From 8b9a8dfa1f52b4d82980f38e9ef4337366164424 Mon Sep 17 00:00:00 2001 From: saitcho Date: Fri, 2 Feb 2024 16:04:39 -0600 Subject: [PATCH 01/10] updates to preprov script --- azure_jumpstart_hcibox/scripts/preprovision.ps1 | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/azure_jumpstart_hcibox/scripts/preprovision.ps1 b/azure_jumpstart_hcibox/scripts/preprovision.ps1 index fefa2bd052..21a7c774f2 100644 --- a/azure_jumpstart_hcibox/scripts/preprovision.ps1 +++ b/azure_jumpstart_hcibox/scripts/preprovision.ps1 @@ -7,19 +7,19 @@ Write-Host "Connecting to Azure..." # Install Azure module if not already installed if (-not (Get-Command -Name Get-AzContext)) { Write-Host "Installing Azure module..." - Install-Module -Name Az -AllowClobber -Scope CurrentUser -ErrorAction Stop + Install-Module -Name Az -AllowClobber -Scope CurrentUser -Force -ErrorAction Stop } # If not signed in, run the Connect-AzAccount cmdlet if (-not (Get-AzContext)) { - Write-Host "Logging in to Azure..." + Write-Host "Logging in to Azure with subscription id $env:AZURE_SUBSCRIPTION_ID" If (-not (Connect-AzAccount -SubscriptionId $env:AZURE_SUBSCRIPTION_ID -ErrorAction Stop)){ Throw "Unable to login to Azure. Please check your credentials and try again." } } $tenantId = (Get-AzContext).tenant.id -# Write-Host "Setting Azure context..." -$context = Set-AzContext -SubscriptionId $env:AZURE_SUBSCRIPTION_ID -Tenant $tenantId -ErrorAction Stop +Write-Host "Setting Azure context with subscription id $env:AZURE_SUBSCRIPTION_ID and tenand id $tenantId..." +$context = Set-AzContext -SubscriptionId $env:AZURE_SUBSCRIPTION_ID -ErrorAction Stop # Write-Host "Setting az subscription..." az account set --subscription $env:AZURE_SUBSCRIPTION_ID @@ -177,7 +177,7 @@ Write-Host "Checking for existing stored Azure service principal..." if ($null -ne $env:SPN_CLIENT_ID) { Write-Host "Re-using existing service principal..." } else { - Write-Host "Attempting to create new service principal..." + Write-Host "Attempting to create new service principal with scope /subscriptions/$($env:AZURE_SUBSCRIPTION_ID)..." $user = (Get-AzContext).Account.Id.split("@")[0] $uniqueSpnName = "$user-jumpstart-spn-$(Get-Random -Minimum 1000 -Maximum 9999)" try { @@ -191,14 +191,12 @@ if ($null -ne $env:SPN_CLIENT_ID) { azd env set SPN_TENANT_ID -- $SPN_TENANT_ID } catch { + If ($error[0].ToString() -match "Forbidden"){ Throw "You do not have permission to create a service principal. Please contact your Azure subscription administrator to grant you the Owner role on the subscription." } - elseif ($error[0].ToString() -match "credentials") { - Throw "Please run Connect-AzAccount to sign in and run 'azd up' again." - } else { - Throw "An error occurred creating the service principal. Please try again." + Throw "An error occurred creating the service principal. Error:" + $error[0].ToString() } } From 01ebd352cfca7206401a34f684063097abff5633 Mon Sep 17 00:00:00 2001 From: saitcho Date: Fri, 2 Feb 2024 16:05:36 -0600 Subject: [PATCH 02/10] spelling --- azure_jumpstart_hcibox/scripts/preprovision.