diff --git a/README.md b/README.md index a8da73c612..b32bc66de2 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,6 @@ Standalone and HA production stack templates have been deprecated. All known issues are on GitHub for better tracking and visibility. See issues with a label of **Known Issues** at https://github.com/f5networks/f5-azure-arm-templates/issues. - --- diff --git a/azure-bigip-version-matrix.md b/azure-bigip-version-matrix.md index 9cf9d8165d..38ccdc8db8 100644 --- a/azure-bigip-version-matrix.md +++ b/azure-bigip-version-matrix.md @@ -8,18 +8,6 @@ The following table contains all of the tagged releases of the F5 ARM templates | Release Tag | Template Family | BIG-IP Versions | BIG-IQ Versions | PAYG License Bundles and Throughput | BYOL/BIG-IQ Image options | | --- | --- | --- | --- | --- | --- | -| [v7.0.3.0](https://github.com/F5Networks/f5-azure-arm-templates/releases/tag/v7.0.3.0) | Standalone | Latest, BIG-IP v14.1.2.0, BIG-IP v13.1.300000 | BIG-IQ v5.4, v6.1.0 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps
Per App VE LTM: 25Mbps, 200Mbps
Per App VE Advanced WAF: 25Mbps, 200Mbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | -| | Cluster (Failover-API) | Latest, BIG-IP v14.1.200000, BIG-IP v13.1.300000 | BIG-IQ v5.4, v6.0.1 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | -| | Cluster (Failover-LB) | Latest, BIG-IP v14.1.200000, BIG-IP v13.1.300000 | BIG-IQ v5.4, v6.0.1 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | -| | Auto Scale WAF | Latest, BIG-IP v14.1.200000, BIG-IP v13.1.300000 | BIG-IQ v5.4, v6.0.1 | *Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps
Per App VE Advanced WAF: 25Mbps, 200Mbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | -| | Auto Scale LTM | Latest, BIG-IP v14.1.200000, BIG-IP v13.1.300000 | BIG-IQ v5.4, v6.0.1 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
v13.1+: Per App VE LTM: 25Mbps, 200Mbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | -| | BIG-IQ | N/A | 6.0.1 | N/A | Best | -| [v7.0.2.0](https://github.com/F5Networks/f5-azure-arm-templates/releases/tag/v7.0.2.0) | Standalone | Latest, BIG-IP v14.1.2.0, BIG-IP v13.1.300000 | BIG-IQ v5.4, v6.1.0 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps
Per App VE LTM: 25Mbps, 200Mbps
Per App VE Advanced WAF: 25Mbps, 200Mbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | -| | Cluster (Failover-API) | Latest, BIG-IP v14.1.200000, BIG-IP v13.1.300000 | BIG-IQ v5.4, v6.0.1 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | -| | Cluster (Failover-LB) | Latest, BIG-IP v14.1.200000, BIG-IP v13.1.300000 | BIG-IQ v5.4, v6.0.1 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | -| | Auto Scale WAF | Latest, BIG-IP v14.1.200000, BIG-IP v13.1.300000 | BIG-IQ v5.4, v6.0.1 | *Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps
Per App VE Advanced WAF: 25Mbps, 200Mbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | -| | Auto Scale LTM | Latest, BIG-IP v14.1.200000, BIG-IP v13.1.300000 | BIG-IQ v5.4, v6.0.1 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
v13.1+: Per App VE LTM: 25Mbps, 200Mbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | -| | BIG-IQ | N/A | 6.0.1 | N/A | Best | | [v7.0.1.0](https://github.com/F5Networks/f5-azure-arm-templates/releases/tag/v7.0.0.1) | Standalone | Latest, BIG-IP v14.1.2.0, BIG-IP v13.1.300000 | BIG-IQ v5.4, v6.1.0 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps
Per App VE LTM: 25Mbps, 200Mbps
Per App VE Advanced WAF: 25Mbps, 200Mbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | | | Cluster (Failover-API) | Latest, BIG-IP v14.1.200000, BIG-IP v13.1.300000 | BIG-IQ v5.4, v6.0.1 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | | | Cluster (Failover-LB) | Latest, BIG-IP v14.1.200000, BIG-IP v13.1.300000 | BIG-IQ v5.4, v6.0.1 | *Good/Better/Best*: 1Gbps, 200Mbps, 25Mbps
BIG-IP v13.1+:
Advanced WAF: 25Mbps, 200Mbps, 1Gbps | AllOneBootLocation, AllTwoBootLocations, LTMOneBootLocation, LTMTwoBootLocations | diff --git a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/Deploy_via_PS.ps1 b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/Deploy_via_PS.ps1 index f27a551885..4550f302d7 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/Deploy_via_PS.ps1 +++ b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -mgmtNsgName OPTIONAL -externalLoadBalancerName OPTIONAL -internalLoadBalancerName OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -41,6 +41,11 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $mgmtNsgName, + [string] [Parameter(Mandatory=$True)] $externalLoadBalancerName, + [string] [Parameter(Mandatory=$True)] $internalLoadBalancerName, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $tenantId, [string] [Parameter(Mandatory=$True)] $clientId, @@ -75,7 +80,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -staticImageName $staticImageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -numberOfStaticInstances $numberOfStaticInstances -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -staticImageName $staticImageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -numberOfStaticInstances $numberOfStaticInstances -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -mgmtNsgName $mgmtNsgName -externalLoadBalancerName $externalLoadBalancerName -internalLoadBalancerName $internalLoadBalancerName -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/README.md b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/README.md index ba511097f8..6f8399d506 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/README.md +++ b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/README.md @@ -111,7 +111,7 @@ Use the appropriate button below to deploy: - **BIGIQ-PAYG**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s), as well as use PAYG instances. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq-payg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq-payg%2Fazuredeploy.json) ### Template parameters @@ -153,6 +153,11 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| mgmtNsgName | Yes | If you would like to deploy using an existing Azure Network Security Group, provide the NSG name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| externalLoadBalancerName | Yes | If you would like to deploy using an existing Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| internalLoadBalancerName | Yes | If you would like to add instances to an existing internal Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the internal ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | tenantId | Yes | Your Azure service principal application tenant ID. | | clientId | Yes | Your Azure service principal application client ID. | @@ -165,7 +170,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -mgmtNsgName OPTIONAL -externalLoadBalancerName OPTIONAL -internalLoadBalancerName OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -173,7 +178,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --mgmtNsgName OPTIONAL --externalLoadBalancerName OPTIONAL --internalLoadBalancerName OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json index 2958a6a8c4..79a70f6989 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json +++ b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -370,6 +370,47 @@ }, "type": "string" }, + "mgmtNsgName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to deploy using an existing Azure Network Security Group, provide the NSG name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "externalLoadBalancerName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to deploy using an existing Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "internalLoadBalancerName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to add instances to an existing internal Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the internal ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -497,14 +538,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -530,7 +571,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -629,12 +673,27 @@ "bigip-virtual-edition-good": "good" } }, - "externalLoadBalancerName": "[concat(variables('dnsLabel'),'-ext-alb')]", + "externalLoadBalancerName": "[if(variables('useExistingLoadBalancer'), parameters('externalLoadBalancerName'), concat(variables('dnsLabel'),'-ext-alb'))]", "extLbId": "[resourceId('Microsoft.Network/loadBalancers',variables('externalLoadBalancerName'))]", "deviceNamePrefix": "[concat(variables('dnsLabel'),'-device')]", "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", + "attachInternalLoadBalancer": "[not(empty(replace(parameters('internalLoadBalancerName'), 'OPTIONAL', '')))]", + "internalLoadBalancerName": "[parameters('internalLoadBalancerName')]", + "useExistingLoadBalancer": "[not(empty(replace(parameters('externalLoadBalancerName'), 'OPTIONAL', '')))]", + "loadBalancerBackendAddressPoolsArray": [ + { + "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" + }, + { + "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('internalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" + } + ], + "useExistingNsg": "[not(empty(replace(parameters('mgmtNsgName'), 'OPTIONAL', '')))]", + "mgmtNsgName": "[if(variables('useExistingNsg'), parameters('mgmtNsgName'), concat(variables('dnsLabel'),'-mgmt-nsg'))]", + "mgmtNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-mgmt-nsg'))]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -707,7 +766,6 @@ "publicIPAddressType": "Static", "mgmtPublicIPAddressName": "[concat(variables('dnsLabel'), '-mgmt-pip')]", "mgmtPublicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('mgmtPublicIPAddressName'))]", - "mgmtNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-mgmt-nsg'))]", "mgmtNicName": "[concat(variables('dnsLabel'), '-mgmt')]", "mgmtNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('mgmtNicName'))]", "mgmtSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('mgmtSubnetName'))]", @@ -723,7 +781,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-existing-stack-experimental-bigiq-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-existing-stack-experimental-bigiq-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -762,7 +820,8 @@ { "apiVersion": "[variables('networkApiVersion')]", "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-mgmt-nsg')]", + "name": "[variables('mgmtNsgName')]", + "condition": "[not(variables('useExistingNsg'))]", "properties": { "securityRules": [ { @@ -828,6 +887,7 @@ }, { "apiVersion": "[variables('networkApiVersion')]", + "condition": "[not(variables('useExistingLoadBalancer'))]", "dependsOn": [ "[concat('Microsoft.Network/publicIPAddresses/', variables('mgmtPublicIPAddressName'))]" ], @@ -1017,7 +1077,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -1044,11 +1104,7 @@ { "name": "ipconfig1", "properties": { - "loadBalancerBackendAddressPools": [ - { - "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" - } - ], + "loadBalancerBackendAddressPools": "[take(variables('loadBalancerBackendAddressPoolsArray'), if(variables('attachInternalLoadBalancer'), 2, 1))]", "loadBalancerInboundNatPools": [ { "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/inboundNatPools/sshnatpool')]" @@ -1082,7 +1138,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -1105,7 +1161,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress ', reference(variables('mgmtPublicIPAddressId')).ipAddress, ' --bigIpExtMgmtPort via-api', ' --static --natBase mgmtnatpool-static. --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress private --bigIpExtMgmtPort via-api --clusterUpdateInterval 300', ' --static --natBase mgmtnatpool-static. --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -1174,7 +1230,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), union(json('{}'), variables('staticVmssTagValues')), union(variables('tagValues'), variables('staticVmssTagValues')))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -1184,10 +1240,10 @@ "[variables('staticVmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json index a35ccf5a20..75fd4227b1 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json +++ b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -116,6 +116,21 @@ "notificationEmail": { "value": "OPTIONAL" }, + "mgmtNsgName": { + "value": "OPTIONAL" + }, + "externalLoadBalancerName": { + "value": "OPTIONAL" + }, + "internalLoadBalancerName": { + "value": "OPTIONAL" + }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/deploy_via_bash.sh b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/deploy_via_bash.sh index 73addb39f6..788d494e08 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/deploy_via_bash.sh +++ b/experimental/autoscale/ltm/via-lb/1nic/existing-stack/bigiq-payg/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --mgmtNsgName OPTIONAL --externalLoadBalancerName OPTIONAL --internalLoadBalancerName OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -120,6 +120,21 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --mgmtNsgName) + mgmtNsgName=$2 + shift 2;; + --externalLoadBalancerName) + externalLoadBalancerName=$2 + shift 2;; + --internalLoadBalancerName) + internalLoadBalancerName=$2 + shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -151,7 +166,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName staticImageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure numberOfStaticInstances bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName staticImageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure numberOfStaticInstances bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail mgmtNsgName externalLoadBalancerName internalLoadBalancerName useAvailabilityZones autoscaleTimeout provisionPublicIP tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -175,4 +190,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"staticImageName\":{\"value\":\"$staticImageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"numberOfStaticInstances\":{\"value\":\"$numberOfStaticInstances\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"staticImageName\":{\"value\":\"$staticImageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"numberOfStaticInstances\":{\"value\":\"$numberOfStaticInstances\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"mgmtNsgName\":{\"value\":\"$mgmtNsgName\"},\"externalLoadBalancerName\":{\"value\":\"$externalLoadBalancerName\"},\"internalLoadBalancerName\":{\"value\":\"$internalLoadBalancerName\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/Deploy_via_PS.ps1 b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/Deploy_via_PS.ps1 index 40019ed885..3af6e492b4 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/Deploy_via_PS.ps1 +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -39,6 +39,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $tenantId, [string] [Parameter(Mandatory=$True)] $clientId, @@ -73,7 +75,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -staticImageName $staticImageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -numberOfStaticInstances $numberOfStaticInstances -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -staticImageName $staticImageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -numberOfStaticInstances $numberOfStaticInstances -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/README.md b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/README.md index 12ec3b73e5..d5c405b930 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/README.md +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/README.md @@ -111,7 +111,7 @@ Use the appropriate button below to deploy: - **BIGIQ-PAYG**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s), as well as use PAYG instances. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq-payg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fexperimental%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq-payg%2Fazuredeploy.json) ### Template parameters @@ -151,6 +151,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | tenantId | Yes | Your Azure service principal application tenant ID. | | clientId | Yes | Your Azure service principal application client ID. | @@ -163,7 +165,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -171,7 +173,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json index a320fe17de..322dc6855d 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -359,6 +359,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -486,14 +506,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -519,7 +539,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -626,6 +649,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -714,7 +738,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-new-stack-experimental-bigiq-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-new-stack-experimental-bigiq-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -1006,7 +1030,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -1071,7 +1095,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -1095,7 +1119,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress ', reference(variables('mgmtPublicIPAddressId')).ipAddress, ' --bigIpExtMgmtPort via-api', ' --static --natBase mgmtnatpool-static. --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress private --bigIpExtMgmtPort via-api --clusterUpdateInterval 300', ' --static --natBase mgmtnatpool-static. --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -1164,7 +1188,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), union(json('{}'), variables('staticVmssTagValues')), union(variables('tagValues'), variables('staticVmssTagValues')))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -1174,10 +1198,10 @@ "[variables('staticVmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json index f2fd611b2e..3743d7a412 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -110,6 +110,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/deploy_via_bash.sh b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/deploy_via_bash.sh index 8784f3a647..33f42e5f9f 100644 --- a/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/deploy_via_bash.sh +++ b/experimental/autoscale/ltm/via-lb/1nic/new-stack/bigiq-payg/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -114,6 +114,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -145,7 +151,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName staticImageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure numberOfStaticInstances bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName staticImageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure numberOfStaticInstances bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -169,4 +175,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"staticImageName\":{\"value\":\"$staticImageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"numberOfStaticInstances\":{\"value\":\"$numberOfStaticInstances\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"staticImageName\":{\"value\":\"$staticImageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"numberOfStaticInstances\":{\"value\":\"$numberOfStaticInstances\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/Deploy_via_PS.ps1 b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/Deploy_via_PS.ps1 index 59a64863a6..ae71bf25a7 100644 --- a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/Deploy_via_PS.ps1 +++ b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -mgmtNsgName OPTIONAL -externalLoadBalancerName OPTIONAL -internalLoadBalancerName OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -41,6 +41,11 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $mgmtNsgName, + [string] [Parameter(Mandatory=$True)] $externalLoadBalancerName, + [string] [Parameter(Mandatory=$True)] $internalLoadBalancerName, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $applicationProtocols, [string] [Parameter(Mandatory=$True)] $applicationAddress, @@ -85,7 +90,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -staticImageName $staticImageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -numberOfStaticInstances $numberOfStaticInstances -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -staticImageName $staticImageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -numberOfStaticInstances $numberOfStaticInstances -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -mgmtNsgName $mgmtNsgName -externalLoadBalancerName $externalLoadBalancerName -internalLoadBalancerName $internalLoadBalancerName -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/README.md b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/README.md index c2b7e97812..f35852e374 100644 --- a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/README.md +++ b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/README.md @@ -112,7 +112,7 @@ Use the appropriate button below to deploy: - **BIGIQ-PAYG**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s), as well as use PAYG instances. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq-payg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq-payg%2Fazuredeploy.json) ### Template parameters @@ -154,6 +154,11 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| mgmtNsgName | Yes | If you would like to deploy using an existing Azure Network Security Group, provide the NSG name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| externalLoadBalancerName | Yes | If you would like to deploy using an existing Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| internalLoadBalancerName | Yes | If you would like to add instances to an existing internal Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the internal ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | applicationProtocols | Yes | The protocol(s) used by your application. | | applicationAddress | Yes | The public IP address or DNS FQDN of the application that this WAF will protect. | @@ -175,7 +180,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -mgmtNsgName OPTIONAL -externalLoadBalancerName OPTIONAL -internalLoadBalancerName OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -183,7 +188,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --mgmtNsgName OPTIONAL --externalLoadBalancerName OPTIONAL --internalLoadBalancerName OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json index 2acab89076..c314c04857 100644 --- a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json +++ b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -363,6 +363,47 @@ }, "type": "string" }, + "mgmtNsgName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to deploy using an existing Azure Network Security Group, provide the NSG name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "externalLoadBalancerName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to deploy using an existing Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "internalLoadBalancerName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to add instances to an existing internal Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the internal ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -569,14 +610,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz asm-policy.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -602,7 +643,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC9zaGFyZWQvYXBwc3Zjcy9kZWNsYXJlIC1kIEAkZmlsZV9sb2MgLW8gL2Rldi9udWxsKQoKICAgICAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgXV07IHRoZW4KICAgICAgICAgICAgICAgICAgZWNobyAiRGVwbG95bWVudCBvZiBhcHBsaWNhdGlvbiBzdWNjZWVkZWQuIgogICAgICAgICAgICAgICAgICBkZXBsb3llZD0ieWVzIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCB2YWxpZCBKU09OLCBjb250aW51aW5nIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBjdXN0b20gY29uZmlnOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICBmaQplbHNlCiAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IGEgVVJMLCBjb250aW51aW5nLiIKZmkKCmlmIFtbICRkZXBsb3llZCA9PSAibm8iICYmICRkZWNsYXJhdGlvblVybCA9PSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgIGlwX3JlZ2V4PSdeWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfSQnCiAgICBkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAogICAgbW9kZT1gc2VkICJzLy0vXy9nIiA8PDwiJG1vZGUiYAogICAgcGF5bG9hZD0neyJjbGFzcyI6IkFEQyIsInNjaGVtYVZlcnNpb24iOiIzLjAuMCIsImxhYmVsIjoiYXV0b3NjYWxlX3dhZiIsImlkIjoiQVVUT1NDQUxFX1dBRiIsInJlbWFyayI6IkF1dG9zY2FsZSBXQUYiLCJ3YWYiOnsiY2xhc3MiOiJUZW5hbnQiLCJTaGFyZWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoic2hhcmVkIiwic2VydmljZUFkZHJlc3MiOnsiY2xhc3MiOiJTZXJ2aWNlX0FkZHJlc3MiLCJ2aXJ0dWFsQWRkcmVzcyI6IjAuMC4wLjAifSwicG9saWN5V0FGIjp7ImNsYXNzIjoiV0FGX1BvbGljeSIsImZpbGUiOiIvdG1wL2FzMzAtbGludXgtbWVkaXVtLnhtbCJ9fSwiaHR0cCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwIiwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwIl0sIm1lbWJlcnMiOlt7ImFkZHJlc3NEaXNjb3ZlcnkiOiJmcWRuIiwiYXV0b1BvcHVsYXRlIjp0cnVlLCJzZXJ2aWNlUG9ydCI6ODAsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUCIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19LCJodHRwcyI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sImNsaWVudFRMUyI6eyJjbGFzcyI6IlRMU19DbGllbnQifSwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwcyJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjQ0MywiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6NDQzLCJzZXJ2ZXJUTFMiOiJzZXJ2ZXJUTFMiLCJjbGllbnRUTFMiOiJjbGllbnRUTFMiLCJyZWRpcmVjdDgwIjp0cnVlLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHNfb2ZmbG9hZCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFBTIiwidmlydHVhbEFkZHJlc3NlcyI6W3sidXNlIjoiL3dhZi9TaGFyZWQvc2VydmljZUFkZHJlc3MifV0sInZpcnR1YWxQb3J0Ijo4MCwic2VydmVyVExTIjoic2VydmVyVExTIiwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX19fScKCiAgICAjIHZlcmlmeSB0aGF0IHRoZSBjdXN0b20gcG9saWN5IGlzIGEgVVJMCiAgICBpZiBbWyAkbGV2ZWwgPT0gImN1c3RvbSIgXV07IHRoZW4KICAgICAgICAgaWYgW1sgLW4gJHBvbGljeSAmJiAkcG9saWN5ICE9ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgICAgICAgICAgaWYgW1sgJHBvbGljeSA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGN1c3RvbV9wb2xpY3k9JHBvbGljeQogICAgICAgICAgICAgICAgICAvdXNyL2Jpbi9jdXJsIC1zayAkY3VzdG9tX3BvbGljeSAtLXJldHJ5IDMgLW8gL3RtcC9jdXN0b21fcG9saWN5LnhtbAogICAgICAgICAgICAgICAgICBhc21fcG9saWN5PSIvdG1wL2N1c3RvbV9wb2xpY3kueG1sIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3QgYSBVUkwsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBwb2xpY3kgd2FzIG5vdCBzcGVjaWZpZWQsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtaGlnaC54bWwiCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS0kbGV2ZWwueG1sIgogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIHx8ICRtb2RlID09ICJodHRwX2h0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cHNfb2ZmbG9hZCIgXV07IHRoZW4KICAgICAgICAgY2hhaW49Ii9Db21tb24vY2EtYnVuZGxlLmNydCIKCiAgICAgICAgIGVjaG8gIlN0YXJ0aW5nIENlcnRpZmljYXRlIGRvd25sb2FkIgoKICAgICAgICAgY2VydGlmaWNhdGVfbG9jYXRpb249JHNzbF9jZXJ0CgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iICAtWCBQT1NUIC1IICJDb250ZW50LXR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vdXRpbC9iYXNoIC1kICd7ICJjb21tYW5kIjoicnVuIiwidXRpbENtZEFyZ3MiOiItYyBcImN1cmwgLWsgLXMgLWYgLS1yZXRyeSA1IC0tcmV0cnktZGVsYXkgMTAgLS1yZXRyeS1tYXgtdGltZSAxMCAtbyAvY29uZmlnL3RtcC5wZnggJyRjZXJ0aWZpY2F0ZV9sb2NhdGlvbidcIiIgfScgLW8gL2Rldi9udWxsKQoKICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwICBdXTsgdGhlbgogICAgICAgICAgICAgIGVjaG8gIkNlcnRpZmljYXRlIGRvd25sb2FkIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKCiAgICAgICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3UgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC90bS9zeXMvY3J5cHRvL3BrY3MxMiAtZCAneyJjb21tYW5kIjogImluc3RhbGwiLCJuYW1lIjogIndhZkNlcnQiLCJvcHRpb25zIjogWyB7ICJmcm9tLWxvY2FsLWZpbGUiOiAiL2NvbmZpZy90bXAucGZ4IiB9LCB7ICJwYXNzcGhyYXNlIjogIiciJHNzbF9wYXNzd2QiJyIgfSBdIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBpbnN0YWxsIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGluc3RhbGwgU1NMIGNlcnQ7IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGV4aXQgMQogICAgICAgICBmaQogICAgZmkKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIGFzbV9wb2xpY3kgJGFzbV9wb2xpY3kgJyAud2FmLlNoYXJlZC5wb2xpY3lXQUYuZmlsZSA9ICRhc21fcG9saWN5JykKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfaHR0cF9wb3J0ICRwb29sX2h0dHBfcG9ydCAtLWFyZyBwb29sX2h0dHBzX3BvcnQgJHBvb2xfaHR0cHNfcG9ydCAtLWFyZyB2c19odHRwX3BvcnQgJHZzX2h0dHBfcG9ydCAtLWFyZyB2c19odHRwc19wb3J0ICR2c19odHRwc19wb3J0ICcgLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHAuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZpY2VQb3J0ID0gKCRwb29sX2h0dHBzX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzX29mZmxvYWQuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBzX3BvcnQgfCB0b251bWJlciknKQoKICAgIGlmIFtbICRwb29sX21lbWJlciA9fiAkaXBfcmVnZXggXV07IHRoZW4KICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmFkZHJlc3NEaXNjb3ZlcnkpIHwgIGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KScpCgogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfbWVtYmVyICRwb29sX21lbWJlciAnLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3Nlc1swXSA9ICRwb29sX21lbWJlcicpCiAgICBlbHNlCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcyknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSA9ICRwb29sX21lbWJlciB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXInKQogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cCIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKScpCiAgICBlbGlmIFtbICRtb2RlID09ICJodHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQpIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cF9odHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuc2VydmljZU1haW4ucmVkaXJlY3Q4MCA9IGZhbHNlIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxzZQogICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHApIHwgZGVsKC53YWYuaHR0cHMpIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIuY2VydGlmaWNhdGUuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmNydCIgfCAud2FmLmh0dHBzX29mZmxvYWQuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGZpCgogICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3Z2dSAkdXNlcjokKHBhc3N3ZCkgLXcgIiV7aHR0cF9jb2RlfSIgLVggUE9TVCAtSCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgIiRwYXlsb2FkIiAtbyAvZGV2L251bGwpCgogICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgIF1dOyB0aGVuCiAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICBlbHNlCiAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgZXhpdCAxCiAgICAgZmkKIGZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -701,12 +745,27 @@ "bigip-virtual-edition-good": "good" } }, - "externalLoadBalancerName": "[concat(variables('dnsLabel'),'-ext-alb')]", + "externalLoadBalancerName": "[if(variables('useExistingLoadBalancer'), parameters('externalLoadBalancerName'), concat(variables('dnsLabel'),'-ext-alb'))]", "extLbId": "[resourceId('Microsoft.Network/loadBalancers',variables('externalLoadBalancerName'))]", "deviceNamePrefix": "[concat(variables('dnsLabel'),'-device')]", "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", + "attachInternalLoadBalancer": "[not(empty(replace(parameters('internalLoadBalancerName'), 'OPTIONAL', '')))]", + "internalLoadBalancerName": "[parameters('internalLoadBalancerName')]", + "useExistingLoadBalancer": "[not(empty(replace(parameters('externalLoadBalancerName'), 'OPTIONAL', '')))]", + "loadBalancerBackendAddressPoolsArray": [ + { + "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" + }, + { + "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('internalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" + } + ], + "useExistingNsg": "[not(empty(replace(parameters('mgmtNsgName'), 'OPTIONAL', '')))]", + "mgmtNsgName": "[if(variables('useExistingNsg'), parameters('mgmtNsgName'), concat(variables('dnsLabel'),'-mgmt-nsg'))]", + "mgmtNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-mgmt-nsg'))]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -782,7 +841,6 @@ "publicIPAddressType": "Static", "mgmtPublicIPAddressName": "[concat(variables('dnsLabel'), '-mgmt-pip')]", "mgmtPublicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('mgmtPublicIPAddressName'))]", - "mgmtNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-mgmt-nsg'))]", "mgmtNicName": "[concat(variables('dnsLabel'), '-mgmt')]", "mgmtNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('mgmtNicName'))]", "mgmtSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('mgmtSubnetName'))]", @@ -798,7 +856,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-existing-stack-experimental-bigiq-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-existing-stack-experimental-bigiq-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -837,7 +895,8 @@ { "apiVersion": "[variables('networkApiVersion')]", "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-mgmt-nsg')]", + "name": "[variables('mgmtNsgName')]", + "condition": "[not(variables('useExistingNsg'))]", "properties": { "securityRules": [ { @@ -931,6 +990,7 @@ }, { "apiVersion": "[variables('networkApiVersion')]", + "condition": "[not(variables('useExistingLoadBalancer'))]", "dependsOn": [ "[concat('Microsoft.Network/publicIPAddresses/', variables('mgmtPublicIPAddressName'))]" ], @@ -1120,7 +1180,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -1148,11 +1208,7 @@ { "name": "ipconfig1", "properties": { - "loadBalancerBackendAddressPools": [ - { - "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" - } - ], + "loadBalancerBackendAddressPools": "[take(variables('loadBalancerBackendAddressPoolsArray'), if(variables('attachInternalLoadBalancer'), 2, 1))]", "loadBalancerInboundNatPools": [ { "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/inboundNatPools/sshnatpool')]" @@ -1186,7 +1242,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -1209,7 +1265,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress ', reference(variables('mgmtPublicIPAddressId')).ipAddress, ' --bigIpExtMgmtPort via-api', ' --static --natBase mgmtnatpool-static. --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress private --bigIpExtMgmtPort via-api --clusterUpdateInterval 300', ' --static --natBase mgmtnatpool-static. --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -1279,7 +1335,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), union(json('{}'), variables('staticVmssTagValues')), union(variables('tagValues'), variables('staticVmssTagValues')))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -1289,10 +1345,10 @@ "[variables('staticVmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json index defabcff8a..d26abadc3f 100644 --- a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json +++ b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -116,6 +116,21 @@ "notificationEmail": { "value": "OPTIONAL" }, + "mgmtNsgName": { + "value": "OPTIONAL" + }, + "externalLoadBalancerName": { + "value": "OPTIONAL" + }, + "internalLoadBalancerName": { + "value": "OPTIONAL" + }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/deploy_via_bash.sh b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/deploy_via_bash.sh index ed54b4340f..e5630b43a3 100755 --- a/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/deploy_via_bash.sh +++ b/experimental/autoscale/waf/via-lb/1nic/existing-stack/bigiq-payg/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --mgmtNsgName OPTIONAL --externalLoadBalancerName OPTIONAL --internalLoadBalancerName OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -120,6 +120,21 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --mgmtNsgName) + mgmtNsgName=$2 + shift 2;; + --externalLoadBalancerName) + externalLoadBalancerName=$2 + shift 2;; + --internalLoadBalancerName) + internalLoadBalancerName=$2 + shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -178,7 +193,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName staticImageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure numberOfStaticInstances bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName staticImageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure numberOfStaticInstances bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail mgmtNsgName externalLoadBalancerName internalLoadBalancerName useAvailabilityZones autoscaleTimeout provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -202,4 +217,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"staticImageName\":{\"value\":\"$staticImageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"numberOfStaticInstances\":{\"value\":\"$numberOfStaticInstances\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"staticImageName\":{\"value\":\"$staticImageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"numberOfStaticInstances\":{\"value\":\"$numberOfStaticInstances\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"mgmtNsgName\":{\"value\":\"$mgmtNsgName\"},\"externalLoadBalancerName\":{\"value\":\"$externalLoadBalancerName\"},\"internalLoadBalancerName\":{\"value\":\"$internalLoadBalancerName\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/Deploy_via_PS.ps1 b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/Deploy_via_PS.ps1 index d60f2803ec..44c872f8c5 100644 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/Deploy_via_PS.ps1 +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -39,6 +39,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $applicationProtocols, [string] [Parameter(Mandatory=$True)] $applicationAddress, @@ -83,7 +85,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -staticImageName $staticImageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -numberOfStaticInstances $numberOfStaticInstances -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -staticImageName $staticImageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -numberOfStaticInstances $numberOfStaticInstances -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/README.md b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/README.md index d0f26993cc..95b19bf57d 100644 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/README.md +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/README.md @@ -112,7 +112,7 @@ Use the appropriate button below to deploy: - **BIGIQ-PAYG**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s), as well as use PAYG instances. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq-payg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fexperimental%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq-payg%2Fazuredeploy.json) ### Template parameters @@ -152,6 +152,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | applicationProtocols | Yes | The protocol(s) used by your application. | | applicationAddress | Yes | The public IP address or DNS FQDN of the application that this WAF will protect. | @@ -173,7 +175,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -staticImageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -numberOfStaticInstances -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -181,7 +183,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json index 48dda003c0..e0c60ae9f8 100644 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -352,6 +352,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -558,14 +578,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz asm-policy.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -591,7 +611,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC9zaGFyZWQvYXBwc3Zjcy9kZWNsYXJlIC1kIEAkZmlsZV9sb2MgLW8gL2Rldi9udWxsKQoKICAgICAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgXV07IHRoZW4KICAgICAgICAgICAgICAgICAgZWNobyAiRGVwbG95bWVudCBvZiBhcHBsaWNhdGlvbiBzdWNjZWVkZWQuIgogICAgICAgICAgICAgICAgICBkZXBsb3llZD0ieWVzIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCB2YWxpZCBKU09OLCBjb250aW51aW5nIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBjdXN0b20gY29uZmlnOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICBmaQplbHNlCiAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IGEgVVJMLCBjb250aW51aW5nLiIKZmkKCmlmIFtbICRkZXBsb3llZCA9PSAibm8iICYmICRkZWNsYXJhdGlvblVybCA9PSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgIGlwX3JlZ2V4PSdeWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfSQnCiAgICBkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAogICAgbW9kZT1gc2VkICJzLy0vXy9nIiA8PDwiJG1vZGUiYAogICAgcGF5bG9hZD0neyJjbGFzcyI6IkFEQyIsInNjaGVtYVZlcnNpb24iOiIzLjAuMCIsImxhYmVsIjoiYXV0b3NjYWxlX3dhZiIsImlkIjoiQVVUT1NDQUxFX1dBRiIsInJlbWFyayI6IkF1dG9zY2FsZSBXQUYiLCJ3YWYiOnsiY2xhc3MiOiJUZW5hbnQiLCJTaGFyZWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoic2hhcmVkIiwic2VydmljZUFkZHJlc3MiOnsiY2xhc3MiOiJTZXJ2aWNlX0FkZHJlc3MiLCJ2aXJ0dWFsQWRkcmVzcyI6IjAuMC4wLjAifSwicG9saWN5V0FGIjp7ImNsYXNzIjoiV0FGX1BvbGljeSIsImZpbGUiOiIvdG1wL2FzMzAtbGludXgtbWVkaXVtLnhtbCJ9fSwiaHR0cCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwIiwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwIl0sIm1lbWJlcnMiOlt7ImFkZHJlc3NEaXNjb3ZlcnkiOiJmcWRuIiwiYXV0b1BvcHVsYXRlIjp0cnVlLCJzZXJ2aWNlUG9ydCI6ODAsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUCIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19LCJodHRwcyI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sImNsaWVudFRMUyI6eyJjbGFzcyI6IlRMU19DbGllbnQifSwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwcyJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjQ0MywiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6NDQzLCJzZXJ2ZXJUTFMiOiJzZXJ2ZXJUTFMiLCJjbGllbnRUTFMiOiJjbGllbnRUTFMiLCJyZWRpcmVjdDgwIjp0cnVlLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHNfb2ZmbG9hZCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFBTIiwidmlydHVhbEFkZHJlc3NlcyI6W3sidXNlIjoiL3dhZi9TaGFyZWQvc2VydmljZUFkZHJlc3MifV0sInZpcnR1YWxQb3J0Ijo4MCwic2VydmVyVExTIjoic2VydmVyVExTIiwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX19fScKCiAgICAjIHZlcmlmeSB0aGF0IHRoZSBjdXN0b20gcG9saWN5IGlzIGEgVVJMCiAgICBpZiBbWyAkbGV2ZWwgPT0gImN1c3RvbSIgXV07IHRoZW4KICAgICAgICAgaWYgW1sgLW4gJHBvbGljeSAmJiAkcG9saWN5ICE9ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgICAgICAgICAgaWYgW1sgJHBvbGljeSA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGN1c3RvbV9wb2xpY3k9JHBvbGljeQogICAgICAgICAgICAgICAgICAvdXNyL2Jpbi9jdXJsIC1zayAkY3VzdG9tX3BvbGljeSAtLXJldHJ5IDMgLW8gL3RtcC9jdXN0b21fcG9saWN5LnhtbAogICAgICAgICAgICAgICAgICBhc21fcG9saWN5PSIvdG1wL2N1c3RvbV9wb2xpY3kueG1sIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3QgYSBVUkwsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBwb2xpY3kgd2FzIG5vdCBzcGVjaWZpZWQsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtaGlnaC54bWwiCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS0kbGV2ZWwueG1sIgogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIHx8ICRtb2RlID09ICJodHRwX2h0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cHNfb2ZmbG9hZCIgXV07IHRoZW4KICAgICAgICAgY2hhaW49Ii9Db21tb24vY2EtYnVuZGxlLmNydCIKCiAgICAgICAgIGVjaG8gIlN0YXJ0aW5nIENlcnRpZmljYXRlIGRvd25sb2FkIgoKICAgICAgICAgY2VydGlmaWNhdGVfbG9jYXRpb249JHNzbF9jZXJ0CgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iICAtWCBQT1NUIC1IICJDb250ZW50LXR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vdXRpbC9iYXNoIC1kICd7ICJjb21tYW5kIjoicnVuIiwidXRpbENtZEFyZ3MiOiItYyBcImN1cmwgLWsgLXMgLWYgLS1yZXRyeSA1IC0tcmV0cnktZGVsYXkgMTAgLS1yZXRyeS1tYXgtdGltZSAxMCAtbyAvY29uZmlnL3RtcC5wZnggJyRjZXJ0aWZpY2F0ZV9sb2NhdGlvbidcIiIgfScgLW8gL2Rldi9udWxsKQoKICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwICBdXTsgdGhlbgogICAgICAgICAgICAgIGVjaG8gIkNlcnRpZmljYXRlIGRvd25sb2FkIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKCiAgICAgICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3UgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC90bS9zeXMvY3J5cHRvL3BrY3MxMiAtZCAneyJjb21tYW5kIjogImluc3RhbGwiLCJuYW1lIjogIndhZkNlcnQiLCJvcHRpb25zIjogWyB7ICJmcm9tLWxvY2FsLWZpbGUiOiAiL2NvbmZpZy90bXAucGZ4IiB9LCB7ICJwYXNzcGhyYXNlIjogIiciJHNzbF9wYXNzd2QiJyIgfSBdIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBpbnN0YWxsIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGluc3RhbGwgU1NMIGNlcnQ7IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGV4aXQgMQogICAgICAgICBmaQogICAgZmkKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIGFzbV9wb2xpY3kgJGFzbV9wb2xpY3kgJyAud2FmLlNoYXJlZC5wb2xpY3lXQUYuZmlsZSA9ICRhc21fcG9saWN5JykKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfaHR0cF9wb3J0ICRwb29sX2h0dHBfcG9ydCAtLWFyZyBwb29sX2h0dHBzX3BvcnQgJHBvb2xfaHR0cHNfcG9ydCAtLWFyZyB2c19odHRwX3BvcnQgJHZzX2h0dHBfcG9ydCAtLWFyZyB2c19odHRwc19wb3J0ICR2c19odHRwc19wb3J0ICcgLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHAuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZpY2VQb3J0ID0gKCRwb29sX2h0dHBzX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzX29mZmxvYWQuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBzX3BvcnQgfCB0b251bWJlciknKQoKICAgIGlmIFtbICRwb29sX21lbWJlciA9fiAkaXBfcmVnZXggXV07IHRoZW4KICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmFkZHJlc3NEaXNjb3ZlcnkpIHwgIGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KScpCgogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfbWVtYmVyICRwb29sX21lbWJlciAnLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3Nlc1swXSA9ICRwb29sX21lbWJlcicpCiAgICBlbHNlCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcyknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSA9ICRwb29sX21lbWJlciB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXInKQogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cCIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKScpCiAgICBlbGlmIFtbICRtb2RlID09ICJodHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQpIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cF9odHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuc2VydmljZU1haW4ucmVkaXJlY3Q4MCA9IGZhbHNlIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxzZQogICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHApIHwgZGVsKC53YWYuaHR0cHMpIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIuY2VydGlmaWNhdGUuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmNydCIgfCAud2FmLmh0dHBzX29mZmxvYWQuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGZpCgogICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3Z2dSAkdXNlcjokKHBhc3N3ZCkgLXcgIiV7aHR0cF9jb2RlfSIgLVggUE9TVCAtSCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgIiRwYXlsb2FkIiAtbyAvZGV2L251bGwpCgogICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgIF1dOyB0aGVuCiAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICBlbHNlCiAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgZXhpdCAxCiAgICAgZmkKIGZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -698,6 +721,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -789,7 +813,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-new-stack-experimental-bigiq-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-new-stack-experimental-bigiq-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq-payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -1109,7 +1133,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -1175,7 +1199,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -1199,7 +1223,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress ', reference(variables('mgmtPublicIPAddressId')).ipAddress, ' --bigIpExtMgmtPort via-api', ' --static --natBase mgmtnatpool-static. --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress private --bigIpExtMgmtPort via-api --clusterUpdateInterval 300', ' --static --natBase mgmtnatpool-static. --externalTag key:f5ClusterTag,value:', variables('dnsLabel'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -1269,7 +1293,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), union(json('{}'), variables('staticVmssTagValues')), union(variables('tagValues'), variables('staticVmssTagValues')))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -1279,10 +1303,10 @@ "[variables('staticVmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json index a589c01f31..74703cd419 100644 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -110,6 +110,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/deploy_via_bash.sh b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/deploy_via_bash.sh index d95e770fed..8b346ec577 100755 --- a/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/deploy_via_bash.sh +++ b/experimental/autoscale/waf/via-lb/1nic/new-stack/bigiq-payg/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --staticImageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --numberOfStaticInstances --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -114,6 +114,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -172,7 +178,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName staticImageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure numberOfStaticInstances bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName staticImageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure numberOfStaticInstances bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -196,4 +202,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"staticImageName\":{\"value\":\"$staticImageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"numberOfStaticInstances\":{\"value\":\"$numberOfStaticInstances\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"staticImageName\":{\"value\":\"$staticImageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"numberOfStaticInstances\":{\"value\":\"$numberOfStaticInstances\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/README.md b/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/README.md index 73f4b2b42d..6142aa2c27 100644 --- a/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/README.md +++ b/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/README.md @@ -104,7 +104,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fexperimental%2Fbigiq%2FlicenseManagement%2Fcluster%2F2nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fexperimental%2Fbigiq%2FlicenseManagement%2Fcluster%2F2nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.json b/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.json index fed947a531..8dbb9d5231 100644 --- a/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.json +++ b/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -301,8 +301,8 @@ "resourceGroupName": "[resourceGroup().name]", "resourceGroupId": "[concat(resourceGroup().id, '-vip')]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", "f5CloudIappsTag": "v2.3.2", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "skuToUse": "f5-bigiq-virtual-edition-byol", @@ -847,7 +847,7 @@ "properties": { "autoUpgradeMinorVersion": "true", "protectedSettings": { - "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey1'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress2'), ' --associate-intf ', concat(variables('intNicName'), '0'), ' --dissociate-intf ', concat(variables('intNicName'), '1'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','7.0.3.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" + "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey1'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress2'), ' --associate-intf ', concat(variables('intNicName'), '0'), ' --dissociate-intf ', concat(variables('intNicName'), '1'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','7.1.0.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -874,7 +874,7 @@ "properties": { "autoUpgradeMinorVersion": "true", "protectedSettings": { - "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey2'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --create-license-pool ', parameters('licensePoolKeys'), ' --create-reg-key-pool ', parameters('regPoolKeys'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --master --big-iq-failover-peer-ip ', variables('intSubnetPrivateAddress'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress3'), ' --associate-intf ', concat(variables('intNicName'), '1'), ' --dissociate-intf ', concat(variables('intNicName'), '0'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress1'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress1'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','7.0.3.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" + "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey2'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --create-license-pool ', parameters('licensePoolKeys'), ' --create-reg-key-pool ', parameters('regPoolKeys'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --master --big-iq-failover-peer-ip ', variables('intSubnetPrivateAddress'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress3'), ' --associate-intf ', concat(variables('intNicName'), '1'), ' --dissociate-intf ', concat(variables('intNicName'), '0'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress1'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress1'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','7.1.0.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { diff --git a/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.parameters.json b/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.parameters.json index 836ae8b124..757d421d9a 100644 --- a/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.parameters.json +++ b/experimental/bigiq/licenseManagement/cluster/2nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/README.md b/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/README.md index 2e023a270a..fdd93e506a 100644 --- a/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/README.md +++ b/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/README.md @@ -104,7 +104,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fexperimental%2Fbigiq%2FlicenseManagement%2Fcluster%2F2nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fexperimental%2Fbigiq%2FlicenseManagement%2Fcluster%2F2nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.json b/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.json index d25dc2fd8a..7c35bdbe3f 100644 --- a/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.json +++ b/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -262,8 +262,8 @@ "resourceGroupName": "[resourceGroup().name]", "resourceGroupId": "[concat(resourceGroup().id, '-vip')]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", "f5CloudIappsTag": "v2.3.2", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "skuToUse": "f5-bigiq-virtual-edition-byol", @@ -826,7 +826,7 @@ "properties": { "autoUpgradeMinorVersion": "true", "protectedSettings": { - "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey1'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress2'), ' --associate-intf ', concat(variables('intNicName'), '0'), ' --dissociate-intf ', concat(variables('intNicName'), '1'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','7.0.3.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" + "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey1'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress2'), ' --associate-intf ', concat(variables('intNicName'), '0'), ' --dissociate-intf ', concat(variables('intNicName'), '1'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','7.1.0.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -853,7 +853,7 @@ "properties": { "autoUpgradeMinorVersion": "true", "protectedSettings": { - "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey2'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --create-license-pool ', parameters('licensePoolKeys'), ' --create-reg-key-pool ', parameters('regPoolKeys'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --master --big-iq-failover-peer-ip ', variables('intSubnetPrivateAddress'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress3'), ' --associate-intf ', concat(variables('intNicName'), '1'), ' --dissociate-intf ', concat(variables('intNicName'), '0'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress1'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress1'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','7.0.3.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" + "commandToExecute": "[concat('mkdir -p /var/log/cloud/azure; mkdir -p /config/cloud; echo ', variables('initScript'), ' | /usr/bin/base64 -d > /config/cloud/init.sh; chmod +x /config/cloud/init.sh;', ' /config/cloud/init.sh --cloud azure --log-level silly --data-interface eth1 --license ', parameters('bigIqLicenseKey2'), ' --ntp ', parameters('ntpServer'), ' --timezone ', parameters('timeZone'), ' --create-license-pool ', parameters('licensePoolKeys'), ' --create-reg-key-pool ', parameters('regPoolKeys'), ' --big-iq-password-data-uri file:///mnt/cloudTmp/.bigiq_pass --big-iq-password ', variables('adminPassword'), ' --big-iq-master-key ', parameters('masterKey'), ' --master --big-iq-failover-peer-ip ', variables('intSubnetPrivateAddress'), ' --fcl-tag ', variables('f5CloudLibsTag'), ' --fcl-cloud-tag ', variables('f5CloudLibsAzureTag'), ' --tag-value ', variables('resourceGroupId'), ' --private-ip ', variables('intSubnetPrivateAddress3'), ' --associate-intf ', concat(variables('intNicName'), '1'), ' --dissociate-intf ', concat(variables('intNicName'), '0'), ' --vlan ', variables('singleQuote'), 'n:internal,nic:1.1', variables('singleQuote'), ' --self-ip ', variables('singleQuote'), 'n:internal_self,a:', variables('intSubnetPrivateAddress1'), ',v:internal,i:eth1', variables('singleQuote'), ' --discovery-address ', variables('intSubnetPrivateAddress1'), ' --usage-analytics ', variables('singleQuote'), 'send:', parameters('allowUsageAnalytics'), ',r:', variables('location'), ',cI:', variables('subscriptionID'), ',dI:', variables('deploymentId'), ',cN:azure,lT:byol,bIV:',parameters('bigIqVersion'),',tN:f5-existing-stack-byol-2nic-bigiq,tV:','7.1.0.0', variables('singleQuote'), ' &>> /var/log/cloud/azure/install.log &')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { diff --git a/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.parameters.json b/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.parameters.json index 71483060f1..64ee96a625 100644 --- a/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.parameters.json +++ b/experimental/bigiq/licenseManagement/cluster/2nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/README.md b/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/README.md index 9904652ae1..9850b488ea 100644 --- a/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/README.md +++ b/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/README.md @@ -98,7 +98,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fexperimental%2Fbigiq%2FlicenseManagement%2Fstandalone%2F2nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fexperimental%2Fbigiq%2FlicenseManagement%2Fstandalone%2F2nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.json b/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.json index 4c94ec70c2..933a8b76de 100644 --- a/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.json +++ b/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -292,8 +292,8 @@ "resourceGroupName": "[resourceGroup().name]", "resourceGroupId": "[concat(resourceGroup().id, '-vip')]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", "f5CloudIappsTag": "v2.3.2", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "skuToUse": "f5-bigiq-virtual-edition-byol", diff --git a/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json b/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json index abaf6e0955..d2a329f891 100644 --- a/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json +++ b/experimental/bigiq/licenseManagement/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/README.md b/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/README.md index 07fade854f..7af396fa1a 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/README.md +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/README.md @@ -124,7 +124,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Flearning-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Flearning-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.json b/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.json index e5b37db5fd..e86963b289 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.json +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -483,14 +483,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -543,7 +543,10 @@ "intSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.3.5')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -657,7 +660,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-learning-stack-experimental-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-learning-stack-experimental-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.parameters.json b/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.parameters.json index 9556ff0d97..6d595f0fb7 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/README.md b/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/README.md index beef69804d..28cc101724 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/README.md +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/README.md @@ -123,7 +123,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Flearning-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Flearning-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.json b/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.json index bf3736bfed..a3acee539e 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.json +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -459,14 +459,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -519,7 +519,10 @@ "intSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.3.5')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -633,7 +636,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-learning-stack-experimental-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-learning-stack-experimental-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.parameters.json b/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.parameters.json index a52764d483..ba7de4b3e7 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/README.md b/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/README.md index b3d8364602..b3f8afd885 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/README.md +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/README.md @@ -121,7 +121,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Flearning-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fexperimental%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Flearning-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.json b/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.json index 74f85d29e2..7faf5f7359 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.json +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -455,14 +455,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -515,7 +515,10 @@ "intSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.3.5')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -666,7 +669,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-learning-stack-experimental-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-learning-stack-experimental-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.parameters.json b/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.parameters.json index cbcd13d8c1..fd97bddde8 100644 --- a/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.parameters.json +++ b/experimental/failover/same-net/via-api/n-nic/learning-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/3nic/learning-stack/bigiq/README.md b/experimental/standalone/3nic/learning-stack/bigiq/README.md index 20b128fccf..83de4a1aef 100644 --- a/experimental/standalone/3nic/learning-stack/bigiq/README.md +++ b/experimental/standalone/3nic/learning-stack/bigiq/README.md @@ -104,7 +104,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fexperimental%2Fstandalone%2F3nic%2Flearning-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fexperimental%2Fstandalone%2F3nic%2Flearning-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.json b/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.json index e84456d43a..4be693fbf2 100644 --- a/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.json +++ b/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -356,14 +356,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -407,7 +407,10 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -469,7 +472,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-learning-stack-experimental-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-learning-stack-experimental-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.parameters.json b/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.parameters.json index 1c93d6fba3..b9c3a15891 100644 --- a/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.parameters.json +++ b/experimental/standalone/3nic/learning-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/3nic/learning-stack/byol/README.md b/experimental/standalone/3nic/learning-stack/byol/README.md index f5c7436c15..d0cadf9794 100644 --- a/experimental/standalone/3nic/learning-stack/byol/README.md +++ b/experimental/standalone/3nic/learning-stack/byol/README.md @@ -103,7 +103,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fexperimental%2Fstandalone%2F3nic%2Flearning-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fexperimental%2Fstandalone%2F3nic%2Flearning-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/experimental/standalone/3nic/learning-stack/byol/azuredeploy.json b/experimental/standalone/3nic/learning-stack/byol/azuredeploy.json index 29bbe37402..bc7645d4be 100644 --- a/experimental/standalone/3nic/learning-stack/byol/azuredeploy.json +++ b/experimental/standalone/3nic/learning-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -325,14 +325,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -376,7 +376,10 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -438,7 +441,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-learning-stack-experimental-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-learning-stack-experimental-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/experimental/standalone/3nic/learning-stack/byol/azuredeploy.parameters.json b/experimental/standalone/3nic/learning-stack/byol/azuredeploy.parameters.json index 1a32237932..0a3af8f83f 100644 --- a/experimental/standalone/3nic/learning-stack/byol/azuredeploy.parameters.json +++ b/experimental/standalone/3nic/learning-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/experimental/standalone/3nic/learning-stack/payg/README.md b/experimental/standalone/3nic/learning-stack/payg/README.md index c35801fd6e..98eb6c820f 100644 --- a/experimental/standalone/3nic/learning-stack/payg/README.md +++ b/experimental/standalone/3nic/learning-stack/payg/README.md @@ -101,7 +101,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fexperimental%2Fstandalone%2F3nic%2Flearning-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fexperimental%2Fstandalone%2F3nic%2Flearning-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/experimental/standalone/3nic/learning-stack/payg/azuredeploy.json b/experimental/standalone/3nic/learning-stack/payg/azuredeploy.json index 24888d4242..dc098384a1 100644 --- a/experimental/standalone/3nic/learning-stack/payg/azuredeploy.json +++ b/experimental/standalone/3nic/learning-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -330,14 +330,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -381,7 +381,10 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -480,7 +483,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-learning-stack-experimental-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-learning-stack-experimental-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/experimental/standalone/3nic/learning-stack/payg/azuredeploy.parameters.json b/experimental/standalone/3nic/learning-stack/payg/azuredeploy.parameters.json index 97a731ebfc..de638b7a9a 100644 --- a/experimental/standalone/3nic/learning-stack/payg/azuredeploy.parameters.json +++ b/experimental/standalone/3nic/learning-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 index d744e4805e..e719306316 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -39,6 +39,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $dnsMemberIpType, [string] [Parameter(Mandatory=$True)] $dnsMemberPort, @@ -82,7 +84,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/README.md b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/README.md index f3aa3a290b..f3ec3e7c68 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/README.md +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/README.md @@ -21,7 +21,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local T The BIG-IP VE has the [Local Traffic Manager (LTM)](https://f5.com/products/big-ip/local-traffic-manager-ltm) module enabled to provide advanced traffic management functionality. This means you can also configure the BIG-IP VE to enable F5's L4/L7 security features, access control, and intelligent traffic management. -You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. +You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. This template uses BIGIP **public** management address when license is requested via BIGIQ. For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -112,7 +112,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -152,6 +152,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | dnsMemberIpType | Yes | The IP type to add as the record when updating the DNS provider. | | dnsMemberPort | Yes | The port for the DNS member to use for monitoring the members status. | @@ -172,7 +174,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -180,7 +182,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.json b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.json index f9dc8e19b1..401454a7eb 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -336,6 +336,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -520,14 +540,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -553,7 +573,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -592,6 +615,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -645,7 +669,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-existing-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-existing-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -667,7 +691,8 @@ { "apiVersion": "[variables('networkApiVersion')]", "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-mgmt-nsg')]", + "name": "[variables('mgmtNsgName')]", + "condition": "[not(variables('useExistingNsg'))]", "properties": { "securityRules": [ { @@ -784,7 +809,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress via-api --bigIpExtMgmtPort ', variables('bigIpMgmtPort'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress via-api --bigIpExtMgmtPort ', variables('bigIpMgmtPort'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -836,7 +861,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -845,10 +870,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json index b2e45052ad..da3c7c5c17 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -110,6 +110,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/deploy_via_bash.sh b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/deploy_via_bash.sh index 10a96bd3d9..d715d4f9c2 100755 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/deploy_via_bash.sh +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/bigiq/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -114,6 +114,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -169,7 +175,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -193,4 +199,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/Deploy_via_PS.ps1 b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/Deploy_via_PS.ps1 index 02d5cb9e5d..9858e4bf53 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/Deploy_via_PS.ps1 +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -33,6 +33,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $dnsMemberIpType, [string] [Parameter(Mandatory=$True)] $dnsMemberPort, @@ -75,7 +77,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/README.md b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/README.md index 418efb0feb..423416e53f 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/README.md +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/README.md @@ -21,7 +21,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local T The BIG-IP VE has the [Local Traffic Manager (LTM)](https://f5.com/products/big-ip/local-traffic-manager-ltm) module enabled to provide advanced traffic management functionality. This means you can also configure the BIG-IP VE to enable F5's L4/L7 security features, access control, and intelligent traffic management. -You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. +You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. This template uses BIGIP **public** management address when license is requested via BIGIQ. For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -109,7 +109,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -143,6 +143,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | dnsMemberIpType | Yes | The IP type to add as the record when updating the DNS provider. | | dnsMemberPort | Yes | The port for the DNS member to use for monitoring the members status. | @@ -163,7 +165,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -171,7 +173,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.json b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.json index f0957135e5..0b7f601829 