Add NAT Rules to VMSS create that allow SSH/RDP by default (#743)

Azure · Aug 24, 2016 · f06c94f · f06c94f
1 parent eabe4e8
commit f06c94f
Show file tree

Hide file tree

Showing 10 changed files with 181 additions and 39 deletions.
diff --git a/azure-cli.pyproj b/azure-cli.pyproj
@@ -758,6 +758,7 @@
     <Folder Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vmss\lib\" />
     <Folder Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vmss\lib\models\" />
     <Folder Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vmss\lib\operations\" />
+    <Folder Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vmss\nested_templates\" />
     <Folder Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vm\" />
     <Folder Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vm\lib\" />
     <Folder Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vm\lib\models\" />
@@ -846,6 +847,8 @@
     <Content Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_avail_set\swagger_create_avail_set.json" />
     <Content Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vmss\azuredeploy.json" />
     <Content Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vmss\azuredeploy_test.md" />
+    <Content Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vmss\nested_templates\nat_rules_new.json" />
+    <Content Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vmss\nested_templates\nat_rules_none.json" />
     <Content Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vm\azuredeploy_test.md" />
     <Content Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vmss\swagger_create_vmss.json" />
     <Content Include="command_modules\azure-cli-vm\azure\cli\command_modules\vm\mgmt_vm\azuredeploy.json" />

diff --git a/src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/_help.py b/src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/_help.py
@@ -65,7 +65,7 @@
                     az vmss create  -n myName -g myResourceGroup --dns-name-for-public-ip myGloballyUniqueDnsName
                     --load-balancer-type existing --load-balancer-name myLoadBalancer
                     --virtual-network-type existing --virtual-network-name myVNET --subnet-name mySubnet --image canonical:Ubuntu_Snappy_Core:15.04:2016.0318.1949
-                    --authentication-type ssh --ssh-key-value "<ssh-key-value or ssh-key-file-path"
+                    --authentication-type ssh --ssh-key-value "<ssh-key-value or ssh-key-file-path>"
 """.format(image_long_summary)
 
 helps['vm availability-set create'] = """

diff --git a/src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/_params.py b/src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/_params.py
@@ -143,7 +143,8 @@ def get_vm_size_completion_list(prefix, action, parsed_args, **kwargs):#pylint:
 register_cli_argument('vm create', 'network_interface_ids', options_list=('--nics',), nargs='+', help='Names or IDs of existing NICs to reference.  The first NIC will be the primary NIC.', type=lambda val: val if (not '/' in val or is_valid_resource_id(val, ValueError)) else '', validator=_handle_vm_nics)
 
 register_cli_argument('vm create', 'name', name_arg_type, validator=_resource_not_exists('Microsoft.Compute/virtualMachines'))
-register_cli_argument('vmss create', 'name', name_arg_type, validator=_resource_not_exists('Microsoft.Compute/virtualMachineScaleSets'))
+register_cli_argument('vmss create', 'name', name_arg_type)
+register_cli_argument('vmss create', 'nat_backend_port', default=None, help='Backend port to open with NAT rules.  Defaults to 22 on Linux and 3389 on Windows.')
 register_cli_argument('vmss', 'vm_scale_set_name', name_arg_type, help='scale set name')
 register_cli_argument('vmss', 'instance_ids', help='Space separated ids such as "0 2 3", or use "*" for all instances')
 