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure_jumpstart_hcibox/scripts/preprovision.ps1 b/azure_jumpstart_hcibox/scripts/preprovision.ps1 index 21a7c774f2..84b18d1d6e 100644 --- a/azure_jumpstart_hcibox/scripts/preprovision.ps1 +++ b/azure_jumpstart_hcibox/scripts/preprovision.ps1 @@ -18,7 +18,7 @@ if (-not (Get-AzContext)) { } } $tenantId = (Get-AzContext).tenant.id -Write-Host "Setting Azure context with subscription id $env:AZURE_SUBSCRIPTION_ID and tenand id $tenantId..." +Write-Host "Setting Azure context with subscription id $env:AZURE_SUBSCRIPTION_ID and tenant id $tenantId..." $context = Set-AzContext -SubscriptionId $env:AZURE_SUBSCRIPTION_ID -ErrorAction Stop # Write-Host "Setting az subscription..." From 92943b5d55d68731a309db0d3c467f9444e56ecb Mon Sep 17 00:00:00 2001 From: saitcho Date: Mon, 5 Feb 2024 16:49:47 -0600 Subject: [PATCH 03/10] small change --- .../artifacts/PowerShell/Generate-ARM-Template.ps1 | 5 ----- azure_jumpstart_hcibox/artifacts/hci.json | 2 +- 2 files changed, 1 insertion(+), 6 deletions(-) diff --git a/azure_jumpstart_hcibox/artifacts/PowerShell/Generate-ARM-Template.ps1 b/azure_jumpstart_hcibox/artifacts/PowerShell/Generate-ARM-Template.ps1 index 369e751988..a98cc0943f 100644 --- a/azure_jumpstart_hcibox/artifacts/PowerShell/Generate-ARM-Template.ps1 +++ b/azure_jumpstart_hcibox/artifacts/PowerShell/Generate-ARM-Template.ps1 @@ -14,11 +14,6 @@ Write-Host 'Creating credentials and connecting to Azure' $azureAppCred = (New-Object System.Management.Automation.PSCredential $env:spnClientID, (ConvertTo-SecureString -String $env:spnClientSecret -AsPlainText -Force)) Connect-AzAccount -ServicePrincipal -Subscription $env:subscriptionId -Tenant $env:spnTenantId -Credential $azureAppCred -# Check that extensions are finished installing on HCI nodes -# foreach ($node in $HCIBoxConfig.NodeHostConfig) { - -# } - # Install some modules Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force Install-Module -Name Az.Resources -Force diff --git a/azure_jumpstart_hcibox/artifacts/hci.json b/azure_jumpstart_hcibox/artifacts/hci.json index 42933f2ac0..d75f7e2e71 100644 --- a/azure_jumpstart_hcibox/artifacts/hci.json +++ b/azure_jumpstart_hcibox/artifacts/hci.json @@ -463,7 +463,7 @@ "identity": { "type": "SystemAssigned" }, - "location": "[parameters('location')]", + "location": "eastus", "properties": { } }, From 526fefc3b85132709f8e31c3d265e4ae4422dd27 Mon Sep 17 00:00:00 2001 From: saitcho Date: Mon, 5 Feb 2024 18:36:49 -0600 Subject: [PATCH 04/10] encode answer file password --- .../artifacts/PowerShell/New-HCIBoxCluster.ps1 | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 b/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 index c3d697a4c6..69aec7fab9 100644 --- a/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 +++ b/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 @@ -81,6 +81,7 @@ function GenerateAnswerFile { ) $formattedMAC = Get-FormattedWACMAC -HCIBoxConfig $HCIBoxConfig + $encodedPassword = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($($HCIBoxConfig.SDNAdminPassword))) $wacAnswerXML = @" @@ -135,7 +136,7 @@ function GenerateAnswerFile { $($HCIBoxConfig.SDNDomainFQDN) -$($HCIBoxConfig.SDNAdminPassword) +$encodedPasswordfalse</PlainText></Password> <Username>Administrator</Username> </Credentials> <JoinDomain>$($HCIBoxConfig.SDNDomainFQDN)</JoinDomain> @@ -150,8 +151,7 @@ function GenerateAnswerFile { <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <UserAccounts> <AdministratorPassword> -<Value>$($HCIBoxConfig.SDNAdminPassword)</Value> -<PlainText>true</PlainText> +<Value>$encodedPassword</value><PlainText>false</PlainText> </AdministratorPassword> </UserAccounts> <TimeZone>UTC</TimeZone> @@ -283,8 +283,7 @@ $components</settings> </OOBE> <UserAccounts> <AdministratorPassword> -<Value>$($HCIBoxConfig.SDNAdminPassword)</Value> -<PlainText>true</PlainText> +<Value>$encodedPassword</value><PlainText>false</PlainText> </AdministratorPassword> </UserAccounts> </component> From 68859169ea1b12780cea62135f2a979807ff6232 Mon Sep 17 00:00:00 2001 From: saitcho <saitcho@outlook.com> Date: Mon, 5 Feb 2024 19:01:17 -0600 Subject: [PATCH 05/10] output json on az command --- azure_jumpstart_hcibox/scripts/preprovision.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure_jumpstart_hcibox/scripts/preprovision.ps1 b/azure_jumpstart_hcibox/scripts/preprovision.ps1 index 84b18d1d6e..cd26d07fcd 100644 --- a/azure_jumpstart_hcibox/scripts/preprovision.ps1 +++ b/azure_jumpstart_hcibox/scripts/preprovision.ps1 @@ -165,7 +165,7 @@ azd env set JS_RDP_PORT $JS_RDP_PORT # Attempt to retrieve provider id for Microsoft.AzureStackHCI Write-Host "Attempting to retrieve Microsoft.AzureStackHCI provider id..." -$spnProviderId=$(az ad sp list --display-name "Microsoft.AzureStackHCI") | ConvertFrom-Json +$spnProviderId=$(az ad sp list --display-name "Microsoft.AzureStackHCI" --output json) | ConvertFrom-Json if ($null -ne $spnProviderId.id) { azd env set SPN_PROVIDER_ID -- $($spnProviderId.id) } From 2db25308d1a9677c3f9c40841e4ed9a35bc75c0d Mon Sep 17 00:00:00 2001 From: saitcho <saitcho@outlook.com> Date: Mon, 5 Feb 2024 21:00:52 -0600 Subject: [PATCH 06/10] patch --- .../artifacts/PowerShell/New-HCIBoxCluster.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 b/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 index 69aec7fab9..faad207949 100644 --- a/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 +++ b/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 @@ -136,7 +136,7 @@ function GenerateAnswerFile { <Identification> <Credentials> <Domain>$($HCIBoxConfig.SDNDomainFQDN)</Domain> -<Password><Value>$encodedPassword</value><PlainText>false</PlainText></Password> +<Password>$($HCIBoxConfig.SDNAdminPassword)</Password> <Username>Administrator</Username> </Credentials> <JoinDomain>$($HCIBoxConfig.SDNDomainFQDN)</JoinDomain> From 0b364c5108c3be604dad470ad0f20fdf24ddc32b Mon Sep 17 00:00:00 2001 From: saitcho <saitcho@outlook.com> Date: Tue, 6 Feb 2024 15:58:24 -0600 Subject: [PATCH 07/10] unattend stuff --- .../artifacts/PowerShell/New-HCIBoxCluster.ps1 | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 b/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 index faad207949..bb3265be59 100644 --- a/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 +++ b/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 @@ -81,7 +81,7 @@ function GenerateAnswerFile { ) $formattedMAC = Get-FormattedWACMAC -HCIBoxConfig $HCIBoxConfig - $encodedPassword = [Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes($($HCIBoxConfig.SDNAdminPassword))) + $encodedPassword = [Convert]::ToBase64String([System.Text.Encoding]::Unicode.GetBytes($($HCIBoxConfig.SDNAdminPassword) + "AdministratorPassword")) $wacAnswerXML = @" <?xml version="1.0" encoding="utf-8"?