From 4c52f2b27a7ae0c6f1a2997379540f2e49be9104 Mon Sep 17 00:00:00 2001 From: Nicolas Oman Date: Tue, 24 Nov 2020 15:12:58 -0800 Subject: [PATCH 1/2] Added 1-NT managed cluster with MI template --- SF-Managed-Standard-SKU-1-NT-MI/README.md | 20 +++ .../azuredeploy.json | 165 ++++++++++++++++++ SF-Managed-Standard-SKU-1-NT-MI/metadata.json | 11 ++ 3 files changed, 196 insertions(+) create mode 100644 SF-Managed-Standard-SKU-1-NT-MI/README.md create mode 100644 SF-Managed-Standard-SKU-1-NT-MI/azuredeploy.json create mode 100644 SF-Managed-Standard-SKU-1-NT-MI/metadata.json diff --git a/SF-Managed-Standard-SKU-1-NT-MI/README.md b/SF-Managed-Standard-SKU-1-NT-MI/README.md new file mode 100644 index 0000000..eea49eb --- /dev/null +++ b/SF-Managed-Standard-SKU-1-NT-MI/README.md @@ -0,0 +1,20 @@ +# Standard SKU Service Fabric managed cluster, 1 node type + + + + + + + + +This template allows you to deploy a Service Fabric managed cluster using the *Standard* SKU. This cluster contains a single node type running *Windows Server 2019 Datacenter* on a *Standard_D2_v2* size virtual machine scale set with a user-assigned managed identity. + +## Resources + +For more info, see: + +- [Service Fabric managed cluster quickstart](https://docs.microsoft.com/azure/service-fabric/how-to-managed-identity-managed-cluster-vmss) for a walkthrough of the ARM template. + +- [Service Fabric managed cluster overview](https://docs.microsoft.com/azure/service-fabric/overview-managed-cluster) for more details on cluster SKUs. + +- [Service Fabric managed cluster template format](https://docs.microsoft.com/azure/templates/microsoft.servicefabric/2020-01-01-preview/managedclusters) for more details on modifying this ARM template to meet your requirements. diff --git a/SF-Managed-Standard-SKU-1-NT-MI/azuredeploy.json b/SF-Managed-Standard-SKU-1-NT-MI/azuredeploy.json new file mode 100644 index 0000000..c147157 --- /dev/null +++ b/SF-Managed-Standard-SKU-1-NT-MI/azuredeploy.json @@ -0,0 +1,165 @@ +{ + "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", + "contentVersion": "1.0.0.0", + "parameters": { + "clusterName": { + "type": "string", + "minLength": 4, + "maxLength": 23, + "metadata": { + "description": "Name of your cluster - Between 3 and 23 characters. Letters and numbers only" + } + }, + "clusterSku": { + "type": "string", + "allowedValues": [ + "Basic", + "Standard" + ], + "defaultValue": "Standard" + }, + "adminUserName": { + "type": "string", + "defaultValue": "vmadmin" + }, + "adminPassword": { + "type": "securestring" + }, + "clientCertificateThumbprint": { + "type": "string" + }, + "nodeTypeName": { + "type": "string", + "maxLength": 9, + "defaultValue": "NT1" + }, + "vmImagePublisher": { + "type": "string", + "defaultValue": "MicrosoftWindowsServer" + }, + "vmImageOffer": { + "type": "string", + "defaultValue": "WindowsServer" + }, + "vmImageSku": { + "type": "string", + "defaultValue": "2019-Datacenter" + }, + "vmImageVersion": { + "type": "string", + "defaultValue": "latest" + }, + "vmSize": { + "type": "string", + "defaultValue": "Standard_D2_v2" + }, + "vmInstanceCount": { + "type": "int", + "defaultValue": 5 + }, + "dataDiskSizeGB": { + "type": "int", + "defaultValue": 120 + }, + "userAssignedIdentityName": { + "defaultValue": "SFMC-id", + "type": "String" + }, + "vmIdentityRoleNameGuid": { + "defaultValue": "[newGuid()]", + "type": "String" + } + }, + "variables": { + "sfApiVersion": "2020-01-01-preview" + }, + "resources": [ + { + "apiVersion": "[variables('sfApiVersion')]", + "type": "Microsoft.ServiceFabric/managedclusters", + "name": "[parameters('clusterName')]", + "location": "[resourcegroup().location]", + "sku": { + "name" : "[parameters('clusterSku')]" + }, + "properties": { + "dnsName": "[toLower(parameters('clusterName'))]", + "adminUserName": "[parameters('adminUserName')]", + "adminPassword": "[parameters('adminPassword')]", + "clientConnectionPort": 19000, + "httpGatewayConnectionPort": 19080, + "clients" : [ + { + "isAdmin" : true, + "thumbprint" : "[parameters('clientCertificateThumbprint')]" + } + ], + "loadBalancingRules": [ + { + "frontendPort": 8080, + "backendPort": 8080, + "protocol": "tcp", + "probeProtocol": "tcp" + } + ] + } + }, + { + "type": "Microsoft.ManagedIdentity/userAssignedIdentities", + "name": "[parameters('userAssignedIdentityName')]", + "apiVersion": "2018-11-30", + "location": "[resourceGroup().location]" + }, + { + "type": "Microsoft.Authorization/roleAssignments", +  "apiVersion": "2020-04-01-preview", + "name": "[parameters('vmIdentityRoleNameGuid')]", + "scope": "[concat('Microsoft.ManagedIdentity/userAssignedIdentities', '/', parameters('userAssignedIdentityName'))]", + "dependsOn": [ + "[concat('Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('userAssignedIdentityName'))]" + ], + "properties": { + "roleDefinitionId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/', 'f1a07417-d97a-45cb-824c-7a7467783830')]", + "principalId": "fbc587f2-66f5-4459-a027-bcd908b9d278" +             } +         }, + { + "apiVersion": "[variables('sfApiVersion')]", + "type": "Microsoft.ServiceFabric/managedclusters/nodetypes", + "name": "[concat(parameters('clusterName'), '/', parameters('nodeTypeName'))]", + "location": "[resourcegroup().location]", + "dependsOn": [ + "[concat('Microsoft.ServiceFabric/managedclusters/', parameters('clusterName'))]" + ], + "properties": { + "isPrimary": true, + "vmImagePublisher": "[parameters('vmImagePublisher')]", + "vmImageOffer": "[parameters('vmImageOffer')]", + "vmImageSku": "[parameters('vmImageSku')]", + "vmImageVersion": "[parameters('vmImageVersion')]", + "vmSize": "[parameters('vmSize')]", + "vmInstanceCount": "[parameters('vmInstanceCount')]", + "dataDiskSizeGB": "[parameters('dataDiskSizeGB')]", + "vmManagedIdentity": { + "userAssignedIdentities": [ + "[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', parameters('userAssignedIdentityName'))]" + ] + } + } + } + ], + "outputs": { + "serviceFabricExplorer": { + "value": "[concat('https://', reference(parameters('clusterName')).fqdn, ':', reference(parameters('clusterName')).httpGatewayConnectionPort)]", + "type": "string" + }, + "clientConnectionEndpoint": { + "value": "[concat(reference(parameters('clusterName')).fqdn, ':', reference(parameters('clusterName')).clientConnectionPort)]", + "type": "string" + }, + "clusterProperties": { + "value": "[reference(parameters('clusterName'))]", + "type": "object" + } + } +} \ No newline at end of file diff --git a/SF-Managed-Standard-SKU-1-NT-MI/metadata.json b/SF-Managed-Standard-SKU-1-NT-MI/metadata.json new file mode 100644 index 0000000..947b7a9 --- /dev/null +++ b/SF-Managed-Standard-SKU-1-NT-MI/metadata.json @@ -0,0 +1,11 @@ +{ + "$schema": "https://aka.ms/azure-quickstart-templates-metadata-schema#", + "type": "QuickStart", + "itemDisplayName": "Deploy a Standard SKU Service Fabric managed cluster with a managed identity", + "description": "This template takes a minimum set of parameters and deploys a Standard SKU Service Fabric managed cluster with 1 node type and a managed identity.", + "summary": "This template takes a minimum set of parameters and deploys a Standard SKU Service Fabric managed cluster with 1 node type and a managed identity.", + "githubUsername": "nickomang", + "dateUpdated": "2020-11-24" +} + + From 1f3b48e90cf4ba4441ea7daed30270ff31b7f4bf Mon Sep 17 00:00:00 2001 From: Nicolas Oman Date: Tue, 24 Nov 2020 15:16:54 -0800 Subject: [PATCH 2/2] updated README --- SF-Managed-Standard-SKU-1-NT-MI/README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/SF-Managed-Standard-SKU-1-NT-MI/README.md b/SF-Managed-Standard-SKU-1-NT-MI/README.md index eea49eb..3aa0cb8 100644 --- a/SF-Managed-Standard-SKU-1-NT-MI/README.md +++ b/SF-Managed-Standard-SKU-1-NT-MI/README.md @@ -13,7 +13,9 @@ This template allows you to deploy a Service Fabric managed cluster using the *S For more info, see: -- [Service Fabric managed cluster quickstart](https://docs.microsoft.com/azure/service-fabric/how-to-managed-identity-managed-cluster-vmss) for a walkthrough of the ARM template. +- [Service Fabric managed cluster quickstart](https://docs.microsoft.com/azure/service-fabric/quickstart-managed-cluster-template) for a walkthrough of the base ARM template without a managed identity added. + +- [How to add a managed identity to a managed cluster node type](https://docs.microsoft.com/azure/service-fabric/how-to-managed-identity-managed-cluster-vmss) for discussion of this template and steps to add a managed identity to a node type on a Service Fabric managed cluster. - [Service Fabric managed cluster overview](https://docs.microsoft.com/azure/service-fabric/overview-managed-cluster) for more details on cluster SKUs.