iSharkFly-Docs
/
packer-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #4752 from mitchellh/fix-4007 

add sleep and retry to azure setup script
This commit is contained in:
Matthew Hooker 2017-04-04 10:31:10 -07:00 committed by GitHub
parent 747bee35bd 2fb898cddf
commit af9e7552db
1 changed files with 201 additions and 179 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

380
contrib/azure-setup.sh
View File

@ -12,234 +12,256 @@ azure_tenant_id= # Derived from the account after login
location= location=
azure_object_id= azure_object_id=
azureversion= azureversion=
create_sleep=10
showhelp() { showhelp() {
echo "azure-setup" echo "azure-setup"
echo "" echo ""
echo " azure-setup helps you generate packer credentials for Azure" echo " azure-setup helps you generate packer credentials for Azure"
echo "" echo ""
echo " The script creates a resource group, storage account, application" echo " The script creates a resource group, storage account, application"
echo " (client), service principal, and permissions and displays a snippet" echo " (client), service principal, and permissions and displays a snippet"
echo " for use in your packer templates." echo " for use in your packer templates."
echo "" echo ""
echo " For simplicity we make a lot of assumptions and choose reasonable" echo " For simplicity we make a lot of assumptions and choose reasonable"
echo " defaults. If you want more control over what happens, please use" echo " defaults. If you want more control over what happens, please use"
echo " the azure-cli directly." echo " the azure-cli directly."
echo "" echo ""
echo " Note that you must already have an Azure account, username," echo " Note that you must already have an Azure account, username,"
echo " password, and subscription. You can create those here:" echo " password, and subscription. You can create those here:"
echo "" echo ""
echo " - https://account.windowsazure.com/" echo " - https://account.windowsazure.com/"
echo "" echo ""
echo "REQUIREMENTS" echo "REQUIREMENTS"
echo "" echo ""
echo " - azure-cli" echo " - azure-cli"
echo " - jq" echo " - jq"
echo "" echo ""
echo " Use the requirements command (below) for more info." echo " Use the requirements command (below) for more info."
echo "" echo ""
echo "USAGE" echo "USAGE"
echo "" echo ""
echo " ./azure-setup.sh requirements" echo " ./azure-setup.sh requirements"
echo " ./azure-setup.sh setup" echo " ./azure-setup.sh setup"
echo "" echo ""
} }
requirements() { requirements() {
found=0 found=0
azureversion=$(azure -v) azureversion=$(azure -v)
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
found=$((found + 1)) found=$((found + 1))
echo "Found azure-cli version: $azureversion" echo "Found azure-cli version: $azureversion"
else else
echo "azure-cli is missing. Please install azure-cli from" echo "azure-cli is missing. Please install azure-cli from"
echo "https://azure.microsoft.com/en-us/documentation/articles/xplat-cli-install/" echo "https://azure.microsoft.com/en-us/documentation/articles/xplat-cli-install/"
fi fi
jqversion=$(jq --version) jqversion=$(jq --version)
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
found=$((found + 1)) found=$((found + 1))
echo "Found jq version: $jqversion" echo "Found jq version: $jqversion"
else else
echo "jq is missing. Please install jq from" echo "jq is missing. Please install jq from"
echo "https://stedolan.github.io/jq/" echo "https://stedolan.github.io/jq/"
fi fi
if [ $found -lt 2 ]; then if [ $found -lt 2 ]; then
exit 1 exit 1
fi fi
} }
askSubscription() { askSubscription() {
azure account list azure account list
echo "" echo ""
echo "Please enter the Id of the account you wish to use. If you do not see" echo "Please enter the Id of the account you wish to use. If you do not see"
echo "a valid account in the list press Ctrl+C to abort and create one." echo "a valid account in the list press Ctrl+C to abort and create one."
echo "If you leave this blank we will use the Current account." echo "If you leave this blank we will use the Current account."