> <unattend xmlns="urn:schemas-microsoft-com:unattend"> @@ -151,7 +151,8 @@ function GenerateAnswerFile { <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <UserAccounts> <AdministratorPassword> -<Value>$encodedPassword</value><PlainText>false</PlainText> +<PlainText>false</PlainText> +<Value>$encodedPassword</Value> </AdministratorPassword> </UserAccounts> <TimeZone>UTC</TimeZone> @@ -283,7 +284,8 @@ $components</settings> </OOBE> <UserAccounts> <AdministratorPassword> -<Value>$encodedPassword</value><PlainText>false</PlainText> +<PlainText>false</PlainText> +<Value>$encodedPassword</Value> </AdministratorPassword> </UserAccounts> </component> @@ -1536,9 +1538,9 @@ else { Write-Error "GUI.vhdx is corrupt. Aborting deployment. Re-run C:\HCIBox\HCIBoxLogonScript.ps1 to retry" throw } -# BITSRequest -Params @{'Uri'='https://partner-images.canonical.com/hyper-v/desktop/focal/current/ubuntu-focal-hyperv-amd64-ubuntu-desktop-hyperv.vhdx.zip'; 'Filename'="$($HCIBoxConfig.Paths.VHDDir)\Ubuntu.vhdx.zip"} -# Expand-Archive -Path "$($HCIBoxConfig.Paths.VHDDir)\Ubuntu.vhdx.zip" -DestinationPath $($HCIBoxConfig.Paths.VHDDir) -# Move-Item -Path "$($HCIBoxConfig.Paths.VHDDir)\livecd.ubuntu-desktop-hyperv.vhdx" -Destination "$($HCIBoxConfig.Paths.VHDDir)\Ubuntu.vhdx" +BITSRequest -Params @{'Uri'='https://partner-images.canonical.com/hyper-v/desktop/focal/current/ubuntu-focal-hyperv-amd64-ubuntu-desktop-hyperv.vhdx.zip'; 'Filename'="$($HCIBoxConfig.Paths.VHDDir)\Ubuntu.vhdx.zip"} +Expand-Archive -Path "$($HCIBoxConfig.Paths.VHDDir)\Ubuntu.vhdx.zip" -DestinationPath $($HCIBoxConfig.Paths.VHDDir) +Move-Item -Path "$($HCIBoxConfig.Paths.VHDDir)\livecd.ubuntu-desktop-hyperv.vhdx" -Destination "$($HCIBoxConfig.Paths.VHDDir)\Ubuntu.vhdx" # Set credentials $localCred = new-object -typename System.Management.Automation.PSCredential ` From 54d88949f1c0a6982b18099d721ed19d3f8b6a9f Mon Sep 17 00:00:00 2001 From: saitcho <saitcho@outlook.com> Date: Tue, 6 Feb 2024 18:26:01 -0600 Subject: [PATCH 08/10] dont force module install --- azure_jumpstart_hcibox/scripts/preprovision.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azure_jumpstart_hcibox/scripts/preprovision.ps1 b/azure_jumpstart_hcibox/scripts/preprovision.ps1 index cd26d07fcd..de4b3aa92f 100644 --- a/azure_jumpstart_hcibox/scripts/preprovision.ps1 +++ b/azure_jumpstart_hcibox/scripts/preprovision.ps1 @@ -7,7 +7,7 @@ Write-Host "Connecting to Azure..." # Install Azure module if not already installed if (-not (Get-Command -Name Get-AzContext)) { Write-Host "Installing Azure module..." - Install-Module -Name Az -AllowClobber -Scope CurrentUser -Force -ErrorAction Stop + Install-Module -Name Az -AllowClobber -Scope CurrentUser -ErrorAction Stop } # If not signed in, run the Connect-AzAccount cmdlet From 3cee4e21219f469e1e7e7d3efa874b43862cde31 Mon Sep 17 00:00:00 2001 From: saitcho <saitcho@outlook.com> Date: Tue, 6 Feb 2024 18:58:47 -0600 Subject: [PATCH 09/10] small bug --- .../artifacts/PowerShell/New-HCIBoxCluster.ps1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 b/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 index bb3265be59..c8307cff3a 100644 --- a/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 +++ b/azure_jumpstart_hcibox/artifacts/PowerShell/New-HCIBoxCluster.ps1 @@ -1538,9 +1538,9 @@ else { Write-Error "GUI.vhdx is corrupt. Aborting deployment. Re-run C:\HCIBox\HCIBoxLogonScript.ps1 to retry" throw } -BITSRequest -Params @{'Uri'='https://partner-images.canonical.com/hyper-v/desktop/focal/current/ubuntu-focal-hyperv-amd64-ubuntu-desktop-hyperv.vhdx.zip'; 