mirror of https://github.com/status-im/consul.git
Merge pull request #3824 from hashicorp/azure-vmss
Adds retry-join support for Azure Virtual Machine Scale Sets.
This commit is contained in:
commit
975120cdfd
|
@ -25,7 +25,7 @@ function.
|
||||||
* Amazon AWS [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/aws/aws_discover.go#L19-L33)
|
* Amazon AWS [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/aws/aws_discover.go#L19-L33)
|
||||||
* DigitalOcean [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/digitalocean/digitalocean_discover.go#L16-L24)
|
* DigitalOcean [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/digitalocean/digitalocean_discover.go#L16-L24)
|
||||||
* Google Cloud [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/gce/gce_discover.go#L17-L37)
|
* Google Cloud [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/gce/gce_discover.go#L17-L37)
|
||||||
* Microsoft Azure [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/azure/azure_discover.go#L16-L30)
|
* Microsoft Azure [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/azure/azure_discover.go#L16-L37)
|
||||||
* Openstack [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/os/os_discover.go#L23-L38)
|
* Openstack [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/os/os_discover.go#L23-L38)
|
||||||
* Scaleway [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/scaleway/scaleway_discover.go#L14-L22)
|
* Scaleway [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/scaleway/scaleway_discover.go#L14-L22)
|
||||||
* SoftLayer [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/softlayer/softlayer_discover.go#L16-L25)
|
* SoftLayer [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/softlayer/softlayer_discover.go#L16-L25)
|
||||||
|
@ -107,4 +107,4 @@ For complete API documentation, see
|
||||||
[GoDoc](https://godoc.org/github.com/hashicorp/go-discover). The configuration
|
[GoDoc](https://godoc.org/github.com/hashicorp/go-discover). The configuration
|
||||||
for the supported providers is documented in the
|
for the supported providers is documented in the
|
||||||
[providers](https://godoc.org/github.com/hashicorp/go-discover/provider)
|
[providers](https://godoc.org/github.com/hashicorp/go-discover/provider)
|
||||||
sub-package.
|
sub-package.
|
|
@ -21,10 +21,17 @@ func (p *Provider) Help() string {
|
||||||
client_id: The id of the client
|
client_id: The id of the client
|
||||||
subscription_id: The id of the subscription
|
subscription_id: The id of the subscription
|
||||||
secret_access_key: The authentication credential
|
secret_access_key: The authentication credential
|
||||||
|
|
||||||
|
Use these configuration parameters when using network interfaces:
|
||||||
tag_name: The name of the tag to filter on
|
tag_name: The name of the tag to filter on
|
||||||
tag_value: The value of the tag to filter on
|
tag_value: The value of the tag to filter on
|
||||||
|
|
||||||
The only permission needed is the 'ListAll' method for 'NetworkInterfaces'.
|
Use these configuration parameters when using vm scale sets:
|
||||||
|
resource_group: The name of the resource group to filter on
|
||||||
|
vm_scale_set: The name of the virtual machine scale set to filter on
|
||||||
|
|
||||||
|
When using tags the only permission needed is the 'ListAll' method for 'NetworkInterfaces'.
|
||||||
|
When using vm scale sets the only Role Action needed is "Microsoft.Compute/virtualMachineScaleSets/*/read".
|
||||||
It is recommended you make a dedicated key used only for auto-joining.
|
It is recommended you make a dedicated key used only for auto-joining.
