Terraform | Azure | Added maintenance mode & Serial console password …

…support * Terraform Azure | Added maintenance mode password & serial console password support * Updated os_version parameter
CheckPointSW · Aug 22, 2023 · 66b1ac8 · 66b1ac8
1 parent 62eb9b5
commit 66b1ac8
Show file tree

Hide file tree

Showing 55 changed files with 657 additions and 410 deletions.
diff --git a/terraform/azure/high-availability-existing-vnet/README.md b/terraform/azure/high-availability-existing-vnet/README.md
diff --git a/terraform/azure/high-availability-existing-vnet/cloud-init.sh b/terraform/azure/high-availability-existing-vnet/cloud-init.sh
@@ -2,7 +2,7 @@
 
 installationType="${installation_type}"
 allowUploadDownload="${allow_upload_download}"
-osVersion= "${os_version}"
+osVersion="${os_version}"
 templateName="${template_name}"
 templateVersion="${template_version}"
 templateType="${template_type}"
@@ -18,3 +18,5 @@ customMetrics="${enable_custom_metrics}"
 adminShell="${admin_shell}"
 smart1CloudToken="${smart_1_cloud_token}"
 Vips='[{"name": "cluster-vip", "privateIPAddress": "${external_private_addresses}", "publicIPAddress": "${cluster_name}"}]'
+passwordHash="${serial_console_password_hash}"
+MaintenanceModePassword="${maintenance_mode_password_hash}"
diff --git a/terraform/azure/high-availability-existing-vnet/main.tf b/terraform/azure/high-availability-existing-vnet/main.tf
@@ -27,6 +27,8 @@ module "common" {
   vm_os_sku = var.vm_os_sku
   vm_os_offer = var.vm_os_offer
   authentication_type = var.authentication_type
+  serial_console_password_hash = var.serial_console_password_hash
+   maintenance_mode_password_hash = var.maintenance_mode_password_hash
 }
 
 //********************** Networking **************************//
@@ -373,6 +375,8 @@ resource "azurerm_virtual_machine" "vm-instance-availability-set" {
       enable_custom_metrics = var.enable_custom_metrics ? "yes" : "no"
       admin_shell = var.admin_shell
       smart_1_cloud_token = count.index == 0 ? var.smart_1_cloud_token_a : var.smart_1_cloud_token_b
+      serial_console_password_hash = var.serial_console_password_hash
+      maintenance_mode_password_hash = var.maintenance_mode_password_hash
     })
   }
 
@@ -465,6 +469,8 @@ resource "azurerm_virtual_machine" "vm-instance-availability-zone" {
       enable_custom_metrics = var.enable_custom_metrics ? "yes" : "no"
       admin_shell = var.admin_shell
       smart_1_cloud_token = count.index == 0 ? var.smart_1_cloud_token_a : var.smart_1_cloud_token_b
+      serial_console_password_hash = var.serial_console_password_hash
+      maintenance_mode_password_hash = var.maintenance_mode_password_hash
     })
   }
 

