Azure · sivakami-projects · Feb 15, 2025 · Feb 19, 2025 · Feb 19, 2025 · Feb 19, 2025
@@ -0,0 +1,42 @@
+trigger: none
+
+parameters:
+  - name: subscriptionId
+    displayName: "Azure Subscription ID"
+    type: string
+    default: "37deca37-c375-4a14-b90a-043849bd2bf1"
+
+  - name: location
+    displayName: "Deployment Region"
+    type: string
+    default: "centraluseuap"
+
+  - name: resourceGroupName
+    displayName: "Resource Group Name"
+    type: string
+    default: "long-run-$(Build.BuildId)"
+
+  - name: vmSkuDefault
+    displayName: "VM SKU for Default Node Pool"
+    type: string
+    default: "Standard_D2s_v3"
+
+  - name: vmSkuHighNIC
+    displayName: "VM SKU for High NIC Node Pool"
+    type: string
+    default: "Standard_D16s_v3"
+
+  - name: serviceConnection
+    displayName: "Azure Service Connection"
+    type: string
+    default: "Azure Container Networking - Standalone Test Service Connection"
+
+extends:
+  template: template/long-running-pipeline-template.yaml
+  parameters:
+    subscriptionId: ${{ parameters.subscriptionId }}
+    location: ${{ parameters.location }}
+    resourceGroupName: ${{ parameters.resourceGroupName }}
+    vmSkuDefault: ${{ parameters.vmSkuDefault }}
+    vmSkuHighNIC: ${{ parameters.vmSkuHighNIC }}
+    serviceConnection: ${{ parameters.serviceConnection }}
@@ -0,0 +1,49 @@
+#!/usr/bin/env bash
+set -e
+
+SUBSCRIPTION_ID=$1
+LOCATION=$2
+RG=$3
+VM_SKU_DEFAULT=$4
+VM_SKU_HIGHNIC=$5
+
+echo "Subscription id: $SUBSCRIPTION_ID"
+echo "Resource group: $RG"
+echo "Location: $LOCATION"
+echo "VM SKU (default): $VM_SKU_DEFAULT"
+echo "VM SKU (high-NIC): $VM_SKU_HIGHNIC"
+az account set --subscription "$SUBSCRIPTION_ID"
+
+echo "==> Creating resource group: $RG"
+az group create -n "$RG" -l "$LOCATION" --output none
+
+# Enable parallel cluster creation
+create_cluster() {
+  local CLUSTER=$1
+  echo "==> Creating AKS cluster: $CLUSTER"
+
+  az aks create -g "$RG" -n "$CLUSTER" -l "$LOCATION" \
+    --network-plugin azure --node-count 1 \
+    --node-vm-size "$VM_SKU_DEFAULT" \
+    --enable-managed-identity --generate-ssh-keys \
+    --load-balancer-sku standard --yes --only-show-errors
+
+  echo "==> Adding high-NIC nodepool to $CLUSTER"
+  az aks nodepool add -g "$RG" -n highnic \
+    --cluster-name "$CLUSTER" --node-count 2 \
+    --node-vm-size "$VM_SKU_HIGHNIC" --mode User --only-show-errors
+
+  echo "Finished AKS cluster: $CLUSTER"
+}
+
+# Run both clusters in parallel
+create_cluster "aks-cluster-a" &
+pid_a=$!
+
+create_cluster "aks-cluster-b" &
+pid_b=$!
+
+# Wait for both to finish
+wait $pid_a $pid_b
+
+echo "AKS clusters created successfully!"
@@ -0,0 +1,60 @@
+#!/usr/bin/env bash
+set -e
+
+SUBSCRIPTION_ID=$1
+RG=$2
+LOCATION=${3:-centraluseuap}
+
+VNET_A1="cx_vnet_a1"
+S1_PREFIX="10.10.1.0/24"
+S2_PREFIX="10.10.2.0/24"
+NSG_NAME="${VNET_A1}-nsg"
+
+echo "==> Creating Network Security Group: $NSG_NAME"
+az network nsg create -g "$RG" -n "$NSG_NAME" -l "$LOCATION" --output none
+
+echo "==> Adding NSG rules"
+
+# Allow SSH from any
+az network nsg rule create \
+  -g "$RG" \
+  --nsg-name "$NSG_NAME" \
+  -n allow-ssh \
+  --priority 100 \
+  --source-address-prefixes "*" \
+  --destination-port-ranges 22 \
+  --direction Inbound \
+  --access Allow \
+  --protocol Tcp \
+  --description "Allow SSH access" \
+  --output none
+
+# Allow internal VNet traffic
+az network nsg rule create \
+  -g "$RG" \
+  --nsg-name "$NSG_NAME" \
+  -n allow-vnet \
+  --priority 200 \
+  --source-address-prefixes VirtualNetwork \
+  --destination-address-prefixes VirtualNetwork \
+  --direction Inbound \
+  --access Allow \
+  --protocol "*" \
+  --description "Allow VNet internal traffic" \
+  --output none
+
+# Allow AKS API traffic
+az network nsg rule create \
+  -g "$RG" \
+  --nsg-name "$NSG_NAME" \
+  -n allow-aks-controlplane \
+  --priority 300 \
+  --source-address-prefixes AzureCloud \
+  --destination-port-ranges 443 \
+  --direction Inbound \
+  --access Allow \
+  --protocol Tcp \
+  --description "Allow AKS control plane traffic" \
+  --output none
+
+echo "NSG '$NSG_NAME' created successfully with rules."
