Skip to content

Commit

Permalink
feat: Multi region support for accelerator (#857)
Browse files Browse the repository at this point in the history
* feat: Add minimum sample bicep file for hubNetworking module

* added secondarylocation params and resources

* Refactor parameter names and values for secondary location in hubNetworking module

* Remove duplicate DNS zones

* Fix module references

* Clean up uneeded references

* Remove uneeded parameter replacements for secondary location

* Add peering module to multi region module

* Add condition for peering

* Adjust multi region samples

* Add active-active support for vpn gateway

* Added VWAN changes

* Add changes from final testing

* Finalize changes for multi-region module

* Generate Parameter Markdowns [oZakari/2642d626]

---------

Co-authored-by: Zach Trocinski <[email protected]>
Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
  • Loading branch information
3 people authored Sep 27, 2024
1 parent 26a2ac7 commit 2b7ee23
Show file tree
Hide file tree
Showing 6 changed files with 4,341 additions and 1 deletion.
251 changes: 250 additions & 1 deletion accelerator/.config/ALZ-Powershell-Auto.config.json
Original file line number Diff line number Diff line change
Expand Up @@ -197,6 +197,20 @@
"order": 10,
"group": "connectivity"
},
{
"name": "hub_and_spoke_multi_region",
"displayName": "Hub (Hub-and-Spoke) Multi-Region Deployment",
"templateFilePath": "./infra-as-code/bicep/modules/hubNetworking/hubNetworking-multiRegion.bicep",
"templateParametersFilePath": "./config/custom-parameters/hubNetworking.parameters.multiRegion.all.json",
"templateParametersSourceFilePath": "./infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.az.multiRegion.all.json",
"subscriptionId": "CONNECTIVITY_SUBSCRIPTION_ID",
"resourceGroupName": "CONNECTIVITY_RESOURCE_GROUP",
"networkType": "hubNetworkingMultiRegion",
"deploymentType": "resourceGroup",
"firstRunWhatIf": false,
"order": 11,
"group": "connectivity"
},
{
"name": "vwan",
"displayName": "Hub (VWAN) Deployment",
Expand All @@ -208,7 +222,21 @@
"networkType": "vwanConnectivity",
"deploymentType": "resourceGroup",
"firstRunWhatIf": false,
"order": 10,
"order": 12,
"group": "connectivity"
},
{
"name": "vwan_multi_region",
"displayName": "Hub (VWAN) Multi-Region Deployment",
"templateFilePath": "./infra-as-code/bicep/modules/vwanConnectivity/vwanConnectivity.bicep",
"templateParametersFilePath": "./config/custom-parameters/vwanConnectivity.parameters.multiRegion.all.json",
"templateParametersSourceFilePath": "./infra-as-code/bicep/modules/vwanConnectivity/parameters/vwanConnectivity.parameters.az.multiRegion.all.json",
"subscriptionId": "CONNECTIVITY_SUBSCRIPTION_ID",
"resourceGroupName": "CONNECTIVITY_RESOURCE_GROUP",
"networkType": "vwanConnectivityMultiRegion",
"deploymentType": "resourceGroup",
"firstRunWhatIf": false,
"order": 13,
"group": "connectivity"
}
],
Expand Down Expand Up @@ -284,6 +312,27 @@
],
"validation": "azure_location"
},
"SecondaryLocation":{
"source": "input",
"type": "string",
"description": "Secondary deployment location. (e.g 'westeurope')",
"Value": "",
"Targets": [
{
"Name": "parSecondaryLocation.value",
"Destination": "Parameters"
},
{
"Name": "parVirtualWanHubs.value[1].parHubLocation",
"Destination": "Parameters"
},
{
"Name": "SECONDARYLOCATION",
"Destination": "Environment"
}
],
"validation": "azure_location"
},
"Environment": {
"source": "input",
"type": "string",
Expand Down Expand Up @@ -505,6 +554,17 @@
}
]
},
"HubNetworkNameSecondary": {
"source": "powershell",
"type": "string",
"Value": "alz-hub-{%SecondaryLocation%}",
"Targets": [
{
"Name": "parHubNetworkNameSecondaryLocation.value",
"Destination": "Parameters"
}
]
},
"VirtualIdToLink": {
"source": "powershell",
"type": "string",
Expand Down Expand Up @@ -538,6 +598,17 @@
}
]
},
"AzFirewallNameSecondary": {
"source": "powershell",
"type": "string",
"Value": "alz-azfw-{%SecondaryLocation%}",
"Targets": [
{
"Name": "parAzFirewallNameSecondaryLocation.value",
"Destination": "Parameters"
}
]
},
"FirewallPoliciesName": {
"source": "powershell",
"type": "string",
Expand All @@ -549,6 +620,17 @@
}
]
},
"FirewallPoliciesNameSecondary": {
"source": "powershell",
"type": "string",
"Value": "alz-azfwpolicy-{%SecondaryLocation%}",
"Targets": [
{
"Name": "parAzFirewallPoliciesNameSecondaryLocation.value",
"Destination": "Parameters"
}
]
},
"AK8sPrivateLink": {
"source": "powershell",
"type": "string",
Expand All @@ -560,6 +642,105 @@
}
]
},
"parAzBastionName": {
"source": "powershell",