diff --git a/src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/mgmt_vmss/azuredeploy.json b/src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/mgmt_vmss/azuredeploy.json
@@ -70,24 +70,24 @@
       }
     },
     "instanceCount": {
-      "type": "string",
+      "type": "int",
       "defaultValue": 2,
       "metadata": {
         "description": "Number of VMs in scale set."
       }
     },
-    "loadBalancerBackendPoolName": {
+    "loadBalancer": {
       "type": "string",
-      "defaultValue": "[concat(parameters('name'), 'bepool')]",
+      "defaultValue": "[concat(parameters('name'), 'lb')]",
       "metadata": {
-        "description": "Name of load balancer backend pool."
+        "description": "Name or ID of load balancer."
       }
     },
-    "loadBalancer": {
+    "loadBalancerBackendPoolName": {
       "type": "string",
-      "defaultValue": "[concat(parameters('name'), 'lb')]",
+      "defaultValue": "[concat(parameters('name'), 'bepool')]",
       "metadata": {
-        "description": "Name or ID of load balancer."
+        "description": "Name of load balancer backend pool."
       }
     },
     "loadBalancerType": {
@@ -117,6 +117,13 @@
         "description": "The VM name."
       }
     },
+    "natBackendPort": {
+      "type": "int",
+      "defaultValue": 22,
+      "metadata": {
+        "description": "Backend port to open with NAT rules."
+      }
+    },
     "osDiskName": {
       "type": "string",
       "defaultValue": "osdiskimage",
@@ -183,6 +190,13 @@
         "description": "Overprovision option (see https://azure.microsoft.com/en-us/documentation/articles/virtual-machine-scale-sets-overview/ for details)."
       }
     },
+    "publicIpAddress": {
+      "type": "string",
+      "defaultValue": "[concat(parameters('name'), 'PublicIP')]",
+      "metadata": {
+        "description": "Name or ID of public IP address to use."
+      }
+    },
     "publicIpAddressAllocation": {
       "type": "string",
       "defaultValue": "dynamic",
@@ -194,13 +208,6 @@
         "description": "Public IP address allocation method."
       }
     },
-    "publicIpAddress": {
-      "type": "string",
-      "defaultValue": "[concat(parameters('name'), 'PublicIP')]",
-      "metadata": {
-        "description": "Name or ID of public IP address to use."
-      }
-    },
     "publicIpAddressType": {
       "type": "string",
       "defaultValue": "new",
@@ -285,18 +292,18 @@
         "description": "Manual or Automatic upgrade mode."
       }
     },
-    "virtualNetworkIpAddressPrefix": {
+    "virtualNetwork": {
       "type": "string",
-      "defaultValue": "10.0.0.0/16",
+      "defaultValue": "[concat(parameters('name'), 'VNET')]",
       "metadata": {
-        "description": "The virtual network IP address prefix in CIDR format."
+        "description": "Name or ID of virtual network."
       }
     },
-    "virtualNetwork": {
+    "virtualNetworkIpAddressPrefix": {
       "type": "string",
-      "defaultValue": "[concat(parameters('name'), 'VNET')]",
+      "defaultValue": "10.0.0.0/16",
       "metadata": {
-        "description": "Name or ID of virtual network."
+        "description": "The virtual network IP address prefix in CIDR format."
       }
     },
     "virtualNetworkType": {
@@ -426,6 +433,7 @@
     "vmSize": "[parameters('vmSku')]",
     "vmDeploymentName": "[concat(parameters('name'), 'VM')]",
     "nicDeploymentName": "[concat(parameters('name'), 'NicIp')]",
+    "natRuleDeploymentName": "[concat(parameters('name'), 'NatRules')]",
     "subnetRef": "[concat(variables('virtualNetworkId'), '/subnets/', variables('subnetName'))]",
     "ipConfigurations": {
       "new": [
@@ -511,6 +519,14 @@
       "new": "[variables('lbTemplateUri')]",
       "none": "[variables('lbTemplateUriEmpty')]"
     },
+    "natTemplateUri": "[concat(parameters('_artifactsLocation'), '/', 'nested_templates/nat_rules_new', '.json')]",
+    "natTemplateUriEmpty": "[concat(parameters('_artifactsLocation'), '/', 'nested_templates/nat_rules_none', '.json')]",
+    "natTemplateFilePaths": {
+      "new": "[variables('natTemplateUri')]",
+      "existingId": "[variables('natTemplateUriEmpty')]",
+      "existingName": "[variables('natTemplateUriEmpty')]",
+      "none": "[variables('natTemplateUriEmpty')]"
+    },
     "vhdContainers": [
       "[concat('https://', variables('uniqueStringArray')[0], variables('newStorageAccountSuffix'), '.blob.core.windows.net/', variables('vhdContainerName'))]",
       "[concat('https://', variables('uniqueStringArray')[1], variables('newStorageAccountSuffix'), '.blob.core.windows.net/', variables('vhdContainerName'))]",
@@ -614,7 +630,30 @@
           "publicIpAddress": { "value": "[variables('publicIpAddressId')]" },
           "publicIpAddressType": { "value": "[variables('lbPublicIpAddressType')[parameters('publicIpAddressType')]]" },
           "backendPoolName": { "value": "[variables('bePoolName')]" },
-          "subnet": { "value": "[variables('subnetRef')]" }
+          "subnet": { "value": "[variables('subnetRef')]" },
+          "frontendIpName": { "value": "LoadBalancerFrontEnd" }
+        }
+      }
+    },
+    {
+      "name": "[variables('natRuleDeploymentName')]",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2015-01-01",
+      "dependsOn": [
+        "[concat('Microsoft.Resources/deployments/', variables('lbDeploymentName'))]"
+      ],
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('natTemplateFilePaths')[parameters('loadBalancerType')]]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "loadBalancerName": { "value": "[parameters('loadBalancer')]" },
+          "location": { "value": "[variables('resourceLocation')]" },
+          "backendPort": { "value": "[parameters('natBackendPort')]" },
+          "numberOfInstances": { "value": "[parameters('instanceCount')]" },
+          "frontendIpName": { "value": "LoadBalancerFrontEnd" }
         }
       }
     },