|
||||||
`
|
`
|
||||||
}
|
}
|
||||||
|
@ -42,9 +49,15 @@ func (p *Provider) Addrs(args map[string]string, l *log.Logger) ([]string, error
|
||||||
clientID := args["client_id"]
|
clientID := args["client_id"]
|
||||||
subscriptionID := args["subscription_id"]
|
subscriptionID := args["subscription_id"]
|
||||||
secretKey := args["secret_access_key"]
|
secretKey := args["secret_access_key"]
|
||||||
|
|
||||||
|
// Use tags if using network interfaces
|
||||||
tagName := args["tag_name"]
|
tagName := args["tag_name"]
|
||||||
tagValue := args["tag_value"]
|
tagValue := args["tag_value"]
|
||||||
|
|
||||||
|
// Use resourceGroup and vmScaleSet if using vm scale sets
|
||||||
|
resourceGroup := args["resource_group"]
|
||||||
|
vmScaleSet := args["vm_scale_set"]
|
||||||
|
|
||||||
// Only works for the Azure PublicCLoud for now; no ability to test other Environment
|
// Only works for the Azure PublicCLoud for now; no ability to test other Environment
|
||||||
oauthConfig, err := azure.PublicCloud.OAuthConfigForTenant(tenantID)
|
oauthConfig, err := azure.PublicCloud.OAuthConfigForTenant(tenantID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -63,6 +76,21 @@ func (p *Provider) Addrs(args map[string]string, l *log.Logger) ([]string, error
|
||||||
vmnet.Sender = autorest.CreateSender(autorest.WithLogging(l))
|
vmnet.Sender = autorest.CreateSender(autorest.WithLogging(l))
|
||||||
vmnet.Authorizer = sbt
|
vmnet.Authorizer = sbt
|
||||||
|
|
||||||
|
if tagName != "" && tagValue != "" && resourceGroup == "" && vmScaleSet == "" {
|
||||||
|
l.Printf("[DEBUG] discover-azure: using tag method. tag_name: %s, tag_value: %s", tagName, tagValue)
|
||||||
|
return fetchAddrsWithTags(tagName, tagValue, vmnet, l)
|
||||||
|
} else if resourceGroup != "" && vmScaleSet != "" && tagName == "" && tagValue == "" {
|
||||||
|
l.Printf("[DEBUG] discover-azure: using vm scale set method. resource_group: %s, vm_scale_set: %s", resourceGroup, vmScaleSet)
|
||||||
|
return fetchAddrsWithVmScaleSet(resourceGroup, vmScaleSet, vmnet, l)
|
||||||
|
} else {
|
||||||
|
l.Printf("[ERROR] discover-azure: tag_name: %s, tag_value: %s", tagName, tagValue)
|
||||||
|
l.Printf("[ERROR] discover-azure: resource_group %s, vm_scale_set %s", resourceGroup, vmScaleSet)
|
||||||
|
return nil, fmt.Errorf("discover-azure: unclear configuration. use (tag name and value) or (resouce_group and vm_scale_set)")
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
func fetchAddrsWithTags(tagName string, tagValue string, vmnet network.InterfacesClient, l *log.Logger) ([]string, error) {
|
||||||
// Get all network interfaces across resource groups
|
// Get all network interfaces across resource groups
|
||||||
// unless there is a compelling reason to restrict
|
// unless there is a compelling reason to restrict
|
||||||
netres, err := vmnet.ListAll()
|
netres, err := vmnet.ListAll()
|
||||||
|
@ -77,22 +105,63 @@ func (p *Provider) Addrs(args map[string]string, l *log.Logger) ([]string, error
|
||||||
// Choose any PrivateIPAddress with the matching tag
|
// Choose any PrivateIPAddress with the matching tag
|
||||||
var addrs []string
|
var addrs []string
|
||||||
for _, v := range *netres.Value {
|
for _, v := range *netres.Value {
|
||||||
|
id := *v.ID
|
||||||
if v.Tags == nil {
|
if v.Tags == nil {
|
||||||
|
l.Printf("[DEBUG] discover-azure: Interface %s has no tags", id)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
tv := (*v.Tags)[tagName] // *string
|
tv := (*v.Tags)[tagName] // *string
|
||||||
if tv == nil || *tv != tagValue {
|
if tv == nil || *tv != tagValue {
|
||||||
|
l.Printf("[DEBUG] discover-azure: Interface %s tag value was: %s which did not match: %s", id, *tv, tagValue)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
if v.IPConfigurations == nil {
|
if v.IPConfigurations == nil {
|
||||||
|
l.Printf("[DEBUG] discover-azure: Interface %s had no ip configuration", id)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
for _, x := range *v.IPConfigurations {
|
for _, x := range *v.IPConfigurations {
|
||||||
if x.PrivateIPAddress == nil {
|
if x.PrivateIPAddress == nil {
|
||||||
|
l.Printf("[DEBUG] discover-azure: Interface %s had no private ip", id)
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
addrs = append(addrs, *x.PrivateIPAddress)
|
iAddr := *x.PrivateIPAddress
|
||||||
|
l.Printf("[DEBUG] discover-azure: Interface %s has private ip: %s", id, iAddr)
|
||||||
|
addrs = append(addrs, iAddr)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
l.Printf("[DEBUG] discover-azure: Found ip addresses: %v", addrs)
|
||||||
|
return addrs, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func fetchAddrsWithVmScaleSet(resourceGroup string, vmScaleSet string, vmnet network.InterfacesClient, l *log.Logger) ([]string, error) {
|
||||||
|
// Get all network interfaces for a specific virtual machine scale set
|
||||||
|
netres, err := vmnet.ListVirtualMachineScaleSetNetworkInterfaces(resourceGroup, vmScaleSet)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("discover-azure: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if netres.Value == nil {
|
||||||
|
return nil, fmt.Errorf("discover-azure: no interfaces")
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get all of PrivateIPAddresses we can.