"type": "string",
"Value": "alz-bastion-{%Location%}",
"Targets": [
{
"Name": "parAzBastionName.value",
"Destination": "Parameters"
}
]
},
"parAzBastionNameSecondaryLocation": {
"source": "powershell",
"type": "string",
"Value": "alz-bastion-{%SecondaryLocation%}",
"Targets": [
{
"Name": "parAzBastionNameSecondaryLocation.value",
"Destination": "Parameters"
}
]
},
"parAzBastionNsgName": {
"source": "powershell",
"type": "string",
"Value": "nsg-AzureBastionSubnet-{%Location%}",
"Targets": [
{
"Name": "parAzBastionNsgName.value",
"Destination": "Parameters"
}
]
},
"parAzBastionNsgNameSecondaryLocation": {
"source": "powershell",
"type": "string",
"Value": "nsg-AzureBastionSubnet-{%SecondaryLocation%}",
"Targets": [
{
"Name": "parAzBastionNsgNameSecondaryLocation.value",
"Destination": "Parameters"
}
]
},
"parDdosPlanName": {
"source": "powershell",
"type": "string",
"Value": "alz-ddos-plan-{%Location%}",
"Targets": [
{
"Name": "parDdosPlanName.value",
"Destination": "Parameters"
}
]
},
"parDdosPlanNameSecondaryLocation": {
"source": "powershell",
"type": "string",
"Value": "alz-ddos-plan-{%SecondaryLocation%}",
"Targets": [
{
"Name": "parDdosPlanNameSecondaryLocation.value",
"Destination": "Parameters"
}
]
},
"parHubRouteTableName": {
"source": "powershell",
"type": "string",
"Value": "alz-hub-routetable-{%Location%}",
"Targets": [
{
"Name": "parHubRouteTableName.value",
"Destination": "Parameters"
}
]
},
"parHubRouteTableNameSecondaryLocation": {
"source": "powershell",
"type": "string",
"Value": "alz-hub-routetable-{%SecondaryLocation%}",
"Targets": [
{
"Name": "parHubRouteTableNameSecondaryLocation.value",
"Destination": "Parameters"
}
]
},
"AK8sPrivateLinkSecondary": {
"source": "powershell",
"type": "string",
"Value": "privatelink.{%SecondaryLocation%}.azmk8s.io",
"Targets": [
{
"Name": "parPrivateDnsZonesSecondaryLocation.value[0]",
"Destination": "Parameters"
}
]
},
"BatchPrivateLink": {
"source": "powershell",
"type": "string",
Expand All @@ -571,6 +752,17 @@
}
]
},
"BatchPrivateLinkSecondary": {
"source": "powershell",
"type": "string",
"Value": "privatelink.{%SecondaryLocation%}.batch.azure.com",
"Targets": [
{
"Name": "parPrivateDnsZonesSecondaryLocation.value[1]",
"Destination": "Parameters"
}
]
},
"KustoPrivateLink": {
"source": "powershell",
"type": "string",
Expand All @@ -582,6 +774,17 @@
}
]
},
"KustoPrivateLinkSecondary": {
"source": "powershell",
"type": "string",
"Value": "privatelink.{%SecondaryLocation%}.kusto.windows.net",
"Targets": [
{
"Name": "parPrivateDnsZonesSecondaryLocation.value[2]",
"Destination": "Parameters"
}
]
},
"BackupPrivateLink": {
"source": "powershell",
"type": "string",
Expand All @@ -593,6 +796,17 @@
}
]
},
"BackupPrivateLinkSecondary": {
"source": "powershell",
"type": "string",
"Value": "privatelink.{%SecondaryLocation%}.backup.windowsazure.com",
"Targets": [
{
"Name": "parPrivateDnsZonesSecondaryLocation.value[3]",
"Destination": "Parameters"
}
]
},
"ConnectivityResourceGroupName": {
"source": "powershell",
"type": "string",
Expand Down Expand Up @@ -660,15 +874,30 @@
"Name": "parAzErGatewayAvailabilityZones.value",
"Destination": "Parameters"
},
{
"File": "hubNetworking.parameters.multiRegion.all.json",
"Name": "parAzErGatewayAvailabilityZonesSecondaryLocation.value",
"Destination": "Parameters"
},
{
"File": "hubNetworking.parameters.all.json",
"Name": "parAzVpnGatewayAvailabilityZones.value",
"Destination": "Parameters"
},
{
"File": "hubNetworking.parameters.multiRegion.all.json",
"Name": "parAzVpnGatewayAvailabilityZonesSecondaryLocation.value",
"Destination": "Parameters"
},
{
"File": "hubNetworking.parameters.all.json",
"Name": "parAzFirewallAvailabilityZones.value",
"Destination": "Parameters"
},
{
"File": "hubNetworking.parameters.multiRegion.all.json",
"Name": "parAzFirewallAvailabilityZonesSecondaryLocation.value",
"Destination": "Parameters"
}
]
}
Expand Down Expand Up @@ -812,6 +1041,26 @@
],
"validation": "azure_location"
},
"SecondaryLocation": {
"source": "input",
"type": "string",
"description": "Deployment location. (e.g. 'uksouth')",
"Targets": [
{
"Name": "parLocation.value",
"Destination": "Parameters"
},
{
"Name": "parLocation.value",
"Destination": "Parameters"
},
{
"Name": "SECONDARYLOCATION",
"Destination": "Environment"
}
],
"validation": "azure_location"
},
"Environment": {
"source": "input",
"type": "string",
Expand Down
2 changes: 2 additions & 0 deletions infra-as-code/bicep/modules/hubNetworking/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -204,6 +204,8 @@ New-AzResourceGroupDeployment @inputObject

