mirror of https://github.com/status-im/consul.git
Merge pull request #3824 from hashicorp/azure-vmss
Adds retry-join support for Azure Virtual Machine Scale Sets.
This commit is contained in:
commit
975120cdfd
|
@ -25,7 +25,7 @@ function.
|
|||
* Amazon AWS [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/aws/aws_discover.go#L19-L33)
|
||||
* DigitalOcean [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/digitalocean/digitalocean_discover.go#L16-L24)
|
||||
* Google Cloud [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/gce/gce_discover.go#L17-L37)
|
||||
* Microsoft Azure [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/azure/azure_discover.go#L16-L30)
|
||||
* Microsoft Azure [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/azure/azure_discover.go#L16-L37)
|
||||
* Openstack [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/os/os_discover.go#L23-L38)
|
||||
* Scaleway [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/scaleway/scaleway_discover.go#L14-L22)
|
||||
* SoftLayer [Config options](https://github.com/hashicorp/go-discover/blob/master/provider/softlayer/softlayer_discover.go#L16-L25)
|
||||
|
|
|
@ -21,10 +21,17 @@ func (p *Provider) Help() string {
|
|||
client_id: The id of the client
|
||||
subscription_id: The id of the subscription
|
||||
secret_access_key: The authentication credential
|
||||
|
||||
Use these configuration parameters when using network interfaces:
|
||||
tag_name: The name of the tag to filter on
|
||||
tag_value: The value of the tag to filter on
|
||||
|
||||
The only permission needed is the 'ListAll' method for 'NetworkInterfaces'.
|
||||
Use these configuration parameters when using vm scale sets:
|
||||
resource_group: The name of the resource group to filter on
|
||||
vm_scale_set: The name of the virtual machine scale set to filter on
|
||||
|
||||
When using tags the only permission needed is the 'ListAll' method for 'NetworkInterfaces'.
|
||||
When using vm scale sets the only Role Action needed is "Microsoft.Compute/virtualMachineScaleSets/*/read".
|
||||
It is recommended you make a dedicated key used only for auto-joining.
|
||||
`
|
||||
}
|
||||
|
@ -42,9 +49,15 @@ func (p *Provider) Addrs(args map[string]string, l *log.Logger) ([]string, error
|
|||
clientID := args["client_id"]
|
||||
subscriptionID := args["subscription_id"]
|
||||
secretKey := args["secret_access_key"]
|
||||
|
||||
// Use tags if using network interfaces
|
||||
tagName := args["tag_name"]
|
||||
tagValue := args["tag_value"]
|
||||
|
||||
// Use resourceGroup and vmScaleSet if using vm scale sets
|
||||
resourceGroup := args["resource_group"]
|
||||
vmScaleSet := args["vm_scale_set"]
|
||||
|
||||
// Only works for the Azure PublicCLoud for now; no ability to test other Environment
|
||||
oauthConfig, err := azure.PublicCloud.OAuthConfigForTenant(tenantID)
|
||||
if err != nil {
|
||||
|
@ -63,6 +76,21 @@ func (p *Provider) Addrs(args map[string]string, l *log.Logger) ([]string, error
|
|||
vmnet.Sender = autorest.CreateSender(autorest.WithLogging(l))
|
||||
vmnet.Authorizer = sbt
|
||||
|
||||
if tagName != "" && tagValue != "" && resourceGroup == "" && vmScaleSet == "" {
|
||||
l.Printf("[DEBUG] discover-azure: using tag method. tag_name: %s, tag_value: %s", tagName, tagValue)
|
||||
return fetchAddrsWithTags(tagName, tagValue, vmnet, l)
|
||||
} else if resourceGroup != "" && vmScaleSet != "" && tagName == "" && tagValue == "" {
|
||||
l.Printf("[DEBUG] discover-azure: using vm scale set method. resource_group: %s, vm_scale_set: %s", resourceGroup, vmScaleSet)
|
||||
return fetchAddrsWithVmScaleSet(resourceGroup, vmScaleSet, vmnet, l)
|
||||
} else {
|
||||
