860da1a52b..de299ebf3b 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/bigip_version_parameters.yaml @@ -18,7 +18,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/parameters.yaml index 1e2cefc840..6c12b95dfc 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/parameters.yaml @@ -21,7 +21,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/postpub_parameters.yaml index 1e2cefc840..6c12b95dfc 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/postpub_parameters.yaml @@ -21,7 +21,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/prepub_parameters.yaml index a40bcfb8b9..b68b917262 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/bigiq/prepub_parameters.yaml @@ -20,7 +20,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"bigIqUsername":{"value":"admin"},"bigIqPassword":{"value":"B!giq2017"},' LICENSE POOL: production diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/bigip_version_parameters.yaml index 339f62379b..18b90fc3ea 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/bigip_version_parameters.yaml @@ -17,7 +17,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/parameters.yaml index b632880269..5e235a8c58 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/parameters.yaml @@ -20,7 +20,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/postpub_parameters.yaml index b632880269..5e235a8c58 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/postpub_parameters.yaml @@ -20,7 +20,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/prepub_parameters.yaml index 87f47a225a..12e966f227 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/byol/prepub_parameters.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: AllTwoBootLocations IMAGE URN: OPTIONAL -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: ',"licenseKey1":{"value":""}' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/bigip_version_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/bigip_version_parameters.yaml index 4e44dd76e5..fd13931bc1 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/bigip_version_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/bigip_version_parameters.yaml @@ -16,7 +16,7 @@ DNS LABEL: ',"dnsLabel":{"value":""}' EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/parameters.yaml index 24d054857d..537d72806e 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/parameters.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/postpub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/postpub_parameters.yaml index 24d054857d..537d72806e 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/postpub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/postpub_parameters.yaml @@ -19,7 +19,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/prepub_parameters.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/prepub_parameters.yaml index bff584c472..0fd94503ee 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/prepub_parameters.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/prepub_parameters.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:16.1.201000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/prepub_parameters_v14.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/prepub_parameters_v14.yaml index 818013ab91..6352245d2b 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/prepub_parameters_v14.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/prepub_parameters_v14.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:14.1.404001 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/prepub_parameters_v15.yaml b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/prepub_parameters_v15.yaml index bd11dcc29d..8b6c9fd479 100644 --- a/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/prepub_parameters_v15.yaml +++ b/automated-test-scripts/data/f5-azure-arm-templates/supported/standalone/n-nic/existing-stack/payg/prepub_parameters_v15.yaml @@ -18,7 +18,7 @@ EXT ALB EXISTS: 'No' EXTERNAL IP COUNT: 1 IMAGE NAME: Best25Mbps IMAGE URN: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly-po-f5:15.1.400000 -INSTANCE TYPE: Standard_D8s_v3 +INSTANCE TYPE: Standard_D8s_v4 LICENSE PARAM: '' LICENSE POOL: production LICENSE POOL PARAM: '' diff --git a/automated-test-scripts/data/test_policies/shimkus.yaml b/automated-test-scripts/data/test_policies/shimkus.yaml index 18673ceb27..1985f59fb5 100644 --- a/automated-test-scripts/data/test_policies/shimkus.yaml +++ b/automated-test-scripts/data/test_policies/shimkus.yaml @@ -1,4 +1,4 @@ -# Pre release test plan +# Personal test plan # Azure standalone tests azure-standalone-1nic-test: test-url: "file://automated-test-scripts/f5-azure-arm-templates/supported/standalone/daily_test.yaml" diff --git a/azure-bigip-version-matrix.md b/azure-bigip-version-matrix.md index 0770f2e27e..4a73ce8491 100644 --- a/azure-bigip-version-matrix.md +++ b/azure-bigip-version-matrix.md @@ -8,6 +8,12 @@ The following table contains all of the tagged releases of the F5 ARM templates | Release Tag | Template Family | BIG-IP Versions | BIG-IQ Versions | PAYG License Bundles and Throughput | BYOL/BIG-IQ Image options | | --- | --- | --- | --- | --- | --- | +| [v9.9.0.0](https://github.com/F5Networks/f5-azure-arm-templates/releases/tag/v9.9.0.0) | Standalone | BIG-IP v16.1.2.1, BIG-IP v15.1.4, BIG-IP v14.1.4.4 | BIG-IQ v5.4, v6.1.0 | *Good/Better/Best*: 1Gbps, 5Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps
Per App VE LTM: 25Mbps, 200Mbps
Per App VE Advanced WAF: 25Mbps, 200Mbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | +| | Cluster (Failover-API) | Latest, BIG-IP v16.1.2.1, BIG-IP v15.1.4, BIG-IP v14.1.4.4 | BIG-IQ v5.4, v6.1.0 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | +| | Cluster (Failover-LB) | Latest, BIG-IP v16.1.2.1, BIG-IP v15.1.4, BIG-IP v14.1.4.4 | BIG-IQ v5.4, v6.1.0 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | +| | Auto Scale WAF | Latest, BIG-IP BIG-IP v16.1.2.1, BIG-IP v15.1.4, BIG-IP v14.1.4.4 | BIG-IQ v5.4, v6.1.0 | *Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps
Per App VE Advanced WAF: 25Mbps, 200Mbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | +| | Auto Scale LTM | Latest, BIG-IP BIG-IP v16.1.2.1, BIG-IP v15.1.4, BIG-IP v14.1.4.4 | BIG-IQ v5.4, v6.1.0 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
v13.1+: Per App VE LTM: 25Mbps, 200Mbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | +| | BIG-IQ | N/A | 6.1.0 | N/A | Best | | [v9.8.0.0](https://github.com/F5Networks/f5-azure-arm-templates/releases/tag/v9.8.0.0) | Standalone | BIG-IP v16.1.2.1, BIG-IP v15.1.4, BIG-IP v14.1.4.4 | BIG-IQ v5.4, v6.1.0 | *Good/Better/Best*: 1Gbps, 5Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps
Per App VE LTM: 25Mbps, 200Mbps
Per App VE Advanced WAF: 25Mbps, 200Mbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | | | Cluster (Failover-API) | Latest, BIG-IP v16.1.2.1, BIG-IP v15.1.4, BIG-IP v14.1.4.4 | BIG-IQ v5.4, v6.1.0 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | | | Cluster (Failover-LB) | Latest, BIG-IP v16.1.2.1, BIG-IP v15.1.4, BIG-IP v14.1.4.4 | BIG-IQ v5.4, v6.1.0 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | diff --git a/azure-offer-list.yaml b/azure-offer-list.yaml index 60883f5dc6..ab8f0f3038 100644 --- a/azure-offer-list.yaml +++ b/azure-offer-list.yaml @@ -23,6 +23,11 @@ sku: f5-big-awf-plus-hourly-200mbps urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-200mbps:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-advanced-waf + publisher: f5-networks + sku: f5-big-awf-plus-hourly-200mbps + urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-200mbps:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-advanced-waf publisher: f5-networks sku: f5-big-awf-plus-hourly-200mbps @@ -33,6 +38,11 @@ sku: f5-big-awf-plus-hourly-200mbps urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-200mbps:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-advanced-waf + publisher: f5-networks + sku: f5-big-awf-plus-hourly-200mbps + urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-200mbps:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-advanced-waf publisher: f5-networks sku: f5-big-awf-plus-hourly-200mbps @@ -83,6 +93,11 @@ sku: f5-big-awf-plus-hourly-25mbps urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-25mbps:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-advanced-waf + publisher: f5-networks + sku: f5-big-awf-plus-hourly-25mbps + urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-25mbps:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-advanced-waf publisher: f5-networks sku: f5-big-awf-plus-hourly-25mbps @@ -93,6 +108,11 @@ sku: f5-big-awf-plus-hourly-25mbps urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-25mbps:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-advanced-waf + publisher: f5-networks + sku: f5-big-awf-plus-hourly-25mbps + urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-25mbps:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-advanced-waf publisher: f5-networks sku: f5-big-awf-plus-hourly-25mbps @@ -143,6 +163,11 @@ sku: f5-big-awf-plus-hourly-3gbps urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-3gbps:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-advanced-waf + publisher: f5-networks + sku: f5-big-awf-plus-hourly-3gbps + urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-3gbps:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-advanced-waf publisher: f5-networks sku: f5-big-awf-plus-hourly-3gbps @@ -153,6 +178,11 @@ sku: f5-big-awf-plus-hourly-3gbps urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-3gbps:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-advanced-waf + publisher: f5-networks + sku: f5-big-awf-plus-hourly-3gbps + urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-3gbps:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-advanced-waf publisher: f5-networks sku: f5-big-awf-plus-hourly-3gbps @@ -183,6 +213,16 @@ sku: f5-big-awf-plus-hourly-hp16 urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-hp16:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-advanced-waf + publisher: f5-networks + sku: f5-big-awf-plus-hourly-hp16 + urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-hp16:14.1.406000 + version: 14.1.406000 +- offer: f5-big-ip-advanced-waf + publisher: f5-networks + sku: f5-big-awf-plus-hourly-hp16 + urn: f5-networks:f5-big-ip-advanced-waf:f5-big-awf-plus-hourly-hp16:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-advanced-waf publisher: f5-networks sku: f5-big-awf-plus-hourly-hp16 @@ -193,6 +233,16 @@ sku: f5-big-best-plus-hourly-10gbps urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-10gbps:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-big-best-plus-hourly-10gbps + urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-10gbps:14.1.406000 + version: 14.1.406000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-big-best-plus-hourly-10gbps + urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-10gbps:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-big-best-plus-hourly-10gbps @@ -203,6 +253,16 @@ sku: f5-big-best-plus-hourly-1gbps urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-1gbps:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-big-best-plus-hourly-1gbps + urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-1gbps:14.1.406000 + version: 14.1.406000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-big-best-plus-hourly-1gbps + urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-1gbps:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-big-best-plus-hourly-1gbps @@ -213,6 +273,16 @@ sku: f5-big-best-plus-hourly-200mbps urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-200mbps:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-big-best-plus-hourly-200mbps + urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-200mbps:14.1.406000 + version: 14.1.406000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-big-best-plus-hourly-200mbps + urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-200mbps:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-big-best-plus-hourly-200mbps @@ -223,6 +293,16 @@ sku: f5-big-best-plus-hourly-25mbps urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-25mbps:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-big-best-plus-hourly-25mbps + urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-25mbps:14.1.406000 + version: 14.1.406000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-big-best-plus-hourly-25mbps + urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-25mbps:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-big-best-plus-hourly-25mbps @@ -233,6 +313,16 @@ sku: f5-big-best-plus-hourly-5gbps urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-5gbps:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-big-best-plus-hourly-5gbps + urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-5gbps:14.1.406000 + version: 14.1.406000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-big-best-plus-hourly-5gbps + urn: f5-networks:f5-big-ip-best:f5-big-best-plus-hourly-5gbps:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-big-best-plus-hourly-5gbps @@ -248,6 +338,11 @@ sku: f5-bigip-virtual-edition-10g-best-hourly urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-10g-best-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-bigip-virtual-edition-10g-best-hourly + urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-10g-best-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-bigip-virtual-edition-10g-best-hourly @@ -298,6 +393,11 @@ sku: f5-bigip-virtual-edition-1g-best-hourly urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-1g-best-hourly:13.1.401000 version: 13.1.401000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-bigip-virtual-edition-1g-best-hourly + urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-1g-best-hourly:13.1.500000 + version: 13.1.500000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-bigip-virtual-edition-1g-best-hourly @@ -323,6 +423,11 @@ sku: f5-bigip-virtual-edition-1g-best-hourly urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-1g-best-hourly:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-bigip-virtual-edition-1g-best-hourly + urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-1g-best-hourly:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-bigip-virtual-edition-1g-best-hourly @@ -338,6 +443,11 @@ sku: f5-bigip-virtual-edition-1g-best-hourly urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-1g-best-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-bigip-virtual-edition-1g-best-hourly + urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-1g-best-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-bigip-virtual-edition-1g-best-hourly @@ -388,6 +498,11 @@ sku: f5-bigip-virtual-edition-200m-best-hourly urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-200m-best-hourly:13.1.401000 version: 13.1.401000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-bigip-virtual-edition-200m-best-hourly + urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-200m-best-hourly:13.1.500000 + version: 13.1.500000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-bigip-virtual-edition-200m-best-hourly @@ -418,6 +533,11 @@ sku: f5-bigip-virtual-edition-200m-best-hourly urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-200m-best-hourly:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-bigip-virtual-edition-200m-best-hourly + urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-200m-best-hourly:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-bigip-virtual-edition-200m-best-hourly @@ -428,6 +548,11 @@ sku: f5-bigip-virtual-edition-200m-best-hourly urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-200m-best-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-bigip-virtual-edition-200m-best-hourly + urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-200m-best-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-bigip-virtual-edition-200m-best-hourly @@ -483,6 +608,11 @@ sku: f5-bigip-virtual-edition-25m-best-hourly urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:13.1.401000 version: 13.1.401000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-bigip-virtual-edition-25m-best-hourly + urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:13.1.500000 + version: 13.1.500000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-bigip-virtual-edition-25m-best-hourly @@ -508,6 +638,11 @@ sku: f5-bigip-virtual-edition-25m-best-hourly urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-bigip-virtual-edition-25m-best-hourly + urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-bigip-virtual-edition-25m-best-hourly @@ -518,6 +653,11 @@ sku: f5-bigip-virtual-edition-25m-best-hourly urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-bigip-virtual-edition-25m-best-hourly + urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-25m-best-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-bigip-virtual-edition-25m-best-hourly @@ -553,6 +693,11 @@ sku: f5-bigip-virtual-edition-5g-best-hourly urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-5g-best-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-best + publisher: f5-networks + sku: f5-bigip-virtual-edition-5g-best-hourly + urn: f5-networks:f5-big-ip-best:f5-bigip-virtual-edition-5g-best-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-best publisher: f5-networks sku: f5-bigip-virtual-edition-5g-best-hourly @@ -588,6 +733,11 @@ sku: f5-bigip-virtual-edition-10g-better-hourly urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-10g-better-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-better + publisher: f5-networks + sku: f5-bigip-virtual-edition-10g-better-hourly + urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-10g-better-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-better publisher: f5-networks sku: f5-bigip-virtual-edition-10g-better-hourly @@ -638,6 +788,11 @@ sku: f5-bigip-virtual-edition-1g-better-hourly urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-1g-better-hourly:13.1.401000 version: 13.1.401000 +- offer: f5-big-ip-better + publisher: f5-networks + sku: f5-bigip-virtual-edition-1g-better-hourly + urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-1g-better-hourly:13.1.500000 + version: 13.1.500000 - offer: f5-big-ip-better publisher: f5-networks sku: f5-bigip-virtual-edition-1g-better-hourly @@ -663,6 +818,11 @@ sku: f5-bigip-virtual-edition-1g-better-hourly urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-1g-better-hourly:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-better + publisher: f5-networks + sku: f5-bigip-virtual-edition-1g-better-hourly + urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-1g-better-hourly:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-better publisher: f5-networks sku: f5-bigip-virtual-edition-1g-better-hourly @@ -673,6 +833,11 @@ sku: f5-bigip-virtual-edition-1g-better-hourly urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-1g-better-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-better + publisher: f5-networks + sku: f5-bigip-virtual-edition-1g-better-hourly + urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-1g-better-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-better publisher: f5-networks sku: f5-bigip-virtual-edition-1g-better-hourly @@ -723,6 +888,11 @@ sku: f5-bigip-virtual-edition-200m-better-hourly urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-200m-better-hourly:13.1.401000 version: 13.1.401000 +- offer: f5-big-ip-better + publisher: f5-networks + sku: f5-bigip-virtual-edition-200m-better-hourly + urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-200m-better-hourly:13.1.500000 + version: 13.1.500000 - offer: f5-big-ip-better publisher: f5-networks sku: f5-bigip-virtual-edition-200m-better-hourly @@ -748,6 +918,11 @@ sku: f5-bigip-virtual-edition-200m-better-hourly urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-200m-better-hourly:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-better + publisher: f5-networks + sku: f5-bigip-virtual-edition-200m-better-hourly + urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-200m-better-hourly:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-better publisher: f5-networks sku: f5-bigip-virtual-edition-200m-better-hourly @@ -758,6 +933,11 @@ sku: f5-bigip-virtual-edition-200m-better-hourly urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-200m-better-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-better + publisher: f5-networks + sku: f5-bigip-virtual-edition-200m-better-hourly + urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-200m-better-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-better publisher: f5-networks sku: f5-bigip-virtual-edition-200m-better-hourly @@ -808,6 +988,11 @@ sku: f5-bigip-virtual-edition-25m-better-hourly urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-25m-better-hourly:13.1.401000 version: 13.1.401000 +- offer: f5-big-ip-better + publisher: f5-networks + sku: f5-bigip-virtual-edition-25m-better-hourly + urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-25m-better-hourly:13.1.500000 + version: 13.1.500000 - offer: f5-big-ip-better publisher: f5-networks sku: f5-bigip-virtual-edition-25m-better-hourly @@ -833,6 +1018,11 @@ sku: f5-bigip-virtual-edition-25m-better-hourly urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-25m-better-hourly:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-better + publisher: f5-networks + sku: f5-bigip-virtual-edition-25m-better-hourly + urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-25m-better-hourly:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-better publisher: f5-networks sku: f5-bigip-virtual-edition-25m-better-hourly @@ -843,6 +1033,11 @@ sku: f5-bigip-virtual-edition-25m-better-hourly urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-25m-better-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-better + publisher: f5-networks + sku: f5-bigip-virtual-edition-25m-better-hourly + urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-25m-better-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-better publisher: f5-networks sku: f5-bigip-virtual-edition-25m-better-hourly @@ -878,6 +1073,11 @@ sku: f5-bigip-virtual-edition-5g-better-hourly urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-5g-better-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-better + publisher: f5-networks + sku: f5-bigip-virtual-edition-5g-better-hourly + urn: f5-networks:f5-big-ip-better:f5-bigip-virtual-edition-5g-better-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-better publisher: f5-networks sku: f5-bigip-virtual-edition-5g-better-hourly @@ -923,6 +1123,11 @@ sku: f5-big-all-1slot-byol urn: f5-networks:f5-big-ip-byol:f5-big-all-1slot-byol:13.1.401000 version: 13.1.401000 +- offer: f5-big-ip-byol + publisher: f5-networks + sku: f5-big-all-1slot-byol + urn: f5-networks:f5-big-ip-byol:f5-big-all-1slot-byol:13.1.500000 + version: 13.1.500000 - offer: f5-big-ip-byol publisher: f5-networks sku: f5-big-all-1slot-byol @@ -948,6 +1153,11 @@ sku: f5-big-all-1slot-byol urn: f5-networks:f5-big-ip-byol:f5-big-all-1slot-byol:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-byol + publisher: f5-networks + sku: f5-big-all-1slot-byol + urn: f5-networks:f5-big-ip-byol:f5-big-all-1slot-byol:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-byol publisher: f5-networks sku: f5-big-all-1slot-byol @@ -958,6 +1168,11 @@ sku: f5-big-all-1slot-byol urn: f5-networks:f5-big-ip-byol:f5-big-all-1slot-byol:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-byol + publisher: f5-networks + sku: f5-big-all-1slot-byol + urn: f5-networks:f5-big-ip-byol:f5-big-all-1slot-byol:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-byol publisher: f5-networks sku: f5-big-all-1slot-byol @@ -1013,6 +1228,11 @@ sku: f5-big-all-2slot-byol urn: f5-networks:f5-big-ip-byol:f5-big-all-2slot-byol:13.1.401000 version: 13.1.401000 +- offer: f5-big-ip-byol + publisher: f5-networks + sku: f5-big-all-2slot-byol + urn: f5-networks:f5-big-ip-byol:f5-big-all-2slot-byol:13.1.500000 + version: 13.1.500000 - offer: f5-big-ip-byol publisher: f5-networks sku: f5-big-all-2slot-byol @@ -1043,6 +1263,11 @@ sku: f5-big-all-2slot-byol urn: f5-networks:f5-big-ip-byol:f5-big-all-2slot-byol:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-byol + publisher: f5-networks + sku: f5-big-all-2slot-byol + urn: f5-networks:f5-big-ip-byol:f5-big-all-2slot-byol:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-byol publisher: f5-networks sku: f5-big-all-2slot-byol @@ -1058,6 +1283,11 @@ sku: f5-big-all-2slot-byol urn: f5-networks:f5-big-ip-byol:f5-big-all-2slot-byol:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-byol + publisher: f5-networks + sku: f5-big-all-2slot-byol + urn: f5-networks:f5-big-ip-byol:f5-big-all-2slot-byol:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-byol publisher: f5-networks sku: f5-big-all-2slot-byol @@ -1098,6 +1328,11 @@ sku: f5-big-ltm-1slot-byol urn: f5-networks:f5-big-ip-byol:f5-big-ltm-1slot-byol:13.1.401000 version: 13.1.401000 +- offer: f5-big-ip-byol + publisher: f5-networks + sku: f5-big-ltm-1slot-byol + urn: f5-networks:f5-big-ip-byol:f5-big-ltm-1slot-byol:13.1.500000 + version: 13.1.500000 - offer: f5-big-ip-byol publisher: f5-networks sku: f5-big-ltm-1slot-byol @@ -1123,6 +1358,11 @@ sku: f5-big-ltm-1slot-byol urn: f5-networks:f5-big-ip-byol:f5-big-ltm-1slot-byol:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-byol + publisher: f5-networks + sku: f5-big-ltm-1slot-byol + urn: f5-networks:f5-big-ip-byol:f5-big-ltm-1slot-byol:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-byol publisher: f5-networks sku: f5-big-ltm-1slot-byol @@ -1133,6 +1373,11 @@ sku: f5-big-ltm-1slot-byol urn: f5-networks:f5-big-ip-byol:f5-big-ltm-1slot-byol:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-byol + publisher: f5-networks + sku: f5-big-ltm-1slot-byol + urn: f5-networks:f5-big-ip-byol:f5-big-ltm-1slot-byol:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-byol publisher: f5-networks sku: f5-big-ltm-1slot-byol @@ -1183,6 +1428,11 @@ sku: f5-big-ltm-2slot-byol urn: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:13.1.401000 version: 13.1.401000 +- offer: f5-big-ip-byol + publisher: f5-networks + sku: f5-big-ltm-2slot-byol + urn: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:13.1.500000 + version: 13.1.500000 - offer: f5-big-ip-byol publisher: f5-networks sku: f5-big-ltm-2slot-byol @@ -1208,6 +1458,11 @@ sku: f5-big-ltm-2slot-byol urn: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-byol + publisher: f5-networks + sku: f5-big-ltm-2slot-byol + urn: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-byol publisher: f5-networks sku: f5-big-ltm-2slot-byol @@ -1218,6 +1473,11 @@ sku: f5-big-ltm-2slot-byol urn: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-byol + publisher: f5-networks + sku: f5-big-ltm-2slot-byol + urn: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-byol publisher: f5-networks sku: f5-big-ltm-2slot-byol @@ -1253,6 +1513,11 @@ sku: f5-bigip-virtual-edition-10g-good-hourly urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-10g-good-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-good + publisher: f5-networks + sku: f5-bigip-virtual-edition-10g-good-hourly + urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-10g-good-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-good publisher: f5-networks sku: f5-bigip-virtual-edition-10g-good-hourly @@ -1303,6 +1568,11 @@ sku: f5-bigip-virtual-edition-1g-good-hourly urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-1g-good-hourly:13.1.401000 version: 13.1.401000 +- offer: f5-big-ip-good + publisher: f5-networks + sku: f5-bigip-virtual-edition-1g-good-hourly + urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-1g-good-hourly:13.1.500000 + version: 13.1.500000 - offer: f5-big-ip-good publisher: f5-networks sku: f5-bigip-virtual-edition-1g-good-hourly @@ -1328,6 +1598,11 @@ sku: f5-bigip-virtual-edition-1g-good-hourly urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-1g-good-hourly:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-good + publisher: f5-networks + sku: f5-bigip-virtual-edition-1g-good-hourly + urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-1g-good-hourly:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-good publisher: f5-networks sku: f5-bigip-virtual-edition-1g-good-hourly @@ -1338,6 +1613,11 @@ sku: f5-bigip-virtual-edition-1g-good-hourly urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-1g-good-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-good + publisher: f5-networks + sku: f5-bigip-virtual-edition-1g-good-hourly + urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-1g-good-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-good publisher: f5-networks sku: f5-bigip-virtual-edition-1g-good-hourly @@ -1388,6 +1668,11 @@ sku: f5-bigip-virtual-edition-200m-good-hourly urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-200m-good-hourly:13.1.401000 version: 13.1.401000 +- offer: f5-big-ip-good + publisher: f5-networks + sku: f5-bigip-virtual-edition-200m-good-hourly + urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-200m-good-hourly:13.1.500000 + version: 13.1.500000 - offer: f5-big-ip-good publisher: f5-networks sku: f5-bigip-virtual-edition-200m-good-hourly @@ -1413,6 +1698,11 @@ sku: f5-bigip-virtual-edition-200m-good-hourly urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-200m-good-hourly:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-good + publisher: f5-networks + sku: f5-bigip-virtual-edition-200m-good-hourly + urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-200m-good-hourly:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-good publisher: f5-networks sku: f5-bigip-virtual-edition-200m-good-hourly @@ -1423,6 +1713,11 @@ sku: f5-bigip-virtual-edition-200m-good-hourly urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-200m-good-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-good + publisher: f5-networks + sku: f5-bigip-virtual-edition-200m-good-hourly + urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-200m-good-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-good publisher: f5-networks sku: f5-bigip-virtual-edition-200m-good-hourly @@ -1473,6 +1768,11 @@ sku: f5-bigip-virtual-edition-25m-good-hourly urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-25m-good-hourly:13.1.401000 version: 13.1.401000 +- offer: f5-big-ip-good + publisher: f5-networks + sku: f5-bigip-virtual-edition-25m-good-hourly + urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-25m-good-hourly:13.1.500000 + version: 13.1.500000 - offer: f5-big-ip-good publisher: f5-networks sku: f5-bigip-virtual-edition-25m-good-hourly @@ -1498,6 +1798,11 @@ sku: f5-bigip-virtual-edition-25m-good-hourly urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-25m-good-hourly:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-good + publisher: f5-networks + sku: f5-bigip-virtual-edition-25m-good-hourly + urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-25m-good-hourly:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-good publisher: f5-networks sku: f5-bigip-virtual-edition-25m-good-hourly @@ -1513,6 +1818,11 @@ sku: f5-bigip-virtual-edition-25m-good-hourly urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-25m-good-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-good + publisher: f5-networks + sku: f5-bigip-virtual-edition-25m-good-hourly + urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-25m-good-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-good publisher: f5-networks sku: f5-bigip-virtual-edition-25m-good-hourly @@ -1548,6 +1858,11 @@ sku: f5-bigip-virtual-edition-5g-good-hourly urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-5g-good-hourly:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-good + publisher: f5-networks + sku: f5-bigip-virtual-edition-5g-good-hourly + urn: f5-networks:f5-big-ip-good:f5-bigip-virtual-edition-5g-good-hourly:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-good publisher: f5-networks sku: f5-bigip-virtual-edition-5g-good-hourly @@ -1598,6 +1913,11 @@ sku: f5-big-awf-plus-pve-hourly-200mbps urn: f5-networks:f5-big-ip-per-app-ve:f5-big-awf-plus-pve-hourly-200mbps:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-per-app-ve + publisher: f5-networks + sku: f5-big-awf-plus-pve-hourly-200mbps + urn: f5-networks:f5-big-ip-per-app-ve:f5-big-awf-plus-pve-hourly-200mbps:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-per-app-ve publisher: f5-networks sku: f5-big-awf-plus-pve-hourly-200mbps @@ -1608,6 +1928,11 @@ sku: f5-big-awf-plus-pve-hourly-200mbps urn: f5-networks:f5-big-ip-per-app-ve:f5-big-awf-plus-pve-hourly-200mbps:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-per-app-ve + publisher: f5-networks + sku: f5-big-awf-plus-pve-hourly-200mbps + urn: f5-networks:f5-big-ip-per-app-ve:f5-big-awf-plus-pve-hourly-200mbps:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-per-app-ve publisher: f5-networks sku: f5-big-awf-plus-pve-hourly-200mbps @@ -1658,6 +1983,11 @@ sku: f5-big-awf-plus-pve-hourly-25mbps urn: f5-networks:f5-big-ip-per-app-ve:f5-big-awf-plus-pve-hourly-25mbps:14.1.405000 version: 14.1.405000 +- offer: f5-big-ip-per-app-ve + publisher: f5-networks + sku: f5-big-awf-plus-pve-hourly-25mbps + urn: f5-networks:f5-big-ip-per-app-ve:f5-big-awf-plus-pve-hourly-25mbps:14.1.406000 + version: 14.1.406000 - offer: f5-big-ip-per-app-ve publisher: f5-networks sku: f5-big-awf-plus-pve-hourly-25mbps @@ -1668,6 +1998,11 @@ sku: f5-big-awf-plus-pve-hourly-25mbps urn: f5-networks:f5-big-ip-per-app-ve:f5-big-awf-plus-pve-hourly-25mbps:15.1.400000 version: 15.1.400000 +- offer: f5-big-ip-per-app-ve + publisher: f5-networks + sku: f5-big-awf-plus-pve-hourly-25mbps + urn: f5-networks:f5-big-ip-per-app-ve:f5-big-awf-plus-pve-hourly-25mbps:15.1.501000 + version: 15.1.501000 - offer: f5-big-ip-per-app-ve publisher: f5-networks sku: f5-big-awf-plus-pve-hourly-25mbps @@ -1728,6 +2063,16 @@ sku: f5-bigiq-virtual-edition-byol urn: f5-networks:f5-big-iq:f5-bigiq-virtual-edition-byol:8.1.002000 version: 8.1.002000 +- offer: f5-big-iq + publisher: f5-networks + sku: f5-bigiq-virtual-edition-byol + urn: f5-networks:f5-big-iq:f5-bigiq-virtual-edition-byol:8.2.000000 + version: 8.2.000000 +- offer: f5-distributed-cloud-bot-defense-service-node + publisher: f5-networks + sku: f5-distributed-cloud-bot-defense-service + urn: f5-networks:f5-distributed-cloud-bot-defense-service-node:f5-distributed-cloud-bot-defense-service:1.0.1 + version: 1.0.1 - offer: f5-web-application-firewall publisher: f5-networks sku: f5-waf-solution-1gbps-hourly diff --git a/cloud-tools b/cloud-tools index 89f101b7a7..3ddc21078e 160000 --- a/cloud-tools +++ b/cloud-tools @@ -1 +1 @@ -Subproject commit 89f101b7a7180e0ec3119b69f36d0c30f0eb2a10 +Subproject commit 3ddc21078e0a9df3d251708b335dcefbcf6eda5d diff --git a/experimental/autoscale/ltm/via-dns/1nic/new-stack/bigiq/README.md b/experimental/autoscale/ltm/via-dns/1nic/new-stack/bigiq/README.md index 375a0a1e5d..f37db17cb2 100644 --- a/experimental/autoscale/ltm/via-dns/1nic/new-stack/bigiq/README.md +++ b/experimental/autoscale/ltm/via-dns/1nic/new-stack/bigiq/README.md @@ -65,6 +65,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - The autoscale LTM and failover-lb NIC templates create a default port 443 load balancing rule and probe at deployment time; this rule is necessary to download required cloud libraries to BIG-IP and may be deleted or modified following a successful deployment. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -114,7 +115,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -140,7 +141,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -303,7 +304,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/experimental/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.json b/experimental/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.json index 9ed57fb494..5526715d73 100644 --- a/experimental/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.json +++ b/experimental/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -225,7 +148,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -487,63 +410,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -562,7 +428,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -593,11 +459,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -711,7 +573,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-new-stack-experimental-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-new-stack-experimental-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -821,7 +683,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json b/experimental/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json index d4258a724b..cb6b2e5888 100644 --- a/experimental/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/autoscale/ltm/via-dns/1nic/new-stack/payg/README.md b/experimental/autoscale/ltm/via-dns/1nic/new-stack/payg/README.md index cad602dd84..4ef4fd7eed 100644 --- a/experimental/autoscale/ltm/via-dns/1nic/new-stack/payg/README.md +++ b/experimental/autoscale/ltm/via-dns/1nic/new-stack/payg/README.md @@ -62,6 +62,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - The autoscale LTM and failover-lb NIC templates create a default port 443 load balancing rule and probe at deployment time; this rule is necessary to download required cloud libraries to BIG-IP and may be deleted or modified following a successful deployment. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -111,7 +112,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -131,7 +132,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -294,7 +295,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/experimental/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.json b/experimental/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.json index fe9a90902b..0d88e73cca 100644 --- a/experimental/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.json +++ b/experimental/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -200,7 +123,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -462,63 +385,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -537,7 +403,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -568,11 +434,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -729,7 +591,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-new-stack-experimental-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-new-stack-experimental-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -839,7 +701,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json b/experimental/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json index 4f84548912..bd83c2a09e 100644 --- a/experimental/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json +++ b/experimental/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/README.md b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/README.md index d3fc7363f1..caf03194cf 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/README.md +++ b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/README.md @@ -64,6 +64,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - All autoscale via-lb and failover via-lb templates now deploy Standard SKU Azure Load Balancers. - The autoscale LTM and failover-lb NIC templates create a default port 443 load balancing rule and probe at deployment time; this rule is necessary to download required cloud libraries to BIG-IP and may be deleted or modified following a successful deployment. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -113,7 +114,7 @@ Use the appropriate button below to deploy: - **BIGIQ-PAYG**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s), as well as use PAYG instances. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq-payg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq-payg%2Fazuredeploy.json) ### Template parameters @@ -143,7 +144,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -301,7 +302,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json index 46174e367e..fa15608659 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json +++ b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -274,7 +197,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -502,63 +425,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -577,7 +443,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -608,11 +474,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -863,7 +725,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-existing-stack-experimental-bigiq-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-existing-stack-experimental-bigiq-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1133,7 +995,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json index 4dd3e6fab0..9e62b6594d 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json +++ b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/README.md b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/README.md index dba78688d2..cdcd977629 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/README.md +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/README.md @@ -64,6 +64,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - All autoscale via-lb and failover via-lb templates now deploy Standard SKU Azure Load Balancers. - The autoscale LTM and failover-lb NIC templates create a default port 443 load balancing rule and probe at deployment time; this rule is necessary to download required cloud libraries to BIG-IP and may be deleted or modified following a successful deployment. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -113,7 +114,7 @@ Use the appropriate button below to deploy: - **BIGIQ-PAYG**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s), as well as use PAYG instances. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq-payg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq-payg%2Fazuredeploy.json) ### Template parameters @@ -141,7 +142,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -296,7 +297,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json index e596dff420..612c64d241 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -263,7 +186,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -470,63 +393,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -545,7 +411,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -576,11 +442,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -820,7 +682,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-new-stack-experimental-bigiq-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-new-stack-experimental-bigiq-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1085,7 +947,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json index 3498adfca5..a4f44435da 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq/README.md b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq/README.md index 6f7afb0c05..6c056597fb 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq/README.md +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq/README.md @@ -63,6 +63,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - All autoscale via-lb and failover via-lb templates now deploy Standard SKU Azure Load Balancers. - The autoscale LTM and failover-lb NIC templates create a default port 443 load balancing rule and probe at deployment time; this rule is necessary to download required cloud libraries to BIG-IP and may be deleted or modified following a successful deployment. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -112,7 +113,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -138,7 +139,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -293,7 +294,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.json b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.json index fd79049a33..247f2d7f7a 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.json +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -225,7 +148,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -430,63 +353,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -505,7 +371,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -536,11 +402,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -654,7 +516,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-new-stack-experimental-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-new-stack-experimental-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -868,7 +730,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json index 5c5bdaa8b8..2a3872876f 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/payg/README.md b/experimental/autoscale/ltm/via-lb/1nic/new-stack/payg/README.md index 0ada9d5b6c..9f3e19fe68 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/payg/README.md +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/payg/README.md @@ -60,6 +60,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - All autoscale via-lb and failover via-lb templates now deploy Standard SKU Azure Load Balancers. - The autoscale LTM and failover-lb NIC templates create a default port 443 load balancing rule and probe at deployment time; this rule is necessary to download required cloud libraries to BIG-IP and may be deleted or modified following a successful deployment. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -109,7 +110,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -129,7 +130,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -284,7 +285,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.json b/experimental/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.json index 9b84da4378..9ed52d23f9 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.json +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -200,7 +123,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -405,63 +328,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -480,7 +346,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -511,11 +377,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -672,7 +534,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-new-stack-experimental-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-new-stack-experimental-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -886,7 +748,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json b/experimental/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json index 9a4af827a4..76784009a1 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/autoscale/waf/via-dns/1nic/new-stack/bigiq/README.md b/experimental/autoscale/waf/via-dns/1nic/new-stack/bigiq/README.md index e90aded3fd..2ac8b992ae 100644 --- a/experimental/autoscale/waf/via-dns/1nic/new-stack/bigiq/README.md +++ b/experimental/autoscale/waf/via-dns/1nic/new-stack/bigiq/README.md @@ -65,6 +65,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -114,7 +115,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -140,7 +141,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -312,7 +313,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/experimental/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.json b/experimental/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.json index b23757ac5f..0e6864e7bf 100644 --- a/experimental/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.json +++ b/experimental/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,81 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -221,7 +146,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -562,63 +487,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -637,7 +505,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -668,11 +536,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -m ', parameters('applicationProtocols'), ' -n ', parameters('applicationAddress'), ' -j ', parameters('applicationPort'), ' -k ', parameters('applicationSecurePort'), ' -h ', parameters('applicationPort'), ' -s ', parameters('applicationSecurePort'), ' -t ', toLower(parameters('applicationType')), ' -l ', toLower(parameters('blockingLevel')), ' -a ', parameters('customPolicy'), ' -c ', parameters('sslCert'), ' -r ', parameters('sslPswd'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBpcF9yZWdleD0nXlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM30kJwogICAgZGZsX21nbXRfcG9ydD1gdG1zaCBsaXN0IHN5cyBodHRwZCBzc2wtcG9ydCB8IGdyZXAgc3NsLXBvcnQgfCBzZWQgJ3Mvc3NsLXBvcnQgLy87cy8gLy9nJ2AKICAgIG1vZGU9YHNlZCAicy8tL18vZyIgPDw8IiRtb2RlImAKICAgIHBheWxvYWQ9J3siY2xhc3MiOiJBREMiLCJzY2hlbWFWZXJzaW9uIjoiMy4wLjAiLCJsYWJlbCI6ImF1dG9zY2FsZV93YWYiLCJpZCI6IkFVVE9TQ0FMRV9XQUYiLCJyZW1hcmsiOiJBdXRvc2NhbGUgV0FGIiwid2FmIjp7ImNsYXNzIjoiVGVuYW50IiwiU2hhcmVkIjp7ImNsYXNzIjoiQXBwbGljYXRpb24iLCJ0ZW1wbGF0ZSI6InNoYXJlZCIsInNlcnZpY2VBZGRyZXNzIjp7ImNsYXNzIjoiU2VydmljZV9BZGRyZXNzIiwidmlydHVhbEFkZHJlc3MiOiIwLjAuMC4wIn0sInBvbGljeVdBRiI6eyJjbGFzcyI6IldBRl9Qb2xpY3kiLCJmaWxlIjoiL3RtcC9hczMwLWxpbnV4LW1lZGl1bS54bWwifX0sImh0dHAiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cCIsInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFAiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjgwLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHMiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJjbGllbnRUTFMiOnsiY2xhc3MiOiJUTFNfQ2xpZW50In0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cHMiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo0NDMsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUFMiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjQ0Mywic2VydmVyVExTIjoic2VydmVyVExTIiwiY2xpZW50VExTIjoiY2xpZW50VExTIiwicmVkaXJlY3Q4MCI6dHJ1ZSwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX0sImh0dHBzX29mZmxvYWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJwb29sIjp7ImNsYXNzIjoiUG9vbCIsIm1vbml0b3JzIjpbImh0dHAiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo4MCwiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNlcnZlclRMUyI6InNlcnZlclRMUyIsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19fX0nCgogICAgIyB2ZXJpZnkgdGhhdCB0aGUgY3VzdG9tIHBvbGljeSBpcyBhIFVSTAogICAgaWYgW1sgJGxldmVsID09ICJjdXN0b20iIF1dOyB0aGVuCiAgICAgICAgIGlmIFtbIC1uICRwb2xpY3kgJiYgJHBvbGljeSAhPSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgICAgICAgICAgIGlmIFtbICRwb2xpY3kgPX4gJHVybF9yZWdleCBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBjdXN0b21fcG9saWN5PSRwb2xpY3kKICAgICAgICAgICAgICAgICAgL3Vzci9iaW4vY3VybCAtc2sgJGN1c3RvbV9wb2xpY3kgLS1yZXRyeSAzIC1vIC90bXAvY3VzdG9tX3BvbGljeS54bWwKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL3RtcC9jdXN0b21fcG9saWN5LnhtbCIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICAgZWNobyAiQ3VzdG9tIHBvbGljeSB3YXMgbm90IGEgVVJMLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS1oaWdoLnhtbCIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3Qgc3BlY2lmaWVkLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtJGxldmVsLnhtbCIKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cF9odHRwcyIgfHwgJG1vZGUgPT0gImh0dHBzX29mZmxvYWQiIF1dOyB0aGVuCiAgICAgICAgIGNoYWluPSIvQ29tbW9uL2NhLWJ1bmRsZS5jcnQiCgogICAgICAgICBlY2hvICJTdGFydGluZyBDZXJ0aWZpY2F0ZSBkb3dubG9hZCIKCiAgICAgICAgIGNlcnRpZmljYXRlX2xvY2F0aW9uPSRzc2xfY2VydAoKICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrIC11ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAgLVggUE9TVCAtSCAiQ29udGVudC10eXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3RtL3V0aWwvYmFzaCAtZCAneyAiY29tbWFuZCI6InJ1biIsInV0aWxDbWRBcmdzIjoiLWMgXCJjdXJsIC1rIC1zIC1mIC0tcmV0cnkgNSAtLXJldHJ5LWRlbGF5IDEwIC0tcmV0cnktbWF4LXRpbWUgMTAgLW8gL2NvbmZpZy90bXAucGZ4ICckY2VydGlmaWNhdGVfbG9jYXRpb24nXCIiIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBkb3dubG9hZCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBTU0wgY2VydDsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZXhpdCAxCiAgICAgICAgIGZpCgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vc3lzL2NyeXB0by9wa2NzMTIgLWQgJ3siY29tbWFuZCI6ICJpbnN0YWxsIiwibmFtZSI6ICJ3YWZDZXJ0Iiwib3B0aW9ucyI6IFsgeyAiZnJvbS1sb2NhbC1maWxlIjogIi9jb25maWcvdG1wLnBmeCIgfSwgeyAicGFzc3BocmFzZSI6ICInIiRzc2xfcGFzc3dkIiciIH0gXSB9JyAtbyAvZGV2L251bGwpCgogICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgIF1dOyB0aGVuCiAgICAgICAgICAgICAgZWNobyAiQ2VydGlmaWNhdGUgaW5zdGFsbCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBpbnN0YWxsIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKICAgIGZpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBhc21fcG9saWN5ICRhc21fcG9saWN5ICcgLndhZi5TaGFyZWQucG9saWN5V0FGLmZpbGUgPSAkYXNtX3BvbGljeScpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX2h0dHBfcG9ydCAkcG9vbF9odHRwX3BvcnQgLS1hcmcgcG9vbF9odHRwc19wb3J0ICRwb29sX2h0dHBzX3BvcnQgLS1hcmcgdnNfaHR0cF9wb3J0ICR2c19odHRwX3BvcnQgLS1hcmcgdnNfaHR0cHNfcG9ydCAkdnNfaHR0cHNfcG9ydCAnIC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwcy5zZXJ2aWNlTWFpbi52aXJ0dWFsUG9ydCA9ICgkdnNfaHR0cHNfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpJykKCiAgICBpZiBbWyAkcG9vbF9tZW1iZXIgPX4gJGlwX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8ICBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXInKQogICAgZWxzZQogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpJykKCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgLS1hcmcgcG9vbF9tZW1iZXIgJHBvb2xfbWVtYmVyICcud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyJykKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHAiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHMpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCknKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cCkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsaWYgW1sgJG1vZGUgPT0gImh0dHBfaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCkgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnJlZGlyZWN0ODAgPSBmYWxzZSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsc2UKICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIucHJpdmF0ZUtleS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQua2V5IicpCiAgICBmaQoKICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCAiJHBheWxvYWQiIC1vIC9kZXYvbnVsbCkKCiAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiAgXV07IHRoZW4KICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgIGVsc2UKICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICBleGl0IDEKICAgICBmaQogZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -793,7 +657,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-new-stack-experimental-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-new-stack-experimental-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -931,7 +795,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json b/experimental/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json index e876fc5d59..110246b8d0 100644 --- a/experimental/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/autoscale/waf/via-dns/1nic/new-stack/payg/README.md b/experimental/autoscale/waf/via-dns/1nic/new-stack/payg/README.md index 04fc131af5..ad2b30da53 100644 --- a/experimental/autoscale/waf/via-dns/1nic/new-stack/payg/README.md +++ b/experimental/autoscale/waf/via-dns/1nic/new-stack/payg/README.md @@ -62,6 +62,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -111,7 +112,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -131,7 +132,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -303,7 +304,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/experimental/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.json b/experimental/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.json index a704324f65..bcd088a4ed 100644 --- a/experimental/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.json +++ b/experimental/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,81 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -191,7 +116,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -532,63 +457,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -607,7 +475,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -638,11 +506,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -m ', parameters('applicationProtocols'), ' -n ', parameters('applicationAddress'), ' -j ', parameters('applicationPort'), ' -k ', parameters('applicationSecurePort'), ' -h ', parameters('applicationPort'), ' -s ', parameters('applicationSecurePort'), ' -t ', toLower(parameters('applicationType')), ' -l ', toLower(parameters('blockingLevel')), ' -a ', parameters('customPolicy'), ' -c ', parameters('sslCert'), ' -r ', parameters('sslPswd'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBpcF9yZWdleD0nXlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM30kJwogICAgZGZsX21nbXRfcG9ydD1gdG1zaCBsaXN0IHN5cyBodHRwZCBzc2wtcG9ydCB8IGdyZXAgc3NsLXBvcnQgfCBzZWQgJ3Mvc3NsLXBvcnQgLy87cy8gLy9nJ2AKICAgIG1vZGU9YHNlZCAicy8tL18vZyIgPDw8IiRtb2RlImAKICAgIHBheWxvYWQ9J3siY2xhc3MiOiJBREMiLCJzY2hlbWFWZXJzaW9uIjoiMy4wLjAiLCJsYWJlbCI6ImF1dG9zY2FsZV93YWYiLCJpZCI6IkFVVE9TQ0FMRV9XQUYiLCJyZW1hcmsiOiJBdXRvc2NhbGUgV0FGIiwid2FmIjp7ImNsYXNzIjoiVGVuYW50IiwiU2hhcmVkIjp7ImNsYXNzIjoiQXBwbGljYXRpb24iLCJ0ZW1wbGF0ZSI6InNoYXJlZCIsInNlcnZpY2VBZGRyZXNzIjp7ImNsYXNzIjoiU2VydmljZV9BZGRyZXNzIiwidmlydHVhbEFkZHJlc3MiOiIwLjAuMC4wIn0sInBvbGljeVdBRiI6eyJjbGFzcyI6IldBRl9Qb2xpY3kiLCJmaWxlIjoiL3RtcC9hczMwLWxpbnV4LW1lZGl1bS54bWwifX0sImh0dHAiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cCIsInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFAiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjgwLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHMiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJjbGllbnRUTFMiOnsiY2xhc3MiOiJUTFNfQ2xpZW50In0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cHMiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo0NDMsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUFMiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjQ0Mywic2VydmVyVExTIjoic2VydmVyVExTIiwiY2xpZW50VExTIjoiY2xpZW50VExTIiwicmVkaXJlY3Q4MCI6dHJ1ZSwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX0sImh0dHBzX29mZmxvYWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJwb29sIjp7ImNsYXNzIjoiUG9vbCIsIm1vbml0b3JzIjpbImh0dHAiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo4MCwiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNlcnZlclRMUyI6InNlcnZlclRMUyIsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19fX0nCgogICAgIyB2ZXJpZnkgdGhhdCB0aGUgY3VzdG9tIHBvbGljeSBpcyBhIFVSTAogICAgaWYgW1sgJGxldmVsID09ICJjdXN0b20iIF1dOyB0aGVuCiAgICAgICAgIGlmIFtbIC1uICRwb2xpY3kgJiYgJHBvbGljeSAhPSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgICAgICAgICAgIGlmIFtbICRwb2xpY3kgPX4gJHVybF9yZWdleCBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBjdXN0b21fcG9saWN5PSRwb2xpY3kKICAgICAgICAgICAgICAgICAgL3Vzci9iaW4vY3VybCAtc2sgJGN1c3RvbV9wb2xpY3kgLS1yZXRyeSAzIC1vIC90bXAvY3VzdG9tX3BvbGljeS54bWwKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL3RtcC9jdXN0b21fcG9saWN5LnhtbCIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICAgZWNobyAiQ3VzdG9tIHBvbGljeSB3YXMgbm90IGEgVVJMLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS1oaWdoLnhtbCIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3Qgc3BlY2lmaWVkLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtJGxldmVsLnhtbCIKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cF9odHRwcyIgfHwgJG1vZGUgPT0gImh0dHBzX29mZmxvYWQiIF1dOyB0aGVuCiAgICAgICAgIGNoYWluPSIvQ29tbW9uL2NhLWJ1bmRsZS5jcnQiCgogICAgICAgICBlY2hvICJTdGFydGluZyBDZXJ0aWZpY2F0ZSBkb3dubG9hZCIKCiAgICAgICAgIGNlcnRpZmljYXRlX2xvY2F0aW9uPSRzc2xfY2VydAoKICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrIC11ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAgLVggUE9TVCAtSCAiQ29udGVudC10eXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3RtL3V0aWwvYmFzaCAtZCAneyAiY29tbWFuZCI6InJ1biIsInV0aWxDbWRBcmdzIjoiLWMgXCJjdXJsIC1rIC1zIC1mIC0tcmV0cnkgNSAtLXJldHJ5LWRlbGF5IDEwIC0tcmV0cnktbWF4LXRpbWUgMTAgLW8gL2NvbmZpZy90bXAucGZ4ICckY2VydGlmaWNhdGVfbG9jYXRpb24nXCIiIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBkb3dubG9hZCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBTU0wgY2VydDsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZXhpdCAxCiAgICAgICAgIGZpCgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vc3lzL2NyeXB0by9wa2NzMTIgLWQgJ3siY29tbWFuZCI6ICJpbnN0YWxsIiwibmFtZSI6ICJ3YWZDZXJ0Iiwib3B0aW9ucyI6IFsgeyAiZnJvbS1sb2NhbC1maWxlIjogIi9jb25maWcvdG1wLnBmeCIgfSwgeyAicGFzc3BocmFzZSI6ICInIiRzc2xfcGFzc3dkIiciIH0gXSB9JyAtbyAvZGV2L251bGwpCgogICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgIF1dOyB0aGVuCiAgICAgICAgICAgICAgZWNobyAiQ2VydGlmaWNhdGUgaW5zdGFsbCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBpbnN0YWxsIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKICAgIGZpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBhc21fcG9saWN5ICRhc21fcG9saWN5ICcgLndhZi5TaGFyZWQucG9saWN5V0FGLmZpbGUgPSAkYXNtX3BvbGljeScpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX2h0dHBfcG9ydCAkcG9vbF9odHRwX3BvcnQgLS1hcmcgcG9vbF9odHRwc19wb3J0ICRwb29sX2h0dHBzX3BvcnQgLS1hcmcgdnNfaHR0cF9wb3J0ICR2c19odHRwX3BvcnQgLS1hcmcgdnNfaHR0cHNfcG9ydCAkdnNfaHR0cHNfcG9ydCAnIC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwcy5zZXJ2aWNlTWFpbi52aXJ0dWFsUG9ydCA9ICgkdnNfaHR0cHNfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpJykKCiAgICBpZiBbWyAkcG9vbF9tZW1iZXIgPX4gJGlwX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8ICBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXInKQogICAgZWxzZQogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpJykKCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgLS1hcmcgcG9vbF9tZW1iZXIgJHBvb2xfbWVtYmVyICcud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyJykKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHAiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHMpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCknKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cCkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsaWYgW1sgJG1vZGUgPT0gImh0dHBfaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCkgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnJlZGlyZWN0ODAgPSBmYWxzZSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsc2UKICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIucHJpdmF0ZUtleS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQua2V5IicpCiAgICBmaQoKICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCAiJHBheWxvYWQiIC1vIC9kZXYvbnVsbCkKCiAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiAgXV07IHRoZW4KICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgIGVsc2UKICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICBleGl0IDEKICAgICBmaQogZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -806,7 +670,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-new-stack-experimental-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-new-stack-experimental-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -944,7 +808,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json b/experimental/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json index 8515c0855e..7f1a961ed0 100644 --- a/experimental/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json +++ b/experimental/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/README.md b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/README.md index 5cf7ca7e5d..d0ffc8b190 100644 --- a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/README.md +++ b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/README.md @@ -65,6 +65,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - All autoscale via-lb and failover via-lb templates now deploy Standard SKU Azure Load Balancers. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -114,7 +115,7 @@ Use the appropriate button below to deploy: - **BIGIQ-PAYG**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s), as well as use PAYG instances. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq-payg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq-payg%2Fazuredeploy.json) ### Template parameters @@ -144,7 +145,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -311,7 +312,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json index be21ca27de..d580de803a 100644 --- a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json +++ b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,81 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -263,7 +188,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -570,63 +495,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -645,7 +513,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -676,11 +544,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -m ', parameters('applicationProtocols'), ' -n ', parameters('applicationAddress'), ' -j ', parameters('applicationPort'), ' -k ', parameters('applicationSecurePort'), ' -h ', parameters('applicationPort'), ' -s ', parameters('applicationSecurePort'), ' -t ', toLower(parameters('applicationType')), ' -l ', toLower(parameters('blockingLevel')), ' -a ', parameters('customPolicy'), ' -c ', parameters('sslCert'), ' -r ', parameters('sslPswd'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBpcF9yZWdleD0nXlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM30kJwogICAgZGZsX21nbXRfcG9ydD1gdG1zaCBsaXN0IHN5cyBodHRwZCBzc2wtcG9ydCB8IGdyZXAgc3NsLXBvcnQgfCBzZWQgJ3Mvc3NsLXBvcnQgLy87cy8gLy9nJ2AKICAgIG1vZGU9YHNlZCAicy8tL18vZyIgPDw8IiRtb2RlImAKICAgIHBheWxvYWQ9J3siY2xhc3MiOiJBREMiLCJzY2hlbWFWZXJzaW9uIjoiMy4wLjAiLCJsYWJlbCI6ImF1dG9zY2FsZV93YWYiLCJpZCI6IkFVVE9TQ0FMRV9XQUYiLCJyZW1hcmsiOiJBdXRvc2NhbGUgV0FGIiwid2FmIjp7ImNsYXNzIjoiVGVuYW50IiwiU2hhcmVkIjp7ImNsYXNzIjoiQXBwbGljYXRpb24iLCJ0ZW1wbGF0ZSI6InNoYXJlZCIsInNlcnZpY2VBZGRyZXNzIjp7ImNsYXNzIjoiU2VydmljZV9BZGRyZXNzIiwidmlydHVhbEFkZHJlc3MiOiIwLjAuMC4wIn0sInBvbGljeVdBRiI6eyJjbGFzcyI6IldBRl9Qb2xpY3kiLCJmaWxlIjoiL3RtcC9hczMwLWxpbnV4LW1lZGl1bS54bWwifX0sImh0dHAiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cCIsInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFAiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjgwLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHMiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJjbGllbnRUTFMiOnsiY2xhc3MiOiJUTFNfQ2xpZW50In0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cHMiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo0NDMsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUFMiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjQ0Mywic2VydmVyVExTIjoic2VydmVyVExTIiwiY2xpZW50VExTIjoiY2xpZW50VExTIiwicmVkaXJlY3Q4MCI6dHJ1ZSwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX0sImh0dHBzX29mZmxvYWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJwb29sIjp7ImNsYXNzIjoiUG9vbCIsIm1vbml0b3JzIjpbImh0dHAiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo4MCwiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNlcnZlclRMUyI6InNlcnZlclRMUyIsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19fX0nCgogICAgIyB2ZXJpZnkgdGhhdCB0aGUgY3VzdG9tIHBvbGljeSBpcyBhIFVSTAogICAgaWYgW1sgJGxldmVsID09ICJjdXN0b20iIF1dOyB0aGVuCiAgICAgICAgIGlmIFtbIC1uICRwb2xpY3kgJiYgJHBvbGljeSAhPSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgICAgICAgICAgIGlmIFtbICRwb2xpY3kgPX4gJHVybF9yZWdleCBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBjdXN0b21fcG9saWN5PSRwb2xpY3kKICAgICAgICAgICAgICAgICAgL3Vzci9iaW4vY3VybCAtc2sgJGN1c3RvbV9wb2xpY3kgLS1yZXRyeSAzIC1vIC90bXAvY3VzdG9tX3BvbGljeS54bWwKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL3RtcC9jdXN0b21fcG9saWN5LnhtbCIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICAgZWNobyAiQ3VzdG9tIHBvbGljeSB3YXMgbm90IGEgVVJMLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS1oaWdoLnhtbCIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3Qgc3BlY2lmaWVkLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtJGxldmVsLnhtbCIKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cF9odHRwcyIgfHwgJG1vZGUgPT0gImh0dHBzX29mZmxvYWQiIF1dOyB0aGVuCiAgICAgICAgIGNoYWluPSIvQ29tbW9uL2NhLWJ1bmRsZS5jcnQiCgogICAgICAgICBlY2hvICJTdGFydGluZyBDZXJ0aWZpY2F0ZSBkb3dubG9hZCIKCiAgICAgICAgIGNlcnRpZmljYXRlX2xvY2F0aW9uPSRzc2xfY2VydAoKICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrIC11ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAgLVggUE9TVCAtSCAiQ29udGVudC10eXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3RtL3V0aWwvYmFzaCAtZCAneyAiY29tbWFuZCI6InJ1biIsInV0aWxDbWRBcmdzIjoiLWMgXCJjdXJsIC1rIC1zIC1mIC0tcmV0cnkgNSAtLXJldHJ5LWRlbGF5IDEwIC0tcmV0cnktbWF4LXRpbWUgMTAgLW8gL2NvbmZpZy90bXAucGZ4ICckY2VydGlmaWNhdGVfbG9jYXRpb24nXCIiIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBkb3dubG9hZCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBTU0wgY2VydDsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZXhpdCAxCiAgICAgICAgIGZpCgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vc3lzL2NyeXB0by9wa2NzMTIgLWQgJ3siY29tbWFuZCI6ICJpbnN0YWxsIiwibmFtZSI6ICJ3YWZDZXJ0Iiwib3B0aW9ucyI6IFsgeyAiZnJvbS1sb2NhbC1maWxlIjogIi9jb25maWcvdG1wLnBmeCIgfSwgeyAicGFzc3BocmFzZSI6ICInIiRzc2xfcGFzc3dkIiciIH0gXSB9JyAtbyAvZGV2L251bGwpCgogICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgIF1dOyB0aGVuCiAgICAgICAgICAgICAgZWNobyAiQ2VydGlmaWNhdGUgaW5zdGFsbCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBpbnN0YWxsIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKICAgIGZpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBhc21fcG9saWN5ICRhc21fcG9saWN5ICcgLndhZi5TaGFyZWQucG9saWN5V0FGLmZpbGUgPSAkYXNtX3BvbGljeScpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX2h0dHBfcG9ydCAkcG9vbF9odHRwX3BvcnQgLS1hcmcgcG9vbF9odHRwc19wb3J0ICRwb29sX2h0dHBzX3BvcnQgLS1hcmcgdnNfaHR0cF9wb3J0ICR2c19odHRwX3BvcnQgLS1hcmcgdnNfaHR0cHNfcG9ydCAkdnNfaHR0cHNfcG9ydCAnIC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwcy5zZXJ2aWNlTWFpbi52aXJ0dWFsUG9ydCA9ICgkdnNfaHR0cHNfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpJykKCiAgICBpZiBbWyAkcG9vbF9tZW1iZXIgPX4gJGlwX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8ICBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXInKQogICAgZWxzZQogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpJykKCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgLS1hcmcgcG9vbF9tZW1iZXIgJHBvb2xfbWVtYmVyICcud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyJykKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHAiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHMpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCknKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cCkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsaWYgW1sgJG1vZGUgPT0gImh0dHBfaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCkgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnJlZGlyZWN0ODAgPSBmYWxzZSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsc2UKICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIucHJpdmF0ZUtleS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQua2V5IicpCiAgICBmaQoKICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCAiJHBheWxvYWQiIC1vIC9kZXYvbnVsbCkKCiAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiAgXV07IHRoZW4KICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgIGVsc2UKICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICBleGl0IDEKICAgICBmaQogZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -934,7 +798,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-existing-stack-experimental-bigiq-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-existing-stack-experimental-bigiq-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1232,7 +1096,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json index 9e19071005..427688dccc 100644 --- a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json +++ b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/README.md b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/README.md index 829085121d..e007326bb5 100644 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/README.md +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/README.md @@ -65,6 +65,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - All autoscale via-lb and failover via-lb templates now deploy Standard SKU Azure Load Balancers. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -114,7 +115,7 @@ Use the appropriate button below to deploy: - **BIGIQ-PAYG**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s), as well as use PAYG instances. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq-payg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq-payg%2Fazuredeploy.json) ### Template parameters @@ -142,7 +143,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -306,7 +307,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json index 0e6364fd67..fb3704ca34 100644 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,81 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -252,7 +177,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -538,63 +463,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -613,7 +481,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -644,11 +512,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -m ', parameters('applicationProtocols'), ' -n ', parameters('applicationAddress'), ' -j ', parameters('applicationPort'), ' -k ', parameters('applicationSecurePort'), ' -h ', parameters('applicationPort'), ' -s ', parameters('applicationSecurePort'), ' -t ', toLower(parameters('applicationType')), ' -l ', toLower(parameters('blockingLevel')), ' -a ', parameters('customPolicy'), ' -c ', parameters('sslCert'), ' -r ', parameters('sslPswd'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBpcF9yZWdleD0nXlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM30kJwogICAgZGZsX21nbXRfcG9ydD1gdG1zaCBsaXN0IHN5cyBodHRwZCBzc2wtcG9ydCB8IGdyZXAgc3NsLXBvcnQgfCBzZWQgJ3Mvc3NsLXBvcnQgLy87cy8gLy9nJ2AKICAgIG1vZGU9YHNlZCAicy8tL18vZyIgPDw8IiRtb2RlImAKICAgIHBheWxvYWQ9J3siY2xhc3MiOiJBREMiLCJzY2hlbWFWZXJzaW9uIjoiMy4wLjAiLCJsYWJlbCI6ImF1dG9zY2FsZV93YWYiLCJpZCI6IkFVVE9TQ0FMRV9XQUYiLCJyZW1hcmsiOiJBdXRvc2NhbGUgV0FGIiwid2FmIjp7ImNsYXNzIjoiVGVuYW50IiwiU2hhcmVkIjp7ImNsYXNzIjoiQXBwbGljYXRpb24iLCJ0ZW1wbGF0ZSI6InNoYXJlZCIsInNlcnZpY2VBZGRyZXNzIjp7ImNsYXNzIjoiU2VydmljZV9BZGRyZXNzIiwidmlydHVhbEFkZHJlc3MiOiIwLjAuMC4wIn0sInBvbGljeVdBRiI6eyJjbGFzcyI6IldBRl9Qb2xpY3kiLCJmaWxlIjoiL3RtcC9hczMwLWxpbnV4LW1lZGl1bS54bWwifX0sImh0dHAiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cCIsInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFAiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjgwLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHMiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJjbGllbnRUTFMiOnsiY2xhc3MiOiJUTFNfQ2xpZW50In0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cHMiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo0NDMsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUFMiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjQ0Mywic2VydmVyVExTIjoic2VydmVyVExTIiwiY2xpZW50VExTIjoiY2xpZW50VExTIiwicmVkaXJlY3Q4MCI6dHJ1ZSwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX0sImh0dHBzX29mZmxvYWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJwb29sIjp7ImNsYXNzIjoiUG9vbCIsIm1vbml0b3JzIjpbImh0dHAiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo4MCwiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNlcnZlclRMUyI6InNlcnZlclRMUyIsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19fX0nCgogICAgIyB2ZXJpZnkgdGhhdCB0aGUgY3VzdG9tIHBvbGljeSBpcyBhIFVSTAogICAgaWYgW1sgJGxldmVsID09ICJjdXN0b20iIF1dOyB0aGVuCiAgICAgICAgIGlmIFtbIC1uICRwb2xpY3kgJiYgJHBvbGljeSAhPSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgICAgICAgICAgIGlmIFtbICRwb2xpY3kgPX4gJHVybF9yZWdleCBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBjdXN0b21fcG9saWN5PSRwb2xpY3kKICAgICAgICAgICAgICAgICAgL3Vzci9iaW4vY3VybCAtc2sgJGN1c3RvbV9wb2xpY3kgLS1yZXRyeSAzIC1vIC90bXAvY3VzdG9tX3BvbGljeS54bWwKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL3RtcC9jdXN0b21fcG9saWN5LnhtbCIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICAgZWNobyAiQ3VzdG9tIHBvbGljeSB3YXMgbm90IGEgVVJMLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS1oaWdoLnhtbCIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3Qgc3BlY2lmaWVkLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtJGxldmVsLnhtbCIKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cF9odHRwcyIgfHwgJG1vZGUgPT0gImh0dHBzX29mZmxvYWQiIF1dOyB0aGVuCiAgICAgICAgIGNoYWluPSIvQ29tbW9uL2NhLWJ1bmRsZS5jcnQiCgogICAgICAgICBlY2hvICJTdGFydGluZyBDZXJ0aWZpY2F0ZSBkb3dubG9hZCIKCiAgICAgICAgIGNlcnRpZmljYXRlX2xvY2F0aW9uPSRzc2xfY2VydAoKICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrIC11ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAgLVggUE9TVCAtSCAiQ29udGVudC10eXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3RtL3V0aWwvYmFzaCAtZCAneyAiY29tbWFuZCI6InJ1biIsInV0aWxDbWRBcmdzIjoiLWMgXCJjdXJsIC1rIC1zIC1mIC0tcmV0cnkgNSAtLXJldHJ5LWRlbGF5IDEwIC0tcmV0cnktbWF4LXRpbWUgMTAgLW8gL2NvbmZpZy90bXAucGZ4ICckY2VydGlmaWNhdGVfbG9jYXRpb24nXCIiIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBkb3dubG9hZCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBTU0wgY2VydDsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZXhpdCAxCiAgICAgICAgIGZpCgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vc3lzL2NyeXB0by9wa2NzMTIgLWQgJ3siY29tbWFuZCI6ICJpbnN0YWxsIiwibmFtZSI6ICJ3YWZDZXJ0Iiwib3B0aW9ucyI6IFsgeyAiZnJvbS1sb2NhbC1maWxlIjogIi9jb25maWcvdG1wLnBmeCIgfSwgeyAicGFzc3BocmFzZSI6ICInIiRzc2xfcGFzc3dkIiciIH0gXSB9JyAtbyAvZGV2L251bGwpCgogICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgIF1dOyB0aGVuCiAgICAgICAgICAgICAgZWNobyAiQ2VydGlmaWNhdGUgaW5zdGFsbCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBpbnN0YWxsIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKICAgIGZpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBhc21fcG9saWN5ICRhc21fcG9saWN5ICcgLndhZi5TaGFyZWQucG9saWN5V0FGLmZpbGUgPSAkYXNtX3BvbGljeScpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX2h0dHBfcG9ydCAkcG9vbF9odHRwX3BvcnQgLS1hcmcgcG9vbF9odHRwc19wb3J0ICRwb29sX2h0dHBzX3BvcnQgLS1hcmcgdnNfaHR0cF9wb3J0ICR2c19odHRwX3BvcnQgLS1hcmcgdnNfaHR0cHNfcG9ydCAkdnNfaHR0cHNfcG9ydCAnIC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwcy5zZXJ2aWNlTWFpbi52aXJ0dWFsUG9ydCA9ICgkdnNfaHR0cHNfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpJykKCiAgICBpZiBbWyAkcG9vbF9tZW1iZXIgPX4gJGlwX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8ICBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXInKQogICAgZWxzZQogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpJykKCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgLS1hcmcgcG9vbF9tZW1iZXIgJHBvb2xfbWVtYmVyICcud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyJykKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHAiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHMpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCknKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cCkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsaWYgW1sgJG1vZGUgPT0gImh0dHBfaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCkgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnJlZGlyZWN0ODAgPSBmYWxzZSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsc2UKICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIucHJpdmF0ZUtleS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQua2V5IicpCiAgICBmaQoKICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCAiJHBheWxvYWQiIC1vIC9kZXYvbnVsbCkKCiAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiAgXV07IHRoZW4KICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgIGVsc2UKICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICBleGl0IDEKICAgICBmaQogZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -891,7 +755,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-new-stack-experimental-bigiq-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-new-stack-experimental-bigiq-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1184,7 +1048,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json index 7e3ab98559..da1a55b369 100644 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq/README.md b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq/README.md index 0cc736ba35..ed600f8712 100644 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq/README.md +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq/README.md @@ -64,6 +64,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - All autoscale via-lb and failover via-lb templates now deploy Standard SKU Azure Load Balancers. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -113,7 +114,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -139,7 +140,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -303,7 +304,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.json b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.json index 37438df239..6c4b92546a 100644 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.json +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,81 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -221,7 +146,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -505,63 +430,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -580,7 +448,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -611,11 +479,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -m ', parameters('applicationProtocols'), ' -n ', parameters('applicationAddress'), ' -j ', parameters('applicationPort'), ' -k ', parameters('applicationSecurePort'), ' -h ', parameters('applicationPort'), ' -s ', parameters('applicationSecurePort'), ' -t ', toLower(parameters('applicationType')), ' -l ', toLower(parameters('blockingLevel')), ' -a ', parameters('customPolicy'), ' -c ', parameters('sslCert'), ' -r ', parameters('sslPswd'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBpcF9yZWdleD0nXlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM30kJwogICAgZGZsX21nbXRfcG9ydD1gdG1zaCBsaXN0IHN5cyBodHRwZCBzc2wtcG9ydCB8IGdyZXAgc3NsLXBvcnQgfCBzZWQgJ3Mvc3NsLXBvcnQgLy87cy8gLy9nJ2AKICAgIG1vZGU9YHNlZCAicy8tL18vZyIgPDw8IiRtb2RlImAKICAgIHBheWxvYWQ9J3siY2xhc3MiOiJBREMiLCJzY2hlbWFWZXJzaW9uIjoiMy4wLjAiLCJsYWJlbCI6ImF1dG9zY2FsZV93YWYiLCJpZCI6IkFVVE9TQ0FMRV9XQUYiLCJyZW1hcmsiOiJBdXRvc2NhbGUgV0FGIiwid2FmIjp7ImNsYXNzIjoiVGVuYW50IiwiU2hhcmVkIjp7ImNsYXNzIjoiQXBwbGljYXRpb24iLCJ0ZW1wbGF0ZSI6InNoYXJlZCIsInNlcnZpY2VBZGRyZXNzIjp7ImNsYXNzIjoiU2VydmljZV9BZGRyZXNzIiwidmlydHVhbEFkZHJlc3MiOiIwLjAuMC4wIn0sInBvbGljeVdBRiI6eyJjbGFzcyI6IldBRl9Qb2xpY3kiLCJmaWxlIjoiL3RtcC9hczMwLWxpbnV4LW1lZGl1bS54bWwifX0sImh0dHAiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cCIsInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFAiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjgwLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHMiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJjbGllbnRUTFMiOnsiY2xhc3MiOiJUTFNfQ2xpZW50In0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cHMiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo0NDMsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUFMiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjQ0Mywic2VydmVyVExTIjoic2VydmVyVExTIiwiY2xpZW50VExTIjoiY2xpZW50VExTIiwicmVkaXJlY3Q4MCI6dHJ1ZSwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX0sImh0dHBzX29mZmxvYWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJwb29sIjp7ImNsYXNzIjoiUG9vbCIsIm1vbml0b3JzIjpbImh0dHAiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo4MCwiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNlcnZlclRMUyI6InNlcnZlclRMUyIsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19fX0nCgogICAgIyB2ZXJpZnkgdGhhdCB0aGUgY3VzdG9tIHBvbGljeSBpcyBhIFVSTAogICAgaWYgW1sgJGxldmVsID09ICJjdXN0b20iIF1dOyB0aGVuCiAgICAgICAgIGlmIFtbIC1uICRwb2xpY3kgJiYgJHBvbGljeSAhPSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgICAgICAgICAgIGlmIFtbICRwb2xpY3kgPX4gJHVybF9yZWdleCBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBjdXN0b21fcG9saWN5PSRwb2xpY3kKICAgICAgICAgICAgICAgICAgL3Vzci9iaW4vY3VybCAtc2sgJGN1c3RvbV9wb2xpY3kgLS1yZXRyeSAzIC1vIC90bXAvY3VzdG9tX3BvbGljeS54bWwKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL3RtcC9jdXN0b21fcG9saWN5LnhtbCIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICAgZWNobyAiQ3VzdG9tIHBvbGljeSB3YXMgbm90IGEgVVJMLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS1oaWdoLnhtbCIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3Qgc3BlY2lmaWVkLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtJGxldmVsLnhtbCIKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cF9odHRwcyIgfHwgJG1vZGUgPT0gImh0dHBzX29mZmxvYWQiIF1dOyB0aGVuCiAgICAgICAgIGNoYWluPSIvQ29tbW9uL2NhLWJ1bmRsZS5jcnQiCgogICAgICAgICBlY2hvICJTdGFydGluZyBDZXJ0aWZpY2F0ZSBkb3dubG9hZCIKCiAgICAgICAgIGNlcnRpZmljYXRlX2xvY2F0aW9uPSRzc2xfY2VydAoKICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrIC11ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAgLVggUE9TVCAtSCAiQ29udGVudC10eXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3RtL3V0aWwvYmFzaCAtZCAneyAiY29tbWFuZCI6InJ1biIsInV0aWxDbWRBcmdzIjoiLWMgXCJjdXJsIC1rIC1zIC1mIC0tcmV0cnkgNSAtLXJldHJ5LWRlbGF5IDEwIC0tcmV0cnktbWF4LXRpbWUgMTAgLW8gL2NvbmZpZy90bXAucGZ4ICckY2VydGlmaWNhdGVfbG9jYXRpb24nXCIiIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBkb3dubG9hZCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBTU0wgY2VydDsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZXhpdCAxCiAgICAgICAgIGZpCgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vc3lzL2NyeXB0by9wa2NzMTIgLWQgJ3siY29tbWFuZCI6ICJpbnN0YWxsIiwibmFtZSI6ICJ3YWZDZXJ0Iiwib3B0aW9ucyI6IFsgeyAiZnJvbS1sb2NhbC1maWxlIjogIi9jb25maWcvdG1wLnBmeCIgfSwgeyAicGFzc3BocmFzZSI6ICInIiRzc2xfcGFzc3dkIiciIH0gXSB9JyAtbyAvZGV2L251bGwpCgogICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgIF1dOyB0aGVuCiAgICAgICAgICAgICAgZWNobyAiQ2VydGlmaWNhdGUgaW5zdGFsbCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBpbnN0YWxsIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKICAgIGZpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBhc21fcG9saWN5ICRhc21fcG9saWN5ICcgLndhZi5TaGFyZWQucG9saWN5V0FGLmZpbGUgPSAkYXNtX3BvbGljeScpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX2h0dHBfcG9ydCAkcG9vbF9odHRwX3BvcnQgLS1hcmcgcG9vbF9odHRwc19wb3J0ICRwb29sX2h0dHBzX3BvcnQgLS1hcmcgdnNfaHR0cF9wb3J0ICR2c19odHRwX3BvcnQgLS1hcmcgdnNfaHR0cHNfcG9ydCAkdnNfaHR0cHNfcG9ydCAnIC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwcy5zZXJ2aWNlTWFpbi52aXJ0dWFsUG9ydCA9ICgkdnNfaHR0cHNfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpJykKCiAgICBpZiBbWyAkcG9vbF9tZW1iZXIgPX4gJGlwX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8ICBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXInKQogICAgZWxzZQogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpJykKCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgLS1hcmcgcG9vbF9tZW1iZXIgJHBvb2xfbWVtYmVyICcud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyJykKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHAiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHMpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCknKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cCkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsaWYgW1sgJG1vZGUgPT0gImh0dHBfaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCkgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnJlZGlyZWN0ODAgPSBmYWxzZSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsc2UKICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIucHJpdmF0ZUtleS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQua2V5IicpCiAgICBmaQoKICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCAiJHBheWxvYWQiIC1vIC9kZXYvbnVsbCkKCiAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiAgXV07IHRoZW4KICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgIGVsc2UKICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICBleGl0IDEKICAgICBmaQogZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -736,7 +600,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-new-stack-experimental-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-new-stack-experimental-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1005,7 +869,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json index 7bebbd18c8..e021fcbb07 100644 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/payg/README.md b/experimental/autoscale/waf/via-lb/1nic/new-stack/payg/README.md index 24f6e99784..6c67981c86 100644 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/payg/README.md +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/payg/README.md @@ -61,6 +61,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - All autoscale via-lb and failover via-lb templates now deploy Standard SKU Azure Load Balancers. