{ "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", "contentVersion": "10.3.0.0", "parameters": { "adminUsername": { "defaultValue": "azureuser", "metadata": { "description": "User name for the Virtual Machine." }, "type": "string" }, "authenticationType": { "allowedValues": [ "password", "sshPublicKey" ], "defaultValue": "password", "metadata": { "description": "Type of authentication to use on the Virtual Machine, password based authentication or key based authentication." }, "type": "string" }, "adminPasswordOrKey": { "metadata": { "description": "Password or SSH public key to login to the Virtual Machine. Note: There are a number of special characters that you should avoid using for F5 product user accounts. See [K2873](https://support.f5.com/csp/article/K2873) for details. Note: If using key-based authentication, this should be the public key as a string, typically starting with **---- BEGIN SSH2 PUBLIC KEY ----** and ending with **---- END SSH2 PUBLIC KEY ----**." }, "type": "securestring" }, "dnsLabel": { "metadata": { "description": "Unique DNS Name for the Public IP address used to access the Virtual Machine." }, "type": "string" }, "instanceName": { "defaultValue": "f5vm01", "metadata": { "description": "Name of the Virtual Machine." }, "type": "string" }, "numberOfExternalIps": { "allowedValues": [ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20 ], "defaultValue": 1, "metadata": { "description": "The number of public/private IP addresses you want to deploy for the application traffic (external) NIC on the BIG-IP VE to be used for virtual servers." }, "type": "int" }, "instanceType": { "defaultValue": "Standard_D8s_v4", "metadata": { "description": "Instance size of the Virtual Machine." }, "type": "string" }, "imageName": { "allowedValues": [ "LTMOneBootLocation", "LTMTwoBootLocations", "AllOneBootLocation", "AllTwoBootLocations" ], "defaultValue": "AllTwoBootLocations", "metadata": { "description": "F5 SKU (image) you want to deploy. Note: The disk size of the VM will be determined based on the option you select. **Important**: If intending to provision multiple modules, ensure the appropriate value is selected, such as ****AllTwoBootLocations or AllOneBootLocation****." }, "type": "string" }, "bigIpVersion": { "defaultValue": "16.1.303000", "metadata": { "description": "F5 BIG-IP version you want to use." }, "type": "string" }, "bigIpModules": { "defaultValue": "ltm:nominal", "metadata": { "description": "Comma separated list of modules and levels to provision, for example, ltm:nominal,asm:nominal" }, "type": "string" }, "licenseKey1": { "defaultValue": "", "metadata": { "description": "The license token for the F5 BIG-IP VE (BYOL)." }, "type": "string" }, "vnetName": { "metadata": { "description": "The name of the existing virtual network to which you want to connect the BIG-IP VEs." }, "type": "string" }, "vnetResourceGroupName": { "metadata": { "description": "The name of the resource group that contains the Virtual Network where the BIG-IP VE will be placed." }, "type": "string" }, "mgmtSubnetName": { "metadata": { "description": "Name of the existing mgmt subnet - with external access to the Internet. **Important**: The subnet you provide for the mgmt NIC **must** be unique." }, "type": "string" }, "mgmtIpAddress": { "defaultValue": "DYNAMIC", "metadata": { "description": "MGMT subnet IP Address to use for the BIG-IP management IP address. Leave the default DYNAMIC to use a dynamically assigned IP address." }, "type": "string" }, "externalSubnetName": { "metadata": { "description": "Name of the existing external subnet - with external access to Internet. **Important**: The subnet you provide for the external NIC **must** be unique." }, "type": "string" }, "externalIpAddressRangeStart": { "defaultValue": "DYNAMIC", "metadata": { "description": "The static private IP address you want to assign to the first external Azure public IP (for self IP). An additional private IP address will be assigned for each public IP address you specified in **numberOfExternalIps**. For example, entering 10.100.1.50 here and choosing 2 in numberOfExternalIps would result in 10.100.1.50 (self IP), 10.100.1.51 and 10.100.1.52 being configured as static private IP addresses for external virtual servers. Leave the default DYNAMIC to use a dynamically assigned IP address." }, "type": "string" }, "internalSubnetName": { "metadata": { "description": "Name of the existing internal subnet. **Important**: The subnet you provide for the internal NIC **must** be unique." }, "type": "string" }, "internalIpAddress": { "defaultValue": "DYNAMIC", "metadata": { "description": "Internal subnet IP address you want to use for the BIG-IP internal self IP address. Leave the default DYNAMIC to use a dynamically assigned IP address." }, "type": "string" }, "avSetChoice": { "defaultValue": "CREATE_NEW", "metadata": { "description": "If you want the VM placed in a new Azure Availability Set, leave the default value of **CREATE_NEW**, otherwise specify the name of the existing Availability Set you want to use. Note: If you are using an existing AV Set, this deployment must be in the same Azure Resource Group as the AV Set." }, "type": "string" }, "zoneChoice": { "defaultValue": "1", "metadata": { "description": "If you want the VM placed in an Azure Availability Zone, and the Azure region you are deploying to supports it, specify the number of the existing Availability Zone you want to use." }, "allowedValues": [ "1", "2", "3" ], "type": "string" }, "provisionPublicIP": { "allowedValues": [ "Yes", "No" ], "defaultValue": "Yes", "metadata": { "description": "Provision Public IP addresses for BIG-IP Management traffic. These addresses will be configured directly on the Azure network