echo -n "> " echo -n "> "
read azure_subscription_id read azure_subscription_id
if [ "$azure_subscription_id" != "" ]; then if [ "$azure_subscription_id" != "" ]; then
azure account set $azure_subscription_id azure account set $azure_subscription_id
else else
azure_subscription_id=$(azure account show --json | jq -r .[].id) azure_subscription_id=$(azure account show --json | jq -r .[].id)
fi fi
azure_tenant_id=$(azure account show --json | jq -r .[].tenantId) azure_tenant_id=$(azure account show --json | jq -r .[].tenantId)
echo "Using subscription_id: $azure_subscription_id" echo "Using subscription_id: $azure_subscription_id"
echo "Using tenant_id: $azure_tenant_id" echo "Using tenant_id: $azure_tenant_id"
} }
askName() { askName() {
echo "" echo ""
echo "Choose a name for your resource group, storage account and client" echo "Choose a name for your resource group, storage account and client"
echo "client. This is arbitrary, but it must not already be in use by" echo "client. This is arbitrary, but it must not already be in use by"
echo "any of those resources. ALPHANUMERIC ONLY. Ex: mypackerbuild" echo "any of those resources. ALPHANUMERIC ONLY. Ex: mypackerbuild"
echo -n "> " echo -n "> "
read meta_name read meta_name
} }
askSecret() { askSecret() {
echo "" echo ""
echo "Enter a secret for your application. We recommend generating one with" echo "Enter a secret for your application. We recommend generating one with"
echo "openssl rand -base64 24. If you leave this blank we will attempt to" echo "openssl rand -base64 24. If you leave this blank we will attempt to"
echo "generate one for you using openssl. THIS WILL BE SHOWN IN PLAINTEXT." echo "generate one for you using openssl. THIS WILL BE SHOWN IN PLAINTEXT."
echo "Ex: mypackersecret8734" echo "Ex: mypackersecret8734"
echo -n "> " echo -n "> "
read azure_client_secret read azure_client_secret
if [ "$azure_client_secret" = "" ]; then if [ "$azure_client_secret" = "" ]; then
azure_client_secret=$(openssl rand -base64 24) azure_client_secret=$(openssl rand -base64 24)
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Error generating secret" echo "Error generating secret"
exit 1 exit 1
fi fi
echo "Generated client_secret: $azure_client_secret" echo "Generated client_secret: $azure_client_secret"
fi fi
} }
askLocation() { askLocation() {
azure location list azure location list
echo "" echo ""
echo "Choose which region your resource group and storage account will be created." echo "Choose which region your resource group and storage account will be created."
echo -n "> " echo -n "> "
read location read location
} }
createResourceGroup() { createResourceGroup() {
echo "==> Creating resource group" echo "==> Creating resource group"
azure group create -n $meta_name -l $location azure group create -n $meta_name -l $location
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
azure_group_name=$meta_name azure_group_name=$meta_name
else else
echo "Error creating resource group: $meta_name" echo "Error creating resource group: $meta_name"
exit 1 return 1
fi fi
} }
createStorageAccount() { createStorageAccount() {
echo "==> Creating storage account" echo "==> Creating storage account"
azure storage account create -g $meta_name -l $location --sku-name LRS --kind Storage $meta_name azure storage account create -g $meta_name -l $location --sku-name LRS --kind Storage $meta_name
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
azure_storage_name=$meta_name azure_storage_name=$meta_name
else else
echo "Error creating storage account: $meta_name" echo "Error creating storage account: $meta_name"
exit 1 return 1
fi fi
} }
createApplication() { createApplication() {
echo "==> Creating application" echo "==> Creating application"
azure_client_id=$(azure ad app create -n $meta_name -i http://$meta_name --home-page http://$meta_name -p $azure_client_secret --json | jq -r .appId) azure_client_id=$(azure ad app create -n $meta_name -i http://$meta_name --home-page http://$meta_name -p $azure_client_secret --json | jq -r .appId)
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Error creating application: $meta_name @ http://$meta_name" echo "Error creating application: $meta_name @ http://$meta_name"
exit 1 return 1
fi fi
} }
createServicePrincipal() { createServicePrincipal() {
echo "==> Creating service principal" echo "==> Creating service principal"
# Azure CLI 0.10.2 introduced a breaking change, where appId must be supplied with the -a switch # Azure CLI 0.10.2 introduced a breaking change, where appId must be supplied with the -a switch
# prior version accepted appId as the only parameter without a switch # prior version accepted appId as the only parameter without a switch
newer_syntax=false newer_syntax=false