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -110,7 +111,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -130,7 +131,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -294,7 +295,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.json b/experimental/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.json index ba584d64f4..5502ee3bf9 100644 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.json +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,81 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -191,7 +116,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -475,63 +400,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -550,7 +418,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -581,11 +449,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -m ', parameters('applicationProtocols'), ' -n ', parameters('applicationAddress'), ' -j ', parameters('applicationPort'), ' -k ', parameters('applicationSecurePort'), ' -h ', parameters('applicationPort'), ' -s ', parameters('applicationSecurePort'), ' -t ', toLower(parameters('applicationType')), ' -l ', toLower(parameters('blockingLevel')), ' -a ', parameters('customPolicy'), ' -c ', parameters('sslCert'), ' -r ', parameters('sslPswd'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBpcF9yZWdleD0nXlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM30kJwogICAgZGZsX21nbXRfcG9ydD1gdG1zaCBsaXN0IHN5cyBodHRwZCBzc2wtcG9ydCB8IGdyZXAgc3NsLXBvcnQgfCBzZWQgJ3Mvc3NsLXBvcnQgLy87cy8gLy9nJ2AKICAgIG1vZGU9YHNlZCAicy8tL18vZyIgPDw8IiRtb2RlImAKICAgIHBheWxvYWQ9J3siY2xhc3MiOiJBREMiLCJzY2hlbWFWZXJzaW9uIjoiMy4wLjAiLCJsYWJlbCI6ImF1dG9zY2FsZV93YWYiLCJpZCI6IkFVVE9TQ0FMRV9XQUYiLCJyZW1hcmsiOiJBdXRvc2NhbGUgV0FGIiwid2FmIjp7ImNsYXNzIjoiVGVuYW50IiwiU2hhcmVkIjp7ImNsYXNzIjoiQXBwbGljYXRpb24iLCJ0ZW1wbGF0ZSI6InNoYXJlZCIsInNlcnZpY2VBZGRyZXNzIjp7ImNsYXNzIjoiU2VydmljZV9BZGRyZXNzIiwidmlydHVhbEFkZHJlc3MiOiIwLjAuMC4wIn0sInBvbGljeVdBRiI6eyJjbGFzcyI6IldBRl9Qb2xpY3kiLCJmaWxlIjoiL3RtcC9hczMwLWxpbnV4LW1lZGl1bS54bWwifX0sImh0dHAiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cCIsInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFAiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjgwLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHMiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJjbGllbnRUTFMiOnsiY2xhc3MiOiJUTFNfQ2xpZW50In0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cHMiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo0NDMsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUFMiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjQ0Mywic2VydmVyVExTIjoic2VydmVyVExTIiwiY2xpZW50VExTIjoiY2xpZW50VExTIiwicmVkaXJlY3Q4MCI6dHJ1ZSwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX0sImh0dHBzX29mZmxvYWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJwb29sIjp7ImNsYXNzIjoiUG9vbCIsIm1vbml0b3JzIjpbImh0dHAiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo4MCwiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNlcnZlclRMUyI6InNlcnZlclRMUyIsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19fX0nCgogICAgIyB2ZXJpZnkgdGhhdCB0aGUgY3VzdG9tIHBvbGljeSBpcyBhIFVSTAogICAgaWYgW1sgJGxldmVsID09ICJjdXN0b20iIF1dOyB0aGVuCiAgICAgICAgIGlmIFtbIC1uICRwb2xpY3kgJiYgJHBvbGljeSAhPSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgICAgICAgICAgIGlmIFtbICRwb2xpY3kgPX4gJHVybF9yZWdleCBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBjdXN0b21fcG9saWN5PSRwb2xpY3kKICAgICAgICAgICAgICAgICAgL3Vzci9iaW4vY3VybCAtc2sgJGN1c3RvbV9wb2xpY3kgLS1yZXRyeSAzIC1vIC90bXAvY3VzdG9tX3BvbGljeS54bWwKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL3RtcC9jdXN0b21fcG9saWN5LnhtbCIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICAgZWNobyAiQ3VzdG9tIHBvbGljeSB3YXMgbm90IGEgVVJMLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS1oaWdoLnhtbCIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3Qgc3BlY2lmaWVkLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtJGxldmVsLnhtbCIKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cF9odHRwcyIgfHwgJG1vZGUgPT0gImh0dHBzX29mZmxvYWQiIF1dOyB0aGVuCiAgICAgICAgIGNoYWluPSIvQ29tbW9uL2NhLWJ1bmRsZS5jcnQiCgogICAgICAgICBlY2hvICJTdGFydGluZyBDZXJ0aWZpY2F0ZSBkb3dubG9hZCIKCiAgICAgICAgIGNlcnRpZmljYXRlX2xvY2F0aW9uPSRzc2xfY2VydAoKICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrIC11ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAgLVggUE9TVCAtSCAiQ29udGVudC10eXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3RtL3V0aWwvYmFzaCAtZCAneyAiY29tbWFuZCI6InJ1biIsInV0aWxDbWRBcmdzIjoiLWMgXCJjdXJsIC1rIC1zIC1mIC0tcmV0cnkgNSAtLXJldHJ5LWRlbGF5IDEwIC0tcmV0cnktbWF4LXRpbWUgMTAgLW8gL2NvbmZpZy90bXAucGZ4ICckY2VydGlmaWNhdGVfbG9jYXRpb24nXCIiIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBkb3dubG9hZCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBTU0wgY2VydDsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZXhpdCAxCiAgICAgICAgIGZpCgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vc3lzL2NyeXB0by9wa2NzMTIgLWQgJ3siY29tbWFuZCI6ICJpbnN0YWxsIiwibmFtZSI6ICJ3YWZDZXJ0Iiwib3B0aW9ucyI6IFsgeyAiZnJvbS1sb2NhbC1maWxlIjogIi9jb25maWcvdG1wLnBmeCIgfSwgeyAicGFzc3BocmFzZSI6ICInIiRzc2xfcGFzc3dkIiciIH0gXSB9JyAtbyAvZGV2L251bGwpCgogICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgIF1dOyB0aGVuCiAgICAgICAgICAgICAgZWNobyAiQ2VydGlmaWNhdGUgaW5zdGFsbCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBpbnN0YWxsIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKICAgIGZpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBhc21fcG9saWN5ICRhc21fcG9saWN5ICcgLndhZi5TaGFyZWQucG9saWN5V0FGLmZpbGUgPSAkYXNtX3BvbGljeScpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX2h0dHBfcG9ydCAkcG9vbF9odHRwX3BvcnQgLS1hcmcgcG9vbF9odHRwc19wb3J0ICRwb29sX2h0dHBzX3BvcnQgLS1hcmcgdnNfaHR0cF9wb3J0ICR2c19odHRwX3BvcnQgLS1hcmcgdnNfaHR0cHNfcG9ydCAkdnNfaHR0cHNfcG9ydCAnIC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwcy5zZXJ2aWNlTWFpbi52aXJ0dWFsUG9ydCA9ICgkdnNfaHR0cHNfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpJykKCiAgICBpZiBbWyAkcG9vbF9tZW1iZXIgPX4gJGlwX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8ICBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXInKQogICAgZWxzZQogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpJykKCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgLS1hcmcgcG9vbF9tZW1iZXIgJHBvb2xfbWVtYmVyICcud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyJykKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHAiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHMpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCknKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cCkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsaWYgW1sgJG1vZGUgPT0gImh0dHBfaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCkgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnJlZGlyZWN0ODAgPSBmYWxzZSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsc2UKICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIucHJpdmF0ZUtleS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQua2V5IicpCiAgICBmaQoKICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCAiJHBheWxvYWQiIC1vIC9kZXYvbnVsbCkKCiAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiAgXV07IHRoZW4KICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgIGVsc2UKICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICBleGl0IDEKICAgICBmaQogZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -749,7 +613,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-new-stack-experimental-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-new-stack-experimental-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1018,7 +882,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json b/experimental/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json index 6912ff4674..f69b154e7a 100644 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/README.md b/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/README.md index f03c94c39d..14f0f2427d 100644 --- a/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/README.md +++ b/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/README.md @@ -96,7 +96,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fbigiq%2FlicenseManagement%2Fcluster%2F2nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fbigiq%2FlicenseManagement%2Fcluster%2F2nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -125,7 +125,7 @@ Use the appropriate button below to deploy: | ntpServer | Yes | Leave the default NTP server the BIG-IQ uses, or replace the default NTP server with the one you want to use. | | timeZone | Yes | If you would like to change the time zone the BIG-IQ uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImage | Yes | If you would like to deploy using a local BIG-IQ image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | diff --git a/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.json b/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.json index a3836d5bcd..dbcbcd9401 100644 --- a/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.json +++ b/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -166,7 +166,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet." }, "type": "string" }, @@ -828,7 +828,7 @@ "properties": { "autoUpgradeMinorVersion": "true", "protectedSettings": { - "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey1'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress2'), ' --associate-intf ', concat(variables('intNicName'), '0'), ' --dissociate-intf ', concat(variables('intNicName'), '1'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','9.8.0.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" + "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey1'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress2'), ' --associate-intf ', concat(variables('intNicName'), '0'), ' --dissociate-intf ', concat(variables('intNicName'), '1'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','9.9.0.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -853,7 +853,7 @@ "properties": { "autoUpgradeMinorVersion": "true", "protectedSettings": { - "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey2'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --create-license-pool ', parameters('licensePoolKeys'), ' --create-reg-key-pool ', parameters('regPoolKeys'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --primary --big-iq-failover-peer-ip ', variables('intSubnetPrivateAddress'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress3'), ' --associate-intf ', concat(variables('intNicName'), '1'), ' --dissociate-intf ', concat(variables('intNicName'), '0'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress1'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress1'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','9.8.0.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" + "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey2'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --create-license-pool ', parameters('licensePoolKeys'), ' --create-reg-key-pool ', parameters('regPoolKeys'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --primary --big-iq-failover-peer-ip ', variables('intSubnetPrivateAddress'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress3'), ' --associate-intf ', concat(variables('intNicName'), '1'), ' --dissociate-intf ', concat(variables('intNicName'), '0'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress1'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress1'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','9.9.0.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { diff --git a/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.parameters.json b/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.parameters.json index 6c322c4304..03a57ba1b9 100644 --- a/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.parameters.json +++ b/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/README.md b/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/README.md index 320bb264e6..1380c5bdff 100644 --- a/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/README.md +++ b/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/README.md @@ -96,7 +96,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fbigiq%2FlicenseManagement%2Fcluster%2F2nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fbigiq%2FlicenseManagement%2Fcluster%2F2nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -118,7 +118,7 @@ Use the appropriate button below to deploy: | ntpServer | Yes | Leave the default NTP server the BIG-IQ uses, or replace the default NTP server with the one you want to use. | | timeZone | Yes | If you would like to change the time zone the BIG-IQ uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImage | Yes | If you would like to deploy using a local BIG-IQ image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | diff --git a/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.json b/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.json index 40c99d0d2f..df833fa01e 100644 --- a/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.json +++ b/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -126,7 +126,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet." }, "type": "string" }, @@ -807,7 +807,7 @@ "properties": { "autoUpgradeMinorVersion": "true", "protectedSettings": { - "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey1'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress2'), ' --associate-intf ', concat(variables('intNicName'), '0'), ' --dissociate-intf ', concat(variables('intNicName'), '1'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','9.8.0.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" + "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey1'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress2'), ' --associate-intf ', concat(variables('intNicName'), '0'), ' --dissociate-intf ', concat(variables('intNicName'), '1'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','9.9.0.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -832,7 +832,7 @@ "properties": { "autoUpgradeMinorVersion": "true", "protectedSettings": { - "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey2'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --create-license-pool ', parameters('licensePoolKeys'), ' --create-reg-key-pool ', parameters('regPoolKeys'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --primary --big-iq-failover-peer-ip ', variables('intSubnetPrivateAddress'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress3'), ' --associate-intf ', concat(variables('intNicName'), '1'), ' --dissociate-intf ', concat(variables('intNicName'), '0'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress1'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress1'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','9.8.0.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" + "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey2'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --create-license-pool ', parameters('licensePoolKeys'), ' --create-reg-key-pool ', parameters('regPoolKeys'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --primary --big-iq-failover-peer-ip ', variables('intSubnetPrivateAddress'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress3'), ' --associate-intf ', concat(variables('intNicName'), '1'), ' --dissociate-intf ', concat(variables('intNicName'), '0'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress1'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress1'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','9.9.0.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { diff --git a/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.parameters.json b/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.parameters.json index 5ef6fbb10f..fa9774e918 100644 --- a/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.parameters.json +++ b/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/README.md b/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/README.md index bcda56d434..00bd2db557 100644 --- a/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/README.md +++ b/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/README.md @@ -90,7 +90,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fbigiq%2FlicenseManagement%2Fstandalone%2F2nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fbigiq%2FlicenseManagement%2Fstandalone%2F2nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -117,7 +117,7 @@ Use the appropriate button below to deploy: | ntpServer | Yes | Leave the default NTP server the BIG-IQ uses, or replace the default NTP server with the one you want to use. | | timeZone | Yes | If you would like to change the time zone the BIG-IQ uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImage | Yes | If you would like to deploy using a local BIG-IQ image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | diff --git a/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.json b/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.json index 4a97d80575..38cbf38d99 100644 --- a/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.json +++ b/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -159,7 +159,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet." }, "type": "string" }, diff --git a/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json b/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json index 679bd126f4..c19ca33330 100644 --- a/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json +++ b/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/README.md b/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/README.md index a8e98e130c..92ba80ef81 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/README.md +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/README.md @@ -78,6 +78,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - Using dynamic assignment for TMM interface is leveraged for initial deployment convenience and a requirement for some environments but not recommended in most production environments. IP configs can be converted to static post deployment - Address translation is done by enabling ip forwarding [Azure documentaion](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface#enable-or-disable-ip-forwarding) +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -127,7 +128,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Flearning-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Flearning-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -156,7 +157,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.json b/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.json index b4344aa1d9..1467d1f204 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.json +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -260,7 +190,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -458,63 +388,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -541,7 +414,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -604,11 +477,7 @@ "extSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.2.5')]", "intSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.3.5')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -744,7 +613,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-learning-stack-experimental-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-learning-stack-experimental-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1266,7 +1135,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.parameters.json b/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.parameters.json index e08f392477..d17ea753d9 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/README.md b/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/README.md index 172e7e1736..6a343a41dd 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/README.md +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/README.md @@ -77,6 +77,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - Using dynamic assignment for TMM interface is leveraged for initial deployment convenience and a requirement for some environments but not recommended in most production environments. IP configs can be converted to static post deployment - Address translation is done by enabling ip forwarding [Azure documentaion](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface#enable-or-disable-ip-forwarding) +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -126,7 +127,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Flearning-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Flearning-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -151,7 +152,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.json b/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.json index d4f349bc7c..bdf5c88179 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.json +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -236,7 +166,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -434,63 +364,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -517,7 +390,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -580,11 +453,7 @@ "extSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.2.5')]", "intSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.3.5')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -720,7 +589,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-learning-stack-experimental-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-learning-stack-experimental-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1242,7 +1111,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.parameters.json b/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.parameters.json index 475e8acf4f..7f0f75662d 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/README.md b/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/README.md index d7b648e175..8756e0cc65 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/README.md +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/README.md @@ -75,6 +75,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - Using dynamic assignment for TMM interface is leveraged for initial deployment convenience and a requirement for some environments but not recommended in most production environments. IP configs can be converted to static post deployment - Address translation is done by enabling ip forwarding [Azure documentaion](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface#enable-or-disable-ip-forwarding) +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -124,7 +125,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Flearning-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Flearning-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -147,7 +148,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.json b/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.json index 0ea857a61a..20edcb079c 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.json +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -238,7 +168,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -436,63 +366,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -519,7 +392,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -582,11 +455,7 @@ "extSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.2.5')]", "intSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.3.5')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -765,7 +634,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-learning-stack-experimental-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-learning-stack-experimental-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1287,7 +1156,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.parameters.json b/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.parameters.json index 2703c29f84..2972cd0b1d 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-api/n-nic/new-stack/bigiq/README.md b/experimental/failover/same-net/via-api/n-nic/new-stack/bigiq/README.md index e7991ddb06..09a3dc3e16 100644 --- a/experimental/failover/same-net/via-api/n-nic/new-stack/bigiq/README.md +++ b/experimental/failover/same-net/via-api/n-nic/new-stack/bigiq/README.md @@ -78,6 +78,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - Using dynamic assignment for TMM interface is leveraged for initial deployment convenience and a requirement for some environments but not recommended in most production environments. IP configs can be converted to static post deployment - Address translation is done by enabling ip forwarding [Azure documentaion](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface#enable-or-disable-ip-forwarding) +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -127,7 +128,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -156,7 +157,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.json b/experimental/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.json index 07a2ce9233..5bcfd73518 100644 --- a/experimental/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.json +++ b/experimental/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -260,7 +190,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -458,63 +388,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -542,7 +415,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -605,11 +478,7 @@ "extSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.2.5')]", "intSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.3.5')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -741,7 +610,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-new-stack-experimental-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-new-stack-experimental-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1222,7 +1091,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.parameters.json b/experimental/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.parameters.json index e08f392477..d17ea753d9 100644 --- a/experimental/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-api/n-nic/new-stack/byol/README.md b/experimental/failover/same-net/via-api/n-nic/new-stack/byol/README.md index 47156d73c6..1e7f373d57 100644 --- a/experimental/failover/same-net/via-api/n-nic/new-stack/byol/README.md +++ b/experimental/failover/same-net/via-api/n-nic/new-stack/byol/README.md @@ -77,6 +77,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - Using dynamic assignment for TMM interface is leveraged for initial deployment convenience and a requirement for some environments but not recommended in most production environments. IP configs can be converted to static post deployment - Address translation is done by enabling ip forwarding [Azure documentaion](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface#enable-or-disable-ip-forwarding) +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -126,7 +127,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -151,7 +152,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.json b/experimental/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.json index 8e64e835f2..8dd43e7217 100644 --- a/experimental/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.json +++ b/experimental/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -236,7 +166,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -434,63 +364,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -518,7 +391,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -581,11 +454,7 @@ "extSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.2.5')]", "intSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.3.5')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -717,7 +586,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-new-stack-experimental-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-new-stack-experimental-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1198,7 +1067,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.parameters.json b/experimental/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.parameters.json index 475e8acf4f..7f0f75662d 100644 --- a/experimental/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-api/n-nic/new-stack/payg/README.md b/experimental/failover/same-net/via-api/n-nic/new-stack/payg/README.md index d0bc3fcb42..0e52a54c11 100644 --- a/experimental/failover/same-net/via-api/n-nic/new-stack/payg/README.md +++ b/experimental/failover/same-net/via-api/n-nic/new-stack/payg/README.md @@ -75,6 +75,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - Using dynamic assignment for TMM interface is leveraged for initial deployment convenience and a requirement for some environments but not recommended in most production environments. IP configs can be converted to static post deployment - Address translation is done by enabling ip forwarding [Azure documentaion](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface#enable-or-disable-ip-forwarding) +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -124,7 +125,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -147,7 +148,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.json b/experimental/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.json index 0c29ba9bef..679dd9a643 100644 --- a/experimental/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.json +++ b/experimental/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -238,7 +168,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -436,63 +366,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -520,7 +393,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -583,11 +456,7 @@ "extSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.2.5')]", "intSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.3.5')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -762,7 +631,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-new-stack-experimental-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-new-stack-experimental-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1243,7 +1112,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.parameters.json b/experimental/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.parameters.json index 2703c29f84..2972cd0b1d 100644 --- a/experimental/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-lb/1nic/new-stack/bigiq/README.md b/experimental/failover/same-net/via-lb/1nic/new-stack/bigiq/README.md index 710fa3c282..b9584d8e27 100644 --- a/experimental/failover/same-net/via-lb/1nic/new-stack/bigiq/README.md +++ b/experimental/failover/same-net/via-lb/1nic/new-stack/bigiq/README.md @@ -55,6 +55,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -104,7 +105,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -130,7 +131,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.json b/experimental/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.json index edc69781ad..711ca363a8 100644 --- a/experimental/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.json +++ b/experimental/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -223,7 +146,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -294,63 +217,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -369,7 +235,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -401,11 +267,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -484,7 +346,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-new-stack-experimental-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-new-stack-experimental-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -777,7 +639,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json b/experimental/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json index 7938ada95d..a68925323f 100644 --- a/experimental/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-lb/1nic/new-stack/byol/README.md b/experimental/failover/same-net/via-lb/1nic/new-stack/byol/README.md index dfa9f8a4a3..77d6614bca 100644 --- a/experimental/failover/same-net/via-lb/1nic/new-stack/byol/README.md +++ b/experimental/failover/same-net/via-lb/1nic/new-stack/byol/README.md @@ -54,6 +54,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -103,7 +104,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -125,7 +126,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.json b/experimental/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.json index 4dc8136acd..a530c68b90 100644 --- a/experimental/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.json +++ b/experimental/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -199,7 +122,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -270,63 +193,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -345,7 +211,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -377,11 +243,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -460,7 +322,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-new-stack-experimental-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-new-stack-experimental-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -753,7 +615,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.parameters.json b/experimental/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.parameters.json index 6602fdf62e..2e338d985d 100644 --- a/experimental/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-lb/1nic/new-stack/payg/README.md b/experimental/failover/same-net/via-lb/1nic/new-stack/payg/README.md index 243a9614da..7afaa4c2a7 100644 --- a/experimental/failover/same-net/via-lb/1nic/new-stack/payg/README.md +++ b/experimental/failover/same-net/via-lb/1nic/new-stack/payg/README.md @@ -52,6 +52,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -101,7 +102,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -121,7 +122,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.json b/experimental/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.json index 0bbe192269..0649ef1a25 100644 --- a/experimental/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.json +++ b/experimental/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -201,7 +124,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -272,63 +195,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -347,7 +213,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -379,11 +245,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -505,7 +367,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-new-stack-experimental-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-new-stack-experimental-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -798,7 +660,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json b/experimental/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json index fed7bf7b37..5f9cdd8e81 100644 --- a/experimental/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-lb/3nic/new-stack/bigiq/README.md b/experimental/failover/same-net/via-lb/3nic/new-stack/bigiq/README.md index 8198cf857d..ac60e9cd39 100644 --- a/experimental/failover/same-net/via-lb/3nic/new-stack/bigiq/README.md +++ b/experimental/failover/same-net/via-lb/3nic/new-stack/bigiq/README.md @@ -67,6 +67,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - The provisionInternalLoadBalancer parameter controls the creation of an internal Azure load balancer targeting the internal BIG-IP network interfaces. Selecting Yes deploys an internal load balancer with the HA Ports feature (all-protocol load balancing rule) enabled. NOTE: In order to download required libraries, the BIG-IP internal interfaces are not configured in the load balancer backend pool by default. You must update the load balancer configuration after deployment completes. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -116,7 +117,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -147,7 +148,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.json b/experimental/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.json index 9a509709c5..ba3a17b594 100644 --- a/experimental/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.json +++ b/experimental/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -99,76 +99,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -282,7 +212,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -343,63 +273,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -418,7 +291,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -477,11 +350,7 @@ "intSubnetPrivateAddress3": "[concat(parameters('vnetAddressPrefix'), '.3.11')]", "internalLoadBalancerAddress": "[concat(parameters('vnetAddressPrefix'), '.3.50')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -568,7 +437,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-new-stack-experimental-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-new-stack-experimental-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1187,7 +1056,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.parameters.json b/experimental/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.parameters.json index 102ebd2499..ddc22b8e04 100644 --- a/experimental/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-lb/3nic/new-stack/byol/README.md b/experimental/failover/same-net/via-lb/3nic/new-stack/byol/README.md index bb3c535393..2ad1f5980f 100644 --- a/experimental/failover/same-net/via-lb/3nic/new-stack/byol/README.md +++ b/experimental/failover/same-net/via-lb/3nic/new-stack/byol/README.md @@ -66,6 +66,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - The provisionInternalLoadBalancer parameter controls the creation of an internal Azure load balancer targeting the internal BIG-IP network interfaces. Selecting Yes deploys an internal load balancer with the HA Ports feature (all-protocol load balancing rule) enabled. NOTE: In order to download required libraries, the BIG-IP internal interfaces are not configured in the load balancer backend pool by default. You must update the load balancer configuration after deployment completes. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -115,7 +116,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -142,7 +143,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.json b/experimental/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.json index 43fabffa95..276668ebc8 100644 --- a/experimental/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.json +++ b/experimental/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -99,76 +99,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -258,7 +188,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -319,63 +249,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -394,7 +267,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -453,11 +326,7 @@ "intSubnetPrivateAddress3": "[concat(parameters('vnetAddressPrefix'), '.3.11')]", "internalLoadBalancerAddress": "[concat(parameters('vnetAddressPrefix'), '.3.50')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -544,7 +413,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-new-stack-experimental-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-new-stack-experimental-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1163,7 +1032,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.parameters.json b/experimental/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.parameters.json index c69aa4c0ed..253045bc0d 100644 --- a/experimental/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-lb/3nic/new-stack/payg/README.md b/experimental/failover/same-net/via-lb/3nic/new-stack/payg/README.md index f534befd16..d888edb545 100644 --- a/experimental/failover/same-net/via-lb/3nic/new-stack/payg/README.md +++ b/experimental/failover/same-net/via-lb/3nic/new-stack/payg/README.md @@ -64,6 +64,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - The provisionInternalLoadBalancer parameter controls the creation of an internal Azure load balancer targeting the internal BIG-IP network interfaces. Selecting Yes deploys an internal load balancer with the HA Ports feature (all-protocol load balancing rule) enabled. NOTE: In order to download required libraries, the BIG-IP internal interfaces are not configured in the load balancer backend pool by default. You must update the load balancer configuration after deployment completes. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -113,7 +114,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -138,7 +139,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.json b/experimental/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.json index 3d20f1e3fb..34a7e9dfed 100644 --- a/experimental/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.json +++ b/experimental/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -99,76 +99,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -260,7 +190,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -321,63 +251,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -396,7 +269,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -455,11 +328,7 @@ "intSubnetPrivateAddress3": "[concat(parameters('vnetAddressPrefix'), '.3.11')]", "internalLoadBalancerAddress": "[concat(parameters('vnetAddressPrefix'), '.3.50')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -589,7 +458,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-new-stack-experimental-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-new-stack-experimental-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1208,7 +1077,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.parameters.json b/experimental/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.parameters.json index 0a5108e7e4..8d1a56ebfa 100644 --- a/experimental/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/reference/cluster/1nic/README.md b/experimental/reference/cluster/1nic/README.md index 628bb79b44..7affa6fa93 100644 --- a/experimental/reference/cluster/1nic/README.md +++ b/experimental/reference/cluster/1nic/README.md @@ -49,7 +49,7 @@ Below is a map that shows the available options for the template parameter 'bigI | vaultResourceGroup | x | The name of the Azure Resource Group where the previously entered Key Vault is located. This field is required in the https and https-offload deployment scenarios. | | secretUrl | x | The public URL of the Azure Key Vault secret where your SSL cert and key are stored in .pfx format. This field is required in the https and https-offload deployment scenarios. | | certThumbprint | x | The thumbprint of the SSL cert stored in Azure Key Vault. This field is required in the https and https-offload deployment scenarios. | -| restrictedSrcAddress | x | Restricts management access to a specific network or address. Enter a IP address or address range in CIDR notation, or asterisk for all sources. | +| restrictedSrcAddress | x | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use "0.0.0.0/0". Instead, restrict the IP address range to your client or trusted network, for example '55.55.55.55/32'. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | x | Additional key-value pair tags to be added to each Azure resource. | diff --git a/experimental/reference/standalone/2nic+webserver/README.md b/experimental/reference/standalone/2nic+webserver/README.md index b176819039..56a2ab1d36 100644 --- a/experimental/reference/standalone/2nic+webserver/README.md +++ b/experimental/reference/standalone/2nic+webserver/README.md @@ -50,7 +50,7 @@ Use this button to deploy the template: | licenseKey1 | x | The license token from the F5 licensing server. This license will be used for the first F5 BIG-IP. | | webServer | x | The example web server to deploy. | | vsPort | x | The virtual server port to use when configuring the BIG-IP. | -| restrictedSrcAddress | x | Restricts management access to a specific network or address. Enter a IP address or address range in CIDR notation, or asterisk for all sources. | +| restrictedSrcAddress | x | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use "0.0.0.0/0". Instead, restrict the IP address range to your client or trusted network, for example '55.55.55.55/32'. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | x | Additional key-value pair tags to be added to each Azure resource. | diff --git a/experimental/reference/standalone/3nic+webserver/README.md b/experimental/reference/standalone/3nic+webserver/README.md index 51d9abb0ec..106f9d0641 100644 --- a/experimental/reference/standalone/3nic+webserver/README.md +++ b/experimental/reference/standalone/3nic+webserver/README.md @@ -79,7 +79,7 @@ Use the appropriate button, depending on whether you are using BYOL or PAYG lice | licensedBandwidth | | For PAYG only. PAYG licensed bandwidth(Mbps) image to deploy. | | numberOfExternalIps | x | The number of public/private IP's to deploy for the application traffic(external) nic on the BIG-IP to be used for virtual servers. | | vnetAddressPrefix | x | The start of the CIDR block(/16) used by the BIG-IP's when creating the vnet and subnets. What is supplied MUST be just the first two octets of the /16 virtual network that will be created. Such as '10.0', '10.100', 192.168', etc... | -| restrictedSrcAddress | x | Restricts management access to a specific network or address. Enter a IP address or address range in CIDR notation, or asterisk for all sources. | +| restrictedSrcAddress | x | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use "0.0.0.0/0". Instead, restrict the IP address range to your client or trusted network, for example '55.55.55.55/32'. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | x | Additional key-value pair tags to be added to each Azure resource. | ### PowerShell Script Example diff --git a/experimental/standalone/1nic/new-stack/bigiq/README.md b/experimental/standalone/1nic/new-stack/bigiq/README.md index 52120f81e9..de78b3efe5 100644 --- a/experimental/standalone/1nic/new-stack/bigiq/README.md +++ b/experimental/standalone/1nic/new-stack/bigiq/README.md @@ -55,6 +55,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -104,7 +105,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -131,7 +132,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/1nic/new-stack/bigiq/azuredeploy.json b/experimental/standalone/1nic/new-stack/bigiq/azuredeploy.json index 87f5cd055b..852ce2db0d 100644 --- a/experimental/standalone/1nic/new-stack/bigiq/azuredeploy.json +++ b/experimental/standalone/1nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -40,83 +40,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -232,7 +155,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -293,63 +216,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -368,7 +234,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -402,11 +268,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -479,7 +341,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-new-stack-experimental-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-new-stack-experimental-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -650,7 +512,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/1nic/new-stack/bigiq/azuredeploy.parameters.json b/experimental/standalone/1nic/new-stack/bigiq/azuredeploy.parameters.json index 3ac3880277..cc84854384 100644 --- a/experimental/standalone/1nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/standalone/1nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/1nic/new-stack/byol/README.md b/experimental/standalone/1nic/new-stack/byol/README.md index 871826fe37..f602c05055 100644 --- a/experimental/standalone/1nic/new-stack/byol/README.md +++ b/experimental/standalone/1nic/new-stack/byol/README.md @@ -54,6 +54,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -103,7 +104,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2F1nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2F1nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -125,7 +126,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/1nic/new-stack/byol/azuredeploy.json b/experimental/standalone/1nic/new-stack/byol/azuredeploy.json index be83cd85a6..ae77d3fb38 100644 --- a/experimental/standalone/1nic/new-stack/byol/azuredeploy.json +++ b/experimental/standalone/1nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -40,83 +40,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -201,7 +124,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -262,63 +185,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -337,7 +203,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -371,11 +237,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -448,7 +310,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-new-stack-experimental-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-new-stack-experimental-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -619,7 +481,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/1nic/new-stack/byol/azuredeploy.parameters.json b/experimental/standalone/1nic/new-stack/byol/azuredeploy.parameters.json index 9a21d8021e..8a5d36fa05 100644 --- a/experimental/standalone/1nic/new-stack/byol/azuredeploy.parameters.json +++ b/experimental/standalone/1nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/1nic/new-stack/payg/README.md b/experimental/standalone/1nic/new-stack/payg/README.md index c715f36ace..6e73dcb9d4 100644 --- a/experimental/standalone/1nic/new-stack/payg/README.md +++ b/experimental/standalone/1nic/new-stack/payg/README.md @@ -52,6 +52,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -101,7 +102,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -122,7 +123,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/1nic/new-stack/payg/azuredeploy.json b/experimental/standalone/1nic/new-stack/payg/azuredeploy.json index f83167133c..3030e0cbd8 100644 --- a/experimental/standalone/1nic/new-stack/payg/azuredeploy.json +++ b/experimental/standalone/1nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -40,83 +40,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -212,7 +135,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -273,63 +196,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -348,7 +214,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -382,11 +248,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -502,7 +364,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-new-stack-experimental-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-new-stack-experimental-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -673,7 +535,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/1nic/new-stack/payg/azuredeploy.parameters.json b/experimental/standalone/1nic/new-stack/payg/azuredeploy.parameters.json index e7f661bcc4..ef4e54edf6 100644 --- a/experimental/standalone/1nic/new-stack/payg/azuredeploy.parameters.json +++ b/experimental/standalone/1nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/2nic/new-stack/bigiq/README.md b/experimental/standalone/2nic/new-stack/bigiq/README.md index f32c994f88..a768dc0235 100644 --- a/experimental/standalone/2nic/new-stack/bigiq/README.md +++ b/experimental/standalone/2nic/new-stack/bigiq/README.md @@ -57,6 +57,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -106,7 +107,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2F2nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2F2nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -134,7 +135,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/2nic/new-stack/bigiq/azuredeploy.json b/experimental/standalone/2nic/new-stack/bigiq/azuredeploy.json index 047c82cbac..4d09f191b1 100644 --- a/experimental/standalone/2nic/new-stack/bigiq/azuredeploy.json +++ b/experimental/standalone/2nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,83 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -262,7 +185,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -323,63 +246,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -398,7 +264,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -444,11 +310,7 @@ "extSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('extsubnetName'))]", "routeCmd": "route", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -524,7 +386,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-new-stack-experimental-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-new-stack-experimental-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -785,7 +647,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/2nic/new-stack/bigiq/azuredeploy.parameters.json b/experimental/standalone/2nic/new-stack/bigiq/azuredeploy.parameters.json index 99f98a59a2..4fe7896213 100644 --- a/experimental/standalone/2nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/standalone/2nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/2nic/new-stack/byol/README.md b/experimental/standalone/2nic/new-stack/byol/README.md index d85959f582..82e8132788 100644 --- a/experimental/standalone/2nic/new-stack/byol/README.md +++ b/experimental/standalone/2nic/new-stack/byol/README.md @@ -56,6 +56,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -105,7 +106,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2F2nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2F2nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -128,7 +129,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/2nic/new-stack/byol/azuredeploy.json b/experimental/standalone/2nic/new-stack/byol/azuredeploy.json index d925165228..0e13f34161 100644 --- a/experimental/standalone/2nic/new-stack/byol/azuredeploy.json +++ b/experimental/standalone/2nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,83 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -231,7 +154,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -292,63 +215,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -367,7 +233,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -413,11 +279,7 @@ "extSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('extsubnetName'))]", "routeCmd": "route", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -493,7 +355,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-new-stack-experimental-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-new-stack-experimental-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -754,7 +616,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/2nic/new-stack/byol/azuredeploy.parameters.json b/experimental/standalone/2nic/new-stack/byol/azuredeploy.parameters.json index 1d757d393e..8bc4f72c4f 100644 --- a/experimental/standalone/2nic/new-stack/byol/azuredeploy.parameters.json +++ b/experimental/standalone/2nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/2nic/new-stack/payg/README.md b/experimental/standalone/2nic/new-stack/payg/README.md index 45e409218c..593fe36035 100644 --- a/experimental/standalone/2nic/new-stack/payg/README.md +++ b/experimental/standalone/2nic/new-stack/payg/README.md @@ -54,6 +54,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -103,7 +104,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2F2nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2F2nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -125,7 +126,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/2nic/new-stack/payg/azuredeploy.json b/experimental/standalone/2nic/new-stack/payg/azuredeploy.json index 57c7880b62..6c47dc2eb6 100644 --- a/experimental/standalone/2nic/new-stack/payg/azuredeploy.json +++ b/experimental/standalone/2nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,83 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -242,7 +165,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -303,63 +226,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -378,7 +244,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -424,11 +290,7 @@ "extSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('extsubnetName'))]", "routeCmd": "route", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -547,7 +409,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-new-stack-experimental-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-new-stack-experimental-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -808,7 +670,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/2nic/new-stack/payg/azuredeploy.parameters.json b/experimental/standalone/2nic/new-stack/payg/azuredeploy.parameters.json index a5cca449be..14a6879c4c 100644 --- a/experimental/standalone/2nic/new-stack/payg/azuredeploy.parameters.json +++ b/experimental/standalone/2nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/3nic/learning-stack/bigiq/README.md b/experimental/standalone/3nic/learning-stack/bigiq/README.md index d0b7fdbb88..487eeba948 100644 --- a/experimental/standalone/3nic/learning-stack/bigiq/README.md +++ b/experimental/standalone/3nic/learning-stack/bigiq/README.md @@ -57,6 +57,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -106,7 +107,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2F3nic%2Flearning-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2F3nic%2Flearning-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -134,7 +135,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.json b/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.json index 81ad80e005..cfd04a1460 100644 --- a/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.json +++ b/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -255,7 +185,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -316,63 +246,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -391,7 +264,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -442,11 +315,7 @@ "intNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('intNicName'))]", "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -527,7 +396,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-learning-stack-experimental-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-learning-stack-experimental-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -862,7 +731,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.parameters.json b/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.parameters.json index bfd0218fb2..739ab26255 100644 --- a/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/3nic/learning-stack/byol/README.md b/experimental/standalone/3nic/learning-stack/byol/README.md index 075aab2ce8..9f5cac4e1a 100644 --- a/experimental/standalone/3nic/learning-stack/byol/README.md +++ b/experimental/standalone/3nic/learning-stack/byol/README.md @@ -56,6 +56,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -105,7 +106,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2F3nic%2Flearning-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2F3nic%2Flearning-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -128,7 +129,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/3nic/learning-stack/byol/azuredeploy.json b/experimental/standalone/3nic/learning-stack/byol/azuredeploy.json index 386d059e89..72727544f2 100644 --- a/experimental/standalone/3nic/learning-stack/byol/azuredeploy.json +++ b/experimental/standalone/3nic/learning-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -224,7 +154,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -285,63 +215,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -360,7 +233,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -411,11 +284,7 @@ "intNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('intNicName'))]", "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -496,7 +365,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-learning-stack-experimental-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-learning-stack-experimental-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -831,7 +700,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/3nic/learning-stack/byol/azuredeploy.parameters.json b/experimental/standalone/3nic/learning-stack/byol/azuredeploy.parameters.json index c2a8974d79..ea9aa444dc 100644 --- a/experimental/standalone/3nic/learning-stack/byol/azuredeploy.parameters.json +++ b/experimental/standalone/3nic/learning-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/3nic/learning-stack/payg/README.md b/experimental/standalone/3nic/learning-stack/payg/README.md index d31af67c2c..28ea820ee5 100644 --- a/experimental/standalone/3nic/learning-stack/payg/README.md +++ b/experimental/standalone/3nic/learning-stack/payg/README.md @@ -54,6 +54,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -103,7 +104,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2F3nic%2Flearning-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2F3nic%2Flearning-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -125,7 +126,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/3nic/learning-stack/payg/azuredeploy.json b/experimental/standalone/3nic/learning-stack/payg/azuredeploy.json index ebeb3d421f..c20a081591 100644 --- a/experimental/standalone/3nic/learning-stack/payg/azuredeploy.json +++ b/experimental/standalone/3nic/learning-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -235,7 +165,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -296,63 +226,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -371,7 +244,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -422,11 +295,7 @@ "intNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('intNicName'))]", "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -550,7 +419,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-learning-stack-experimental-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-learning-stack-experimental-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -885,7 +754,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/3nic/learning-stack/payg/azuredeploy.parameters.json b/experimental/standalone/3nic/learning-stack/payg/azuredeploy.parameters.json index 34f16374a9..9242419deb 100644 --- a/experimental/standalone/3nic/learning-stack/payg/azuredeploy.parameters.json +++ b/experimental/standalone/3nic/learning-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/3nic/new-stack/bigiq/README.md b/experimental/standalone/3nic/new-stack/bigiq/README.md index 87536248e3..f6363d9ea9 100644 --- a/experimental/standalone/3nic/new-stack/bigiq/README.md +++ b/experimental/standalone/3nic/new-stack/bigiq/README.md @@ -57,6 +57,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -106,7 +107,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2F3nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2F3nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -134,7 +135,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/3nic/new-stack/bigiq/azuredeploy.json b/experimental/standalone/3nic/new-stack/bigiq/azuredeploy.json index 7ab7f4cbfa..5fb16399e4 100644 --- a/experimental/standalone/3nic/new-stack/bigiq/azuredeploy.json +++ b/experimental/standalone/3nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -255,7 +185,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -316,63 +246,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -391,7 +264,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -442,11 +315,7 @@ "intNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('intNicName'))]", "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -523,7 +392,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-new-stack-experimental-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-new-stack-experimental-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -816,7 +685,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/3nic/new-stack/bigiq/azuredeploy.parameters.json b/experimental/standalone/3nic/new-stack/bigiq/azuredeploy.parameters.json index bfd0218fb2..739ab26255 100644 --- a/experimental/standalone/3nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/standalone/3nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/3nic/new-stack/byol/README.md b/experimental/standalone/3nic/new-stack/byol/README.md index 28ef38e27f..2a68d5df7d 100644 --- a/experimental/standalone/3nic/new-stack/byol/README.md +++ b/experimental/standalone/3nic/new-stack/byol/README.md @@ -56,6 +56,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -105,7 +106,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2F3nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2F3nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -128,7 +129,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/3nic/new-stack/byol/azuredeploy.json b/experimental/standalone/3nic/new-stack/byol/azuredeploy.json index 002e9de3b9..2420b9dc90 100644 --- a/experimental/standalone/3nic/new-stack/byol/azuredeploy.json +++ b/experimental/standalone/3nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -224,7 +154,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -285,63 +215,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -360,7 +233,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -411,11 +284,7 @@ "intNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('intNicName'))]", "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -492,7 +361,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-new-stack-experimental-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-new-stack-experimental-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -785,7 +654,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/3nic/new-stack/byol/azuredeploy.parameters.json b/experimental/standalone/3nic/new-stack/byol/azuredeploy.parameters.json index c2a8974d79..ea9aa444dc 100644 --- a/experimental/standalone/3nic/new-stack/byol/azuredeploy.parameters.json +++ b/experimental/standalone/3nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/3nic/new-stack/payg/README.md b/experimental/standalone/3nic/new-stack/payg/README.md index f9fbe51c0d..2f9c2a2956 100644 --- a/experimental/standalone/3nic/new-stack/payg/README.md +++ b/experimental/standalone/3nic/new-stack/payg/README.md @@ -54,6 +54,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -103,7 +104,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2F3nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2F3nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -125,7 +126,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/3nic/new-stack/payg/azuredeploy.json b/experimental/standalone/3nic/new-stack/payg/azuredeploy.json index b687b804f5..ad244ea158 100644 --- a/experimental/standalone/3nic/new-stack/payg/azuredeploy.json +++ b/experimental/standalone/3nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -235,7 +165,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -296,63 +226,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -371,7 +244,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -422,11 +295,7 @@ "intNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('intNicName'))]", "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -546,7 +415,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-new-stack-experimental-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-new-stack-experimental-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -839,7 +708,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/3nic/new-stack/payg/azuredeploy.parameters.json b/experimental/standalone/3nic/new-stack/payg/azuredeploy.parameters.json index 34f16374a9..9242419deb 100644 --- a/experimental/standalone/3nic/new-stack/payg/azuredeploy.parameters.json +++ b/experimental/standalone/3nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/n-nic/new-stack/bigiq/README.md b/experimental/standalone/n-nic/new-stack/bigiq/README.md index b527b6d8ee..e0aca69978 100644 --- a/experimental/standalone/n-nic/new-stack/bigiq/README.md +++ b/experimental/standalone/n-nic/new-stack/bigiq/README.md @@ -59,6 +59,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -108,7 +109,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2Fn-nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2Fn-nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -136,7 +137,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/n-nic/new-stack/bigiq/azuredeploy.json b/experimental/standalone/n-nic/new-stack/bigiq/azuredeploy.json index e1f3924c43..480d6cf43e 100644 --- a/experimental/standalone/n-nic/new-stack/bigiq/azuredeploy.json +++ b/experimental/standalone/n-nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -255,7 +185,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -384,63 +314,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -459,7 +332,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -510,11 +383,7 @@ "intNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('intNicName'))]", "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -643,7 +512,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-new-stack-experimental-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-new-stack-experimental-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -950,7 +819,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/n-nic/new-stack/bigiq/azuredeploy.parameters.json b/experimental/standalone/n-nic/new-stack/bigiq/azuredeploy.parameters.json index d4f8cf15c6..8a209ee15e 100644 --- a/experimental/standalone/n-nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/standalone/n-nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/n-nic/new-stack/byol/README.md b/experimental/standalone/n-nic/new-stack/byol/README.md index 6ce3cf34b0..cd937a3678 100644 --- a/experimental/standalone/n-nic/new-stack/byol/README.md +++ b/experimental/standalone/n-nic/new-stack/byol/README.md @@ -58,6 +58,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -107,7 +108,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2Fn-nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2Fn-nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -130,7 +131,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/n-nic/new-stack/byol/azuredeploy.json b/experimental/standalone/n-nic/new-stack/byol/azuredeploy.json index 42e65c3c19..12dc3fa65c 100644 --- a/experimental/standalone/n-nic/new-stack/byol/azuredeploy.json +++ b/experimental/standalone/n-nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -224,7 +154,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -353,63 +283,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -428,7 +301,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -479,11 +352,7 @@ "intNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('intNicName'))]", "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -612,7 +481,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-new-stack-experimental-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-new-stack-experimental-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -919,7 +788,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/n-nic/new-stack/byol/azuredeploy.parameters.json b/experimental/standalone/n-nic/new-stack/byol/azuredeploy.parameters.json index 721efcecb3..90690a461a 100644 --- a/experimental/standalone/n-nic/new-stack/byol/azuredeploy.parameters.json +++ b/experimental/standalone/n-nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/n-nic/new-stack/payg/README.md b/experimental/standalone/n-nic/new-stack/payg/README.md index 34971ab6f9..fe7f789c76 100644 --- a/experimental/standalone/n-nic/new-stack/payg/README.md +++ b/experimental/standalone/n-nic/new-stack/payg/README.md @@ -56,6 +56,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -105,7 +106,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fexperimental%2Fstandalone%2Fn-nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fexperimental%2Fstandalone%2Fn-nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -127,7 +128,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/experimental/standalone/n-nic/new-stack/payg/azuredeploy.json b/experimental/standalone/n-nic/new-stack/payg/azuredeploy.json index 4d9cfcbdb6..623bddecd2 100644 --- a/experimental/standalone/n-nic/new-stack/payg/azuredeploy.json +++ b/experimental/standalone/n-nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -235,7 +165,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -364,63 +294,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -439,7 +312,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -490,11 +363,7 @@ "intNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('intNicName'))]", "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -666,7 +535,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-new-stack-experimental-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-new-stack-experimental-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -973,7 +842,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/experimental/standalone/n-nic/new-stack/payg/azuredeploy.parameters.json b/experimental/standalone/n-nic/new-stack/payg/azuredeploy.parameters.json index 00a4a7c070..dcfc09405f 100644 --- a/experimental/standalone/n-nic/new-stack/payg/azuredeploy.parameters.json +++ b/experimental/standalone/n-nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/README.md b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/README.md index d59c329c5a..54179bad03 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/README.md +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/README.md @@ -65,6 +65,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - The autoscale LTM and failover-lb NIC templates create a default port 443 load balancing rule and probe at deployment time; this rule is necessary to download required cloud libraries to BIG-IP and may be deleted or modified following a successful deployment. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -114,7 +115,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -142,7 +143,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -305,7 +306,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.json b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.json index 809bcca935..f1d2565d78 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -236,7 +159,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -498,63 +421,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -573,7 +439,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -604,11 +470,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -720,7 +582,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-existing-stack-supported-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-existing-stack-supported-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -833,7 +695,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json index 5bc70b121d..b49b4dcbc3 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/README.md b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/README.md index 85a0be41df..ff06be7051 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/README.md +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/README.md @@ -62,6 +62,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - The autoscale LTM and failover-lb NIC templates create a default port 443 load balancing rule and probe at deployment time; this rule is necessary to download required cloud libraries to BIG-IP and may be deleted or modified following a successful deployment. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -111,7 +112,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -133,7 +134,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -296,7 +297,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.json b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.json index d1ac9b5be6..5d60fd6471 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.json +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -211,7 +134,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -473,63 +396,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -548,7 +414,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -579,11 +445,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -738,7 +600,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-existing-stack-supported-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-existing-stack-supported-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -851,7 +713,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json index fba1291cda..2a21a5927a 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/README.md b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/README.md index c7f6ed0ca4..feb18849f5 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/README.md +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/README.md @@ -63,6 +63,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - All autoscale via-lb and failover via-lb templates now deploy Standard SKU Azure Load Balancers. - The autoscale LTM and failover-lb NIC templates create a default port 443 load balancing rule and probe at deployment time; this rule is necessary to download required cloud libraries to BIG-IP and may be deleted or modified following a successful deployment. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -112,7 +113,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -140,7 +141,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -298,7 +299,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.json b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.json index 5f3bb0534b..cab3e22eee 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -236,7 +159,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -462,63 +385,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -537,7 +403,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -568,11 +434,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -697,7 +559,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-existing-stack-supported-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-existing-stack-supported-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -916,7 +778,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json index 57470065a2..f93e71e581 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/README.md b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/README.md index 757beb93b5..7b96e1dc6c 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/README.md +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/README.md @@ -60,6 +60,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - All autoscale via-lb and failover via-lb templates now deploy Standard SKU Azure Load Balancers. - The autoscale LTM and failover-lb NIC templates create a default port 443 load balancing rule and probe at deployment time; this rule is necessary to download required cloud libraries to BIG-IP and may be deleted or modified following a successful deployment. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -109,7 +110,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -131,7 +132,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -289,7 +290,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.json b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.json index d99b9f5e70..d1d8acee81 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.json +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -211,7 +134,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -437,63 +360,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -512,7 +378,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -543,11 +409,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -715,7 +577,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-existing-stack-supported-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-existing-stack-supported-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -934,7 +796,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json index 9c069ac01f..28075e89c4 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/README.md b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/README.md index 37c63bb59a..def3fccf9c 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/README.md +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/README.md @@ -65,6 +65,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -114,7 +115,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -142,7 +143,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -314,7 +315,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.json b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.json index b4ac86033e..ef15ebdaf2 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,81 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -232,7 +157,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -573,63 +498,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -648,7 +516,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -679,11 +547,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -m ', parameters('applicationProtocols'), ' -n ', parameters('applicationAddress'), ' -j ', parameters('applicationPort'), ' -k ', parameters('applicationSecurePort'), ' -h ', parameters('applicationPort'), ' -s ', parameters('applicationSecurePort'), ' -t ', toLower(parameters('applicationType')), ' -l ', toLower(parameters('blockingLevel')), ' -a ', parameters('customPolicy'), ' -c ', parameters('sslCert'), ' -r ', parameters('sslPswd'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBpcF9yZWdleD0nXlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM30kJwogICAgZGZsX21nbXRfcG9ydD1gdG1zaCBsaXN0IHN5cyBodHRwZCBzc2wtcG9ydCB8IGdyZXAgc3NsLXBvcnQgfCBzZWQgJ3Mvc3NsLXBvcnQgLy87cy8gLy9nJ2AKICAgIG1vZGU9YHNlZCAicy8tL18vZyIgPDw8IiRtb2RlImAKICAgIHBheWxvYWQ9J3siY2xhc3MiOiJBREMiLCJzY2hlbWFWZXJzaW9uIjoiMy4wLjAiLCJsYWJlbCI6ImF1dG9zY2FsZV93YWYiLCJpZCI6IkFVVE9TQ0FMRV9XQUYiLCJyZW1hcmsiOiJBdXRvc2NhbGUgV0FGIiwid2FmIjp7ImNsYXNzIjoiVGVuYW50IiwiU2hhcmVkIjp7ImNsYXNzIjoiQXBwbGljYXRpb24iLCJ0ZW1wbGF0ZSI6InNoYXJlZCIsInNlcnZpY2VBZGRyZXNzIjp7ImNsYXNzIjoiU2VydmljZV9BZGRyZXNzIiwidmlydHVhbEFkZHJlc3MiOiIwLjAuMC4wIn0sInBvbGljeVdBRiI6eyJjbGFzcyI6IldBRl9Qb2xpY3kiLCJmaWxlIjoiL3RtcC9hczMwLWxpbnV4LW1lZGl1bS54bWwifX0sImh0dHAiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cCIsInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFAiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjgwLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHMiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJjbGllbnRUTFMiOnsiY2xhc3MiOiJUTFNfQ2xpZW50In0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cHMiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo0NDMsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUFMiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjQ0Mywic2VydmVyVExTIjoic2VydmVyVExTIiwiY2xpZW50VExTIjoiY2xpZW50VExTIiwicmVkaXJlY3Q4MCI6dHJ1ZSwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX0sImh0dHBzX29mZmxvYWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJwb29sIjp7ImNsYXNzIjoiUG9vbCIsIm1vbml0b3JzIjpbImh0dHAiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo4MCwiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNlcnZlclRMUyI6InNlcnZlclRMUyIsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19fX0nCgogICAgIyB2ZXJpZnkgdGhhdCB0aGUgY3VzdG9tIHBvbGljeSBpcyBhIFVSTAogICAgaWYgW1sgJGxldmVsID09ICJjdXN0b20iIF1dOyB0aGVuCiAgICAgICAgIGlmIFtbIC1uICRwb2xpY3kgJiYgJHBvbGljeSAhPSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgICAgICAgICAgIGlmIFtbICRwb2xpY3kgPX4gJHVybF9yZWdleCBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBjdXN0b21fcG9saWN5PSRwb2xpY3kKICAgICAgICAgICAgICAgICAgL3Vzci9iaW4vY3VybCAtc2sgJGN1c3RvbV9wb2xpY3kgLS1yZXRyeSAzIC1vIC90bXAvY3VzdG9tX3BvbGljeS54bWwKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL3RtcC9jdXN0b21fcG9saWN5LnhtbCIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICAgZWNobyAiQ3VzdG9tIHBvbGljeSB3YXMgbm90IGEgVVJMLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS1oaWdoLnhtbCIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3Qgc3BlY2lmaWVkLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtJGxldmVsLnhtbCIKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cF9odHRwcyIgfHwgJG1vZGUgPT0gImh0dHBzX29mZmxvYWQiIF1dOyB0aGVuCiAgICAgICAgIGNoYWluPSIvQ29tbW9uL2NhLWJ1bmRsZS5jcnQiCgogICAgICAgICBlY2hvICJTdGFydGluZyBDZXJ0aWZpY2F0ZSBkb3dubG9hZCIKCiAgICAgICAgIGNlcnRpZmljYXRlX2xvY2F0aW9uPSRzc2xfY2VydAoKICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrIC11ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAgLVggUE9TVCAtSCAiQ29udGVudC10eXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3RtL3V0aWwvYmFzaCAtZCAneyAiY29tbWFuZCI6InJ1biIsInV0aWxDbWRBcmdzIjoiLWMgXCJjdXJsIC1rIC1zIC1mIC0tcmV0cnkgNSAtLXJldHJ5LWRlbGF5IDEwIC0tcmV0cnktbWF4LXRpbWUgMTAgLW8gL2NvbmZpZy90bXAucGZ4ICckY2VydGlmaWNhdGVfbG9jYXRpb24nXCIiIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBkb3dubG9hZCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBTU0wgY2VydDsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZXhpdCAxCiAgICAgICAgIGZpCgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vc3lzL2NyeXB0by9wa2NzMTIgLWQgJ3siY29tbWFuZCI6ICJpbnN0YWxsIiwibmFtZSI6ICJ3YWZDZXJ0Iiwib3B0aW9ucyI6IFsgeyAiZnJvbS1sb2NhbC1maWxlIjogIi9jb25maWcvdG1wLnBmeCIgfSwgeyAicGFzc3BocmFzZSI6ICInIiRzc2xfcGFzc3dkIiciIH0gXSB9JyAtbyAvZGV2L251bGwpCgogICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgIF1dOyB0aGVuCiAgICAgICAgICAgICAgZWNobyAiQ2VydGlmaWNhdGUgaW5zdGFsbCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBpbnN0YWxsIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKICAgIGZpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBhc21fcG9saWN5ICRhc21fcG9saWN5ICcgLndhZi5TaGFyZWQucG9saWN5V0FGLmZpbGUgPSAkYXNtX3BvbGljeScpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX2h0dHBfcG9ydCAkcG9vbF9odHRwX3BvcnQgLS1hcmcgcG9vbF9odHRwc19wb3J0ICRwb29sX2h0dHBzX3BvcnQgLS1hcmcgdnNfaHR0cF9wb3J0ICR2c19odHRwX3BvcnQgLS1hcmcgdnNfaHR0cHNfcG9ydCAkdnNfaHR0cHNfcG9ydCAnIC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwcy5zZXJ2aWNlTWFpbi52aXJ0dWFsUG9ydCA9ICgkdnNfaHR0cHNfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpJykKCiAgICBpZiBbWyAkcG9vbF9tZW1iZXIgPX4gJGlwX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8ICBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXInKQogICAgZWxzZQogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpJykKCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgLS1hcmcgcG9vbF9tZW1iZXIgJHBvb2xfbWVtYmVyICcud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyJykKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHAiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHMpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCknKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cCkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsaWYgW1sgJG1vZGUgPT0gImh0dHBfaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCkgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnJlZGlyZWN0ODAgPSBmYWxzZSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsc2UKICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIucHJpdmF0ZUtleS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQua2V5IicpCiAgICBmaQoKICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCAiJHBheWxvYWQiIC1vIC9kZXYvbnVsbCkKCiAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiAgXV07IHRoZW4KICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgIGVsc2UKICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICBleGl0IDEKICAgICBmaQogZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -802,7 +666,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-existing-stack-supported-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-existing-stack-supported-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -943,7 +807,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json index a400c75d9d..5dd4759cb0 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/README.md b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/README.md index 9cb4f93240..9d902ed0a7 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/README.md +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/README.md @@ -62,6 +62,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -111,7 +112,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -133,7 +134,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -305,7 +306,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.json b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.json index a8690a40d0..072cc04b8f 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.json +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,81 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -202,7 +127,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -543,63 +468,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -618,7 +486,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -649,11 +517,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -m ', parameters('applicationProtocols'), ' -n ', parameters('applicationAddress'), ' -j ', parameters('applicationPort'), ' -k ', parameters('applicationSecurePort'), ' -h ', parameters('applicationPort'), ' -s ', parameters('applicationSecurePort'), ' -t ', toLower(parameters('applicationType')), ' -l ', toLower(parameters('blockingLevel')), ' -a ', parameters('customPolicy'), ' -c ', parameters('sslCert'), ' -r ', parameters('sslPswd'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBpcF9yZWdleD0nXlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM30kJwogICAgZGZsX21nbXRfcG9ydD1gdG1zaCBsaXN0IHN5cyBodHRwZCBzc2wtcG9ydCB8IGdyZXAgc3NsLXBvcnQgfCBzZWQgJ3Mvc3NsLXBvcnQgLy87cy8gLy9nJ2AKICAgIG1vZGU9YHNlZCAicy8tL18vZyIgPDw8IiRtb2RlImAKICAgIHBheWxvYWQ9J3siY2xhc3MiOiJBREMiLCJzY2hlbWFWZXJzaW9uIjoiMy4wLjAiLCJsYWJlbCI6ImF1dG9zY2FsZV93YWYiLCJpZCI6IkFVVE9TQ0FMRV9XQUYiLCJyZW1hcmsiOiJBdXRvc2NhbGUgV0FGIiwid2FmIjp7ImNsYXNzIjoiVGVuYW50IiwiU2hhcmVkIjp7ImNsYXNzIjoiQXBwbGljYXRpb24iLCJ0ZW1wbGF0ZSI6InNoYXJlZCIsInNlcnZpY2VBZGRyZXNzIjp7ImNsYXNzIjoiU2VydmljZV9BZGRyZXNzIiwidmlydHVhbEFkZHJlc3MiOiIwLjAuMC4wIn0sInBvbGljeVdBRiI6eyJjbGFzcyI6IldBRl9Qb2xpY3kiLCJmaWxlIjoiL3RtcC9hczMwLWxpbnV4LW1lZGl1bS54bWwifX0sImh0dHAiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cCIsInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFAiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjgwLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHMiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJjbGllbnRUTFMiOnsiY2xhc3MiOiJUTFNfQ2xpZW50In0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cHMiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo0NDMsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUFMiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjQ0Mywic2VydmVyVExTIjoic2VydmVyVExTIiwiY2xpZW50VExTIjoiY2xpZW50VExTIiwicmVkaXJlY3Q4MCI6dHJ1ZSwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX0sImh0dHBzX29mZmxvYWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJwb29sIjp7ImNsYXNzIjoiUG9vbCIsIm1vbml0b3JzIjpbImh0dHAiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo4MCwiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNlcnZlclRMUyI6InNlcnZlclRMUyIsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19fX0nCgogICAgIyB2ZXJpZnkgdGhhdCB0aGUgY3VzdG9tIHBvbGljeSBpcyBhIFVSTAogICAgaWYgW1sgJGxldmVsID09ICJjdXN0b20iIF1dOyB0aGVuCiAgICAgICAgIGlmIFtbIC1uICRwb2xpY3kgJiYgJHBvbGljeSAhPSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgICAgICAgICAgIGlmIFtbICRwb2xpY3kgPX4gJHVybF9yZWdleCBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBjdXN0b21fcG9saWN5PSRwb2xpY3kKICAgICAgICAgICAgICAgICAgL3Vzci9iaW4vY3VybCAtc2sgJGN1c3RvbV9wb2xpY3kgLS1yZXRyeSAzIC1vIC90bXAvY3VzdG9tX3BvbGljeS54bWwKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL3RtcC9jdXN0b21fcG9saWN5LnhtbCIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICAgZWNobyAiQ3VzdG9tIHBvbGljeSB3YXMgbm90IGEgVVJMLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS1oaWdoLnhtbCIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3Qgc3BlY2lmaWVkLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtJGxldmVsLnhtbCIKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cF9odHRwcyIgfHwgJG1vZGUgPT0gImh0dHBzX29mZmxvYWQiIF1dOyB0aGVuCiAgICAgICAgIGNoYWluPSIvQ29tbW9uL2NhLWJ1bmRsZS5jcnQiCgogICAgICAgICBlY2hvICJTdGFydGluZyBDZXJ0aWZpY2F0ZSBkb3dubG9hZCIKCiAgICAgICAgIGNlcnRpZmljYXRlX2xvY2F0aW9uPSRzc2xfY2VydAoKICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrIC11ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAgLVggUE9TVCAtSCAiQ29udGVudC10eXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3RtL3V0aWwvYmFzaCAtZCAneyAiY29tbWFuZCI6InJ1biIsInV0aWxDbWRBcmdzIjoiLWMgXCJjdXJsIC1rIC1zIC1mIC0tcmV0cnkgNSAtLXJldHJ5LWRlbGF5IDEwIC0tcmV0cnktbWF4LXRpbWUgMTAgLW8gL2NvbmZpZy90bXAucGZ4ICckY2VydGlmaWNhdGVfbG9jYXRpb24nXCIiIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBkb3dubG9hZCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBTU0wgY2VydDsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZXhpdCAxCiAgICAgICAgIGZpCgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vc3lzL2NyeXB0by9wa2NzMTIgLWQgJ3siY29tbWFuZCI6ICJpbnN0YWxsIiwibmFtZSI6ICJ3YWZDZXJ0Iiwib3B0aW9ucyI6IFsgeyAiZnJvbS1sb2NhbC1maWxlIjogIi9jb25maWcvdG1wLnBmeCIgfSwgeyAicGFzc3BocmFzZSI6ICInIiRzc2xfcGFzc3dkIiciIH0gXSB9JyAtbyAvZGV2L251bGwpCgogICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgIF1dOyB0aGVuCiAgICAgICAgICAgICAgZWNobyAiQ2VydGlmaWNhdGUgaW5zdGFsbCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBpbnN0YWxsIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKICAgIGZpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBhc21fcG9saWN5ICRhc21fcG9saWN5ICcgLndhZi5TaGFyZWQucG9saWN5V0FGLmZpbGUgPSAkYXNtX3BvbGljeScpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX2h0dHBfcG9ydCAkcG9vbF9odHRwX3BvcnQgLS1hcmcgcG9vbF9odHRwc19wb3J0ICRwb29sX2h0dHBzX3BvcnQgLS1hcmcgdnNfaHR0cF9wb3J0ICR2c19odHRwX3BvcnQgLS1hcmcgdnNfaHR0cHNfcG9ydCAkdnNfaHR0cHNfcG9ydCAnIC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwcy5zZXJ2aWNlTWFpbi52aXJ0dWFsUG9ydCA9ICgkdnNfaHR0cHNfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpJykKCiAgICBpZiBbWyAkcG9vbF9tZW1iZXIgPX4gJGlwX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8ICBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXInKQogICAgZWxzZQogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpJykKCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgLS1hcmcgcG9vbF9tZW1iZXIgJHBvb2xfbWVtYmVyICcud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyJykKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHAiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHMpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCknKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cCkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsaWYgW1sgJG1vZGUgPT0gImh0dHBfaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCkgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnJlZGlyZWN0ODAgPSBmYWxzZSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsc2UKICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIucHJpdmF0ZUtleS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQua2V5IicpCiAgICBmaQoKICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCAiJHBheWxvYWQiIC1vIC9kZXYvbnVsbCkKCiAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiAgXV07IHRoZW4KICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgIGVsc2UKICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICBleGl0IDEKICAgICBmaQogZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -815,7 +679,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-existing-stack-supported-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-existing-stack-supported-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -956,7 +820,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json index bcefef173c..aabdeb6c81 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/README.md b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/README.md index cde4f31a7f..4cccfc5b7a 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/README.md +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/README.md @@ -64,6 +64,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - All autoscale via-lb and failover via-lb templates now deploy Standard SKU Azure Load Balancers. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -113,7 +114,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -141,7 +142,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -308,7 +309,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.json b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.json index 0079c9512b..ae2346a75a 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,81 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -232,7 +157,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -537,63 +462,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -612,7 +480,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -643,11 +511,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -m ', parameters('applicationProtocols'), ' -n ', parameters('applicationAddress'), ' -j ', parameters('applicationPort'), ' -k ', parameters('applicationSecurePort'), ' -h ', parameters('applicationPort'), ' -s ', parameters('applicationSecurePort'), ' -t ', toLower(parameters('applicationType')), ' -l ', toLower(parameters('blockingLevel')), ' -a ', parameters('customPolicy'), ' -c ', parameters('sslCert'), ' -r ', parameters('sslPswd'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBpcF9yZWdleD0nXlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM30kJwogICAgZGZsX21nbXRfcG9ydD1gdG1zaCBsaXN0IHN5cyBodHRwZCBzc2wtcG9ydCB8IGdyZXAgc3NsLXBvcnQgfCBzZWQgJ3Mvc3NsLXBvcnQgLy87cy8gLy9nJ2AKICAgIG1vZGU9YHNlZCAicy8tL18vZyIgPDw8IiRtb2RlImAKICAgIHBheWxvYWQ9J3siY2xhc3MiOiJBREMiLCJzY2hlbWFWZXJzaW9uIjoiMy4wLjAiLCJsYWJlbCI6ImF1dG9zY2FsZV93YWYiLCJpZCI6IkFVVE9TQ0FMRV9XQUYiLCJyZW1hcmsiOiJBdXRvc2NhbGUgV0FGIiwid2FmIjp7ImNsYXNzIjoiVGVuYW50IiwiU2hhcmVkIjp7ImNsYXNzIjoiQXBwbGljYXRpb24iLCJ0ZW1wbGF0ZSI6InNoYXJlZCIsInNlcnZpY2VBZGRyZXNzIjp7ImNsYXNzIjoiU2VydmljZV9BZGRyZXNzIiwidmlydHVhbEFkZHJlc3MiOiIwLjAuMC4wIn0sInBvbGljeVdBRiI6eyJjbGFzcyI6IldBRl9Qb2xpY3kiLCJmaWxlIjoiL3RtcC9hczMwLWxpbnV4LW1lZGl1bS54bWwifX0sImh0dHAiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cCIsInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFAiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjgwLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHMiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJjbGllbnRUTFMiOnsiY2xhc3MiOiJUTFNfQ2xpZW50In0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cHMiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo0NDMsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUFMiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjQ0Mywic2VydmVyVExTIjoic2VydmVyVExTIiwiY2xpZW50VExTIjoiY2xpZW50VExTIiwicmVkaXJlY3Q4MCI6dHJ1ZSwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX0sImh0dHBzX29mZmxvYWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJwb29sIjp7ImNsYXNzIjoiUG9vbCIsIm1vbml0b3JzIjpbImh0dHAiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo4MCwiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNlcnZlclRMUyI6InNlcnZlclRMUyIsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19fX0nCgogICAgIyB2ZXJpZnkgdGhhdCB0aGUgY3VzdG9tIHBvbGljeSBpcyBhIFVSTAogICAgaWYgW1sgJGxldmVsID09ICJjdXN0b20iIF1dOyB0aGVuCiAgICAgICAgIGlmIFtbIC1uICRwb2xpY3kgJiYgJHBvbGljeSAhPSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgICAgICAgICAgIGlmIFtbICRwb2xpY3kgPX4gJHVybF9yZWdleCBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBjdXN0b21fcG9saWN5PSRwb2xpY3kKICAgICAgICAgICAgICAgICAgL3Vzci9iaW4vY3VybCAtc2sgJGN1c3RvbV9wb2xpY3kgLS1yZXRyeSAzIC1vIC90bXAvY3VzdG9tX3BvbGljeS54bWwKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL3RtcC9jdXN0b21fcG9saWN5LnhtbCIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICAgZWNobyAiQ3VzdG9tIHBvbGljeSB3YXMgbm90IGEgVVJMLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS1oaWdoLnhtbCIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3Qgc3BlY2lmaWVkLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtJGxldmVsLnhtbCIKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cF9odHRwcyIgfHwgJG1vZGUgPT0gImh0dHBzX29mZmxvYWQiIF1dOyB0aGVuCiAgICAgICAgIGNoYWluPSIvQ29tbW9uL2NhLWJ1bmRsZS5jcnQiCgogICAgICAgICBlY2hvICJTdGFydGluZyBDZXJ0aWZpY2F0ZSBkb3dubG9hZCIKCiAgICAgICAgIGNlcnRpZmljYXRlX2xvY2F0aW9uPSRzc2xfY2VydAoKICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrIC11ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAgLVggUE9TVCAtSCAiQ29udGVudC10eXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3RtL3V0aWwvYmFzaCAtZCAneyAiY29tbWFuZCI6InJ1biIsInV0aWxDbWRBcmdzIjoiLWMgXCJjdXJsIC1rIC1zIC1mIC0tcmV0cnkgNSAtLXJldHJ5LWRlbGF5IDEwIC0tcmV0cnktbWF4LXRpbWUgMTAgLW8gL2NvbmZpZy90bXAucGZ4ICckY2VydGlmaWNhdGVfbG9jYXRpb24nXCIiIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBkb3dubG9hZCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBTU0wgY2VydDsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZXhpdCAxCiAgICAgICAgIGZpCgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vc3lzL2NyeXB0by9wa2NzMTIgLWQgJ3siY29tbWFuZCI6ICJpbnN0YWxsIiwibmFtZSI6ICJ3YWZDZXJ0Iiwib3B0aW9ucyI6IFsgeyAiZnJvbS1sb2NhbC1maWxlIjogIi9jb25maWcvdG1wLnBmeCIgfSwgeyAicGFzc3BocmFzZSI6ICInIiRzc2xfcGFzc3dkIiciIH0gXSB9JyAtbyAvZGV2L251bGwpCgogICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgIF1dOyB0aGVuCiAgICAgICAgICAgICAgZWNobyAiQ2VydGlmaWNhdGUgaW5zdGFsbCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBpbnN0YWxsIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKICAgIGZpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBhc21fcG9saWN5ICRhc21fcG9saWN5ICcgLndhZi5TaGFyZWQucG9saWN5V0FGLmZpbGUgPSAkYXNtX3BvbGljeScpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX2h0dHBfcG9ydCAkcG9vbF9odHRwX3BvcnQgLS1hcmcgcG9vbF9odHRwc19wb3J0ICRwb29sX2h0dHBzX3BvcnQgLS1hcmcgdnNfaHR0cF9wb3J0ICR2c19odHRwX3BvcnQgLS1hcmcgdnNfaHR0cHNfcG9ydCAkdnNfaHR0cHNfcG9ydCAnIC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwcy5zZXJ2aWNlTWFpbi52aXJ0dWFsUG9ydCA9ICgkdnNfaHR0cHNfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpJykKCiAgICBpZiBbWyAkcG9vbF9tZW1iZXIgPX4gJGlwX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8ICBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXInKQogICAgZWxzZQogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpJykKCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgLS1hcmcgcG9vbF9tZW1iZXIgJHBvb2xfbWVtYmVyICcud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyJykKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHAiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHMpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCknKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cCkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsaWYgW1sgJG1vZGUgPT0gImh0dHBfaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCkgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnJlZGlyZWN0ODAgPSBmYWxzZSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsc2UKICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIucHJpdmF0ZUtleS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQua2V5IicpCiAgICBmaQoKICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCAiJHBheWxvYWQiIC1vIC9kZXYvbnVsbCkKCiAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiAgXV07IHRoZW4KICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgIGVsc2UKICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICBleGl0IDEKICAgICBmaQogZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -779,7 +643,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-existing-stack-supported-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-existing-stack-supported-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1053,7 +917,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json index 7d84f61f8d..d1e0a14855 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/README.md b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/README.md index b5195d8549..991d0edf12 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/README.md +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/README.md @@ -61,6 +61,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - All autoscale via-lb and failover via-lb templates now deploy Standard SKU Azure Load Balancers. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -110,7 +111,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -132,7 +133,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | @@ -299,7 +300,7 @@ This solution requires access to the Azure API to correctly configure both the B #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal) to generate the service principal. #### 2. Azure CLI diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.json b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.json index 390a5b94e8..10cc491066 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.json +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,81 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -202,7 +127,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -507,63 +432,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -582,7 +450,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -613,11 +481,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -m ', parameters('applicationProtocols'), ' -n ', parameters('applicationAddress'), ' -j ', parameters('applicationPort'), ' -k ', parameters('applicationSecurePort'), ' -h ', parameters('applicationPort'), ' -s ', parameters('applicationSecurePort'), ' -t ', toLower(parameters('applicationType')), ' -l ', toLower(parameters('blockingLevel')), ' -a ', parameters('customPolicy'), ' -c ', parameters('sslCert'), ' -r ', parameters('sslPswd'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBpcF9yZWdleD0nXlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM31cLlswLTldezEsM30kJwogICAgZGZsX21nbXRfcG9ydD1gdG1zaCBsaXN0IHN5cyBodHRwZCBzc2wtcG9ydCB8IGdyZXAgc3NsLXBvcnQgfCBzZWQgJ3Mvc3NsLXBvcnQgLy87cy8gLy9nJ2AKICAgIG1vZGU9YHNlZCAicy8tL18vZyIgPDw8IiRtb2RlImAKICAgIHBheWxvYWQ9J3siY2xhc3MiOiJBREMiLCJzY2hlbWFWZXJzaW9uIjoiMy4wLjAiLCJsYWJlbCI6ImF1dG9zY2FsZV93YWYiLCJpZCI6IkFVVE9TQ0FMRV9XQUYiLCJyZW1hcmsiOiJBdXRvc2NhbGUgV0FGIiwid2FmIjp7ImNsYXNzIjoiVGVuYW50IiwiU2hhcmVkIjp7ImNsYXNzIjoiQXBwbGljYXRpb24iLCJ0ZW1wbGF0ZSI6InNoYXJlZCIsInNlcnZpY2VBZGRyZXNzIjp7ImNsYXNzIjoiU2VydmljZV9BZGRyZXNzIiwidmlydHVhbEFkZHJlc3MiOiIwLjAuMC4wIn0sInBvbGljeVdBRiI6eyJjbGFzcyI6IldBRl9Qb2xpY3kiLCJmaWxlIjoiL3RtcC9hczMwLWxpbnV4LW1lZGl1bS54bWwifX0sImh0dHAiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cCIsInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFAiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjgwLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHMiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJjbGllbnRUTFMiOnsiY2xhc3MiOiJUTFNfQ2xpZW50In0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cHMiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo0NDMsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUFMiLCJ2aXJ0dWFsQWRkcmVzc2VzIjpbeyJ1c2UiOiIvd2FmL1NoYXJlZC9zZXJ2aWNlQWRkcmVzcyJ9XSwidmlydHVhbFBvcnQiOjQ0Mywic2VydmVyVExTIjoic2VydmVyVExTIiwiY2xpZW50VExTIjoiY2xpZW50VExTIiwicmVkaXJlY3Q4MCI6dHJ1ZSwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX0sImh0dHBzX29mZmxvYWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoiaHR0cHMiLCJzZXJ2ZXJUTFMiOnsiY2xhc3MiOiJUTFNfU2VydmVyIiwiY2VydGlmaWNhdGVzIjpbeyJjZXJ0aWZpY2F0ZSI6ImNlcnRTZXJ2ZXIifV0sImF1dGhlbnRpY2F0aW9uVHJ1c3RDQSI6eyJiaWdpcCI6Ii9Db21tb24vY2EtYnVuZGxlLmNydCJ9fSwiY2VydFNlcnZlciI6eyJjbGFzcyI6IkNlcnRpZmljYXRlIiwiY2VydGlmaWNhdGUiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQuY3J0In0sInByaXZhdGVLZXkiOnsiYmlnaXAiOiIvQ29tbW9uL3dhZkNlcnQua2V5In19LCJwb29sIjp7ImNsYXNzIjoiUG9vbCIsIm1vbml0b3JzIjpbImh0dHAiXSwibWVtYmVycyI6W3siYWRkcmVzc0Rpc2NvdmVyeSI6ImZxZG4iLCJhdXRvUG9wdWxhdGUiOnRydWUsInNlcnZpY2VQb3J0Ijo4MCwiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNlcnZlclRMUyI6InNlcnZlclRMUyIsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19fX0nCgogICAgIyB2ZXJpZnkgdGhhdCB0aGUgY3VzdG9tIHBvbGljeSBpcyBhIFVSTAogICAgaWYgW1sgJGxldmVsID09ICJjdXN0b20iIF1dOyB0aGVuCiAgICAgICAgIGlmIFtbIC1uICRwb2xpY3kgJiYgJHBvbGljeSAhPSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgICAgICAgICAgIGlmIFtbICRwb2xpY3kgPX4gJHVybF9yZWdleCBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBjdXN0b21fcG9saWN5PSRwb2xpY3kKICAgICAgICAgICAgICAgICAgL3Vzci9iaW4vY3VybCAtc2sgJGN1c3RvbV9wb2xpY3kgLS1yZXRyeSAzIC1vIC90bXAvY3VzdG9tX3BvbGljeS54bWwKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL3RtcC9jdXN0b21fcG9saWN5LnhtbCIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICAgZWNobyAiQ3VzdG9tIHBvbGljeSB3YXMgbm90IGEgVVJMLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS1oaWdoLnhtbCIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3Qgc3BlY2lmaWVkLCBkZWZhdWx0aW5nIHRvIGhpZ2giCiAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtJGxldmVsLnhtbCIKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cF9odHRwcyIgfHwgJG1vZGUgPT0gImh0dHBzX29mZmxvYWQiIF1dOyB0aGVuCiAgICAgICAgIGNoYWluPSIvQ29tbW9uL2NhLWJ1bmRsZS5jcnQiCgogICAgICAgICBlY2hvICJTdGFydGluZyBDZXJ0aWZpY2F0ZSBkb3dubG9hZCIKCiAgICAgICAgIGNlcnRpZmljYXRlX2xvY2F0aW9uPSRzc2xfY2VydAoKICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrIC11ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAgLVggUE9TVCAtSCAiQ29udGVudC10eXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3RtL3V0aWwvYmFzaCAtZCAneyAiY29tbWFuZCI6InJ1biIsInV0aWxDbWRBcmdzIjoiLWMgXCJjdXJsIC1rIC1zIC1mIC0tcmV0cnkgNSAtLXJldHJ5LWRlbGF5IDEwIC0tcmV0cnktbWF4LXRpbWUgMTAgLW8gL2NvbmZpZy90bXAucGZ4ICckY2VydGlmaWNhdGVfbG9jYXRpb24nXCIiIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBkb3dubG9hZCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBTU0wgY2VydDsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZXhpdCAxCiAgICAgICAgIGZpCgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vc3lzL2NyeXB0by9wa2NzMTIgLWQgJ3siY29tbWFuZCI6ICJpbnN0YWxsIiwibmFtZSI6ICJ3YWZDZXJ0Iiwib3B0aW9ucyI6IFsgeyAiZnJvbS1sb2NhbC1maWxlIjogIi9jb25maWcvdG1wLnBmeCIgfSwgeyAicGFzc3BocmFzZSI6ICInIiRzc2xfcGFzc3dkIiciIH0gXSB9JyAtbyAvZGV2L251bGwpCgogICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgIF1dOyB0aGVuCiAgICAgICAgICAgICAgZWNobyAiQ2VydGlmaWNhdGUgaW5zdGFsbCBjb21wbGV0ZS4iCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBpbnN0YWxsIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKICAgIGZpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBhc21fcG9saWN5ICRhc21fcG9saWN5ICcgLndhZi5TaGFyZWQucG9saWN5V0FGLmZpbGUgPSAkYXNtX3BvbGljeScpCgogICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX2h0dHBfcG9ydCAkcG9vbF9odHRwX3BvcnQgLS1hcmcgcG9vbF9odHRwc19wb3J0ICRwb29sX2h0dHBzX3BvcnQgLS1hcmcgdnNfaHR0cF9wb3J0ICR2c19odHRwX3BvcnQgLS1hcmcgdnNfaHR0cHNfcG9ydCAkdnNfaHR0cHNfcG9ydCAnIC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwcy5zZXJ2aWNlTWFpbi52aXJ0dWFsUG9ydCA9ICgkdnNfaHR0cHNfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uc2VydmljZVBvcnQgPSAoJHBvb2xfaHR0cF9wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpJykKCiAgICBpZiBbWyAkcG9vbF9tZW1iZXIgPX4gJGlwX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8ICBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uYWRkcmVzc0Rpc2NvdmVyeSknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzWzBdID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXInKQogICAgZWxzZQogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXMpJykKCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgLS1hcmcgcG9vbF9tZW1iZXIgJHBvb2xfbWVtYmVyICcud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyIHwgLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lID0gJHBvb2xfbWVtYmVyJykKICAgIGZpCgogICAgaWYgW1sgJG1vZGUgPT0gImh0dHAiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHMpIHwgZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCknKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cCkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsaWYgW1sgJG1vZGUgPT0gImh0dHBfaHR0cHMiIF1dOyB0aGVuCiAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cHNfb2ZmbG9hZCkgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnJlZGlyZWN0ODAgPSBmYWxzZSB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5jZXJ0aWZpY2F0ZS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQuY3J0IiB8IC53YWYuaHR0cHMuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGVsc2UKICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzKSB8IC53YWYuaHR0cHNfb2ZmbG9hZC5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIucHJpdmF0ZUtleS5iaWdpcCA9ICIvQ29tbW9uL3dhZkNlcnQua2V5IicpCiAgICBmaQoKICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgLUggIkV4cGVjdDoiIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCAiJHBheWxvYWQiIC1vIC9kZXYvbnVsbCkKCiAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiAgXV07IHRoZW4KICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgIGVsc2UKICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgZXhpdGluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICBleGl0IDEKICAgICBmaQogZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachineScaleSets', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -792,7 +656,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-existing-stack-supported-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-existing-stack-supported-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1066,7 +930,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json index 88c368db7d..04f3d4c5a2 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/README.md b/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/README.md index 0525e03fc3..cbf1b25d88 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/README.md +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/README.md @@ -78,6 +78,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - Using dynamic assignment for TMM interface is leveraged for initial deployment convenience and a requirement for some environments but not recommended in most production environments. IP configs can be converted to static post deployment - Address translation is done by enabling ip forwarding [Azure documentaion](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface#enable-or-disable-ip-forwarding) +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -127,7 +128,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -164,7 +165,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.json b/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.json index 94b82da70d..d3811ef682 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -315,7 +245,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -513,63 +443,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -597,7 +470,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -660,11 +533,7 @@ "extSubnetPrivateAddress1": "[concat(variables('extSubnetSelfPrivateAddressPrefix'), variables('extSubnetSelfPrivateAddressSuffix'))]", "intSubnetPrivateAddress1": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -753,7 +622,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-existing-stack-supported-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-existing-stack-supported-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1185,7 +1054,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.parameters.json index c8a559873d..0c98a9869f 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/byol/README.md b/supported/failover/same-net/via-api/n-nic/existing-stack/byol/README.md index 991aac4d64..ce688448fd 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/byol/README.md +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/byol/README.md @@ -77,6 +77,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - Using dynamic assignment for TMM interface is leveraged for initial deployment convenience and a requirement for some environments but not recommended in most production environments. IP configs can be converted to static post deployment - Address translation is done by enabling ip forwarding [Azure documentaion](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface#enable-or-disable-ip-forwarding) +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -126,7 +127,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -159,7 +160,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.json b/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.json index 9ce7656244..b3707b952a 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.json +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -291,7 +221,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -489,63 +419,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -573,7 +446,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -636,11 +509,7 @@ "extSubnetPrivateAddress1": "[concat(variables('extSubnetSelfPrivateAddressPrefix'), variables('extSubnetSelfPrivateAddressSuffix'))]", "intSubnetPrivateAddress1": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -729,7 +598,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-existing-stack-supported-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-existing-stack-supported-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1161,7 +1030,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.parameters.json b/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.parameters.json index beb3e10f25..0d7f4ea2f3 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/payg/README.md b/supported/failover/same-net/via-api/n-nic/existing-stack/payg/README.md index dbdddf2417..121722ad58 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/payg/README.md +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/payg/README.md @@ -75,6 +75,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. - Using dynamic assignment for TMM interface is leveraged for initial deployment convenience and a requirement for some environments but not recommended in most production environments. IP configs can be converted to static post deployment - Address translation is done by enabling ip forwarding [Azure documentaion](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface#enable-or-disable-ip-forwarding) +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -124,7 +125,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -155,7 +156,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.json b/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.json index 4d87369f0c..28c3520e37 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.json +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -293,7 +223,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -491,63 +421,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -575,7 +448,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -638,11 +511,7 @@ "extSubnetPrivateAddress1": "[concat(variables('extSubnetSelfPrivateAddressPrefix'), variables('extSubnetSelfPrivateAddressSuffix'))]", "intSubnetPrivateAddress1": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -774,7 +643,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-existing-stack-supported-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-existing-stack-supported-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1206,7 +1075,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.parameters.json b/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.parameters.json index 8654f7d3fe..e080b06f76 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/README.md b/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/README.md index 64db22a8ea..a2e5bf09af 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/README.md +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/README.md @@ -55,6 +55,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -104,7 +105,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -134,7 +135,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.json b/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.json index f009652a05..be4b1e0c59 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -252,7 +175,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -323,63 +246,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -398,7 +264,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -430,11 +296,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -514,7 +376,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-existing-stack-supported-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-existing-stack-supported-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -782,7 +644,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json index 455e03b703..03c564feaa 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/byol/README.md b/supported/failover/same-net/via-lb/1nic/existing-stack/byol/README.md index e5938c78d8..fa789c41e5 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/byol/README.md +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/byol/README.md @@ -54,6 +54,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -103,7 +104,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -129,7 +130,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.json b/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.json index 1cdaf41369..50de0c327c 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.json +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -228,7 +151,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -299,63 +222,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -374,7 +240,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -406,11 +272,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -490,7 +352,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-existing-stack-supported-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-existing-stack-supported-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -758,7 +620,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.parameters.json index ffba120b8d..e3250e7168 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/payg/README.md b/supported/failover/same-net/via-lb/1nic/existing-stack/payg/README.md index 15333cc2a6..0636f0174f 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/payg/README.md +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/payg/README.md @@ -52,6 +52,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -101,7 +102,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -125,7 +126,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.json b/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.json index 75b397b49c..cd0ea06afd 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.json +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -33,83 +33,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -230,7 +153,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -301,63 +224,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -376,7 +242,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -408,11 +274,7 @@ "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -535,7 +397,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-existing-stack-supported-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-existing-stack-supported-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -803,7 +665,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json index 33558b9214..8fb941d94b 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/README.md b/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/README.md index 4a2268c870..d09abe7858 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/README.md +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/README.md @@ -69,6 +69,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - The provisionPublicIPApp parameter controls the creation of an external Azure load balancer targeting the external BIG-IP network interfaces. When Yes is selected, a load balancer resource is created and one or more public IP addresses are assigned to its front end configuration. The number of public IP addresses corresponds to the number specified in the numberOfExternalIps parameter. When No is selected, the numberOfExternalIps choice is **ignored** and no external load balancer is deployed. When selecting No to provisionPublicIp and Yes to provisionPublicIpApp, an outbound load balancing rule is configured on the external load balancer to provide SNAT for connections to the Internet. You may remove this rule once the template deployment has succeeded. - The provisionInternalLoadBalancer parameter controls the creation of an internal Azure load balancer targeting the internal BIG-IP network interfaces. Selecting Yes deploys an internal load balancer with the HA Ports feature (all-protocol load balancing rule) enabled. NOTE: In order to download required libraries, the BIG-IP internal interfaces are not configured in the load balancer backend pool by default. You must update the load balancer configuration after deployment completes. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -118,7 +119,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -159,7 +160,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.json b/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.json index df16608924..28309797b1 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -99,76 +99,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -355,7 +285,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -416,63 +346,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -491,7 +364,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -551,11 +424,7 @@ "intSubnetPrivateAddress3": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix2'))]", "internalLoadBalancerAddress": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix3'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -678,7 +547,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-existing-stack-supported-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-existing-stack-supported-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1214,7 +1083,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.parameters.json index e93cd33b0c..20e3fa6a22 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/byol/README.md b/supported/failover/same-net/via-lb/3nic/existing-stack/byol/README.md index 2cfaf52212..7ad17052b9 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/byol/README.md +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/byol/README.md @@ -68,6 +68,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - The provisionPublicIPApp parameter controls the creation of an external Azure load balancer targeting the external BIG-IP network interfaces. When Yes is selected, a load balancer resource is created and one or more public IP addresses are assigned to its front end configuration. The number of public IP addresses corresponds to the number specified in the numberOfExternalIps parameter. When No is selected, the numberOfExternalIps choice is **ignored** and no external load balancer is deployed. When selecting No to provisionPublicIp and Yes to provisionPublicIpApp, an outbound load balancing rule is configured on the external load balancer to provide SNAT for connections to the Internet. You may remove this rule once the template deployment has succeeded. - The provisionInternalLoadBalancer parameter controls the creation of an internal Azure load balancer targeting the internal BIG-IP network interfaces. Selecting Yes deploys an internal load balancer with the HA Ports feature (all-protocol load balancing rule) enabled. NOTE: In order to download required libraries, the BIG-IP internal interfaces are not configured in the load balancer backend pool by default. You must update the load balancer configuration after deployment completes. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -117,7 +118,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -154,7 +155,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.json b/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.json index a717503889..9b17ce07b8 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.json +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -99,76 +99,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -331,7 +261,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -392,63 +322,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -467,7 +340,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -527,11 +400,7 @@ "intSubnetPrivateAddress3": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix2'))]", "internalLoadBalancerAddress": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix3'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -654,7 +523,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-existing-stack-supported-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-existing-stack-supported-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1190,7 +1059,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.parameters.json index be1257a4a9..f8df304394 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/payg/README.md b/supported/failover/same-net/via-lb/3nic/existing-stack/payg/README.md index 77db2b647a..f0af7e6572 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/payg/README.md +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/payg/README.md @@ -66,6 +66,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - The provisionPublicIPApp parameter controls the creation of an external Azure load balancer targeting the external BIG-IP network interfaces. When Yes is selected, a load balancer resource is created and one or more public IP addresses are assigned to its front end configuration. The number of public IP addresses corresponds to the number specified in the numberOfExternalIps parameter. When No is selected, the numberOfExternalIps choice is **ignored** and no external load balancer is deployed. When selecting No to provisionPublicIp and Yes to provisionPublicIpApp, an outbound load balancing rule is configured on the external load balancer to provide SNAT for connections to the Internet. You may remove this rule once the template deployment has succeeded. - The provisionInternalLoadBalancer parameter controls the creation of an internal Azure load balancer targeting the internal BIG-IP network interfaces. Selecting Yes deploys an internal load balancer with the HA Ports feature (all-protocol load balancing rule) enabled. NOTE: In order to download required libraries, the BIG-IP internal interfaces are not configured in the load balancer backend pool by default. You must update the load balancer configuration after deployment completes. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -115,7 +116,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -150,7 +151,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.json b/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.json index 3e998963a7..88fb6a9718 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.json +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -99,76 +99,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -333,7 +263,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -394,63 +324,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -469,7 +342,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -529,11 +402,7 @@ "intSubnetPrivateAddress3": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix2'))]", "internalLoadBalancerAddress": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix3'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -699,7 +568,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-existing-stack-supported-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-existing-stack-supported-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -1235,7 +1104,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.parameters.json index e9faba7399..17f6ef7d01 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/solutions/marketplace/ltm/autoscale/README.md b/supported/solutions/marketplace/ltm/autoscale/README.md index 0d16c467ae..ffb8a07bbc 100644 --- a/supported/solutions/marketplace/ltm/autoscale/README.md +++ b/supported/solutions/marketplace/ltm/autoscale/README.md @@ -151,7 +151,7 @@ The end result should be possession of a client(application) ID, tenant ID and s #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal/) to generate the service principal. #### 2. Azure CLI diff --git a/supported/solutions/marketplace/waf/autoscale/README.md b/supported/solutions/marketplace/waf/autoscale/README.md index 8b02737fa8..eb8c078cfd 100644 --- a/supported/solutions/marketplace/waf/autoscale/README.md +++ b/supported/solutions/marketplace/waf/autoscale/README.md @@ -159,7 +159,7 @@ The end result should be possession of a client(application) ID, tenant ID and s #### 1. Azure Portal -Follow the steps outlined in the [Azure Portal documentation](https://azure.microsoft.com/en-us/documentation/articles/resource-group-create-service-principal-portal/) to generate the service principal. +Follow the steps outlined in the [Azure Portal documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal/) to generate the service principal. #### 2. Azure CLI diff --git a/supported/standalone/1nic/existing-stack/bigiq/README.md b/supported/standalone/1nic/existing-stack/bigiq/README.md index 9dc0a62654..f48440db80 100644 --- a/supported/standalone/1nic/existing-stack/bigiq/README.md +++ b/supported/standalone/1nic/existing-stack/bigiq/README.md @@ -55,6 +55,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -104,7 +105,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fstandalone%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fstandalone%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -137,7 +138,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.json b/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.json index 3d8daccd70..ea254a2f04 100644 --- a/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -40,83 +40,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -280,7 +203,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -341,63 +264,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -416,7 +282,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -451,11 +317,7 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -527,7 +389,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-existing-stack-supported-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-existing-stack-supported-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -674,7 +536,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.parameters.json index 9931785c26..c79874e91f 100644 --- a/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/1nic/existing-stack/byol/README.md b/supported/standalone/1nic/existing-stack/byol/README.md index 1a1310822b..e0e585f492 100644 --- a/supported/standalone/1nic/existing-stack/byol/README.md +++ b/supported/standalone/1nic/existing-stack/byol/README.md @@ -54,6 +54,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -103,7 +104,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fstandalone%2F1nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fstandalone%2F1nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -131,7 +132,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/standalone/1nic/existing-stack/byol/azuredeploy.json b/supported/standalone/1nic/existing-stack/byol/azuredeploy.json index 146ad42d32..29ab20e148 100644 --- a/supported/standalone/1nic/existing-stack/byol/azuredeploy.json +++ b/supported/standalone/1nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -40,83 +40,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -249,7 +172,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -310,63 +233,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -385,7 +251,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -420,11 +286,7 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -496,7 +358,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-existing-stack-supported-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-existing-stack-supported-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -643,7 +505,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/standalone/1nic/existing-stack/byol/azuredeploy.parameters.json b/supported/standalone/1nic/existing-stack/byol/azuredeploy.parameters.json index 3fb10e8bf3..cc116e59aa 100644 --- a/supported/standalone/1nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/standalone/1nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/1nic/existing-stack/payg/README.md b/supported/standalone/1nic/existing-stack/payg/README.md index 950f7a46e0..3d5f6015df 100644 --- a/supported/standalone/1nic/existing-stack/payg/README.md +++ b/supported/standalone/1nic/existing-stack/payg/README.md @@ -52,6 +52,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - Previous tagged releases can be used to reference functionality that has been changed or removed. - All templates now deploy Standard SKU Azure Public IP Addresses. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -101,7 +102,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fstandalone%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fstandalone%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -128,7 +129,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/standalone/1nic/existing-stack/payg/azuredeploy.json b/supported/standalone/1nic/existing-stack/payg/azuredeploy.json index 3dc84e5103..b1c433f745 100644 --- a/supported/standalone/1nic/existing-stack/payg/azuredeploy.json +++ b/supported/standalone/1nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -40,83 +40,6 @@ "type": "string" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -260,7 +183,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -321,63 +244,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -396,7 +262,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -431,11 +297,7 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -550,7 +412,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-existing-stack-supported-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-existing-stack-supported-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -697,7 +559,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/standalone/1nic/existing-stack/payg/azuredeploy.parameters.json b/supported/standalone/1nic/existing-stack/payg/azuredeploy.parameters.json index 24174d9302..f988a212a1 100644 --- a/supported/standalone/1nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/standalone/1nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/2nic/existing-stack/bigiq/README.md b/supported/standalone/2nic/existing-stack/bigiq/README.md index 65b00f9bd5..437ea0a5f5 100644 --- a/supported/standalone/2nic/existing-stack/bigiq/README.md +++ b/supported/standalone/2nic/existing-stack/bigiq/README.md @@ -57,6 +57,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -106,7 +107,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fstandalone%2F2nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fstandalone%2F2nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -142,7 +143,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.json b/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.json index a6caee54a6..0e1430b312 100644 --- a/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,83 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -323,7 +246,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -384,63 +307,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -459,7 +325,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -507,11 +373,7 @@ "routeCmd": "route", "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -587,7 +449,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-existing-stack-supported-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-existing-stack-supported-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -816,7 +678,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.parameters.json index 40f207eeb9..25300d8d8d 100644 --- a/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/2nic/existing-stack/byol/README.md b/supported/standalone/2nic/existing-stack/byol/README.md index 81d51c46d5..f3122f6c54 100644 --- a/supported/standalone/2nic/existing-stack/byol/README.md +++ b/supported/standalone/2nic/existing-stack/byol/README.md @@ -56,6 +56,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -105,7 +106,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fstandalone%2F2nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fstandalone%2F2nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -136,7 +137,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/standalone/2nic/existing-stack/byol/azuredeploy.json b/supported/standalone/2nic/existing-stack/byol/azuredeploy.json index 6ddfcfd986..92e3f52c22 100644 --- a/supported/standalone/2nic/existing-stack/byol/azuredeploy.json +++ b/supported/standalone/2nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,83 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -292,7 +215,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -353,63 +276,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -428,7 +294,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -476,11 +342,7 @@ "routeCmd": "route", "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -556,7 +418,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-existing-stack-supported-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-existing-stack-supported-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -785,7 +647,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json b/supported/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json index 21c633a55f..28ff214837 100644 --- a/supported/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/2nic/existing-stack/payg/README.md b/supported/standalone/2nic/existing-stack/payg/README.md index fe96b56a2c..0b4e19c649 100644 --- a/supported/standalone/2nic/existing-stack/payg/README.md +++ b/supported/standalone/2nic/existing-stack/payg/README.md @@ -54,6 +54,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -103,7 +104,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fstandalone%2F2nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fstandalone%2F2nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -133,7 +134,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/standalone/2nic/existing-stack/payg/azuredeploy.json b/supported/standalone/2nic/existing-stack/payg/azuredeploy.json index 3c45da0d34..27882eb0b2 100644 --- a/supported/standalone/2nic/existing-stack/payg/azuredeploy.json +++ b/supported/standalone/2nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,83 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A2", - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D2", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2", - "Standard_F4", - "Standard_F8", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G2", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D2s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -303,7 +226,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -364,63 +287,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -439,7 +305,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -487,11 +353,7 @@ "routeCmd": "route", "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -610,7 +472,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-existing-stack-supported-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-existing-stack-supported-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -839,7 +701,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/standalone/2nic/existing-stack/payg/azuredeploy.parameters.json b/supported/standalone/2nic/existing-stack/payg/azuredeploy.parameters.json index 030a6461d4..84bd840e5c 100644 --- a/supported/standalone/2nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/standalone/2nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/3nic/existing-stack/bigiq/README.md b/supported/standalone/3nic/existing-stack/bigiq/README.md index b1aad3bc65..6d0535525c 100644 --- a/supported/standalone/3nic/existing-stack/bigiq/README.md +++ b/supported/standalone/3nic/existing-stack/bigiq/README.md @@ -57,6 +57,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -106,7 +107,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fstandalone%2F3nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fstandalone%2F3nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -144,7 +145,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.json b/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.json index 574de5a8ba..c9a8081626 100644 --- a/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -329,7 +259,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -390,63 +320,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -465,7 +338,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -518,11 +391,7 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -599,7 +468,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-existing-stack-supported-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-existing-stack-supported-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -853,7 +722,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.parameters.json index c84f936371..3c00e4e290 100644 --- a/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/3nic/existing-stack/byol/README.md b/supported/standalone/3nic/existing-stack/byol/README.md index 9ae596dfa9..71bff8c06c 100644 --- a/supported/standalone/3nic/existing-stack/byol/README.md +++ b/supported/standalone/3nic/existing-stack/byol/README.md @@ -56,6 +56,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -105,7 +106,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fstandalone%2F3nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fstandalone%2F3nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -138,7 +139,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/standalone/3nic/existing-stack/byol/azuredeploy.json b/supported/standalone/3nic/existing-stack/byol/azuredeploy.json index 9d4b77a9d3..68b569db63 100644 --- a/supported/standalone/3nic/existing-stack/byol/azuredeploy.json +++ b/supported/standalone/3nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -298,7 +228,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -359,63 +289,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -434,7 +307,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -487,11 +360,7 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -568,7 +437,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-existing-stack-supported-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-existing-stack-supported-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -822,7 +691,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/standalone/3nic/existing-stack/byol/azuredeploy.parameters.json b/supported/standalone/3nic/existing-stack/byol/azuredeploy.parameters.json index c216a34c8a..62db9272ff 100644 --- a/supported/standalone/3nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/standalone/3nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/3nic/existing-stack/payg/README.md b/supported/standalone/3nic/existing-stack/payg/README.md index 7256c4f14d..1b3cf671a4 100644 --- a/supported/standalone/3nic/existing-stack/payg/README.md +++ b/supported/standalone/3nic/existing-stack/payg/README.md @@ -54,6 +54,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -103,7 +104,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fstandalone%2F3nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fstandalone%2F3nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -135,7 +136,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/standalone/3nic/existing-stack/payg/azuredeploy.json b/supported/standalone/3nic/existing-stack/payg/azuredeploy.json index be4c743b36..f2eb962cc6 100644 --- a/supported/standalone/3nic/existing-stack/payg/azuredeploy.json +++ b/supported/standalone/3nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -309,7 +239,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -370,63 +300,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -445,7 +318,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -498,11 +371,7 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -622,7 +491,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-existing-stack-supported-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-existing-stack-supported-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -876,7 +745,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/standalone/3nic/existing-stack/payg/azuredeploy.parameters.json b/supported/standalone/3nic/existing-stack/payg/azuredeploy.parameters.json index 607d01faec..e705d6ab1a 100644 --- a/supported/standalone/3nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/standalone/3nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/n-nic/existing-stack/bigiq/README.md b/supported/standalone/n-nic/existing-stack/bigiq/README.md index 304765c323..ffec9287a3 100644 --- a/supported/standalone/n-nic/existing-stack/bigiq/README.md +++ b/supported/standalone/n-nic/existing-stack/bigiq/README.md @@ -59,6 +59,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -108,7 +109,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fstandalone%2Fn-nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fstandalone%2Fn-nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -146,7 +147,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.json b/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.json index 483c81f6c0..76e929c2e3 100644 --- a/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -329,7 +259,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -458,63 +388,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -533,7 +406,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -586,11 +459,7 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -667,7 +536,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-existing-stack-supported-bigiq,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-existing-stack-supported-bigiq,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -953,7 +822,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.parameters.json index 4e3a864c81..dc87f88a6a 100644 --- a/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/n-nic/existing-stack/byol/README.md b/supported/standalone/n-nic/existing-stack/byol/README.md index cfcd1f4220..0b76b24943 100644 --- a/supported/standalone/n-nic/existing-stack/byol/README.md +++ b/supported/standalone/n-nic/existing-stack/byol/README.md @@ -58,6 +58,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -107,7 +108,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fstandalone%2Fn-nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fstandalone%2Fn-nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters @@ -140,7 +141,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/standalone/n-nic/existing-stack/byol/azuredeploy.json b/supported/standalone/n-nic/existing-stack/byol/azuredeploy.json index f6fe871ae1..d5605e28f1 100644 --- a/supported/standalone/n-nic/existing-stack/byol/azuredeploy.json +++ b/supported/standalone/n-nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -298,7 +228,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -427,63 +357,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -502,7 +375,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -555,11 +428,7 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -636,7 +505,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-existing-stack-supported-byol,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-existing-stack-supported-byol,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -922,7 +791,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/standalone/n-nic/existing-stack/byol/azuredeploy.parameters.json b/supported/standalone/n-nic/existing-stack/byol/azuredeploy.parameters.json index c490705a93..11d95dd199 100644 --- a/supported/standalone/n-nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/standalone/n-nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/n-nic/existing-stack/payg/README.md b/supported/standalone/n-nic/existing-stack/payg/README.md index f6e9713531..1d7425e098 100644 --- a/supported/standalone/n-nic/existing-stack/payg/README.md +++ b/supported/standalone/n-nic/existing-stack/payg/README.md @@ -56,6 +56,7 @@ For information on getting started using F5's ARM templates on GitHub, see [Micr - All templates now deploy Standard SKU Azure Public IP Addresses. - If you choose "No" in response to the provisionPublicIP parameter, the choice for "numberOfExternalIps" is not honored and no public IP addresses are created. - All templates deploy Azure Virtual Machines and Virtual Machine Scale Sets into Availability Zones in supported regions; Availability Sets are still created in unsupported regions. Virtual Machine Scale Sets are distributed across zones 1, 2, and 3; failover Virtual Machines across zones 1 and 2. Standalone Virtual Machines are placed in zone 1 by default; however, you may select zone 1, 2, or 3 using the new zoneChoice parameter. +- This template uses [F5 BIG-IP Runtime Init](https://github.com/F5Networks/f5-bigip-runtime-init) to install F5 Automation Toolchain packages (AS3, DO, CFE, FAST, and TS). You can update the version of one or more packages by editing the template customData variable. For example: To update the AS3 package to the latest version, click on the [Github release page](https://github.com/F5Networks/f5-appsvcs-extension/releases) for the f5-appsvcs-extension. In the template customData variable, in the install_operations section, update the AS3 extensionVersion value to the desired version and the extensionHash value to contents of the RPM sha256 file located in the release assets for that version. You can also add more packages to be installed using the same procedure. ## Security @@ -105,7 +106,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.8.0.0%2Fsupported%2Fstandalone%2Fn-nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv9.9.0.0%2Fsupported%2Fstandalone%2Fn-nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -137,7 +138,7 @@ Use the appropriate button below to deploy: | timeZone | Yes | If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore. | | customImageUrn | Yes | If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all | | customImage | Yes | If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | -| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources | +| restrictedSrcAddress | Yes | This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. | | tagValues | Yes | Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key. | | allowUsageAnalytics | Yes | This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent. | | allowPhoneHome | Yes | This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent. | diff --git a/supported/standalone/n-nic/existing-stack/payg/azuredeploy.json b/supported/standalone/n-nic/existing-stack/payg/azuredeploy.json index 7f8bc7dc9b..5e1c7b01ae 100644 --- a/supported/standalone/n-nic/existing-stack/payg/azuredeploy.json +++ b/supported/standalone/n-nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -70,76 +70,6 @@ "type": "int" }, "instanceType": { - "allowedValues": [ - "Standard_A3", - "Standard_A4", - "Standard_A5", - "Standard_A6", - "Standard_A7", - "Standard_D3", - "Standard_D4", - "Standard_D11", - "Standard_D12", - "Standard_D13", - "Standard_D14", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F4", - "Standard_F8", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_G3", - "Standard_G4", - "Standard_G5", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "defaultValue": "Standard_D8s_v3", "metadata": { "description": "Instance size of the Virtual Machine." @@ -309,7 +239,7 @@ }, "restrictedSrcAddress": { "metadata": { - "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation, or asterisk for all sources" + "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, @@ -438,63 +368,6 @@ } } }, - "premiumInstanceArray": [ - "Standard_DS2", - "Standard_DS3", - "Standard_DS4", - "Standard_DS11", - "Standard_DS12", - "Standard_DS13", - "Standard_DS14", - "Standard_D3_v2", - "Standard_D4_v2", - "Standard_D5_v2", - "Standard_D11_v2", - "Standard_D12_v2", - "Standard_D13_v2", - "Standard_D14_v2", - "Standard_D15_v2", - "Standard_DS3_v2", - "Standard_DS4_v2", - "Standard_DS5_v2", - "Standard_DS11_v2", - "Standard_DS12_v2", - "Standard_DS13_v2", - "Standard_DS14_v2", - "Standard_DS15_v2", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D2_v3", - "Standard_D4_v3", - "Standard_D8_v3", - "Standard_D16_v3", - "Standard_D32_v3", - "Standard_D48_v3", - "Standard_D64_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D2s_v3", - "Standard_D4s_v3", - "Standard_D8s_v3", - "Standard_D16s_v3", - "Standard_D32s_v3", - "Standard_D48s_v3", - "Standard_D64s_v3", - "Standard_F2S", - "Standard_F4S", - "Standard_F8S", - "Standard_F16S", - "Standard_GS2", - "Standard_GS3", - "Standard_GS4", - "Standard_GS5" - ], "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { @@ -513,7 +386,7 @@ "singleQuote": "'", "f5CloudLibsTag": "v4.26.8", "f5CloudLibsAzureTag": "v2.17.1", - "f5NetworksTag": "v9.8.0.0", + "f5NetworksTag": "v9.9.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.4.1-1.gz.run", "f5RuntimeInitTag": "v1.4.1", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 4d5ec3793349b9c5231c2fec48c358b6f4dde262454604dc7fdf404e0aff650729438dc830d041e7b4c7ccd8a0b4a9b00c5dbea28e5322da32bc87bc412be51c\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature m+7sxDnJCigJogWN0raM4nFhOSKad3MeY+xY4ODtP+4D0UA0J/wkJUKgkOVm0ewPJ/FdvjEn5ERh0XD0tFhsSF0kWpQWxtaROeeuLd76y3RTtfrqrnWhp88JcsJXWLDz29mi50SX/yjcKlwlT0RaJn2HZclmFokgTxLQdBcD1UA0JBAJUdAoWAmlR3FVNddqe6NxMAoeOXrjpBW+l0zwPw9d7iWyMCjooauUkIlSVx6MIJvuji4DNmYfh4DnP4rV1fH+8MUFdy4T3yXVc8Kzdn+haMt1cGQcLO8jl2wLRkvrYP35CvyHkwN0nDFWX8+enJP6g8XOjxuC8mcGgBsZyw==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", @@ -566,11 +439,7 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", - "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "southcentralus": "[equals(variables('location'), string('southcentralus'))]", - "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", - "australiaeast": "[equals(variables('location'), string('australiaeast'))]", - "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", + "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -690,7 +559,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-existing-stack-supported-payg,templateVersion:9.8.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-existing-stack-supported-payg,templateVersion:9.9.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", @@ -976,7 +845,7 @@ "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", - "storageAccountType": "[if(contains(variables('premiumInstanceArray'), parameters('instanceType')), 'Premium_LRS', 'Standard_LRS')]" + "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, diff --git a/supported/standalone/n-nic/existing-stack/payg/azuredeploy.parameters.json b/supported/standalone/n-nic/existing-stack/payg/azuredeploy.parameters.json index 1ffe6689fb..72a9b0d176 100644 --- a/supported/standalone/n-nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/standalone/n-nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "9.8.0.0", + "contentVersion": "9.9.0.0", "parameters": { "adminUsername": { "value": "azureuser"