Create files

dev/mysiteid/.gitignore

@@ -0,0 +1 @@
+*.tfvars

dev/mysiteid/backend.tf

@@ -0,0 +1,10 @@
+terraform {
+  backend "azurerm" {
+    resource_group_name  = "runyutestiac"
+    storage_account_name = "runyutestiacsa"
+    container_name       = "runyutestiaccontainer"
+    key                  = "mysiteid.tfstate"
+    use_azuread_auth     = true
+    subscription_id      = "de3c4d5e-af08-451a-a873-438d86ab6f4b"
+  }
+}

dev/mysiteid/imports.tf

@@ -0,0 +1,6 @@
+# # Uncomment the following lines to import the resource group when Arc servers are provisioned by yourself.
+
+# import {
+#   id = "/subscriptions/<subscription_id>/resourceGroups/<resourceGroup>"
+#   to = module.base.azurerm_resource_group.rg
+# }

dev/mysiteid/main.tf

@@ -0,0 +1,70 @@
+# module "base" {
+#   source           = "../../modules/runyutesttemplate"
+#   location         = "<location>"
+#   site_id          = basename(abspath(path.module))
+#   domain_fqdn      = "<domainFqdn>"
+#   starting_address = "<startingAddress>"
+#   ending_address   = "<endingAddress>"
+#   default_gateway  = "<defaultGateway>"
+#   dns_servers      = ["<dnsServer1>"]
+#   adou_suffix      = "<adouSuffix>"
+#   dc_ip            = "<domainControllerIp>"
+#   servers = [
+#     {
+#       name         = "<server1Name>",
+#       ipv4_address = "<server1Ipv4Address>"
+#     },
+#     {
+#       name        = "<server2Name>",
+#       ipv4Address = "<server2Ipv4Address>"
+#     }
+#   ]
+#   management_adapters = ["<managementAdapter1>", "<managementAdapter2>"]
+#   storage_networks = [
+#     {
+#       name               = "Storage1Network",
+#       networkAdapterName = "<storageAdapter1>",
+#       vlanId             = "<storageAdapter1Vlan>"
+#     },
+#     {
+#       name               = "Storage2Network",
+#       networkAdapterName = "<storageAdapter2>",
+#       vlanId             = "<storageAdapter2Vlan>"
+#     }
+#   ]
+#   rdma_enabled                    = false     // Change to true if RDMA is enabled.
+#   storage_connectivity_switchless = false     // Change to true if storage connectivity is switchless.
+#   enable_provisioners             = true      // Change to false when Arc servers are connected by yourself.
+#   authentication_method           = "Credssp" // or "Default"
+#   subscription_id                 = var.subscription_id
+#   domain_admin_user               = var.domain_admin_user
+#   domain_admin_password           = var.domain_admin_password
+#   local_admin_user                = var.local_admin_user
+#   local_admin_password            = var.local_admin_password
+#   deployment_user_password        = var.deployment_user_password
+#   service_principal_id            = var.service_principal_id
+#   service_principal_secret        = var.service_principal_secret
+#   rp_service_principal_object_id  = var.rp_service_principal_object_id
+
+#   # Region HCI logical network parameters
+#   lnet_starting_address = "<lnetStartingAddress>"
+#   lnet_ending_address   = "<lnetEndingAddress>"  # This IP range should not overlap with HCI infra IP range.
+#   lnet_address_prefix   = "<lnetAddressPrefix>"  # E.g., 192.168.1.0/24
+#   lnet_default_gateway  = "<lnetDefaultGateway>" # Default gateway can be same as HCI infra default gateway.
+#   lnet_dns_servers      = ["<lnetDnsServer1>"]   # DNS servers can be same as HCI infra DNS servers.
+
+#   # Region AKS Arc parameters
+#   aks_arc_control_plane_ip    = "<aksArcControlPlanIp>"      # An IP address in the logical network IP range.
+#   rbac_admin_group_object_ids = ["<rbacAdminGroupObjectId>"] # An AAD group that will have the admin permission of this AKS Arc cluster. Check ./doc/AKS-Arc-Admin-Groups.md for details
+
+#   # Region HCI VM parameters
+#   # Uncomment this section will create a windows server VM on HCI.
+#   # download_win_server_image = true
+#   # vm_admin_password         = var.vm_admin_password
+#   # domain_join_password      = var.domain_join_password
+
+#   # Region site manager parameters
+#   # Uncomment this section will create site manager instance for the resource group.
+#   # Check ./doc/Add-Site-Manager.md for more information
+#   # country = "<country>"
+# }

dev/mysiteid/provider.tf

@@ -0,0 +1,9 @@
+provider "azurerm" {
+  features {
+  }
+  subscription_id = var.subscription_id
+}
+
+provider "azapi" {
+  subscription_id = var.subscription_id
+}

dev/mysiteid/terraform.tf

@@ -0,0 +1,15 @@
+terraform {
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~>3.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = "~>3.0"
+    }
+    azapi = {
+      source = "azure/azapi"
+    }
+  }
+}

dev/mysiteid/variables.tf

@@ -0,0 +1,66 @@
+variable "subscription_id" {
+  description = "The subscription id to register this environment."
+  type        = string
+}
+
+variable "local_admin_user" {
+  description = "The username of the local administrator account."
+  sensitive   = true
+  type        = string
+}
+
+variable "local_admin_password" {
+  description = "The password of the local administrator account."
+  sensitive   = true
+  type        = string
+}
+
+variable "domain_admin_user" {
+  description = "The username of the domain account."
+  sensitive   = true
+  type        = string
+}
+
+variable "domain_admin_password" {
+  description = "The password of the domain account."
+  sensitive   = true
+  type        = string
+}
+
+variable "deployment_user_password" {
+  sensitive   = true
+  type        = string
+  description = "The password for deployment user."
+}
+
+variable "service_principal_id" {
+  description = "The id of service principal to create hci cluster."
+  sensitive   = true
+  type        = string
+}
+
+variable "service_principal_secret" {
+  description = "The secret of service principal to create hci cluster."
+  sensitive   = true
+  type        = string
+}
+
+variable "rp_service_principal_object_id" {
+  default     = ""
+  type        = string
+  description = "The object ID of the HCI resource provider service principal."
+}
+
+variable "vm_admin_password" {
+  description = "Admin password for the VM"
+  type        = string
+  sensitive   = true
+  default     = ""
+}
+
+variable "domain_join_password" {
+  description = "Password of User with permissions to join the domain."
+  type        = string
+  sensitive   = true
+  default     = ""
+}

modules/runyutesttemplate/checks.tf

@@ -0,0 +1,16 @@
+locals {
+  is_windows = length(regexall("^[a-z]:", lower(abspath(path.root)))) > 0
+  program = local.is_windows ? "powershell.exe" : "pwsh"
+}
+
+data "external" "lnet_ip_check" {
+  program = [local.program, "-File", "${abspath(path.module)}/scripts/ip-range-overlap.ps1", var.starting_address, var.ending_address, var.lnet_starting_address, var.lnet_ending_address]
+
+  lifecycle {
+    postcondition {
+      condition     = self.result.result == "ok"
+      error_message = "AKS Arc IP range overlaps with HCI IP range."
+    }
+  }
+}
+