IFS='.' read -ra azureversionsemver <<< "$azureversion" IFS='.' read -ra azureversionsemver <<< "$azureversion"
if [ ${azureversionsemver[0]} -ge 0 ] && [ ${azureversionsemver[1]} -ge 10 ] && [ ${azureversionsemver[2]} -ge 2 ]; then if [ ${azureversionsemver[0]} -ge 0 ] && [ ${azureversionsemver[1]} -ge 10 ] && [ ${azureversionsemver[2]} -ge 2 ]; then
newer_syntax=true newer_syntax=true
fi fi
if [ "${newer_syntax}" = true ]; then if [ "${newer_syntax}" = true ]; then
azure_object_id=$(azure ad sp create -a $azure_client_id --json | jq -r .objectId) azure_object_id=$(azure ad sp create -a $azure_client_id --json | jq -r .objectId)
else else
azure_object_id=$(azure ad sp create $azure_client_id --json | jq -r .objectId) azure_object_id=$(azure ad sp create $azure_client_id --json | jq -r .objectId)
fi fi
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Error creating service principal: $azure_client_id" echo "Error creating service principal: $azure_client_id"
exit 1 return 1
fi fi
} }
createPermissions() { createPermissions() {
echo "==> Creating permissions" echo "==> Creating permissions"
azure role assignment create --objectId $azure_object_id -o "Owner" -c /subscriptions/$azure_subscription_id azure role assignment create --objectId $azure_object_id -o "Owner" -c /subscriptions/$azure_subscription_id
# We want to use this more conservative scope but it does not work with the # We want to use this more conservative scope but it does not work with the
# current implementation which uses temporary resource groups # current implementation which uses temporary resource groups
# azure role assignment create --spn http://$meta_name -g $azure_group_name -o "API Management Service Contributor" # azure role assignment create --spn http://$meta_name -g $azure_group_name -o "API Management Service Contributor"
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "Error creating permissions for: http://$meta_name" echo "Error creating permissions for: http://$meta_name"
exit 1 return 1
fi fi
} }
showConfigs() { showConfigs() {
echo "" echo ""
echo "Use the following configuration for your packer template:" echo "Use the following configuration for your packer template:"
echo "" echo ""
echo "{" echo "{"
echo " \"client_id\": \"$azure_client_id\"," echo " \"client_id\": \"$azure_client_id\","
echo " \"client_secret\": \"$azure_client_secret\"," echo " \"client_secret\": \"$azure_client_secret\","
echo " \"object_id\": \"$azure_object_id\"," echo " \"object_id\": \"$azure_object_id\","
echo " \"subscription_id\": \"$azure_subscription_id\"," echo " \"subscription_id\": \"$azure_subscription_id\","
echo " \"tenant_id\": \"$azure_tenant_id\"," echo " \"tenant_id\": \"$azure_tenant_id\","
echo " \"resource_group_name\": \"$azure_group_name\"," echo " \"resource_group_name\": \"$azure_group_name\","
echo " \"storage_account\": \"$azure_storage_name\"," echo " \"storage_account\": \"$azure_storage_name\","
echo "}" echo "}"
echo "" echo ""
} }
doSleep() {
local sleep_time=${PACKER_SLEEP_TIME-$create_sleep}
echo ""
echo "Sleeping for ${sleep_time} seconds to wait for resources to be "
echo "created. If you get an error about a resource not existing, you can "
echo "try increasing the amount of time we wait after creating resources "
echo "by setting PACKER_SLEEP_TIME to something higher than the default."
echo ""
sleep $sleep_time
}
retryable() {
n=0
until [ $n -ge $1 ]
do
$2 && return 0
echo "$2 failed. Retrying..."
n=$[$n+1]
doSleep
done
echo "$2 failed after $1 tries. Exiting."
exit 1
}
setup() { setup() {
requirements requirements
azure config mode arm azure config mode arm
azure login azure login
askSubscription askSubscription
askName askName
askSecret askSecret
askLocation askLocation
# Some of the resources take a while to converge in the API. To make the # Some of the resources take a while to converge in the API. To make the
# script more reliable we'll add a sleep after we create each resource. # script more reliable we'll add a sleep after we create each resource.
createResourceGroup retryable 3 createResourceGroup
sleep 5 retryable 3 createStorageAccount
createStorageAccount retryable 3 createApplication
sleep 5 retryable 3 createServicePrincipal
createApplication retryable 3 createPermissions
sleep 5
createServicePrincipal
sleep 5
createPermissions
showConfigs showConfigs
} }
case "$1" in case "$1" in
requirements) requirements)
requirements requirements
;; ;;
setup) setup)
setup setup
;; ;;
*) *)
showhelp showhelp
;; ;;
esac esac