diff --git a/terraform/azure/high-availability-existing-vnet/terraform.tfvars b/terraform/azure/high-availability-existing-vnet/terraform.tfvars
@@ -21,7 +21,7 @@ vm_size                         = "PLEASE ENTER VM SIZE"
 disk_size                       = "PLEASE ENTER DISK SIZE"                                         # "110"
 vm_os_sku                       = "PLEASE ENTER VM SKU"                                            # "sg-byol"
 vm_os_offer                     = "PLEASE ENTER VM OFFER"                                          # "check-point-cg-r8110"
-os_version                      = "PLEASE ENTER GAIA OS VERSION"                                   # "R81.10"
+os_version                      = "PLEASE ENTER GAIA OS VERSION"                                   # "R8110"
 bootstrap_script                = "PLEASE ENTER CUSTOM SCRIPT OR LEAVE EMPTY DOUBLE QUOTES"        # "touch /home/admin/bootstrap.txt; echo 'hello_world' > /home/admin/bootstrap.txt"
 allow_upload_download           = "PLEASE ENTER true or false"                                     # true
 authentication_type             = "PLEASE ENTER AUTHENTICATION TYPE"                               # "Password"
@@ -31,4 +31,6 @@ enable_floating_ip              = "PLEASE ENTER true or false"
 use_public_ip_prefix            = "PLEASE ENTER true or false"                                     # false
 create_public_ip_prefix         = "PLEASE ENTER true or false"                                     # false
 existing_public_ip_prefix_id    = "PLEASE ENTER IP PREFIX RESOURCE ID"                             # ""
-admin_shell                     = "PLEASE ETNER ADMIN SHELL"                                       # "/etc/cli.sh"
+admin_shell                     = "PLEASE ETNER ADMIN SHELL"                                       # "/etc/cli.sh
+serial_console_password_hash    = "PLEASE ENTER SERIAL CONSOLE PASSWORD HASH"                      # "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+maintenance_mode_password_hash  = "PLEASE ENTER MAINTENANCE MODE PASSWORD HASH"                    # "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
diff --git a/terraform/azure/high-availability-existing-vnet/variables.tf b/terraform/azure/high-availability-existing-vnet/variables.tf
@@ -46,6 +46,16 @@ variable "admin_password" {
   type = string
 }
 
+variable "serial_console_password_hash" {
+  description = "Optional parameter, used to enable serial console connection in case of SSH key as authentication type"
+  type = string
+}
+
+variable "maintenance_mode_password_hash" {
+  description = "Maintenance mode password hash, relevant only for R81.20 and higher versions"
+  type = string
+}
+
 variable "smart_1_cloud_token_a" {
   description = "Smart-1 Cloud Token, for configuring member A"
   type = string
@@ -105,10 +115,10 @@ variable "os_version" {
 
 locals { // locals for 'vm_os_offer' allowed values
   os_version_allowed_values = [
-    "R80.40",
+    "R8040",
     "R81",
-    "R81.10",
-    "R81.20"
+    "R8110",
+    "R8120"
   ]
   // will fail if [var.os_version] is invalid:
   validate_os_version_value = index(local.os_version_allowed_values, var.os_version)

diff --git a/terraform/azure/high-availability-new-vnet/README.md b/terraform/azure/high-availability-new-vnet/README.md
diff --git a/terraform/azure/high-availability-new-vnet/cloud-init.sh b/terraform/azure/high-availability-new-vnet/cloud-init.sh
@@ -2,7 +2,7 @@
 
 installationType="${installation_type}"
 allowUploadDownload="${allow_upload_download}"
-osVersion= "${os_version}"
+osVersion="${os_version}"
 templateName="${template_name}"
 templateVersion="${template_version}"
 templateType="${template_type}"
@@ -18,3 +18,5 @@ customMetrics="${enable_custom_metrics}"
 adminShell="${admin_shell}"
 smart1CloudToken="${smart_1_cloud_token}"
 Vips='[{"name": "cluster-vip", "privateIPAddress": "${external_private_addresses}", "publicIPAddress": "${cluster_name}"}]'
+passwordHash="${serial_console_password_hash}"
+MaintenanceModePassword="${maintenance_mode_password_hash}"
diff --git a/terraform/azure/high-availability-new-vnet/main.tf b/terraform/azure/high-availability-new-vnet/main.tf
@@ -26,6 +26,8 @@ module "common" {
   vm_os_sku = var.vm_os_sku
   vm_os_offer = var.vm_os_offer
   authentication_type = var.authentication_type
+  serial_console_password_hash = var.serial_console_password_hash
+  maintenance_mode_password_hash = var.maintenance_mode_password_hash
 }
 
 //********************** Networking **************************//
@@ -393,7 +395,9 @@ resource "azurerm_virtual_machine" "vm-instance-availability-set" {
       external_private_addresses = azurerm_network_interface.nic_vip.ip_configuration[1].private_ip_address
       enable_custom_metrics = var.enable_custom_metrics ? "yes" : "no"
       admin_shell = var.admin_shell
-      smart_1_cloud_token = count.index == 0 ? var.smart_1_cloud_token_a : var.smart_1_cloud_token_b 
+      smart_1_cloud_token = count.index == 0 ? var.smart_1_cloud_token_a : var.smart_1_cloud_token_b
+      serial_console_password_hash = var.serial_console_password_hash
+      maintenance_mode_password_hash = var.maintenance_mode_password_hash
     })
   }
 
