Skip to content

Commit

Permalink
Azure Templates | Internal Alignments
Browse files Browse the repository at this point in the history
* Azure HA Custom data improvement
* VM API Version updates
* Maintenance Mode & Serial Console Passwords support
  • Loading branch information
chkp-yairra authored Sep 21, 2023
1 parent 360cc83 commit 9ba3588
Show file tree
Hide file tree
Showing 4 changed files with 72 additions and 68 deletions.
18 changes: 11 additions & 7 deletions azure/templates/marketplace-ha/mainTemplate.json
Original file line number Diff line number Diff line change
Expand Up @@ -395,7 +395,6 @@
"storageAccountType": "Standard_LRS",
"diskSize100GB": 100,
"diskSizeGB": "[add(parameters('additionalDiskSizeGB'), variables('diskSize100GB'))]",
"customData": "[concat('#!/usr/bin/python3 /etc/cloud_config.py\n', '\n', 'installationType=\"', variables('installationType'), '\"', '\n', 'allowUploadDownload=\"', variables('allowUploadDownload'), '\"', '\n', 'osVersion=\"', variables('osVersion'), '\"', '\n', 'templateName=\"', variables('templateName'), '\"', '\n', 'isBlink=\"', variables('isBlink'), '\"', '\n', 'templateVersion=\"', variables('templateVersion'), '\"', '\n', 'bootstrapScript64=\"', variables('bootstrapScript64'), '\"', '\n', 'location=\"', variables('location'), '\"', '\n', 'sicKey=\"', variables('sicKey'), '\"', '\n', 'location=\"', variables('location'), '\"', '\n', 'tenantId=\"', subscription().tenantId, '\"', '\n', 'virtualNetwork=\"', parameters('virtualNetworkName'), '\"', '\n', 'clusterName=\"', parameters('vmName'), '\"', '\n', 'customMetrics=\"', variables('customMetrics'), '\"', '\n', 'adminShell=\"', parameters('adminShell'), '\"', '\n', 'MaintenanceModePassword=\"', parameters('MaintenanceModePasswordHash'), '\"', '\n', 'passwordHash=\"', parameters('SerialConsolePasswordHash'), '\"', '\n')]",
"imageOffer": "[concat('check-point-cg-', toLower(variables('osVersion')))]",
"imagePublisher": "checkpoint",
"imageReferenceBYOL": {
Expand Down Expand Up @@ -628,6 +627,11 @@
"privateIPAddress": "[variables('externalPrivateAddresses')[add(copyIndex('VipsInformation'), 3)]]",
"publicIPAddress": "[variables('Vip_Names')[copyIndex('VipsInformation')]]"
}
},
{
"name": "customData",
"count": "[variables('count')]",
"input": "[concat('#!/usr/bin/python3 /etc/cloud_config.py\n', '\n', 'installationType=\"', variables('installationType'), '\"', '\n', 'allowUploadDownload=\"', variables('allowUploadDownload'), '\"', '\n', 'osVersion=\"', variables('osVersion'), '\"', '\n', 'templateName=\"', variables('templateName'), '\"', '\n', 'isBlink=\"', variables('isBlink'), '\"', '\n', 'templateVersion=\"', variables('templateVersion'), '\"', '\n', 'bootstrapScript64=\"', variables('bootstrapScript64'), '\"', '\n', 'location=\"', variables('location'), '\"', '\n', 'sicKey=\"', variables('sicKey'), '\"', '\n', 'location=\"', variables('location'), '\"', '\n', 'tenantId=\"', subscription().tenantId, '\"', '\n', 'virtualNetwork=\"', parameters('virtualNetworkName'), '\"', '\n', 'clusterName=\"', parameters('vmName'), '\"', '\n', 'customMetrics=\"', variables('customMetrics'), '\"', '\n', 'adminShell=\"', parameters('adminShell'), '\"', '\n', '\n','smart1CloudToken=\"', variables('tokens')[copyIndex('customData')], '\"', '\n', 'Vips=\"', string(variables('VipsInformationForCloudConfig')), '\"', '\n','externalPrivateAddresses=\"', variables('externalPrivateAddresses')[2], '\"', '\n', 'MaintenanceModePassword=\"', parameters('MaintenanceModePasswordHash'), '\"', '\n', 'passwordHash=\"', parameters('SerialConsolePasswordHash'), '\"', '\n')]"
}
],
"DefaultVipInformation": [
Expand Down Expand Up @@ -987,7 +991,7 @@
},
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2021-07-01",
"apiVersion": "2022-11-01",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]",
"[resourceId('Microsoft.Compute/availabilitySets', variables('availabilitySetName'))]",
Expand All @@ -1005,7 +1009,7 @@
"plan": "[if(equals(parameters('sourceImageVhdUri'),'noCustomUri'), variables('plan'), json('null'))]",
"identity": "[if(equals(parameters('managedSystemAssigned'), 'yes'), variables('identity'), json('null'))]",
"properties": {
"UserData": "[base64(concat(variables('customData'), '\n','smart1CloudToken=\"', variables('tokens')[copyIndex()], '\"', '\n', 'Vips=\"', string(variables('VipsInformationForCloudConfig')), '\"', '\n','externalPrivateAddresses=\"', variables('externalPrivateAddresses')[2], '\"', '\n', 'vnet=\"', if(equals(parameters('vnetNewOrExisting'), 'new'), reference('networkNewSetup').outputs.vnetAddressPrefixes.value[0], reference('networkExistingSetup').outputs.vnetAddressPrefixes.value[0]), '\"', '\n' ))]",