diff --git a/...modules/azure-cli-vm/azure/cli/command_modules/vm/mgmt_vmss/lib/models/deployment_vmss.py b/...modules/azure-cli-vm/azure/cli/command_modules/vm/mgmt_vmss/lib/models/deployment_vmss.py
@@ -22,15 +22,15 @@ class DeploymentVmss(Model):
     sending a request.
 
     :ivar uri: URI referencing the template. Default value:
-     "https://azuresdkci.blob.core.windows.net/templatehost/CreateVmss_2016-08-04/azuredeploy.json"
+     "https://azuresdkci.blob.core.windows.net/templatehost/CreateVmss_2016-08-24/azuredeploy.json"
      .
     :vartype uri: str
     :param content_version: If included it must match the ContentVersion in
      the template.
     :type content_version: str
     :ivar _artifacts_location: Container URI of of the template. Default
      value:
-     "https://azuresdkci.blob.core.windows.net/templatehost/CreateVmss_2016-08-04"
+     "https://azuresdkci.blob.core.windows.net/templatehost/CreateVmss_2016-08-24"
      .
     :vartype _artifacts_location: str
     :param admin_password: Password for the Virtual Machine.  Required if SSH
@@ -56,8 +56,8 @@ class DeploymentVmss(Model):
      name. Possible values include: 'none', 'new'. Default value: "none" .
     :type dns_name_type: str or :class:`dnsNameType
      <vmsscreationclient.models.dnsNameType>`
-    :param instance_count: Number of VMs in scale set. Default value: "2" .
-    :type instance_count: str
+    :param instance_count: Number of VMs in scale set. Default value: 2 .
+    :type instance_count: int
     :param load_balancer: Name or ID of load balancer.
     :type load_balancer: str
     :param load_balancer_backend_pool_name: Name of load balancer backend
@@ -72,6 +72,9 @@ class DeploymentVmss(Model):
     :type location: str
     :param name: The VM name.
     :type name: str
+    :param nat_backend_port: Backend port to open with NAT rules. Default
+     value: 22 .
+    :type nat_backend_port: int
     :param os_disk_name: Name of new VM OS disk. Default value: "osdiskimage"
      .
     :type os_disk_name: str
@@ -174,12 +177,13 @@ class DeploymentVmss(Model):
         'custom_os_disk_uri': {'key': 'properties.parameters.customOsDiskUri.value', 'type': 'str'},
         'dns_name_for_public_ip': {'key': 'properties.parameters.dnsNameForPublicIP.value', 'type': 'str'},
         'dns_name_type': {'key': 'properties.parameters.dnsNameType.value', 'type': 'dnsNameType'},
-        'instance_count': {'key': 'properties.parameters.instanceCount.value', 'type': 'str'},
+        'instance_count': {'key': 'properties.parameters.instanceCount.value', 'type': 'int'},
         'load_balancer': {'key': 'properties.parameters.loadBalancer.value', 'type': 'str'},
         'load_balancer_backend_pool_name': {'key': 'properties.parameters.loadBalancerBackendPoolName.value', 'type': 'str'},
         'load_balancer_type': {'key': 'properties.parameters.loadBalancerType.value', 'type': 'loadBalancerType'},
         'location': {'key': 'properties.parameters.location.value', 'type': 'str'},
         'name': {'key': 'properties.parameters.name.value', 'type': 'str'},
+        'nat_backend_port': {'key': 'properties.parameters.natBackendPort.value', 'type': 'int'},
         'os_disk_name': {'key': 'properties.parameters.osDiskName.value', 'type': 'str'},
         'os_disk_type': {'key': 'properties.parameters.osDiskType.value', 'type': 'osDiskType'},
         'os_offer': {'key': 'properties.parameters.osOffer.value', 'type': 'str'},
@@ -207,13 +211,13 @@ class DeploymentVmss(Model):
         'mode': {'key': 'properties.mode', 'type': 'str'},
     }
 