l.Printf("[ERROR] discover-azure: tag_name: %s, tag_value: %s", tagName, tagValue)
|
||||
l.Printf("[ERROR] discover-azure: resource_group %s, vm_scale_set %s", resourceGroup, vmScaleSet)
|
||||
return nil, fmt.Errorf("discover-azure: unclear configuration. use (tag name and value) or (resouce_group and vm_scale_set)")
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
func fetchAddrsWithTags(tagName string, tagValue string, vmnet network.InterfacesClient, l *log.Logger) ([]string, error) {
|
||||
// Get all network interfaces across resource groups
|
||||
// unless there is a compelling reason to restrict
|
||||
netres, err := vmnet.ListAll()
|
||||
|
@ -77,22 +105,63 @@ func (p *Provider) Addrs(args map[string]string, l *log.Logger) ([]string, error
|
|||
// Choose any PrivateIPAddress with the matching tag
|
||||
var addrs []string
|
||||
for _, v := range *netres.Value {
|
||||
id := *v.ID
|
||||
if v.Tags == nil {
|
||||
l.Printf("[DEBUG] discover-azure: Interface %s has no tags", id)
|
||||
continue
|
||||
}
|
||||
tv := (*v.Tags)[tagName] // *string
|
||||
if tv == nil || *tv != tagValue {
|
||||
l.Printf("[DEBUG] discover-azure: Interface %s tag value was: %s which did not match: %s", id, *tv, tagValue)
|
||||
continue
|
||||
}
|
||||
if v.IPConfigurations == nil {
|
||||
l.Printf("[DEBUG] discover-azure: Interface %s had no ip configuration", id)
|
||||
continue
|
||||
}
|
||||
for _, x := range *v.IPConfigurations {
|
||||
if x.PrivateIPAddress == nil {
|
||||
l.Printf("[DEBUG] discover-azure: Interface %s had no private ip", id)
|
||||
continue
|
||||
}
|
||||
addrs = append(addrs, *x.PrivateIPAddress)
|
||||
iAddr := *x.PrivateIPAddress
|
||||
l.Printf("[DEBUG] discover-azure: Interface %s has private ip: %s", id, iAddr)
|
||||
addrs = append(addrs, iAddr)
|
||||
}
|
||||
}
|
||||
l.Printf("[DEBUG] discover-azure: Found ip addresses: %v", addrs)
|
||||
return addrs, nil
|
||||
}
|
||||
|
||||
func fetchAddrsWithVmScaleSet(resourceGroup string, vmScaleSet string, vmnet network.InterfacesClient, l *log.Logger) ([]string, error) {
|
||||
// Get all network interfaces for a specific virtual machine scale set
|
||||
netres, err := vmnet.ListVirtualMachineScaleSetNetworkInterfaces(resourceGroup, vmScaleSet)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("discover-azure: %s", err)
|
||||
}
|
||||
|
||||
if netres.Value == nil {
|
||||
return nil, fmt.Errorf("discover-azure: no interfaces")
|
||||
}
|
||||
|
||||
// Get all of PrivateIPAddresses we can.
|
||||
var addrs []string
|
||||
for _, v := range *netres.Value {
|
||||
id := *v.ID
|
||||
if v.IPConfigurations == nil {
|
||||
l.Printf("[DEBUG] discover-azure: Interface %s had no ip configuration", id)
|
||||
continue
|
||||
}
|
||||
for _, x := range *v.IPConfigurations {
|
||||
if x.PrivateIPAddress == nil {
|
||||
l.Printf("[DEBUG] discover-azure: Interface %s had no private ip", id)
|
||||
continue
|
||||
}
|
||||
iAddr := *x.PrivateIPAddress
|
||||
l.Printf("[DEBUG] discover-azure: Interface %s has private ip: %s", id, iAddr)
|
||||
addrs = append(addrs, iAddr)
|
||||
}
|
||||
}
|
||||
l.Printf("[DEBUG] discover-azure: Found ip addresses: %v", addrs)
|
||||
return addrs, nil
|
||||
}
|
||||
|
|
|
@ -25,10 +25,10 @@
|
|||
{"path":"github.com/hashicorp/errwrap","checksumSHA1":"cdOCt0Yb+hdErz8NAQqayxPmRsY=","revision":"7554cd9344cec97297fa6649b055a8c98c2a1e55","revisionTime":"2014-10-28T05:47:10Z"},
|
||||
{"path":"github.com/hashicorp/go-checkpoint","checksumSHA1":"D267IUMW2rcb+vNe3QU+xhfSrgY=","revision":"1545e56e46dec3bba264e41fde2c1e2aa65b5dd4","revisionTime":"2017-10-09T17:35:28Z"},
|
||||
{"path":"github.com/hashicorp/go-cleanhttp","checksumSHA1":"YAq1rqZIp+M74Q+jMBQkkMKm3VM=","revision":"d5fe4b57a186c716b0e00b8c301cbd9b4182694d","revisionTime":"2017-12-18T14:54:08Z"},
