Skip to content

Commit 1373cdd

Browse files
E2E demo - added SSH access from test VM (#5)
* E2E demo - added SSH access from test VM * changed Ubuntu in Dockerfile to the latest * added az auto-upgrade * added detection of running inside the docker image * added private key parameter into test VM example
1 parent 7a1164e commit 1373cdd

File tree

7 files changed

+90
-14
lines changed

7 files changed

+90
-14
lines changed

00-setup-machine.sh

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,16 @@
33
echoerr() { printf "\033[0;31m%s\n\033[0m" "$*" >&2; }
44
echosuccess() { printf "\033[0;32m%s\n\033[0m" "$*" >&2; }
55

6+
if [ -n "${PURE_RUN_IN_DOCKERIMAGE}" ];
7+
then
8+
echoerr "
9+
In the docker image with pre-installed tools you don't need to run this setup command and you can proceed to the deployment scripts.
10+
"
11+
exit 1;
12+
fi
13+
14+
15+
616
# Install the az (with bicep)
717
echo "Installing tools:"
818

@@ -50,6 +60,11 @@ else
5060
exit 1;
5161
fi
5262

63+
# upgrade az cli
64+
az upgrade --yes --all
65+
66+
# enable az auto-upgrade
67+
az config set auto-upgrade.enable=yes
5368

5469
az bicep version
5570
if [ $? == 0 ]; then

03-test-vm.bicepparam.example

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,3 +25,4 @@ param adminPassword='<< VM admin password >>'
2525

2626
// value '$myIpAddress' will be replaced with your current public IP address
2727
param whitelistedSourceAddress = '$myIpAddress'
28+
param sshPrivateKeyContentInBase64 = '<---MY SSH PRIVATE KEY CONTENT (starting with -----BEGIN RSA PRIVATE KEY----- and ending with -----END RSA PRIVATE KEY-----) with no newlines-->'

Dockerfile

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
FROM ubuntu:22.10
1+
FROM ubuntu:latest
22

33
RUN apt-get update && apt-get install -y \
44
jq \
@@ -7,6 +7,12 @@ RUN apt-get update && apt-get install -y \
77

88
RUN curl -sL https://aka.ms/InstallAzureCLIDeb | bash
99

10+
# upgrade az cli
11+
RUN az upgrade --yes --all
12+
13+
# enable az auto-upgrade
14+
RUN az config set auto-upgrade.enable=yes
15+
1016
RUN az bicep install
1117

1218
# install bicep
@@ -15,6 +21,8 @@ RUN curl -sLo bicep https://github.com/Azure/bicep/releases/latest/download/bice
1521
&& mv ./bicep /usr/local/bin/bicep \
1622
&& bicep --version
1723

24+
ENV PURE_RUN_IN_DOCKERIMAGE=1
25+
1826
VOLUME [ "/data" ]
1927
WORKDIR /data
2028

deploy-e2e-demo.sh

Lines changed: 27 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,25 @@ echo ""
6969
echosuccess "[STEP COMPLETED] The deployment of prerequisities has been completed."
7070
echo ""
7171

72+
73+
# generate a SSH key and upload it into CBS and test VM
74+
echo -e "${C_BLUE3}${C_GREY85}
75+
[Step #2] Generating a SSH key for array management:${NO_FORMAT}"
76+
77+
sshOutput=$( { az sshkey create --name "ssh-cbs-test-$resourceGroupName" --resource-group $resourceGroupName; } 2>&1 )
78+
sshPrivateKeyFile=`echo $sshOutput | grep -oP 'Private key is saved to "\K[^"]*'`
79+
sshPublicKeyFile=`echo $sshOutput | grep -oP ' WARNING: Public key is saved to "\K[^"]*'`
80+
sshDetails=`az sshkey show --name "ssh-cbs-test-$resourceGroupName" --resource-group $resourceGroupName`
81+
sshPublicKeyInOpenSSHFormat=`echo $sshDetails | jq -r ".publicKey"`
82+
83+
sshPrivateKeyContentInBase64=`base64 $sshPrivateKeyFile -w 0`
84+
85+
echo "
86+
Generated SSH key: $sshPublicKeyInOpenSSHFormat
87+
88+
"
89+
90+
7291
# Read the bicep parameters for CBS
7392
mainfilename='./templates/cbs-managed-app.bicep'
7493
tmpfilename='./templates/tmp-e2e-02.bicepparam'
@@ -78,7 +97,7 @@ paramsJson=`echo $bicep_raw | jq -r ".parametersJson"`
7897