interfaces." }, "type": "string" }, "declarationUrl": { "defaultValue": "NOT_SPECIFIED", "metadata": { "description": "URL for the AS3 (https://clouddocs.f5.com/products/extensions/f5-appsvcs-extension/latest/) declaration JSON file to be deployed. Leave as **NOT_SPECIFIED** to deploy without a service configuration." }, "type": "string" }, "ntpServer": { "defaultValue": "0.pool.ntp.org", "metadata": { "description": "Leave the default NTP server the BIG-IP uses, or replace the default NTP server with the one you want to use." }, "type": "string" }, "timeZone": { "defaultValue": "UTC", "metadata": { "description": "If you would like to change the time zone the BIG-IP uses, enter the time zone you want to use. This is based on the tz database found in /usr/share/zoneinfo (see the full list [here](https://github.com/F5Networks/f5-azure-arm-templates/blob/master/azure-timezone-list.md)). Example values: UTC, US/Pacific, US/Eastern, Europe/London or Asia/Singapore." }, "type": "string" }, "customImageUrn": { "defaultValue": "OPTIONAL", "metadata": { "description": "If you would like to deploy using a specific image in Azure marketplace, specify the URN of the image. **Note**: Unless specifically required, leave the default of **OPTIONAL**. Example value: f5-networks:f5-big-ip-byol:f5-big-ltm-2slot-byol:16.0.101000. You can find the URNs of F5 marketplace images in the README for this template or by running the command: az vm image list --output yaml --publisher f5-networks --all" }, "type": "string" }, "customImage": { "defaultValue": "OPTIONAL", "metadata": { "description": "If you would like to deploy using a local BIG-IP image, provide either the full URL to the VHD in Azure storage **or** the full resource ID to an existing Microsoft.Compute image resource. **Note**: Unless specifically required, leave the default of **OPTIONAL**." }, "type": "string" }, "restrictedSrcAddress": { "metadata": { "description": "This field restricts management access to a specific network or address. Enter an IP address or address range in CIDR notation. Please do NOT use 0.0.0.0/0. Instead, restrict the IP address range to your client or trusted network, for example 55.55.55.55/32. Production should never expose the BIG-IP Management interface to the Internet. " }, "type": "string" }, "tagValues": { "defaultValue": { "application": "APP", "cost": "COST", "environment": "ENV", "group": "GROUP", "owner": "OWNER" }, "metadata": { "description": "Default key/value resource tags will be added to the resources in this deployment, if you would like the values to be unique adjust them as needed for each key." }, "type": "object" }, "allowUsageAnalytics": { "allowedValues": [ "Yes", "No" ], "defaultValue": "Yes", "metadata": { "description": "This deployment can send anonymous template statistics to F5 to help us determine how to improve our solutions. If you select **No** statistics are not sent." }, "type": "string" }, "allowPhoneHome": { "allowedValues": [ "Yes", "No" ], "defaultValue": "Yes", "metadata": { "description": "This deployment can provide F5 with high-level device use information to optimize development resources. If you select **No** the information is not sent." }, "type": "string" } }, "variables": { "computeApiVersion": "2017-12-01", "networkApiVersion": "2018-07-01", "storageApiVersion": "2017-10-01", "customImage": "[replace(parameters('customImage'), 'OPTIONAL', '')]", "useCustomImage": "[not(empty(variables('customImage')))]", "createNewCustomImage": "[contains(variables('customImage'), 'https://')]", "newCustomImageName": "[concat(variables('dnsLabel'), 'image')]", "storageProfileArray": { "customImage": { "imageReference": { "id": "[if(variables('createNewCustomImage'), resourceId('Microsoft.Compute/images', variables('newCustomImageName')), variables('customImage'))]" } }, "platformImage": { "imageReference": "[variables('imageReference')]", "osDisk": { "createOption": "FromImage" } } }, "location": "[resourceGroup().location]", "adminPasswordOrKey": "[replace(parameters('adminPasswordOrKey'),'\\n', '\n')]", "linuxConfiguration": { "disablePasswordAuthentication": true, "ssh": { "publicKeys": [ { "keyData": "[variables('adminPasswordOrKey')]", "path": "[concat('/home/', parameters('adminUsername'), '/.ssh/authorized_keys')]" } ] } }, "subscriptionID": "[subscription().subscriptionId]", "resourceGroupName": "[resourceGroup().name]", "singleQuote": "'", "f5CloudLibsTag": "v4.27.1", "f5CloudLibsAzureTag": "v2.17.1", "f5NetworksTag": "v10.3.0.0", "f5RuntimeInitBuild": "f5-bigip-runtime-init-1.6.0-1.gz.run", "f5RuntimeInitTag": "v1.6.0", "verifyHash": "[concat(variables('singleQuote'), 'cli script /Common/verifyHash {\nproc script::run {} {\n if {[catch {\n set hashes(f5-cloud-libs.tar.gz) 32dbb0e602b8a9dc8b492e52dcd61b47ba62f4f70cdb2c6162694b8b6bdde6f2684d0747878a89e966dff78dbec02d98b682aa108cba5b024195561189c61c06\n set hashes(f5-cloud-libs-aws.tar.gz) c2eadf04a910e28a52c21e1b9af9015b5a4e5a50501bc0dfbd354d03d08d5a82fe8c0326dd4138b835ff88fc17232e957b8f2d3fb031ed1809fd3d0b973afe09\n set hashes(f5-cloud-libs-azure.tar.gz) 703bae0e774114b16528ca71bb2109db5f36623f8b8698588348677862ffa48559ba9698001d2f245860059a4fec588a15ee924317b967bf338cca66b0de6936\n set hashes(f5-cloud-libs-gce.tar.gz) fd16ab827b3089e76d5c77c713a2eabe685707dba7207cfdf2778db2e96281fc8e3e4424fb20f584c44cb9722b4fbf352e7c364de5fed61a74bd138f974705b2\n set hashes(f5-cloud-libs-openstack.tar.gz) 5c83fe6a93a6fceb5a2e8437b5ed8cc9faf4c1621bfc9e6a0779f6c2137b45eab8ae0e7ed745c8cf821b9371245ca29749ca0b7e5663949d77496b8728f4b0f9\n set hashes(f5-cloud-libs-consul.tar.gz) a32aab397073df92cbbba5067e5823e9b5fafca862a258b60b6b40aa0975c3989d1e110f706177b2ffbe4dde65305a260a5856594ce7ad4ef0c47b694ae4a513\n set hashes(asm-policy-linux.tar.gz) 