|
||||
{"path":"github.com/hashicorp/go-discover","checksumSHA1":"Ks9Bo8kevhaI5xTRdw1lULNMoOA=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z"},
|
||||
{"path":"github.com/hashicorp/go-discover","checksumSHA1":"yG6DzmNiB7kOdLcgvI1v9GacoSA=","revision":"4e49190abe2f3801a8653d7745a14bc445381615","revisionTime":"2018-01-20T00:19:59Z"},
|
||||
{"path":"github.com/hashicorp/go-discover/provider/aliyun","checksumSHA1":"ZmU/47XUGUQpFP6E8T6Tl8QKszI=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
||||
{"path":"github.com/hashicorp/go-discover/provider/aws","checksumSHA1":"lyPRg8aZKgGiNkMILk/VKwOqMy4=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
||||
{"path":"github.com/hashicorp/go-discover/provider/azure","checksumSHA1":"r97P32e+VmNMh2vwLkZa1zPEDQU=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
||||
{"path":"github.com/hashicorp/go-discover/provider/azure","checksumSHA1":"+5VD2xEOEvTZhWn2Uk009wD6XvY=","revision":"4e49190abe2f3801a8653d7745a14bc445381615","revisionTime":"2018-01-20T00:19:59Z","tree":true},
|
||||
{"path":"github.com/hashicorp/go-discover/provider/digitalocean","checksumSHA1":"qoy/euk2dwrONYMUsaAPznHHpxQ=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
||||
{"path":"github.com/hashicorp/go-discover/provider/gce","checksumSHA1":"tnKls5vtzpNQAj7b987N4i81HvY=","revision":"7642001b443a3723e2aba277054f16d1df172d97","revisionTime":"2018-01-03T21:14:29Z","tree":true},
|
||||
{"path":"github.com/hashicorp/go-discover/provider/os","checksumSHA1":"LZwn9B00AjulYRCKapmJWFAamoo=","revision":"c98e36ab72ce62b7d8fbc7f7e76f9a60e163cb45","revisionTime":"2017-10-30T10:26:55Z","tree":true},
|
||||
|
|
|
@ -318,8 +318,8 @@ will exit with an error at startup.
|
|||
### Microsoft Azure
|
||||
|
||||
This returns the first private IP address of all servers in the given region
|
||||
which have the given `tag_key` and `tag_value` in the tenant and
|
||||
subscription.
|
||||
which have the given `tag_key` and `tag_value` in the tenant and subscription, or in
|
||||
the given `resource_group` of a `vm_scale_set` for Virtual Machine Scale Sets.
|
||||
|
||||
```sh
|
||||
$ consul agent -retry-join "provider=azure tag_name=... tag_value=... tenant_id=... client_id=... subscription_id=... secret_access_key=..."
|
||||
|
@ -332,12 +332,21 @@ will exit with an error at startup.
|
|||
```
|
||||
|
||||
- `provider` (required) - the name of the provider ("azure" in this case).
|
||||
- `tag_name` (required) - the name of the tag to auto-join on.
|
||||
- `tag_value` (required) - the value of the tag to auto-join on.
|
||||
- `tenant_id` (required) - the tenant to join machines in.
|
||||
- `client_id` (required) - the client to authenticate with.
|
||||
- `secret_access_key` (required) - the secret client key.
|
||||
|
||||
Use these configuration parameters when using tags:
|
||||
- `tag_name` - the name of the tag to auto-join on.
|
||||
- `tag_value` - the value of the tag to auto-join on.
|
||||
|
||||
Use these configuration parameters when using Virtual Machine Scale Sets (Consul 1.0.3 and later):
|
||||
- `resource_group` - the name of the resource group to filter on.
|
||||
- `vm_scale_set` - the name of the virtual machine scale set to filter on.
|
||||
|
||||
When using tags the only permission needed is the `ListAll` method for `NetworkInterfaces`. When using
|
||||
Virtual Machine Scale Sets the only role action needed is `Microsoft.Compute/virtualMachineScaleSets/*/read`.
|
||||
|
||||
### Google Compute Engine
|
||||
|
||||
This returns the first private IP address of all servers in the given
|
||||
|
|
Loading…
Reference in New Issue