Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Requires -Version 3.0
- #Requires -Modules Azure
- #Requires -RunAsAdministrator
- <#
- .NOTES
- #------------------------------------------------------------------------------------------------------------
- # Date : 21-07-2016
- # Script name : Deploy-AzureHDInsightEnvironment.ps1
- # Description : Deploys the HDInsight environment in Azure.
- #
- # Created by : Ralph Jansen
- # Extra module : Azure (available from http://aka.ms/webpi-azps)
- # History : RJA 21-07-2016 Initial version
- #
- #------------------------------------------------------------------------------------------------------------
- .DESCRIPTION
- Deploys the HDInsight environment in Azure
- #>
- # Set variables
- # Change these:
- $environment = "PRD" # Value can be DEV, TST, ACC and PRD
- $NetworkAddressRange = "172.0.0.10/24"
- $SubnetAddressRange = "172.0.0.10/27"
- $parametersFilePath = "C:\TEMP\parameters.json"
- $templateFilePath = "C:\TEMP\template.json"
- $ResourceGroupName = "AZU-RSG-HDINSIGHT-$environment"
- $SubnetName = "AZU-NET-HDINSIGHT-$environment"
- $VirtualNetworkName = "AZU-VNW-HDINSIGHT-$environment"
- $NetworkSecurityGroupName = "AZU-NSG-HDINSIGHT-$environment"
- $StorageAccountName = "azustahdinsight"+$environment.ToLower()
- $deploymentlocation = "West Europe"
- $ErrorActionPreference = "Stop"
- Read-Host "Make sure that `n
- - The Resource Group does not exist
- - The subnet IP range and Network Address Range are correct
- - The Environment name variable has been changed in this script, it is now $environment
- - The Template.json and Paramters.json files can be access from the share with this account
- Continue?"
- $accounttype = Read-Host "Do you use a federated (corporate) account or an account like a live ID? Enter CORP or LIVE"
- Switch ($accounttype)
- {
- CORP { $Credential =Get-Credential; Login-AzureRmAccount -Credential $Credential }
- LIVE { Login-AzureRmAccount }
- Default { $Credential =Get-Credential; Login-AzureRmAccount -Credential $Credential }
- }
- # Do not change these:
- $subnet = New-AzureRmVirtualNetworkSubnetConfig -Name "$SubnetName" -AddressPrefix "$SubnetAddressRange"
- # Create new Resource Group
- Write-Host "Creating Resource Group $ResourceGroupName in $deploymentlocation"
- New-AzureRmResourceGroup -Name $ResourceGroupName -Location "$deploymentlocation"
- # Create new virtual network
- Write-Host "Creating network $VirtualNetworkName in Resource Group $ResourceGroupName in $deploymentlocation"
- New-AzureRmVirtualNetwork -Name "$VirtualNetworkName" -ResourceGroupName "$ResourceGroupName" -Location "$deploymentlocation" -AddressPrefix "$NetworkAddressRange" -Subnet $subnet
- # Register Resource Provider
- Function RegisterRP {
- Param(
- [string]$ResourceProviderNamespace
- )
- Write-Host "Registering resource provider '$ResourceProviderNamespace'";
- Register-AzureRmResourceProvider -ProviderNamespace $ResourceProviderNamespace -Force;
- }
- $resourceProviders = @("microsoft.hdinsight","microsoft.storage");
- if($resourceProviders.length) {
- Write-Host "Registering resource providers"
- foreach($resourceProvider in $resourceProviders) {
- RegisterRP($resourceProvider);
- }
- }
- # Start the deployment of the HDInsight cluster
- Write-Host "Starting deployment of the HDInsight cluster...";
- if(Test-Path $parametersFilePath) {
- New-AzureRmResourceGroupDeployment -ResourceGroupName $ResourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath;
- } else {
- New-AzureRmResourceGroupDeployment -ResourceGroupName $ResourceGroupName -TemplateFile $templateFilePath;
- }
- Write-Host "Deployment of HDInsigh cluster finished, performing post-install steps"
- # Get the Virtual Network object
- Write-Host "Creating and configuring Virtual Network"
- $vnet = Get-AzureRmVirtualNetwork -Name $VirtualNetworkName -ResourceGroupName $ResourceGroupName
- # Get the region the Virtual network is in.
- $location = $vnet.Location
- # Get the subnet object
- $subnet = $vnet.Subnets | Where-Object Name -eq $SubnetName
- # Creating a new Network Security Group and adding exemptions for the HDInsight health and management services.
- $nsg = New-AzureRmNetworkSecurityGroup `
- -Name "$NetworkSecurityGroupName" `
- -ResourceGroupName $ResourceGroupName `
- -Location $location `
- | Add-AzureRmNetworkSecurityRuleConfig `
- -name "AZU-NSR-HDINSIGHT-$environment-01" `
- -Description "HDI health and management address 168.61.49.99" `
- -Protocol "*" `
- -SourcePortRange "*" `
- -DestinationPortRange "443" `
- -SourceAddressPrefix "168.61.49.99" `
- -DestinationAddressPrefix "VirtualNetwork" `
- -Access Allow `
- -Priority 300 `
- -Direction Inbound `
- | Add-AzureRmNetworkSecurityRuleConfig `
- -Name "AZU-NSR-HDINSIGHT-$environment-02" `
- -Description "HDI health and management 23.99.5.239" `
- -Protocol "*" `
- -SourcePortRange "*" `
- -DestinationPortRange "443" `
- -SourceAddressPrefix "23.99.5.239" `
- -DestinationAddressPrefix "VirtualNetwork" `
- -Access Allow `
- -Priority 301 `
- -Direction Inbound `
- | Add-AzureRmNetworkSecurityRuleConfig `
- -Name "AZU-NSR-HDINSIGHT-$environment-03" `
- -Description "HDI health and management 168.61.48.131" `
- -Protocol "*" `
- -SourcePortRange "*" `
- -DestinationPortRange "443" `
- -SourceAddressPrefix "168.61.48.131" `
- -DestinationAddressPrefix "VirtualNetwork" `
- -Access Allow `
- -Priority 302 `
- -Direction Inbound `
- | Add-AzureRmNetworkSecurityRuleConfig `
- -Name "AZU-NSR-HDINSIGHT-$environment-04" `
- -Description "HDI health and management 138.91.141.162" `
- -Protocol "*" `
- -SourcePortRange "*" `
- -DestinationPortRange "443" `
- -SourceAddressPrefix "138.91.141.162" `
- -DestinationAddressPrefix "VirtualNetwork" `
- -Access Allow `
- -Priority 303 `
- -Direction Inbound
- # Apply the changes to the security group
- Write-Host "Applying changes to Network Security Group"
- Set-AzureRmNetworkSecurityGroup -NetworkSecurityGroup $nsg
- # Apply the NSG to the subnet
- Write-Host "Applying the NSG to the subnet"
- $vnet = Get-AzureRmVirtualNetwork -ResourceGroupName $ResourceGroupName -Name $VirtualNetworkName
- $subnetName = $vnet.Subnets.Name
- $subnet = $vnet.Subnets | Where-Object Name -eq $subnetName
- Set-AzureRmVirtualNetworkSubnetConfig -VirtualNetwork $vnet -Name $subnetName -AddressPrefix $subnet.AddressPrefix -NetworkSecurityGroup $nsg | Set-AzureRmVirtualNetwork
- Read-Host "Press any key to exit"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement