forked from cloudfoundry/docs-bosh
-
Notifications
You must be signed in to change notification settings - Fork 0
/
azure-cpi.html.md.erb
168 lines (132 loc) · 6.35 KB
/
azure-cpi.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
---
title: Azure CPI
---
This topic describes cloud properties for different resources created by the Azure CPI.
## <a id="networks"></a> Networks
Schema for `cloud_properties` section used by dynamic network or manual network subnet:
* **virtual\_network\_name** [String, required]: Name of a virtual network. Example: `boshnet`.
* **subnet_name** [String, required]: Name of a subnet within virtual network.
* **tcp_endpoints** [Array, optional]: Array of port pairs. Only used with vip networks to expose specific ports.
* **udp_endpoints** [Array, optional]: Array of port pairs. Only used with vip networks to expose specific ports.
See [how to create a virtual network and subnets](azure-resources.html#virtual-network).
Example of manual network:
```yaml
networks:
- name: default
type: manual
subnets:
- range: 10.10.0.0/24
gateway: 10.10.0.1
cloud_properties:
virtual_network_name: boshnet
subnet_name: boshsub
```
See [how to create public IP](azure-resources.html#public-ips) to use with vip networks.
Example of vip network:
```yaml
networks:
- name: public
type: vip
cloud_properties:
tcp_endpoints:
- "22:22"
- "80:80"
udp_endpoints:
- "68:68"
```
---
## <a id="resource-pools"></a> Resource Pools
Schema for `cloud_properties` section:
* **instance_type** [String, required]: Type of the [instance](https://azure.microsoft.com/en-us/pricing/details/virtual-machines/#Linux). Example: `Standard_A2`.
* **storage\_account\_name** [String, optional]: Storage account for VMs. If this is not set, the VMs will be created in the default storage account. See [this document](https://github.com/cloudfoundry-incubator/bosh-azure-cpi-release/blob/master/docs/get-started/deploy-cloudfoundry-for-enterprise.md#multiple-storage-accounts) for more details on why this option exists. If you use a different storage account which must be in the same resource group, please make sure:
1. the permissions for the container 'stemcell' in the default storage account is set to 'Public read access for blobs only'.
1. a table 'stemcells' is created in the default storage account.
1. two containers 'bosh' and 'stemcell' are created in the new storage account.
If you use DS-series or GS-series as instance_type, you should set this to a premium storage account.
See more information about [Azure premium storage](https://azure.microsoft.com/en-us/documentation/articles/storage-premium-storage-preview-portal/). See [avaliable regions](http://azure.microsoft.com/en-us/regions/#services) where you can create premium storage accounts.
* **availability_set** [String, optional]: Name of an availability set to use for VMs. If available set does not exist, it will be automatically created. [More details](https://github.com/cloudfoundry-incubator/bosh-azure-cpi-release/blob/master/docs/get-started/deploy-cloudfoundry-for-enterprise.md#availability-set).
Example of a `Standard_A2` instance:
```yaml
resource_pools:
- name: default
network: default
stemcell:
name: bosh-azure-hyperv-ubuntu-trusty-go_agent
version: latest
cloud_properties:
instance_type: Standard_A2
```
---
## <a id="disk-pools"></a> Disk Pools
Currently the CPI does not support any cloud properties for networks.
Example of 10GB disk:
```yaml
disk_pools:
- name: default
disk_size: 10_240
```
---
## <a id="global"></a> Global Configuration
The CPI can only use single resource group.
Schema:
* **environment** [String, required]: Azure environment name. Possible values are: `AzureCloud` and `AzureChinaCloud`.
* **subscription_id** [String, required]: Subscription ID.
* **tenant_id** [String, required]: Tenant ID of the service principal.
* **client_id** [String, required]: Client ID of the service principal.
* **client_secret** [String, required]: Client secret of the service principal.
* **resource\_group\_name** [String, required]: Resource group name.
* **storage\_account\_name** [String, required]: Storage account name. It will be used as a default storage account for VM disks and stemcells.
* **ssh_user** [String, required]: SSH username. Default: `vcap`.
* **ssh_certificate** [String, required]: SSH certificate.
See [all configuration options](https://bosh.io/jobs/cpi?source=github.com/cloudfoundry-incubator/bosh-azure-cpi-release).
See [Creating Azure resources](azure-resources.html) page for more details on how to create and configure above resources.
Example with hard-coded credentials:
```yaml
properties:
azure: &azure
environment: AzureCloud
subscription_id: 3c39a033-c306-4615-a4cb-260418d63879
tenant_id: 0412d4fa-43d2-414b-b392-25d5ca46561da
client_id: 33e56099-0bde-8z93-a005-89c0f6df7465
client_secret: client-secret
resource_group_name: bosh-res-group
storage_account_name: boshstore
storage_access_key: "+o9EVnno8ja5OzQim6...fQkVGbvoQmazl+Nlg=="
ssh_user: vcap
ssh_certificate: |
-----BEGIN CERTIFICATE-----
MIIDXTCCAkWgAwIBAgIJAPZyC7JqbUo4MA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV
...
QAoeQbGmV50ZQk/VsgmFMBoFXntIs5EKkjO6fL4MsD9QtSkiHMkqwIQ20+NNqp3j
-----END CERTIFICATE-----
```
---
## <a id="errors"></a> Errors
```
http_get_response - get_token - http error: 400
```
Service principal is most likely invalid. Verify that client ID, client secret and tenant ID successfully work:
<pre class="terminal">
$ azure login --username client-id --password client-secret --service-principal --tenant tenant-id
</pre>
```
http_put - error: 409 message: {
"error": {
"code": "OperationNotAllowed",
"message": "Operation results in exceeding quota limits of Core. Maximum allowed: 4, Current in use: 4, Additional requested: 1."
}
}
```
Either upgrade your trial account, or file a support ticket in the Azure portal to raise account quotas.
```
http_delete - error: 400 message: {
"error": {
"code": "NicInUse",
"message": "Network Interface /.../networkInterfaces/dc0d3a9a-0b00-40d8-830d-41e6f4ac9809 is used by existing VM /.../virtualMachines/dc0d3a9a-0b00-40d8-830d-41e6f4ac9809.",
"details": []
}
}
```
This error indicates that unknown VM (to the Director) took up the IP that the Director is trying to assign to a new VM. Either let the Director know to not use this IP by including it in the reserved section of a subnet in your manual network, or make that IP available by terminating the unknown VM.
---
[Back to Table of Contents](index.html#cpi-config)