diff --git a/quickstarts/microsoft.azurestackhci/create-cluster-rac-enabled-disconnected/README.md b/quickstarts/microsoft.azurestackhci/create-cluster-rac-enabled-disconnected/README.md new file mode 100644 index 000000000000..0451b7ee5a50 --- /dev/null +++ b/quickstarts/microsoft.azurestackhci/create-cluster-rac-enabled-disconnected/README.md @@ -0,0 +1,29 @@ +--- +description: This template creates an Azure Stack HCI 24H2 rack aware cluster for ALDO (Azure Local Disconnected Operation) using an ARM template. +page_type: sample +products: +- azure +- azure-resource-manager +urlFragment: create-cluster-rac-enabled +languages: +- json +--- +# creates an Azure Stack HCI 24H2 cluster + +This template allows you to create an Azure Stack HCI rack aware cluster for ALDO using version 24H2. First you deploy the template in validate mode which does confirm the parameters at the device. Once passed you re-deploy the template with mode set to deploy. + +[![Deploy To Azure](https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/1-CONTRIBUTION-GUIDE/images/deploytoazure.svg?sanitize=true)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2Fazure-quickstart-templates%2Fmaster%2Fquickstarts%2Fmicrosoft.azurestackhci%2Fcreate-cluster%2Fazuredeploy.json) +[![Visualize](https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/1-CONTRIBUTION-GUIDE/images/visualizebutton.svg?sanitize=true)](http://armviz.io/#/?load=https%3A%2F%2Fraw.githubusercontent.com%2FAzure%2Fazure-quickstart-templates%2Fmaster%2Fquickstarts%2Fmicrosoft.azurestackhci%2Fcreate-cluster%2Fazuredeploy.json) + +## Prerequisites + +In order to deploy this template, you must have Arc enabled the server(s) and installed the mandatory extensions. The following pre-requisites must be completed: +- Register these resource providers + - Microsoft.HybridCompute + - Microsoft.GuestConfiguration + - Microsoft.HybridConnectivity + - Microsoft.AzureStackHCI +- Make a note of the HCI Resource Provider SPNs Object ID in the tenant. + + +`Tags: Microsoft.AzureStackHCI/clusters, hci` \ No newline at end of file diff --git a/quickstarts/microsoft.azurestackhci/create-cluster-rac-enabled-disconnected/azuredeploy.json b/quickstarts/microsoft.azurestackhci/create-cluster-rac-enabled-disconnected/azuredeploy.json new file mode 100644 index 000000000000..bd1df244f909 --- /dev/null +++ b/quickstarts/microsoft.azurestackhci/create-cluster-rac-enabled-disconnected/azuredeploy.json @@ -0,0 +1,800 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "languageVersion": "2.0", + "contentVersion": "1.0.0.0", + "parameters": { + "deploymentMode": { + "defaultValue": "Validate", + "type": "string", + "allowedValues": [ + "Validate", + "Deploy" + ], + "metadata": { + "description": "First must pass Validate prior running Deploy" + } + }, + "keyVaultName": { + "type": "string", + "metadata": { + "description": "The KeyVault name used to store the secrets." + } + }, + "createNewKeyVault": { + "type": "bool", + "defaultValue": true, + "metadata": { + "description": "Set this value as false, if you are re-using a Keyvault" + } + }, + "softDeleteRetentionDays": { + "type": "int", + "defaultValue": 30 + }, + "clusterName": { + "type": "string", + "minLength": 3, + "maxLength": 24, + "metadata": { + "description": "This name must be unique from physical node names" + } + }, + "location": { + "type": "string", + "defaultValue": "[resourceGroup().location]" + }, + "tenantId": { + "type": "string", + "defaultValue": "[subscription().tenantId]" + }, + "witnessType": { + "defaultValue": "No Witness", + "type": "string", + "allowedValues": [ + "Cloud", + "No