"UserData": "[base64(concat(variables('customData')[copyIndex()], 'vnet=\"', if(equals(parameters('vnetNewOrExisting'), 'new'), reference('networkNewSetup').outputs.vnetAddressPrefixes.value[0], reference('networkExistingSetup').outputs.vnetAddressPrefixes.value[0]), '\"', '\n'))]",
"availabilitySet": "[if(not(variables('useAZ')), variables('availabilitySetProperty'), json('null'))]",
"diagnosticsProfile": {
"bootDiagnostics": {
Expand Down Expand Up @@ -1036,7 +1040,7 @@
"adminPassword": "[parameters('adminPassword')]",
"adminUsername": "[concat('not','used')]",
"computername": "[concat(toLower(parameters('vmName')), copyIndex(1))]",
"customData": "[base64(concat(variables('customData'), '\n', 'smart1CloudToken=\"', variables('tokens')[copyIndex()], '\"', '\n','Vips=\"', string(variables('VipsInformationForCloudConfig')), '\"', '\n','externalPrivateAddresses=\"', variables('externalPrivateAddresses')[2], '\"', '\n', 'vnet=\"', if(equals(parameters('vnetNewOrExisting'), 'new'), reference('networkNewSetup').outputs.vnetAddressPrefixes.value[0], reference('networkExistingSetup').outputs.vnetAddressPrefixes.value[0]), '\"', '\n' ))]",
"customData": "[base64(concat(variables('customData')[copyIndex()], 'vnet=\"', if(equals(parameters('vnetNewOrExisting'), 'new'), reference('networkNewSetup').outputs.vnetAddressPrefixes.value[0], reference('networkExistingSetup').outputs.vnetAddressPrefixes.value[0]), '\"', '\n'))]",
"linuxConfiguration": "[variables('linuxConfiguration')]"
},
"storageProfile": {
Expand Down Expand Up @@ -1113,7 +1117,7 @@
"properties": {
"roleDefinitionId": "[variables('roleDefinitionId')]",
"scope": "[resourceGroup().id]",
"principalId": "[reference(resourceId('Microsoft.Compute/virtualMachines/', concat(parameters('vmName'), copyIndex(1))), '2021-07-01', 'Full').identity.principalId]"
"principalId": "[reference(resourceId('Microsoft.Compute/virtualMachines/', concat(parameters('vmName'), copyIndex(1))), '2022-11-01', 'Full').identity.principalId]"
},
"tags": "[ if(contains(parameters('tagsByResource'), 'Microsoft.Authorization/roleAssignments'), parameters('tagsByResource')['Microsoft.Authorization/roleAssignments'], json('{}')) ]"
},
Expand Down Expand Up @@ -1142,10 +1146,10 @@
"value": "[variables('roleDefinitionId')]"
},
"principalId1": {
"value": "[reference(resourceId('Microsoft.Compute/virtualMachines/', concat(parameters('vmName'), '1')), '2021-07-01', 'Full').identity.principalId]"
"value": "[reference(resourceId('Microsoft.Compute/virtualMachines/', concat(parameters('vmName'), '1')), '2022-11-01', 'Full').identity.principalId]"
},
"principalId2": {
"value": "[reference(resourceId('Microsoft.Compute/virtualMachines/', concat(parameters('vmName'), '2')), '2021-07-01', 'Full').identity.principalId]"
"value": "[reference(resourceId('Microsoft.Compute/virtualMachines/', concat(parameters('vmName'), '2')), '2022-11-01', 'Full').identity.principalId]"
}
}
}
Expand Down
114 changes: 57 additions & 57 deletions azure/templates/marketplace-mds/createUiDefinition.json
Original file line number Diff line number Diff line change
Expand Up @@ -242,63 +242,6 @@
]
}
},
{
"name": "adminShell",
"type": "Microsoft.Common.DropDown",
"label": "Default shell for the admin user",
"defaultValue": "/etc/cli.sh",
"toolTip": "The default shell for the admin user",
"constraints": {
"allowedValues": [
{
"label": "/etc/cli.sh",
"value": "/etc/cli.sh"
},
{
"label": "/bin/bash",
"value": "/bin/bash"
},
{
"label": "/bin/csh",
"value": "/bin/csh"
},
{
"label": "/bin/tcsh",
"value": "/bin/tcsh"
}
]
}
},
{
"name": "managementGUIClientNetwork",
"type": "Microsoft.Common.TextBox",
"label": "Allowed GUI clients",
"toolTip": "GUI clients network CIDR",
"constraints": {
"required": true,
"regex": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$",
"validationMessage": "Enter a valid IPv4 network CIDR"
},
"visible": true
},
{
"name": "sicKeyUi",
"type": "Microsoft.Common.PasswordBox",
"label": {
"password": "SIC key",
"confirmPassword": "Confirm SIC key"
},
"toolTip": "Set the Secure Internal Communication one time secret used to set up trust between the primary and secondary servers. SIC key must be provided if installing a secondary Multi-Domain Server.",
"constraints": {
"required": true,
"regex": "^[a-z0-9A-Z]{12,30}$",
"validationMessage": "Only alphanumeric characters are allowed, and the value must be 12-30 characters long."