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.json +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -305,6 +305,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -489,14 +509,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -522,7 +542,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -598,6 +621,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -651,7 +675,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-existing-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-existing-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -673,7 +697,8 @@ { "apiVersion": "[variables('networkApiVersion')]", "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-mgmt-nsg')]", + "name": "[variables('mgmtNsgName')]", + "condition": "[not(variables('useExistingNsg'))]", "properties": { "securityRules": [ { @@ -790,7 +815,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -842,7 +867,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -851,10 +876,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json index 131e0e860b..9e514b6589 100644 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -92,6 +92,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/deploy_via_bash.sh b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/deploy_via_bash.sh index 65c5164f9d..dae2b1a201 100755 --- a/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/deploy_via_bash.sh +++ b/supported/autoscale/ltm/via-dns/1nic/existing-stack/payg/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -96,6 +96,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -151,7 +157,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -175,4 +181,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/Deploy_via_PS.ps1 b/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/Deploy_via_PS.ps1 index 881abe1259..796e8055af 100644 --- a/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/Deploy_via_PS.ps1 +++ b/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -37,6 +37,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $dnsMemberIpType, [string] [Parameter(Mandatory=$True)] $dnsMemberPort, @@ -80,7 +82,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/README.md b/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/README.md index f9daf9e6c1..006852c8e5 100644 --- a/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/README.md +++ b/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/README.md @@ -21,7 +21,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local T The BIG-IP VE has the [Local Traffic Manager (LTM)](https://f5.com/products/big-ip/local-traffic-manager-ltm) module enabled to provide advanced traffic management functionality. This means you can also configure the BIG-IP VE to enable F5's L4/L7 security features, access control, and intelligent traffic management. -You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. +You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. This template uses BIGIP **public** management address when license is requested via BIGIQ. For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -112,7 +112,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -150,6 +150,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | dnsMemberIpType | Yes | The IP type to add as the record when updating the DNS provider. | | dnsMemberPort | Yes | The port for the DNS member to use for monitoring the members status. | @@ -170,7 +172,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -178,7 +180,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.json b/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.json index 295e358fc6..e4d7596888 100644 --- a/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.json +++ b/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -325,6 +325,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -509,14 +529,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -542,7 +562,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -583,6 +606,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -636,7 +660,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-new-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-new-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -773,7 +797,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress via-api --bigIpExtMgmtPort ', variables('bigIpMgmtPort'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress via-api --bigIpExtMgmtPort ', variables('bigIpMgmtPort'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -825,7 +849,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -834,10 +858,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json b/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json index a0caf89744..d30a4c1526 100644 --- a/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -104,6 +104,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/deploy_via_bash.sh b/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/deploy_via_bash.sh index 6063a687b5..5b4cc2588c 100755 --- a/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/deploy_via_bash.sh +++ b/supported/autoscale/ltm/via-dns/1nic/new-stack/bigiq/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -108,6 +108,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -163,7 +169,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -187,4 +193,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/Deploy_via_PS.ps1 b/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/Deploy_via_PS.ps1 index 12290783a4..1abf91c0e6 100644 --- a/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/Deploy_via_PS.ps1 +++ b/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -31,6 +31,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $dnsMemberIpType, [string] [Parameter(Mandatory=$True)] $dnsMemberPort, @@ -73,7 +75,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/README.md b/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/README.md index f53929b8fd..698db9e3ce 100644 --- a/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/README.md +++ b/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/README.md @@ -21,7 +21,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local T The BIG-IP VE has the [Local Traffic Manager (LTM)](https://f5.com/products/big-ip/local-traffic-manager-ltm) module enabled to provide advanced traffic management functionality. This means you can also configure the BIG-IP VE to enable F5's L4/L7 security features, access control, and intelligent traffic management. -You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. +You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. This template uses BIGIP **public** management address when license is requested via BIGIQ. For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -109,7 +109,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-dns%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -141,6 +141,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | dnsMemberIpType | Yes | The IP type to add as the record when updating the DNS provider. | | dnsMemberPort | Yes | The port for the DNS member to use for monitoring the members status. | @@ -161,7 +163,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -169,7 +171,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.json b/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.json index 5be3f89c0b..3077bb182f 100644 --- a/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.json +++ b/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -294,6 +294,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -478,14 +498,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -511,7 +531,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -589,6 +612,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -642,7 +666,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-new-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_dns-new-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -779,7 +803,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -831,7 +855,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -840,10 +864,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json b/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json index 99db2cf8c4..a68f889624 100644 --- a/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json +++ b/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -86,6 +86,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/deploy_via_bash.sh b/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/deploy_via_bash.sh index c2831e5561..ab5727356c 100755 --- a/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/deploy_via_bash.sh +++ b/supported/autoscale/ltm/via-dns/1nic/new-stack/payg/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -90,6 +90,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -145,7 +151,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -169,4 +175,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 index 01fba0ba85..0717e4b6c0 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -mgmtNsgName OPTIONAL -externalLoadBalancerName OPTIONAL -internalLoadBalancerName OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -39,6 +39,11 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $mgmtNsgName, + [string] [Parameter(Mandatory=$True)] $externalLoadBalancerName, + [string] [Parameter(Mandatory=$True)] $internalLoadBalancerName, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $tenantId, [string] [Parameter(Mandatory=$True)] $clientId, @@ -73,7 +78,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -mgmtNsgName $mgmtNsgName -externalLoadBalancerName $externalLoadBalancerName -internalLoadBalancerName $internalLoadBalancerName -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/README.md b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/README.md index fdedfbf599..eef93d34ea 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/README.md +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/README.md @@ -19,7 +19,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local Traffic Manager (LTM) Virtual Edition (VE) instances in a Microsoft Azure VM Scale Set that is configured for auto scaling. Traffic flows from the Azure load balancer to the BIG-IP VE (cluster) and then to the application servers. The BIG-IP VE(s) are configured in single-NIC mode. Auto scaling means that as certain thresholds are reached, the number of BIG-IP VE instances automatically increases or decreases accordingly. -The BIG-IP VE has the [Local Traffic Manager (LTM)](https://f5.com/products/big-ip/local-traffic-manager-ltm) module enabled to provide advanced traffic management functionality. This means you can also configure the BIG-IP VE to enable F5's L4/L7 security features, access control, and intelligent traffic management. +The BIG-IP VE has the [Local Traffic Manager (LTM)](https://f5.com/products/big-ip/local-traffic-manager-ltm) module enabled to provide advanced traffic management functionality. This means you can also configure the BIG-IP VE to enable F5's L4/L7 security features, access control, and intelligent traffic management. This template uses BIGIP **private** management address when license is requested via BIGIQ For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -110,7 +110,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -150,6 +150,11 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| mgmtNsgName | Yes | If you would like to deploy using an existing Azure Network Security Group, provide the NSG name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| externalLoadBalancerName | Yes | If you would like to deploy using an existing Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| internalLoadBalancerName | Yes | If you would like to add instances to an existing internal Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the internal ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | tenantId | Yes | Your Azure service principal application tenant ID. | | clientId | Yes | Your Azure service principal application client ID. | @@ -162,7 +167,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -mgmtNsgName OPTIONAL -externalLoadBalancerName OPTIONAL -internalLoadBalancerName OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -170,7 +175,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --mgmtNsgName OPTIONAL --externalLoadBalancerName OPTIONAL --internalLoadBalancerName OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.json b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.json index 5cdc7d986a..722dd2aa67 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -336,6 +336,47 @@ }, "type": "string" }, + "mgmtNsgName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to deploy using an existing Azure Network Security Group, provide the NSG name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "externalLoadBalancerName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to deploy using an existing Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "internalLoadBalancerName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to add instances to an existing internal Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the internal ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -463,14 +504,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -496,7 +537,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -529,12 +573,27 @@ "bigip-virtual-edition-good": "good" } }, - "externalLoadBalancerName": "[concat(variables('dnsLabel'),'-ext-alb')]", + "externalLoadBalancerName": "[if(variables('useExistingLoadBalancer'), parameters('externalLoadBalancerName'), concat(variables('dnsLabel'),'-ext-alb'))]", "extLbId": "[resourceId('Microsoft.Network/loadBalancers',variables('externalLoadBalancerName'))]", "deviceNamePrefix": "[concat(variables('dnsLabel'),'-device')]", "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", + "attachInternalLoadBalancer": "[not(empty(replace(parameters('internalLoadBalancerName'), 'OPTIONAL', '')))]", + "internalLoadBalancerName": "[parameters('internalLoadBalancerName')]", + "useExistingLoadBalancer": "[not(empty(replace(parameters('externalLoadBalancerName'), 'OPTIONAL', '')))]", + "loadBalancerBackendAddressPoolsArray": [ + { + "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" + }, + { + "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('internalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" + } + ], + "useExistingNsg": "[not(empty(replace(parameters('mgmtNsgName'), 'OPTIONAL', '')))]", + "mgmtNsgName": "[if(variables('useExistingNsg'), parameters('mgmtNsgName'), concat(variables('dnsLabel'),'-mgmt-nsg'))]", + "mgmtNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-mgmt-nsg'))]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -572,7 +631,6 @@ "publicIPAddressType": "Static", "mgmtPublicIPAddressName": "[concat(variables('dnsLabel'), '-mgmt-pip')]", "mgmtPublicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('mgmtPublicIPAddressName'))]", - "mgmtNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-mgmt-nsg'))]", "mgmtNicName": "[concat(variables('dnsLabel'), '-mgmt')]", "mgmtNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('mgmtNicName'))]", "mgmtSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('mgmtSubnetName'))]", @@ -588,7 +646,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-existing-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-existing-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -627,7 +685,8 @@ { "apiVersion": "[variables('networkApiVersion')]", "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-mgmt-nsg')]", + "name": "[variables('mgmtNsgName')]", + "condition": "[not(variables('useExistingNsg'))]", "properties": { "securityRules": [ { @@ -693,6 +752,7 @@ }, { "apiVersion": "[variables('networkApiVersion')]", + "condition": "[not(variables('useExistingLoadBalancer'))]", "dependsOn": [ "[concat('Microsoft.Network/publicIPAddresses/', variables('mgmtPublicIPAddressName'))]" ], @@ -831,7 +891,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress ', reference(variables('mgmtPublicIPAddressId')).ipAddress, ' --bigIpExtMgmtPort via-api', '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress private --bigIpExtMgmtPort via-api --clusterUpdateInterval 300', '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -858,11 +918,7 @@ { "name": "ipconfig1", "properties": { - "loadBalancerBackendAddressPools": [ - { - "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" - } - ], + "loadBalancerBackendAddressPools": "[take(variables('loadBalancerBackendAddressPoolsArray'), if(variables('attachInternalLoadBalancer'), 2, 1))]", "loadBalancerInboundNatPools": [ { "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/inboundNatPools/sshnatpool')]" @@ -896,7 +952,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -905,10 +961,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json index a056648d5d..c9d6a9d6ff 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -110,6 +110,21 @@ "notificationEmail": { "value": "OPTIONAL" }, + "mgmtNsgName": { + "value": "OPTIONAL" + }, + "externalLoadBalancerName": { + "value": "OPTIONAL" + }, + "internalLoadBalancerName": { + "value": "OPTIONAL" + }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/deploy_via_bash.sh b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/deploy_via_bash.sh index 4aa02aebd9..c18e936536 100755 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/deploy_via_bash.sh +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/bigiq/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --mgmtNsgName OPTIONAL --externalLoadBalancerName OPTIONAL --internalLoadBalancerName OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -114,6 +114,21 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --mgmtNsgName) + mgmtNsgName=$2 + shift 2;; + --externalLoadBalancerName) + externalLoadBalancerName=$2 + shift 2;; + --internalLoadBalancerName) + internalLoadBalancerName=$2 + shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -145,7 +160,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail mgmtNsgName externalLoadBalancerName internalLoadBalancerName useAvailabilityZones autoscaleTimeout provisionPublicIP tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -169,4 +184,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"mgmtNsgName\":{\"value\":\"$mgmtNsgName\"},\"externalLoadBalancerName\":{\"value\":\"$externalLoadBalancerName\"},\"internalLoadBalancerName\":{\"value\":\"$internalLoadBalancerName\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/Deploy_via_PS.ps1 b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/Deploy_via_PS.ps1 index 7ffb1fcd9c..7a6967f426 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/Deploy_via_PS.ps1 +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -mgmtNsgName OPTIONAL -externalLoadBalancerName OPTIONAL -internalLoadBalancerName OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -33,6 +33,11 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $mgmtNsgName, + [string] [Parameter(Mandatory=$True)] $externalLoadBalancerName, + [string] [Parameter(Mandatory=$True)] $internalLoadBalancerName, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $tenantId, [string] [Parameter(Mandatory=$True)] $clientId, @@ -66,7 +71,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -mgmtNsgName $mgmtNsgName -externalLoadBalancerName $externalLoadBalancerName -internalLoadBalancerName $internalLoadBalancerName -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/README.md b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/README.md index 1d260e1ea9..c0a54fb246 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/README.md +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/README.md @@ -19,7 +19,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local Traffic Manager (LTM) Virtual Edition (VE) instances in a Microsoft Azure VM Scale Set that is configured for auto scaling. Traffic flows from the Azure load balancer to the BIG-IP VE (cluster) and then to the application servers. The BIG-IP VE(s) are configured in single-NIC mode. Auto scaling means that as certain thresholds are reached, the number of BIG-IP VE instances automatically increases or decreases accordingly. -The BIG-IP VE has the [Local Traffic Manager (LTM)](https://f5.com/products/big-ip/local-traffic-manager-ltm) module enabled to provide advanced traffic management functionality. This means you can also configure the BIG-IP VE to enable F5's L4/L7 security features, access control, and intelligent traffic management. +The BIG-IP VE has the [Local Traffic Manager (LTM)](https://f5.com/products/big-ip/local-traffic-manager-ltm) module enabled to provide advanced traffic management functionality. This means you can also configure the BIG-IP VE to enable F5's L4/L7 security features, access control, and intelligent traffic management. This template uses BIGIP **private** management address when license is requested via BIGIQ For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -107,7 +107,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -141,6 +141,11 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| mgmtNsgName | Yes | If you would like to deploy using an existing Azure Network Security Group, provide the NSG name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| externalLoadBalancerName | Yes | If you would like to deploy using an existing Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| internalLoadBalancerName | Yes | If you would like to add instances to an existing internal Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the internal ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | tenantId | Yes | Your Azure service principal application tenant ID. | | clientId | Yes | Your Azure service principal application client ID. | @@ -153,7 +158,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -mgmtNsgName OPTIONAL -externalLoadBalancerName OPTIONAL -internalLoadBalancerName OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -161,7 +166,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --mgmtNsgName OPTIONAL --externalLoadBalancerName OPTIONAL --internalLoadBalancerName OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.json b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.json index 3a34e7ee7f..ab5096bc66 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.json +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -305,6 +305,47 @@ }, "type": "string" }, + "mgmtNsgName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to deploy using an existing Azure Network Security Group, provide the NSG name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "externalLoadBalancerName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to deploy using an existing Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "internalLoadBalancerName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to add instances to an existing internal Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the internal ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -432,14 +473,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -465,7 +506,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -535,12 +579,27 @@ "sku": "f5-big-ip-per-app-ve-ltm-25m-hourly" } }, - "externalLoadBalancerName": "[concat(variables('dnsLabel'),'-ext-alb')]", + "externalLoadBalancerName": "[if(variables('useExistingLoadBalancer'), parameters('externalLoadBalancerName'), concat(variables('dnsLabel'),'-ext-alb'))]", "extLbId": "[resourceId('Microsoft.Network/loadBalancers',variables('externalLoadBalancerName'))]", "deviceNamePrefix": "[concat(variables('dnsLabel'),'-device')]", "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", + "attachInternalLoadBalancer": "[not(empty(replace(parameters('internalLoadBalancerName'), 'OPTIONAL', '')))]", + "internalLoadBalancerName": "[parameters('internalLoadBalancerName')]", + "useExistingLoadBalancer": "[not(empty(replace(parameters('externalLoadBalancerName'), 'OPTIONAL', '')))]", + "loadBalancerBackendAddressPoolsArray": [ + { + "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" + }, + { + "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('internalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" + } + ], + "useExistingNsg": "[not(empty(replace(parameters('mgmtNsgName'), 'OPTIONAL', '')))]", + "mgmtNsgName": "[if(variables('useExistingNsg'), parameters('mgmtNsgName'), concat(variables('dnsLabel'),'-mgmt-nsg'))]", + "mgmtNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-mgmt-nsg'))]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -578,7 +637,6 @@ "publicIPAddressType": "Static", "mgmtPublicIPAddressName": "[concat(variables('dnsLabel'), '-mgmt-pip')]", "mgmtPublicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('mgmtPublicIPAddressName'))]", - "mgmtNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-mgmt-nsg'))]", "mgmtNicName": "[concat(variables('dnsLabel'), '-mgmt')]", "mgmtNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('mgmtNicName'))]", "mgmtSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('mgmtSubnetName'))]", @@ -594,7 +652,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-existing-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-existing-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -633,7 +691,8 @@ { "apiVersion": "[variables('networkApiVersion')]", "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-mgmt-nsg')]", + "name": "[variables('mgmtNsgName')]", + "condition": "[not(variables('useExistingNsg'))]", "properties": { "securityRules": [ { @@ -699,6 +758,7 @@ }, { "apiVersion": "[variables('networkApiVersion')]", + "condition": "[not(variables('useExistingLoadBalancer'))]", "dependsOn": [ "[concat('Microsoft.Network/publicIPAddresses/', variables('mgmtPublicIPAddressName'))]" ], @@ -837,7 +897,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -864,11 +924,7 @@ { "name": "ipconfig1", "properties": { - "loadBalancerBackendAddressPools": [ - { - "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" - } - ], + "loadBalancerBackendAddressPools": "[take(variables('loadBalancerBackendAddressPoolsArray'), if(variables('attachInternalLoadBalancer'), 2, 1))]", "loadBalancerInboundNatPools": [ { "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/inboundNatPools/sshnatpool')]" @@ -902,7 +958,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -911,10 +967,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json index 2966381fbc..4b15768ee4 100644 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -92,6 +92,21 @@ "notificationEmail": { "value": "OPTIONAL" }, + "mgmtNsgName": { + "value": "OPTIONAL" + }, + "externalLoadBalancerName": { + "value": "OPTIONAL" + }, + "internalLoadBalancerName": { + "value": "OPTIONAL" + }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/deploy_via_bash.sh b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/deploy_via_bash.sh index 823c44a093..21130ebcec 100755 --- a/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/deploy_via_bash.sh +++ b/supported/autoscale/ltm/via-lb/1nic/existing-stack/payg/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --mgmtNsgName OPTIONAL --externalLoadBalancerName OPTIONAL --internalLoadBalancerName OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -96,6 +96,21 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --mgmtNsgName) + mgmtNsgName=$2 + shift 2;; + --externalLoadBalancerName) + externalLoadBalancerName=$2 + shift 2;; + --internalLoadBalancerName) + internalLoadBalancerName=$2 + shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -127,7 +142,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail mgmtNsgName externalLoadBalancerName internalLoadBalancerName useAvailabilityZones autoscaleTimeout provisionPublicIP tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -151,4 +166,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"mgmtNsgName\":{\"value\":\"$mgmtNsgName\"},\"externalLoadBalancerName\":{\"value\":\"$externalLoadBalancerName\"},\"internalLoadBalancerName\":{\"value\":\"$internalLoadBalancerName\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/Deploy_via_PS.ps1 b/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/Deploy_via_PS.ps1 index e6092e9850..a274b80b7b 100644 --- a/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/Deploy_via_PS.ps1 +++ b/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -37,6 +37,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $tenantId, [string] [Parameter(Mandatory=$True)] $clientId, @@ -71,7 +73,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/README.md b/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/README.md index b4c15ae533..89a0feee84 100644 --- a/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/README.md +++ b/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/README.md @@ -19,7 +19,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local Traffic Manager (LTM) Virtual Edition (VE) instances in a Microsoft Azure VM Scale Set that is configured for auto scaling. Traffic flows from the Azure load balancer to the BIG-IP VE (cluster) and then to the application servers. The BIG-IP VE(s) are configured in single-NIC mode. Auto scaling means that as certain thresholds are reached, the number of BIG-IP VE instances automatically increases or decreases accordingly. -The BIG-IP VE has the [Local Traffic Manager (LTM)](https://f5.com/products/big-ip/local-traffic-manager-ltm) module enabled to provide advanced traffic management functionality. This means you can also configure the BIG-IP VE to enable F5's L4/L7 security features, access control, and intelligent traffic management. +The BIG-IP VE has the [Local Traffic Manager (LTM)](https://f5.com/products/big-ip/local-traffic-manager-ltm) module enabled to provide advanced traffic management functionality. This means you can also configure the BIG-IP VE to enable F5's L4/L7 security features, access control, and intelligent traffic management. This template uses BIGIP **private** management address when license is requested via BIGIQ For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -110,7 +110,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -148,6 +148,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | tenantId | Yes | Your Azure service principal application tenant ID. | | clientId | Yes | Your Azure service principal application client ID. | @@ -160,7 +162,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -168,7 +170,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.json b/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.json index 15d74f3a4d..f110b55edc 100644 --- a/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.json +++ b/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -325,6 +325,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -452,14 +472,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -485,7 +505,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -526,6 +549,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -579,7 +603,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-new-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-new-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -820,7 +844,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress ', reference(variables('mgmtPublicIPAddressId')).ipAddress, ' --bigIpExtMgmtPort via-api', '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress private --bigIpExtMgmtPort via-api --clusterUpdateInterval 300', '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -885,7 +909,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -894,10 +918,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json b/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json index 33ff5ecb44..e9a95898bb 100644 --- a/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -104,6 +104,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/deploy_via_bash.sh b/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/deploy_via_bash.sh index 4410e8dd5a..02835878ea 100755 --- a/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/deploy_via_bash.sh +++ b/supported/autoscale/ltm/via-lb/1nic/new-stack/bigiq/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -108,6 +108,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -139,7 +145,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -163,4 +169,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/Deploy_via_PS.ps1 b/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/Deploy_via_PS.ps1 index a90b590bcd..d62d9bbe3b 100644 --- a/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/Deploy_via_PS.ps1 +++ b/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -31,6 +31,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $tenantId, [string] [Parameter(Mandatory=$True)] $clientId, @@ -64,7 +66,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/README.md b/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/README.md index 61a7451efc..b42e403843 100644 --- a/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/README.md +++ b/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/README.md @@ -19,7 +19,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local Traffic Manager (LTM) Virtual Edition (VE) instances in a Microsoft Azure VM Scale Set that is configured for auto scaling. Traffic flows from the Azure load balancer to the BIG-IP VE (cluster) and then to the application servers. The BIG-IP VE(s) are configured in single-NIC mode. Auto scaling means that as certain thresholds are reached, the number of BIG-IP VE instances automatically increases or decreases accordingly. -The BIG-IP VE has the [Local Traffic Manager (LTM)](https://f5.com/products/big-ip/local-traffic-manager-ltm) module enabled to provide advanced traffic management functionality. This means you can also configure the BIG-IP VE to enable F5's L4/L7 security features, access control, and intelligent traffic management. +The BIG-IP VE has the [Local Traffic Manager (LTM)](https://f5.com/products/big-ip/local-traffic-manager-ltm) module enabled to provide advanced traffic management functionality. This means you can also configure the BIG-IP VE to enable F5's L4/L7 security features, access control, and intelligent traffic management. This template uses BIGIP **private** management address when license is requested via BIGIQ For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -107,7 +107,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fltm%2Fvia-lb%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -139,6 +139,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | tenantId | Yes | Your Azure service principal application tenant ID. | | clientId | Yes | Your Azure service principal application client ID. | @@ -151,7 +153,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules ltm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -159,7 +161,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.json b/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.json index 233bcea126..eba5d0361e 100644 --- a/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.json +++ b/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -294,6 +294,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -421,14 +441,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -454,7 +474,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -532,6 +555,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -585,7 +609,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-new-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_ltm_via-lb-new-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -826,7 +850,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType ltm --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -891,7 +915,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -900,10 +924,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json b/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json index d62d3f9b0b..fe021437c4 100644 --- a/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json +++ b/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -86,6 +86,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/deploy_via_bash.sh b/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/deploy_via_bash.sh index 2939946027..86a8ab99ec 100755 --- a/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/deploy_via_bash.sh +++ b/supported/autoscale/ltm/via-lb/1nic/new-stack/payg/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules ltm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -90,6 +90,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -121,7 +127,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -145,4 +151,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 index 22ca79bf83..dd55fb285c 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -39,6 +39,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $applicationProtocols, [string] [Parameter(Mandatory=$True)] $applicationAddress, @@ -92,7 +94,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/README.md b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/README.md index 8843f3e99a..24a0dcf506 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/README.md +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/README.md @@ -21,7 +21,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local T In this solution, the BIG-IP VEs have the [LTM](https://f5.com/products/big-ip/local-traffic-manager-ltm) and [ASM](https://f5.com/products/big-ip/application-security-manager-asm) modules enabled to provide advanced traffic management and web application security functionality. -You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. +You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. This template uses BIGIP **public** management address when license is requested via BIGIQ For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -112,7 +112,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -152,6 +152,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | applicationProtocols | Yes | The protocol(s) used by your application. | | applicationAddress | Yes | The public IP address or DNS FQDN of the application that this WAF will protect. | @@ -181,7 +183,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -189,7 +191,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.json b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.json index c961a4d6dc..b5f2eb3cb1 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -332,6 +332,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -595,14 +615,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz asm-policy.