63b5c2a51ca09c43bd89af3773bbab87c71a6e7f6ad9410b229b4e0a1c483d46f1a9fff39d9944041b02ee9260724027414de592e99f4c2475415323e18a72e0\n set hashes(f5.http.v1.2.0rc4.tmpl) 47c19a83ebfc7bd1e9e9c35f3424945ef8694aa437eedd17b6a387788d4db1396fefe445199b497064d76967b0d50238154190ca0bd73941298fc257df4dc034\n set hashes(f5.http.v1.2.0rc6.tmpl) 811b14bffaab5ed0365f0106bb5ce5e4ec22385655ea3ac04de2a39bd9944f51e3714619dae7ca43662c956b5212228858f0592672a2579d4a87769186e2cbfe\n set hashes(f5.http.v1.2.0rc7.tmpl) 21f413342e9a7a281a0f0e1301e745aa86af21a697d2e6fdc21dd279734936631e92f34bf1c2d2504c201f56ccd75c5c13baa2fe7653213689ec3c9e27dff77d\n set hashes(f5.aws_advanced_ha.v1.3.0rc1.tmpl) 9e55149c010c1d395abdae3c3d2cb83ec13d31ed39424695e88680cf3ed5a013d626b326711d3d40ef2df46b72d414b4cb8e4f445ea0738dcbd25c4c843ac39d\n set hashes(f5.aws_advanced_ha.v1.4.0rc1.tmpl) de068455257412a949f1eadccaee8506347e04fd69bfb645001b76f200127668e4a06be2bbb94e10fefc215cfc3665b07945e6d733cbe1a4fa1b88e881590396\n set hashes(f5.aws_advanced_ha.v1.4.0rc2.tmpl) 6ab0bffc426df7d31913f9a474b1a07860435e366b07d77b32064acfb2952c1f207beaed77013a15e44d80d74f3253e7cf9fbbe12a90ec7128de6facd097d68f\n set hashes(f5.aws_advanced_ha.v1.4.0rc3.tmpl) 2f2339b4bc3a23c9cfd42aae2a6de39ba0658366f25985de2ea53410a745f0f18eedc491b20f4a8dba8db48970096e2efdca7b8efffa1a83a78e5aadf218b134\n set hashes(f5.aws_advanced_ha.v1.4.0rc4.tmpl) 2418ac8b1f1884c5c096cbac6a94d4059aaaf05927a6a4508fd1f25b8cc6077498839fbdda8176d2cf2d274a27e6a1dae2a1e3a0a9991bc65fc74fc0d02ce963\n set hashes(f5.aws_advanced_ha.v1.4.0rc5.tmpl) 5e582187ae1a6323e095d41eddd41151d6bd38eb83c634410d4527a3d0e246a8fc62685ab0849de2ade62b0275f51264d2deaccbc16b773417f847a4a1ea9bc4\n set hashes(asm-policy.tar.gz) 2d39ec60d006d05d8a1567a1d8aae722419e8b062ad77d6d9a31652971e5e67bc4043d81671ba2a8b12dd229ea46d205144f75374ed4cae58cefa8f9ab6533e6\n set hashes(deploy_waf.sh) 1a3a3c6274ab08a7dc2cb73aedc8d2b2a23cd9e0eb06a2e1534b3632f250f1d897056f219d5b35d3eed1207026e89989f754840fd92969c515ae4d829214fb74\n set hashes(f5.policy_creator.tmpl) 06539e08d115efafe55aa507ecb4e443e83bdb1f5825a9514954ef6ca56d240ed00c7b5d67bd8f67b815ee9dd46451984701d058c89dae2434c89715d375a620\n set hashes(f5.service_discovery.tmpl) 4811a95372d1dbdbb4f62f8bcc48d4bc919fa492cda012c81e3a2fe63d7966cc36ba8677ed049a814a930473234f300d3f8bced2b0db63176d52ac99640ce81b\n set hashes(f5.cloud_logger.v1.0.0.tmpl) 64a0ed3b5e32a037ba4e71d460385fe8b5e1aecc27dc0e8514b511863952e419a89f4a2a43326abb543bba9bc34376afa114ceda950d2c3bd08dab735ff5ad20\n set hashes(f5-appsvcs-3.5.1-5.noarch.rpm) ba71c6e1c52d0c7077cdb25a58709b8fb7c37b34418a8338bbf67668339676d208c1a4fef4e5470c152aac84020b4ccb8074ce387de24be339711256c0fa78c8\n set hashes(f5-appsvcs-3.18.0-4.noarch.rpm) e72ee8005a27070ac399ab097e8aa507a72aae4721d7491589cfeb821db3ef86cbc979e796ab319ec727bb51400ccda813c4b9eb4a6b3d1220a396b582f8f400\n set hashes(f5-appsvcs-3.20.0-3.noarch.rpm) d4bba8892a2068bb53f88c6090dc65f17707abca35a7ed2fff39980057fe7f7a2ebf710ab2284a1d83d70b7746beabad9df603017c0fd8728f7457661c95ac8d\n set hashes(f5-appsvcs-3.25.0-3.noarch.rpm) 26f19bdaaa81cbe0421b3e08c09987f9dd0c54b05a626d6a21a836b34248d2d9d83095f0daad8e7a4a068e9ef99b89fbcd246ae8b617ac2b2456599157d0e8b3\n set hashes(f5-appsvcs-3.26.1-1.noarch.rpm) b460e11679d38a96549b5041def27b419f1a41c8f788f9f8c7a034aa5cb5a8c9fd151c7c439bebd093fcd85cd8657f1c064551d9337566f9fc7e9506c55dc02c\n set hashes(f5-appsvcs-3.31.0-6.noarch.rpm) 6506fde5d1c2e067662b513387dccda0281d3bbc604fc6dcf8e5740ae563748899f7f335e349006fe3f0e751cd70d4ef8be3701ae45dca305de649f259f090a9\n set hashes(f5-cloud-failover-1.1.0-0.noarch.rpm) 15a440c299f9e4af86a3d0f5b0d75b0054385b95e47c3ef116d2e0bfb0041a26dcbf549028e2a26d2c718ec61446bd657be38fbbcd9db781efe5414c174ac68c\n set hashes(f5-cloud-failover-1.3.0-0.noarch.rpm) 19681eb33d9f910c913f8180199485eb653b4b5ebeaae0b90a6ce8341d7a22fed8d21815b5ba148c468852d20cc26fad4c4242e50ecc184f1f8770dacced6f6a\n set hashes(f5-cloud-failover-1.4.0-0.noarch.rpm) 49e9108a070e0c8713aeb7b330662358542e61b7c53a9d45108d37a9bf5246f9e4aaae10cc61064801dcccd20bfd5108347b0f694510e7ece07f96c45ba683b0\n set hashes(f5-cloud-failover-1.5.0-0.noarch.rpm) 33a7e2d047106bcce681757a65240bfacedd48e13567e05fdb23a4b269d266aa5001f81158c3964dc297f0428db31c9df428002898d190285b349c59422a573b\n set hashes(f5-cloud-failover-1.6.1-1.noarch.rpm) c1b842da21b8d1ba21b6eb63c8598a9ea9986d5daddc21e4d280e1d6b09d3db1de8ac7de5c84edf07b43e4af03daf8fe747a4048f6573d955206352cde2cec65\n set hashes(f5-cloud-failover-1.7.1-1.noarch.rpm) 14ff0cd2bb49780cc0ae3021c4fc8fcc096e3fce2258096a4aa026d6d37de728ca7345bfe3a79031e336e74d25a2b40ff28324c2c752bf0ee71b7fc89b6fc8fe\n set hashes(f5-cloud-failover-1.8.0-0.noarch.rpm) 23086d1cbf3cb24eac7eba2305156c600fa21f1b896321a2fa5225d331d7e41471edb3f5368144d86848a4520b1e005c014485ff451e7da6429053f58bfe8ce4\n set hashes(f5-cloud-failover-1.9.0-0.noarch.rpm) 09c15377389ac18313370635fb99f9aff05970807cc60bff074f80f664023cfc0d9f5b7f2ed7a8f879deb2da84a034bb9fa9f4e95f9806d644af518db32f1425\n\n set file_path [lindex $tmsh::argv 1]\n set file_name [file tail $file_path]\n\n if {![info exists hashes($file_name)]} {\n tmsh::log err \"No hash found for $file_name\"\n exit 1\n }\n\n set expected_hash $hashes($file_name)\n set computed_hash [lindex [exec /usr/bin/openssl dgst -r -sha512 $file_path] 0]\n if { $expected_hash eq $computed_hash } {\n exit 0\n }\n tmsh::log err \"Hash does not match for $file_path\"\n exit 1\n }]} {\n tmsh::log err {Unexpected error in verifyHash}\n exit 1\n }\n }\n script-signature X7djuj51rcPDqOQfTUMmV6Qg8gSjD4UnhrHAMkP0oFDTSDigD+s49RMbK05inVzbq+wqjWC2Rlsz1bfreGy35DzIBQo0k8hCOr2JNXAOXOp45LfVgqq+c1NgjsHo54ogvHRixLxo2wo3QBX9SJzktr3zgj6BTHoU95R76497hmaeJ96EYz+3d78tO64ORbtzizlMV9xfBFYzgW0SPT644Rer65DstCMbQcDNqHv71BnKfshfu5Ta2qXUmn8ZNBOdcdSOng+E05/rURDEFU7NJ0j7mkn3UbY8F9WNKkyL+098FitD/l+gD3VpFaFwFKIOvorz8fWfWT+u4GQF3MvRdg==\n signing-key /Common/f5-irule\n}', variables('singleQuote'))]", "installCloudLibs": "[concat(variables('singleQuote'), '#!/bin/bash\necho about to execute\nchecks=0\nwhile [ $checks -lt 120 ]; do echo checking mcpd\n/usr/bin/tmsh -a show sys mcp-state field-fmt | grep -q running\nif [ $? == 0 ]; then\necho mcpd ready\nbreak\nfi\necho mcpd not ready yet\nlet checks=checks+1\nsleep 1\ndone\necho loading verifyHash script\n/usr/bin/tmsh load sys config merge file /config/verifyHash\nif [ $? != 0 ]; then\necho cannot validate signature of /config/verifyHash\nexit 1\nfi\necho loaded verifyHash\n\nconfig_loc=\"/config/cloud/\"\nhashed_file_list=\"${config_loc}f5-cloud-libs.tar.gz\"\nfor file in $hashed_file_list; do\necho \"verifying $file\"\n/usr/bin/tmsh run cli script verifyHash $file\nif [ $? != 0 ]; then\necho \"$file is not valid\"\nexit 1\nfi\necho \"verified $file\"\ndone\necho \"expanding $hashed_file_list\"\ntar xfz /config/cloud/f5-cloud-libs.tar.gz --warning=no-unknown-keyword -C /config/cloud/azure/node_modules/@f5devcentral\ntouch /config/cloud/cloudLibsReady', variables('singleQuote'))]", "dnsLabel": "[toLower(parameters('dnsLabel'))]", "imageNameToLower": "[toLower(parameters('imageName'))]", "customImageUrnArray": "[if(not(equals(parameters('customImageUrn'), 'OPTIONAL')), split(parameters('customImageUrn'), ':'), createArray('OPTIONAL'))]", "skuToUse": "[if(equals(length(variables('customImageUrnArray')), 4), variables('customImageUrnArray')[2], concat('f5-', variables('imageNameSub'),'-byol'))]", "offerToUse": "[if(equals(length(variables('customImageUrnArray')), 4), variables('customImageUrnArray')[1], concat('f5-big-ip-', variables('imageNameArray').offerPostfix[variables('imageNameSub')]))]", "versionToUse": "[if(equals(length(variables('customImageUrnArray')), 4), variables('customImageUrnArray')[3], parameters('bigIpVersion'))]", "bigIpMajorVersion": "[if(equals(parameters('bigIpVersion'), 'latest'), '16', split(variables('versionToUse'), '.')[0])]", "bigIpMajorVersionInt": "[int(variables('bigipMajorVersion'))]", "imagePlan": { "name": "[variables('skuToUse')]", "product": "[variables('offerToUse')]", "publisher": "f5-networks" }, "imageReference": { "offer": "[variables('offerToUse')]", "publisher": "f5-networks", "sku": "[variables('skuToUse')]", "version": "[variables('versionToUse')]" }, "bigIpMgmtPort": "443", "instanceName": "[toLower(parameters('instanceName'))]", "virtualNetworkName": "[parameters('vnetName')]", "mgmtSubnetName": "[parameters('mgmtSubnetName')]", "vnetId": "[resourceId(parameters('vnetResourceGroupName'),'Microsoft.Network/virtualNetworks',variables('virtualNetworkName'))]", "mgmtRouteGw": "`tmsh list sys management-route default gateway | grep gateway | sed 's/gateway //;s/ //g'`", "mgmtSubnetPrivateAddress": "[parameters('mgmtIpAddress')]", "commandArgs": "[concat('-o ', parameters('declarationUrl'), ' -u svc_user')]", "appScript": "IyEvYmluL2Jhc2gKZnVuY3Rpb24gcGFzc3dkKCkgewogIGVjaG8gfCBmNS1yZXN0LW5vZGUgL2NvbmZpZy9jbG91ZC9henVyZS9ub2RlX21vZHVsZXMvQGY1ZGV2Y2VudHJhbC9mNS1jbG91ZC1saWJzL3NjcmlwdHMvZGVjcnlwdERhdGFGcm9tRmlsZS5qcyAtLWRhdGEtZmlsZSAvY29uZmlnL2Nsb3VkLy5wYXNzd2QgfCBhd2sgJ3twcmludCAkMX0nCn0KCndoaWxlIGdldG9wdHMgbzp1OiBvcHRpb24KZG8gY2FzZSAiJG9wdGlvbiIgIGluCiAgICAgICAgbykgZGVjbGFyYXRpb25Vcmw9JE9QVEFSRzs7CiAgICAgICAgdSkgdXNlcj0kT1BUQVJHOzsKICAgIGVzYWMKZG9uZQoKZGVwbG95ZWQ9Im5vIgpmaWxlX2xvYz0iL2NvbmZpZy9jbG91ZC9jdXN0b21fY29uZmlnIgpkZmxfbWdtdF9wb3J0PWB0bXNoIGxpc3Qgc3lzIGh0dHBkIHNzbC1wb3J0IHwgZ3JlcCBzc2wtcG9ydCB8IHNlZCAncy9zc2wtcG9ydCAvLztzLyAvL2cnYAp1cmxfcmVnZXg9IihodHRwOlwvXC98aHR0cHM6XC9cLyk/W2EtejAtOV0rKFtcLVwuXXsxfVthLXowLTldKykqXC5bYS16XXsyLDV9KDpbMC05XXsxLDV9KT8oXC8uKik/JCIKCmlmIFtbICRkZWNsYXJhdGlvblVybCA9fiAkdXJsX3JlZ2V4IF1dOyB0aGVuCiAgICByZXNwb25zZV9jb2RlPSQoL3Vzci9iaW4vY3VybCAtc2sgLXcgIiV7aHR0cF9jb2RlfSIgJGRlY2xhcmF0aW9uVXJsIC1vICRmaWxlX2xvYykKICAgIGlmIFtbICRyZXNwb25zZV9jb2RlID09IDIwMCBdXTsgdGhlbgogICAgICAgICBlY2hvICJDdXN0b20gY29uZmlnIGRvd25sb2FkIGNvbXBsZXRlOyBjaGVja2luZyBmb3IgdmFsaWQgSlNPTi4iCiAgICAgICAgIGNhdCAkZmlsZV9sb2MgfCBqcSAuY2xhc3MKICAgICAgICAgaWYgW1sgJD8gPT0gMCBdXTsgdGhlbgogICAgICAgICAgICAgcmVzcG9uc2VfY29kZT0kKC91c3IvYmluL2N1cmwgLXNrdnZ1ICR1c2VyOiQocGFzc3dkKSAtdyAiJXtodHRwX2NvZGV9IiAtWCBQT1NUIC1IICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL2pzb24iIC1IICJFeHBlY3Q6IiBodHRwczovL2xvY2FsaG9zdDokZGZsX21nbXRfcG9ydC9tZ210L3NoYXJlZC9hcHBzdmNzL2RlY2xhcmUgLWQgQCRmaWxlX2xvYyAtbyAvZGV2L251bGwpCgogICAgICAgICAgICAgaWYgW1sgJHJlc3BvbnNlX2NvZGUgPT0gMjAwIHx8ICRyZXNwb25zZV9jb2RlID09IDUwMiBdXTsgdGhlbgogICAgICAgICAgICAgICAgICBlY2hvICJEZXBsb3ltZW50IG9mIGFwcGxpY2F0aW9uIHN1Y2NlZWRlZC4iCiAgICAgICAgICAgICAgICAgIGRlcGxveWVkPSJ5ZXMiCiAgICAgICAgICAgICBlbHNlCiAgICAgICAgICAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRlcGxveSBhcHBsaWNhdGlvbjsgY29udGludWluZyB3aXRoIHJlc3BvbnNlIGNvZGUgJyIkcmVzcG9uc2VfY29kZSInIgogICAgICAgICAgICAgZmkKICAgICAgICAgZWxzZQogICAgICAgICAgICAgZWNobyAiQ3VzdG9tIGNvbmZpZyB3YXMgbm90IHZhbGlkIEpTT04sIGNvbnRpbnVpbmciCiAgICAgICAgIGZpCiAgICBlbHNlCiAgICAgICAgZWNobyAiRmFpbGVkIHRvIGRvd25sb2FkIGN1c3RvbSBjb25maWc7IGNvbnRpbnVpbmcgd2l0aCByZXNwb25zZSBjb2RlICciJHJlc3BvbnNlX2NvZGUiJyIKICAgIGZpCmVsc2UKICAgICBlY2hvICJDdXN0b20gY29uZmlnIHdhcyBub3QgYSBVUkwsIGNvbnRpbnVpbmcuIgpmaQoKaWYgW1sgJGRlcGxveWVkID09ICJubyIgJiYgJGRlY2xhcmF0aW9uVXJsID09ICJOT1RfU1BFQ0lGSUVEIiBdXTsgdGhlbgogICAgZWNobyAiQXBwbGljYXRpb24gZGVwbG95bWVudCBmYWlsZWQgb3IgY3VzdG9tIFVSTCB3YXMgbm90IHNwZWNpZmllZC4iCmZpCgplY2hvICJEZXBsb3ltZW50IGNvbXBsZXRlLiIKZXhpdA==", "extSubnetPrivateAddressSuffixInt": "[int(variables('extSubnetPrivateAddressPrefixArray')[3])]", "extSubnetName": "[parameters('externalSubnetName')]", "extSubnetPrivateAddress": "[parameters('externalIpAddressRangeStart')]", "extSubnetPrivateAddressPrefix": "[concat(variables('extSubnetPrivateAddressPrefixArray')[0], '.', variables('extSubnetPrivateAddressPrefixArray')[1], '.', variables('extSubnetPrivateAddressPrefixArray')[2], '.')]", "extNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-ext-nsg'))]", "extSelfPublicIpAddressNamePrefix": "[concat(variables('dnsLabel'), '-self-pip')]", "extSelfPublicIpAddressIdPrefix": "[resourceId('Microsoft.Network/publicIPAddresses', variables('extSelfPublicIpAddressNamePrefix'))]", "extpublicIPAddressNamePrefix": "[concat(variables('dnsLabel'), '-ext-pip')]", "extPublicIPAddressIdPrefix": "[resourceId('Microsoft.Network/publicIPAddresses', variables('extPublicIPAddressNamePrefix'))]", "extNicName": "[concat(variables('dnsLabel'), '-ext')]", "extNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('extNicName'))]", "extSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('extsubnetName'))]", "routeCmd": "route", "intSubnetName": "[parameters('internalSubnetName')]", "intSubnetPrivateAddress": "[parameters('internalIpAddress')]", "intNicName": "[concat(variables('dnsLabel'), '-int')]", "intNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('intNicName'))]", "intSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('intsubnetName'))]", "newAvailabilitySetName": "[concat(variables('dnsLabel'), '-avset')]", "availabilitySetName": "[replace(parameters('avSetChoice'), 'CREATE_NEW', variables('newAvailabilitySetName'))]", "zonesAvailable": "[not(empty(pickZones('Microsoft.Compute', 'virtualMachines', variables('location'))))]", "availabilitySetId": { "id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]" }, "extSubnetPrivateAddressPrefixArray": "[if(equals(parameters('externalIpAddressRangeStart'), 'DYNAMIC'), createArray('0','0','0','0'), split(parameters('externalIpAddressRangeStart'), '.'))]", "extSubnetPrivateAddressSuffix0": "[add(variables('extSubnetPrivateAddressSuffixInt'), 1)]", "extSubnetPrivateAddressSuffix1": "[add(variables('extSubnetPrivateAddressSuffixInt'), 2)]", "extSubnetRef": "[concat('/subscriptions/', variables('subscriptionID'), '/resourceGroups/', parameters('vnetResourceGroupName'), '/providers/Microsoft.Network/virtualNetworks/', parameters('vnetName'), '/subnets/', parameters('externalSubnetName'))]", "intSubnetRef": "[concat('/subscriptions/', variables('subscriptionID'), '/resourceGroups/', parameters('vnetResourceGroupName'), '/providers/Microsoft.Network/virtualNetworks/', parameters('vnetName'), '/subnets/', parameters('internalSubnetName'))]", "numberOfExternalIps": "[parameters('numberOfExternalIps')]", "imageNameSub": "[variables('imageNameArray')[variables('bigIpMajorVersion')][parameters('imageName')]]", "imageNameArray": { "16": { "AllOneBootLocation": "big-all-1slot", "AllTwoBootLocations": "big-all-2slot", "LTMOneBootLocation": "big-ltm-1slot", "LTMTwoBootLocations": "big-ltm-2slot" }, "15": { "AllOneBootLocation": "big-all-1slot", "AllTwoBootLocations": "big-all-2slot", "LTMOneBootLocation": "big-ltm-1slot", "LTMTwoBootLocations": "big-ltm-2slot" }, "14": { "AllOneBootLocation": "big-all-1slot", "AllTwoBootLocations": "big-all-2slot", "LTMOneBootLocation": "big-ltm-1slot", "LTMTwoBootLocations": "big-ltm-2slot" }, "13": { "AllOneBootLocation": "big-all-1slot", "AllTwoBootLocations": "big-all-2slot", "LTMOneBootLocation": "big-ltm-1slot", "LTMTwoBootLocations": "big-ltm-2slot" }, "12": { "AllOneBootLocation": "big-all-2slot", "AllTwoBootLocations": "big-all-2slot", "LTMOneBootLocation": "big-ltm-2slot", "LTMTwoBootLocations": "big-ltm-2slot" }, "latest": { "AllOneBootLocation": "big-all-2slot", "AllTwoBootLocations": "big-all-2slot", "LTMOneBootLocation": "big-ltm-2slot", "LTMTwoBootLocations": "big-ltm-2slot" }, "offerPostfix": { "big-all-1slot": "byol", "big-all-2slot": "byol", "big-ltm-1slot": "byol", "big-ltm-2slot": "byol", "bigip-virtual-edition-best": "best", "bigip-virtual-edition-good": "good" } }, "publicIPAddressType": "Static", "mgmtPublicIPAddressName": "[concat(variables('dnsLabel'), '-mgmt-pip')]", "mgmtPublicIPAddressId": "[resourceId('Microsoft.Network/publicIPAddresses', variables('mgmtPublicIPAddressName'))]", "mgmtNsgID": "[resourceId('Microsoft.Network/networkSecurityGroups/',concat(variables('dnsLabel'),'-mgmt-nsg'))]", "mgmtNicName": "[concat(variables('dnsLabel'), '-mgmt')]", "mgmtNicID": "[resourceId('Microsoft.Network/NetworkInterfaces', variables('mgmtNicName'))]", "mgmtSubnetId": "[concat(variables('vnetId'), '/subnets/', variables('mgmtSubnetName'))]", "tagValues": "[parameters('tagValues')]", "newDataStorageAccountName": "[concat(uniqueString(variables('dnsLabel'), resourceGroup().id, deployment().name), 'data000')]", "dataStorageAccountType": "Standard_LRS", "deploymentId": "[concat(variables('subscriptionId'), resourceGroup().id, deployment().name, variables('dnsLabel'))]", "customConfig": "### START (INPUT) CUSTOM CONFIGURATION HERE\ntmsh save sys config\n", "customData": "controls:\n logLevel: info\n logFilename: /var/log/cloud/bigIpRuntimeInit.log\nextension_packages:\n install_operations:\n - extensionType: as3\n extensionVersion: 3.43.0\n extensionHash: 6e50f828292c3e9417136693b7fba232ca4c004187ae1499e83e39210b500e7a\n", "allowUsageAnalytics": { "No": { "hashCmd": "echo AllowUsageAnalytics:No", "metricsCmd": "" }, "Yes": { "hashCmd": "[concat('custId=`echo \"', variables('subscriptionId'), '\"|sha512sum|cut -d \" \" -f 1`; deployId=`echo \"', variables('deploymentId'), '\"|sha512sum|cut -d \" \" -f 1`')]", "metricsCmd": "[concat(' --metrics customerId:${custId},deploymentId:${deployId},templateName:standalone_3nic-existing-stack-supported-byol,templateVersion:10.3.0.0,region:', variables('location'), ',bigIpVersion:', parameters('bigIpVersion') ,',licenseType:byol,cloudLibsVersion:', variables('f5CloudLibsTag'), ',cloudName:azure')]" } }, "allowPhoneHome": "[if(equals(parameters('allowPhoneHome'), 'Yes'), 'enabled', 'disabled')]", "osProfiles": { "password": { "adminPassword": "[variables('adminPasswordOrKey')]", "adminUsername": "[parameters('adminUsername')]", "computerName": "[variables('instanceName')]", "linuxConfiguration": "[json('null')]" }, "sshPublicKey": { "adminUsername": "[parameters('adminUsername')]", "computerName": "[variables('instanceName')]", "linuxConfiguration": "[variables('linuxConfiguration')]" } }, "installCustomConfig": "[concat(variables('singleQuote'), '#!