{ "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "outputs": { "SSH Targets": { "type": "string", "value": "[concat('https://', variables('portalFQDN'), '/#resource/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', variables('lbSSHName'), '/inboundNatRules')]" } }, "parameters": { "adServicePrincipalAppID": { "metadata": { "description": "AD ServicePrincipal App ID" }, "type": "string" }, "adServicePrincipalAppSecret": { "metadata": { "description": "AD ServicePrincipal App Secret" }, "type": "securestring" }, "enableExtLogs": { "allowedValues": [ "yes", "no" ], "defaultValue": "yes", "metadata": { "description": "Stores container logs in storage container on azure" }, "type": "string" }, "enableSystemPrune": { "allowedValues": [ "yes", "no" ], "defaultValue": "no", "metadata": { "description": "Cleans up unused images, containers, networks and volumes" }, "type": "string" }, "subnetId": { "defaultValue": "/subscriptions/[your-subscription-id]/resourceGroups/[your-internal-network-rg-name]/providers/Microsoft.Network/virtualNetworks/[your-virtual-network-name]/subnets/[your-subnet-name]", "type": "string" }, "privateIPAllocationMethod": { "defaultValue": "Static", "type": "string" }, "privateSSHLBIP": { "defaultValue": "[your-private-static-ip-for-master-node-lb]", "type": "string" }, "privateDockerLBIP": { "defaultValue": "[your-private-static-ip-for-worker-node-lb]", "type": "string" }, "managerCount": { "allowedValues": [ 1, 3, 5 ], "defaultValue": 1, "type": "int" }, "managerVMSize": { "allowedValues": [ "Standard_A0", "Standard_A1", "Standard_A2", "Standard_A3", "Standard_A4", "Standard_A5", "Standard_A6", "Standard_A7", "Standard_A8", "Standard_A9", "Standard_A10", "Standard_A11", "Standard_D1", "Standard_D2", "Standard_D3", "Standard_D4", "Standard_D11", "Standard_D12", "Standard_D13", "Standard_D14", "Standard_D1_v2", "Standard_D2_v2", "Standard_D3_v2", "Standard_D4_v2", "Standard_D5_v2", "Standard_D11_v2", "Standard_D12_v2", "Standard_D13_v2", "Standard_D14_v2", "Standard_G1", "Standard_G2", "Standard_G3", "Standard_G4", "Standard_G5", "Standard_DS1", "Standard_DS2", "Standard_DS3", "Standard_DS4", "Standard_DS11", "Standard_DS12", "Standard_DS13", "Standard_DS14", "Standard_GS1", "Standard_GS2", "Standard_GS3", "Standard_GS4", "Standard_GS5" ], "defaultValue": "Standard_D2_v2", "metadata": { "description": "The size of the created Manager machines" }, "type": "string" }, "sshPublicKey": { "metadata": { "description": "The SSH public key used to authenticate with the created swarm. Usually available in $HOME/.ssh/id_rsa.pub file" }, "type": "string" }, "swarmName": { "defaultValue": "dockerswarm", "metadata": { "description": "Define how the swarm resources should be named." }, "type": "string" }, "workerCount": { "allowedValues": [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 ], "defaultValue": 1, "metadata": { "description": "Number of Worker nodes" }, "type": "int" }, "workerVMSize": { "allowedValues": [ "Standard_A0", "Standard_A1", "Standard_A2", "Standard_A3", "Standard_A4", "Standard_A5", "Standard_A6", "Standard_A7", "Standard_A8", "Standard_A9", "Standard_A10", "Standard_A11", "Standard_D1", "Standard_D2", "Standard_D3", "Standard_D4", "Standard_D11", "Standard_D12", "Standard_D13", "Standard_D14", "Standard_D1_v2", "Standard_D2_v2", "Standard_D3_v2", "Standard_D4_v2", "Standard_D5_v2", "Standard_D11_v2", "Standard_D12_v2", "Standard_D13_v2", "Standard_D14_v2", "Standard_G1", "Standard_G2", "Standard_G3", "Standard_G4", "Standard_G5", "Standard_DS1", "Standard_DS2", "Standard_DS3", "Standard_DS4", "Standard_DS11", "Standard_DS12", "Standard_DS13", "Standard_DS14", "Standard_GS1", "Standard_GS2", "Standard_GS3", "Standard_GS4", "Standard_GS5" ], "defaultValue": "Standard_D2_v2", "metadata": { "description": "The size of the created machines" }, "type": "string" } }, "resources": [ { "apiVersion": "[variables('storageApiVersion')]", "copy": { "count": "[length(variables('uniqueStringArray'))]", "name": "storageLoop" }, "kind": "Storage", "location": "[variables('storageLocation')]", "name": "[concat(variables('uniqueStringArray')[copyIndex()], variables('storageAccountSuffix'))]", "sku": { "name": "Standard_LRS" }, "tags": { "channel": "[variables('channel')]", "provider": "[toUpper(variables('DockerProviderTag'))]" }, "type": "Microsoft.Storage/storageAccounts" }, { "apiVersion": "[variables('storageApiVersion')]", "kind": "Storage", "location": "[variables('storageLocation')]", "name": "[variables('swarmLogsStorageAccount')]", "sku": { "name": "Standard_LRS" }, "tags": { "channel": "[variables('channel')]", "provider": "[toUpper(variables('DockerProviderTag'))]" }, "type": "Microsoft.Storage/storageAccounts" }, { "apiVersion": "[variables('vmssApiVersion')]", "dependsOn": [ "[variables('lbSSHID')]", "storageLoop" ], "location": "[variables('storageLocation')]", "name": "[variables('vmssManagersName')]", "plan": { "name": "[variables('imageSku')]", "product": "[variables('imageOffer')]", "publisher": "[variables('imagePublisher')]" }, "properties": { "overprovision": false, "upgradePolicy": { "mode": "Manual" }, "virtualMachineProfile": { "diagnosticsProfile": { "bootDiagnostics": { "enabled": true, "storageUri": "[concat('https://', variables('uniqueStringArray')[0], variables('storageAccountSuffix'), variables('storageAccountDNSSuffix'))]" } }, "networkProfile": { "networkInterfaceConfigurations": [ { "name": "managerNodeNic", "properties": { "ipConfigurations": [ { "name": "mgripconfig", "privateIPAllocationMethod": "dynamic", "properties": { "loadBalancerBackendAddressPools": [ { "id": "[variables('lbSSHBackendAddressPoolID')]" } ], "loadBalancerInboundNatPools": [ { "id": "[variables('lbSSHNATPoolID')]" } ], "subnet": { "id": "[parameters('subnetId')]" } } } ], "primary": true } } ] }, "osProfile": { "adminUsername": "[variables('adminUsername')]", "computerNamePrefix": "[variables('managerVMNamePrefix')]", "customData": "[base64(concat('#!/bin/bash', '\n', 'export ROLE=\"MANAGER\"', '\n', 'export LB_IP=\"', parameters('privateDockerLBIP'), '\"', '\n', variables('customData')))]", "linuxConfiguration": { "disablePasswordAuthentication": true, "ssh": { "publicKeys": [ { "keyData": "[variables('sshRSAPublicKey')]", "path": "[variables('sshKeyPath')]" } ] } } }, "storageProfile": { "imageReference": "[variables('imageReference')]", "osDisk": { "caching": "ReadWrite", "createOption": "FromImage", "name": "[concat(variables('managerVMNamePrefix'), 'vmssosdisk')]", "vhdContainers": [ "[concat('https://', variables('uniqueStringArray')[0], variables('storageAccountSuffix'), variables('storageAccountDNSSuffix'), '/', variables('vhdContainerName'))]" ] } } } }, "sku": { "capacity": "[variables('managerCount')]", "name": "[variables('managerVMSize')]", "tier": "Standard" }, "tags": { "channel": "[variables('channel')]", "provider": "[toUpper(variables('DockerProviderTag'))]" }, "type": "Microsoft.Compute/virtualMachineScaleSets" }, { "apiVersion": "[variables('vmssApiVersion')]", "dependsOn": [ "[variables('lbID')]", "storageLoop" ], "location": "[variables('storageLocation')]", "name": "[variables('vmssName')]", "plan": { "name": "[variables('imageSku')]", "product": "[variables('imageOffer')]", "publisher": "[variables('imagePublisher')]" }, "properties": { "overprovision": false, "upgradePolicy": { "mode": "Manual" }, "virtualMachineProfile": { "diagnosticsProfile": { "bootDiagnostics": { "enabled": true, "storageUri": "[concat('https://', variables('uniqueStringArray')[0], variables('storageAccountSuffix'), variables('storageAccountDNSSuffix'))]" } }, "networkProfile": { "networkInterfaceConfigurations": [ { "name": "workerNodeNic", "properties": { "ipConfigurations": [ { "name": "nicipconfig", "privateIPAllocationMethod": "dynamic", "properties": { "loadBalancerBackendAddressPools": [ { "id": "[ variables('lbBackendAddressPoolID')]" } ], "subnet": { "id": "[parameters('subnetId')]" } } } ], "primary": true } } ] }, "osProfile": { "adminUsername": "[variables('adminUsername')]", "computerNamePrefix": "[variables('workerVMNamePrefix')]", "customData": "[base64(concat('#!