@@ -486,6 +490,8 @@ resource "azurerm_virtual_machine" "vm-instance-availability-zone" {
       enable_custom_metrics = var.enable_custom_metrics ? "yes" : "no"
       admin_shell = var.admin_shell
       smart_1_cloud_token = count.index == 0 ? var.smart_1_cloud_token_a : var.smart_1_cloud_token_b
+      serial_console_password_hash = var.serial_console_password_hash
+      maintenance_mode_password_hash = var.maintenance_mode_password_hash
     })
   }
 

diff --git a/terraform/azure/high-availability-new-vnet/terraform.tfvars b/terraform/azure/high-availability-new-vnet/terraform.tfvars
@@ -18,7 +18,7 @@ vm_size                         = "PLEASE ENTER VM SIZE"
 disk_size                       = "PLEASE ENTER DISK SIZE"                                         # "110"
 vm_os_sku                       = "PLEASE ENTER VM SKU"                                            # "sg-byol"
 vm_os_offer                     = "PLEASE ENTER VM OFFER"                                          # "check-point-cg-r8110"
-os_version                      = "PLEASE ENTER GAIA OS VERSION"                                   # "R81.10"
+os_version                      = "PLEASE ENTER GAIA OS VERSION"                                   # "R8110"
 bootstrap_script                = "PLEASE ENTER CUSTOM SCRIPT OR LEAVE EMPTY DOUBLE QUOTES"        # "touch /home/admin/bootstrap.txt; echo 'hello_world' > /home/admin/bootstrap.txt"
 allow_upload_download           = "PLEASE ENTER true or false"                                     # true
 authentication_type             = "PLEASE ENTER AUTHENTICATION TYPE"                               # "Password"
@@ -28,4 +28,6 @@ enable_floating_ip              = "PLEASE ENTER true or false"
 use_public_ip_prefix            = "PLEASE ENTER true or false"                                     # false
 create_public_ip_prefix         = "PLEASE ENTER true or false"                                     # false
 existing_public_ip_prefix_id    = "PLEASE ENTER IP PREFIX RESOURCE ID"                             # ""
-admin_shell                     = "PLEASE ETNER ADMIN SHELL"                                       # "/etc/cli.sh"
+admin_shell                     = "PLEASE ETNER ADMIN SHELL"                                       # "/etc/cli.sh"
+serial_console_password_hash    = "PLEASE ENTER SERIAL CONSOLE PASSWORD HASH"                      # "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+maintenance_mode_password_hash  = "PLEASE ENTER MAINTENANCE MODE PASSWORD HASH"                    # "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
diff --git a/terraform/azure/high-availability-new-vnet/variables.tf b/terraform/azure/high-availability-new-vnet/variables.tf
@@ -46,6 +46,16 @@ variable "admin_password" {
   type = string
 }
 
+variable "serial_console_password_hash" {
+  description = "Optional parameter, used to enable serial console connection in case of SSH key as authentication type"
+  type = string
+}
+
+variable "maintenance_mode_password_hash" {
+  description = "Maintenance mode password hash, relevant only for R81.20 and higher versions"
+  type = string
+}
+
 variable "smart_1_cloud_token_a" {
   description = "Smart-1 Cloud Token, for configuring member A"
   type = string
@@ -105,10 +115,10 @@ variable "os_version" {
 
 locals { // locals for 'vm_os_offer' allowed values
   os_version_allowed_values = [
-    "R80.40",
+    "R8040",
     "R81",
-    "R81.10",
-    "R81.20"
+    "R8110",
+    "R8120"
   ]
   // will fail if [var.os_version] is invalid:
   validate_os_version_value = index(local.os_version_allowed_values, var.os_version)