Merge pull request #93 from NeowayLabs/improveAzureExamples

WIP - Improve azure examples

.gitignore

@@ -1 +1,2 @@
 tests/azure/testdata/logs/
+.config

examples/azure/vnet-priv-pub-subnets/README.md

@@ -0,0 +1,27 @@
+Vnet with Private an Public Subnets
+==
+
+This scenario creates a Vnet with two subnets, one public and other private.
+The Public Subnet has a route table with default route to "Internet" and Private subnet a route table with default route to Nat Virtual Appliance.
+
+Virtual Appliance into Public Subnet have access granted from/to "Internet".
+
+Virtual Appliance into Private Subnet have access to "Internet" through Nat
+Appliance, and don't have access with origen from the "Internet", If you need connect using ssh per example, we need make a tunnel using Bastion Virtual Applience.
+
+For expose your service running in Private Subnet you need a ALB (Azure Load Balance) or a reverse proxy (like Haproxy) into Public Subnet.
+
+Access betwen Public Subnet and Private Subnet is granted by default.
+
+In this scenario you will create a VNet named vnet-pub-priv with a reserved CIDR
+block of 10.50.0.0./16.
+
+Your VNet will contain the following subnets:
+
+Public, using 10.50.1.0/24 as its CIDR block.
+Private, using 10.50.2.0/24 as its CIDR block.
+
+And three Virtual Appliances:
+Nat in Public Subnet, using 10.50.1.100 as its address.
+Bastion in Public Subnet, using 10.50.1.200 as its address.
+App in Private Subnet, using address given by dhcp server.

examples/azure/vnet-priv-pub-subnets/build_vms.sh

@@ -0,0 +1,66 @@
+#!/usr/bin/env nash
+
+import klb/azure/login
+import klb/azure/nic
+import klb/azure/subnet
+import klb/azure/vm
+import klb/azure/public-ip
+import klb/azure/availset
+import klb/azure/storage
+import klb/azure/disk
+
+# londing configs from config.sh
+import config.sh
+
+azure_login()
+
+# create vm
+fn build_vms_create(name, subnet, address) {
+	# create ssh key
+	accesskey = ".config/ssh/id_rsa-"+$name
+
+	-test -e $accesskey
+
+	if $status != "0" {
+		mkdir -p .config/ssh
+		ssh-keygen -f $accesskey -P ""
+	}
+
+	# create storage account
+	storage_account <= azure_storage_account_create($name, $group, $location, $vm_storage_type, "Storage")
+
+	# create nic
+	nic <= azure_nic_new($name, $group, $location)
+	nic <= azure_nic_set_vnet($nic, $vnet)
+	nic <= azure_nic_set_subnet($nic, $subnet)
+	nic <= azure_nic_set_privateip($nic, $address)
+
+	if $subnet == "public" {
+		azure_public_ip_create($name, $group, $location, "Static")
+
+		nic <= azure_nic_set_publicip($nic, $name)
+		nic <= azure_nic_set_ipfw($nic, "true")
+	}
+
+	azure_nic_create($nic)
+
+	# create vm
+
+	vm <= azure_vm_new($name, $group, $location, "Linux")
+	vm <= azure_vm_set_vmsize($vm, $vm_size)
+	vm <= azure_vm_set_username($vm, $vm_username)
+	vm <= azure_vm_set_vnet($vm, $vnet)
+	vm <= azure_vm_set_subnet($vm, $subnet)
+	vm <= azure_vm_set_nic($vm, $name)
+	vm <= azure_vm_set_storageaccount($vm, $storage_account)
+	vm <= azure_vm_set_osdiskvhd($vm, $name+".vhd")
+	vm <= azure_vm_set_imageurn($vm, $vm_image_urn)
+	vm <= azure_vm_set_publickeyfile($vm, $accesskey+".pub")
+	vm <= azure_vm_set_disablebootdiagnostics($vm)
+
+	azure_vm_create($vm)
+}
+
+build_vms_create($nat_name, $nat_subnet, $nat_address)
+build_vms_create($bastion_name, $bastion_subnet, $bastion_address)
+build_vms_create($app_name, $app_subnet, $app_address)

examples/azure/vnet-priv-pub-subnets/build_vnet.sh

@@ -0,0 +1,44 @@
+#!/usr/bin/env nash
+
+import klb/azure/login
+import klb/azure/group
+import klb/azure/vnet
+import klb/azure/subnet
+import klb/azure/route
+import klb/azure/nsg
+
+# londing configs from config.sh
+import config.sh
+
+azure_login()
+
+# create resource group
+azure_group_create($group, $location)
+
+# create vnet
+azure_vnet_create($vnet, $group, $location, $vnet_cidr, $vnet_dns_servers)
+
+fn create_subnet(name, cidr, nexthop) {
+	azure_nsg_create($name, $group, $location)
+	azure_subnet_create($name, $group, $vnet, $cidr, $name)
+	azure_route_table_create($name, $group, $location)
+
+	if $nexthop == "Internet" {
+		hoptype = "Internet"
+
+		route <= azure_route_table_route_new("default", $group, $name, "0.0.0.0/0", $hoptype)
+	} else {
+		hoptype = "VirtualAppliance"
+
+		route <= azure_route_table_route_new("default", $group, $name, "0.0.0.0/0", $hoptype)
+		route <= azure_route_table_route_set_hop_address($route, $nexthop)
+	}
+
+	azure_route_table_route_create($route)
+}
+
+# create public subnet
+create_subnet($subnet_pub_name, $subnet_pub_cidr, "Internet")
+
+# create private subnet
+create_subnet($subnet_priv_name, $subnet_priv_cidr, $nat_address)

examples/azure/vnet-priv-pub-subnets/config.sh

@@ -0,0 +1,34 @@
+#!/usr/bin/env nash
+
+## Resource Group Settings
+group    = "vnet-pub-priv"
+location = "eastus"
+
+## Vnet Settings
+vnet             = "vnet"
+vnet_cidr        = "10.50.0.0/16"
+vnet_dns_servers = ("8.8.8.8" "8.8.4.4")
+
+subnet_pub_name  = "public"
+subnet_pub_cidr  = "10.50.1.0/24"
+subnet_priv_name = "private"
+subnet_priv_cidr = "10.50.2.0/24"
+
+## VMs Settings
+
+vm_size         = "Basic_A2"
+vm_username     = "core"
+vm_image_urn    = "CoreOS:CoreOS:Stable:1298.6.0"
+vm_storage_type = "LRS"
+
+nat_name        = "nat"
+nat_subnet      = "public"
+nat_address     = "10.50.1.100"
+
+bastion_name    = "bastion"
+bastion_subnet  = "public"
+bastion_address = "10.50.1.200"
+
+app_name        = "app"
+app_subnet      = "private"
+app_address     = "10.50.2.10"

examples/azure/vnet-priv-pub-subnets/destroy_all.sh

@@ -0,0 +1,10 @@
+#!/usr/bin/env nash
+
+import klb/azure/login
+import klb/azure/group
+
+# londing configs from config.sh
+import config.sh
+
+azure_login()
+azure_group_delete($group)