Deploying Geneos on Azure Resource Manager using Bicep
Azure offers native IaC support through the Azure Resource Manager. This guide outlines how to deploy Geneos components using Bicep templates and Azure Resource Manager Stacks.
Prerequisites Copied
-
Azure CLI installed. This can be installed from Azure.
-
Bicep CLI installed. You can run the following command to install Bicep CLI, but this is normally bundled with the Azure CLI installation.
az bicep install -
Logged in from CLI
az login -
Existing Azure resources
- Resource Group — used for the deployment stack.
- Storage Account — used to store Geneos artifacts such as binaries and configuration XMLs.
Important
The user should have aContributorrole on both the Resource Group and Storage Account.
Deployment commands Copied
Use the following az stack group commands to manage Deployment Stacks at resource group.
Create or update a deployment stack Copied
Use this command to create or update a deployment stack. Refer to az stack group create to learn more about the command and its required parameters.
az stack group create \
--name <StackName> \
--resource-group <ResourceGroup> \
--template-file <BicepFile> \
--parameters <BicepParameters> \
--action-on-unmanage deleteAll \
--deny-settings-mode none
For example:
az stack group create \
--name NetprobeStack \
--resource-group DeploymentGroup \
--template-file scripts/native/Azure/environments/demo/main.bicep \
--parameters scripts/native/Azure/environments/demo/parameters.bicepparam \
--action-on-unmanage deleteAll \
--deny-settings-mode none
Show the deployment stack summary Copied
Use this command to retrieve the summary of deployed virtual machines and Geneos services. Refer to az stack group show to learn more about the command and its required parameters.
az stack group show \
--name <StackName> \
--resource-group <ResourceGroup> \
--query "outputs.*.value[]" \
--output table
For example:
az stack group show \
--name NetprobeStack \
--resource-group DeploymentGroup \
--query "outputs.*.value[]" \
--output table
Delete the deployment stack Copied
Use this command to delete the deployment stack from the resource group. Refer to az stack group delete to learn more about the command and its required parameters.
az stack group delete \
--name <StackName> \
--resource-group <ResourceGroup> \
--action-on-unmanage deleteAll
For example:
az stack group delete \
--name NetprobeStack \
--resource-group DeploymentGroup \
--action-on-unmanage deleteAll
Template files Copied
Several Bicep template files are available depending on your desired provisioning. However, it is recommended to use the provided main.bicep files in the environments folder.
Environments Copied
environments/demo/main.bicep— orchestrates virtual network, network security group, and multiple VM stacks (Gateway and Netprobes) and deploys Geneos services on them. Refer to the quickstart guide to learn how to deploy using the demo template.environments/dev/main.bicep— targets existing VMs and deploys Geneos services on them.
Components Copied
components/geneos-host.bicep — composes public IP, network interface, and VM modules.
Modules Copied
| Module | Description |
|---|---|
modules/network-security-group.bicep |
Provisions a network security group with inbound TCP rules. |
modules/virtual-network.bicep |
Provisions a virtual network and a default subnet. |
modules/public-ip.bicep |
Provisions a public IP address. |
modules/network-interface.bicep |
Provisions a network interface bound to a subnet, network security group, and public IP. |
modules/virtual-machine.bicep |
Provisions a Linux virtual machine. |
modules/run-command.bicep |
Runs an inline script via VM Run Command. |
modules/geneos-deployment.bicep |
Deploys Geneos services via Custom Script Extension and downloads files from Storage account with SAS token. |
If you prefer using templates in ARM JSON instead of Bicep, you can convert the Bicep files using the following commands. These will generate the equivalent .json and .parameters.json files.
bicep build <BICEP_FILE>.bicep # generates <BICEP_FILE>.json
bicep build <BICEP_PARAM_FILE>.bicepparam # generates <BICEP_PARAM_FILE>.parameters.json
Parameters Copied
Below are the parameters required for each template file. Use these parameters to configure the template files.