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -628,7 +648,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC9zaGFyZWQvYXBwc3Zjcy9kZWNsYXJlIC1kIEAkZmlsZV9sb2MgLW8gL2Rldi9udWxsKQoKICAgICAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgXV07IHRoZW4KICAgICAgICAgICAgICAgICAgZWNobyAiRGVwbG95bWVudCBvZiBhcHBsaWNhdGlvbiBzdWNjZWVkZWQuIgogICAgICAgICAgICAgICAgICBkZXBsb3llZD0ieWVzIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCB2YWxpZCBKU09OLCBjb250aW51aW5nIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBjdXN0b20gY29uZmlnOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICBmaQplbHNlCiAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IGEgVVJMLCBjb250aW51aW5nLiIKZmkKCmlmIFtbICRkZXBsb3llZCA9PSAibm8iICYmICRkZWNsYXJhdGlvblVybCA9PSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgIGlwX3JlZ2V4PSdeWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfSQnCiAgICBkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAogICAgbW9kZT1gc2VkICJzLy0vXy9nIiA8PDwiJG1vZGUiYAogICAgcGF5bG9hZD0neyJjbGFzcyI6IkFEQyIsInNjaGVtYVZlcnNpb24iOiIzLjAuMCIsImxhYmVsIjoiYXV0b3NjYWxlX3dhZiIsImlkIjoiQVVUT1NDQUxFX1dBRiIsInJlbWFyayI6IkF1dG9zY2FsZSBXQUYiLCJ3YWYiOnsiY2xhc3MiOiJUZW5hbnQiLCJTaGFyZWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoic2hhcmVkIiwic2VydmljZUFkZHJlc3MiOnsiY2xhc3MiOiJTZXJ2aWNlX0FkZHJlc3MiLCJ2aXJ0dWFsQWRkcmVzcyI6IjAuMC4wLjAifSwicG9saWN5V0FGIjp7ImNsYXNzIjoiV0FGX1BvbGljeSIsImZpbGUiOiIvdG1wL2FzMzAtbGludXgtbWVkaXVtLnhtbCJ9fSwiaHR0cCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwIiwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwIl0sIm1lbWJlcnMiOlt7ImFkZHJlc3NEaXNjb3ZlcnkiOiJmcWRuIiwiYXV0b1BvcHVsYXRlIjp0cnVlLCJzZXJ2aWNlUG9ydCI6ODAsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUCIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19LCJodHRwcyI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sImNsaWVudFRMUyI6eyJjbGFzcyI6IlRMU19DbGllbnQifSwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwcyJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjQ0MywiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6NDQzLCJzZXJ2ZXJUTFMiOiJzZXJ2ZXJUTFMiLCJjbGllbnRUTFMiOiJjbGllbnRUTFMiLCJyZWRpcmVjdDgwIjp0cnVlLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHNfb2ZmbG9hZCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFBTIiwidmlydHVhbEFkZHJlc3NlcyI6W3sidXNlIjoiL3dhZi9TaGFyZWQvc2VydmljZUFkZHJlc3MifV0sInZpcnR1YWxQb3J0Ijo4MCwic2VydmVyVExTIjoic2VydmVyVExTIiwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX19fScKCiAgICAjIHZlcmlmeSB0aGF0IHRoZSBjdXN0b20gcG9saWN5IGlzIGEgVVJMCiAgICBpZiBbWyAkbGV2ZWwgPT0gImN1c3RvbSIgXV07IHRoZW4KICAgICAgICAgaWYgW1sgLW4gJHBvbGljeSAmJiAkcG9saWN5ICE9ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgICAgICAgICAgaWYgW1sgJHBvbGljeSA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGN1c3RvbV9wb2xpY3k9JHBvbGljeQogICAgICAgICAgICAgICAgICAvdXNyL2Jpbi9jdXJsIC1zayAkY3VzdG9tX3BvbGljeSAtLXJldHJ5IDMgLW8gL3RtcC9jdXN0b21fcG9saWN5LnhtbAogICAgICAgICAgICAgICAgICBhc21fcG9saWN5PSIvdG1wL2N1c3RvbV9wb2xpY3kueG1sIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3QgYSBVUkwsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBwb2xpY3kgd2FzIG5vdCBzcGVjaWZpZWQsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtaGlnaC54bWwiCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS0kbGV2ZWwueG1sIgogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIHx8ICRtb2RlID09ICJodHRwX2h0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cHNfb2ZmbG9hZCIgXV07IHRoZW4KICAgICAgICAgY2hhaW49Ii9Db21tb24vY2EtYnVuZGxlLmNydCIKCiAgICAgICAgIGVjaG8gIlN0YXJ0aW5nIENlcnRpZmljYXRlIGRvd25sb2FkIgoKICAgICAgICAgY2VydGlmaWNhdGVfbG9jYXRpb249JHNzbF9jZXJ0CgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iICAtWCBQT1NUIC1IICJDb250ZW50LXR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vdXRpbC9iYXNoIC1kICd7ICJjb21tYW5kIjoicnVuIiwidXRpbENtZEFyZ3MiOiItYyBcImN1cmwgLWsgLXMgLWYgLS1yZXRyeSA1IC0tcmV0cnktZGVsYXkgMTAgLS1yZXRyeS1tYXgtdGltZSAxMCAtbyAvY29uZmlnL3RtcC5wZnggJyRjZXJ0aWZpY2F0ZV9sb2NhdGlvbidcIiIgfScgLW8gL2Rldi9udWxsKQoKICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwICBdXTsgdGhlbgogICAgICAgICAgICAgIGVjaG8gIkNlcnRpZmljYXRlIGRvd25sb2FkIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKCiAgICAgICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3UgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC90bS9zeXMvY3J5cHRvL3BrY3MxMiAtZCAneyJjb21tYW5kIjogImluc3RhbGwiLCJuYW1lIjogIndhZkNlcnQiLCJvcHRpb25zIjogWyB7ICJmcm9tLWxvY2FsLWZpbGUiOiAiL2NvbmZpZy90bXAucGZ4IiB9LCB7ICJwYXNzcGhyYXNlIjogIiciJHNzbF9wYXNzd2QiJyIgfSBdIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBpbnN0YWxsIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGluc3RhbGwgU1NMIGNlcnQ7IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGV4aXQgMQogICAgICAgICBmaQogICAgZmkKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIGFzbV9wb2xpY3kgJGFzbV9wb2xpY3kgJyAud2FmLlNoYXJlZC5wb2xpY3lXQUYuZmlsZSA9ICRhc21fcG9saWN5JykKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfaHR0cF9wb3J0ICRwb29sX2h0dHBfcG9ydCAtLWFyZyBwb29sX2h0dHBzX3BvcnQgJHBvb2xfaHR0cHNfcG9ydCAtLWFyZyB2c19odHRwX3BvcnQgJHZzX2h0dHBfcG9ydCAtLWFyZyB2c19odHRwc19wb3J0ICR2c19odHRwc19wb3J0ICcgLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHAuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZpY2VQb3J0ID0gKCRwb29sX2h0dHBzX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzX29mZmxvYWQuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBzX3BvcnQgfCB0b251bWJlciknKQoKICAgIGlmIFtbICRwb29sX21lbWJlciA9fiAkaXBfcmVnZXggXV07IHRoZW4KICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmFkZHJlc3NEaXNjb3ZlcnkpIHwgIGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KScpCgogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfbWVtYmVyICRwb29sX21lbWJlciAnLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3Nlc1swXSA9ICRwb29sX21lbWJlcicpCiAgICBlbHNlCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcyknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSA9ICRwb29sX21lbWJlciB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXInKQogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cCIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKScpCiAgICBlbGlmIFtbICRtb2RlID09ICJodHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQpIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cF9odHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuc2VydmljZU1haW4ucmVkaXJlY3Q4MCA9IGZhbHNlIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxzZQogICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHApIHwgZGVsKC53YWYuaHR0cHMpIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIuY2VydGlmaWNhdGUuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmNydCIgfCAud2FmLmh0dHBzX29mZmxvYWQuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGZpCgogICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3Z2dSAkdXNlcjokKHBhc3N3ZCkgLXcgIiV7aHR0cF9jb2RlfSIgLVggUE9TVCAtSCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgIiRwYXlsb2FkIiAtbyAvZGV2L251bGwpCgogICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgIF1dOyB0aGVuCiAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICBlbHNlCiAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgZXhpdCAxCiAgICAgZmkKIGZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -667,6 +690,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -727,7 +751,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-existing-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-existing-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -749,7 +773,8 @@ { "apiVersion": "[variables('networkApiVersion')]", "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-mgmt-nsg')]", + "name": "[variables('mgmtNsgName')]", + "condition": "[not(variables('useExistingNsg'))]", "properties": { "securityRules": [ { @@ -894,7 +919,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress via-api --bigIpExtMgmtPort ', variables('bigIpMgmtPort'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress via-api --bigIpExtMgmtPort ', variables('bigIpMgmtPort'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -947,7 +972,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -956,10 +981,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json index 5438386fcc..4af4db6c92 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -110,6 +110,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/deploy_via_bash.sh b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/deploy_via_bash.sh index 63e4e03bf6..b1c5b3e001 100755 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/deploy_via_bash.sh +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/bigiq/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -114,6 +114,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -196,7 +202,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -220,4 +226,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/Deploy_via_PS.ps1 b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/Deploy_via_PS.ps1 index c6ce733da0..0d52652530 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/Deploy_via_PS.ps1 +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -33,6 +33,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $applicationProtocols, [string] [Parameter(Mandatory=$True)] $applicationAddress, @@ -85,7 +87,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/README.md b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/README.md index 77a39567e8..9b40a82908 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/README.md +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/README.md @@ -21,7 +21,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local T In this solution, the BIG-IP VEs have the [LTM](https://f5.com/products/big-ip/local-traffic-manager-ltm) and [ASM](https://f5.com/products/big-ip/application-security-manager-asm) modules enabled to provide advanced traffic management and web application security functionality. -You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. +You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. This template uses BIGIP **public** management address when license is requested via BIGIQ For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -109,7 +109,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -143,6 +143,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | applicationProtocols | Yes | The protocol(s) used by your application. | | applicationAddress | Yes | The public IP address or DNS FQDN of the application that this WAF will protect. | @@ -172,7 +174,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -180,7 +182,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.json b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.json index 20e9d0587c..07e91c0bcc 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.json +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -300,6 +300,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -563,14 +583,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz asm-policy.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -596,7 +616,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC9zaGFyZWQvYXBwc3Zjcy9kZWNsYXJlIC1kIEAkZmlsZV9sb2MgLW8gL2Rldi9udWxsKQoKICAgICAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgXV07IHRoZW4KICAgICAgICAgICAgICAgICAgZWNobyAiRGVwbG95bWVudCBvZiBhcHBsaWNhdGlvbiBzdWNjZWVkZWQuIgogICAgICAgICAgICAgICAgICBkZXBsb3llZD0ieWVzIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCB2YWxpZCBKU09OLCBjb250aW51aW5nIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBjdXN0b20gY29uZmlnOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICBmaQplbHNlCiAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IGEgVVJMLCBjb250aW51aW5nLiIKZmkKCmlmIFtbICRkZXBsb3llZCA9PSAibm8iICYmICRkZWNsYXJhdGlvblVybCA9PSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgIGlwX3JlZ2V4PSdeWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfSQnCiAgICBkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAogICAgbW9kZT1gc2VkICJzLy0vXy9nIiA8PDwiJG1vZGUiYAogICAgcGF5bG9hZD0neyJjbGFzcyI6IkFEQyIsInNjaGVtYVZlcnNpb24iOiIzLjAuMCIsImxhYmVsIjoiYXV0b3NjYWxlX3dhZiIsImlkIjoiQVVUT1NDQUxFX1dBRiIsInJlbWFyayI6IkF1dG9zY2FsZSBXQUYiLCJ3YWYiOnsiY2xhc3MiOiJUZW5hbnQiLCJTaGFyZWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoic2hhcmVkIiwic2VydmljZUFkZHJlc3MiOnsiY2xhc3MiOiJTZXJ2aWNlX0FkZHJlc3MiLCJ2aXJ0dWFsQWRkcmVzcyI6IjAuMC4wLjAifSwicG9saWN5V0FGIjp7ImNsYXNzIjoiV0FGX1BvbGljeSIsImZpbGUiOiIvdG1wL2FzMzAtbGludXgtbWVkaXVtLnhtbCJ9fSwiaHR0cCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwIiwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwIl0sIm1lbWJlcnMiOlt7ImFkZHJlc3NEaXNjb3ZlcnkiOiJmcWRuIiwiYXV0b1BvcHVsYXRlIjp0cnVlLCJzZXJ2aWNlUG9ydCI6ODAsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUCIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19LCJodHRwcyI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sImNsaWVudFRMUyI6eyJjbGFzcyI6IlRMU19DbGllbnQifSwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwcyJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjQ0MywiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6NDQzLCJzZXJ2ZXJUTFMiOiJzZXJ2ZXJUTFMiLCJjbGllbnRUTFMiOiJjbGllbnRUTFMiLCJyZWRpcmVjdDgwIjp0cnVlLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHNfb2ZmbG9hZCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFBTIiwidmlydHVhbEFkZHJlc3NlcyI6W3sidXNlIjoiL3dhZi9TaGFyZWQvc2VydmljZUFkZHJlc3MifV0sInZpcnR1YWxQb3J0Ijo4MCwic2VydmVyVExTIjoic2VydmVyVExTIiwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX19fScKCiAgICAjIHZlcmlmeSB0aGF0IHRoZSBjdXN0b20gcG9saWN5IGlzIGEgVVJMCiAgICBpZiBbWyAkbGV2ZWwgPT0gImN1c3RvbSIgXV07IHRoZW4KICAgICAgICAgaWYgW1sgLW4gJHBvbGljeSAmJiAkcG9saWN5ICE9ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgICAgICAgICAgaWYgW1sgJHBvbGljeSA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGN1c3RvbV9wb2xpY3k9JHBvbGljeQogICAgICAgICAgICAgICAgICAvdXNyL2Jpbi9jdXJsIC1zayAkY3VzdG9tX3BvbGljeSAtLXJldHJ5IDMgLW8gL3RtcC9jdXN0b21fcG9saWN5LnhtbAogICAgICAgICAgICAgICAgICBhc21fcG9saWN5PSIvdG1wL2N1c3RvbV9wb2xpY3kueG1sIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3QgYSBVUkwsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBwb2xpY3kgd2FzIG5vdCBzcGVjaWZpZWQsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtaGlnaC54bWwiCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS0kbGV2ZWwueG1sIgogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIHx8ICRtb2RlID09ICJodHRwX2h0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cHNfb2ZmbG9hZCIgXV07IHRoZW4KICAgICAgICAgY2hhaW49Ii9Db21tb24vY2EtYnVuZGxlLmNydCIKCiAgICAgICAgIGVjaG8gIlN0YXJ0aW5nIENlcnRpZmljYXRlIGRvd25sb2FkIgoKICAgICAgICAgY2VydGlmaWNhdGVfbG9jYXRpb249JHNzbF9jZXJ0CgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iICAtWCBQT1NUIC1IICJDb250ZW50LXR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vdXRpbC9iYXNoIC1kICd7ICJjb21tYW5kIjoicnVuIiwidXRpbENtZEFyZ3MiOiItYyBcImN1cmwgLWsgLXMgLWYgLS1yZXRyeSA1IC0tcmV0cnktZGVsYXkgMTAgLS1yZXRyeS1tYXgtdGltZSAxMCAtbyAvY29uZmlnL3RtcC5wZnggJyRjZXJ0aWZpY2F0ZV9sb2NhdGlvbidcIiIgfScgLW8gL2Rldi9udWxsKQoKICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwICBdXTsgdGhlbgogICAgICAgICAgICAgIGVjaG8gIkNlcnRpZmljYXRlIGRvd25sb2FkIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKCiAgICAgICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3UgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC90bS9zeXMvY3J5cHRvL3BrY3MxMiAtZCAneyJjb21tYW5kIjogImluc3RhbGwiLCJuYW1lIjogIndhZkNlcnQiLCJvcHRpb25zIjogWyB7ICJmcm9tLWxvY2FsLWZpbGUiOiAiL2NvbmZpZy90bXAucGZ4IiB9LCB7ICJwYXNzcGhyYXNlIjogIiciJHNzbF9wYXNzd2QiJyIgfSBdIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBpbnN0YWxsIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGluc3RhbGwgU1NMIGNlcnQ7IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGV4aXQgMQogICAgICAgICBmaQogICAgZmkKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIGFzbV9wb2xpY3kgJGFzbV9wb2xpY3kgJyAud2FmLlNoYXJlZC5wb2xpY3lXQUYuZmlsZSA9ICRhc21fcG9saWN5JykKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfaHR0cF9wb3J0ICRwb29sX2h0dHBfcG9ydCAtLWFyZyBwb29sX2h0dHBzX3BvcnQgJHBvb2xfaHR0cHNfcG9ydCAtLWFyZyB2c19odHRwX3BvcnQgJHZzX2h0dHBfcG9ydCAtLWFyZyB2c19odHRwc19wb3J0ICR2c19odHRwc19wb3J0ICcgLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHAuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZpY2VQb3J0ID0gKCRwb29sX2h0dHBzX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzX29mZmxvYWQuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBzX3BvcnQgfCB0b251bWJlciknKQoKICAgIGlmIFtbICRwb29sX21lbWJlciA9fiAkaXBfcmVnZXggXV07IHRoZW4KICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmFkZHJlc3NEaXNjb3ZlcnkpIHwgIGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KScpCgogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfbWVtYmVyICRwb29sX21lbWJlciAnLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3Nlc1swXSA9ICRwb29sX21lbWJlcicpCiAgICBlbHNlCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcyknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSA9ICRwb29sX21lbWJlciB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXInKQogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cCIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKScpCiAgICBlbGlmIFtbICRtb2RlID09ICJodHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQpIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cF9odHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuc2VydmljZU1haW4ucmVkaXJlY3Q4MCA9IGZhbHNlIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxzZQogICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHApIHwgZGVsKC53YWYuaHR0cHMpIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIuY2VydGlmaWNhdGUuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmNydCIgfCAud2FmLmh0dHBzX29mZmxvYWQuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGZpCgogICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3Z2dSAkdXNlcjokKHBhc3N3ZCkgLXcgIiV7aHR0cF9jb2RlfSIgLVggUE9TVCAtSCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgIiRwYXlsb2FkIiAtbyAvZGV2L251bGwpCgogICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgIF1dOyB0aGVuCiAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICBlbHNlCiAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgZXhpdCAxCiAgICAgZmkKIGZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -672,6 +695,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -732,7 +756,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-existing-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-existing-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -754,7 +778,8 @@ { "apiVersion": "[variables('networkApiVersion')]", "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-mgmt-nsg')]", + "name": "[variables('mgmtNsgName')]", + "condition": "[not(variables('useExistingNsg'))]", "properties": { "securityRules": [ { @@ -899,7 +924,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -952,7 +977,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -961,10 +986,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json index 0efdf83124..243879a656 100644 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -92,6 +92,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/deploy_via_bash.sh b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/deploy_via_bash.sh index 5c579b029c..a44113871c 100755 --- a/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/deploy_via_bash.sh +++ b/supported/autoscale/waf/via-dns/1nic/existing-stack/payg/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -96,6 +96,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -178,7 +184,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -202,4 +208,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/Deploy_via_PS.ps1 b/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/Deploy_via_PS.ps1 index b01239bbad..d3340172a1 100644 --- a/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/Deploy_via_PS.ps1 +++ b/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -37,6 +37,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $applicationProtocols, [string] [Parameter(Mandatory=$True)] $applicationAddress, @@ -90,7 +92,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/README.md b/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/README.md index 69d93ba29b..d71c64663e 100644 --- a/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/README.md +++ b/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/README.md @@ -21,7 +21,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local T In this solution, the BIG-IP VEs have the [LTM](https://f5.com/products/big-ip/local-traffic-manager-ltm) and [ASM](https://f5.com/products/big-ip/application-security-manager-asm) modules enabled to provide advanced traffic management and web application security functionality. -You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. +You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. This template uses BIGIP **public** management address when license is requested via BIGIQ For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -112,7 +112,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -150,6 +150,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | applicationProtocols | Yes | The protocol(s) used by your application. | | applicationAddress | Yes | The public IP address or DNS FQDN of the application that this WAF will protect. | @@ -179,7 +181,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -187,7 +189,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.json b/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.json index 1b6647daf6..691d200b0e 100644 --- a/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.json +++ b/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -321,6 +321,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -584,14 +604,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz asm-policy.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -617,7 +637,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC9zaGFyZWQvYXBwc3Zjcy9kZWNsYXJlIC1kIEAkZmlsZV9sb2MgLW8gL2Rldi9udWxsKQoKICAgICAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgXV07IHRoZW4KICAgICAgICAgICAgICAgICAgZWNobyAiRGVwbG95bWVudCBvZiBhcHBsaWNhdGlvbiBzdWNjZWVkZWQuIgogICAgICAgICAgICAgICAgICBkZXBsb3llZD0ieWVzIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCB2YWxpZCBKU09OLCBjb250aW51aW5nIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBjdXN0b20gY29uZmlnOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICBmaQplbHNlCiAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IGEgVVJMLCBjb250aW51aW5nLiIKZmkKCmlmIFtbICRkZXBsb3llZCA9PSAibm8iICYmICRkZWNsYXJhdGlvblVybCA9PSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgIGlwX3JlZ2V4PSdeWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfSQnCiAgICBkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAogICAgbW9kZT1gc2VkICJzLy0vXy9nIiA8PDwiJG1vZGUiYAogICAgcGF5bG9hZD0neyJjbGFzcyI6IkFEQyIsInNjaGVtYVZlcnNpb24iOiIzLjAuMCIsImxhYmVsIjoiYXV0b3NjYWxlX3dhZiIsImlkIjoiQVVUT1NDQUxFX1dBRiIsInJlbWFyayI6IkF1dG9zY2FsZSBXQUYiLCJ3YWYiOnsiY2xhc3MiOiJUZW5hbnQiLCJTaGFyZWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoic2hhcmVkIiwic2VydmljZUFkZHJlc3MiOnsiY2xhc3MiOiJTZXJ2aWNlX0FkZHJlc3MiLCJ2aXJ0dWFsQWRkcmVzcyI6IjAuMC4wLjAifSwicG9saWN5V0FGIjp7ImNsYXNzIjoiV0FGX1BvbGljeSIsImZpbGUiOiIvdG1wL2FzMzAtbGludXgtbWVkaXVtLnhtbCJ9fSwiaHR0cCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwIiwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwIl0sIm1lbWJlcnMiOlt7ImFkZHJlc3NEaXNjb3ZlcnkiOiJmcWRuIiwiYXV0b1BvcHVsYXRlIjp0cnVlLCJzZXJ2aWNlUG9ydCI6ODAsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUCIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19LCJodHRwcyI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sImNsaWVudFRMUyI6eyJjbGFzcyI6IlRMU19DbGllbnQifSwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwcyJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjQ0MywiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6NDQzLCJzZXJ2ZXJUTFMiOiJzZXJ2ZXJUTFMiLCJjbGllbnRUTFMiOiJjbGllbnRUTFMiLCJyZWRpcmVjdDgwIjp0cnVlLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHNfb2ZmbG9hZCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFBTIiwidmlydHVhbEFkZHJlc3NlcyI6W3sidXNlIjoiL3dhZi9TaGFyZWQvc2VydmljZUFkZHJlc3MifV0sInZpcnR1YWxQb3J0Ijo4MCwic2VydmVyVExTIjoic2VydmVyVExTIiwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX19fScKCiAgICAjIHZlcmlmeSB0aGF0IHRoZSBjdXN0b20gcG9saWN5IGlzIGEgVVJMCiAgICBpZiBbWyAkbGV2ZWwgPT0gImN1c3RvbSIgXV07IHRoZW4KICAgICAgICAgaWYgW1sgLW4gJHBvbGljeSAmJiAkcG9saWN5ICE9ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgICAgICAgICAgaWYgW1sgJHBvbGljeSA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGN1c3RvbV9wb2xpY3k9JHBvbGljeQogICAgICAgICAgICAgICAgICAvdXNyL2Jpbi9jdXJsIC1zayAkY3VzdG9tX3BvbGljeSAtLXJldHJ5IDMgLW8gL3RtcC9jdXN0b21fcG9saWN5LnhtbAogICAgICAgICAgICAgICAgICBhc21fcG9saWN5PSIvdG1wL2N1c3RvbV9wb2xpY3kueG1sIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3QgYSBVUkwsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBwb2xpY3kgd2FzIG5vdCBzcGVjaWZpZWQsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtaGlnaC54bWwiCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS0kbGV2ZWwueG1sIgogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIHx8ICRtb2RlID09ICJodHRwX2h0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cHNfb2ZmbG9hZCIgXV07IHRoZW4KICAgICAgICAgY2hhaW49Ii9Db21tb24vY2EtYnVuZGxlLmNydCIKCiAgICAgICAgIGVjaG8gIlN0YXJ0aW5nIENlcnRpZmljYXRlIGRvd25sb2FkIgoKICAgICAgICAgY2VydGlmaWNhdGVfbG9jYXRpb249JHNzbF9jZXJ0CgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iICAtWCBQT1NUIC1IICJDb250ZW50LXR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vdXRpbC9iYXNoIC1kICd7ICJjb21tYW5kIjoicnVuIiwidXRpbENtZEFyZ3MiOiItYyBcImN1cmwgLWsgLXMgLWYgLS1yZXRyeSA1IC0tcmV0cnktZGVsYXkgMTAgLS1yZXRyeS1tYXgtdGltZSAxMCAtbyAvY29uZmlnL3RtcC5wZnggJyRjZXJ0aWZpY2F0ZV9sb2NhdGlvbidcIiIgfScgLW8gL2Rldi9udWxsKQoKICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwICBdXTsgdGhlbgogICAgICAgICAgICAgIGVjaG8gIkNlcnRpZmljYXRlIGRvd25sb2FkIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKCiAgICAgICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3UgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC90bS9zeXMvY3J5cHRvL3BrY3MxMiAtZCAneyJjb21tYW5kIjogImluc3RhbGwiLCJuYW1lIjogIndhZkNlcnQiLCJvcHRpb25zIjogWyB7ICJmcm9tLWxvY2FsLWZpbGUiOiAiL2NvbmZpZy90bXAucGZ4IiB9LCB7ICJwYXNzcGhyYXNlIjogIiciJHNzbF9wYXNzd2QiJyIgfSBdIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBpbnN0YWxsIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGluc3RhbGwgU1NMIGNlcnQ7IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGV4aXQgMQogICAgICAgICBmaQogICAgZmkKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIGFzbV9wb2xpY3kgJGFzbV9wb2xpY3kgJyAud2FmLlNoYXJlZC5wb2xpY3lXQUYuZmlsZSA9ICRhc21fcG9saWN5JykKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfaHR0cF9wb3J0ICRwb29sX2h0dHBfcG9ydCAtLWFyZyBwb29sX2h0dHBzX3BvcnQgJHBvb2xfaHR0cHNfcG9ydCAtLWFyZyB2c19odHRwX3BvcnQgJHZzX2h0dHBfcG9ydCAtLWFyZyB2c19odHRwc19wb3J0ICR2c19odHRwc19wb3J0ICcgLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHAuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZpY2VQb3J0ID0gKCRwb29sX2h0dHBzX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzX29mZmxvYWQuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBzX3BvcnQgfCB0b251bWJlciknKQoKICAgIGlmIFtbICRwb29sX21lbWJlciA9fiAkaXBfcmVnZXggXV07IHRoZW4KICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmFkZHJlc3NEaXNjb3ZlcnkpIHwgIGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KScpCgogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfbWVtYmVyICRwb29sX21lbWJlciAnLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3Nlc1swXSA9ICRwb29sX21lbWJlcicpCiAgICBlbHNlCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcyknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSA9ICRwb29sX21lbWJlciB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXInKQogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cCIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKScpCiAgICBlbGlmIFtbICRtb2RlID09ICJodHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQpIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cF9odHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuc2VydmljZU1haW4ucmVkaXJlY3Q4MCA9IGZhbHNlIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxzZQogICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHApIHwgZGVsKC53YWYuaHR0cHMpIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIuY2VydGlmaWNhdGUuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmNydCIgfCAud2FmLmh0dHBzX29mZmxvYWQuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGZpCgogICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3Z2dSAkdXNlcjokKHBhc3N3ZCkgLXcgIiV7aHR0cF9jb2RlfSIgLVggUE9TVCAtSCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgIiRwYXlsb2FkIiAtbyAvZGV2L251bGwpCgogICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgIF1dOyB0aGVuCiAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICBlbHNlCiAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgZXhpdCAxCiAgICAgZmkKIGZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -658,6 +681,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -718,7 +742,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-new-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-new-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -883,7 +907,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress via-api --bigIpExtMgmtPort ', variables('bigIpMgmtPort'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress via-api --bigIpExtMgmtPort ', variables('bigIpMgmtPort'), '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -936,7 +960,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -945,10 +969,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json b/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json index c99180c3bf..a47b8807e6 100644 --- a/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -104,6 +104,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/deploy_via_bash.sh b/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/deploy_via_bash.sh index 864c77d7c7..c1bd18f659 100755 --- a/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/deploy_via_bash.sh +++ b/supported/autoscale/waf/via-dns/1nic/new-stack/bigiq/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -108,6 +108,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -190,7 +196,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -214,4 +220,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/waf/via-dns/1nic/new-stack/payg/Deploy_via_PS.ps1 b/supported/autoscale/waf/via-dns/1nic/new-stack/payg/Deploy_via_PS.ps1 index 36486211f2..e091763421 100644 --- a/supported/autoscale/waf/via-dns/1nic/new-stack/payg/Deploy_via_PS.ps1 +++ b/supported/autoscale/waf/via-dns/1nic/new-stack/payg/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -31,6 +31,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $applicationProtocols, [string] [Parameter(Mandatory=$True)] $applicationAddress, @@ -83,7 +85,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -dnsMemberIpType $dnsMemberIpType -dnsMemberPort $dnsMemberPort -dnsProviderHost $dnsProviderHost -dnsProviderPort $dnsProviderPort -dnsProviderUser $dnsProviderUser -dnsProviderPassword $dnsProviderPasswordSecure -dnsProviderPool $dnsProviderPool -dnsProviderDataCenter $dnsProviderDataCenter -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/waf/via-dns/1nic/new-stack/payg/README.md b/supported/autoscale/waf/via-dns/1nic/new-stack/payg/README.md index 3a64bb8b9e..b2df2babfe 100644 --- a/supported/autoscale/waf/via-dns/1nic/new-stack/payg/README.md +++ b/supported/autoscale/waf/via-dns/1nic/new-stack/payg/README.md @@ -21,7 +21,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local T In this solution, the BIG-IP VEs have the [LTM](https://f5.com/products/big-ip/local-traffic-manager-ltm) and [ASM](https://f5.com/products/big-ip/application-security-manager-asm) modules enabled to provide advanced traffic management and web application security functionality. -You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. +You have the option of using a [BIG-IQ device](https://f5.com/products/big-iq-centralized-management) to license BIG-IP VEs using BYOL licenses in this auto scale deployment. This template uses BIGIP **public** management address when license is requested via BIGIQ For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -109,7 +109,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-dns%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -141,6 +141,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | applicationProtocols | Yes | The protocol(s) used by your application. | | applicationAddress | Yes | The public IP address or DNS FQDN of the application that this WAF will protect. | @@ -170,7 +172,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -dnsMemberIpType private -dnsMemberPort 80 -dnsProviderHost -dnsProviderPort 443 -dnsProviderUser -dnsProviderPassword -dnsProviderPool autoscale_pool -dnsProviderDataCenter azure_datacenter -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -178,7 +180,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.json b/supported/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.json index b9599b1aaa..649951e510 100644 --- a/supported/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.json +++ b/supported/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -289,6 +289,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -552,14 +572,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz asm-policy.