diff --git a/deploy/standard/azd-hooks/postprovision.ps1 b/deploy/standard/azd-hooks/postprovision.ps1 index b59b4db945..fdd102b313 100644 --- a/deploy/standard/azd-hooks/postprovision.ps1 +++ b/deploy/standard/azd-hooks/postprovision.ps1 @@ -16,6 +16,46 @@ finally { # Navigate to the script directory so that we can use relative paths. Push-Location $($MyInvocation.InvocationName | Split-Path) try { + # Create VNET peerings + Invoke-AndRequireSuccess "Provision VNET Peering to Hub" { + $peerings = @(az network vnet peering list ` + --resource-group $env:FLLM_NET_RG ` + --vnet-name $env:FOUNDATIONALLM_VNET_NAME) + + if ($peerings.Contains("$($env:FOUNDATIONALLM_VNET_NAME)-to-$($env:FOUNDATIONALLM_HUB_VNET_NAME)")) { + Write-Host "Peering for $($env:FOUNDATIONALLM_VNET_NAME)-to-$($env:FOUNDATIONALLM_HUB_VNET_NAME) exists..." + } else { + az network vnet peering create ` + --name "$($env:FOUNDATIONALLM_VNET_NAME)-to-$($env:FOUNDATIONALLM_HUB_VNET_NAME)" ` + --remote-vnet $env:FOUNDATIONALLM_HUB_VNET_ID ` + --resource-group $env:FLLM_NET_RG ` + --vnet-name $env:FOUNDATIONALLM_VNET_NAME ` + --allow-forwarded-traffic 1 ` + --allow-gateway-transit 0 ` + --allow-vnet-access 1 ` + --use-remote-gateways 1 + } + + $peerings = @(az network vnet peering list ` + --resource-group $env:FOUNDATIONALLM_HUB_RESOURCE_GROUP ` + --vnet-name $env:FOUNDATIONALLM_HUB_VNET_NAME) + + if ($peerings.Contains("$($env:FOUNDATIONALLM_HUB_VNET_NAME)-to-$($env:FOUNDATIONALLM_VNET_NAME)")) { + Write-Host "Peering for $($env:FOUNDATIONALLM_HUB_VNET_NAME)-to-$($env:FOUNDATIONALLM_VNET_NAME) exists..." + } else { + az network vnet peering create ` + --name "$($env:FOUNDATIONALLM_HUB_VNET_NAME)-to-$($env:FOUNDATIONALLM_VNET_NAME)" ` + --remote-vnet $env:FOUNDATIONALLM_VNET_ID ` + --resource-group $env:FOUNDATIONALLM_HUB_RESOURCE_GROUP ` + --vnet-name $env:FOUNDATIONALLM_HUB_VNET_NAME ` + --allow-forwarded-traffic 1 ` + --allow-gateway-transit 1 ` + --allow-vnet-access 1 ` + --use-remote-gateways 0 + } + } + + # Convert the manifest resource groups to a hashtable for easier access $resourceGroup = @{ app = $env:FLLM_APP_RG diff --git a/deploy/standard/infra/app-rg.bicep b/deploy/standard/infra/app-rg.bicep index 11220b1700..706a737260 100644 --- a/deploy/standard/infra/app-rg.bicep +++ b/deploy/standard/infra/app-rg.bicep @@ -58,9 +58,9 @@ var resourceSuffix = '${project}-${environmentName}-${location}-${workload}' @description('Tags for all resources') var tags = { - Environment: environmentName - IaC: 'Bicep' - Project: project + 'azd-env-name': environmentName + 'iac-type': 'bicep' + 'project-name': project Purpose: 'Services' } diff --git a/deploy/standard/infra/auth-rg.bicep b/deploy/standard/infra/auth-rg.bicep index 16eb24477c..dd62c63421 100644 --- a/deploy/standard/infra/auth-rg.bicep +++ b/deploy/standard/infra/auth-rg.bicep @@ -71,9 +71,9 @@ var authSecrets = [ @description('Tags for all resources') var tags = { - Environment: environmentName - IaC: 'Bicep' - Project: project + 'azd-env-name': environmentName + 'iac-type': 'bicep' + 'project-name': project Purpose: 'Services' } diff --git a/deploy/standard/infra/main.bicep b/deploy/standard/infra/main.bicep index 7b7c24757a..705ba4d2d3 100644 --- a/deploy/standard/infra/main.bicep +++ b/deploy/standard/infra/main.bicep @@ -41,7 +41,7 @@ var existingOpenAiInstance = { var tags = { 'compute-type': 'aks' 'create-date': createDate - 'env-name': environmentName + 'azd-env-name': environmentName 'iac-type': 'bicep' 'project-name': project } @@ -245,6 +245,10 @@ output FLLM_MGMT_PORTAL_HOSTNAME string = managementPortalHostname output FLLM_CORE_API_HOSTNAME string = coreApiHostname output FLLM_MGMT_API_HOSTNAME string = managementApiHostname +output FOUNDATIONALLM_VNET_NAME string = networking.outputs.vnetName +output FOUNDATIONALLM_VNET_ID string = networking.outputs.vnetId +output FOUNDATIONALLM_HUB_VNET_NAME string = networking.outputs.hubVnetId + output SERVICE_GATEKEEPER_API_ENDPOINT_URL string = 'http://gatekeeper-api/gatekeeper/' output SERVICE_GATEKEEPER_INTEGRATION_API_ENDPOINT_URL string = 'http://gatekeeper-integration-api/gatekeeperintegration' output SERVICE_GATEWAY_ADAPTER_API_ENDPOINT_URL string = 'http://gateway-adapter-api/gatewayadapter' diff --git a/deploy/standard/infra/networking-rg.bicep b/deploy/standard/infra/networking-rg.bicep index 36b6bae068..c1e6448135 100644 --- a/deploy/standard/infra/networking-rg.bicep +++ b/deploy/standard/infra/networking-rg.bicep @@ -530,9 +530,9 @@ var subnets = [ ] var tags = { - Environment: environmentName - IaC: 'Bicep' - Project: project + 'azd-env-name': environmentName + 'iac-type': 'bicep' + 'project-name': project Purpose: 'Networking' } @@ -606,30 +606,4 @@ resource hub 'Microsoft.Network/virtualNetworks@2024-01-01' existing = { scope: resourceGroup(hubSubscriptionId, hubResourceGroup) } -module srcToDest './modules/vnet-peering.bicep' = { - dependsOn: [ hub ] - name: 'srcToDest-${timestamp}' - scope: resourceGroup() - params: { - vnetName: main.name - destVnetId: hub.id - allowVirtualNetworkAccess: true - allowForwardedTraffic: true - allowGatewayTransit: false - useRemoteGateways: true - } -} - -module destToSrc './modules/vnet-peering.bicep' = { - dependsOn: [ hub ] - name: 'destToSrc-${timestamp}' - scope: resourceGroup(hubSubscriptionId, hubResourceGroup) - params: { - vnetName: hub.name - destVnetId: main.id - allowVirtualNetworkAccess: true - allowForwardedTraffic: true - allowGatewayTransit: true - useRemoteGateways: false - } -} +output hubVnetId string = hub.id diff --git a/deploy/standard/infra/openai-rg.bicep b/deploy/standard/infra/openai-rg.bicep index 9563743a52..4b659ef31e 100644 --- a/deploy/standard/infra/openai-rg.bicep +++ b/deploy/standard/infra/openai-rg.bicep @@ -35,9 +35,9 @@ var openAiInstance = { var deploymentConfigurations = loadJsonContent('../../common/config/openAiDeploymentConfig.json') var tags = { - Environment: environmentName - IaC: 'Bicep' - Project: project + 'azd-env-name': environmentName + 'iac-type': 'bicep' + 'project-name': project Purpose: 'OpenAI' } diff --git a/deploy/standard/infra/ops-rg.bicep b/deploy/standard/infra/ops-rg.bicep index dec0c68bca..579703601e 100644 --- a/deploy/standard/infra/ops-rg.bicep +++ b/deploy/standard/infra/ops-rg.bicep @@ -42,9 +42,9 @@ var resourceSuffix = '${project}-${environmentName}-${location}-${workload}' @description('Tags for all resources') var tags = { - Environment: environmentName - IaC: 'Bicep' - Project: project + 'azd-env-name': environmentName + 'iac-type': 'bicep' + 'project-name': project Purpose: 'DevOps' } diff --git a/deploy/standard/infra/storage-rg.bicep b/deploy/standard/infra/storage-rg.bicep index e7b66f8bb8..5b059b36ad 100644 --- a/deploy/standard/infra/storage-rg.bicep +++ b/deploy/standard/infra/storage-rg.bicep @@ -29,9 +29,9 @@ var resourceSuffix = '${project}-${environmentName}-${location}-${workload}' @description('Tags for all resources') var tags = { - Environment: environmentName - IaC: 'Bicep' - Project: project + 'azd-env-name': environmentName + 'iac-type': 'bicep' + 'project-name': project Purpose: 'Storage' } diff --git a/deploy/standard/infra/vec-rg.bicep b/deploy/standard/infra/vec-rg.bicep index eb70f13607..56c5fea0d2 100644 --- a/deploy/standard/infra/vec-rg.bicep +++ b/deploy/standard/infra/vec-rg.bicep @@ -29,9 +29,9 @@ var resourceSuffix = '${project}-${environmentName}-${location}-${workload}' @description('Tags for all resources') var tags = { - Environment: environmentName - IaC: 'Bicep' - Project: project + 'azd-env-name': environmentName + 'iac-type': 'bicep' + 'project-name': project Purpose: 'Vectorization' }