To extend your infrastructure to [additional regions](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/regions), this module can be deployed multiple times with different parameters files to deploy additional hubs in multiple regions. The [vnetPeering module](https://github.com/Azure/ALZ-Bicep/tree/main/infra-as-code/bicep/modules/vnetPeering) can be leveraged to peer the hub networks together across the different regions.

If you want to use a single deployment targeting two regions, you can use the [hubNetworking-multiRegion.bicep](https://github.com/Azure/ALZ-Bicep/blob/main/infra-as-code/bicep/modules/hubNetworking/hubNetworking-multiRegion.bicep) file along with the [hubNetwork.parameters.az.multiRegion.all.parameters.json](https://github.com/Azure/ALZ-Bicep/blob/main/infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.az.all.jso) file. This module uses similar parameters from the `hubNetworking` module, but the parameters specific to the secondary region are suffixed with `SecondaryLocation`. It also leverages the `vnetPeering` module to peer the two hubs together.

> For the example below, two hubs will be deployed across *eastus* and *westus* regions.
1. Duplicate the [parameters file](https://github.com/Azure/ALZ-Bicep/blob/main/infra-as-code/bicep/modules/hubNetworking/parameters/hubNetworking.parameters.az.all.json) and create a new file for the first hub in the *eastus* region **hubNetworking.parameters.az.all.eastus.json**.
Expand Down
Loading

0 comments on commit 2b7ee23

Please sign in to comment.