Infrastructure script with event hub, azure container registry and azure container service with Kubernetes

DenisBiondic · DenisBiondic · commit 7ece85022c60 · 2017-07-16T21:31:59.000+02:00
diff --git a/Create-Infrastructure.ps1 b/Create-Infrastructure.ps1
@@ -0,0 +1,56 @@
+#Requires -Version 3.0
+#Requires -Module AzureRM.Resources
+
+Param(
+ [Parameter(Mandatory=$True)]
+ [string]
+ $EnvironmentTag,
+	
+ [string]
+ $ResourceGroupLocation = "North Europe"
+)
+
+# stop the script on first error
+$ErrorActionPreference = 'Stop'
+
+#******************************************************************************
+# Dependencies
+#******************************************************************************
+
+. "DeviceCache.Infrastructure/Common-Functions.ps1"
+
+#******************************************************************************
+# Script body
+#******************************************************************************
+
+$resourceGroupName = "ca-devcache-$EnvironmentTag-rg"
+CreateResourceGroupIfNotPresent -resourceGroupName $ResourceGroupName -resourceGroupLocation $ResourceGroupLocation
+
+$eventHubTemplateFile = [System.IO.Path]::GetFullPath([System.IO.Path]::Combine($PSScriptRoot, "DeviceCache.Infrastructure/EventHub.json"))
+$clusterTemplateFile = [System.IO.Path]::GetFullPath([System.IO.Path]::Combine($PSScriptRoot, "DeviceCache.Infrastructure/Cluster.json"))
+
+$automationKeyVaultName = "ca-automation-$EnvironmentTag"
+$automationKeyVault = Get-AzureRmKeyVault -VaultName $automationKeyVaultName -ErrorAction SilentlyContinue
+
+if (-not $automationKeyVault) {
+    throw "Automation key vault not found. Make sure you run the Create-Prerequisites.ps1 script first."
+}
+
+$clusterManagerId = (Get-AzureKeyVaultSecret -VaultName $automationKeyVaultName -SecretName servicePrincipalId).SecretValueText
+$clusterManagerKey = (Get-AzureKeyVaultSecret -VaultName $automationKeyVaultName -SecretName servicePrincipalPassword).SecretValue
+$sshPublicKey = (Get-AzureKeyVaultSecret -VaultName $automationKeyVaultName -SecretName machineSshPublicKey).SecretValueText
+
+$keyVaultName = "ca-devcache-$EnvironmentTag"
+Create-KeyVault -KeyVaultName $keyVaultName -ResourceGroupName $resourceGroupName -ResourceGroupLocation $ResourceGroupLocation
+
+$eventHubTemplateParameters = New-Object -TypeName Hashtable
+$eventHubTemplateParameters["EnvironmentTag"] = $EnvironmentTag
+
+$clusterTemplateParameters = New-Object -TypeName Hashtable
+$clusterTemplateParameters["EnvironmentTag"] = $EnvironmentTag
+$clusterTemplateParameters["ManagementPrincipalId"] = $clusterManagerId
+$clusterTemplateParameters["ManagementPrincipalKey"] = $clusterManagerKey
+$clusterTemplateParameters["SshPublicKey"] = $sshPublicKey
+
+DeployTemplate -ResourceGroupName $resourceGroupName -TemplateFileFullPath $eventHubTemplateFile -TemplateParameters $eventHubTemplateParameters
+DeployTemplate -ResourceGroupName $resourceGroupName -TemplateFileFullPath $clusterTemplateFile -TemplateParameters $clusterTemplateParameters
diff --git a/DeviceCache.Infrastructure/Cluster.json b/DeviceCache.Infrastructure/Cluster.json
@@ -0,0 +1,131 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "EnvironmentTag": {
+      "type": "string"
+    },
+    "ManagementPrincipalId": {
+      "type": "string"
+    },
+    "ManagementPrincipalKey": {
+      "type": "securestring"
+    },
+    "SshPublicKey": {
+      "type": "string"
+    }
+  },
+  "variables": {
+    "registryImagesStorage": "[concat('cadevcache', parameters('EnvironmentTag'), 'images')]",
+    "registryName": "[concat('cadevcache', parameters('EnvironmentTag'), 'registry')]",
+
+    "linuxVmAdminUser": "coffeepot",
+
+    "orchestratorEngine": "Kubernetes",
+    "masterCount": 1,
+    "minionCount": 5,
+    "minionMachineSize": "Standard_A2",
+    
+    "minionsEndpointDNSNamePrefix": "[concat(parameters('EnvironmentTag'),'minions')]",
+    "mastersEndpointDNSNamePrefix": "[concat(parameters('EnvironmentTag'),'masters')]",
+    "useServicePrincipalDictionary": {
+      "DCOS": 0,
+      "Swarm": 0,
+      "Kubernetes": 1
+    },
+    "useServicePrincipal": "[variables('useServicePrincipalDictionary')[variables('orchestratorEngine')]]",
+    "servicePrincipalFields": [
+      null,
+      {