|
||||||
|
var addrs []string
|
||||||
|
for _, v := range *netres.Value {
|
||||||
|
id := *v.ID
|
||||||
|
if v.IPConfigurations == nil {
|
||||||
|
l.Printf("[DEBUG] discover-azure: Interface %s had no ip configuration", id)
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
for _, x := range *v.IPConfigurations {
|
||||||
|
if x.PrivateIPAddress == nil {
|
||||||
|
l.Printf("[DEBUG] discover-azure: Interface %s had no private ip", id)
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
iAddr := *x.PrivateIPAddress
|
||||||
|
l.Printf("[DEBUG] discover-azure: Interface %s has private ip: %s", id, iAddr)
|
||||||
|
addrs = append(addrs, iAddr)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
l.Printf("[DEBUG] discover-azure: Found ip addresses: %v", addrs)
|
||||||
return addrs, nil
|
return addrs, nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -25,10 +25,10 @@
|
||||||
{"path":"github.com/hashicorp/errwrap","checksumSHA1":"cdOCt0Yb+hdErz8NAQqayxPmRsY=","revision":"7554cd9344cec97297fa6649b055a8c98c2a1e55","revisionTime":"2014-10-28T05:47:10Z"},
|
{"path":"github.com/hashicorp/errwrap","checksumSHA1":"cdOCt0Yb+hdErz8NAQqayxPmRsY=","revision":"7554cd9344cec97297fa6649b055a8c98c2a1e55","revisionTime":"2014-10-28T05:47:10Z"},
|
||||||
{"path":"github.com/hashicorp/go-checkpoint","checksumSHA1":"D267IUMW2rcb+vNe3QU+xhfSrgY=","revision":"1545e56e46dec3bba264e41fde2c1e2aa65b5dd4","revisionTime":"2017-10-09T17:35:28Z"},
|
{"path":"github.com/hashicorp/go-checkpoint","checksumSHA1":"D267IUMW2rcb+vNe3QU+xhfSrgY=","revision":"1545e56e46dec3bba264e41fde2c1e2aa65b5dd4","revisionTime":"2017-10-09T17:35:28Z"},
|
||||||
{"path":"github.com/hashicorp/go-cleanhttp","checksumSHA1":"YAq1rqZIp+M74Q+jMBQkkMKm3VM=","revision":"d5fe4b57a186c716b0e00b8c301cbd9b4182694d","revisionTime":"2017-12-18T14:54:08Z"},
|
{"path":"github.com/hashicorp/go-cleanhttp","checksumSHA1":"YAq1rqZIp+M74Q+jMBQkkMKm3VM=","revision":"d5fe4b57a186c716b0e00b8c301cbd9b4182694d","revisionTime":"2017-12-18T14:54:08Z"},
|
||||||
{"path":"github.com/hashicorp/go-discover","checksumSHA1":"Ks9Bo8kevhaI5xTRdw1lULNMoOA=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z"},
|
{"path":"github.com/hashicorp/go-discover","checksumSHA1":"yG6DzmNiB7kOdLcgvI1v9GacoSA=","revision":"4e49190abe2f3801a8653d7745a14bc445381615","revisionTime":"2018-01-20T00:19:59Z"},
|
||||||
{"path":"github.com/hashicorp/go-discover/provider/aliyun","checksumSHA1":"ZmU/47XUGUQpFP6E8T6Tl8QKszI=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
{"path":"github.com/hashicorp/go-discover/provider/aliyun","checksumSHA1":"ZmU/47XUGUQpFP6E8T6Tl8QKszI=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
||||||
{"path":"github.com/hashicorp/go-discover/provider/aws","checksumSHA1":"lyPRg8aZKgGiNkMILk/VKwOqMy4=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
{"path":"github.com/hashicorp/go-discover/provider/aws","checksumSHA1":"lyPRg8aZKgGiNkMILk/VKwOqMy4=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
||||||
{"path":"github.com/hashicorp/go-discover/provider/azure","checksumSHA1":"r97P32e+VmNMh2vwLkZa1zPEDQU=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
{"path":"github.com/hashicorp/go-discover/provider/azure","checksumSHA1":"+5VD2xEOEvTZhWn2Uk009wD6XvY=","revision":"4e49190abe2f3801a8653d7745a14bc445381615","revisionTime":"2018-01-20T00:19:59Z","tree":true},
|
||||||
{"path":"github.com/hashicorp/go-discover/provider/digitalocean","checksumSHA1":"qoy/euk2dwrONYMUsaAPznHHpxQ=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