7998

8099
echo -e "${C_BLUE3}${C_GREY85}
81-
[Step #2] Enabling CBS deployment for selected subscription $subscriptionId:${NO_FORMAT}
100+
[Step #3] Enabling CBS deployment for selected subscription $subscriptionId:${NO_FORMAT}
82101
83102
"
84103

@@ -108,7 +127,7 @@ else
108127
fi
109128

110129
echo -e "${C_BLUE3}${C_GREY85}
111-
[Step #3] Deploying CBS managed app (~20mins):${NO_FORMAT}
130+
[Step #4] Deploying CBS managed app (~20mins):${NO_FORMAT}
112131
"
113132

114133
# Deploy our infrastructure
@@ -132,7 +151,8 @@ output=$(az deployment group create \
132151
azureMarketPlacePlanVersion=$AZURE_MARKETPLACE_PLAN_VERSION \
133152
azureMarketPlacePlanName=$AZURE_MARKETPLACE_PLAN_NAME \
134153
azureMarketPlacePlanPublisher=$AZURE_MARKETPLACE_PUBLISHER \
135-
azureMarketPlacePlanOffer=$AZURE_MARKETPLACE_PLAN_OFFER
154+
azureMarketPlacePlanOffer=$AZURE_MARKETPLACE_PLAN_OFFER \
155+
sshPublicKey="$sshPublicKeyInOpenSSHFormat"
136156
)
137157

138158
cbsmanagementLbIp=`echo $output | jq -r '.properties.outputs.cbsmanagementLbIp.value'`
@@ -178,7 +198,7 @@ echo " -----------------------------------------------"
178198

179199

180200
echo -e "${C_BLUE3}${C_GREY85}
181-
[Step #4] Getting your current IP address...${NO_FORMAT}
201+
[Step #5] Getting your current IP address...${NO_FORMAT}
182202
183203
"
184204

@@ -196,7 +216,7 @@ fi
196216

197217

198218
echo -e "${C_BLUE3}${C_GREY85}
199-
[Step #5] Deploying VM into subscription $subscriptionId into RG ${resourceGroupName} (~20mins):${NO_FORMAT}
219+
[Step #6] Deploying VM into subscription $subscriptionId into RG ${resourceGroupName} (~20mins):${NO_FORMAT}
200220
201221
"
202222

@@ -220,6 +240,7 @@ output=$(az deployment group create \
220240
adminUsername=$adminUsername \
221241
adminPassword=$adminPassword \
222242
vNetName=$arrayVnetName \
243+
sshPrivateKeyContentInBase64="${sshPrivateKeyContentInBase64}"\
223244
whitelistedSourceAddress=$myIpAddress
224245
)
225246

@@ -252,7 +273,7 @@ echo ""
252273
if [ -n "${WSLENV}" ];
253274
then
254275
echo -e "${C_BLUE3}${C_GREY85}
255-
[Step #3][Optional] Opening Remote Desktop Connection session into the test VM:${NO_FORMAT}
276+
[Step #7][Optional] Opening Remote Desktop Connection session into the test VM:${NO_FORMAT}
256277
"
257278
echo " Adding credentials to cmdkey:"
258279
cmdkey.exe /generic:"$vmIpAddress" /user:"$adminUsername" /pass:"$adminPassword"

script-modules/common.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
#!/bin/bash
22

3-
CLI_VERSION='1.0.2'
3+
CLI_VERSION='1.0.3'
44

55

66
# terminal colors

templates/test-vm-extensions/customize-vm.ps1

Lines changed: 32 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
param ([Parameter(Mandatory)]$PureManagementIP,$PureManagementUser, $PureManagementPassword)
1+
param ([Parameter(Mandatory)]$PureManagementIP,$PureManagementUser, $PureManagementPassword, $VmUser, $SSHPrivateKeyBase64 = '')
22
#Variables
33
$arrayendpoint = $PureManagementIP
44
$pureuser = $PureManagementUser
@@ -48,14 +48,41 @@ $Shortcut.Save()
4848

