Azure: switch default region to west us and replicate images to multiple regions

This commit is contained in:
Malte Poll 2022-08-18 16:44:44 +02:00 committed by Malte Poll
parent 3c6350a332
commit 8d642be204
4 changed files with 6 additions and 5 deletions

View File

@ -49,7 +49,7 @@ runs:
yq eval -i \ yq eval -i \
"(.provider | select(. | has(\"azure\")).azure.subscription) = \"0d202bbb-4fa7-4af8-8125-58c269a05435\" | "(.provider | select(. | has(\"azure\")).azure.subscription) = \"0d202bbb-4fa7-4af8-8125-58c269a05435\" |
(.provider | select(. | has(\"azure\")).azure.tenant) = \"adb650a8-5da3-4b15-b4b0-3daf65ff7626\" | (.provider | select(. | has(\"azure\")).azure.tenant) = \"adb650a8-5da3-4b15-b4b0-3daf65ff7626\" |
(.provider | select(. | has(\"azure\")).azure.location) = \"North Europe\" | (.provider | select(. | has(\"azure\")).azure.location) = \"West US\" |
(.provider | select(. | has(\"azure\")).azure.userAssignedIdentity) = \"/subscriptions/0d202bbb-4fa7-4af8-8125-58c269a05435/resourceGroups/constellation-images/providers/Microsoft.ManagedIdentity/userAssignedIdentities/constellation-dev-identity\" | (.provider | select(. | has(\"azure\")).azure.userAssignedIdentity) = \"/subscriptions/0d202bbb-4fa7-4af8-8125-58c269a05435/resourceGroups/constellation-images/providers/Microsoft.ManagedIdentity/userAssignedIdentities/constellation-dev-identity\" |
(.provider | select(. | has(\"azure\")).azure.enforcedMeasurements) = [11,12]" \ (.provider | select(. | has(\"azure\")).azure.enforcedMeasurements) = [11,12]" \
constellation-conf.yaml constellation-conf.yaml

View File

@ -3,7 +3,7 @@
"contentVersion": "1.0.0.0", "contentVersion": "1.0.0.0",
"parameters": { "parameters": {
"location": { "location": {
"value": "northeurope" "value": "westus"
}, },
"networkInterfaceName": { "networkInterfaceName": {
"value": "jump-host814" "value": "jump-host814"

View File

@ -10,7 +10,7 @@
# * AZURE_IMAGE_VERSION: (required) version number used for uploaded image. <major>.<minor>.<patch> # * AZURE_IMAGE_VERSION: (required) version number used for uploaded image. <major>.<minor>.<patch>
# Optional values. # Optional values.
# * AZURE_IMAGE_FILE: (optional, default: ./abcd) Path to image file to be uploaded. # * AZURE_IMAGE_FILE: (optional, default: ./abcd) Path to image file to be uploaded.
# * AZURE_REGION: (optional, default: northeurope) Region used in Azure. # * AZURE_REGION: (optional, default: westus) Region used in Azure.
# * AZURE_GALLERY_NAME: (optional, default: constellation_import) Name for Azure shared image gallery. Will be created as part of this script. # * AZURE_GALLERY_NAME: (optional, default: constellation_import) Name for Azure shared image gallery. Will be created as part of this script.
# * AZURE_IMAGE_NAME: (optional, default: upload-target) Temporary image used for upload, must not exist. # * AZURE_IMAGE_NAME: (optional, default: upload-target) Temporary image used for upload, must not exist.
@ -37,7 +37,7 @@ then
fi fi
AZURE_IMAGE_FILE="${AZURE_IMAGE_FILE:-$(pwd)/abcd}" AZURE_IMAGE_FILE="${AZURE_IMAGE_FILE:-$(pwd)/abcd}"
AZURE_REGION="${AZURE_REGION:-northeurope}" AZURE_REGION="${AZURE_REGION:-westus}"
AZURE_GALLERY_NAME="${AZURE_GALLERY_NAME:-constellation_import}" AZURE_GALLERY_NAME="${AZURE_GALLERY_NAME:-constellation_import}"
AZURE_PUBLISHER="${AZURE_PUBLISHER:-edgelesssys}" AZURE_PUBLISHER="${AZURE_PUBLISHER:-edgelesssys}"
AZURE_IMAGE_NAME="${AZURE_IMAGE_NAME:-upload-target}" AZURE_IMAGE_NAME="${AZURE_IMAGE_NAME:-upload-target}"

