forked from dmauser/AzureVM-Router
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdeploylinuxnvabgp.azcli
54 lines (44 loc) · 3 KB
/
deploylinuxnvabgp.azcli
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
##parameters#
rg="nva-lab-bgp" #set your resource group
location=centralus #set your Azure region
username=azureuser
password=Msft123Msft123
vnetname=vnet1
subnetname=nvasubnet
nvaname=linux-nva
#Resource Group
az group create --name $rg --location $location
## Create VNET and NVA
az network vnet create --resource-group $rg --name $vnetname --location $location --address-prefixes 10.1.0.0/16 --subnet-name $subnetname --subnet-prefix 10.1.10.0/24 -o none
# Enable routing, NAT and BGP on Linux NVA:
az network public-ip create --name $nvaname-pip --resource-group $rg --location $location --allocation-method Dynamic --output none
az network nic create --name $nvaname-nic --resource-group $rg --subnet $subnetname --vnet $vnetname --public-ip-address $nvaname-pip --ip-forwarding true -o none
az vm create --resource-group $rg --location $location --name $nvaname --size Standard_B1s --nics $nvaname-nic --image UbuntuLTS --admin-username $username --admin-password $password -o none
#Provisioning Route Server
az network vnet subnet create --address-prefix 10.1.20.0/24 --name RouteServerSubnet --resource-group $rg --vnet-name $vnetname --output none
az network public-ip create --resource-group $rg --name $vnetname-rs-pip --allocation-method Static --sku Standard -o none
az network routeserver create --resource-group $rg --name $vnetname-rs \
--hosted-subnet $(az network vnet subnet show --resource-group $rg --vnet-name $vnetname --name RouteServerSubnet --query id --out tsv) \
--public-ip-address $vnetname-rs-pip \
-o none
#NVA BGP settings
asn_quagga=65020 # Set ASN
bgp_network1=10.100.0.0/16 # Set Network to be propagated
#NVA BGP config variables (do not change)
bgp_routerId=$(az network nic show --name $nvaname-nic --resource-group $rg --query ipConfigurations[0].privateIpAddress -o tsv)
routeserver_IP1=$(az network routeserver list --resource-group $rg --query '{IPs:[0].virtualRouterIps[0]}' -o tsv)
routeserver_IP2=$(az network routeserver list --resource-group $rg --query '{IPs:[0].virtualRouterIps[1]}' -o tsv)
# Enable routing and NAT on Linux NVA:
scripturi="https://raw.githubusercontent.com/dmauser/AzureVM-Router/master/linuxrouterbgp.sh"
az vm extension set --resource-group $rg --vm-name $nvaname --name customScript --publisher Microsoft.Azure.Extensions \
--protected-settings "{\"fileUris\": [\"$scripturi\"],\"commandToExecute\": \"./linuxrouterbgp.sh $asn_quagga $bgp_routerId $bgp_network1 $routeserver_IP1 $routeserver_IP2\"}" \
--no-wait
# Build Route Server BGP Peering
az network routeserver peering create --resource-group $rg --routeserver $vnetname-rs --name $nvaname --peer-asn $asn_quagga \
--peer-ip $(az network nic show --name $nvaname-nic --resource-group $rg --query ipConfigurations[0].privateIpAddress -o tsv)
#Validation
# Check effective routes NVA
az network nic show --resource-group $rg -n $nvaname-nic --query "ipConfigurations[].privateIpAddress" -o tsv
az network nic show-effective-route-table --resource-group $rg -n $nvaname-nic -o table
#Clean up
az group delete -g $rg --no-wait --yes