FGT UMS: add custom data

40net-cloud · Nov 27, 2024 · af935e6 · af935e6
1 parent aff9df4
commit af935e6
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/FortiGate/Autoscale/ums/azuredeploy.json b/FortiGate/Autoscale/ums/azuredeploy.json
@@ -437,8 +437,9 @@
     "subnet1Id": "[if(equals(parameters('vnetNewOrExisting'),'new'),resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'),parameters('subnet1Name')),resourceId(parameters('vnetResourceGroup'),'Microsoft.Network/virtualNetworks/subnets', variables('vnetName'),parameters('subnet1Name')))]",
     "subnet2Id": "[if(equals(parameters('vnetNewOrExisting'),'new'),resourceId('Microsoft.Network/virtualNetworks/subnets', variables('vnetName'),parameters('subnet2Name')),resourceId(parameters('vnetResourceGroup'),'Microsoft.Network/virtualNetworks/subnets', variables('vnetName'),parameters('subnet2Name')))]",
     "fgtVMSSName": "[if(equals(parameters('fortiGateName'),''),concat(parameters('fortiGateNamePrefix'),'-fgt-ums'),parameters('fortiGateName'))]",
-    "fmgCustomData": "[if(equals(parameters('fortiManager'),'yes'),concat('\nconfig system central-management\nset type fortimanager\n set fmg ',parameters('fortiManagerIP'),'\nset serial-number ', parameters('fortiManagerSerial'), '\nend\n config system interface\n edit port1\n append allowaccess fgfm\n end\n config system interface\n edit port2\n append allowaccess fgfm\n end\n'),'')]",
-    "customDataBody": "[concat('config system global\nset hostname ', variables('fgtVMSSName'), '\nend\nconfig system sdn-connector\nedit AzureSDN\nset type azure\nnext\nend\nconfig router static\nedit 1\nset dst ', parameters('vnetAddressPrefix'), '\nset distance 5\nset gateway ', variables('sn2GatewayIP'), '\nset device port2\nnext\nend\nconfig system interface\nedit port1\nset mode dhcp\nset description external\nset allowaccess ping ssh https\nnext\nedit port2\nset mode dhcp\nset description internal\nset allowaccess ping ssh https\nnext\nend\n', variables('fmgCustomData'), parameters('fortiGateAdditionalCustomData'), '\n')]",
+    "customDataFMG": "[if(equals(parameters('fortiManager'),'yes'),concat('\nconfig system central-management\nset type fortimanager\n set fmg ',parameters('fortiManagerIP'),'\nset serial-number ', parameters('fortiManagerSerial'), '\nend\n config system interface\n edit port1\n append allowaccess fgfm\n end\n config system interface\n edit port2\n append allowaccess fgfm\n end\nexec central-mgmt register-device ',parameters('fortiManagerSerial'),' ',parameters('adminPassword'),'\n'),'')]",
+    "customDataAutoScale": "[concat('config system auto-scale\nset status enable\nset sync-interface port2\nset hb-interval 30\nset role primary\nset callback-url ',parameters('fortiManagerIP'),'\nset cloud-mode ums\nset psksecret ',parameters('adminPassword'),'\nend\n')]",
+    "customDataBody": "[concat('config system global\nset hostname ', variables('fgtVMSSName'), '\nend\nconfig system sdn-connector\nedit AzureSDN\nset type azure\nnext\nend\nconfig router static\nedit 1\nset dst ', parameters('vnetAddressPrefix'), '\nset distance 5\nset gateway ', variables('sn2GatewayIP'), '\nset device port2\nnext\nend\nconfig system interface\nedit port1\nset mode dhcp\nset description external\nset allowaccess ping ssh https\nnext\nedit port2\nset mode dhcp\nset description internal\nset allowaccess ping ssh https\nnext\nend\n', variables('customDataAutoScale'), variables('customDataFMG'), parameters('fortiGateAdditionalCustomData'), '\n')]",
     "fgtCustomData": "[base64(variables('customDataBody'))]",
     "routeTableProtectedName": "[concat(parameters('fortiGateNamePrefix'),'-routetable')]",
     "routeTableProtectedId": "[resourceId('Microsoft.Network/routeTables',variables('routeTableProtectedName'))]",
@@ -813,12 +814,11 @@
       ],
       "sku": {
         "name": "[variables('instanceType')]",
-        "tier": "Standard",
         "capacity": "[parameters('fortiGateCount')]"
       },
       "plan": "[if(and(or(equals(variables('fortiGateImageSKU'),'fortinet_fg-vm'),equals(variables('fortiGateImageSKU'),'fortinet_fg-vm_arm64')),not(equals(parameters('customImageReference'),''))), json('null'), variables('virtualMachinePlan'))]",
       "properties": {
-        "overprovision": true,
+        "overprovision": false,
         "singlePlacementGroup": true,
         "zoneBalance": false,
         "upgradePolicy": {
@@ -924,7 +924,7 @@
   "outputs": {
     "fortiGatePublicIP": {
       "type": "string",
-      "value": "[if(and(equals(parameters('publicIP1NewOrExisting'), 'new'),equals(parameters('publicIP1AddressType'),'Standard')), reference(variables('publicIP1Id')).ipAddress, '')]"
+      "value": "[if(and(equals(parameters('publicIP1NewOrExisting'), 'new'),equals(parameters('publicIP1AddressType'),'')), reference(variables('publicIP1Id')).ipAddress, '')]"
     },
     "fortiGateFQDN": {
       "type": "string",