/bin/bash\n', variables('customConfig'), variables('singleQuote'))]" }, "resources": [ { "condition": "[equals(parameters('provisionPublicIP'),'Yes')]", "apiVersion": "[variables('networkApiVersion')]", "sku": { "name": "Standard" }, "location": "[variables('location')]", "name": "[variables('mgmtPublicIPAddressName')]", "properties": { "dnsSettings": { "domainNameLabel": "[variables('dnsLabel')]" }, "idleTimeoutInMinutes": 30, "publicIPAllocationMethod": "[variables('publicIPAddressType')]" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", "type": "Microsoft.Network/publicIPAddresses" }, { "condition": "[equals(parameters('provisionPublicIP'),'Yes')]", "apiVersion": "[variables('networkApiVersion')]", "sku": { "name": "Standard" }, "location": "[variables('location')]", "name": "[concat(variables('extSelfPublicIpAddressNamePrefix'), '0')]", "properties": { "idleTimeoutInMinutes": 30, "publicIPAllocationMethod": "[variables('publicIPAddressType')]" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", "type": "Microsoft.Network/publicIPAddresses" }, { "condition": "[and(equals(parameters('provisionPublicIP'),'Yes'), not(equals(variables('numberOfExternalIps'),0)))]", "apiVersion": "[variables('networkApiVersion')]", "sku": { "name": "Standard" }, "copy": { "count": "[if(not(equals(variables('numberOfExternalIps'), 0)), variables('numberOfExternalIps'), 1)]", "name": "extpipcopy" }, "location": "[variables('location')]", "name": "[concat(variables('extPublicIPAddressNamePrefix'), copyIndex())]", "properties": { "dnsSettings": { "domainNameLabel": "[concat(variables('dnsLabel'), copyIndex(0))]" }, "idleTimeoutInMinutes": 30, "publicIPAllocationMethod": "[variables('publicIPAddressType')]" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", "type": "Microsoft.Network/publicIPAddresses" }, { "apiVersion": "[variables('networkApiVersion')]", "dependsOn": [ "[variables('mgmtPublicIPAddressId')]", "[variables('mgmtNsgID')]" ], "location": "[variables('location')]", "name": "[variables('mgmtNicName')]", "properties": { "ipConfigurations": [ { "name": "[concat(variables('instanceName'), '-ipconfig1')]", "properties": { "PublicIpAddress": "[if(equals(parameters('provisionPublicIP'),'No'), json('null'), json(concat('{\"Id\": \"', variables('mgmtPublicIPAddressId'), '\"}')))]", "privateIPAddress": "[if(equals(parameters('mgmtIpAddress'), 'DYNAMIC'), json('null'), variables('mgmtSubnetPrivateAddress'))]", "privateIPAllocationMethod": "[if(equals(parameters('mgmtIpAddress'), 'DYNAMIC'), 'Dynamic', 'Static')]", "subnet": { "id": "[variables('mgmtSubnetId')]" } } } ], "networkSecurityGroup": { "id": "[variables('mgmtNsgID')]" } }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", "type": "Microsoft.Network/networkInterfaces" }, { "apiVersion": "[variables('networkApiVersion')]", "dependsOn": [ "extpipcopy", "[variables('extNsgID')]", "[concat('Microsoft.Network/publicIPAddresses/', variables('extSelfPublicIpAddressNamePrefix'), '0')]" ], "location": "[variables('location')]", "name": "[variables('extNicName')]", "properties": { "copy": [ { "count": "[add(variables('numberOfExternalIps'), 1)]", "input": { "name": "[if(equals(copyIndex('ipConfigurations', 1), 1), concat(variables('instanceName'), '-self-ipconfig'), concat(variables('resourceGroupName'), '-ext-ipconfig', sub(copyIndex('ipConfigurations', 1), 2)))]", "properties": { "PublicIpAddress": "[if(equals(parameters('provisionPublicIP'),'No'), json('null'), json(concat('{\"Id\": \"', if(equals(copyIndex('ipConfigurations', 1), 1), concat(variables('extSelfPublicIpAddressIdPrefix'), '0'), concat(variables('extPublicIPAddressIdPrefix'), sub(copyIndex('ipConfigurations', 1), 2))), '\"}')))]", "primary": "[if(equals(copyIndex('ipConfigurations', 1), 1), 'True', 'False')]", "privateIPAddress": "[if(equals(parameters('externalIpAddressRangeStart'), 'DYNAMIC'), json('null'), if(equals(copyIndex('ipConfigurations', 1), 1), variables('extSubnetPrivateAddress'), concat(variables('extSubnetPrivateAddressPrefix'), add(variables('extSubnetPrivateAddressSuffixInt'), sub(copyIndex('ipConfigurations', 1), 1)))))]", "privateIPAllocationMethod": "[if(equals(parameters('externalIpAddressRangeStart'), 'DYNAMIC'), 'Dynamic', 'Static')]", "subnet": { "id": "[variables('extSubnetId')]" } } }, "name": "ipConfigurations" } ], "networkSecurityGroup": { "id": "[concat(variables('extNsgID'))]" } }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", "type": "Microsoft.Network/networkInterfaces" }, { "apiVersion": "[variables('networkApiVersion')]", "dependsOn": [ "extpipcopy", "[variables('extNsgID')]" ], "location": "[variables('location')]", "name": "[variables('intNicName')]", "properties": { "ipConfigurations": [ { "name": "[concat(variables('instanceName'), '-ipconfig1')]", "properties": { "privateIPAddress": "[if(equals(parameters('internalIpAddress'), 'DYNAMIC'), json('null'), variables('intSubnetPrivateAddress'))]", "privateIPAllocationMethod": "[if(equals(parameters('internalIpAddress'), 'DYNAMIC'), 'Dynamic', 