@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+set -e
+
+SUBSCRIPTION_ID=$1
+RG=$2
+
+VNET_A1="cx_vnet_a1"
+VNET_A2="cx_vnet_a2"
+VNET_A3="cx_vnet_a3"
+VNET_B1="cx_vnet_b1"
+
+peer_two_vnets() {
+  local rg="$1"; local v1="$2"; local v2="$3"; local name12="$4"; local name21="$5"
+  az network vnet peering create -g "$rg" -n "$name12" --vnet-name "$v1" --remote-vnet "$v2" --allow-vnet-access --output none
+  az network vnet peering create -g "$rg" -n "$name21" --vnet-name "$v2" --remote-vnet "$v1" --allow-vnet-access --output none
+}
+
+peer_two_vnets "$RG" "$VNET_A1" "$VNET_A2" "A1-to-A2" "A2-to-A1"
+peer_two_vnets "$RG" "$VNET_A2" "$VNET_A3" "A2-to-A3" "A3-to-A2"
+peer_two_vnets "$RG" "$VNET_A1" "$VNET_A3" "A1-to-A3" "A3-to-A1"
+echo "VNet peerings created successfully."
@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+set -e
+
+SUBSCRIPTION_ID=$1
+LOCATION=$2
+RG=$3
+
+RAND=$(openssl rand -hex 4)
+SA1="sa1${RAND}"
+SA2="sa2${RAND}"
+API_VER="2025-06-01"
+
+# Create storage accounts
+for SA in "$SA1" "$SA2"; do
+  echo "==> Creating storage account $SA"
+  az rest --method put \
+    --url "https://management.azure.com/subscriptions/$SUBSCRIPTION_ID/resourceGroups/$RG/providers/Microsoft.Storage/storageAccounts/$SA?api-version=$API_VER" \
+    --body "{
+      \"location\": \"$LOCATION\",
+      \"sku\": { \"name\": \"Standard_LRS\" },
+      \"kind\": \"StorageV2\",
+      \"properties\": {
+        \"minimumTlsVersion\": \"TLS1_2\",
+        \"allowBlobPublicAccess\": false,
+        \"allowSharedKeyAccess\": false
+      }
+    }"
+done
@@ -0,0 +1,39 @@
+#!/usr/bin/env bash
+set -e
+
+SUBSCRIPTION_ID=$1
+LOCATION=$2
+RG=$3
+
+az account set --subscription "$SUBSCRIPTION_ID"
+
+# VNets and subnets
+VNET_A1="cx_vnet_a1"
+VNET_A2="cx_vnet_a2"
+VNET_A3="cx_vnet_a3"
+VNET_B1="cx_vnet_b1"
+
+A1_S1="10.10.1.0/24"
+A1_S2="10.10.2.0/24"
+A1_PE="10.10.100.0/24"
+A2_MAIN="10.11.1.0/24"
+A2_PE="10.11.100.0/24"
+A3_MAIN="10.12.1.0/24"
+A3_PE="10.12.100.0/24"
+B1_MAIN="10.20.1.0/24"
+
+# A1
+az network vnet create -g "$RG" -n "$VNET_A1" --address-prefix 10.10.0.0/16 --subnet-name s1 --subnet-prefix "$A1_S1" -l "$LOCATION" --output none
+az network vnet subnet create -g "$RG" --vnet-name "$VNET_A1" -n s2 --address-prefix "$A1_S2" --output none
+az network vnet subnet create -g "$RG" --vnet-name "$VNET_A1" -n pe --address-prefix "$A1_PE" --output none
+
+# A2
+az network vnet create -g "$RG" -n "$VNET_A2" --address-prefix 10.11.0.0/16 --subnet-name s-A2 --subnet-prefix "$A2_MAIN" -l "$LOCATION" --output none
+az network vnet subnet create -g "$RG" --vnet-name "$VNET_A2" -n pe --address-prefix "$A2_PE" --output none
+
+# A3
+az network vnet create -g "$RG" -n "$VNET_A3" --address-prefix 10.12.0.0/16 --subnet-name s-A3 --subnet-prefix "$A3_MAIN" -l "$LOCATION" --output none
+az network vnet subnet create -g "$RG" --vnet-name "$VNET_A3" -n pe --address-prefix "$A3_PE" --output none
+
+# B1
+az network vnet create -g "$RG" -n "$VNET_B1" --address-prefix 10.20.0.0/16 --subnet-name s-B1 --subnet-prefix "$B1_MAIN" -l "$LOCATION" --output none
@@ -0,0 +1,126 @@
+parameters:
+  - name: subscriptionId
+    type: string
+  - name: location
+    type: string
+  - name: resourceGroupName
+    type: string
+  - name: vmSkuDefault
+    type: string
+  - name: vmSkuHighNIC
+    type: string
+  - name: serviceConnection
+    type: string
+
+stages:
+  - stage: AKSClusterAndNetworking
+    displayName: "Stage: AKS Cluster and Networking Setup"
+    jobs:
+      # ------------------------------------------------------------
+      # Job 1: Create AKS Cluster
+      # ------------------------------------------------------------
+      - job: Create_AKS
+        displayName: "Create AKS Clusters"
+        pool:
+          vmImage: ubuntu-latest
+        steps:
+          - checkout: self
+          - task: AzureCLI@2
+            displayName: "Run create_aks.sh"