Network security group Copied
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
networkSecurityGroupName |
Name of the network security group | string | Yes | |
networkSecurityGroupTcpInboundDestinationPorts |
TCP inbound destination port ranges | array | [‘22’, ‘7036’, ‘7039’, ‘7041’] | Yes |
tags |
Tags to apply to the network security group | object | No |
Virtual network Copied
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
virtualNetworkName |
Name of the virtual network | string | Yes | |
virtualNetworkAddressPrefixes |
Address prefixes for the virtual network | array | [‘10.2.0.0/16’] | Yes |
virtualNetworkAddressPrefixesSubnet |
Address prefixes for the subnets | array | [‘10.2.0.0/24’] | Yes |
tags |
Tags to apply to the virtual network | object | No |
Public IP Copied
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
publicIpAddressName |
Name of the public IP address | string | Yes | |
publicIpAddressSku |
SKU of the public IP address. The allowed values are:
|
string | Standard | Yes |
publicIpAddressType |
Type of the public IP address. The allowed values are:
|
string | Static | Yes |
publicIpAddressZone |
Zones for the public IP address | array | [‘1’] | No |
tags |
Tags to apply to the public IP address | object | No |
Network interface Copied
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
networkInterfaceName |
Name of the network interface | string | Yes | |
networkSecurityGroupId |
ID of the network security group to associate | string | Yes | |
publicIpAddressId |
ID of the public IP address to associate | string | Yes | |
virtualNetworkSubnetId |
ID of the virtual network subnet to associate | string | Yes | |
tags |
Tags to apply to the network interface | object | No |
Virtual machine Copied
The defaults for VM size and OS disk type follow the ITRS Azure virtual machine image specifications.
For complete details on the default virtual machine configuration, refer to Azure virtual machine defaults.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
virtualMachineName |
Name of the virtual machine | string | Yes | |
virtualMachineZone |
Availability zones for the VM | array | [‘1’] | No |
virtualMachineSize |
Size of the virtual machine | string | Standard_D2s_v3 | Yes |
networkInterfaceId |
IDs of the network interfaces to attach | array | Yes | |
virtualMachineOsDiskType |
OS disk type. The allowed OS disk types are:
|
string | Premium_LRS | Yes |
virtualMachineImagePublisher |
Image publisher | string | canonical | Yes |
virtualMachineImageOffer |
Image offer | string | 0001-com-ubuntu-server-jammy | Yes |
virtualMachineImageSku |
Image SKU | string | 22_04-lts-gen2 | Yes |
virtualMachineImageVersion |
Image version | string | latest | Yes |
virtualMachineAdminUser |
Admin username | string | Yes | |
virtualMachineAdminPassword |
Admin password | string | No | |
virtualMachineDisablePassword |
Disable password authentication | bool | true | No |
virtualMachineSshPublicKey |
SSH public key | string | Yes | |
tags |
Tags to apply to the virtual machine | object | No |
Run command Copied
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
runCommandName |
Name of the run command | string | Yes | |
virtualMachineName |
Name of the virtual machine | string | Yes | |
commandToRun |
Command to run | string | Yes |
Geneos deployment Copied
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
geneosDeploymentName |
Name of the Geneos deployment extension | string | geneos-deployment | Yes |
storageAccountName |
Name of the existing storage account | string | Yes | |
virtualMachineName |
Name of the target virtual machine | string | Yes | |
operation |
Operation to perform. The allowed operations are:
|
string | install | Yes |
serviceName |
Service name to manage | string | Yes | |
serviceDir |
Directory where the service will be installed | string | /opt/geneos | Yes |
binaryUrl |
URL to the Geneos binary file | string | Yes | |
serviceBinaryTar |
Service binary tar filename | string | Yes | |
serviceBinary |
Service binary filename | string | Yes | |
binaryAssetUrl |
URL to the Geneos binary asset file | string | No | |
serviceBinaryAsset |
Service binary asset filename | string | No | |
configUrl |
URL to the Geneos configuration file | string | No | |
serviceConfig |
Service configuration filename | string | No |
Geneos host Copied
- Includes public IP parameters.
- Includes network interface parameters.
- Includes virtual machine parameters.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
tags |
Tags to apply to all resources | object | No |
Demo/main Copied
- Includes network security group parameters.
- Includes virtual network parameters.
- Includes Geneos host parameters for License Daemon, Gateway and Netprobe.
- Includes Geneos deployment parameters for License Daemon, Gateway and Netprobe.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
vmCountNp |
Number of virtual machines to deploy (minimum: 1) | int | 2 | Yes |
tags |
Tags to apply to all resources | object | No |
Dev/main Copied
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
geneosNpDeployParams |
Collection of Geneos deployment parameters for Netprobe deployments | array | Yes |