Restructure into modules to enable persistent disk
This commit is contained in:
@@ -0,0 +1,96 @@
|
||||
resource "azurerm_resource_group" "rg" {
|
||||
name = "${var.prefix}-ephemeral-rg"
|
||||
location = var.location
|
||||
}
|
||||
|
||||
resource "azurerm_virtual_network" "vnet" {
|
||||
name = "${var.prefix}-vnet"
|
||||
resource_group_name = azurerm_resource_group.rg.name
|
||||
location = azurerm_resource_group.rg.location
|
||||
address_space = var.vnet_address_space
|
||||
}
|
||||
|
||||
resource "azurerm_public_ip" "pip" {
|
||||
name = "${var.prefix}-pip"
|
||||
resource_group_name = azurerm_resource_group.rg.name
|
||||
location = azurerm_resource_group.rg.location
|
||||
allocation_method = "Static"
|
||||
sku = "Standard"
|
||||
}
|
||||
|
||||
resource "azurerm_subnet" "workload_subnet" {
|
||||
name = "${var.prefix}-workload-subnet"
|
||||
resource_group_name = azurerm_resource_group.rg.name
|
||||
virtual_network_name = azurerm_virtual_network.vnet.name
|
||||
address_prefixes = var.workload_subnet_address_prefixes
|
||||
}
|
||||
|
||||
resource "azurerm_network_interface" "vm_nic" {
|
||||
name = "${var.prefix}-vm-nic"
|
||||
location = azurerm_resource_group.rg.location
|
||||
resource_group_name = azurerm_resource_group.rg.name
|
||||
|
||||
ip_configuration {
|
||||
name = "internal"
|
||||
subnet_id = azurerm_subnet.workload_subnet.id
|
||||
private_ip_address_allocation = "Dynamic"
|
||||
public_ip_address_id = azurerm_public_ip.pip.id
|
||||
}
|
||||
}
|
||||
|
||||
resource "random_password" "admin_password" {
|
||||
length = 16
|
||||
special = false
|
||||
}
|
||||
|
||||
resource "azurerm_windows_virtual_machine" "vm" {
|
||||
name = "${var.prefix}-winvm"
|
||||
computer_name = var.prefix
|
||||
resource_group_name = azurerm_resource_group.rg.name
|
||||
location = azurerm_resource_group.rg.location
|
||||
size = var.vm_size
|
||||
priority = var.vm_priority
|
||||
eviction_policy = var.vm_priority == "Spot" ? "Deallocate" : null
|
||||
|
||||
admin_username = var.vm_admin_username
|
||||
admin_password = random_password.admin_password.result
|
||||
|
||||
network_interface_ids = [
|
||||
azurerm_network_interface.vm_nic.id
|
||||
]
|
||||
|
||||
os_disk {
|
||||
caching = "ReadWrite"
|
||||
storage_account_type = "Premium_LRS"
|
||||
}
|
||||
|
||||
source_image_reference {
|
||||
publisher = "MicrosoftWindowsDesktop"
|
||||
offer = "Windows-10"
|
||||
sku = "win10-22h2-pro"
|
||||
version = "latest"
|
||||
}
|
||||
}
|
||||
|
||||
resource "azurerm_virtual_machine_data_disk_attachment" "data_disk_attachment" {
|
||||
managed_disk_id = var.datadisk_id
|
||||
virtual_machine_id = azurerm_windows_virtual_machine.vm.id
|
||||
lun = var.datadisk_lun
|
||||
caching = "ReadWrite"
|
||||
}
|
||||
|
||||
resource "azurerm_virtual_machine_extension" "provision_software" {
|
||||
name = "provision-software"
|
||||
virtual_machine_id = azurerm_windows_virtual_machine.vm.id
|
||||
publisher = "Microsoft.Compute"
|
||||
type = "CustomScriptExtension"
|
||||
type_handler_version = "1.10"
|
||||
|
||||
depends_on = [azurerm_virtual_machine_data_disk_attachment.data_disk_attachment]
|
||||
|
||||
protected_settings = <<SETTINGS
|
||||
{
|
||||
"commandToExecute": "powershell -command \"[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String('${base64encode(templatefile("${path.module}/scripts/provision-software.ps1.tpl", { tailscale_authkey = var.tailscale_authkey, datadisk_lun = var.datadisk_lun, datadisk_drive_letter = var.datadisk_drive_letter }))}')) | Out-File -filepath provision-software.ps1\" && powershell -ExecutionPolicy Unrestricted -File provision-software.ps1"
|
||||
}
|
||||
SETTINGS
|
||||
}
|
||||
@@ -0,0 +1,4 @@
|
||||
output "vm_admin_password" {
|
||||
sensitive = true
|
||||
value = random_password.admin_password.result
|
||||
}
|
||||
@@ -0,0 +1,121 @@
|
||||
$ErrorActionPreference = 'Stop'
|
||||
|
||||
$DataDiskLun = '${datadisk_lun}'
|
||||
$DataDiskDriveLetter = '${datadisk_drive_letter}'
|
||||
|
||||
$TailscaleUri = 'https://pkgs.tailscale.com/stable/tailscale-setup-1.88.3-amd64.msi'
|
||||
$TailscaleMsi = 'tailscale.msi'
|
||||
$TailscaleInstalledExe = 'C:\Program Files\Tailscale\tailscale.exe'
|
||||
$TailscaleInstallLog = 'tailscale-install.log'