+        "ClientId": "[parameters('ManagementPrincipalId')]",
+        "Secret": "[parameters('ManagementPrincipalKey')]"
+      }
+    ]
+  },
+  "resources": [
+    {
+      "name": "[variables('registryImagesStorage')]",
+      "type": "Microsoft.Storage/storageAccounts",
+      "location": "[resourceGroup().location]",
+      "apiVersion": "2016-12-01",
+      "tags": {
+        "containerregistry": "[variables('registryName')]",
+        "displayName": "registry images storage"
+      },
+      "sku": {
+        "name": "Standard_LRS"
+      },
+      "kind": "Storage",
+      "properties": {
+        "encryption": {
+          "services": {
+            "blob": {
+              "enabled": true
+            }
+          },
+          "keySource": "Microsoft.Storage"
+        }
+      }
+    },
+    {
+      "name": "[variables('registryName')]",
+      "type": "Microsoft.ContainerRegistry/registries",
+      "location": "[resourceGroup().location]",
+      "tags": {
+        "displayName": "registry"
+      },
+      "apiVersion": "2017-03-01",
+      "sku": {
+        "name": "Basic"
+      },
+      "dependsOn": [
+        "[resourceId('Microsoft.Storage/storageAccounts', variables('registryImagesStorage'))]"
+      ],
+      "properties": {
+        "adminUserEnabled": false,
+        "storageAccount": {
+          "name": "[variables('registryImagesStorage')]",
+          "accessKey": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('registryImagesStorage')), '2016-12-01').keys[0].value]"
+        }
+      }
+    },
+    {
+      "apiVersion": "2016-09-30",
+      "type": "Microsoft.ContainerService/containerServices",
+      "location": "[resourceGroup().location]",
+      "name": "[concat('containerservice-', resourceGroup().name)]",
+      "tags" : {
+        "displayName":  "acs" 
+      },
+      "properties": {
+        "orchestratorProfile": {
+          "orchestratorType": "[variables('orchestratorEngine')]"
+        },
+        "masterProfile": {
+          "count": "[variables('masterCount')]",
+          "dnsPrefix": "[variables('mastersEndpointDNSNamePrefix')]"
+        },
+        "agentPoolProfiles": [
+          {
+            "name": "agentpools",
+            "count": "[variables('minionCount')]",
+            "vmSize": "[variables('minionMachineSize')]",
+            "dnsPrefix": "[variables('minionsEndpointDNSNamePrefix')]"
+          }
+        ],
+        "linuxProfile": {
+          "adminUsername": "[variables('linuxVmAdminUser')]",
+          "ssh": {
+            "publicKeys": [
+              {
+                "keyData": "[parameters('SshPublicKey')]"
+              }
+            ]
+          }
+        },
+        "servicePrincipalProfile": "[variables('servicePrincipalFields')[variables('useServicePrincipal')]]"
+      }
+    }
+  ],
+  "outputs": {}
+}
diff --git a/DeviceCache.Infrastructure/EventHub.json b/DeviceCache.Infrastructure/EventHub.json
@@ -0,0 +1,143 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "EnvironmentTag": {
+      "type": "string"
+    }
+  },
+  "variables": {
+    "keyVaultApiVersion": "2015-06-01",
+    "keyVaultName": "[concat('ca-devcache-', parameters('environmentTag'))]",
+
+    "eventHubApiVersion": "2015-08-01",
+    "namespaceName": "[concat('ca-devcache-', parameters('environmentTag'), '-namespace')]",
+    "eventHubName": "[concat('ca-devcache-', parameters('environmentTag'), '-hub')]",
+    "eventHubSendConnectionStringKeyName": "eventHubSendConnectionString",
+    "eventHubReceiveConnectionStringKeyName": "eventHubReceiveConnectionString",
+    "sendRuleName": "sendRule",
+    "receiveRuleName": "receiveRule", 
+    "sendAuthRuleResourceId": "[resourceId('Microsoft.EventHub/namespaces/eventhubs/authorizationRules', variables('namespaceName'), variables('eventHubName'), variables('sendRuleName'))]",
+    "receiveAuthRuleResourceId": "[resourceId('Microsoft.EventHub/namespaces/eventhubs/authorizationRules', variables('namespaceName'), variables('eventHubName'), variables('receiveRuleName'))]",
+    
+    "storageApiVersion": "2016-01-01",
+    "consumerCoordinationStorage": "[concat('cadevcache', parameters('environmentTag'), 'storage')]",
+    "storageSecretKeyName": "storageConnection"
+  },
+  "resources": [
+    {
+      "apiVersion": "[variables('eventHubApiVersion')]",
