These are quick starts that support either bash or powershell execution as a building block for automating provsioning of infrastructure into potential solutions.
Prefix can be modified by changing the value in package.json
- my-common
- my-automation
- my-iaas
npm run group
Common Storage is used for diagnostics collection as well as template storage
npm run provision:storage
Upload the templates into the storage container to allow for nested templates.
./scripts/uploadFile.sh my-common templates ./iac-storage/azuredeploy.json deployStorage.json
./scripts/uploadFile.sh my-common templates ./iac-keyvault/azuredeploy.json deployKeyVault.json
./scripts/uploadFile.sh my-common templates ./iac-network/azuredeploy.json deployNetwork.json
./scripts/uploadFile.sh my-common templates ./iac-functions/azuredeploy.json deployFunctions.json
./scripts/uploadFile.sh my-common templates ./iac-automation/azuredeploy.json deployAutomation.json
./scripts/uploadFile.sh my-common templates ./iac-singleVM/azuredeploy.json deploySingleVM.json
./scripts/uploadFile.sh my-common templates ./iac-databaseVM/azuredeploy.json deployDatabaseVM.json
./scripts/uploadFile.sh my-common templates ./iac-publicVM/azuredeploy.json deployPublicVM.json
./scripts/uploadFile.sh my-common templates ./ext-omsMonitor/azuredeploy.json deployOMSExtension.json
./scripts/uploadFile.sh my-common templates ./ext-dscNode/azuredeploy.json deployDSCExtension.json
./scripts/uploadFile.sh my-common templates ./ext-domainJoin/azuredeploy.json deployDomainJoinExtension.json
NOTE: OBSOLETE Move this to powershell execution README
.\scripts\createContainer.ps1 -ResourceGroupName common -ContainerName templates
.\scripts\uploadFile.ps1 -ResourceGroupName common -QuickStart iac-storage -BlobName deployStorage.json
.\scripts\uploadFile.ps1 -ResourceGroupName common -QuickStart iac-keyvault -BlobName deployKeyVault.json
.\scripts\uploadFile.ps1 -ResourceGroupName common -QuickStart iac-network -BlobName deployNetwork.json
.\scripts\uploadFile.ps1 -ResourceGroupName common -QuickStart iac-functions -BlobName deployFunctions.json
.\scripts\uploadFile.ps1 -ResourceGroupName common -QuickStart iac-automation -BlobName deployAutomation.json
.\scripts\uploadFile.ps1 -ResourceGroupName common -QuickStart iac-singleVM -BlobName deploySingleVM.json
.\scripts\uploadFile.ps1 -ResourceGroupName common -QuickStart iac-databaseVM -BlobName deployDatabaseVM.json
.\scripts\uploadFile.ps1 -ResourceGroupName common -QuickStart iac-publicVM -BlobName deployPublicVM.json
.\scripts\uploadFile.ps1 -ResourceGroupName common -QuickStart ext-omsMonitor -BlobName deployOMSExtension.json
.\scripts\uploadFile.ps1 -ResourceGroupName common -QuickStart ext-dscNode -BlobName deployDSCExtension.json
.\scripts\uploadFile.ps1 -ResourceGroupName common -QuickStart ext-domainJoin -BlobName deployDomainJoinExtension.json
Common KeyVault is used to store sensitive information that can be further used in Templates
Required Attribute is a servicePrincipalId used to access keyvault.
az ad user show --upn $(az account show --query user.name -otsv) --query objectId -otsv
npm run provision:keyvault
Load the Common Storage Keys into the Keyvault.
./scripts/loadKeyVault.sh my-common
NOTE: OBSOLETE Move this to powershell execution README
.\scripts\loadKeyVault.ps1 -ResourceGroupName common
Common Network is a 4 Subnet Network
npm run provision:network
Azure Active Directory Domain Services is used for Domain Authentication of Servers. This is a manual step as ADDS for ARM is a relatively new feature and is still in Preview.
In my-common resource group add Azure AD Domain Services. (Requires Admin Access to Azure Active Directory)
Once ADDS is provisioned (about 35 minutes) then you must configure DNS server settings for your virtual network. In your ADDS instance click the configure DNS Servers button and add the two DNS server IP's as Custom DNS Servers in the VNET.
Automation Functions provides a Nested Template for GUID Creations
npm run provision:functions
Automation Accounts use Runbooks and DSC scripts from a storage container. Scripts must be loaded into the storage container prior to installing automation.
npm run sync
Required Attributes are an azure subscription login and password used to create the AzureRunAsAccount. Required Attribute is the default login and password for local machine login to be stored in the KeyVault.
npm run provision:automation
To upload additional DSC Configurations execut the importDscConfig.ps1 script and supply the required attributes.
.\scripts\importDscConfig.ps1 -ResourceGroup my-automation -dscRole DomainController
.\scripts\importDscConfig.ps1 -ResourceGroup my-automation -dscRole SqlServer
Upload the Local Configuration Management file to configure a server to use the Automation Account as its DSC Pull Server.
.\scripts\uploadFile.ps1 -ResourceGroupName my-common -FileName iac-storage -BlobName UpdateLCMforAAPull.zip
Other templates use the OMS Id and the OMS Key. There is not other way to get this information other then manual.
To get the OMS Workspace Id and Key Use the Portal.
- Go to the Microsoft Operations Management Suite
- Connected Sources
- Windows Servers
- Go to the KeyStore in the Common Resource Group and manually create the Secrets
- omsId
- omsKey
JumpServer is deployed with 3 extensions.
- BGInfo
- Diagnostics
- OMS Agent
To get the OMS Workspace Id and Key the portal must be used.
- Go to the Microsoft Operations Management Suite
- Connected Sources
- Windows Servers