|
||||
# FIXME(jona): Tailscale auth-key should not be stored in plain text!
|
||||
$TailscaleAuthKey = '${tailscale_authkey}'
|
||||
|
||||
$AmdDriverUri = 'https://download.microsoft.com/download/44ee0d6c-74dd-4214-b6d5-24fbf2eac33b/whql-amd-software-cloud-edition-25.1.1-win10-win11-azure-ngads-v620.exe'
|
||||
$AmdDriverExe = 'amd-gpu-driver.exe'
|
||||
$AmdDriverInstallLog = "$PWD\amd-gpu-driver-install.log"
|
||||
|
||||
$VBCableUri = 'https://download.vb-audio.com/Download_CABLE/VBCABLE_Driver_Pack45.zip'
|
||||
$VBCableZip = 'vbcable.zip'
|
||||
|
||||
$SunshineInstallerUri = 'https://github.com/LizardByte/Sunshine/releases/latest/download/Sunshine-Windows-AMD64-installer.exe'
|
||||
$SunshineInstallerExe = 'sunshine-installer.exe'
|
||||
|
||||
$SteamInstallerUri = 'https://cdn.fastly.steamstatic.com/client/installer/SteamSetup.exe'
|
||||
$SteamInstallerExe = 'steam-installer.exe'
|
||||
|
||||
Write-Host "Setting up data disk"
|
||||
|
||||
$DataDisk = Get-Disk | Where-Object { $_.Location -Like "*LUN $DataDiskLun*" }
|
||||
if ($DataDisk.PartitionStyle -eq 'raw') {
|
||||
Initialize-Disk -UniqueId $DataDisk.UniqueId -PartitionStyle GPT
|
||||
New-Partition -DiskId $DataDisk.UniqueId -UseMaximumSize -DriveLetter $DataDiskDriveLetter
|
||||
Format-Volume -DriveLetter $DataDiskDriveLetter -FileSystem NTFS -NewFileSystemLabel DataDisk -Confirm:$False
|
||||
} else {
|
||||
$Partition = Get-Partition -DiskNumber $DataDisk.DiskNumber | Where-Object { $_.Type -eq "Basic" }
|
||||
Set-Partition -InputObject $Partition -NewDriveLetter $DataDiskDriveLetter
|
||||
}
|
||||
|
||||
Write-Host "Done setting up data disk"
|
||||
|
||||
Write-Host "Provisioning software"
|
||||
|
||||
##
|
||||
# Tailscale
|
||||
Write-Host 'Setting up tailscale'
|
||||
|
||||
Write-Host "Downloading Tailscale MSI from $TailscaleUri to $TailscaleMsi"
|
||||
Invoke-WebRequest -UseBasicParsing -Uri $TailscaleUri -OutFile $TailscaleMsi
|
||||
|
||||
Write-Host "Installing Tailscale from MSI to $TailscaleInstalledExe, see log at $TailscaleInstallLog"
|
||||
Start-Process msiexec.exe -ArgumentList '/i', $TailscaleMsi, '/qn', '/l*v', $TailscaleInstallLog -Wait -NoNewWindow -PassThru
|
||||
|
||||
Write-Host 'Joining host to tailscale network'
|
||||
Start-Process $TailscaleInstalledExe -ArgumentList 'up', '--authkey', $TailscaleAuthKey, '--accept-dns=false', '--accept-routes', '--unattended' -NoNewWindow -PassThru -Wait
|
||||
|
||||
# FIXME(jona): Tailscale auth key should not be stored in registry in plain text
|
||||
Write-Host 'Creating login script to authenticate to tailscale'
|
||||
$TailscaleLoginCmd = ('"{0}" login --auth-key "{1}"' -f $TailscaleInstalledExe, $TailscaleAuthKey)
|
||||
New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" `
|
||||
-Name "TailscaleLogin" `
|
||||
-Value "cmd /c $TailscaleLoginCmd" `
|
||||
-PropertyType String -Force
|
||||
|
||||
Write-Host 'Done setting up tailscale'
|
||||
|
||||
##
|
||||
# AMD GPU driver
|
||||
Write-Host 'Installing AMD GPU driver'
|
||||
|
||||
Write-Host "Downloading AMD GPU driver installer from $AndDriverUri to $AmdDriverExe"
|
||||
Invoke-WebRequest -UseBasicParsing -Uri $AmdDriverUri -OutFile $AmdDriverExe
|
||||
|
||||
Write-Host "Installing AMD GPU driver from, see log at $AmdDriverInstallLog"
|
||||
Start-Process $AmdDriverExe -ArgumentList '-install', '-log', $AmdDriverInstallLog -Wait -NoNewWindow -PassThru
|
||||
|
||||
Write-Host 'Done installing AMD GPU driver'
|
||||
|
||||
##
|
||||
# Virtual Cable audio device driver
|
||||
Write-Host 'Installing Virtual Cable audio device driver'
|
||||
|
||||
Write-Host "Downloading VBCable from $VBCableUri to $VBCableZip"
|
||||
Invoke-WebRequest -UseDefaultCredentials -Uri $VBCableUri -OutFile $VBCableZip
|
||||
|
||||
$VBCableExtracted = 'vbcable'
|
||||
Write-Host "Extracting $VBCableZip to $VBCableExtracted"