Witness", + "FileShare" + ], + "metadata": { + "description": "Witness Type must be 'FileShare' for a 2 node cluster. It can be empty of other cluster sizes" + } + }, + "witnessPath": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "Witness Share path if witness Type is FileShare" + } + }, + "localAdminUserName": { + "type": "string", + "minLength": 1, + "metadata": { + "description": "local administrator username" + } + }, + "localAdminPassword": { + "type": "securestring", + "minLength": 1, + "metadata": { + "description": "local administrator password" + } + }, + "AzureStackLCMAdminUsername": { + "type": "string", + "minLength": 1, + "metadata": { + "description": "Deployment user username" + } + }, + "AzureStackLCMAdminPassword": { + "type": "securestring", + "minLength": 1, + "metadata": { + "description": "Deployment user password" + } + }, + "hciResourceProviderObjectID": { + "type": "string", + "minLength": 1, + "metadata": { + "description": "Object ID of HCI Resource Provider" + } + }, + "arcNodeResourceIds": { + "defaultValue": [], + "type": "array", + "metadata": { + "description": "The arc for server node Ids of the hci cluster" + } + }, + "domainFqdn": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "The domain name of the Active Directory Domain Services" + } + }, + "keyVaultSuffix": { + "defaultValue": ".vault.azure.net", + "type": "string", + "metadata": { + "description": "The key vault suffix" + } + }, + "namingPrefix": { + "defaultValue": "hci", + "type": "string", + "metadata": { + "description": "The object name prefix (for future use, post 2402)" + } + }, + "adouPath": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "The ADDS OU path" + } + }, + "securityLevel": { + "defaultValue": "Recommended", + "type": "string", + "allowedValues": [ + "Recommended", + "Customized" + ], + "metadata": { + "description": "The security level data for deploying a hci cluster" + } + }, + "driftControlEnforced": { + "defaultValue": true, + "type": "bool", + "allowedValues": [ + true, + false + ], + "metadata": { + "description": "The security setting driftControlEnforced data for deploying a hci cluster" + } + }, + "credentialGuardEnforced": { + "defaultValue": true, + "type": "bool", + "allowedValues": [ + true, + false + ], + "metadata": { + "description": "The security setting credentialGuardEnforced data for deploying a hci cluster" + } + }, + "smbSigningEnforced": { + "defaultValue": true, + "type": "bool", + "allowedValues": [ + true, + false + ], + "metadata": { + "description": "The security setting smbSigningEnforced data for deploying a hci cluster" + } + }, + "smbClusterEncryption": { + "defaultValue": false, + "type": "bool", + "allowedValues": [ + true, + false + ], + "metadata": { + "description": "The security setting smbClusterEncryption data for deploying a hci cluster" + } + }, + "bitlockerBootVolume": { + "defaultValue": true, + "type": "bool", + "allowedValues": [ + true, + false + ], + "metadata": { + "description": "The security setting bitlockerBootVolume data for deploying a hci cluster" + } + }, + "bitlockerDataVolumes": { + "defaultValue": true, + "type": "bool", + "allowedValues": [ + true, + false + ], + "metadata": { + "description": "The security setting bitlockerDataVolumes data for deploying a hci cluster" + } + }, + "wdacEnforced": { + "defaultValue": true, + "type": "bool", + "allowedValues": [ + true, + false + ], + "metadata": { + "description": "The security setting wdacEnforced data for deploying a hci cluster" + } + }, + "streamingDataClient": { + "defaultValue": true, + "type": "bool", + "allowedValues": [ + true, + false + ], + "metadata": { + "description": "The metrics data for deploying a hci cluster" + } + }, + "euLocation": { + "defaultValue": false, + "type": "bool", + "allowedValues": [ + true, + false + ], + "metadata": { + "description": "The location data for deploying a hci cluster" + } + }, + "episodicDataUpload": { + "defaultValue": true, + "type": "bool", + "allowedValues": [ + true, + false + ], + "metadata": { + "description": "The diagnostic data for deploying a hci cluster" + } + }, + "configurationMode": { + "defaultValue": "Express", + "type": "string", + "allowedValues": [ + "Express", + "InfraOnly", + "KeepStorage" + ], + "metadata": { + "description": "The storage volume configuration mode" + } + }, + "subnetMask": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "The subnet mask for deploying a hci cluster" + } + }, + "defaultGateway": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "The default gateway for deploying a hci cluster" + } + }, + "startingIPAddress": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "The starting ip address for deploying a hci cluster" + } + }, + "endingIPAddress": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "The ending ip address for deploying a hci cluster" + } + }, + "dnsServers": { + "defaultValue": [ + "" + ], + "type": "array", + "metadata": { + "description": "The dns servers for deploying a hci cluster" + } + }, + "useDhcp": { + "type": "bool", + "allowedValues": [ + true, + false + ], + "defaultValue": false, + "metadata": { + "description": "Allows customers to use DHCP for Hosts and Cluster IPs. If not declared, the deployment will default to static IPs. When true, GW and DNS servers are not required" + } + }, + "physicalNodesSettings": { + "defaultValue": [ + { + "name": "node1", + "ipv4Address": "100.69.32.64" + }, + { + "name": "node2", + "ipv4Address": "100.69.32.65" + } + ], + "type": "array", + "metadata": { + "description": "The physical nodes settings for deploying a hci cluster" + } + }, + "networkingType": { + "defaultValue": "switchedMultiServerDeployment", + "type": "string", + "allowedValues": [ + "switchedMultiServerDeployment", + "switchlessMultiServerDeployment", + "singleServerDeployment" + ], + "metadata": { + "description": "The networking type for deploying a hci cluster" + } + }, + "networkingPattern": { + "defaultValue": "hyperConverged", + "type": "string", + "allowedValues": [ + "hyperConverged", + "convergedManagementCompute", + "convergedComputeStorage", + "custom" + ], + "metadata": { + "description": "The networking pattern for deploying a hci cluster" + } + }, + "intentList": { + "defaultValue": [], + "type": "array", + "metadata": { + "description": "The intent list for deploying a hci cluster" + } + }, + "storageNetworkList": { + "defaultValue": [], + "type": "array", + "metadata": { + "description": "The storage network list for deploying a hci cluster" + } + }, + "storageConnectivitySwitchless": { + "defaultValue": false, + "type": "bool", + "metadata": { + "description": "The storage connectivity switchless value for deploying a hci cluster" + } + }, + "enableStorageAutoIp": { + "defaultvalue": true, + "type": "bool", + "metadata": { + "description": "The enable storage auto ip value for deploying a hci cluster" + } + }, + "clusterPattern": { + "defaultValue": "RackAware", + "type": "string", + "metadata": { + "description": "Supported Storage Type for HCI Cluster: Standard and RackAware" + } + }, + "localAvailabilityZones": { + "type": "array", + "metadata": { + "description": "Local Availability Zone information for HCI