/bin/bash', '\n', 'export ROLE=\"WORKER\"', '\n', 'export LB_IP=\"', parameters('privateDockerLBIP'), '\"', '\n', variables('customData')))]", "linuxConfiguration": { "disablePasswordAuthentication": true, "ssh": { "publicKeys": [ { "keyData": "[variables('sshRSAPublicKey')]", "path": "[variables('sshKeyPath')]" } ] } } }, "storageProfile": { "imageReference": "[variables('imageReference')]", "osDisk": { "caching": "ReadWrite", "createOption": "FromImage", "name": "[concat(variables('workerVMNamePrefix'), 'vmssosdisk', 0)]", "vhdContainers": [ "[concat('https://', variables('uniqueStringArray')[0], variables('storageAccountSuffix'), variables('storageAccountDNSSuffix'), '/', variables('vhdContainerName'))]", "[concat('https://', variables('uniqueStringArray')[1], variables('storageAccountSuffix'), variables('storageAccountDNSSuffix'), '/', variables('vhdContainerName'))]", "[concat('https://', variables('uniqueStringArray')[2], variables('storageAccountSuffix'), variables('storageAccountDNSSuffix'), '/', variables('vhdContainerName'))]", "[concat('https://', variables('uniqueStringArray')[3], variables('storageAccountSuffix'), variables('storageAccountDNSSuffix'), '/', variables('vhdContainerName'))]", "[concat('https://', variables('uniqueStringArray')[4], variables('storageAccountSuffix'), variables('storageAccountDNSSuffix'), '/', variables('vhdContainerName'))]" ] } } } }, "sku": { "capacity": "[variables('workerCount')]", "name": "[variables('workerVMSize')]", "tier": "Standard" }, "tags": { "channel": "[variables('channel')]", "provider": "[toUpper(variables('DockerProviderTag'))]" }, "type": "Microsoft.Compute/virtualMachineScaleSets" }, { "apiVersion": "[variables('apiVersion')]", "location": "[resourceGroup().location]", "name": "[variables('lbName')]", "properties": { "backendAddressPools": [ { "name": "default" } ], "frontendIPConfigurations": [ { "name": "default", "properties": { "privateIPAllocationMethod": "[parameters('privateIPAllocationMethod')]", "subnet": { "id": "[parameters('subnetId')]" }, "privateIPAddress": "[parameters('privateDockerLBIP')]" } } ], "probes": [ { "name": "default", "properties": { "intervalInSeconds": 10, "numberOfProbes": 2, "port": 44554, "protocol": "Tcp" } } ] }, "tags": { "channel": "[variables('channel')]", "provider": "[toUpper(variables('DockerProviderTag'))]" }, "type": "Microsoft.Network/loadBalancers" }, { "apiVersion": "[variables('apiVersion')]", "location": "[resourceGroup().location]", "name": "[variables('lbSSHName')]", "properties": { "backendAddressPools": [ { "name": "default" } ], "frontendIPConfigurations": [ { "name": "default", "properties": { "privateIPAllocationMethod": "[parameters('privateIPAllocationMethod')]", "subnet": { "id": "[parameters('subnetId')]" }, "privateIPAddress": "[parameters('privateSSHLBIP')]" } } ], "inboundNatPools": [ { "name": "default", "properties": { "backendPort": 22, "frontendIPConfiguration": { "id": "[variables('lbSSHFrontEndIPConfigID')]" }, "frontendPortRangeEnd": "[variables('natSSHEndPort')]", "frontendPortRangeStart": "[variables('natSSHStartPort')]", "protocol": "tcp" } } ], "probes": [ { "name": "default", "properties": { "intervalInSeconds": 10, "numberOfProbes": 2, "port": 22, "protocol": "Tcp" } } ] }, "tags": { "channel": "[variables('channel')]", "provider": "[toUpper(variables('DockerProviderTag'))]" }, "type": "Microsoft.Network/loadBalancers" } ], "variables": { "Description": "Docker for Azure 17.10.0-ce-azure1", "DockerProviderTag": "8CF0E79C-DF97-4992-9B59-602DB544D354", "accountID": "[subscription().subscriptionId]", "adServicePrincipalAppID": "[parameters('adServicePrincipalAppID')]", "adServicePrincipalAppSecret": "[parameters('adServicePrincipalAppSecret')]", "adServicePrincipalTenantID": "[subscription().tenantId]", "adminUsername": "docker", "apiVersion": "2016-03-30", "basePrefix": "[parameters('swarmName')]", "channel": "edge", "customData": "[concat('export ACCOUNT_ID=\"', variables('accountID'), '\"', '\n', 'export