},
"options": {
"hideConfirmation": false
},
"visible": "[not(equals(steps('chkp').installationType, 'mds-primary'))]"
},
{
"name": "SerialPasswordInfoBox",
"type": "Microsoft.Common.InfoBox",
Expand Down Expand Up @@ -393,6 +336,63 @@
"hideConfirmation": false
}
},
{
"name": "adminShell",
"type": "Microsoft.Common.DropDown",
"label": "Default shell for the admin user",
"defaultValue": "/etc/cli.sh",
"toolTip": "The default shell for the admin user",
"constraints": {
"allowedValues": [
{
"label": "/etc/cli.sh",
"value": "/etc/cli.sh"
},
{
"label": "/bin/bash",
"value": "/bin/bash"
},
{
"label": "/bin/csh",
"value": "/bin/csh"
},
{
"label": "/bin/tcsh",
"value": "/bin/tcsh"
}
]
}
},
{
"name": "managementGUIClientNetwork",
"type": "Microsoft.Common.TextBox",
"label": "Allowed GUI clients",
"toolTip": "GUI clients network CIDR",
"constraints": {
"required": true,
"regex": "(^0\\.0\\.0\\.0\\/0$)|(^(?!0\\.0\\.0\\.0$)(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/32)?$)",
"validationMessage": "Enter a valid IPv4 network CIDR (only 0.0.0.0/0, X.X.X.X/32 or X.X.X.X are acceptable)"
},
"visible": true
},
{
"name": "sicKeyUi",
"type": "Microsoft.Common.PasswordBox",
"label": {
"password": "SIC key",
"confirmPassword": "Confirm SIC key"
},
"toolTip": "Set the Secure Internal Communication one time secret used to set up trust between the primary and secondary servers. SIC key must be provided if installing a secondary Multi-Domain Server.",
"constraints": {
"required": true,
"regex": "^[a-z0-9A-Z]{12,30}$",
"validationMessage": "Only alphanumeric characters are allowed, and the value must be 12-30 characters long."
},
"options": {
"hideConfirmation": false
},
"visible": "[not(equals(steps('chkp').installationType, 'mds-primary'))]"
},
{
"name": "bootstrapScript",
"type": "Microsoft.Common.FileUpload",
Expand Down
6 changes: 3 additions & 3 deletions azure/templates/marketplace-single/createUiDefinition.json
Original file line number Diff line number Diff line change
Expand Up @@ -1825,6 +1825,8 @@
"location": "[location()]",
"cloudGuardVersion": "[concat(steps('chkp').cloudGuardVersion, ' - ', coalesce(steps('chkp').R80Offer, 'Bring Your Own License'))]",
"adminPassword": "[basics('auth').password]",
"SerialConsolePasswordHash": "[steps('chkp').AdditionalPassword]",
"MaintenanceModePasswordHash": "[steps('chkp').MaintenanceModePassword]",
"authenticationType": "[basics('auth').authenticationType]",
"sshPublicKey": "[basics('auth').sshPublicKey]",
"vmName": "[basics('gatewayNameUi')]",
Expand Down Expand Up @@ -1853,9 +1855,7 @@
"tagsByResource": "[steps('tags').tagsByResource]",
"deployNewNSG": "[steps('network').NSG]",
"ExistingNSG": "[steps('network').nsgSelector]",
"NewNsgName": "[steps('network').NSGName]",
"SerialConsolePasswordHash": "[steps('chkp').AdditionalPassword]",
"MaintenanceModePasswordHash": "[steps('chkp').MaintenanceModePassword]"
"NewNsgName": "[steps('network').NSGName]"
}
}
}
2 changes: 1 addition & 1 deletion azure/templates/marketplace-vmss/createUiDefinition.json
Original file line number Diff line number Diff line change
Expand Up @@ -548,7 +548,7 @@
"type": "Microsoft.Common.OptionsGroup",
"label": "Use Remote Access VPN",
"defaultValue": "No",
"toolTip": "Use Remote Access VPN functionality.",
"toolTip": "Use Remote Access VPN functionality. Remote Access VPN is supported from R80.40 Management Server or Multi-Domain Management Server until R81.10, and from R80.40 Gateway version until R81.10.",
"constraints": {
"allowedValues": [
{
Expand Down

0 comments on commit 9ba3588

Please sign in to comment.