+      "name": "[variables('namespaceName')]",
+      "type": "Microsoft.EventHub/Namespaces",
+      "tags": { "displayName": "Event Hub namespace & hub" },
+      "location": "[resourceGroup().location]",
+      "sku": {
+        "name": "Standard",
+        "tier": "Standard",
+        "capacity": 20
+      },
+      "resources": [
+        {
+          "apiVersion": "[variables('eventHubApiVersion')]",
+          "name": "[variables('eventHubName')]",
+          "type": "EventHubs",
+          "dependsOn": [
+            "[concat('Microsoft.EventHub/namespaces/', variables('namespaceName'))]"
+          ],
+          "properties": {
+            "path": "[variables('eventHubName')]",
+            "MessageRetentionInDays": "1",
+            "PartitionCount": 20 
+          },
+          "resources": [
+            {
+              "apiVersion": "[variables('eventHubApiVersion')]",
+              "name": "devcacheConsumers",
+              "type": "ConsumerGroups",
+              "dependsOn": [
+                "[variables('eventHubName')]"
+              ]
+            },
+            {
+              "type": "authorizationRules",
+              "name": "[variables('receiveRuleName')]",
+              "apiVersion": "[variables('eventHubApiVersion')]",
+              "properties": {
+                "rights": [
+                  "Listen"
+                ]
+              },
+              "resources": [],
+              "dependsOn": [
+                "[variables('eventHubName')]"
+              ]
+            },
+            {
+              "type": "authorizationRules",
+              "name": "[variables('sendRuleName')]",
+              "apiVersion": "[variables('eventHubApiVersion')]",
+              "properties": {
+                "rights": [
+                  "Send"
+                ]
+              },
+              "resources": [],
+              "dependsOn": [
+                "[variables('eventHubName')]"
+              ]
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "type": "Microsoft.Storage/storageAccounts",
+      "name": "[variables('consumerCoordinationStorage')]",
+      "tags": { "displayName": "Consumer coordination storage" },
+      "apiVersion": "[variables('storageApiVersion')]",
+      "location": "[resourceGroup().location]",
+      "sku": {
+        "name": "Standard_LRS"
+      },
+      "kind": "Storage",
+      "properties": {}
+    },
+    {
+      "type": "Microsoft.KeyVault/vaults/secrets",
+      "apiVersion": "[variables('keyVaultApiVersion')]",
+      "name": "[concat(variables('keyVaultName'), '/', variables('consumerCoordinationStorage'))]",
+      "tags": { "displayName": "Storage secret entry in key vault" },
+      "properties": {
+        "value": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('consumerCoordinationStorage')), providers('Microsoft.Storage', 'storageAccounts').apiVersions[0]).keys[0].value]"
+      },
+      "dependsOn": [
+        "[concat('Microsoft.Storage/storageAccounts/', variables('consumerCoordinationStorage'))]"
+      ]
+    },
+    {
+      "type": "Microsoft.KeyVault/vaults/secrets",
+      "apiVersion": "[variables('keyVaultApiVersion')]",
+      "name": "[concat(variables('keyVaultName'), '/', variables('eventHubSendConnectionStringKeyName'))]",
+      "tags": { "displayName": "Event hub send connection string secret entry in key vault" },
+      "properties": {
+        "value": "[listkeys(variables('sendAuthRuleResourceId'), variables('eventHubApiVersion')).primaryConnectionString]"
+      },
+      "dependsOn": [
+        "[concat('Microsoft.EventHub/namespaces/', variables('namespaceName'))]"
+      ]
+    },
+    {
+      "type": "Microsoft.KeyVault/vaults/secrets",
+      "apiVersion": "[variables('keyVaultApiVersion')]",
+      "name": "[concat(variables('keyVaultName'), '/', variables('eventHubReceiveConnectionStringKeyName'))]",
+      "tags": { "displayName": "Event hub receive connection string secret entry in key vault" },
+      "properties": {
+        "value": "[listkeys(variables('receiveAuthRuleResourceId'), variables('eventHubApiVersion')).primaryConnectionString]"
+      },
+      "dependsOn": [
+        "[concat('Microsoft.EventHub/namespaces/', variables('namespaceName'))]"
+      ]
+    }
+  ],
+  "outputs": {}
+}