cluster" + } + }, + "customLocation": { + "defaultValue": "", + "type": "string", + "metadata": { + "description": "The custom location for deploying a hci cluster" + } + }, + "edgeDevicesBatchSize": { + "type": "int", + "defaultValue": 8, + "minValue": 1, + "metadata": { + "description": "Batch size for serial deployment of edgeDevices resources." + } + } + }, + "variables": { + "LocalAdminCredentialECEName": "LocalAdminCredential", + "domainAdminCredentialECEName": "AzureStackLCMUserCredential", + "LocalAdminCredentialSecretName": "[concat( parameters('clusterName'), '-', 'LocalAdminCredential')]", + "domainAdminSecretName": "[concat( parameters('clusterName'), '-', 'AzureStackLCMUserCredential')]", + "secretsLocationVar": "[concat('https://',parameters('keyVaultName'), parameters('keyVaultSuffix'))]", + "witnessTypeVar": "[if(equals(parameters('witnessType'), 'No Witness'), '', if(equals(parameters('witnessType'), 'FileShare'), 'FileShare', 'Cloud'))]", + "AzureServiceEndpointVar": "", + "localAdminSecretValue": "[base64(concat(parameters('localAdminUserName'),':',parameters('localAdminPassword')))]", + "domainAdminSecretValueVar": "[base64(concat(parameters('AzureStackLCMAdminUsername'),':',parameters('AzureStackLCMAdminPassword')))]", + "copy": [ + { + "name": "isNodeNameValid", + "count": "[length(parameters('physicalNodesSettings'))]", + "input": "[if(equals(parameters('clusterName'), parameters('physicalNodesSettings')[copyIndex('isNodeNameValid')].name), 'false', 'true')]" + } + ], + "deploymentSecretsList":[ + { + "secretName": "[variables('LocalAdminCredentialSecretName')]", + "eceSecretName" : "[variables('LocalAdminCredentialECEName')]", + "secretLocation": "[concat('https://', parameters('keyVaultName'), parameters('keyVaultSuffix'), '/secrets/', variables('LocalAdminCredentialSecretName'))]" + }, + { + "secretName": "[variables('domainAdminSecretName')]", + "eceSecretName" : "[variables('domainAdminCredentialECEName')]", + "secretLocation": "[concat('https://', parameters('keyVaultName'), parameters('keyVaultSuffix'), '/secrets/', variables('domainAdminSecretName'))]" + } + + ] + }, + "resources":{ + "hcirproleassignment": { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2021-04-01", + "name": "AzureConnectedMachineResourceManager-RoleAssignment", + "subscriptionId": "[subscription().subscriptionId]", + "resourceGroup": "[resourceGroup().name]", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "hciResourceProviderObjectID1": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(concat('HCIRP-',resourceGroup().id, parameters('hciResourceProviderObjectID1')))]", + "properties": { + "mode": "Incremental", + "roleDefinitionId": "[concat(subscription().id, '/providers/Microsoft.Authorization/roleDefinitions/', 'f5819b54-e033-4d82-ac66-4fec3cbf3f4c')]", + "principalId": "[parameters('hciResourceProviderObjectID1')]", + "scope": "[resourceGroup().id]", + "description": "Azure Connected Machine Resource Manager role assignment to HCI Resource Provider" + } + } + ] + }, + "parameters": { + "hciResourceProviderObjectID1": { + "value": "[parameters('hciResourceProviderObjectID')]" + } + } + } + }, + "edgeDevices" : { + "condition": "[equals(parameters('deploymentMode'), 'Validate')]", + "dependsOn": [ + "hcirproleassignment" + ], + "copy": { + "name": "edgeDeviceCopy", + "count": "[length(parameters('arcNodeResourceIds'))]", + "mode": "serial", + "batchSize": "[parameters('edgeDevicesBatchSize')]" + }, + "type": "Microsoft.AzureStackHCI/edgeDevices", + "apiVersion": "2026-04-01-preview", + "name": "default", + "scope": "[concat('Microsoft.HybridCompute/machines', '/', last(split(parameters('arcNodeResourceIds')[copyindex()], '/')))]", + "kind": "HCI", + "properties": {} + }, + "arcMachineRoleAssignment": { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2021-04-01", + "name": "AzureStackHCIDeviceManagementRole-RoleAssignment", + "subscriptionId": "[subscription().subscriptionId]", + "resourceGroup": "[resourceGroup().name]", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "arcNodeResourceIds1": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "copy": { + "name": "DVMroleAssignmentCopy", + "count": "[length(parameters('arcNodeResourceIds1'))]" + }, + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(concat('DMR-', parameters('arcNodeResourceIds1')[copyIndex()]))]", + "properties": { + "mode": "Incremental", + "roleDefinitionId": "[concat(subscription().id, '/providers/Microsoft.Authorization/roleDefinitions/', '865ae368-6a45-4bd1-8fbf-0d5151f56fc1')]", + "principalId": "[reference(parameters('arcNodeResourceIds1')[copyIndex()], '2023-10-03-preview', 'full').identity.principalId]", + "scope": "[resourceGroup().id]", + "description": "[concat(substring(parameters('arcNodeResourceIds1')[copyIndex()],lastIndexOf(parameters('arcNodeResourceIds1')[copyIndex()],'/')),'- Azure Stack HCI Device Management Role')]" + } + } + ] + }, + "parameters": { + "arcNodeResourceIds1": { + "value": "[parameters('arcNodeResourceIds')]" + } + } + } + }, + "ArcMachineKVRoleAssignment": { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2021-04-01", + "name": "KeyVaultSecretsUser-RoleAssignment", + "subscriptionId": "[subscription().subscriptionId]", + "resourceGroup": "[resourceGroup().name]", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "arcNodeResourceIds1": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "copy": { + "name": "KVroleAssignmentCopy", + "count": "[length(parameters('arcNodeResourceIds1'))]" + }, + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(concat('KVSU-RoleAssign', parameters('arcNodeResourceIds1')[copyIndex()]))]", + "properties": { + "mode": "Incremental", + "roleDefinitionId": "[concat(subscription().id, '/providers/Microsoft.Authorization/roleDefinitions/', '4633458b-17de-408a-b874-0445c86b69e6')]", + "principalId": "[reference(parameters('arcNodeResourceIds1')[copyIndex()], '2023-10-03-preview', 'full').identity.principalId]", + "scope": "[resourceGroup().id]", + "description": "[concat(substring(parameters('arcNodeResourceIds1')[copyIndex()],lastIndexOf(parameters('arcNodeResourceIds1')[copyIndex()],'/')),'- Key Vault Secrets User')]" + } + } + ] + }, + "parameters": { + "arcNodeResourceIds1": { + "value": "[parameters('arcNodeResourceIds')]" + } + } + } + }, + "ArcMachineInfraVMRoleAssignment": { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2021-04-01", + "name": "AzureStackHCIConnectedInfraVMs-RoleAssignment", + "subscriptionId": "[subscription().subscriptionId]", + "resourceGroup": "[resourceGroup().name]", + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "arcNodeResourceIds1": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "copy": { + "name": "IfraVMroleAssignmentCopy", + "count": "[length(parameters('arcNodeResourceIds1'))]" + }, + "type": "Microsoft.Authorization/roleAssignments", + "apiVersion": "2022-04-01", + "name": "[guid(concat('INFRAVM-RoleAssign', parameters('arcNodeResourceIds1')[copyIndex()]))]", + "properties": { + "mode": "Incremental", + "roleDefinitionId": "[concat(subscription().id, '/providers/Microsoft.Authorization/roleDefinitions/', 'c99c945f8bd14fb1a90301460aae6068')]", + "principalId": "[reference(parameters('arcNodeResourceIds1')[copyIndex()], '2023-10-03-preview', 