-    uri = "https://azuresdkci.blob.core.windows.net/templatehost/CreateVmss_2016-08-04/azuredeploy.json"
+    uri = "https://azuresdkci.blob.core.windows.net/templatehost/CreateVmss_2016-08-24/azuredeploy.json"
 
-    _artifacts_location = "https://azuresdkci.blob.core.windows.net/templatehost/CreateVmss_2016-08-04"
+    _artifacts_location = "https://azuresdkci.blob.core.windows.net/templatehost/CreateVmss_2016-08-24"
 
     mode = "Incremental"
 
-    def __init__(self, admin_username, name, content_version=None, admin_password=None, authentication_type="password", custom_os_disk_type="windows", custom_os_disk_uri=None, dns_name_for_public_ip=None, dns_name_type="none", instance_count="2", load_balancer=None, load_balancer_backend_pool_name=None, load_balancer_type="new", location=None, os_disk_name="osdiskimage", os_disk_type="provided", os_offer="WindowsServer", os_publisher="MicrosoftWindowsServer", os_sku="2012-R2-Datacenter", os_type="Win2012R2Datacenter", os_version="latest", overprovision=False, public_ip_address=None, public_ip_address_allocation="dynamic", public_ip_address_type="new", ssh_dest_key_path=None, ssh_key_value=None, storage_caching="ReadOnly", storage_container_name="vhds", storage_type="Standard_LRS", subnet_ip_address_prefix="10.0.0.0/24", subnet_name=None, tags=None, upgrade_policy_mode="manual", virtual_network=None, virtual_network_ip_address_prefix="10.0.0.0/16", virtual_network_type="new", vm_sku="Standard_D1_v2"):
+    def __init__(self, admin_username, name, content_version=None, admin_password=None, authentication_type="password", custom_os_disk_type="windows", custom_os_disk_uri=None, dns_name_for_public_ip=None, dns_name_type="none", instance_count=2, load_balancer=None, load_balancer_backend_pool_name=None, load_balancer_type="new", location=None, nat_backend_port=22, os_disk_name="osdiskimage", os_disk_type="provided", os_offer="WindowsServer", os_publisher="MicrosoftWindowsServer", os_sku="2012-R2-Datacenter", os_type="Win2012R2Datacenter", os_version="latest", overprovision=False, public_ip_address=None, public_ip_address_allocation="dynamic", public_ip_address_type="new", ssh_dest_key_path=None, ssh_key_value=None, storage_caching="ReadOnly", storage_container_name="vhds", storage_type="Standard_LRS", subnet_ip_address_prefix="10.0.0.0/24", subnet_name=None, tags=None, upgrade_policy_mode="manual", virtual_network=None, virtual_network_ip_address_prefix="10.0.0.0/16", virtual_network_type="new", vm_sku="Standard_D1_v2"):
         self.content_version = content_version
         self.admin_password = admin_password
         self.admin_username = admin_username
@@ -228,6 +232,7 @@ def __init__(self, admin_username, name, content_version=None, admin_password=No
         self.load_balancer_type = load_balancer_type
         self.location = location
         self.name = name
+        self.nat_backend_port = nat_backend_port
         self.os_disk_name = os_disk_name
         self.os_disk_type = os_disk_type
         self.os_offer = os_offer

diff --git a/...d_modules/azure-cli-vm/azure/cli/command_modules/vm/mgmt_vmss/lib/models/template_link.py b/...d_modules/azure-cli-vm/azure/cli/command_modules/vm/mgmt_vmss/lib/models/template_link.py
@@ -22,7 +22,7 @@ class TemplateLink(Model):
     sending a request.
 
     :ivar uri: URI referencing the template. Default value:
-     "https://azuresdkci.blob.core.windows.net/templatehost/CreateVmss_2016-08-04/azuredeploy.json"
+     "https://azuresdkci.blob.core.windows.net/templatehost/CreateVmss_2016-08-24/azuredeploy.json"
      .
     :vartype uri: str
     :param content_version: If included it must match the ContentVersion in
@@ -39,7 +39,7 @@ class TemplateLink(Model):
         'content_version': {'key': 'contentVersion', 'type': 'str'},
     }
 
-    uri = "https://azuresdkci.blob.core.windows.net/templatehost/CreateVmss_2016-08-04/azuredeploy.json"
+    uri = "https://azuresdkci.blob.core.windows.net/templatehost/CreateVmss_2016-08-24/azuredeploy.json"
 
     def __init__(self, content_version=None):
         self.content_version = content_version