|
||||
Expand-Archive $VBCableZip -DestinationPath 'vbcable'
|
||||
|
||||
Write-Host 'Installing VBCable from installer'
|
||||
Start-Process "vbcable\VBCABLE_Setup_x64.exe" -ArgumentList '-i', '-h' -Wait -NoNewWindow -PassThru
|
||||
|
||||
Write-Host 'Done installing Virtual Cable audio device driver'
|
||||
|
||||
##
|
||||
# Sunshine
|
||||
Write-Host "Installing Sunshine"
|
||||
Write-Host "Downloading sunshine installer from $SunshineInstallerUri to $SunshineInstallerExe"
|
||||
Invoke-WebRequest -UseBasicParsing -Uri $SunshineInstallerUri -OutFile $SunshineInstallerExe
|
||||
|
||||
Write-Host "Installing Sunshine from $SunshineInstallerExe"
|
||||
Start-Process $SunshineInstallerExe -ArgumentList '/S' -Wait -NoNewWindow -PassThru
|
||||
|
||||
Write-Host 'Done installing Sunshine, configure at https://localhost:47990/'
|
||||
|
||||
##
|
||||
# Steam
|
||||
Write-Host "Installing Steam"
|
||||
|
||||
if(Test-Path "$($DataDiskDriveLetter):\Steam\Steam.exe") {
|
||||
Write-Host "Steam is already installed, skipping"
|
||||
} else {
|
||||
Write-Host "Downloading Steam installer from $SteamInstallerUri to $SteamInstallerExe"
|
||||
Invoke-WebRequest -UseBasicParsing -Uri $SteamInstallerUri -OutFile $SteamInstallerExe
|
||||
|
||||
Write-Host "Installing Steam from $SteamInstallerExe"
|
||||
New-Item -Path "$($DataDiskDriveLetter):\" -Name 'Steam' -ItemType Directory
|
||||
Start-Process $SteamInstallerExe -ArgumentList '/S', "/D=$($DataDiskDriveLetter):\Steam" -Wait -NoNewWindow -PassThru
|
||||
}
|
||||
|
||||
Write-Host 'Done installing Steam'
|
||||
|
||||
Write-Host 'Done provisioning software'
|
||||
@@ -0,0 +1,67 @@
|
||||
variable "subscription_id" {
|
||||
description = "Subscription ID of the subscription for gaming related stuff"
|
||||
type = string
|
||||
}
|
||||
|
||||
# The prefix must not be changed, sice the budget watcher deletes the resource group wa5p-gaming-rg when budget is exceeded
|
||||
variable "prefix" {
|
||||
description = "Prefix for gaming related ressources"
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "location" {
|
||||
description = "Location for gaming related ressources, should be as close as possible for low latency"
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "vnet_address_space" {
|
||||
description = "List of IP nets for gaming vnet"
|
||||
type = list(string)
|
||||
default = ["10.0.1.0/24"]
|
||||
}
|
||||
|
||||
variable "workload_subnet_address_prefixes" {
|
||||
description = "IP subnet address prefixes for workload subnet"
|
||||
type = list(string)
|
||||
default = ["10.0.1.128/25"]
|
||||
}
|
||||
|
||||
variable "vm_size" {
|
||||
description = "SKU of the vm to be deployed, should be a GPU optimized vm"
|
||||
type = string
|
||||
default = "Standard_NG16ads_V620_v1"
|
||||
}
|
||||
|
||||
variable "vm_priority" {
|
||||
description = "Priority of the VM, can be Regular or Spot. Spot is cheaper, but can be evicted at any time"
|
||||
type = string
|
||||
default = "Regular"
|
||||
}
|
||||
|
||||
variable "vm_admin_username" {
|
||||
description = "VM admin username, password will be generated randomly"
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "datadisk_id" {
|
||||
description = "ID of the persistent datadisk"
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "datadisk_lun" {
|
||||
description = "Location identifier, this is used to identify the disk within the VM"
|
||||
type = string
|
||||
default = "10"
|
||||
}
|
||||
|
||||
variable "datadisk_drive_letter" {
|
||||
description = "Drive letter to mount the datadisk to"
|
||||
type = string
|
||||
default = "Z"
|
||||
}
|
||||
|
||||
variable "tailscale_authkey" {
|
||||
description = "Tailscale auth key for unattended login"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
Reference in New Issue
Block a user