4949
# download Pure favicon
5050
mkdir -Path $env:temp\purecustomization -erroraction SilentlyContinue | Out-Null
51-
$Download = join-path $env:temp\purecustomization favicon.ico
52-
Invoke-WebRequest "https://support.purestorage.com/@api/deki/files/47337/pcbs.ico?origin=mt-web" -OutFile $Download
51+
$DownloadFavicon = join-path $env:temp\purecustomization favicon.ico
52+
Invoke-WebRequest "https://support.purestorage.com/@api/deki/files/47337/pcbs.ico?origin=mt-web" -OutFile $DownloadFavicon
5353

5454
# create a desktop icon to mgmt. interface
5555

5656
$WshShell = New-Object -comObject WScript.Shell
5757
$Shortcut = $WshShell.CreateShortcut("C:\Users\Public\Desktop\Open CBS Console.lnk")
5858
$Shortcut.TargetPath = "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
59-
$shortcut.IconLocation = $Download
59+
$shortcut.IconLocation = $DownloadFavicon
6060
$Shortcut.Arguments = "https://$arrayendpoint"
61-
$Shortcut.Save()
61+
$Shortcut.Save()
62+
63+
64+
65+
66+
# copy the ssh private key into desktop
67+
if (-not ([string]::IsNullOrEmpty($SSHPrivateKeyBase64)))
68+
{
69+
$sshKeyFilename = "C:\ssh.key"
70+
Write-Host $SSHPrivateKeyBase64
71+
72+
[System.Convert]::FromBase64String($SSHPrivateKeyBase64) | Set-Content $sshKeyFilename -Encoding Byte
73+
74+
# remove other permissions
75+
Icacls $sshKeyFilename /Inheritance:r
76+
Icacls $sshKeyFilename /Grant:r ${vmUser}:"(R)"
77+
78+
79+
# create a desktop icon to ssh the array
80+
81+
$WshShell = New-Object -comObject WScript.Shell
82+
$Shortcut = $WshShell.CreateShortcut("C:\Users\Public\Desktop\SSH Access to CBS.lnk")
83+
$Shortcut.TargetPath = "C:\Windows\System32\OpenSSH\ssh.exe"
84+
$shortcut.IconLocation = $DownloadFavicon
85+
$Shortcut.Arguments = "$pureuser@$arrayendpoint -i $sshKeyFilename"
86+
$Shortcut.Save()
87+
88+
}

templates/test-vm.bicep

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,10 @@ param extensionFileUrl string
5050

5151
param extensionCustomizeUXFileUrl string
5252

53+
@description('When provided, they key will be saved for SSH connection into the CBS array. Encoded in base64 format.')
54+
@secure()
55+
param sshPrivateKeyContentInBase64 string = ''
56+
5357
module variables 'modules/variables.bicep' = {
5458
name: 'scriptVariables'
5559
params: {}
@@ -177,7 +181,7 @@ resource customScriptExtension 'Microsoft.Compute/virtualMachines/extensions@202
177181
]
178182
}
179183
protectedSettings: {
180-
commandToExecute: 'powershell.exe -Command "./setup-demo-cbs.ps1 -PureManagementIP ${PureManagementIP} -PureManagementUser ${PureManagementUser} -PureManagementPassword ${PureManagementPassword}; ./customize-vm.ps1 -PureManagementIP ${PureManagementIP} -PureManagementUser ${PureManagementUser} -PureManagementPassword ${PureManagementPassword};exit 0;"'
184+
commandToExecute: 'powershell.exe -Command "./setup-demo-cbs.ps1 -PureManagementIP ${PureManagementIP} -PureManagementUser ${PureManagementUser} -PureManagementPassword ${PureManagementPassword}; ./customize-vm.ps1 -VmUser ${adminUsername} -PureManagementIP ${PureManagementIP} -PureManagementUser ${PureManagementUser} -PureManagementPassword ${PureManagementPassword} -SSHPrivateKeyBase64 ${sshPrivateKeyContentInBase64};exit 0;"'
181185
}
182186
}
183187
}

0 commit comments

Comments
 (0)