View File

@ -40,6 +40,7 @@ AZURE_IMAGE_FILENAME ?= $(AZURE_IMAGE_NAME)_azure.vhd
AZURE_IMAGE_PATH ?= $(IMAGES_PATH)/$(AZURE_IMAGE_FILENAME) AZURE_IMAGE_PATH ?= $(IMAGES_PATH)/$(AZURE_IMAGE_FILENAME)
AZURE_RESOURCE_GROUP_NAME ?= CONSTELLATION-IMAGES AZURE_RESOURCE_GROUP_NAME ?= CONSTELLATION-IMAGES
AZURE_REGION ?= northeurope AZURE_REGION ?= northeurope
AZURE_REPLICATION_REGIONS ?= northeurope eastus westeurope westus
AZURE_GALLERY_NAME ?= Constellation AZURE_GALLERY_NAME ?= Constellation
AZURE_IMAGE_DEFINITION ?= $(AZURE_IMAGE_NAME) AZURE_IMAGE_DEFINITION ?= $(AZURE_IMAGE_NAME)
AZURE_IMAGE_OFFER ?= $(AZURE_IMAGE_DEFINITION) AZURE_IMAGE_OFFER ?= $(AZURE_IMAGE_DEFINITION)
@ -151,7 +152,7 @@ upload-azure: $(AZURE_IMAGE_PATH)
-az sig create -l $(AZURE_REGION) --gallery-name $(AZURE_GALLERY_NAME) --resource-group $(AZURE_RESOURCE_GROUP_NAME) -az sig create -l $(AZURE_REGION) --gallery-name $(AZURE_GALLERY_NAME) --resource-group $(AZURE_RESOURCE_GROUP_NAME)
@echo "Create image definition (if it does not exist yet)" @echo "Create image definition (if it does not exist yet)"
-az sig image-definition create --resource-group $(AZURE_RESOURCE_GROUP_NAME) -l $(AZURE_REGION) --gallery-name $(AZURE_GALLERY_NAME) --gallery-image-definition $(AZURE_IMAGE_DEFINITION) --publisher $(AZURE_PUBLISHER) --offer $(AZURE_IMAGE_OFFER) --sku $(AZURE_SKU) --os-type Linux --os-state generalized --hyper-v-generation V2 --features SecurityType=ConfidentialVmSupported -az sig image-definition create --resource-group $(AZURE_RESOURCE_GROUP_NAME) -l $(AZURE_REGION) --gallery-name $(AZURE_GALLERY_NAME) --gallery-image-definition $(AZURE_IMAGE_DEFINITION) --publisher $(AZURE_PUBLISHER) --offer $(AZURE_IMAGE_OFFER) --sku $(AZURE_SKU) --os-type Linux --os-state generalized --hyper-v-generation V2 --features SecurityType=ConfidentialVmSupported
az sig image-version create --resource-group $(AZURE_RESOURCE_GROUP_NAME) -l $(AZURE_REGION) --gallery-name $(AZURE_GALLERY_NAME) --gallery-image-definition $(AZURE_IMAGE_DEFINITION) --gallery-image-version $(AZURE_IMAGE_VERSION) --target-regions $(AZURE_REGION) --replica-count 1 --tags bootstrapper-sha512=$$(sha512sum $(BOOTSTRAPPER_OVERRIDE_PATH) | cut -d " " -f 1) --managed-image "$$(az image list --query "[?name == '$(AZURE_IMAGE_NAME)' && resourceGroup == '$(AZURE_RESOURCE_GROUP_NAME)'] | [0].id" --output json | jq -r)" az sig image-version create --resource-group $(AZURE_RESOURCE_GROUP_NAME) -l $(AZURE_REGION) --gallery-name $(AZURE_GALLERY_NAME) --gallery-image-definition $(AZURE_IMAGE_DEFINITION) --gallery-image-version $(AZURE_IMAGE_VERSION) --target-regions $(AZURE_REPLICATION_REGIONS) --replica-count 1 --tags bootstrapper-sha512=$$(sha512sum $(BOOTSTRAPPER_OVERRIDE_PATH) | cut -d " " -f 1) --managed-image "$$(az image list --query "[?name == '$(AZURE_IMAGE_NAME)' && resourceGroup == '$(AZURE_RESOURCE_GROUP_NAME)'] | [0].id" --output json | jq -r)"
@echo "Cleaning up resources" @echo "Cleaning up resources"
az image delete --resource-group $(AZURE_RESOURCE_GROUP_NAME) -n $(AZURE_IMAGE_NAME) az image delete --resource-group $(AZURE_RESOURCE_GROUP_NAME) -n $(AZURE_IMAGE_NAME)
az disk delete --resource-group $(AZURE_RESOURCE_GROUP_NAME) -n $(AZURE_IMAGE_NAME) --yes az disk delete --resource-group $(AZURE_RESOURCE_GROUP_NAME) -n $(AZURE_IMAGE_NAME) --yes