'Static')]", "subnet": { "id": "[variables('intSubnetId')]" } } } ] }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", "type": "Microsoft.Network/networkInterfaces" }, { "apiVersion": "[variables('networkApiVersion')]", "location": "[variables('location')]", "name": "[concat(variables('dnsLabel'), '-mgmt-nsg')]", "properties": { "securityRules": [ { "name": "mgmt_allow_https", "properties": { "access": "Allow", "description": "", "destinationAddressPrefix": "*", "destinationPortRange": "[variables('bigIpMgmtPort')]", "direction": "Inbound", "priority": 101, "protocol": "Tcp", "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", "sourcePortRange": "*" } }, { "name": "ssh_allow_22", "properties": { "access": "Allow", "description": "", "destinationAddressPrefix": "*", "destinationPortRange": "22", "direction": "Inbound", "priority": 102, "protocol": "Tcp", "sourceAddressPrefix": "[parameters('restrictedSrcAddress')]", "sourcePortRange": "*" } } ] }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", "type": "Microsoft.Network/networkSecurityGroups" }, { "apiVersion": "[variables('networkApiVersion')]", "location": "[variables('location')]", "name": "[concat(variables('dnsLabel'), '-ext-nsg')]", "properties": { "securityRules": [] }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", "type": "Microsoft.Network/networkSecurityGroups" }, { "apiVersion": "[variables('computeApiVersion')]", "location": "[variables('location')]", "name": "[variables('availabilitySetName')]", "sku": { "name": "Aligned" }, "properties": { "PlatformFaultDomainCount": 2, "PlatformUpdateDomainCount": 2 }, "condition": "[and(not(variables('zonesAvailable')), equals(toUpper(parameters('avSetChoice')), 'CREATE_NEW'))]", "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", "type": "Microsoft.Compute/availabilitySets" }, { "apiVersion": "[variables('storageApiVersion')]", "kind": "Storage", "location": "[variables('location')]", "name": "[variables('newDataStorageAccountName')]", "properties": { "supportsHttpsTrafficOnly": true }, "sku": { "name": "[variables('dataStorageAccountType')]", "tier": "Standard" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", "type": "Microsoft.Storage/storageAccounts" }, { "apiVersion": "[variables('computeApiVersion')]", "condition": "[and(variables('useCustomImage'), variables('createNewCustomImage'))]", "location": "[variables('location')]", "name": "[variables('newCustomImageName')]", "properties": { "storageProfile": { "osDisk": { "blobUri": "[variables('customImage')]", "osState": "Generalized", "osType": "Linux", "storageAccountType": "[if(contains(parameters('instanceType'), 's_'), 'Premium_LRS', 'Standard_LRS')]" } } }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", "type": "Microsoft.Compute/images" }, { "apiVersion": "[variables('computeApiVersion')]", "dependsOn": [ "[concat('Microsoft.Storage/storageAccounts/', variables('newDataStorageAccountName'))]", "[concat('Microsoft.Compute/availabilitySets/', variables('availabilitySetName'))]", "[variables('newCustomImageName')]", "[concat('Microsoft.Network/networkInterfaces/', variables('mgmtNicName'))]", "[concat('Microsoft.Network/networkInterfaces/', variables('extNicName'))]", "[concat('Microsoft.Network/networkInterfaces/', variables('intNicName'))]" ], "location": "[variables('location')]", "name": "[variables('instanceName')]", "plan": "[if(variables('useCustomImage'), json('null'), variables('imagePlan'))]", "properties": { "availabilitySet": "[if(not(variables('zonesAvailable')), variables('availabilitySetId'), json('null'))]", "diagnosticsProfile": { "bootDiagnostics": { "enabled": true, "storageUri": "[reference(concat('Microsoft.Storage/storageAccounts/', variables('newDataStorageAccountName')), providers('Microsoft.Storage', 'storageAccounts').apiVersions[0]).primaryEndpoints.blob]" } }, "hardwareProfile": { "vmSize": "[parameters('instanceType')]" }, "networkProfile": { "networkInterfaces": [ { "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('mgmtNicName'))]", "properties": { "primary": true } }, { "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('extNicName'))]", "properties": { "primary": false } }, { "id": "[resourceId('Microsoft.Network/networkInterfaces', variables('intNicName'))]", "properties": { "primary": false } } ] }, "osProfile": "[variables('osProfiles')[parameters('authenticationType')]]", "storageProfile": "[if(variables('useCustomImage'), variables('storageProfileArray').customImage, variables('storageProfileArray').platformImage)]" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", "zones": "[if(variables('zonesAvailable'), array(parameters('zoneChoice')), json('null'))]", "type": "Microsoft.Compute/virtualMachines" }, { "apiVersion": "[variables('computeApiVersion')]", "dependsOn": [ "[concat('Microsoft.Compute/virtualMachines/', variables('instanceName'))]" ], "location": "[variables('location')]", "name": "[concat(variables('instanceName'),'/start')]", "properties": { "protectedSettings": { "commandToExecute": "[concat('function cp_logs() { cd /var/lib/waagent/custom-script/download && cp `ls -r | head -1`/std* /var/log/cloud/azure; cd /var/log/cloud/azure && cat stdout stderr > install.log; }; CLOUD_LIB_DIR=/config/cloud/azure/node_modules/@f5devcentral; mkdir -p $CLOUD_LIB_DIR && cp f5-cloud-libs*.tar.gz* /config/cloud; mkdir -p /var/config/rest/downloads; mkdir -p /var/log/cloud/azure; /usr/bin/install -m 400 /dev/null /config/cloud/.passwd; /usr/bin/setdb provision.extramb 1000; /usr/bin/setdb restjavad.useextramb true; /usr/bin/setdb iapplxrpm.timeout 300 || true; /usr/bin/setdb icrd.timeout 180 || true; /usr/bin/setdb restjavad.timeout 180 || true; /usr/bin/setdb restnoded.timeout 180 || true; /usr/bin/curl -s -f -u admin: -H \"Content-Type: application/json\" -d ', variables('singleQuote'), '{\"maxMessageBodySize\":134217728} ', variables('singleQuote'), ' -X POST http://localhost:8100/mgmt/shared/server/messaging/settings/8100 | jq .; for i in {1..30}; do\n /usr/bin/curl -fv --retry 1 --connect-timeout 5 -L https://cdn.f5.com/product/cloudsolutions/f5-bigip-runtime-init/', variables('f5RuntimeInitTag'), '/dist/', variables('f5RuntimeInitBuild'), ' -o ', variables('f5RuntimeInitBuild'), ' && break || sleep 10\n done; echo -e ', variables('singleQuote'), variables('customData'), variables('singleQuote'), ' > /config/cloud/runtime-init-config.yaml; bash ', variables('f5RuntimeInitBuild'), ' -- ', variables('singleQuote'), '--cloud azure', variables('singleQuote'), '; f5-bigip-runtime-init -c /config/cloud/runtime-init-config.yaml --skip-telemetry; /usr/bin/install -b -m 755 /dev/null /config/verifyHash; /usr/bin/install -b -m 755 /dev/null /config/installCloudLibs.sh; IFS=', variables('singleQuote'), '%', variables('singleQuote'), '; echo -e ', variables('verifyHash'), ' > /config/verifyHash; echo -e ', variables('installCloudLibs'), ' > /config/installCloudLibs.sh; echo -e ', variables('appScript'), ' | /usr/bin/base64 -d > /config/cloud/deploy_app.sh; chmod +x /config/cloud/deploy_app.sh; echo -e ', variables('installCustomConfig'), ' >> /config/customConfig.sh; unset IFS; bash /config/installCloudLibs.sh; source $CLOUD_LIB_DIR/f5-cloud-libs/scripts/util.sh; encrypt_secret ', variables('singleQuote'), variables('adminPasswordOrKey'), variables('singleQuote'), ' \"/config/cloud/.passwd\" true; $CLOUD_LIB_DIR/f5-cloud-libs/scripts/createUser.sh --user svc_user --password-file /config/cloud/.passwd --password-encrypted; ', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].hashCmd, '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/onboard.js --db dhclient.mgmt:disable --no-reboot --output /var/log/cloud/azure/onboard.log --signal ONBOARD_DONE --log-level info --cloud azure --host ', reference(variables('mgmtNicId')).ipConfigurations[0].properties.privateIPAddress, ' --ssl-port ', variables('bigIpMgmtPort'), ' -u svc_user --password-url file:///config/cloud/.passwd --password-encrypted --hostname ', concat(variables('instanceName'), '.', variables('location'), '.cloudapp.azure.com'), ' --license ', parameters('licenseKey1'), ' --ntp ', parameters('ntpServer'), ' --tz ', parameters('timeZone'), ' --modules ', parameters('bigIpModules'), ' --db tmm.maxremoteloglength:2048', variables('allowUsageAnalytics')[parameters('allowUsageAnalytics')].metricsCmd, '; tmsh modify sys software update auto-phonehome ', variables('allowPhoneHome'), '; /usr/bin/f5-rest-node $CLOUD_LIB_DIR/f5-cloud-libs/scripts/network.js --output /var/log/cloud/azure/network.log --wait-for ONBOARD_DONE --host ', reference(variables('mgmtNicId')).ipConfigurations[0].properties.privateIPAddress, ' --port ', variables('bigIpMgmtPort'), ' -u svc_user --password-url file:///config/cloud/.passwd --password-encrypted --default-gw ', concat(take(reference(variables('extSubnetRef'), variables('networkApiVersion')).addressPrefix, add(lastIndexOf(reference(variables('extSubnetRef'), variables('networkApiVersion')).addressPrefix, '.'), 1)), add(int(take(split(reference(variables('extSubnetRef'), variables('networkApiVersion')).addressPrefix, '.')[3], indexOf(split(reference(variables('extSubnetRef'), variables('networkApiVersion')).addressPrefix, '.')[3], '/'))), 1)), ' --vlan name:external,nic:1.1 --vlan name:internal,nic:1.2 --self-ip name:self_2nic,address:', reference(variables('extNicId')).ipConfigurations[0].properties.privateIPAddress, skip(reference(variables('extSubnetRef'), variables('networkApiVersion')).addressPrefix, indexOf(reference(variables('extSubnetRef'), variables('networkApiVersion')).addressPrefix, '/')), ',vlan:external --self-ip name:self_3nic,address:', reference(variables('intNicId')).ipConfigurations[0].properties.privateIPAddress, skip(reference(variables('intSubnetRef'), variables('networkApiVersion')).addressPrefix, indexOf(reference(variables('intSubnetRef'), variables('networkApiVersion')).addressPrefix, '/')), ',vlan:internal --log-level info', '; if [[ $? == 0 ]]; then tmsh list sys application service; ', variables('routeCmd'), '; echo -e ', variables('routeCmd'), ' >> /config/startup; bash /config/cloud/deploy_app.sh ', variables('commandArgs'), ' ; bash /config/customConfig.sh; $(cp_logs); else $(cp_logs); exit 1; fi', '; if grep -i \"PUT failed\" /var/log/waagent.log -q; then echo \"Killing waagent exthandler, daemon should restart it\"; pkill -f \"python -u /usr/sbin/waagent -run-exthandlers\"; fi')]" }, "publisher": "Microsoft.Azure.Extensions", "settings": { "fileUris": [ "[concat('https://cdn.f5.com/product/cloudsolutions/f5-cloud-libs/', variables('f5CloudLibsTag'), '/f5-cloud-libs.tar.gz')]", "[concat('https://cdn.f5.com/product/cloudsolutions/f5-cloud-libs-azure/', variables('f5CloudLibsAzureTag'), '/f5-cloud-libs-azure.tar.gz')]" ] }, "type": "CustomScript", "typeHandlerVersion": "2.0" }, "tags": "[if(empty(variables('tagValues')), json('null'), variables('tagValues'))]", "type": "Microsoft.Compute/virtualMachines/extensions" } ], "outputs": { "GUI-URL": { "type": "string", "value": "[if(equals(parameters('provisionPublicIP'),'No'), concat('https://', reference(variables('mgmtNicId')).ipConfigurations[0].properties.privateIPAddress, ':', variables('bigIpMgmtPort')), concat('https://', reference(variables('mgmtPublicIPAddressId')).dnsSettings.fqdn, ':', variables('bigIpMgmtPort')))]" }, "SSH-URL": { "type": "string", "value": "[if(equals(parameters('provisionPublicIP'),'No'), concat(reference(variables('mgmtNicId')).ipConfigurations[0].properties.privateIPAddress, ' ',22), concat(reference(variables('mgmtPublicIPAddressId')).dnsSettings.fqdn, ' ',22))]" } } }