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -585,7 +605,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC9zaGFyZWQvYXBwc3Zjcy9kZWNsYXJlIC1kIEAkZmlsZV9sb2MgLW8gL2Rldi9udWxsKQoKICAgICAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgXV07IHRoZW4KICAgICAgICAgICAgICAgICAgZWNobyAiRGVwbG95bWVudCBvZiBhcHBsaWNhdGlvbiBzdWNjZWVkZWQuIgogICAgICAgICAgICAgICAgICBkZXBsb3llZD0ieWVzIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCB2YWxpZCBKU09OLCBjb250aW51aW5nIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBjdXN0b20gY29uZmlnOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICBmaQplbHNlCiAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IGEgVVJMLCBjb250aW51aW5nLiIKZmkKCmlmIFtbICRkZXBsb3llZCA9PSAibm8iICYmICRkZWNsYXJhdGlvblVybCA9PSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgIGlwX3JlZ2V4PSdeWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfSQnCiAgICBkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAogICAgbW9kZT1gc2VkICJzLy0vXy9nIiA8PDwiJG1vZGUiYAogICAgcGF5bG9hZD0neyJjbGFzcyI6IkFEQyIsInNjaGVtYVZlcnNpb24iOiIzLjAuMCIsImxhYmVsIjoiYXV0b3NjYWxlX3dhZiIsImlkIjoiQVVUT1NDQUxFX1dBRiIsInJlbWFyayI6IkF1dG9zY2FsZSBXQUYiLCJ3YWYiOnsiY2xhc3MiOiJUZW5hbnQiLCJTaGFyZWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoic2hhcmVkIiwic2VydmljZUFkZHJlc3MiOnsiY2xhc3MiOiJTZXJ2aWNlX0FkZHJlc3MiLCJ2aXJ0dWFsQWRkcmVzcyI6IjAuMC4wLjAifSwicG9saWN5V0FGIjp7ImNsYXNzIjoiV0FGX1BvbGljeSIsImZpbGUiOiIvdG1wL2FzMzAtbGludXgtbWVkaXVtLnhtbCJ9fSwiaHR0cCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwIiwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwIl0sIm1lbWJlcnMiOlt7ImFkZHJlc3NEaXNjb3ZlcnkiOiJmcWRuIiwiYXV0b1BvcHVsYXRlIjp0cnVlLCJzZXJ2aWNlUG9ydCI6ODAsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUCIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19LCJodHRwcyI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sImNsaWVudFRMUyI6eyJjbGFzcyI6IlRMU19DbGllbnQifSwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwcyJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjQ0MywiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6NDQzLCJzZXJ2ZXJUTFMiOiJzZXJ2ZXJUTFMiLCJjbGllbnRUTFMiOiJjbGllbnRUTFMiLCJyZWRpcmVjdDgwIjp0cnVlLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHNfb2ZmbG9hZCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFBTIiwidmlydHVhbEFkZHJlc3NlcyI6W3sidXNlIjoiL3dhZi9TaGFyZWQvc2VydmljZUFkZHJlc3MifV0sInZpcnR1YWxQb3J0Ijo4MCwic2VydmVyVExTIjoic2VydmVyVExTIiwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX19fScKCiAgICAjIHZlcmlmeSB0aGF0IHRoZSBjdXN0b20gcG9saWN5IGlzIGEgVVJMCiAgICBpZiBbWyAkbGV2ZWwgPT0gImN1c3RvbSIgXV07IHRoZW4KICAgICAgICAgaWYgW1sgLW4gJHBvbGljeSAmJiAkcG9saWN5ICE9ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgICAgICAgICAgaWYgW1sgJHBvbGljeSA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGN1c3RvbV9wb2xpY3k9JHBvbGljeQogICAgICAgICAgICAgICAgICAvdXNyL2Jpbi9jdXJsIC1zayAkY3VzdG9tX3BvbGljeSAtLXJldHJ5IDMgLW8gL3RtcC9jdXN0b21fcG9saWN5LnhtbAogICAgICAgICAgICAgICAgICBhc21fcG9saWN5PSIvdG1wL2N1c3RvbV9wb2xpY3kueG1sIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3QgYSBVUkwsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBwb2xpY3kgd2FzIG5vdCBzcGVjaWZpZWQsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtaGlnaC54bWwiCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS0kbGV2ZWwueG1sIgogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIHx8ICRtb2RlID09ICJodHRwX2h0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cHNfb2ZmbG9hZCIgXV07IHRoZW4KICAgICAgICAgY2hhaW49Ii9Db21tb24vY2EtYnVuZGxlLmNydCIKCiAgICAgICAgIGVjaG8gIlN0YXJ0aW5nIENlcnRpZmljYXRlIGRvd25sb2FkIgoKICAgICAgICAgY2VydGlmaWNhdGVfbG9jYXRpb249JHNzbF9jZXJ0CgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iICAtWCBQT1NUIC1IICJDb250ZW50LXR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vdXRpbC9iYXNoIC1kICd7ICJjb21tYW5kIjoicnVuIiwidXRpbENtZEFyZ3MiOiItYyBcImN1cmwgLWsgLXMgLWYgLS1yZXRyeSA1IC0tcmV0cnktZGVsYXkgMTAgLS1yZXRyeS1tYXgtdGltZSAxMCAtbyAvY29uZmlnL3RtcC5wZnggJyRjZXJ0aWZpY2F0ZV9sb2NhdGlvbidcIiIgfScgLW8gL2Rldi9udWxsKQoKICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwICBdXTsgdGhlbgogICAgICAgICAgICAgIGVjaG8gIkNlcnRpZmljYXRlIGRvd25sb2FkIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKCiAgICAgICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3UgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC90bS9zeXMvY3J5cHRvL3BrY3MxMiAtZCAneyJjb21tYW5kIjogImluc3RhbGwiLCJuYW1lIjogIndhZkNlcnQiLCJvcHRpb25zIjogWyB7ICJmcm9tLWxvY2FsLWZpbGUiOiAiL2NvbmZpZy90bXAucGZ4IiB9LCB7ICJwYXNzcGhyYXNlIjogIiciJHNzbF9wYXNzd2QiJyIgfSBdIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBpbnN0YWxsIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGluc3RhbGwgU1NMIGNlcnQ7IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGV4aXQgMQogICAgICAgICBmaQogICAgZmkKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIGFzbV9wb2xpY3kgJGFzbV9wb2xpY3kgJyAud2FmLlNoYXJlZC5wb2xpY3lXQUYuZmlsZSA9ICRhc21fcG9saWN5JykKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfaHR0cF9wb3J0ICRwb29sX2h0dHBfcG9ydCAtLWFyZyBwb29sX2h0dHBzX3BvcnQgJHBvb2xfaHR0cHNfcG9ydCAtLWFyZyB2c19odHRwX3BvcnQgJHZzX2h0dHBfcG9ydCAtLWFyZyB2c19odHRwc19wb3J0ICR2c19odHRwc19wb3J0ICcgLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHAuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZpY2VQb3J0ID0gKCRwb29sX2h0dHBzX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzX29mZmxvYWQuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBzX3BvcnQgfCB0b251bWJlciknKQoKICAgIGlmIFtbICRwb29sX21lbWJlciA9fiAkaXBfcmVnZXggXV07IHRoZW4KICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmFkZHJlc3NEaXNjb3ZlcnkpIHwgIGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KScpCgogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfbWVtYmVyICRwb29sX21lbWJlciAnLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3Nlc1swXSA9ICRwb29sX21lbWJlcicpCiAgICBlbHNlCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcyknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSA9ICRwb29sX21lbWJlciB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXInKQogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cCIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKScpCiAgICBlbGlmIFtbICRtb2RlID09ICJodHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQpIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cF9odHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuc2VydmljZU1haW4ucmVkaXJlY3Q4MCA9IGZhbHNlIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxzZQogICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHApIHwgZGVsKC53YWYuaHR0cHMpIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIuY2VydGlmaWNhdGUuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmNydCIgfCAud2FmLmh0dHBzX29mZmxvYWQuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGZpCgogICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3Z2dSAkdXNlcjokKHBhc3N3ZCkgLXcgIiV7aHR0cF9jb2RlfSIgLVggUE9TVCAtSCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgIiRwYXlsb2FkIiAtbyAvZGV2L251bGwpCgogICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgIF1dOyB0aGVuCiAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICBlbHNlCiAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgZXhpdCAxCiAgICAgZmkKIGZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -663,6 +686,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -723,7 +747,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-new-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_dns-new-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -888,7 +912,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.dnsPasswd; encrypt_secret ', variables('singleQuote'), parameters('dnsProviderPassword'), variables('singleQuote'), ' \"/config/cloud/.dnsPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --dnsOptions \\\"--dns gtm --dns-ip-type ', parameters('dnsMemberIpType'), ' --dns-app-port ', parameters('dnsMemberPort'), ' --dns-provider-options host:', parameters('dnsProviderHost'), ',port:', parameters('dnsProviderPort'), ',user:', parameters('dnsProviderUser'), ',passwordUrl:file:///config/cloud/.dnsPasswd,passwordEncrypted:true,serverName:', variables('vmssName'), ',poolName:', parameters('dnsProviderPool'), ',datacenter:', parameters('dnsProviderDataCenter'), '\\\"', ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -941,7 +965,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -950,10 +974,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json b/supported/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json index 3a33b9a3e5..a0189026de 100644 --- a/supported/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json +++ b/supported/autoscale/waf/via-dns/1nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -86,6 +86,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/waf/via-dns/1nic/new-stack/payg/deploy_via_bash.sh b/supported/autoscale/waf/via-dns/1nic/new-stack/payg/deploy_via_bash.sh index a78f2f9f66..5d704f8844 100755 --- a/supported/autoscale/waf/via-dns/1nic/new-stack/payg/deploy_via_bash.sh +++ b/supported/autoscale/waf/via-dns/1nic/new-stack/payg/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --dnsMemberIpType private --dnsMemberPort 80 --dnsProviderHost --dnsProviderPort 443 --dnsProviderUser --dnsProviderPassword --dnsProviderPool autoscale_pool --dnsProviderDataCenter azure_datacenter --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -90,6 +90,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -172,7 +178,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy dnsMemberIpType dnsMemberPort dnsProviderHost dnsProviderPort dnsProviderUser dnsProviderPassword dnsProviderPool dnsProviderDataCenter tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -196,4 +202,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"dnsMemberIpType\":{\"value\":\"$dnsMemberIpType\"},\"dnsMemberPort\":{\"value\":\"$dnsMemberPort\"},\"dnsProviderHost\":{\"value\":\"$dnsProviderHost\"},\"dnsProviderPort\":{\"value\":\"$dnsProviderPort\"},\"dnsProviderUser\":{\"value\":\"$dnsProviderUser\"},\"dnsProviderPassword\":{\"value\":\"$dnsProviderPassword\"},\"dnsProviderPool\":{\"value\":\"$dnsProviderPool\"},\"dnsProviderDataCenter\":{\"value\":\"$dnsProviderDataCenter\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 index 3e13276123..d6f51e12f3 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -mgmtNsgName OPTIONAL -externalLoadBalancerName OPTIONAL -internalLoadBalancerName OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -39,6 +39,11 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $mgmtNsgName, + [string] [Parameter(Mandatory=$True)] $externalLoadBalancerName, + [string] [Parameter(Mandatory=$True)] $internalLoadBalancerName, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $applicationProtocols, [string] [Parameter(Mandatory=$True)] $applicationAddress, @@ -83,7 +88,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -mgmtNsgName $mgmtNsgName -externalLoadBalancerName $externalLoadBalancerName -internalLoadBalancerName $internalLoadBalancerName -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/README.md b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/README.md index c8eecb8b37..afe986b914 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/README.md +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/README.md @@ -19,7 +19,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local Traffic Manager (LTM) and Application Security Manager (ASM) Virtual Edition (VE) instances in a Microsoft Azure VM Scale Set that is configured for auto scaling. Traffic flows from the Azure load balancer to the BIG-IP VE (cluster) and then to the application servers. The BIG-IP VE(s) are configured in single-NIC mode. Auto scaling means that as certain thresholds are reached, the number of BIG-IP VE instances automatically increases or decreases accordingly. -In this solution, the BIG-IP VEs have the [LTM](https://f5.com/products/big-ip/local-traffic-manager-ltm) and [ASM](https://f5.com/products/big-ip/application-security-manager-asm) modules enabled to provide advanced traffic management and web application security functionality. +In this solution, the BIG-IP VEs have the [LTM](https://f5.com/products/big-ip/local-traffic-manager-ltm) and [ASM](https://f5.com/products/big-ip/application-security-manager-asm) modules enabled to provide advanced traffic management and web application security functionality. This template uses BIGIP **private** management address when license is requested via BIGIQ For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -111,7 +111,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -151,6 +151,11 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| mgmtNsgName | Yes | If you would like to deploy using an existing Azure Network Security Group, provide the NSG name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| externalLoadBalancerName | Yes | If you would like to deploy using an existing Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| internalLoadBalancerName | Yes | If you would like to add instances to an existing internal Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the internal ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | applicationProtocols | Yes | The protocol(s) used by your application. | | applicationAddress | Yes | The public IP address or DNS FQDN of the application that this WAF will protect. | @@ -172,7 +177,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -mgmtNsgName OPTIONAL -externalLoadBalancerName OPTIONAL -internalLoadBalancerName OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -180,7 +185,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --mgmtNsgName OPTIONAL --externalLoadBalancerName OPTIONAL --internalLoadBalancerName OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.json b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.json index 174630ecfc..53a2cfcb85 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -332,6 +332,47 @@ }, "type": "string" }, + "mgmtNsgName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to deploy using an existing Azure Network Security Group, provide the NSG name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "externalLoadBalancerName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to deploy using an existing Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "internalLoadBalancerName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to add instances to an existing internal Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the internal ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -538,14 +579,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz asm-policy.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -571,7 +612,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC9zaGFyZWQvYXBwc3Zjcy9kZWNsYXJlIC1kIEAkZmlsZV9sb2MgLW8gL2Rldi9udWxsKQoKICAgICAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgXV07IHRoZW4KICAgICAgICAgICAgICAgICAgZWNobyAiRGVwbG95bWVudCBvZiBhcHBsaWNhdGlvbiBzdWNjZWVkZWQuIgogICAgICAgICAgICAgICAgICBkZXBsb3llZD0ieWVzIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCB2YWxpZCBKU09OLCBjb250aW51aW5nIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBjdXN0b20gY29uZmlnOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICBmaQplbHNlCiAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IGEgVVJMLCBjb250aW51aW5nLiIKZmkKCmlmIFtbICRkZXBsb3llZCA9PSAibm8iICYmICRkZWNsYXJhdGlvblVybCA9PSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgIGlwX3JlZ2V4PSdeWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfSQnCiAgICBkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAogICAgbW9kZT1gc2VkICJzLy0vXy9nIiA8PDwiJG1vZGUiYAogICAgcGF5bG9hZD0neyJjbGFzcyI6IkFEQyIsInNjaGVtYVZlcnNpb24iOiIzLjAuMCIsImxhYmVsIjoiYXV0b3NjYWxlX3dhZiIsImlkIjoiQVVUT1NDQUxFX1dBRiIsInJlbWFyayI6IkF1dG9zY2FsZSBXQUYiLCJ3YWYiOnsiY2xhc3MiOiJUZW5hbnQiLCJTaGFyZWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoic2hhcmVkIiwic2VydmljZUFkZHJlc3MiOnsiY2xhc3MiOiJTZXJ2aWNlX0FkZHJlc3MiLCJ2aXJ0dWFsQWRkcmVzcyI6IjAuMC4wLjAifSwicG9saWN5V0FGIjp7ImNsYXNzIjoiV0FGX1BvbGljeSIsImZpbGUiOiIvdG1wL2FzMzAtbGludXgtbWVkaXVtLnhtbCJ9fSwiaHR0cCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwIiwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwIl0sIm1lbWJlcnMiOlt7ImFkZHJlc3NEaXNjb3ZlcnkiOiJmcWRuIiwiYXV0b1BvcHVsYXRlIjp0cnVlLCJzZXJ2aWNlUG9ydCI6ODAsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUCIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19LCJodHRwcyI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sImNsaWVudFRMUyI6eyJjbGFzcyI6IlRMU19DbGllbnQifSwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwcyJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjQ0MywiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6NDQzLCJzZXJ2ZXJUTFMiOiJzZXJ2ZXJUTFMiLCJjbGllbnRUTFMiOiJjbGllbnRUTFMiLCJyZWRpcmVjdDgwIjp0cnVlLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHNfb2ZmbG9hZCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFBTIiwidmlydHVhbEFkZHJlc3NlcyI6W3sidXNlIjoiL3dhZi9TaGFyZWQvc2VydmljZUFkZHJlc3MifV0sInZpcnR1YWxQb3J0Ijo4MCwic2VydmVyVExTIjoic2VydmVyVExTIiwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX19fScKCiAgICAjIHZlcmlmeSB0aGF0IHRoZSBjdXN0b20gcG9saWN5IGlzIGEgVVJMCiAgICBpZiBbWyAkbGV2ZWwgPT0gImN1c3RvbSIgXV07IHRoZW4KICAgICAgICAgaWYgW1sgLW4gJHBvbGljeSAmJiAkcG9saWN5ICE9ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgICAgICAgICAgaWYgW1sgJHBvbGljeSA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGN1c3RvbV9wb2xpY3k9JHBvbGljeQogICAgICAgICAgICAgICAgICAvdXNyL2Jpbi9jdXJsIC1zayAkY3VzdG9tX3BvbGljeSAtLXJldHJ5IDMgLW8gL3RtcC9jdXN0b21fcG9saWN5LnhtbAogICAgICAgICAgICAgICAgICBhc21fcG9saWN5PSIvdG1wL2N1c3RvbV9wb2xpY3kueG1sIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3QgYSBVUkwsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBwb2xpY3kgd2FzIG5vdCBzcGVjaWZpZWQsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtaGlnaC54bWwiCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS0kbGV2ZWwueG1sIgogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIHx8ICRtb2RlID09ICJodHRwX2h0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cHNfb2ZmbG9hZCIgXV07IHRoZW4KICAgICAgICAgY2hhaW49Ii9Db21tb24vY2EtYnVuZGxlLmNydCIKCiAgICAgICAgIGVjaG8gIlN0YXJ0aW5nIENlcnRpZmljYXRlIGRvd25sb2FkIgoKICAgICAgICAgY2VydGlmaWNhdGVfbG9jYXRpb249JHNzbF9jZXJ0CgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iICAtWCBQT1NUIC1IICJDb250ZW50LXR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vdXRpbC9iYXNoIC1kICd7ICJjb21tYW5kIjoicnVuIiwidXRpbENtZEFyZ3MiOiItYyBcImN1cmwgLWsgLXMgLWYgLS1yZXRyeSA1IC0tcmV0cnktZGVsYXkgMTAgLS1yZXRyeS1tYXgtdGltZSAxMCAtbyAvY29uZmlnL3RtcC5wZnggJyRjZXJ0aWZpY2F0ZV9sb2NhdGlvbidcIiIgfScgLW8gL2Rldi9udWxsKQoKICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwICBdXTsgdGhlbgogICAgICAgICAgICAgIGVjaG8gIkNlcnRpZmljYXRlIGRvd25sb2FkIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKCiAgICAgICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3UgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC90bS9zeXMvY3J5cHRvL3BrY3MxMiAtZCAneyJjb21tYW5kIjogImluc3RhbGwiLCJuYW1lIjogIndhZkNlcnQiLCJvcHRpb25zIjogWyB7ICJmcm9tLWxvY2FsLWZpbGUiOiAiL2NvbmZpZy90bXAucGZ4IiB9LCB7ICJwYXNzcGhyYXNlIjogIiciJHNzbF9wYXNzd2QiJyIgfSBdIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBpbnN0YWxsIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGluc3RhbGwgU1NMIGNlcnQ7IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGV4aXQgMQogICAgICAgICBmaQogICAgZmkKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIGFzbV9wb2xpY3kgJGFzbV9wb2xpY3kgJyAud2FmLlNoYXJlZC5wb2xpY3lXQUYuZmlsZSA9ICRhc21fcG9saWN5JykKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfaHR0cF9wb3J0ICRwb29sX2h0dHBfcG9ydCAtLWFyZyBwb29sX2h0dHBzX3BvcnQgJHBvb2xfaHR0cHNfcG9ydCAtLWFyZyB2c19odHRwX3BvcnQgJHZzX2h0dHBfcG9ydCAtLWFyZyB2c19odHRwc19wb3J0ICR2c19odHRwc19wb3J0ICcgLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHAuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZpY2VQb3J0ID0gKCRwb29sX2h0dHBzX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzX29mZmxvYWQuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBzX3BvcnQgfCB0b251bWJlciknKQoKICAgIGlmIFtbICRwb29sX21lbWJlciA9fiAkaXBfcmVnZXggXV07IHRoZW4KICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmFkZHJlc3NEaXNjb3ZlcnkpIHwgIGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KScpCgogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfbWVtYmVyICRwb29sX21lbWJlciAnLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3Nlc1swXSA9ICRwb29sX21lbWJlcicpCiAgICBlbHNlCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcyknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSA9ICRwb29sX21lbWJlciB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXInKQogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cCIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKScpCiAgICBlbGlmIFtbICRtb2RlID09ICJodHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQpIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cF9odHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuc2VydmljZU1haW4ucmVkaXJlY3Q4MCA9IGZhbHNlIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxzZQogICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHApIHwgZGVsKC53YWYuaHR0cHMpIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIuY2VydGlmaWNhdGUuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmNydCIgfCAud2FmLmh0dHBzX29mZmxvYWQuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGZpCgogICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3Z2dSAkdXNlcjokKHBhc3N3ZCkgLXcgIiV7aHR0cF9jb2RlfSIgLVggUE9TVCAtSCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgIiRwYXlsb2FkIiAtbyAvZGV2L251bGwpCgogICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgIF1dOyB0aGVuCiAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICBlbHNlCiAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgZXhpdCAxCiAgICAgZmkKIGZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -604,12 +648,27 @@ "bigip-virtual-edition-good": "good" } }, - "externalLoadBalancerName": "[concat(variables('dnsLabel'),'-ext-alb')]", + "externalLoadBalancerName": "[if(variables('useExistingLoadBalancer'), parameters('externalLoadBalancerName'), concat(variables('dnsLabel'),'-ext-alb'))]", "extLbId": "[resourceId('Microsoft.Network/loadBalancers',variables('externalLoadBalancerName'))]", "deviceNamePrefix": "[concat(variables('dnsLabel'),'-device')]", "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", + "attachInternalLoadBalancer": "[not(empty(replace(parameters('internalLoadBalancerName'), 'OPTIONAL', '')))]", + "internalLoadBalancerName": "[parameters('internalLoadBalancerName')]", + "useExistingLoadBalancer": "[not(empty(replace(parameters('externalLoadBalancerName'), 'OPTIONAL', '')))]", + "loadBalancerBackendAddressPoolsArray": [ + { + "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" + }, + { + "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('internalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" + } + ], + "useExistingNsg": "[not(empty(replace(parameters('mgmtNsgName'), 'OPTIONAL', '')))]", + "mgmtNsgName": "[if(variables('useExistingNsg'), parameters('mgmtNsgName'), concat(variables('dnsLabel'),'-mgmt-nsg'))]", + "mgmtNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-mgmt-nsg'))]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -654,7 +713,6 @@ "publicIPAddressType": "Static", "mgmtPublicIPAddressName": "[concat(variables('dnsLabel'), '-mgmt-pip')]", "mgmtPublicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('mgmtPublicIPAddressName'))]", - "mgmtNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-mgmt-nsg'))]", "mgmtNicName": "[concat(variables('dnsLabel'), '-mgmt')]", "mgmtNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('mgmtNicName'))]", "mgmtSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('mgmtSubnetName'))]", @@ -670,7 +728,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-existing-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-existing-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -709,7 +767,8 @@ { "apiVersion": "[variables('networkApiVersion')]", "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-mgmt-nsg')]", + "name": "[variables('mgmtNsgName')]", + "condition": "[not(variables('useExistingNsg'))]", "properties": { "securityRules": [ { @@ -803,6 +862,7 @@ }, { "apiVersion": "[variables('networkApiVersion')]", + "condition": "[not(variables('useExistingLoadBalancer'))]", "dependsOn": [ "[concat('Microsoft.Network/publicIPAddresses/', variables('mgmtPublicIPAddressName'))]" ], @@ -968,7 +1028,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress ', reference(variables('mgmtPublicIPAddressId')).ipAddress, ' --bigIpExtMgmtPort via-api', '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress private --bigIpExtMgmtPort via-api --clusterUpdateInterval 300', '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -996,11 +1056,7 @@ { "name": "ipconfig1", "properties": { - "loadBalancerBackendAddressPools": [ - { - "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" - } - ], + "loadBalancerBackendAddressPools": "[take(variables('loadBalancerBackendAddressPoolsArray'), if(variables('attachInternalLoadBalancer'), 2, 1))]", "loadBalancerInboundNatPools": [ { "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/inboundNatPools/sshnatpool')]" @@ -1034,7 +1090,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -1043,10 +1099,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json index ae039cbe34..4b168f8167 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -110,6 +110,21 @@ "notificationEmail": { "value": "OPTIONAL" }, + "mgmtNsgName": { + "value": "OPTIONAL" + }, + "externalLoadBalancerName": { + "value": "OPTIONAL" + }, + "internalLoadBalancerName": { + "value": "OPTIONAL" + }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/deploy_via_bash.sh b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/deploy_via_bash.sh index 26494f3300..603a0b195f 100755 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/deploy_via_bash.sh +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/bigiq/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --mgmtNsgName OPTIONAL --externalLoadBalancerName OPTIONAL --internalLoadBalancerName OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -114,6 +114,21 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --mgmtNsgName) + mgmtNsgName=$2 + shift 2;; + --externalLoadBalancerName) + externalLoadBalancerName=$2 + shift 2;; + --internalLoadBalancerName) + internalLoadBalancerName=$2 + shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -172,7 +187,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail mgmtNsgName externalLoadBalancerName internalLoadBalancerName useAvailabilityZones autoscaleTimeout provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -196,4 +211,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"mgmtNsgName\":{\"value\":\"$mgmtNsgName\"},\"externalLoadBalancerName\":{\"value\":\"$externalLoadBalancerName\"},\"internalLoadBalancerName\":{\"value\":\"$internalLoadBalancerName\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/Deploy_via_PS.ps1 b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/Deploy_via_PS.ps1 index 3691a9bad8..565edac7ba 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/Deploy_via_PS.ps1 +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -mgmtNsgName OPTIONAL -externalLoadBalancerName OPTIONAL -internalLoadBalancerName OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -33,6 +33,11 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $mgmtNsgName, + [string] [Parameter(Mandatory=$True)] $externalLoadBalancerName, + [string] [Parameter(Mandatory=$True)] $internalLoadBalancerName, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $applicationProtocols, [string] [Parameter(Mandatory=$True)] $applicationAddress, @@ -76,7 +81,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetName $vnetName -vnetResourceGroupName $vnetResourceGroupName -mgmtSubnetName $mgmtSubnetName -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -mgmtNsgName $mgmtNsgName -externalLoadBalancerName $externalLoadBalancerName -internalLoadBalancerName $internalLoadBalancerName -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/README.md b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/README.md index dcf2257fbc..e4fc3d6f16 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/README.md +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/README.md @@ -19,7 +19,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local Traffic Manager (LTM) and Application Security Manager (ASM) Virtual Edition (VE) instances in a Microsoft Azure VM Scale Set that is configured for auto scaling. Traffic flows from the Azure load balancer to the BIG-IP VE (cluster) and then to the application servers. The BIG-IP VE(s) are configured in single-NIC mode. Auto scaling means that as certain thresholds are reached, the number of BIG-IP VE instances automatically increases or decreases accordingly. -In this solution, the BIG-IP VEs have the [LTM](https://f5.com/products/big-ip/local-traffic-manager-ltm) and [ASM](https://f5.com/products/big-ip/application-security-manager-asm) modules enabled to provide advanced traffic management and web application security functionality. +In this solution, the BIG-IP VEs have the [LTM](https://f5.com/products/big-ip/local-traffic-manager-ltm) and [ASM](https://f5.com/products/big-ip/application-security-manager-asm) modules enabled to provide advanced traffic management and web application security functionality. This template uses BIGIP **private** management address when license is requested via BIGIQ For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -108,7 +108,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -142,6 +142,11 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| mgmtNsgName | Yes | If you would like to deploy using an existing Azure Network Security Group, provide the NSG name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| externalLoadBalancerName | Yes | If you would like to deploy using an existing Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| internalLoadBalancerName | Yes | If you would like to add instances to an existing internal Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the internal ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | applicationProtocols | Yes | The protocol(s) used by your application. | | applicationAddress | Yes | The public IP address or DNS FQDN of the application that this WAF will protect. | @@ -163,7 +168,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetName -vnetResourceGroupName -mgmtSubnetName -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -mgmtNsgName OPTIONAL -externalLoadBalancerName OPTIONAL -internalLoadBalancerName OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -171,7 +176,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --mgmtNsgName OPTIONAL --externalLoadBalancerName OPTIONAL --internalLoadBalancerName OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.json b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.json index e24777d13a..822a032094 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.json +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -300,6 +300,47 @@ }, "type": "string" }, + "mgmtNsgName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to deploy using an existing Azure Network Security Group, provide the NSG name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "externalLoadBalancerName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to deploy using an existing Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "internalLoadBalancerName": { + "defaultValue": "OPTIONAL", + "metadata": { + "description": "If you would like to add instances to an existing internal Azure Load Balancer (Standard SKU) with a backend pool called loadBalancerBackEnd, provide the internal ALB name here. **Note**: Unless specifically required, leave the default of **OPTIONAL**." + }, + "type": "string" + }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -506,14 +547,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz asm-policy.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -539,7 +580,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC9zaGFyZWQvYXBwc3Zjcy9kZWNsYXJlIC1kIEAkZmlsZV9sb2MgLW8gL2Rldi9udWxsKQoKICAgICAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgXV07IHRoZW4KICAgICAgICAgICAgICAgICAgZWNobyAiRGVwbG95bWVudCBvZiBhcHBsaWNhdGlvbiBzdWNjZWVkZWQuIgogICAgICAgICAgICAgICAgICBkZXBsb3llZD0ieWVzIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCB2YWxpZCBKU09OLCBjb250aW51aW5nIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBjdXN0b20gY29uZmlnOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICBmaQplbHNlCiAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IGEgVVJMLCBjb250aW51aW5nLiIKZmkKCmlmIFtbICRkZXBsb3llZCA9PSAibm8iICYmICRkZWNsYXJhdGlvblVybCA9PSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgIGlwX3JlZ2V4PSdeWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfSQnCiAgICBkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAogICAgbW9kZT1gc2VkICJzLy0vXy9nIiA8PDwiJG1vZGUiYAogICAgcGF5bG9hZD0neyJjbGFzcyI6IkFEQyIsInNjaGVtYVZlcnNpb24iOiIzLjAuMCIsImxhYmVsIjoiYXV0b3NjYWxlX3dhZiIsImlkIjoiQVVUT1NDQUxFX1dBRiIsInJlbWFyayI6IkF1dG9zY2FsZSBXQUYiLCJ3YWYiOnsiY2xhc3MiOiJUZW5hbnQiLCJTaGFyZWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoic2hhcmVkIiwic2VydmljZUFkZHJlc3MiOnsiY2xhc3MiOiJTZXJ2aWNlX0FkZHJlc3MiLCJ2aXJ0dWFsQWRkcmVzcyI6IjAuMC4wLjAifSwicG9saWN5V0FGIjp7ImNsYXNzIjoiV0FGX1BvbGljeSIsImZpbGUiOiIvdG1wL2FzMzAtbGludXgtbWVkaXVtLnhtbCJ9fSwiaHR0cCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwIiwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwIl0sIm1lbWJlcnMiOlt7ImFkZHJlc3NEaXNjb3ZlcnkiOiJmcWRuIiwiYXV0b1BvcHVsYXRlIjp0cnVlLCJzZXJ2aWNlUG9ydCI6ODAsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUCIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19LCJodHRwcyI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sImNsaWVudFRMUyI6eyJjbGFzcyI6IlRMU19DbGllbnQifSwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwcyJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjQ0MywiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6NDQzLCJzZXJ2ZXJUTFMiOiJzZXJ2ZXJUTFMiLCJjbGllbnRUTFMiOiJjbGllbnRUTFMiLCJyZWRpcmVjdDgwIjp0cnVlLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHNfb2ZmbG9hZCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFBTIiwidmlydHVhbEFkZHJlc3NlcyI6W3sidXNlIjoiL3dhZi9TaGFyZWQvc2VydmljZUFkZHJlc3MifV0sInZpcnR1YWxQb3J0Ijo4MCwic2VydmVyVExTIjoic2VydmVyVExTIiwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX19fScKCiAgICAjIHZlcmlmeSB0aGF0IHRoZSBjdXN0b20gcG9saWN5IGlzIGEgVVJMCiAgICBpZiBbWyAkbGV2ZWwgPT0gImN1c3RvbSIgXV07IHRoZW4KICAgICAgICAgaWYgW1sgLW4gJHBvbGljeSAmJiAkcG9saWN5ICE9ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgICAgICAgICAgaWYgW1sgJHBvbGljeSA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGN1c3RvbV9wb2xpY3k9JHBvbGljeQogICAgICAgICAgICAgICAgICAvdXNyL2Jpbi9jdXJsIC1zayAkY3VzdG9tX3BvbGljeSAtLXJldHJ5IDMgLW8gL3RtcC9jdXN0b21fcG9saWN5LnhtbAogICAgICAgICAgICAgICAgICBhc21fcG9saWN5PSIvdG1wL2N1c3RvbV9wb2xpY3kueG1sIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3QgYSBVUkwsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBwb2xpY3kgd2FzIG5vdCBzcGVjaWZpZWQsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtaGlnaC54bWwiCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS0kbGV2ZWwueG1sIgogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIHx8ICRtb2RlID09ICJodHRwX2h0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cHNfb2ZmbG9hZCIgXV07IHRoZW4KICAgICAgICAgY2hhaW49Ii9Db21tb24vY2EtYnVuZGxlLmNydCIKCiAgICAgICAgIGVjaG8gIlN0YXJ0aW5nIENlcnRpZmljYXRlIGRvd25sb2FkIgoKICAgICAgICAgY2VydGlmaWNhdGVfbG9jYXRpb249JHNzbF9jZXJ0CgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iICAtWCBQT1NUIC1IICJDb250ZW50LXR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vdXRpbC9iYXNoIC1kICd7ICJjb21tYW5kIjoicnVuIiwidXRpbENtZEFyZ3MiOiItYyBcImN1cmwgLWsgLXMgLWYgLS1yZXRyeSA1IC0tcmV0cnktZGVsYXkgMTAgLS1yZXRyeS1tYXgtdGltZSAxMCAtbyAvY29uZmlnL3RtcC5wZnggJyRjZXJ0aWZpY2F0ZV9sb2NhdGlvbidcIiIgfScgLW8gL2Rldi9udWxsKQoKICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwICBdXTsgdGhlbgogICAgICAgICAgICAgIGVjaG8gIkNlcnRpZmljYXRlIGRvd25sb2FkIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKCiAgICAgICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3UgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC90bS9zeXMvY3J5cHRvL3BrY3MxMiAtZCAneyJjb21tYW5kIjogImluc3RhbGwiLCJuYW1lIjogIndhZkNlcnQiLCJvcHRpb25zIjogWyB7ICJmcm9tLWxvY2FsLWZpbGUiOiAiL2NvbmZpZy90bXAucGZ4IiB9LCB7ICJwYXNzcGhyYXNlIjogIiciJHNzbF9wYXNzd2QiJyIgfSBdIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBpbnN0YWxsIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGluc3RhbGwgU1NMIGNlcnQ7IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGV4aXQgMQogICAgICAgICBmaQogICAgZmkKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIGFzbV9wb2xpY3kgJGFzbV9wb2xpY3kgJyAud2FmLlNoYXJlZC5wb2xpY3lXQUYuZmlsZSA9ICRhc21fcG9saWN5JykKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfaHR0cF9wb3J0ICRwb29sX2h0dHBfcG9ydCAtLWFyZyBwb29sX2h0dHBzX3BvcnQgJHBvb2xfaHR0cHNfcG9ydCAtLWFyZyB2c19odHRwX3BvcnQgJHZzX2h0dHBfcG9ydCAtLWFyZyB2c19odHRwc19wb3J0ICR2c19odHRwc19wb3J0ICcgLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHAuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZpY2VQb3J0ID0gKCRwb29sX2h0dHBzX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzX29mZmxvYWQuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBzX3BvcnQgfCB0b251bWJlciknKQoKICAgIGlmIFtbICRwb29sX21lbWJlciA9fiAkaXBfcmVnZXggXV07IHRoZW4KICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmFkZHJlc3NEaXNjb3ZlcnkpIHwgIGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KScpCgogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfbWVtYmVyICRwb29sX21lbWJlciAnLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3Nlc1swXSA9ICRwb29sX21lbWJlcicpCiAgICBlbHNlCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcyknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSA9ICRwb29sX21lbWJlciB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXInKQogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cCIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKScpCiAgICBlbGlmIFtbICRtb2RlID09ICJodHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQpIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cF9odHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuc2VydmljZU1haW4ucmVkaXJlY3Q4MCA9IGZhbHNlIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxzZQogICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHApIHwgZGVsKC53YWYuaHR0cHMpIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIuY2VydGlmaWNhdGUuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmNydCIgfCAud2FmLmh0dHBzX29mZmxvYWQuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGZpCgogICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3Z2dSAkdXNlcjokKHBhc3N3ZCkgLXcgIiV7aHR0cF9jb2RlfSIgLVggUE9TVCAtSCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgIiRwYXlsb2FkIiAtbyAvZGV2L251bGwpCgogICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgIF1dOyB0aGVuCiAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICBlbHNlCiAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgZXhpdCAxCiAgICAgZmkKIGZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -609,12 +653,27 @@ "sku": "f5-big-ip-per-app-ve-ltm-25m-hourly" } }, - "externalLoadBalancerName": "[concat(variables('dnsLabel'),'-ext-alb')]", + "externalLoadBalancerName": "[if(variables('useExistingLoadBalancer'), parameters('externalLoadBalancerName'), concat(variables('dnsLabel'),'-ext-alb'))]", "extLbId": "[resourceId('Microsoft.Network/loadBalancers',variables('externalLoadBalancerName'))]", "deviceNamePrefix": "[concat(variables('dnsLabel'),'-device')]", "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", + "attachInternalLoadBalancer": "[not(empty(replace(parameters('internalLoadBalancerName'), 'OPTIONAL', '')))]", + "internalLoadBalancerName": "[parameters('internalLoadBalancerName')]", + "useExistingLoadBalancer": "[not(empty(replace(parameters('externalLoadBalancerName'), 'OPTIONAL', '')))]", + "loadBalancerBackendAddressPoolsArray": [ + { + "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" + }, + { + "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('internalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" + } + ], + "useExistingNsg": "[not(empty(replace(parameters('mgmtNsgName'), 'OPTIONAL', '')))]", + "mgmtNsgName": "[if(variables('useExistingNsg'), parameters('mgmtNsgName'), concat(variables('dnsLabel'),'-mgmt-nsg'))]", + "mgmtNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-mgmt-nsg'))]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -659,7 +718,6 @@ "publicIPAddressType": "Static", "mgmtPublicIPAddressName": "[concat(variables('dnsLabel'), '-mgmt-pip')]", "mgmtPublicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('mgmtPublicIPAddressName'))]", - "mgmtNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-mgmt-nsg'))]", "mgmtNicName": "[concat(variables('dnsLabel'), '-mgmt')]", "mgmtNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('mgmtNicName'))]", "mgmtSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('mgmtSubnetName'))]", @@ -675,7 +733,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-existing-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-existing-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -714,7 +772,8 @@ { "apiVersion": "[variables('networkApiVersion')]", "location": "[variables('location')]", - "name": "[concat(variables('dnsLabel'), '-mgmt-nsg')]", + "name": "[variables('mgmtNsgName')]", + "condition": "[not(variables('useExistingNsg'))]", "properties": { "securityRules": [ { @@ -808,6 +867,7 @@ }, { "apiVersion": "[variables('networkApiVersion')]", + "condition": "[not(variables('useExistingLoadBalancer'))]", "dependsOn": [ "[concat('Microsoft.Network/publicIPAddresses/', variables('mgmtPublicIPAddressName'))]" ], @@ -973,7 +1033,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -1001,11 +1061,7 @@ { "name": "ipconfig1", "properties": { - "loadBalancerBackendAddressPools": [ - { - "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/backendAddressPools/loadBalancerBackEnd')]" - } - ], + "loadBalancerBackendAddressPools": "[take(variables('loadBalancerBackendAddressPoolsArray'), if(variables('attachInternalLoadBalancer'), 2, 1))]", "loadBalancerInboundNatPools": [ { "id": "[concat('/subscriptions/', variables('subscriptionID'),'/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('externalLoadBalancerName'), '/inboundNatPools/sshnatpool')]" @@ -1039,7 +1095,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -1048,10 +1104,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json index 10d06da25b..503652f6bd 100644 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -92,6 +92,21 @@ "notificationEmail": { "value": "OPTIONAL" }, + "mgmtNsgName": { + "value": "OPTIONAL" + }, + "externalLoadBalancerName": { + "value": "OPTIONAL" + }, + "internalLoadBalancerName": { + "value": "OPTIONAL" + }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/deploy_via_bash.sh b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/deploy_via_bash.sh index 5090b511a8..ae46164d47 100755 --- a/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/deploy_via_bash.sh +++ b/supported/autoscale/waf/via-lb/1nic/existing-stack/payg/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetName --vnetResourceGroupName --mgmtSubnetName --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --mgmtNsgName OPTIONAL --externalLoadBalancerName OPTIONAL --internalLoadBalancerName OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -96,6 +96,21 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --mgmtNsgName) + mgmtNsgName=$2 + shift 2;; + --externalLoadBalancerName) + externalLoadBalancerName=$2 + shift 2;; + --internalLoadBalancerName) + internalLoadBalancerName=$2 + shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -154,7 +169,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetName vnetResourceGroupName mgmtSubnetName declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail mgmtNsgName externalLoadBalancerName internalLoadBalancerName useAvailabilityZones autoscaleTimeout provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -178,4 +193,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetName\":{\"value\":\"$vnetName\"},\"vnetResourceGroupName\":{\"value\":\"$vnetResourceGroupName\"},\"mgmtSubnetName\":{\"value\":\"$mgmtSubnetName\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"mgmtNsgName\":{\"value\":\"$mgmtNsgName\"},\"externalLoadBalancerName\":{\"value\":\"$externalLoadBalancerName\"},\"internalLoadBalancerName\":{\"value\":\"$internalLoadBalancerName\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/Deploy_via_PS.ps1 b/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/Deploy_via_PS.ps1 index 6f581f039c..bc4c9b1c85 100644 --- a/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/Deploy_via_PS.ps1 +++ b/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -37,6 +37,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $applicationProtocols, [string] [Parameter(Mandatory=$True)] $applicationAddress, @@ -81,7 +83,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIqAddress $bigIqAddress -bigIqUsername $bigIqUsername -bigIqPassword $bigIqPasswordSecure -bigIqLicensePoolName $bigIqLicensePoolName -bigIqLicenseSkuKeyword1 $bigIqLicenseSkuKeyword1 -bigIqLicenseUnitOfMeasure $bigIqLicenseUnitOfMeasure -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/README.md b/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/README.md index 357ef839eb..e212460834 100644 --- a/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/README.md +++ b/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/README.md @@ -19,7 +19,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local Traffic Manager (LTM) and Application Security Manager (ASM) Virtual Edition (VE) instances in a Microsoft Azure VM Scale Set that is configured for auto scaling. Traffic flows from the Azure load balancer to the BIG-IP VE (cluster) and then to the application servers. The BIG-IP VE(s) are configured in single-NIC mode. Auto scaling means that as certain thresholds are reached, the number of BIG-IP VE instances automatically increases or decreases accordingly. -In this solution, the BIG-IP VEs have the [LTM](https://f5.com/products/big-ip/local-traffic-manager-ltm) and [ASM](https://f5.com/products/big-ip/application-security-manager-asm) modules enabled to provide advanced traffic management and web application security functionality. +In this solution, the BIG-IP VEs have the [LTM](https://f5.com/products/big-ip/local-traffic-manager-ltm) and [ASM](https://f5.com/products/big-ip/application-security-manager-asm) modules enabled to provide advanced traffic management and web application security functionality. This template uses BIGIP **private** management address when license is requested via BIGIQ For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -111,7 +111,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters @@ -149,6 +149,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | applicationProtocols | Yes | The protocol(s) used by your application. | | applicationAddress | Yes | The public IP address or DNS FQDN of the application that this WAF will protect. | @@ -170,7 +172,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName AllTwoBootLocations -bigIqAddress -bigIqUsername -bigIqPassword -bigIqLicensePoolName -bigIqLicenseSkuKeyword1 OPTIONAL -bigIqLicenseUnitOfMeasure OPTIONAL -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -178,7 +180,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.json b/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.json index 4237689ab5..b6a6249a9f 100644 --- a/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.json +++ b/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -321,6 +321,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -527,14 +547,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz asm-policy.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -560,7 +580,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC9zaGFyZWQvYXBwc3Zjcy9kZWNsYXJlIC1kIEAkZmlsZV9sb2MgLW8gL2Rldi9udWxsKQoKICAgICAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgXV07IHRoZW4KICAgICAgICAgICAgICAgICAgZWNobyAiRGVwbG95bWVudCBvZiBhcHBsaWNhdGlvbiBzdWNjZWVkZWQuIgogICAgICAgICAgICAgICAgICBkZXBsb3llZD0ieWVzIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCB2YWxpZCBKU09OLCBjb250aW51aW5nIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBjdXN0b20gY29uZmlnOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICBmaQplbHNlCiAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IGEgVVJMLCBjb250aW51aW5nLiIKZmkKCmlmIFtbICRkZXBsb3llZCA9PSAibm8iICYmICRkZWNsYXJhdGlvblVybCA9PSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgIGlwX3JlZ2V4PSdeWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfSQnCiAgICBkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAogICAgbW9kZT1gc2VkICJzLy0vXy9nIiA8PDwiJG1vZGUiYAogICAgcGF5bG9hZD0neyJjbGFzcyI6IkFEQyIsInNjaGVtYVZlcnNpb24iOiIzLjAuMCIsImxhYmVsIjoiYXV0b3NjYWxlX3dhZiIsImlkIjoiQVVUT1NDQUxFX1dBRiIsInJlbWFyayI6IkF1dG9zY2FsZSBXQUYiLCJ3YWYiOnsiY2xhc3MiOiJUZW5hbnQiLCJTaGFyZWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoic2hhcmVkIiwic2VydmljZUFkZHJlc3MiOnsiY2xhc3MiOiJTZXJ2aWNlX0FkZHJlc3MiLCJ2aXJ0dWFsQWRkcmVzcyI6IjAuMC4wLjAifSwicG9saWN5V0FGIjp7ImNsYXNzIjoiV0FGX1BvbGljeSIsImZpbGUiOiIvdG1wL2FzMzAtbGludXgtbWVkaXVtLnhtbCJ9fSwiaHR0cCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwIiwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwIl0sIm1lbWJlcnMiOlt7ImFkZHJlc3NEaXNjb3ZlcnkiOiJmcWRuIiwiYXV0b1BvcHVsYXRlIjp0cnVlLCJzZXJ2aWNlUG9ydCI6ODAsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUCIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19LCJodHRwcyI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sImNsaWVudFRMUyI6eyJjbGFzcyI6IlRMU19DbGllbnQifSwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwcyJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjQ0MywiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6NDQzLCJzZXJ2ZXJUTFMiOiJzZXJ2ZXJUTFMiLCJjbGllbnRUTFMiOiJjbGllbnRUTFMiLCJyZWRpcmVjdDgwIjp0cnVlLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHNfb2ZmbG9hZCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFBTIiwidmlydHVhbEFkZHJlc3NlcyI6W3sidXNlIjoiL3dhZi9TaGFyZWQvc2VydmljZUFkZHJlc3MifV0sInZpcnR1YWxQb3J0Ijo4MCwic2VydmVyVExTIjoic2VydmVyVExTIiwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX19fScKCiAgICAjIHZlcmlmeSB0aGF0IHRoZSBjdXN0b20gcG9saWN5IGlzIGEgVVJMCiAgICBpZiBbWyAkbGV2ZWwgPT0gImN1c3RvbSIgXV07IHRoZW4KICAgICAgICAgaWYgW1sgLW4gJHBvbGljeSAmJiAkcG9saWN5ICE9ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgICAgICAgICAgaWYgW1sgJHBvbGljeSA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGN1c3RvbV9wb2xpY3k9JHBvbGljeQogICAgICAgICAgICAgICAgICAvdXNyL2Jpbi9jdXJsIC1zayAkY3VzdG9tX3BvbGljeSAtLXJldHJ5IDMgLW8gL3RtcC9jdXN0b21fcG9saWN5LnhtbAogICAgICAgICAgICAgICAgICBhc21fcG9saWN5PSIvdG1wL2N1c3RvbV9wb2xpY3kueG1sIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3QgYSBVUkwsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBwb2xpY3kgd2FzIG5vdCBzcGVjaWZpZWQsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtaGlnaC54bWwiCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS0kbGV2ZWwueG1sIgogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIHx8ICRtb2RlID09ICJodHRwX2h0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cHNfb2ZmbG9hZCIgXV07IHRoZW4KICAgICAgICAgY2hhaW49Ii9Db21tb24vY2EtYnVuZGxlLmNydCIKCiAgICAgICAgIGVjaG8gIlN0YXJ0aW5nIENlcnRpZmljYXRlIGRvd25sb2FkIgoKICAgICAgICAgY2VydGlmaWNhdGVfbG9jYXRpb249JHNzbF9jZXJ0CgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iICAtWCBQT1NUIC1IICJDb250ZW50LXR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vdXRpbC9iYXNoIC1kICd7ICJjb21tYW5kIjoicnVuIiwidXRpbENtZEFyZ3MiOiItYyBcImN1cmwgLWsgLXMgLWYgLS1yZXRyeSA1IC0tcmV0cnktZGVsYXkgMTAgLS1yZXRyeS1tYXgtdGltZSAxMCAtbyAvY29uZmlnL3RtcC5wZnggJyRjZXJ0aWZpY2F0ZV9sb2NhdGlvbidcIiIgfScgLW8gL2Rldi9udWxsKQoKICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwICBdXTsgdGhlbgogICAgICAgICAgICAgIGVjaG8gIkNlcnRpZmljYXRlIGRvd25sb2FkIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKCiAgICAgICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3UgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC90bS9zeXMvY3J5cHRvL3BrY3MxMiAtZCAneyJjb21tYW5kIjogImluc3RhbGwiLCJuYW1lIjogIndhZkNlcnQiLCJvcHRpb25zIjogWyB7ICJmcm9tLWxvY2FsLWZpbGUiOiAiL2NvbmZpZy90bXAucGZ4IiB9LCB7ICJwYXNzcGhyYXNlIjogIiciJHNzbF9wYXNzd2QiJyIgfSBdIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBpbnN0YWxsIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGluc3RhbGwgU1NMIGNlcnQ7IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGV4aXQgMQogICAgICAgICBmaQogICAgZmkKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIGFzbV9wb2xpY3kgJGFzbV9wb2xpY3kgJyAud2FmLlNoYXJlZC5wb2xpY3lXQUYuZmlsZSA9ICRhc21fcG9saWN5JykKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfaHR0cF9wb3J0ICRwb29sX2h0dHBfcG9ydCAtLWFyZyBwb29sX2h0dHBzX3BvcnQgJHBvb2xfaHR0cHNfcG9ydCAtLWFyZyB2c19odHRwX3BvcnQgJHZzX2h0dHBfcG9ydCAtLWFyZyB2c19odHRwc19wb3J0ICR2c19odHRwc19wb3J0ICcgLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHAuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZpY2VQb3J0ID0gKCRwb29sX2h0dHBzX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzX29mZmxvYWQuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBzX3BvcnQgfCB0b251bWJlciknKQoKICAgIGlmIFtbICRwb29sX21lbWJlciA9fiAkaXBfcmVnZXggXV07IHRoZW4KICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmFkZHJlc3NEaXNjb3ZlcnkpIHwgIGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KScpCgogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfbWVtYmVyICRwb29sX21lbWJlciAnLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3Nlc1swXSA9ICRwb29sX21lbWJlcicpCiAgICBlbHNlCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcyknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSA9ICRwb29sX21lbWJlciB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXInKQogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cCIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKScpCiAgICBlbGlmIFtbICRtb2RlID09ICJodHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQpIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cF9odHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuc2VydmljZU1haW4ucmVkaXJlY3Q4MCA9IGZhbHNlIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxzZQogICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHApIHwgZGVsKC53YWYuaHR0cHMpIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIuY2VydGlmaWNhdGUuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmNydCIgfCAud2FmLmh0dHBzX29mZmxvYWQuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGZpCgogICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3Z2dSAkdXNlcjokKHBhc3N3ZCkgLXcgIiV7aHR0cF9jb2RlfSIgLVggUE9TVCAtSCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgIiRwYXlsb2FkIiAtbyAvZGV2L251bGwpCgogICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgIF1dOyB0aGVuCiAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICBlbHNlCiAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgZXhpdCAxCiAgICAgZmkKIGZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -601,6 +624,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -661,7 +685,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-new-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-new-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -957,7 +981,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress ', reference(variables('mgmtPublicIPAddressId')).ipAddress, ' --bigIpExtMgmtPort via-api', '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; /usr/bin/install -m 400 /dev/null /config/cloud/.bigIqPasswd; encrypt_secret ', variables('singleQuote'), parameters('bigIqPassword'), variables('singleQuote'), ' \"/config/cloud/.bigIqPasswd\"; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, ' --bigIqAddress ', parameters('bigIqAddress'), ' --bigIqUsername ', parameters('bigIqUsername'), ' --bigIqPassword /config/cloud/.bigIqPasswd --bigIqLicensePoolName ', parameters('bigIqLicensePoolName'), ' --bigIqExtraLicenseOptions \\\"$(format_args sku-keyword-1:', parameters('bigIqLicenseSkuKeyWord1'), ',unit-of-measure:', parameters('bigIqLicenseUnitOfMeasure'), ')\\\" --bigIpExtMgmtAddress private --bigIpExtMgmtPort via-api --clusterUpdateInterval 300', '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -1023,7 +1047,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -1032,10 +1056,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json b/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json index 8a7eaa6152..354af95a02 100644 --- a/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -104,6 +104,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/deploy_via_bash.sh b/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/deploy_via_bash.sh index bb6b9ac510..627126813e 100755 --- a/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/deploy_via_bash.sh +++ b/supported/autoscale/waf/via-lb/1nic/new-stack/bigiq/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName AllTwoBootLocations --bigIqAddress --bigIqUsername --bigIqPassword --bigIqLicensePoolName --bigIqLicenseSkuKeyword1 OPTIONAL --bigIqLicenseUnitOfMeasure OPTIONAL --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -108,6 +108,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -166,7 +172,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIqAddress bigIqUsername bigIqPassword bigIqLicensePoolName bigIqLicenseSkuKeyword1 bigIqLicenseUnitOfMeasure bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -190,4 +196,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIqAddress\":{\"value\":\"$bigIqAddress\"},\"bigIqUsername\":{\"value\":\"$bigIqUsername\"},\"bigIqPassword\":{\"value\":\"$bigIqPassword\"},\"bigIqLicensePoolName\":{\"value\":\"$bigIqLicensePoolName\"},\"bigIqLicenseSkuKeyword1\":{\"value\":\"$bigIqLicenseSkuKeyword1\"},\"bigIqLicenseUnitOfMeasure\":{\"value\":\"$bigIqLicenseUnitOfMeasure\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/autoscale/waf/via-lb/1nic/new-stack/payg/Deploy_via_PS.ps1 b/supported/autoscale/waf/via-lb/1nic/new-stack/payg/Deploy_via_PS.ps1 index 83a853a9d1..4c719f3c2e 100644 --- a/supported/autoscale/waf/via-lb/1nic/new-stack/payg/Deploy_via_PS.ps1 +++ b/supported/autoscale/waf/via-lb/1nic/new-stack/payg/Deploy_via_PS.ps1 @@ -1,7 +1,7 @@ ## Script parameters being asked for below match to parameters in the azuredeploy.json file, otherwise pointing to the ## ## azuredeploy.parameters.json file for values to use. Some options below are mandatory, some (such as region) can ## ## be supplied inline when running this script but if they aren't then the default will be used as specified below. ## -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName param( @@ -31,6 +31,8 @@ param( [string] [Parameter(Mandatory=$True)] $scaleOutTimeWindow, [string] [Parameter(Mandatory=$True)] $scaleInTimeWindow, [string] [Parameter(Mandatory=$True)] $notificationEmail, + [string] [Parameter(Mandatory=$True)] $useAvailabilityZones, + [string] [Parameter(Mandatory=$True)] $autoscaleTimeout, [string] [Parameter(Mandatory=$True)] $provisionPublicIP, [string] [Parameter(Mandatory=$True)] $applicationProtocols, [string] [Parameter(Mandatory=$True)] $applicationAddress, @@ -74,7 +76,7 @@ $servicePrincipalSecretSecure = ConvertTo-SecureString -String $servicePrincipal (ConvertFrom-Json $tagValues).psobject.properties | ForEach -Begin {$tagValues=@{}} -process {$tagValues."$($_.Name)" = $_.Value} # Create Arm Deployment -$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure +$deployment = New-AzureRmResourceGroupDeployment -Name $resourceGroupName -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath -Verbose -adminUsername $adminUsername -authenticationType $authenticationType -adminPasswordOrKey $adminPasswordOrKeySecure -dnsLabel $dnsLabel -instanceType $instanceType -imageName $imageName -bigIpVersion $bigIpVersion -bigIpModules $bigIpModules -vnetAddressPrefix $vnetAddressPrefix -declarationUrl $declarationUrl -ntpServer $ntpServer -timeZone $timeZone -customImage $customImage -restrictedSrcAddress $restrictedSrcAddress -tagValues $tagValues -allowUsageAnalytics $allowUsageAnalytics -vmScaleSetMinCount $vmScaleSetMinCount -vmScaleSetMaxCount $vmScaleSetMaxCount -appInsights $appInsights -scaleOutCpuThreshold $scaleOutCpuThreshold -scaleInCpuThreshold $scaleInCpuThreshold -scaleOutThroughputThreshold $scaleOutThroughputThreshold -scaleInThroughputThreshold $scaleInThroughputThreshold -scaleOutTimeWindow $scaleOutTimeWindow -scaleInTimeWindow $scaleInTimeWindow -notificationEmail $notificationEmail -useAvailabilityZones $useAvailabilityZones -autoscaleTimeout $autoscaleTimeout -provisionPublicIP $provisionPublicIP -applicationProtocols $applicationProtocols -applicationAddress $applicationAddress -applicationPort $applicationPort -applicationSecurePort $applicationSecurePort -sslCert $sslCert -sslPswd $sslPswdSecure -applicationType $applicationType -blockingLevel $blockingLevel -customPolicy $customPolicy -tenantId $tenantId -clientId $clientId -servicePrincipalSecret $servicePrincipalSecretSecure # Print Output of Deployment to Console $deployment \ No newline at end of file diff --git a/supported/autoscale/waf/via-lb/1nic/new-stack/payg/README.md b/supported/autoscale/waf/via-lb/1nic/new-stack/payg/README.md index 997f520902..b050439471 100644 --- a/supported/autoscale/waf/via-lb/1nic/new-stack/payg/README.md +++ b/supported/autoscale/waf/via-lb/1nic/new-stack/payg/README.md @@ -19,7 +19,7 @@ This solution uses an ARM template to launch the deployment of F5 BIG-IP Local Traffic Manager (LTM) and Application Security Manager (ASM) Virtual Edition (VE) instances in a Microsoft Azure VM Scale Set that is configured for auto scaling. Traffic flows from the Azure load balancer to the BIG-IP VE (cluster) and then to the application servers. The BIG-IP VE(s) are configured in single-NIC mode. Auto scaling means that as certain thresholds are reached, the number of BIG-IP VE instances automatically increases or decreases accordingly. -In this solution, the BIG-IP VEs have the [LTM](https://f5.com/products/big-ip/local-traffic-manager-ltm) and [ASM](https://f5.com/products/big-ip/application-security-manager-asm) modules enabled to provide advanced traffic management and web application security functionality. +In this solution, the BIG-IP VEs have the [LTM](https://f5.com/products/big-ip/local-traffic-manager-ltm) and [ASM](https://f5.com/products/big-ip/application-security-manager-asm) modules enabled to provide advanced traffic management and web application security functionality. This template uses BIGIP **private** management address when license is requested via BIGIQ For information on getting started using F5's ARM templates on GitHub, see [Microsoft Azure: Solutions 101](http://clouddocs.f5.com/cloud/public/v1/azure/Azure_solutions101.html). @@ -108,7 +108,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fautoscale%2Fwaf%2Fvia-lb%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters @@ -140,6 +140,8 @@ Use the appropriate button below to deploy: | scaleOutTimeWindow | Yes | The time window required to trigger a scale out event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | scaleInTimeWindow | Yes | The time window required to trigger a scale in event. This is used to determine the amount of time needed for a threshold to be breached, as well as to prevent excessive scaling events (flapping). **Note:** Allowed values are 1-60 (minutes). | | notificationEmail | Yes | If you want email notifications on scale events, specify an email address, otherwise leave the parameter as **OPTIONAL**. Note: You can specify multiple emails by separating them with a semi-colon, such as *email@domain.com;email2@domain.com*. | +| useAvailabilityZones | Yes | This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'. | +| autoscaleTimeout | Yes | The timeout value after which autoscale script execution will terminated | | provisionPublicIP | Yes | Enabling management public IP(s) allows for direct public access to each BIG-IP VE that is created. | | applicationProtocols | Yes | The protocol(s) used by your application. | | applicationAddress | Yes | The public IP address or DNS FQDN of the application that this WAF will protect. | @@ -161,7 +163,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### PowerShell Script Example ```powershell -## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName +## Example Command: .\Deploy_via_PS.ps1 -adminUsername azureuser -authenticationType password -adminPasswordOrKey -dnsLabel -instanceType Standard_DS2_v2 -imageName Best1Gbps -bigIpVersion 15.0.100000 -bigIpModules asm:nominal -vnetAddressPrefix 10.0 -declarationUrl NOT_SPECIFIED -ntpServer 0.pool.ntp.org -timeZone UTC -customImage OPTIONAL -allowUsageAnalytics Yes -vmScaleSetMinCount 2 -vmScaleSetMaxCount 4 -appInsights CREATE_NEW -scaleOutCpuThreshold 80 -scaleInCpuThreshold 20 -scaleOutThroughputThreshold 20000000 -scaleInThroughputThreshold 10000000 -scaleOutTimeWindow 10 -scaleInTimeWindow 10 -notificationEmail OPTIONAL -useAvailabilityZones Yes -autoscaleTimeout 10 -provisionPublicIP Yes -applicationProtocols http-https -applicationAddress -applicationPort 80 -applicationSecurePort 443 -sslCert NOT_SPECIFIED -sslPswd NOT_SPECIFIED -applicationType Linux -blockingLevel medium -customPolicy NOT_SPECIFIED -tenantId -clientId -servicePrincipalSecret -resourceGroupName ``` ======= @@ -169,7 +171,7 @@ As an alternative to deploying through the Azure Portal (GUI) each solution prov #### Azure CLI (1.0) Script Example ```bash -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword ``` diff --git a/supported/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.json b/supported/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.json index 286eb26247..d8f68fd6d8 100644 --- a/supported/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.json +++ b/supported/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -289,6 +289,26 @@ }, "type": "string" }, + "useAvailabilityZones": { + "allowedValues": [ + "Yes", + "No" + ], + "defaultValue": "Yes", + "metadata": { + "description": "This deployment can deploy resources into Azure Availability Zones (if the region supports it). If that is not desired the input should be set 'No'." + }, + "type": "string" + }, + "autoscaleTimeout": { + "defaultValue": 10, + "maxValue": 10, + "metadata": { + "description": "The timeout value after which autoscale script execution will terminated" + }, + "minValue": 3, + "type": "int" + }, "provisionPublicIP": { "allowedValues": [ "No", @@ -495,14 +515,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz asm-policy.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -528,7 +548,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbTpkOm46ajprOmg6czp0Omw6YTpjOnI6bzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgbSkgbW9kZT0kT1BUQVJHOzsKICAgICAgICBuKSBwb29sX21lbWJlcj0kT1BUQVJHOzsKICAgICAgICBqKSB2c19odHRwX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgaykgdnNfaHR0cHNfcG9ydD0kT1BUQVJHOzsKICAgICAgICBoKSBwb29sX2h0dHBfcG9ydD0kT1BUQVJHOzsKICAgICAgICBzKSBwb29sX2h0dHBzX3BvcnQ9JE9QVEFSRzs7CiAgICAgICAgdCkgdHlwZT0kT1BUQVJHOzsKICAgICAgICBsKSBsZXZlbD0kT1BUQVJHOzsKICAgICAgICBhKSBwb2xpY3k9JE9QVEFSRzs7CiAgICAgICAgYykgc3NsX2NlcnQ9JE9QVEFSRzs7CiAgICAgICAgcikgc3NsX3Bhc3N3ZD0kT1BUQVJHOzsKICAgICAgICB1KSB1c2VyPSRPUFRBUkc7OwogICAgZXNhYwpkb25lCgpkZXBsb3llZD0ibm8iCmZpbGVfbG9jPSIvY29uZmlnL2Nsb3VkL2N1c3RvbV9jb25maWciCmRmbF9tZ210X3BvcnQ9YHRtc2ggbGlzdCBzeXMgaHR0cGQgc3NsLXBvcnQgfCBncmVwIHNzbC1wb3J0IHwgc2VkICdzL3NzbC1wb3J0IC8vO3MvIC8vZydgCnVybF9yZWdleD0iKGh0dHA6XC9cL3xodHRwczpcL1wvKT9bYS16MC05XSsoW1wtXC5dezF9W2EtejAtOV0rKSpcLlthLXpdezIsNX0oOlswLTldezEsNX0pPyhcLy4qKT8kIgoKaWYgW1sgJGRlY2xhcmF0aW9uVXJsID1+ICR1cmxfcmVnZXggXV07IHRoZW4KICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1zayAtdyAiJXtodHRwX2NvZGV9IiAkZGVjbGFyYXRpb25VcmwgLW8gJGZpbGVfbG9jKQogICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIF1dOyB0aGVuCiAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgZG93bmxvYWQgY29tcGxldGU7IGNoZWNraW5nIGZvciB2YWxpZCBKU09OLiIKICAgICAgICAgY2F0ICRmaWxlX2xvYyB8IGpxIC5jbGFzcwogICAgICAgICBpZiBbWyAkPyA9PSAwIF1dOyB0aGVuCiAgICAgICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2t2dnUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC9zaGFyZWQvYXBwc3Zjcy9kZWNsYXJlIC1kIEAkZmlsZV9sb2MgLW8gL2Rldi9udWxsKQoKICAgICAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgXV07IHRoZW4KICAgICAgICAgICAgICAgICAgZWNobyAiRGVwbG95bWVudCBvZiBhcHBsaWNhdGlvbiBzdWNjZWVkZWQuIgogICAgICAgICAgICAgICAgICBkZXBsb3llZD0ieWVzIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGZpCiAgICAgICAgIGVsc2UKICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCB2YWxpZCBKU09OLCBjb250aW51aW5nIgogICAgICAgICBmaQogICAgZWxzZQogICAgICAgIGVjaG8gIkZhaWxlZCB0byBkb3dubG9hZCBjdXN0b20gY29uZmlnOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICBmaQplbHNlCiAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IGEgVVJMLCBjb250aW51aW5nLiIKZmkKCmlmIFtbICRkZXBsb3llZCA9PSAibm8iICYmICRkZWNsYXJhdGlvblVybCA9PSAiTk9UX1NQRUNJRklFRCIgXV07IHRoZW4KICAgIGlwX3JlZ2V4PSdeWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfVwuWzAtOV17MSwzfSQnCiAgICBkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAogICAgbW9kZT1gc2VkICJzLy0vXy9nIiA8PDwiJG1vZGUiYAogICAgcGF5bG9hZD0neyJjbGFzcyI6IkFEQyIsInNjaGVtYVZlcnNpb24iOiIzLjAuMCIsImxhYmVsIjoiYXV0b3NjYWxlX3dhZiIsImlkIjoiQVVUT1NDQUxFX1dBRiIsInJlbWFyayI6IkF1dG9zY2FsZSBXQUYiLCJ3YWYiOnsiY2xhc3MiOiJUZW5hbnQiLCJTaGFyZWQiOnsiY2xhc3MiOiJBcHBsaWNhdGlvbiIsInRlbXBsYXRlIjoic2hhcmVkIiwic2VydmljZUFkZHJlc3MiOnsiY2xhc3MiOiJTZXJ2aWNlX0FkZHJlc3MiLCJ2aXJ0dWFsQWRkcmVzcyI6IjAuMC4wLjAifSwicG9saWN5V0FGIjp7ImNsYXNzIjoiV0FGX1BvbGljeSIsImZpbGUiOiIvdG1wL2FzMzAtbGludXgtbWVkaXVtLnhtbCJ9fSwiaHR0cCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwIiwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwIl0sIm1lbWJlcnMiOlt7ImFkZHJlc3NEaXNjb3ZlcnkiOiJmcWRuIiwiYXV0b1BvcHVsYXRlIjp0cnVlLCJzZXJ2aWNlUG9ydCI6ODAsImhvc3RuYW1lIjoid3d3LmV4YW1wbGUuY29tIiwic2VydmVyQWRkcmVzc2VzIjpbIjI1NS4yNTUuMjU1LjI1NCJdfV19LCJzZXJ2aWNlTWFpbiI6eyJjbGFzcyI6IlNlcnZpY2VfSFRUUCIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6ODAsInNuYXQiOiJhdXRvIiwic2VjdXJpdHlMb2dQcm9maWxlcyI6W3siYmlnaXAiOiIvQ29tbW9uL0xvZyBpbGxlZ2FsIHJlcXVlc3RzIn1dLCJwb29sIjoicG9vbCIsInBvbGljeVdBRiI6eyJ1c2UiOiIvd2FmL1NoYXJlZC9wb2xpY3lXQUYifX19LCJodHRwcyI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sImNsaWVudFRMUyI6eyJjbGFzcyI6IlRMU19DbGllbnQifSwicG9vbCI6eyJjbGFzcyI6IlBvb2wiLCJtb25pdG9ycyI6WyJodHRwcyJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjQ0MywiaG9zdG5hbWUiOiJ3d3cuZXhhbXBsZS5jb20iLCJzZXJ2ZXJBZGRyZXNzZXMiOlsiMjU1LjI1NS4yNTUuMjU0Il19XX0sInNlcnZpY2VNYWluIjp7ImNsYXNzIjoiU2VydmljZV9IVFRQUyIsInZpcnR1YWxBZGRyZXNzZXMiOlt7InVzZSI6Ii93YWYvU2hhcmVkL3NlcnZpY2VBZGRyZXNzIn1dLCJ2aXJ0dWFsUG9ydCI6NDQzLCJzZXJ2ZXJUTFMiOiJzZXJ2ZXJUTFMiLCJjbGllbnRUTFMiOiJjbGllbnRUTFMiLCJyZWRpcmVjdDgwIjp0cnVlLCJzbmF0IjoiYXV0byIsInNlY3VyaXR5TG9nUHJvZmlsZXMiOlt7ImJpZ2lwIjoiL0NvbW1vbi9Mb2cgaWxsZWdhbCByZXF1ZXN0cyJ9XSwicG9vbCI6InBvb2wiLCJwb2xpY3lXQUYiOnsidXNlIjoiL3dhZi9TaGFyZWQvcG9saWN5V0FGIn19fSwiaHR0cHNfb2ZmbG9hZCI6eyJjbGFzcyI6IkFwcGxpY2F0aW9uIiwidGVtcGxhdGUiOiJodHRwcyIsInNlcnZlclRMUyI6eyJjbGFzcyI6IlRMU19TZXJ2ZXIiLCJjZXJ0aWZpY2F0ZXMiOlt7ImNlcnRpZmljYXRlIjoiY2VydFNlcnZlciJ9XSwiYXV0aGVudGljYXRpb25UcnVzdENBIjp7ImJpZ2lwIjoiL0NvbW1vbi9jYS1idW5kbGUuY3J0In19LCJjZXJ0U2VydmVyIjp7ImNsYXNzIjoiQ2VydGlmaWNhdGUiLCJjZXJ0aWZpY2F0ZSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5jcnQifSwicHJpdmF0ZUtleSI6eyJiaWdpcCI6Ii9Db21tb24vd2FmQ2VydC5rZXkifX0sInBvb2wiOnsiY2xhc3MiOiJQb29sIiwibW9uaXRvcnMiOlsiaHR0cCJdLCJtZW1iZXJzIjpbeyJhZGRyZXNzRGlzY292ZXJ5IjoiZnFkbiIsImF1dG9Qb3B1bGF0ZSI6dHJ1ZSwic2VydmljZVBvcnQiOjgwLCJob3N0bmFtZSI6Ind3dy5leGFtcGxlLmNvbSIsInNlcnZlckFkZHJlc3NlcyI6WyIyNTUuMjU1LjI1NS4yNTQiXX1dfSwic2VydmljZU1haW4iOnsiY2xhc3MiOiJTZXJ2aWNlX0hUVFBTIiwidmlydHVhbEFkZHJlc3NlcyI6W3sidXNlIjoiL3dhZi9TaGFyZWQvc2VydmljZUFkZHJlc3MifV0sInZpcnR1YWxQb3J0Ijo4MCwic2VydmVyVExTIjoic2VydmVyVExTIiwic25hdCI6ImF1dG8iLCJzZWN1cml0eUxvZ1Byb2ZpbGVzIjpbeyJiaWdpcCI6Ii9Db21tb24vTG9nIGlsbGVnYWwgcmVxdWVzdHMifV0sInBvb2wiOiJwb29sIiwicG9saWN5V0FGIjp7InVzZSI6Ii93YWYvU2hhcmVkL3BvbGljeVdBRiJ9fX19fScKCiAgICAjIHZlcmlmeSB0aGF0IHRoZSBjdXN0b20gcG9saWN5IGlzIGEgVVJMCiAgICBpZiBbWyAkbGV2ZWwgPT0gImN1c3RvbSIgXV07IHRoZW4KICAgICAgICAgaWYgW1sgLW4gJHBvbGljeSAmJiAkcG9saWN5ICE9ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgICAgICAgICAgaWYgW1sgJHBvbGljeSA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGN1c3RvbV9wb2xpY3k9JHBvbGljeQogICAgICAgICAgICAgICAgICAvdXNyL2Jpbi9jdXJsIC1zayAkY3VzdG9tX3BvbGljeSAtLXJldHJ5IDMgLW8gL3RtcC9jdXN0b21fcG9saWN5LnhtbAogICAgICAgICAgICAgICAgICBhc21fcG9saWN5PSIvdG1wL2N1c3RvbV9wb2xpY3kueG1sIgogICAgICAgICAgICAgZWxzZQogICAgICAgICAgICAgICAgICBlY2hvICJDdXN0b20gcG9saWN5IHdhcyBub3QgYSBVUkwsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICAgICAgYXNtX3BvbGljeT0iL2NvbmZpZy9jbG91ZC9hc20tcG9saWN5LSR0eXBlLWhpZ2gueG1sIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgIGVjaG8gIkN1c3RvbSBwb2xpY3kgd2FzIG5vdCBzcGVjaWZpZWQsIGRlZmF1bHRpbmcgdG8gaGlnaCIKICAgICAgICAgICAgICBhc21fcG9saWN5PSIvY29uZmlnL2Nsb3VkL2FzbS1wb2xpY3ktJHR5cGUtaGlnaC54bWwiCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgIGFzbV9wb2xpY3k9Ii9jb25maWcvY2xvdWQvYXNtLXBvbGljeS0kdHlwZS0kbGV2ZWwueG1sIgogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cHMiIHx8ICRtb2RlID09ICJodHRwX2h0dHBzIiB8fCAkbW9kZSA9PSAiaHR0cHNfb2ZmbG9hZCIgXV07IHRoZW4KICAgICAgICAgY2hhaW49Ii9Db21tb24vY2EtYnVuZGxlLmNydCIKCiAgICAgICAgIGVjaG8gIlN0YXJ0aW5nIENlcnRpZmljYXRlIGRvd25sb2FkIgoKICAgICAgICAgY2VydGlmaWNhdGVfbG9jYXRpb249JHNzbF9jZXJ0CgogICAgICAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXUgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iICAtWCBQT1NUIC1IICJDb250ZW50LXR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvdG0vdXRpbC9iYXNoIC1kICd7ICJjb21tYW5kIjoicnVuIiwidXRpbENtZEFyZ3MiOiItYyBcImN1cmwgLWsgLXMgLWYgLS1yZXRyeSA1IC0tcmV0cnktZGVsYXkgMTAgLS1yZXRyeS1tYXgtdGltZSAxMCAtbyAvY29uZmlnL3RtcC5wZnggJyRjZXJ0aWZpY2F0ZV9sb2NhdGlvbidcIiIgfScgLW8gL2Rldi9udWxsKQoKICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwICBdXTsgdGhlbgogICAgICAgICAgICAgIGVjaG8gIkNlcnRpZmljYXRlIGRvd25sb2FkIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIFNTTCBjZXJ0OyBleGl0aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBleGl0IDEKICAgICAgICAgZmkKCiAgICAgICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3UgJHVzZXI6JChwYXNzd2QpIC13ICIle2h0dHBfY29kZX0iIC1YIFBPU1QgLUggIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24vanNvbiIgaHR0cHM6Ly9sb2NhbGhvc3Q6JGRmbF9tZ210X3BvcnQvbWdtdC90bS9zeXMvY3J5cHRvL3BrY3MxMiAtZCAneyJjb21tYW5kIjogImluc3RhbGwiLCJuYW1lIjogIndhZkNlcnQiLCJvcHRpb25zIjogWyB7ICJmcm9tLWxvY2FsLWZpbGUiOiAiL2NvbmZpZy90bXAucGZ4IiB9LCB7ICJwYXNzcGhyYXNlIjogIiciJHNzbF9wYXNzd2QiJyIgfSBdIH0nIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCAgXV07IHRoZW4KICAgICAgICAgICAgICBlY2hvICJDZXJ0aWZpY2F0ZSBpbnN0YWxsIGNvbXBsZXRlLiIKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGluc3RhbGwgU1NMIGNlcnQ7IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgICAgIGV4aXQgMQogICAgICAgICBmaQogICAgZmkKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIGFzbV9wb2xpY3kgJGFzbV9wb2xpY3kgJyAud2FmLlNoYXJlZC5wb2xpY3lXQUYuZmlsZSA9ICRhc21fcG9saWN5JykKCiAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfaHR0cF9wb3J0ICRwb29sX2h0dHBfcG9ydCAtLWFyZyBwb29sX2h0dHBzX3BvcnQgJHBvb2xfaHR0cHNfcG9ydCAtLWFyZyB2c19odHRwX3BvcnQgJHZzX2h0dHBfcG9ydCAtLWFyZyB2c19odHRwc19wb3J0ICR2c19odHRwc19wb3J0ICcgLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHAuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBfcG9ydCB8IHRvbnVtYmVyKSB8IC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLnNlcnZpY2VQb3J0ID0gKCRwb29sX2h0dHBzX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzLnNlcnZpY2VNYWluLnZpcnR1YWxQb3J0ID0gKCR2c19odHRwc19wb3J0IHwgdG9udW1iZXIpIHwgLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5zZXJ2aWNlUG9ydCA9ICgkcG9vbF9odHRwX3BvcnQgfCB0b251bWJlcikgfCAud2FmLmh0dHBzX29mZmxvYWQuc2VydmljZU1haW4udmlydHVhbFBvcnQgPSAoJHZzX2h0dHBzX3BvcnQgfCB0b251bWJlciknKQoKICAgIGlmIFtbICRwb29sX21lbWJlciA9fiAkaXBfcmVnZXggXV07IHRoZW4KICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAnZGVsKC53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uYXV0b1BvcHVsYXRlKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLmFkZHJlc3NEaXNjb3ZlcnkpIHwgIGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hdXRvUG9wdWxhdGUpIHwgZGVsKC53YWYuaHR0cHMucG9vbC5tZW1iZXJzWzBdLmhvc3RuYW1lKSB8IGRlbCgud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLmF1dG9Qb3B1bGF0ZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSkgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkLnBvb2wubWVtYmVyc1swXS5hZGRyZXNzRGlzY292ZXJ5KScpCgogICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jIC0tYXJnIHBvb2xfbWVtYmVyICRwb29sX21lbWJlciAnLndhZi5odHRwLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5zZXJ2ZXJBZGRyZXNzZXNbMF0gPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3Nlc1swXSA9ICRwb29sX21lbWJlcicpCiAgICBlbHNlCiAgICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHAucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcykgfCBkZWwoLndhZi5odHRwcy5wb29sLm1lbWJlcnNbMF0uc2VydmVyQWRkcmVzc2VzKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQucG9vbC5tZW1iZXJzWzBdLnNlcnZlckFkZHJlc3NlcyknKQoKICAgICAgICAgcGF5bG9hZD0kKGVjaG8gJHBheWxvYWQgfCBqcSAtYyAtLWFyZyBwb29sX21lbWJlciAkcG9vbF9tZW1iZXIgJy53YWYuaHR0cC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXIgfCAud2FmLmh0dHBzLnBvb2wubWVtYmVyc1swXS5ob3N0bmFtZSA9ICRwb29sX21lbWJlciB8IC53YWYuaHR0cHNfb2ZmbG9hZC5wb29sLm1lbWJlcnNbMF0uaG9zdG5hbWUgPSAkcG9vbF9tZW1iZXInKQogICAgZmkKCiAgICBpZiBbWyAkbW9kZSA9PSAiaHR0cCIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwcykgfCBkZWwoLndhZi5odHRwc19vZmZsb2FkKScpCiAgICBlbGlmIFtbICRtb2RlID09ICJodHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwKSB8IGRlbCgud2FmLmh0dHBzX29mZmxvYWQpIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxpZiBbWyAkbW9kZSA9PSAiaHR0cF9odHRwcyIgXV07IHRoZW4KICAgICAgICBwYXlsb2FkPSQoZWNobyAkcGF5bG9hZCB8IGpxIC1jICdkZWwoLndhZi5odHRwc19vZmZsb2FkKSB8IC53YWYuaHR0cHMuc2VydmljZU1haW4ucmVkaXJlY3Q4MCA9IGZhbHNlIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLmNlcnRpZmljYXRlLmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5jcnQiIHwgLndhZi5odHRwcy5jZXJ0U2VydmVyLnByaXZhdGVLZXkuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmtleSInKQogICAgZWxzZQogICAgICAgIHBheWxvYWQ9JChlY2hvICRwYXlsb2FkIHwganEgLWMgJ2RlbCgud2FmLmh0dHApIHwgZGVsKC53YWYuaHR0cHMpIHwgLndhZi5odHRwc19vZmZsb2FkLmNlcnRTZXJ2ZXIuY2VydGlmaWNhdGUuYmlnaXAgPSAiL0NvbW1vbi93YWZDZXJ0LmNydCIgfCAud2FmLmh0dHBzX29mZmxvYWQuY2VydFNlcnZlci5wcml2YXRlS2V5LmJpZ2lwID0gIi9Db21tb24vd2FmQ2VydC5rZXkiJykKICAgIGZpCgogICAgIHJlc3BvbnNlX2NvZGU9JCgvdXNyL2Jpbi9jdXJsIC1za3Z2dSAkdXNlcjokKHBhc3N3ZCkgLXcgIiV7aHR0cF9jb2RlfSIgLVggUE9TVCAtSCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9qc29uIiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgIiRwYXlsb2FkIiAtbyAvZGV2L251bGwpCgogICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCB8fCAkcmVzcG9uc2VfY29kZSA9PSA1MDIgIF1dOyB0aGVuCiAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICBlbHNlCiAgICAgICAgIGVjaG8gIkZhaWxlZCB0byBkZXBsb3kgYXBwbGljYXRpb247IGV4aXRpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgICAgICAgZXhpdCAxCiAgICAgZmkKIGZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -606,6 +629,7 @@ "frontEndIPConfigID": "[concat(variables('extLbId'),'/frontendIPConfigurations/loadBalancerFrontEnd')]", "appInsightsApiVersion": "2015-04-01", "appInsightsComponentsApiVersion": "2015-05-01", + "useAvailabilityZones": "[and(variables('zonesAvailable'), equals(parameters('useAvailabilityZones'), 'Yes'))]", "vmssName": "[concat(parameters('dnsLabel'),'-vmss')]", "vmssId": "[resourceId('Microsoft.Compute/virtualMachineScaleSets', variables('vmssName'))]", "defaultAppInsightsLocation": "eastus", @@ -666,7 +690,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-new-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" + "metricsCmd": "[concat(' --usageAnalytics \\\" --metrics customerId:${custId},deploymentId:${deployId},templateName:as_waf_via-lb-new-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure\\\"')]" } }, "osProfiles": { @@ -962,7 +986,7 @@ "name": "main", "properties": { "protectedSettings": { - "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" + "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR; mkdir -p /var/log/cloud/azure; cp asm-policy.tar.gz *.tmpl /config/cloud; tar xfz /config/cloud/asm-policy.tar.gz -C /config/cloud; echo ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/install -m 400 /dev/null /config/cloud/.azCredentials; cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads && cp ', variables('f5AS3Build'), ' /var/config/rest/downloads; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; echo -e ', variables('verifyHash'), ' >> /config/verifyHash; echo -e ', variables('installCloudLibs'), ' >> /config/installCloudLibs.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), '{\"clientId\": \"', parameters('clientId'), '\", \"tenantId\": \"', parameters('tenantId'), '\", \"secret\": \"', parameters('servicePrincipalSecret'), '\", \"subscriptionId\": \"', variables('subscriptionID'), '\", \"storageAccount\": \"', variables('newDataStorageAccountName'), '\", \"storageKey\": \"', listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('newDataStorageAccountName')), variables('storageApiVersion')).keys[0].value, '\", \"vmssName\": \"', variables('vmssName'), '\", \"resourceGroupName\": \"', variables('resourceGroupName'), '\", \"loadBalancerName\": \"', variables('externalLoadBalancerName'), '\", \"appInsightsName\": \"', variables('appInsightsName'), '\", \"appInsightsId\": \"', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).AppId, '\", \"location\": \"', variables('location'), '\"}', variables('singleQuote'), ' \"/config/cloud/.azCredentials\" \"\" true; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/runScript.js --output /var/log/cloud/azure/autoscale.log --log-level info --file $CLOUD_LIB_DIR/f5-cloud-libs-azure/scripts/autoscale.sh --shell /bin/bash --cl-args \"--deploymentType waf --logLevel info --backupUcs 7 --resourceGroup ', resourceGroup().name, ' --vmssName ', variables('vmssName'), ' --userName svc_user --password /config/cloud/.passwd --azureSecretFile /config/cloud/.azCredentials --managementPort ', variables('bigIpMgmtPort'), ' --ntpServer ', parameters('ntpServer'), ' --autoscaleTimeout ', parameters('autoscaleTimeout'), ' --as3Build ', variables('f5AS3Build'), ' --timeZone ', parameters('timeZone'), ' --bigIpModules ', parameters('bigIpModules'), variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, ' --appScriptArgs \\\"', variables('commandArgs'), '\\\"', ' --appInsightsKey ', reference(resourceId(variables('appInsightsNameArray')[1], 'Microsoft.Insights/components', variables('appInsightsNameArray')[0]), variables('appInsightsComponentsApiVersion')).InstrumentationKey, '\" --signal AUTOSCALE_SCRIPT_DONE', '; if [[ $? == 0 ]]; then tmsh modify cm device-group Sync asm-sync enabled; tmsh load sys application template f5.service_discovery.tmpl; tmsh load sys application template f5.cloud_logger.v1.0.0.tmpl; bash /config/customConfig.sh; reboot_signal=\"/tmp/f5-cloud-libs-signals/REBOOT_REQUIRED\"; if [ -f $reboot_signal ]; then echo \"Reboot signaled by cloud libs, rebooting\"; rm -f $reboot_signal; reboot; else echo \"Cloud libs did not signal a reboot\"; fi; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { @@ -1028,7 +1052,7 @@ "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", - "zones": "[if(variables('zonesAvailable'), createArray(1, 2, 3), json('null'))]", + "zones": "[if(variables('useAvailabilityZones'), createArray(1, 2, 3), json('null'))]", "type": "Microsoft.Compute/virtualMachineScaleSets" }, { @@ -1037,10 +1061,10 @@ "[variables('vmssId')]" ], "location": "[variables('location')]", - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "properties": { "enabled": true, - "name": "autoscaleconfig", + "name": "[concat(variables('dnsLabel'), '-autoscaleconfig')]", "notifications": [ { "email": { diff --git a/supported/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json b/supported/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json index 1f66a96235..19a0025fd9 100644 --- a/supported/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json +++ b/supported/autoscale/waf/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" @@ -86,6 +86,12 @@ "notificationEmail": { "value": "OPTIONAL" }, + "useAvailabilityZones": { + "value": "Yes" + }, + "autoscaleTimeout": { + "value": 10 + }, "provisionPublicIP": { "value": "Yes" }, diff --git a/supported/autoscale/waf/via-lb/1nic/new-stack/payg/deploy_via_bash.sh b/supported/autoscale/waf/via-lb/1nic/new-stack/payg/deploy_via_bash.sh index d37a82b77a..74f03fa4f2 100755 --- a/supported/autoscale/waf/via-lb/1nic/new-stack/payg/deploy_via_bash.sh +++ b/supported/autoscale/waf/via-lb/1nic/new-stack/payg/deploy_via_bash.sh @@ -1,7 +1,7 @@ #!/bin/bash ## Bash Script to deploy an F5 ARM template into Azure, using azure cli 1.0 ## -## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword +## Example Command: ./deploy_via_bash.sh --adminUsername azureuser --authenticationType password --adminPasswordOrKey --dnsLabel --instanceType Standard_DS2_v2 --imageName Best1Gbps --bigIpVersion 15.0.100000 --bigIpModules asm:nominal --vnetAddressPrefix 10.0 --declarationUrl NOT_SPECIFIED --ntpServer 0.pool.ntp.org --timeZone UTC --customImage OPTIONAL --allowUsageAnalytics Yes --vmScaleSetMinCount 2 --vmScaleSetMaxCount 4 --appInsights CREATE_NEW --scaleOutCpuThreshold 80 --scaleInCpuThreshold 20 --scaleOutThroughputThreshold 20000000 --scaleInThroughputThreshold 10000000 --scaleOutTimeWindow 10 --scaleInTimeWindow 10 --notificationEmail OPTIONAL --useAvailabilityZones Yes --autoscaleTimeout 10 --provisionPublicIP Yes --applicationProtocols http-https --applicationAddress --applicationPort 80 --applicationSecurePort 443 --sslCert NOT_SPECIFIED --sslPswd NOT_SPECIFIED --applicationType Linux --blockingLevel medium --customPolicy NOT_SPECIFIED --tenantId --clientId --servicePrincipalSecret --resourceGroupName --azureLoginUser --azureLoginPassword # Assign Script Parameters and Define Variables # Specify static items below, change these as needed or make them parameters @@ -90,6 +90,12 @@ while [[ $# -gt 1 ]]; do --notificationEmail) notificationEmail=$2 shift 2;; + --useAvailabilityZones) + useAvailabilityZones=$2 + shift 2;; + --autoscaleTimeout) + autoscaleTimeout=$2 + shift 2;; --provisionPublicIP) provisionPublicIP=$2 shift 2;; @@ -148,7 +154,7 @@ while [[ $# -gt 1 ]]; do done #If a required parameter is not passed, the script will prompt for it below -required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy tenantId clientId servicePrincipalSecret resourceGroupName " +required_variables="adminUsername authenticationType adminPasswordOrKey dnsLabel instanceType imageName bigIpVersion bigIpModules vnetAddressPrefix declarationUrl ntpServer timeZone customImage allowUsageAnalytics vmScaleSetMinCount vmScaleSetMaxCount appInsights scaleOutCpuThreshold scaleInCpuThreshold scaleOutThroughputThreshold scaleInThroughputThreshold scaleOutTimeWindow scaleInTimeWindow notificationEmail useAvailabilityZones autoscaleTimeout provisionPublicIP applicationProtocols applicationAddress applicationPort applicationSecurePort sslCert sslPswd applicationType blockingLevel customPolicy tenantId clientId servicePrincipalSecret resourceGroupName " for variable in $required_variables do if [ -z ${!variable} ] ; then @@ -172,4 +178,4 @@ az group create -n $resourceGroupName -l $region # Deploy ARM Template, right now cannot specify parameter file and parameters inline via Azure CLI template_file="./azuredeploy.json" parameter_file="./azuredeploy.parameters.json" -az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file +az group deployment create --verbose --no-wait --template-file $template_file -g $resourceGroupName -n $resourceGroupName --parameters "{\"adminUsername\":{\"value\":\"$adminUsername\"},\"authenticationType\":{\"value\":\"$authenticationType\"},\"adminPasswordOrKey\":{\"value\":\"$adminPasswordOrKey\"},\"dnsLabel\":{\"value\":\"$dnsLabel\"},\"instanceType\":{\"value\":\"$instanceType\"},\"imageName\":{\"value\":\"$imageName\"},\"bigIpVersion\":{\"value\":\"$bigIpVersion\"},\"bigIpModules\":{\"value\":\"$bigIpModules\"},\"vnetAddressPrefix\":{\"value\":\"$vnetAddressPrefix\"},\"declarationUrl\":{\"value\":\"$declarationUrl\"},\"ntpServer\":{\"value\":\"$ntpServer\"},\"timeZone\":{\"value\":\"$timeZone\"},\"customImage\":{\"value\":\"$customImage\"},\"restrictedSrcAddress\":{\"value\":\"$restrictedSrcAddress\"},\"tagValues\":{\"value\":$tagValues},\"allowUsageAnalytics\":{\"value\":\"$allowUsageAnalytics\"},\"vmScaleSetMinCount\":{\"value\":$vmScaleSetMinCount},\"vmScaleSetMaxCount\":{\"value\":$vmScaleSetMaxCount},\"appInsights\":{\"value\":\"$appInsights\"},\"scaleOutCpuThreshold\":{\"value\":$scaleOutCpuThreshold},\"scaleInCpuThreshold\":{\"value\":$scaleInCpuThreshold},\"scaleOutThroughputThreshold\":{\"value\":$scaleOutThroughputThreshold},\"scaleInThroughputThreshold\":{\"value\":$scaleInThroughputThreshold},\"scaleOutTimeWindow\":{\"value\":$scaleOutTimeWindow},\"scaleInTimeWindow\":{\"value\":$scaleInTimeWindow},\"notificationEmail\":{\"value\":\"$notificationEmail\"},\"useAvailabilityZones\":{\"value\":\"$useAvailabilityZones\"},\"autoscaleTimeout\":{\"value\":$autoscaleTimeout},\"provisionPublicIP\":{\"value\":\"$provisionPublicIP\"},\"applicationProtocols\":{\"value\":\"$applicationProtocols\"},\"applicationAddress\":{\"value\":\"$applicationAddress\"},\"applicationPort\":{\"value\":\"$applicationPort\"},\"applicationSecurePort\":{\"value\":\"$applicationSecurePort\"},\"sslCert\":{\"value\":\"$sslCert\"},\"sslPswd\":{\"value\":\"$sslPswd\"},\"applicationType\":{\"value\":\"$applicationType\"},\"blockingLevel\":{\"value\":\"$blockingLevel\"},\"customPolicy\":{\"value\":\"$customPolicy\"},\"tenantId\":{\"value\":\"$tenantId\"},\"clientId\":{\"value\":\"$clientId\"},\"servicePrincipalSecret\":{\"value\":\"$servicePrincipalSecret\"}}" \ No newline at end of file diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/README.md b/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/README.md index 48a0d89385..0f12b7a2c6 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/README.md +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/README.md @@ -124,7 +124,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.json b/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.json index 2219736ecc..d9574ff4ee 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -541,14 +541,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -601,7 +601,10 @@ "intSubnetPrivateAddress1": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -671,7 +674,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-existing-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-existing-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.parameters.json index cddb61a85e..991bad0d20 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/byol/README.md b/supported/failover/same-net/via-api/n-nic/existing-stack/byol/README.md index 101e5b8783..0ec2badb69 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/byol/README.md +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/byol/README.md @@ -123,7 +123,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.json b/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.json index 371ae633a8..bdc084adf3 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.json +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -517,14 +517,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -577,7 +577,10 @@ "intSubnetPrivateAddress1": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -647,7 +650,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-existing-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-existing-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.parameters.json b/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.parameters.json index 2827d99602..2e301ce63a 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/payg/README.md b/supported/failover/same-net/via-api/n-nic/existing-stack/payg/README.md index c3b1c54191..f7c17ca66a 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/payg/README.md +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/payg/README.md @@ -121,7 +121,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.json b/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.json index cbc99d3c9c..0c8e529874 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.json +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -513,14 +513,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -573,7 +573,10 @@ "intSubnetPrivateAddress1": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -680,7 +683,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-existing-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-existing-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.parameters.json b/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.parameters.json index d1ab2c61ae..6aced1b570 100644 --- a/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-api/n-nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-api/n-nic/new-stack/bigiq/README.md b/supported/failover/same-net/via-api/n-nic/new-stack/bigiq/README.md index 0e062b125a..0c162fee70 100644 --- a/supported/failover/same-net/via-api/n-nic/new-stack/bigiq/README.md +++ b/supported/failover/same-net/via-api/n-nic/new-stack/bigiq/README.md @@ -124,7 +124,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.json b/supported/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.json index a133969551..c0144f34f2 100644 --- a/supported/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.json +++ b/supported/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -483,14 +483,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -543,7 +543,10 @@ "intSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.3.5')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -653,7 +656,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-new-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-new-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.parameters.json b/supported/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.parameters.json index 9556ff0d97..6d595f0fb7 100644 --- a/supported/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-api/n-nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-api/n-nic/new-stack/byol/README.md b/supported/failover/same-net/via-api/n-nic/new-stack/byol/README.md index 3b64b70aee..3b6e08e702 100644 --- a/supported/failover/same-net/via-api/n-nic/new-stack/byol/README.md +++ b/supported/failover/same-net/via-api/n-nic/new-stack/byol/README.md @@ -123,7 +123,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.json b/supported/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.json index c5b192e209..ce4ca48f24 100644 --- a/supported/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.json +++ b/supported/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -459,14 +459,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -519,7 +519,10 @@ "intSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.3.5')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -629,7 +632,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-new-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-new-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.parameters.json b/supported/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.parameters.json index a52764d483..ba7de4b3e7 100644 --- a/supported/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-api/n-nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-api/n-nic/new-stack/payg/README.md b/supported/failover/same-net/via-api/n-nic/new-stack/payg/README.md index 3a6a925c94..6b4cf4b44f 100644 --- a/supported/failover/same-net/via-api/n-nic/new-stack/payg/README.md +++ b/supported/failover/same-net/via-api/n-nic/new-stack/payg/README.md @@ -121,7 +121,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-api%2Fn-nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.json b/supported/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.json index 8b9dfd5250..2a0c39f309 100644 --- a/supported/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.json +++ b/supported/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -455,14 +455,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl ${config_loc}f5-cloud-libs-azure.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntar xfz /config/cloud/f5-cloud-libs-azure.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -515,7 +515,10 @@ "intSubnetPrivateAddress1": "[concat(parameters('vnetAddressPrefix'), '.3.5')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -662,7 +665,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-new-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_nnic-new-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.parameters.json b/supported/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.parameters.json index cbcd13d8c1..fd97bddde8 100644 --- a/supported/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-api/n-nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/README.md b/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/README.md index cfec148309..d84dacd2dc 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/README.md +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/README.md @@ -102,7 +102,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.json b/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.json index a650af91e9..f759155fec 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -364,14 +364,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -398,7 +398,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -459,7 +462,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-existing-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-existing-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json index 0ec9fb9a1f..742ff68d1f 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/byol/README.md b/supported/failover/same-net/via-lb/1nic/existing-stack/byol/README.md index a8890c305a..2eb626470b 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/byol/README.md +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/byol/README.md @@ -101,7 +101,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.json b/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.json index 5c94284be1..8a0613a8b8 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.json +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -340,14 +340,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -374,7 +374,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -435,7 +438,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-existing-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-existing-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.parameters.json index cb66bc83b3..738f4fb34f 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/payg/README.md b/supported/failover/same-net/via-lb/1nic/existing-stack/payg/README.md index 102b03635b..4f91f252af 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/payg/README.md +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/payg/README.md @@ -99,7 +99,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.json b/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.json index a984183bb7..16a7fe778f 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.json +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -336,14 +336,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -370,7 +370,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -468,7 +471,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-existing-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-existing-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json index ad448477b2..46ce93e696 100644 --- a/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/1nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/1nic/new-stack/bigiq/README.md b/supported/failover/same-net/via-lb/1nic/new-stack/bigiq/README.md index 099021a71f..b490be61f6 100644 --- a/supported/failover/same-net/via-lb/1nic/new-stack/bigiq/README.md +++ b/supported/failover/same-net/via-lb/1nic/new-stack/bigiq/README.md @@ -102,7 +102,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.json b/supported/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.json index ba5e814aa9..0094e93ccf 100644 --- a/supported/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.json +++ b/supported/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -336,14 +336,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -370,7 +370,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -430,7 +433,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-new-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-new-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json index c6fe94e09d..0e80e3759b 100644 --- a/supported/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/1nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/1nic/new-stack/byol/README.md b/supported/failover/same-net/via-lb/1nic/new-stack/byol/README.md index ae88b078f8..48018ca355 100644 --- a/supported/failover/same-net/via-lb/1nic/new-stack/byol/README.md +++ b/supported/failover/same-net/via-lb/1nic/new-stack/byol/README.md @@ -101,7 +101,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.json b/supported/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.json index e43abe6655..a603a569b7 100644 --- a/supported/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.json +++ b/supported/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -312,14 +312,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -346,7 +346,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -406,7 +409,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-new-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-new-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.parameters.json index 6015e08982..a47f5064bf 100644 --- a/supported/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/1nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/1nic/new-stack/payg/README.md b/supported/failover/same-net/via-lb/1nic/new-stack/payg/README.md index 3cf65909fb..d69a9a84d3 100644 --- a/supported/failover/same-net/via-lb/1nic/new-stack/payg/README.md +++ b/supported/failover/same-net/via-lb/1nic/new-stack/payg/README.md @@ -99,7 +99,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.json b/supported/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.json index 664aea2723..b95df06bec 100644 --- a/supported/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.json +++ b/supported/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -308,14 +308,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -342,7 +342,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -439,7 +442,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-new-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_1nic-new-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json index 412967524d..89dd320174 100644 --- a/supported/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/1nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/README.md b/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/README.md index 9218bf8e26..87edcb2ba3 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/README.md +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/README.md @@ -114,7 +114,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.json b/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.json index 1988df614e..174437df3d 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -442,14 +442,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -512,7 +512,10 @@ "internalLoadBalancerAddress": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix3'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -595,7 +598,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-existing-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-existing-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.parameters.json index 1a616318dd..53e09ab8f0 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/byol/README.md b/supported/failover/same-net/via-lb/3nic/existing-stack/byol/README.md index 2bbe8d0a5c..c97bc948a3 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/byol/README.md +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/byol/README.md @@ -113,7 +113,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.json b/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.json index 9b27ccd14d..7f0dda9e41 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.json +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -418,14 +418,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -488,7 +488,10 @@ "internalLoadBalancerAddress": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix3'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -571,7 +574,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-existing-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-existing-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.parameters.json index a5d00cded8..b80d5c68df 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/payg/README.md b/supported/failover/same-net/via-lb/3nic/existing-stack/payg/README.md index 4d728fbc8c..a209c9764e 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/payg/README.md +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/payg/README.md @@ -111,7 +111,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.json b/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.json index b2ac03daf5..550977a35f 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.json +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -414,14 +414,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -484,7 +484,10 @@ "internalLoadBalancerAddress": "[concat(variables('intSubnetPrivateAddressPrefix'), variables('intSubnetPrivateAddressSuffix3'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -604,7 +607,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-existing-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-existing-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.parameters.json index 73f25767c9..fbf2d2d972 100644 --- a/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/3nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/3nic/new-stack/bigiq/README.md b/supported/failover/same-net/via-lb/3nic/new-stack/bigiq/README.md index 1d37cb4527..25c075461d 100644 --- a/supported/failover/same-net/via-lb/3nic/new-stack/bigiq/README.md +++ b/supported/failover/same-net/via-lb/3nic/new-stack/bigiq/README.md @@ -114,7 +114,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.json b/supported/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.json index 91e0244afb..dea316f86f 100644 --- a/supported/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.json +++ b/supported/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -384,14 +384,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -453,7 +453,10 @@ "internalLoadBalancerAddress": "[concat(parameters('vnetAddressPrefix'), '.3.50')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -521,7 +524,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-new-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-new-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.parameters.json index 413ed4b356..dbf8db5d0f 100644 --- a/supported/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/3nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/3nic/new-stack/byol/README.md b/supported/failover/same-net/via-lb/3nic/new-stack/byol/README.md index 27a4882ded..eedeb9d722 100644 --- a/supported/failover/same-net/via-lb/3nic/new-stack/byol/README.md +++ b/supported/failover/same-net/via-lb/3nic/new-stack/byol/README.md @@ -113,7 +113,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.json b/supported/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.json index 7ff8d04194..24ee225615 100644 --- a/supported/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.json +++ b/supported/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -360,14 +360,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -429,7 +429,10 @@ "internalLoadBalancerAddress": "[concat(parameters('vnetAddressPrefix'), '.3.50')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -497,7 +500,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-new-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-new-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.parameters.json index c47c5c56bc..cf2c2a03a2 100644 --- a/supported/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/3nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/failover/same-net/via-lb/3nic/new-stack/payg/README.md b/supported/failover/same-net/via-lb/3nic/new-stack/payg/README.md index f0c71f1a9d..b8a13f5dcc 100644 --- a/supported/failover/same-net/via-lb/3nic/new-stack/payg/README.md +++ b/supported/failover/same-net/via-lb/3nic/new-stack/payg/README.md @@ -111,7 +111,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Ffailover%2Fsame-net%2Fvia-lb%2F3nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.json b/supported/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.json index 907b55fe45..8f3f1a9e64 100644 --- a/supported/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.json +++ b/supported/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -356,14 +356,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -425,7 +425,10 @@ "internalLoadBalancerAddress": "[concat(parameters('vnetAddressPrefix'), '.3.50')]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -530,7 +533,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-new-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:failover_3nic-new-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.parameters.json b/supported/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.parameters.json index 7fef54db15..29d908e9ee 100644 --- a/supported/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.parameters.json +++ b/supported/failover/same-net/via-lb/3nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/1nic/existing-stack/bigiq/README.md b/supported/standalone/1nic/existing-stack/bigiq/README.md index fb3dc5fa61..29b74ff68f 100644 --- a/supported/standalone/1nic/existing-stack/bigiq/README.md +++ b/supported/standalone/1nic/existing-stack/bigiq/README.md @@ -102,7 +102,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F1nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.json b/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.json index 8ce2bd6d76..0d816b0827 100644 --- a/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -382,14 +382,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -419,7 +419,10 @@ "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -472,7 +475,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-existing-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-existing-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.parameters.json