{"path":"github.com/hashicorp/go-discover/provider/digitalocean","checksumSHA1":"qoy/euk2dwrONYMUsaAPznHHpxQ=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
||||||
{"path":"github.com/hashicorp/go-discover/provider/gce","checksumSHA1":"tnKls5vtzpNQAj7b987N4i81HvY=","revision":"7642001b443a3723e2aba277054f16d1df172d97","revisionTime":"2018-01-03T21:14:29Z","tree":true},
|
{"path":"github.com/hashicorp/go-discover/provider/gce","checksumSHA1":"tnKls5vtzpNQAj7b987N4i81HvY=","revision":"7642001b443a3723e2aba277054f16d1df172d97","revisionTime":"2018-01-03T21:14:29Z","tree":true},
|
||||||
{"path":"github.com/hashicorp/go-discover/provider/os","checksumSHA1":"LZwn9B00AjulYRCKapmJWFAamoo=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
{"path":"github.com/hashicorp/go-discover/provider/os","checksumSHA1":"LZwn9B00AjulYRCKapmJWFAamoo=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
||||||
|
|
|
@ -318,8 +318,8 @@ will exit with an error at startup.
|
||||||
### Microsoft Azure
|
### Microsoft Azure
|
||||||
|
|
||||||
This returns the first private IP address of all servers in the given region
|
This returns the first private IP address of all servers in the given region
|
||||||
which have the given `tag_key` and `tag_value` in the tenant and
|
which have the given `tag_key` and `tag_value` in the tenant and subscription, or in
|
||||||
subscription.
|
the given `resource_group` of a `vm_scale_set` for Virtual Machine Scale Sets.
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
$ consul agent -retry-join "provider=azure tag_name=... tag_value=... tenant_id=... client_id=... subscription_id=... secret_access_key=..."
|
$ consul agent -retry-join "provider=azure tag_name=... tag_value=... tenant_id=... client_id=... subscription_id=... secret_access_key=..."
|
||||||
|
@ -332,12 +332,21 @@ will exit with an error at startup.
|
||||||
```
|
```
|
||||||
|
|
||||||
- `provider` (required) - the name of the provider ("azure" in this case).
|
- `provider` (required) - the name of the provider ("azure" in this case).
|
||||||
- `tag_name` (required) - the name of the tag to auto-join on.
|
|
||||||
- `tag_value` (required) - the value of the tag to auto-join on.
|
|
||||||
- `tenant_id` (required) - the tenant to join machines in.
|
- `tenant_id` (required) - the tenant to join machines in.
|
||||||
- `client_id` (required) - the client to authenticate with.
|
- `client_id` (required) - the client to authenticate with.
|
||||||
- `secret_access_key` (required) - the secret client key.
|
- `secret_access_key` (required) - the secret client key.
|
||||||
|
|
||||||
|
Use these configuration parameters when using tags:
|
||||||
|
- `tag_name` - the name of the tag to auto-join on.
|
||||||
|
- `tag_value` - the value of the tag to auto-join on.
|
||||||
|
|
||||||
|
Use these configuration parameters when using Virtual Machine Scale Sets (Consul 1.0.3 and later):
|
||||||
|
- `resource_group` - the name of the resource group to filter on.
|
||||||
|
- `vm_scale_set` - the name of the virtual machine scale set to filter on.
|
||||||
|
|
||||||
|
When using tags the only permission needed is the `ListAll` method for `NetworkInterfaces`. When using
|
||||||
|
Virtual Machine Scale Sets the only role action needed is `Microsoft.Compute/virtualMachineScaleSets/*/read`.
|
||||||
|
|
||||||
### Google Compute Engine
|
### Google Compute Engine
|
||||||
|
|
||||||
This returns the first private IP address of all servers in the given
|
This returns the first private IP address of all servers in the given
|
||||||
|
|
Loading…
Reference in New Issue