Finalize script

alyssa1303 · alyssa1303 · commit bb8d6318f956 · 2025-12-19T22:19:35.000Z
diff --git a/modules/kustomize/stretch/stretch.sh b/modules/kustomize/stretch/stretch.sh
@@ -3,6 +3,7 @@ RG=stretch-rg
 CLUSTER=cni-stretch
 VNET_NAME="aks-vnet"
 SUBNET="aks-subnet"
+IDENTITY_NAME="${CLUSTER}-identity"
 
 TENANT_ID="72f988bf-86f1-41af-91ab-2d7cd011db47"
 AAD_ADMIN_GROUP_ID="8a5603a8-2c60-49ab-bc28-a989b91e187d"
@@ -17,7 +18,6 @@ create_cluster() {
     subnet_id=$(az network vnet subnet show --resource-group $RG --vnet-name $VNET_NAME --name $SUBNET --query id -o tsv)
 
     # Create user-assigned managed identity
-    IDENTITY_NAME="${CLUSTER}-identity"
     az identity create --name $IDENTITY_NAME --resource-group $RG --location $LOCATION
 
     # Get the identity resource ID and principal ID
@@ -236,19 +236,44 @@ create_vm() {
     NODE_NAME="freenode"
     NODE_USER="azureuser"
     NODE_VM_SIZE="Standard_D8ds_v6"
+    identity_id=$(az identity show --name $IDENTITY_NAME --resource-group $RG --query id -o tsv)
     az vm create \
         --resource-group $RG \
         --name $NODE_NAME \
         --image Ubuntu2404 \
         --admin-username $NODE_USER \
         --generate-ssh-keys \
-        --assign-identity \
+        --assign-identity $identity_id \
         --public-ip-sku Standard \
         --vnet-name $VNET_NAME \
         --subnet $SUBNET \
         --size $NODE_VM_SIZE \
         --nsg-rule SSH
 }
 
+create_vmss() {
+    az network lb create \
+        --resource-group $RG \
+        --name vmss-lb \
+        --sku Standard \
+        --frontend-ip-name lb-frontend \
+        --backend-pool-name lb-backend-pool
+    lb_backend_pool_id=$(az network lb address-pool show \
+        --resource-group $RG \
+        --lb-name vmss-lb \
+        --name lb-backend-pool \
+        --query id -o tsv)
+    identity_id=$(az identity show --name $IDENTITY_NAME --resource-group $RG --query id -o tsv)
+    az deployment group create \
+        --resource-group $RG \
+        --template-file vmss-dual-ipconfig.json \
+        --parameters vmssName="test-vmss" \
+        --parameters sshPublicKey="$(cat ~/.ssh/id_rsa.pub)" \
+        --parameters vnetName=$VNET_NAME \
+        --parameters subnetName=$SUBNET \
+        --parameters loadBalancerBackendPoolId="$lb_backend_pool_id" \
+        --parameters managedIdentityId="$identity_id"
+}
+
 update_aks_vmss
 # create_vm
diff --git a/modules/kustomize/stretch/vmss-dual-ipconfig.json b/modules/kustomize/stretch/vmss-dual-ipconfig.json
@@ -69,6 +69,13 @@
       "metadata": {
         "description": "Resource ID of the load balancer backend pool (optional)"
       }
+    },
+    "managedIdentityId": {
+      "type": "string",
+      "defaultValue": "",
+      "metadata": {
+        "description": "Resource ID of the user-assigned managed identity to associate with the VMSS (optional)"
+      }
     }
   },
   "variables": {
@@ -94,6 +101,7 @@
         "tier": "Standard",
         "capacity": "[parameters('instanceCount')]"
       },
+      "identity": "[if(empty(parameters('managedIdentityId')), json('null'), json(concat('{\"type\": \"UserAssigned\", \"userAssignedIdentities\": {\"', parameters('managedIdentityId'), '\": {}}}')))]",
       "properties": {
         "overprovision": false,
         "upgradePolicy": {