+            inputs:
+              azureSubscription: ${{ parameters.serviceConnection }}
+              scriptType: bash
+              scriptLocation: scriptPath
+              scriptPath: ".pipelines/swiftv2-long-running/scripts/create_aks.sh"
+              arguments: >
+                ${{ parameters.subscriptionId }}
+                ${{ parameters.location }}
+                ${{ parameters.resourceGroupName }}
+                ${{ parameters.vmSkuDefault }}
+                ${{ parameters.vmSkuHighNIC }}
+
+      # ------------------------------------------------------------
+      # Job 2: Create VNets
+      # ------------------------------------------------------------
+      - job: Create_VNets
+        displayName: "Create VNets"
+        dependsOn: Create_AKS
+        pool:
+          vmImage: ubuntu-latest
+        steps:
+          - checkout: self
+          - task: AzureCLI@2
+            displayName: "Run create_vnets.sh"
+            inputs:
+              azureSubscription: ${{ parameters.serviceConnection }}
+              scriptType: bash
+              scriptLocation: scriptPath
+              scriptPath: ".pipelines/swiftv2-long-running/scripts/create_vnets.sh"
+              arguments: >
+                ${{ parameters.subscriptionId }}
+                ${{ parameters.location }}
+                ${{ parameters.resourceGroupName }}
+
+      # ------------------------------------------------------------
+      # Job 3: Create Peerings
+      # ------------------------------------------------------------
+      - job: Create_Peerings
+        displayName: "Create Peerings"
+        dependsOn: Create_VNets
+        pool:
+          vmImage: ubuntu-latest
+        steps:
+          - checkout: self
+          - task: AzureCLI@2
+            displayName: "Run create_peerings.sh"
+            inputs:
+              azureSubscription: ${{ parameters.serviceConnection }}
+              scriptType: bash
+              scriptLocation: scriptPath
+              scriptPath: ".pipelines/swiftv2-long-running/scripts/create_peerings.sh"
+              arguments: >
+                ${{ parameters.subscriptionId }}
+                ${{ parameters.resourceGroupName }}
+
+      # ------------------------------------------------------------
+      # Job 4: Create Storage
+      # ------------------------------------------------------------
+      - job: Create_Storage
+        displayName: "Create Storage"
+        dependsOn: Create_AKS
+        pool:
+          vmImage: ubuntu-latest
+        steps:
+          - checkout: self
+          - task: AzureCLI@2
+            displayName: "Run create_storage.sh"
+            inputs:
+              azureSubscription: ${{ parameters.serviceConnection }}
+              scriptType: bash
+              scriptLocation: scriptPath
+              scriptPath: ".pipelines/swiftv2-long-running/scripts/create_storage.sh"
+              arguments: >
+                ${{ parameters.subscriptionId }}
+                ${{ parameters.location }}
+                ${{ parameters.resourceGroupName }}
+
+      # ------------------------------------------------------------
+      # Job 5: Create NSG
+      # ------------------------------------------------------------
+      - job: Create_NSG
+        displayName: "Create Network Security Groups"
+        dependsOn: Create_VNets
+        pool:
+          vmImage: ubuntu-latest
+        steps:
+          - checkout: self
+          - task: AzureCLI@2
+            displayName: "Run create_nsg.sh"
+            inputs:
+              azureSubscription: ${{ parameters.serviceConnection }}
+              scriptType: bash
+              scriptLocation: scriptPath
+              scriptPath: ".pipelines/swiftv2-long-running/scripts/create_nsg.sh"
+              arguments: >
+                ${{ parameters.subscriptionId }}
+                ${{ parameters.resourceGroupName }}