REGION=\"', variables('storageLocation'), '\"', '\n', 'export SUB_ID=\"', variables('accountID'), '\"', '\n', 'export GROUP_NAME=\"', variables('groupName'), '\"', '\n', 'export LB_NAME=\"', variables('lbName'), '\"', '\n', 'export APP_ID=\"', variables('adServicePrincipalAppID'), '\"', '\n', 'export APP_SECRET=\"', variables('adServicePrincipalAppSecret'), '\"', '\n', 'export TENANT_ID=\"', variables('adServicePrincipalTenantID'), '\"', '\n', 'export SWARM_INFO_STORAGE_ACCOUNT=\"', variables('swarmInfoStorageAccount'), '\"', '\n', 'export SWARM_LOGS_STORAGE_ACCOUNT=\"', variables('swarmLogsStorageAccount'), '\"', '\n', 'export PRIVATE_IP=$(ifconfig eth0 | grep \"inet addr:\" | cut -d: -f2 | cut -d\" \" -f1)\n', 'export AZURE_HOSTNAME=$(hostname)\n', '\n', 'docker run --label com.docker.editions.system --log-driver=json-file --restart=no -it -e LB_NAME -e SUB_ID -e ROLE -e REGION -e TENANT_ID -e APP_ID -e APP_SECRET -e ACCOUNT_ID -e GROUP_NAME -e PRIVATE_IP -e DOCKER_FOR_IAAS_VERSION -e SWARM_INFO_STORAGE_ACCOUNT -e SWARM_LOGS_STORAGE_ACCOUNT -e AZURE_HOSTNAME -v /var/run/docker.sock:/var/run/docker.sock -v /usr/bin/docker:/usr/bin/docker -v /var/lib/docker:/var/lib/docker -v /var/log:/var/log docker4x/init-azure:\"$DOCKER_FOR_IAAS_VERSION\"\n')]", "docker": "17.10.0-ce", "editionAddOn": "base", "groupName": "[resourceGroup().name]", "imageOffer": "docker-ce-edge", "imagePublisher": "docker", "imageReference": { "offer": "[variables('imageOffer')]", "publisher": "[variables('imagePublisher')]", "sku": "[variables('imageSku')]", "version": "[variables('imageVersion')]" }, "imageSku": "docker-ce-edge", "imageVersion": "1.0.5", "lbBackendAddressPoolID": "[concat(variables('lbID'),'/backendAddressPools/default')]", "lbID": "[resourceId('Microsoft.Network/loadBalancers',variables('lbName'))]", "lbName": "internalLoadBalancer", "lbSSHBackendAddressPoolID": "[concat(variables('lbSSHID'),'/backendAddressPools/default')]", "lbSSHFrontEndIPConfigID": "[concat(variables('lbSSHID'),'/frontendIPConfigurations/default')]", "lbSSHID": "[resourceId('Microsoft.Network/loadBalancers',variables('lbSSHName'))]", "lbSSHNATPoolID": "[concat(variables('lbSSHID'),'/inboundNatPools/default')]", "lbSSHName": "internalSSHLoadBalancer", "managerCount": "[parameters('managerCount')]", "managerEndpointDNSNamePrefix": "manager", "managerFirstAddr": 5, "managerVMNamePrefix": "swarm-manager", "managerVMSize": "[parameters('managerVMSize')]", "natSSHEndPort": 50100, "natSSHStartPort": 50000, "portalFQDN": "portal.azure.com", "scriptsUrl": "https://download.docker.com/azure/edge/17.10.0-ce/", "scriptsVersion": "17.10.0-ce-azure1", "sshKeyPath": "[concat('/home/', variables('adminUsername'), '/.ssh/authorized_keys')]", "sshRSAPublicKey": "[parameters('sshPublicKey')]", "storageAccountDNSSuffix": ".blob.core.windows.net", "storageAccountSuffix": "docker", "storageApiVersion": "2016-12-01", "storageLocation": "[resourceGroup().location]", "swarmInfoStorageAccount": "[concat(variables('uniqueStringArray')[0], variables('storageAccountSuffix'))]", "swarmInfoTable": "swarminfo", "swarmLogsStorageAccount": "[concat(uniqueString(concat(resourceGroup().id, variables('storageAccountSuffix'))), 'logs')]", "uniqueStringArray": [ "[concat(uniqueString(concat(resourceGroup().id, variables('storageAccountSuffix'), '0')))]", "[concat(uniqueString(concat(resourceGroup().id, variables('storageAccountSuffix'), '1')))]", "[concat(uniqueString(concat(resourceGroup().id, variables('storageAccountSuffix'), '2')))]", "[concat(uniqueString(concat(resourceGroup().id, variables('storageAccountSuffix'), '3')))]", "[concat(uniqueString(concat(resourceGroup().id, variables('storageAccountSuffix'), '4')))]" ], "vhdContainerName": "dockervhd", "virtualNetworkName": "[concat(variables('basePrefix'), '-vnet')]", "vmssApiVersion": "2017-03-30", "vmssManagersName": "swarm-manager-vmss", "vmssName": "swarm-worker-vmss", "workerCount": "[parameters('workerCount')]", "workerVMNamePrefix": "swarm-worker", "workerVMSize": "[parameters('workerVMSize')]" } }