index 7f29a06a1b..6a1dddbaf6 100644 --- a/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/standalone/1nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/1nic/existing-stack/byol/README.md b/supported/standalone/1nic/existing-stack/byol/README.md index d8b885cd0d..e02df44ea1 100644 --- a/supported/standalone/1nic/existing-stack/byol/README.md +++ b/supported/standalone/1nic/existing-stack/byol/README.md @@ -101,7 +101,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F1nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F1nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/1nic/existing-stack/byol/azuredeploy.json b/supported/standalone/1nic/existing-stack/byol/azuredeploy.json index affb35f039..21e4b0b3f8 100644 --- a/supported/standalone/1nic/existing-stack/byol/azuredeploy.json +++ b/supported/standalone/1nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -351,14 +351,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -388,7 +388,10 @@ "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -441,7 +444,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-existing-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-existing-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/1nic/existing-stack/byol/azuredeploy.parameters.json b/supported/standalone/1nic/existing-stack/byol/azuredeploy.parameters.json index a391575f79..d5f902b338 100644 --- a/supported/standalone/1nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/standalone/1nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/1nic/existing-stack/payg/README.md b/supported/standalone/1nic/existing-stack/payg/README.md index 3b5b3ed8c9..1002a634b8 100644 --- a/supported/standalone/1nic/existing-stack/payg/README.md +++ b/supported/standalone/1nic/existing-stack/payg/README.md @@ -99,7 +99,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F1nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/1nic/existing-stack/payg/azuredeploy.json b/supported/standalone/1nic/existing-stack/payg/azuredeploy.json index 4200d6c6d5..7118dff8bb 100644 --- a/supported/standalone/1nic/existing-stack/payg/azuredeploy.json +++ b/supported/standalone/1nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -356,14 +356,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -393,7 +393,10 @@ "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -483,7 +486,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-existing-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-existing-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/1nic/existing-stack/payg/azuredeploy.parameters.json b/supported/standalone/1nic/existing-stack/payg/azuredeploy.parameters.json index 6e048ff05e..5529de6ea1 100644 --- a/supported/standalone/1nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/standalone/1nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/1nic/new-stack/bigiq/README.md b/supported/standalone/1nic/new-stack/bigiq/README.md index cd6684b77c..c8f514ae93 100644 --- a/supported/standalone/1nic/new-stack/bigiq/README.md +++ b/supported/standalone/1nic/new-stack/bigiq/README.md @@ -102,7 +102,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F1nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/1nic/new-stack/bigiq/azuredeploy.json b/supported/standalone/1nic/new-stack/bigiq/azuredeploy.json index e2949adea7..5bfc67121d 100644 --- a/supported/standalone/1nic/new-stack/bigiq/azuredeploy.json +++ b/supported/standalone/1nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -335,14 +335,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -371,7 +371,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -425,7 +428,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-new-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-new-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/1nic/new-stack/bigiq/azuredeploy.parameters.json b/supported/standalone/1nic/new-stack/bigiq/azuredeploy.parameters.json index a12ef12c22..d14616663a 100644 --- a/supported/standalone/1nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/supported/standalone/1nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/1nic/new-stack/byol/README.md b/supported/standalone/1nic/new-stack/byol/README.md index 47ffd28e12..1700309ccc 100644 --- a/supported/standalone/1nic/new-stack/byol/README.md +++ b/supported/standalone/1nic/new-stack/byol/README.md @@ -101,7 +101,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F1nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F1nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/1nic/new-stack/byol/azuredeploy.json b/supported/standalone/1nic/new-stack/byol/azuredeploy.json index 4bf0229f64..03f82129e9 100644 --- a/supported/standalone/1nic/new-stack/byol/azuredeploy.json +++ b/supported/standalone/1nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -304,14 +304,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -340,7 +340,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -394,7 +397,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-new-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-new-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/1nic/new-stack/byol/azuredeploy.parameters.json b/supported/standalone/1nic/new-stack/byol/azuredeploy.parameters.json index 4f36cd6b48..4d7675ab27 100644 --- a/supported/standalone/1nic/new-stack/byol/azuredeploy.parameters.json +++ b/supported/standalone/1nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/1nic/new-stack/payg/README.md b/supported/standalone/1nic/new-stack/payg/README.md index 5543ab906f..0da2df6ca9 100644 --- a/supported/standalone/1nic/new-stack/payg/README.md +++ b/supported/standalone/1nic/new-stack/payg/README.md @@ -99,7 +99,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F1nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/1nic/new-stack/payg/azuredeploy.json b/supported/standalone/1nic/new-stack/payg/azuredeploy.json index 54525fdc06..412b9240e1 100644 --- a/supported/standalone/1nic/new-stack/payg/azuredeploy.json +++ b/supported/standalone/1nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -309,14 +309,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -345,7 +345,10 @@ "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIGh0dHBzOi8vbG9jYWxob3N0OiRkZmxfbWdtdF9wb3J0L21nbXQvc2hhcmVkL2FwcHN2Y3MvZGVjbGFyZSAtZCBAJGZpbGVfbG9jIC1vIC9kZXYvbnVsbCkKCiAgICAgICAgICAgICBpZiBbWyAkcmVzcG9uc2VfY29kZSA9PSAyMDAgfHwgJHJlc3BvbnNlX2NvZGUgPT0gNTAyIF1dOyB0aGVuCiAgICAgICAgICAgICAgICAgIGVjaG8gIkRlcGxveW1lbnQgb2YgYXBwbGljYXRpb24gc3VjY2VlZGVkLiIKICAgICAgICAgICAgICAgICAgZGVwbG95ZWQ9InllcyIKICAgICAgICAgICAgIGVsc2UKICAgICAgICAgICAgICAgICBlY2hvICJGYWlsZWQgdG8gZGVwbG95IGFwcGxpY2F0aW9uOyBjb250aW51aW5nIHdpdGggcmVzcG9uc2UgY29kZSAnIiRyZXNwb25zZV9jb2RlIiciCiAgICAgICAgICAgICBmaQogICAgICAgICBlbHNlCiAgICAgICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgdmFsaWQgSlNPTiwgY29udGludWluZyIKICAgICAgICAgZmkKICAgIGVsc2UKICAgICAgICBlY2hvICJGYWlsZWQgdG8gZG93bmxvYWQgY3VzdG9tIGNvbmZpZzsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgZmkKZWxzZQogICAgIGVjaG8gIkN1c3RvbSBjb25maWcgd2FzIG5vdCBhIFVSTCwgY29udGludWluZy4iCmZpCgppZiBbWyAkZGVwbG95ZWQgPT0gIm5vIiAmJiAkZGVjbGFyYXRpb25VcmwgPT0gIk5PVF9TUEVDSUZJRUQiIF1dOyB0aGVuCiAgICBlY2hvICJBcHBsaWNhdGlvbiBkZXBsb3ltZW50IGZhaWxlZCBvciBjdXN0b20gVVJMIHdhcyBub3Qgc3BlY2lmaWVkLiIKZmkKCmVjaG8gIkRlcGxveW1lbnQgY29tcGxldGUuIgpleGl0", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -436,7 +439,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-new-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_1nic-new-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/1nic/new-stack/payg/azuredeploy.parameters.json b/supported/standalone/1nic/new-stack/payg/azuredeploy.parameters.json index c4b89e54ea..a41e635b4c 100644 --- a/supported/standalone/1nic/new-stack/payg/azuredeploy.parameters.json +++ b/supported/standalone/1nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/2nic/existing-stack/bigiq/README.md b/supported/standalone/2nic/existing-stack/bigiq/README.md index f8ad9a0d58..7d71be361b 100644 --- a/supported/standalone/2nic/existing-stack/bigiq/README.md +++ b/supported/standalone/2nic/existing-stack/bigiq/README.md @@ -104,7 +104,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F2nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F2nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.json b/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.json index d317451e20..a405a2b414 100644 --- a/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -424,14 +424,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -473,7 +473,10 @@ "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -530,7 +533,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-existing-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-existing-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.parameters.json index d959760814..3fad3d0b80 100644 --- a/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/standalone/2nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/2nic/existing-stack/byol/README.md b/supported/standalone/2nic/existing-stack/byol/README.md index 300abaf7e5..887a7b3596 100644 --- a/supported/standalone/2nic/existing-stack/byol/README.md +++ b/supported/standalone/2nic/existing-stack/byol/README.md @@ -103,7 +103,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F2nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F2nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/2nic/existing-stack/byol/azuredeploy.json b/supported/standalone/2nic/existing-stack/byol/azuredeploy.json index f2fb6641d5..528063b0fb 100644 --- a/supported/standalone/2nic/existing-stack/byol/azuredeploy.json +++ b/supported/standalone/2nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -393,14 +393,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -442,7 +442,10 @@ "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -499,7 +502,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-existing-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-existing-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json b/supported/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json index 307fd73f7a..f478913a25 100644 --- a/supported/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/standalone/2nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/2nic/existing-stack/payg/README.md b/supported/standalone/2nic/existing-stack/payg/README.md index 89bc525c59..296ac95299 100644 --- a/supported/standalone/2nic/existing-stack/payg/README.md +++ b/supported/standalone/2nic/existing-stack/payg/README.md @@ -101,7 +101,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F2nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F2nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/2nic/existing-stack/payg/azuredeploy.json b/supported/standalone/2nic/existing-stack/payg/azuredeploy.json index 8f1b228d1c..f176ae350c 100644 --- a/supported/standalone/2nic/existing-stack/payg/azuredeploy.json +++ b/supported/standalone/2nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -398,14 +398,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -447,7 +447,10 @@ "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -541,7 +544,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-existing-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-existing-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/2nic/existing-stack/payg/azuredeploy.parameters.json b/supported/standalone/2nic/existing-stack/payg/azuredeploy.parameters.json index 4b327722dc..fe01f7fdf1 100644 --- a/supported/standalone/2nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/standalone/2nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/2nic/new-stack/bigiq/README.md b/supported/standalone/2nic/new-stack/bigiq/README.md index 159a8b2df8..7a9f0f1580 100644 --- a/supported/standalone/2nic/new-stack/bigiq/README.md +++ b/supported/standalone/2nic/new-stack/bigiq/README.md @@ -104,7 +104,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F2nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F2nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/2nic/new-stack/bigiq/azuredeploy.json b/supported/standalone/2nic/new-stack/bigiq/azuredeploy.json index de4618ba64..9c36b9e011 100644 --- a/supported/standalone/2nic/new-stack/bigiq/azuredeploy.json +++ b/supported/standalone/2nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -365,14 +365,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -412,7 +412,10 @@ "routeCmd": "route", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -469,7 +472,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-new-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-new-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/2nic/new-stack/bigiq/azuredeploy.parameters.json b/supported/standalone/2nic/new-stack/bigiq/azuredeploy.parameters.json index dffd7ef3b3..fd0dda859a 100644 --- a/supported/standalone/2nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/supported/standalone/2nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/2nic/new-stack/byol/README.md b/supported/standalone/2nic/new-stack/byol/README.md index e0622f32c2..86ce5810d6 100644 --- a/supported/standalone/2nic/new-stack/byol/README.md +++ b/supported/standalone/2nic/new-stack/byol/README.md @@ -103,7 +103,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F2nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F2nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/2nic/new-stack/byol/azuredeploy.json b/supported/standalone/2nic/new-stack/byol/azuredeploy.json index 5ec771a711..1380d117bd 100644 --- a/supported/standalone/2nic/new-stack/byol/azuredeploy.json +++ b/supported/standalone/2nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -334,14 +334,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -381,7 +381,10 @@ "routeCmd": "route", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -438,7 +441,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-new-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-new-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/2nic/new-stack/byol/azuredeploy.parameters.json b/supported/standalone/2nic/new-stack/byol/azuredeploy.parameters.json index ddab173267..fd87280c32 100644 --- a/supported/standalone/2nic/new-stack/byol/azuredeploy.parameters.json +++ b/supported/standalone/2nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/2nic/new-stack/payg/README.md b/supported/standalone/2nic/new-stack/payg/README.md index 8109d2b528..e493607e73 100644 --- a/supported/standalone/2nic/new-stack/payg/README.md +++ b/supported/standalone/2nic/new-stack/payg/README.md @@ -101,7 +101,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F2nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F2nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/2nic/new-stack/payg/azuredeploy.json b/supported/standalone/2nic/new-stack/payg/azuredeploy.json index 07c8792658..3b52a8724f 100644 --- a/supported/standalone/2nic/new-stack/payg/azuredeploy.json +++ b/supported/standalone/2nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -339,14 +339,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -386,7 +386,10 @@ "routeCmd": "route", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -480,7 +483,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-new-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_2nic-new-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/2nic/new-stack/payg/azuredeploy.parameters.json b/supported/standalone/2nic/new-stack/payg/azuredeploy.parameters.json index 348359b5cb..82c4258c6f 100644 --- a/supported/standalone/2nic/new-stack/payg/azuredeploy.parameters.json +++ b/supported/standalone/2nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/3nic/existing-stack/bigiq/README.md b/supported/standalone/3nic/existing-stack/bigiq/README.md index d227c1a6cb..3123f57500 100644 --- a/supported/standalone/3nic/existing-stack/bigiq/README.md +++ b/supported/standalone/3nic/existing-stack/bigiq/README.md @@ -104,7 +104,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F3nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F3nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.json b/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.json index e88772f66e..dd0bfc7512 100644 --- a/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -427,14 +427,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -480,7 +480,10 @@ "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -538,7 +541,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-existing-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-existing-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.parameters.json index ef2ed92d13..f8f2dbb620 100644 --- a/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/standalone/3nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/3nic/existing-stack/byol/README.md b/supported/standalone/3nic/existing-stack/byol/README.md index 1d66386ae8..8aca18cdbc 100644 --- a/supported/standalone/3nic/existing-stack/byol/README.md +++ b/supported/standalone/3nic/existing-stack/byol/README.md @@ -103,7 +103,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F3nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F3nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/3nic/existing-stack/byol/azuredeploy.json b/supported/standalone/3nic/existing-stack/byol/azuredeploy.json index 7adeea026c..aef74087a3 100644 --- a/supported/standalone/3nic/existing-stack/byol/azuredeploy.json +++ b/supported/standalone/3nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -396,14 +396,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -449,7 +449,10 @@ "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -507,7 +510,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-existing-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-existing-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/3nic/existing-stack/byol/azuredeploy.parameters.json b/supported/standalone/3nic/existing-stack/byol/azuredeploy.parameters.json index 10913820a9..f70e2fe727 100644 --- a/supported/standalone/3nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/standalone/3nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/3nic/existing-stack/payg/README.md b/supported/standalone/3nic/existing-stack/payg/README.md index 650e3b65be..2a77896c57 100644 --- a/supported/standalone/3nic/existing-stack/payg/README.md +++ b/supported/standalone/3nic/existing-stack/payg/README.md @@ -101,7 +101,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F3nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F3nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/3nic/existing-stack/payg/azuredeploy.json b/supported/standalone/3nic/existing-stack/payg/azuredeploy.json index 2b4cd811d8..f8b9cebd57 100644 --- a/supported/standalone/3nic/existing-stack/payg/azuredeploy.json +++ b/supported/standalone/3nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -401,14 +401,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -454,7 +454,10 @@ "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -549,7 +552,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-existing-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-existing-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/3nic/existing-stack/payg/azuredeploy.parameters.json b/supported/standalone/3nic/existing-stack/payg/azuredeploy.parameters.json index f9b4198653..6336c57be9 100644 --- a/supported/standalone/3nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/standalone/3nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/3nic/new-stack/bigiq/README.md b/supported/standalone/3nic/new-stack/bigiq/README.md index 35d8146116..2bf6760c57 100644 --- a/supported/standalone/3nic/new-stack/bigiq/README.md +++ b/supported/standalone/3nic/new-stack/bigiq/README.md @@ -104,7 +104,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F3nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F3nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/3nic/new-stack/bigiq/azuredeploy.json b/supported/standalone/3nic/new-stack/bigiq/azuredeploy.json index 9b4b590134..f1a8403261 100644 --- a/supported/standalone/3nic/new-stack/bigiq/azuredeploy.json +++ b/supported/standalone/3nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -356,14 +356,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -407,7 +407,10 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -465,7 +468,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-new-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-new-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/3nic/new-stack/bigiq/azuredeploy.parameters.json b/supported/standalone/3nic/new-stack/bigiq/azuredeploy.parameters.json index 1c93d6fba3..b9c3a15891 100644 --- a/supported/standalone/3nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/supported/standalone/3nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/3nic/new-stack/byol/README.md b/supported/standalone/3nic/new-stack/byol/README.md index adf1bf6c8b..f4093b0555 100644 --- a/supported/standalone/3nic/new-stack/byol/README.md +++ b/supported/standalone/3nic/new-stack/byol/README.md @@ -103,7 +103,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F3nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F3nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/3nic/new-stack/byol/azuredeploy.json b/supported/standalone/3nic/new-stack/byol/azuredeploy.json index e24a25633d..5cad933328 100644 --- a/supported/standalone/3nic/new-stack/byol/azuredeploy.json +++ b/supported/standalone/3nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -325,14 +325,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -376,7 +376,10 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -434,7 +437,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-new-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-new-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/3nic/new-stack/byol/azuredeploy.parameters.json b/supported/standalone/3nic/new-stack/byol/azuredeploy.parameters.json index 1a32237932..0a3af8f83f 100644 --- a/supported/standalone/3nic/new-stack/byol/azuredeploy.parameters.json +++ b/supported/standalone/3nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/3nic/new-stack/payg/README.md b/supported/standalone/3nic/new-stack/payg/README.md index dd158c7270..925a7fd697 100644 --- a/supported/standalone/3nic/new-stack/payg/README.md +++ b/supported/standalone/3nic/new-stack/payg/README.md @@ -101,7 +101,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2F3nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2F3nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/3nic/new-stack/payg/azuredeploy.json b/supported/standalone/3nic/new-stack/payg/azuredeploy.json index a754a94946..f902d026fd 100644 --- a/supported/standalone/3nic/new-stack/payg/azuredeploy.json +++ b/supported/standalone/3nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -330,14 +330,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -381,7 +381,10 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -476,7 +479,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-new-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-new-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/3nic/new-stack/payg/azuredeploy.parameters.json b/supported/standalone/3nic/new-stack/payg/azuredeploy.parameters.json index 97a731ebfc..de638b7a9a 100644 --- a/supported/standalone/3nic/new-stack/payg/azuredeploy.parameters.json +++ b/supported/standalone/3nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/n-nic/existing-stack/bigiq/README.md b/supported/standalone/n-nic/existing-stack/bigiq/README.md index fb4ad0987f..f490c3e6ca 100644 --- a/supported/standalone/n-nic/existing-stack/bigiq/README.md +++ b/supported/standalone/n-nic/existing-stack/bigiq/README.md @@ -106,7 +106,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2Fn-nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2Fn-nic%2Fexisting-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.json b/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.json index 71a46a1341..1632170394 100644 --- a/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.json +++ b/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -495,14 +495,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -548,7 +548,10 @@ "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -606,7 +609,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-existing-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-existing-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.parameters.json b/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.parameters.json index 5c423db998..7094f34c87 100644 --- a/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.parameters.json +++ b/supported/standalone/n-nic/existing-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/n-nic/existing-stack/byol/README.md b/supported/standalone/n-nic/existing-stack/byol/README.md index cb32bcb170..562b2f757d 100644 --- a/supported/standalone/n-nic/existing-stack/byol/README.md +++ b/supported/standalone/n-nic/existing-stack/byol/README.md @@ -105,7 +105,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2Fn-nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2Fn-nic%2Fexisting-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/n-nic/existing-stack/byol/azuredeploy.json b/supported/standalone/n-nic/existing-stack/byol/azuredeploy.json index 2c0983fed7..2412e6ec98 100644 --- a/supported/standalone/n-nic/existing-stack/byol/azuredeploy.json +++ b/supported/standalone/n-nic/existing-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -464,14 +464,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -517,7 +517,10 @@ "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -575,7 +578,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-existing-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-existing-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/n-nic/existing-stack/byol/azuredeploy.parameters.json b/supported/standalone/n-nic/existing-stack/byol/azuredeploy.parameters.json index 56fd3af4fc..20867327fd 100644 --- a/supported/standalone/n-nic/existing-stack/byol/azuredeploy.parameters.json +++ b/supported/standalone/n-nic/existing-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/n-nic/existing-stack/payg/README.md b/supported/standalone/n-nic/existing-stack/payg/README.md index 1459c8e1e8..e98feefb30 100644 --- a/supported/standalone/n-nic/existing-stack/payg/README.md +++ b/supported/standalone/n-nic/existing-stack/payg/README.md @@ -103,7 +103,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2Fn-nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2Fn-nic%2Fexisting-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/n-nic/existing-stack/payg/azuredeploy.json b/supported/standalone/n-nic/existing-stack/payg/azuredeploy.json index 31136a61a4..5234751b2c 100644 --- a/supported/standalone/n-nic/existing-stack/payg/azuredeploy.json +++ b/supported/standalone/n-nic/existing-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -469,14 +469,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -522,7 +522,10 @@ "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -617,7 +620,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-existing-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-existing-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/n-nic/existing-stack/payg/azuredeploy.parameters.json b/supported/standalone/n-nic/existing-stack/payg/azuredeploy.parameters.json index afaef29f6c..d88ae846f4 100644 --- a/supported/standalone/n-nic/existing-stack/payg/azuredeploy.parameters.json +++ b/supported/standalone/n-nic/existing-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/n-nic/new-stack/bigiq/README.md b/supported/standalone/n-nic/new-stack/bigiq/README.md index c72050bc6e..1fac18affe 100644 --- a/supported/standalone/n-nic/new-stack/bigiq/README.md +++ b/supported/standalone/n-nic/new-stack/bigiq/README.md @@ -106,7 +106,7 @@ Use the appropriate button below to deploy: - **BIGIQ**: This allows you to launch the template using an existing BIG-IQ device with a pool of licenses to license the BIG-IP VE(s). - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2Fn-nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2Fn-nic%2Fnew-stack%2Fbigiq%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/n-nic/new-stack/bigiq/azuredeploy.json b/supported/standalone/n-nic/new-stack/bigiq/azuredeploy.json index 6d48bb0ee1..6dc19d42b5 100644 --- a/supported/standalone/n-nic/new-stack/bigiq/azuredeploy.json +++ b/supported/standalone/n-nic/new-stack/bigiq/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -424,14 +424,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -475,7 +475,10 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -585,7 +588,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-new-stack-supported-bigiq,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-new-stack-supported-bigiq,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:bigiq,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/n-nic/new-stack/bigiq/azuredeploy.parameters.json b/supported/standalone/n-nic/new-stack/bigiq/azuredeploy.parameters.json index 76cbc601c7..97318f8218 100644 --- a/supported/standalone/n-nic/new-stack/bigiq/azuredeploy.parameters.json +++ b/supported/standalone/n-nic/new-stack/bigiq/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/n-nic/new-stack/byol/README.md b/supported/standalone/n-nic/new-stack/byol/README.md index 5b1c8d2af7..e35725e835 100644 --- a/supported/standalone/n-nic/new-stack/byol/README.md +++ b/supported/standalone/n-nic/new-stack/byol/README.md @@ -105,7 +105,7 @@ Use the appropriate button below to deploy: - **BYOL** (bring your own license): This allows you to use an existing BIG-IP license. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2Fn-nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2Fn-nic%2Fnew-stack%2Fbyol%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/n-nic/new-stack/byol/azuredeploy.json b/supported/standalone/n-nic/new-stack/byol/azuredeploy.json index db12dff83d..a058c7d939 100644 --- a/supported/standalone/n-nic/new-stack/byol/azuredeploy.json +++ b/supported/standalone/n-nic/new-stack/byol/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -393,14 +393,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -444,7 +444,10 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -554,7 +557,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-new-stack-supported-byol,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-new-stack-supported-byol,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/n-nic/new-stack/byol/azuredeploy.parameters.json b/supported/standalone/n-nic/new-stack/byol/azuredeploy.parameters.json index 8b2f72920b..29c1cdfb1e 100644 --- a/supported/standalone/n-nic/new-stack/byol/azuredeploy.parameters.json +++ b/supported/standalone/n-nic/new-stack/byol/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser" diff --git a/supported/standalone/n-nic/new-stack/payg/README.md b/supported/standalone/n-nic/new-stack/payg/README.md index 5c83391efa..940dcee550 100644 --- a/supported/standalone/n-nic/new-stack/payg/README.md +++ b/supported/standalone/n-nic/new-stack/payg/README.md @@ -103,7 +103,7 @@ Use the appropriate button below to deploy: - **PAYG**: This allows you to use pay-as-you-go hourly billing. - [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.0.3.0%2Fsupported%2Fstandalone%2Fn-nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) + [![Deploy to Azure](http://azuredeploy.net/deploybutton.png)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FF5Networks%2Ff5-azure-arm-templates%2Fv7.1.0.0%2Fsupported%2Fstandalone%2Fn-nic%2Fnew-stack%2Fpayg%2Fazuredeploy.json) ### Template parameters diff --git a/supported/standalone/n-nic/new-stack/payg/azuredeploy.json b/supported/standalone/n-nic/new-stack/payg/azuredeploy.json index b398d7a8a5..e5beabd297 100644 --- a/supported/standalone/n-nic/new-stack/payg/azuredeploy.json +++ b/supported/standalone/n-nic/new-stack/payg/azuredeploy.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", @@ -398,14 +398,14 @@ "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", - "f5CloudLibsTag": "v4.11.0", - "f5CloudLibsAzureTag": "v2.10.0", - "f5NetworksTag": "v7.0.3.0", + "f5CloudLibsTag": "v4.12.0", + "f5CloudLibsAzureTag": "v2.11.0", + "f5NetworksTag": "v7.1.0.0", "f5CloudIappsLoggerTag": "v1.0.0", "f5CloudIappsSdTag": "v2.3.2", "f5AS3Build": "f5-appsvcs-3.5.1-5.noarch.rpm", "f5AS3Tag": "v3.6.0", - "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) e89b19c075e3dd3d35923bf87e924e12c884016901fbafe1a358fa4c3656ead7240e8b2563605b27221d83ddf540defc0a7624a3bdd6ed03a42e4e935d6f724a\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 885551132bff95f26b53a9276c1ca02d90189dec5370447607cb68346cb27441820b6c73473c8ed0aefcbb0b72abbbf897db1f5cdd839e11b293903859984460\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature E6KN03R1bLPG/PTSyH5P3QoKZWz6hHV6j+yN60PhzgjRHUuN/woMp2hlCT7DOwBiwU2FOzwZ95YcpnwLAKUchxK30I4rUysoCfVNsic5jAK+ucIDWPQs8ZovSduMt0FgxCek4BN/1KvNIXKT6ZqPoskB4/vCQXL88kbcoTeNrXsO+P8BEdceb6O/dExqgZGZIUIxBYpHKXMMyi+LbV9hw8zRHVqF2xbgp3mnbWmFLgkSflrrxgCVoSttz4LRbYv/CtFEw+Oq0P3hniO7E10vBfL1kcse79s6E3ScOOvbzwKO6l9WlcxJgdOm0ZcVVXFYcm8dikqTUqaJ60V1utdLIA==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", + "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) adcfa06c18d26c0922ad141ad31b9b621f3e1713a21fb819f0b3b425112964967172710035f97d0fb9dfcded810ae3280f466d4b51bf5a109ae84bc354217061\n set hashes(f5-cloud-libs-aws.tar.gz) 2b934307477faf772e1558ab3636716981215d6b15f2a184750473911d1d38bfbd6a2dc79614b1d1575dce8f3824ed805daa3d9ca48c7e94c6692f03b9e4ed7a\n set hashes(f5-cloud-libs-azure.tar.gz) 3ecd8f373714a74e239f8bf6b251bc212b8aee1c031d3e9c06da304b01ef6a715e0415328f5523bd3a1bea8eeb853b2401b74f904bf88b7abcd48d4584a00dbd\n set hashes(f5-cloud-libs-gce.tar.gz) a5cfaed1fe33da677b3f10dc1a7ca82f5739ff24e45e91b3a8f7b06d6b2e280e5f1eaf5fe2d33009b2cc67c10f2d906aab26f942d591b68fa8a7fddfd54a0efe\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature dUJXjhO2ciYVMlrphc10fqY10LpRpKeEveD7PaxAbPvUkM/Yl4xIPwebyONKEDXV5AdMsqRQ2/NEBE/HJ7Md6D6qwvE2dAd+d7TdklXgoHj1pKDI4HghRbKtj1YpZCIgg0xfcoJlU7sEyHhRYEK53bG//D5aKV5UnvS98OLEuoiKAOm65Ww2FZ1jybPiAa4MM6Ts30tzCCFfE+kwVyJK+PGF8fK5aTujKg6aWzBcVIuxV62bMZvXrTtGRYuaWuw4DyhxgCglnZEiQ4rU19txcVGv0dFdOwxWMiM7RBq1DtWaUqnQJSNqniNyy1JB+DszDrpKnOlrQPwbkq6hld0Fvg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz f5-appsvcs-3.5.1-5.noarch.rpm f5.service_discovery.tmpl f5.cloud_logger.v1.0.0.tmpl\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", @@ -449,7 +449,10 @@ "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "availabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "zoneMappings": "[replace(toLower(string(providers('Microsoft.Compute', 'virtualMachines').zoneMappings)), ' ', '')]", - "zonesAvailable": "[contains(variables('zoneMappings'), concat('\"', variables('location'), '\"'))]", + "southcentralus": "[equals(variables('location'), string('southcentralus'))]", + "southafricanorth": "[equals(variables('location'), string('southafricanorth'))]", + "australiaeast": "[equals(variables('location'), string('australiaeast'))]", + "zonesAvailable": "[and(contains(variables('zoneMappings'), concat('\"', variables('location'), '\"')), not(variables('southcentralus')), not(variables('southafricanorth')), not(variables('australiaeast')))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, @@ -596,7 +599,7 @@ }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", - "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-new-stack-supported-payg,templateVersion:7.0.3.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" + "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_nnic-new-stack-supported-payg,templateVersion:7.1.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:payg,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "osProfiles": { diff --git a/supported/standalone/n-nic/new-stack/payg/azuredeploy.parameters.json b/supported/standalone/n-nic/new-stack/payg/azuredeploy.parameters.json index d4d363f857..eb7c108ffc 100644 --- a/supported/standalone/n-nic/new-stack/payg/azuredeploy.parameters.json +++ b/supported/standalone/n-nic/new-stack/payg/azuredeploy.parameters.json @@ -1,6 +1,6 @@ { "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", - "contentVersion": "7.0.3.0", + "contentVersion": "7.1.0.0", "parameters": { "adminUsername": { "value": "azureuser"