'Filename'="$($HCIBoxConfig.Paths.VHDDir)\Ubuntu.vhdx.zip"} -Expand-Archive -Path "$($HCIBoxConfig.Paths.VHDDir)\Ubuntu.vhdx.zip" -DestinationPath $($HCIBoxConfig.Paths.VHDDir) -Move-Item -Path "$($HCIBoxConfig.Paths.VHDDir)\livecd.ubuntu-desktop-hyperv.vhdx" -Destination "$($HCIBoxConfig.Paths.VHDDir)\Ubuntu.vhdx" +# BITSRequest -Params @{'Uri'='https://partner-images.canonical.com/hyper-v/desktop/focal/current/ubuntu-focal-hyperv-amd64-ubuntu-desktop-hyperv.vhdx.zip'; 'Filename'="$($HCIBoxConfig.Paths.VHDDir)\Ubuntu.vhdx.zip"} +# Expand-Archive -Path "$($HCIBoxConfig.Paths.VHDDir)\Ubuntu.vhdx.zip" -DestinationPath $($HCIBoxConfig.Paths.VHDDir) +# Move-Item -Path "$($HCIBoxConfig.Paths.VHDDir)\livecd.ubuntu-desktop-hyperv.vhdx" -Destination "$($HCIBoxConfig.Paths.VHDDir)\Ubuntu.vhdx" # Set credentials $localCred = new-object -typename System.Management.Automation.PSCredential ` From 46d81f243f55fd3180f2061f98995dfa03569a2a Mon Sep 17 00:00:00 2001 From: saitcho <saitcho@outlook.com> Date: Tue, 6 Feb 2024 19:12:47 -0600 Subject: [PATCH 10/10] small stuff --- azure_jumpstart_hcibox/artifacts/PowerShell/Bootstrap.ps1 | 7 ++----- .../artifacts/PowerShell/Generate-ARM-Template.ps1 | 4 ++-- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/azure_jumpstart_hcibox/artifacts/PowerShell/Bootstrap.ps1 b/azure_jumpstart_hcibox/artifacts/PowerShell/Bootstrap.ps1 index 6c8ec7ab1d..6dd133edba 100644 --- a/azure_jumpstart_hcibox/artifacts/PowerShell/Bootstrap.ps1 +++ b/azure_jumpstart_hcibox/artifacts/PowerShell/Bootstrap.ps1 @@ -73,9 +73,6 @@ Start-Transcript -Path "$($HCIBoxConfig.Paths["LogsDir"])\Bootstrap.log" Write-Host "Extending C:\ partition to the maximum size" Resize-Partition -DriveLetter C -Size $(Get-PartitionSupportedSize -DriveLetter C).SizeMax -# Installing Posh-SSH PowerShell Module -# Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force - # Installing tools Write-Header "Installing Chocolatey Apps" try { @@ -210,5 +207,5 @@ Install-WindowsFeature -Name Hyper-V -IncludeAllSubFeature -IncludeManagementToo # Clean up Bootstrap.log Write-Header "Clean up Bootstrap.log." Stop-Transcript -$logSuppress = Get-Content $($HCIBoxConfig.Paths["LogsDir"])\Bootstrap.log | Where-Object { $_ -notmatch "Host Application: powershell.exe" } -$logSuppress | Set-Content $($HCIBoxConfig.Paths["LogsDir"])\Bootstrap.log -Force +$logSuppress = Get-Content $($HCIBoxConfig.Paths.LogsDir)\Bootstrap.log | Where-Object { $_ -notmatch "Host Application: powershell.exe" } +$logSuppress | Set-Content $($HCIBoxConfig.Paths.LogsDir)\Bootstrap.log -Force diff --git a/azure_jumpstart_hcibox/artifacts/PowerShell/Generate-ARM-Template.ps1 b/azure_jumpstart_hcibox/artifacts/PowerShell/Generate-ARM-Template.ps1 index a98cc0943f..eec4d35af5 100644 --- a/azure_jumpstart_hcibox/artifacts/PowerShell/Generate-ARM-Template.ps1 +++ b/azure_jumpstart_hcibox/artifacts/PowerShell/Generate-ARM-Template.ps1 @@ -16,8 +16,8 @@ Connect-AzAccount -ServicePrincipal -Subscription $env:subscriptionId -Tenant $e # Install some modules Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force -Install-Module -Name Az.Resources -Force -Install-Module Az.ConnectedMachine -Force +Install-Module -Name Az.Resources -AllowClobber -Force +Install-Module -Name Az.ConnectedMachine -AllowClobber -Force Import-Module -Name Az.Resources, Az.ConnectedMachine -Force # Add necessary role assignments