'full').identity.principalId]", + "scope": "[resourceGroup().id]", + "description": "[concat(substring(parameters('arcNodeResourceIds1')[copyIndex()],lastIndexOf(parameters('arcNodeResourceIds1')[copyIndex()],'/')),'- Azure Stack HCI Connected InfraVMs')]" + } + } + ] + }, + "parameters": { + "arcNodeResourceIds1": { + "value": "[parameters('arcNodeResourceIds')]" + } + } + } + }, + "KVConfigurations":{ + "type": "Microsoft.KeyVault/vaults", + "apiVersion": "2021-06-01-preview", + "name": "[parameters('keyVaultName')]", + "location": "[parameters('location')]", + "condition": "[parameters('createNewKeyVault')]", + "properties": { + "enabledForDeployment": true, + "enabledForTemplateDeployment": true, + "enabledForDiskEncryption": true, + "enableSoftDelete": false, + "softDeleteRetentionInDays": "[parameters('softDeleteRetentionDays')]", + "enableRbacAuthorization": true, + "publicNetworkAccess": "Enabled", + "accessPolicies": [], + "tenantId": "[parameters('tenantId')]", + "sku": { + "name": "standard", + "family": "A" + } + } + }, + "nodeNameValidation":{ + "type": "Microsoft.Resources/deployments", + "apiVersion": "2021-04-01", + "name": "[if(contains(variables('isNodeNameValid'), 'false'), '##ClusterNameIsSameAsNodeName##', 'NodeNameIsValid')]", + "properties":{ + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "resources": [] + } + } + }, + "HCICluster":{ + "condition": "[equals(parameters('deploymentMode'), 'Validate')]", + "type": "Microsoft.AzureStackHCI/clusters", + "apiVersion": "2026-04-01-preview", + "name": "[parameters('clusterName')]", + "dependsOn": [ + "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]", + "edgeDevices", + "nodeNameValidation" + ], + "identity": { + "type": "SystemAssigned" + }, + "location": "[parameters('location')]", + "properties": {} + }, + "KVDomainAdminSecret":{ + "type": "Microsoft.KeyVault/vaults/secrets", + "apiVersion": "2021-06-01-preview", + "name": "[concat(parameters('keyVaultName'), '/', variables('domainAdminSecretName'))]", + "dependsOn": [ + "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" + ], + "location": "[parameters('location')]", + "scale": null, + "properties": { + "contentType": "Secret", + "value": "[variables('domainAdminSecretValueVar')]", + "attributes": { + "enabled": true + } + } + }, + "KVLocalAdminSecret":{ + "type": "Microsoft.KeyVault/vaults/secrets", + "apiVersion": "2021-06-01-preview", + "name": "[concat(parameters('keyVaultName'), '/', variables('LocalAdminCredentialSecretName'))]", + "dependsOn": [ + "[resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))]" + ], + "location": "[parameters('location')]", + "scale": null, + "properties": { + "contentType": "Secret", + "value": "[variables('localAdminSecretValue')]", + "attributes": { + "enabled": true + } + } + }, + "DeploymentSettings": { + "type": "microsoft.azurestackhci/clusters/deploymentSettings", + "apiVersion": "2026-04-01-preview", + "name": "[format('{0}/default', parameters('clusterName'))]", + "dependsOn": [ + "[resourceId('Microsoft.AzureStackHCI/clusters', parameters('clusterName'))]" + ], + "properties": { + "arcNodeResourceIds": "[parameters('arcNodeResourceIds')]", + "deploymentMode": "[parameters('deploymentMode')]", + "deploymentConfiguration": { + "version": "10.0.0.0", + "scaleUnits": [ + { + "deploymentData": { + "securitySettings": { + "hvciProtection": true, + "drtmProtection": true, + "driftControlEnforced": "[parameters('driftControlEnforced')]", + "credentialGuardEnforced": "[parameters('credentialGuardEnforced')]", + "smbSigningEnforced": "[parameters('smbSigningEnforced')]", + "smbClusterEncryption": "[parameters('smbClusterEncryption')]", + "sideChannelMitigationEnforced": true, + "bitlockerBootVolume": "[parameters('bitlockerBootVolume')]", + "bitlockerDataVolumes": "[parameters('bitlockerDataVolumes')]", + "wdacEnforced": "[parameters('wdacEnforced')]" + }, + "observability": { + "streamingDataClient": "[parameters('streamingDataClient')]", + "euLocation": "[parameters('euLocation')]", + "episodicDataUpload": "[parameters('episodicDataUpload')]" + }, + "cluster": { + "name": "[parameters('clusterName')]", + "witnessType": "[variables('witnessTypeVar')]", + "witnessPath": "[parameters('witnessPath')]", + "cloudAccountName": "", + "azureServiceEndpoint": "[variables('AzureServiceEndpointVar')]", + "clusterPattern": "[parameters('clusterPattern')]" + }, + "storage": { + "configurationMode": "[parameters('configurationMode')]" + }, + "namingPrefix": "[parameters('namingPrefix')]", + "domainFqdn": "[parameters('domainFqdn')]", + "infrastructureNetwork": [ + { + "subnetMask": "[parameters('subnetMask')]", + "gateway": "[parameters('defaultGateway')]", + "ipPools": [ + { + "startingAddress": "[parameters('startingIPAddress')]", + "endingAddress": "[parameters('endingIPAddress')]" + } + ], + "dnsServers": "[parameters('dnsServers')]", + "useDhcp": "[parameters('useDhcp')]" + } + ], + "physicalNodes": "[parameters('physicalNodesSettings')]", + "hostNetwork": { + "intents": "[parameters('intentList')]", + "storageNetworks": "[parameters('storageNetworkList')]", + "storageConnectivitySwitchless": "[parameters('storageConnectivitySwitchless')]", + "enableStorageAutoIp": "[parameters('enableStorageAutoIp')]" + }, + "adouPath": "[parameters('adouPath')]", + "secrets": "[variables('deploymentSecretsList')]", + "optionalServices": { + "customLocation": "[parameters('customLocation')]" + }, + "localAvailabilityZones": "[parameters('localAvailabilityZones')]" + } + } + ] + } + } + } + } + } \ No newline at end of file diff --git a/quickstarts/microsoft.azurestackhci/create-cluster-rac-enabled-disconnected/azuredeploy.parameters.json b/quickstarts/microsoft.azurestackhci/create-cluster-rac-enabled-disconnected/azuredeploy.parameters.json new file mode 100644 index 000000000000..e314ab47ac05 --- /dev/null +++ b/quickstarts/microsoft.azurestackhci/create-cluster-rac-enabled-disconnected/azuredeploy.parameters.json @@ -0,0 +1,215 @@ +{ + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "deploymentMode": { + "value": "Validate" + }, + "keyVaultName": { + "value": "s-clusterkv" + }, + "softDeleteRetentionDays": { + "value": 30 + }, + "clusterName": { + "value": "s-cluster" + }, + "location": { + "value": "autonomous" + }, + "tenantId": { + "value": "" + }, + "witnessType": { + "value": "FileShare" + }, + "localAdminUserName": { + "value": "Administrator" + }, + "localAdminPassword": { + "value": null + }, + "AzureStackLCMAdminUsername": { + "value": "HCIDeploymentUser" + }, + "AzureStackLCMAdminPassword": { + "value": null + }, + "hciResourceProviderObjectID": { + "value": "" + }, + "arcNodeResourceIds": { + "value": [ + "/subscriptions/86a43cee-777a-4d3e-b9bc-80d6a9c6c73c/resourceGroups/ARMRG/providers/Microsoft.HybridCompute/machines/vhost1", + "/subscriptions/86a43cee-777a-4d3e-b9bc-80d6a9c6c73c/resourceGroups/ARMRG/providers/Microsoft.HybridCompute/machines/vhost2" + ] + }, + "domainFqdn": { + "value": "v.masd.stbtest.microsoft.com" + }, + "keyVaultSuffix": { + "value": "" + }, + "namingPrefix": { + "value": "v" + }, + "adouPath": { + "value": "OU=Hci001,DC=v,DC=masd,DC=stbtest,DC=microsoft,DC=com" + }, + "securityLevel": { + "value": "Recommended" + }, + "driftControlEnforced": { + "value": true + }, + "credentialGuardEnforced": { + "value": true + }, + "smbSigningEnforced": { + "value": true + }, + "smbClusterEncryption": { + "value": false + }, + "bitlockerBootVolume": { + "value": true + }, + "bitlockerDataVolumes": { + "value": true + }, + "wdacEnforced": { + "value": false + }, + "streamingDataClient": { + "value": true + }, + "euLocation": { + "value": false + }, + "episodicDataUpload": { + "value": true + }, + "configurationMode": { + "value": "Express" + }, + "subnetMask": { + "value": "255.255.255.0" + }, + "defaultGateway": { + "value": "192.168.200.1" + }, + "startingIPAddress": { + "value": "192.168.200.96" + }, + "endingIPAddress": { + "value": "192.168.200.111" + }, + "dnsServers": { + "value": [ + "192.168.200.222" + ] + }, + "useDhcp": { + "value": false + }, + "physicalNodesSettings": { + "value": [ + { + "name": "v-host1", + "ipv4Address": "192.168.200.92" + }, + { + "name": "v-Host2", + "ipv4Address": "192.168.200.93" + } + ] + }, + "networkingType": { + "value": "switchedMultiServerDeployment" + }, + "networkingPattern": { + "value": "hyperConverged" + }, + "intentList": { + "value": [ + { + "name": "ManagementComputeStorage", + "trafficType": [ + "Management", + "Compute", + "Storage" + ], + "adapter": [ + "ethernet", + "ethernet 2" + ], + "overrideVirtualSwitchConfiguration": false, + "virtualSwitchConfigurationOverrides": { + "enableIov": "", + "loadBalancingAlgorithm": "" + }, + "overrideQosPolicy": false, + "qosPolicyOverrides": { + "priorityValue8021Action_Cluster": "", + "priorityValue8021Action_SMB": "", + "bandwidthPercentage_SMB": "" + }, + "overrideAdapterProperty": true, + "adapterPropertyOverrides": { + "jumboPacket": "", + "networkDirect": "Disabled", + "networkDirectTechnology": "" + } + } + ] + }, + "storageNetworkList": { + "value": [ + { + "name": "Storage1Network", + "networkAdapterName": "ethernet", + "vlanId": "8" + }, + { + "name": "Storage2Network", + "networkAdapterName": "Ethernet 2", + "vlanId": "8" + } + ] + }, + "storageConnectivitySwitchless": { + "value": false + }, + "enableStorageAutoIp": { + "value": true + }, + "clusterPattern": { + "value": "RackAware" + }, + "localAvailabilityZones": { + "value": [ + { + "localAvailabilityZoneName": "ZoneA", + "nodes": [ + "vhost1" + ] + }, + { + "localAvailabilityZoneName": "ZoneB", + "nodes": [ + "vhost2" + ] + } + ] + }, + "customLocation": { + "value": "s-cluster-customlocation" + }, + "witnessPath": { + "value": "\\\\v-DVM.V.MASD.STBTEST.MICROSOFT.COM\\ClusterWitness" + }, + "edgeDevicesBatchSize": { + "value": 8 + } + } +} \ No newline at end of file diff --git a/quickstarts/microsoft.azurestackhci/create-cluster-rac-enabled-disconnected/metadata.json b/quickstarts/microsoft.azurestackhci/create-cluster-rac-enabled-disconnected/metadata.json new file mode 100644 index 000000000000..84aadc7cf740 --- /dev/null +++ b/quickstarts/microsoft.azurestackhci/create-cluster-rac-enabled-disconnected/metadata.json @@ -0,0 +1,10 @@ +{ + "$schema": "https://aka.ms/azure-quickstart-templates-metadata-schema#", + "type": "QuickStart", + "itemDisplayName": "creates an Azure Stack HCI 24H2 rack aware cluster for ALDO", + "description": "This template creates an Azure Stack HCI 24H2 rack aware cluster for ALDO (Azure Local Disconnected Operation) using an ARM template.", + "summary": "This template creates an Azure Stack HCI 24H2 rack aware cluster for ALDO (Azure Local Disconnected Operation) using an ARM template.", + "githubUsername": "troettinger", + "validationType": "Manual", + "dateUpdated": "2025-04-14" +} \ No newline at end of file