[GitHub] brooklyn-docs pull request #196: Adding docs for Windows on Azure ARM

[bostko]

Github user bostko commented on a diff in the pull request:

    https://github.com/apache/brooklyn-docs/pull/196#discussion_r121380456
  
    --- Diff: guide/locations/_azure-ARM.md ---
    @@ -95,6 +95,88 @@ The loginUser can be anything, as long as it's specified.
     The `overrideAuthenticateSudo: true` key tells Apache Brooklyn that 
default on Azure images do not have passwordless sudo 
     configured by default.
     
    +#### Using Windows on Azure ARM
    +
    +This section contains material how to create a Windows location on Azure 
ARM. Some of the used parameters are explained in the section above.
    +
    +Windows on Azure ARM requires manually created [Azure 
KeyVault](https://docs.microsoft.com/en-us/azure/key-vault/key-vault-get-started)
    +Azure KeyVaults can be created [via Azure 
cli](https://docs.microsoft.com/en-us/azure/key-vault/key-vault-manage-with-cli2#create-a-key-vault)
    +or [Azure portal 
UI](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-keyvault-parameter).
 KeyVault's secret is a key
    +stored in protected .PFX file. It needs to be prepared upfront or created 
with the 
[Add-AzureKeyVaultKey](https://docs.microsoft.com/en-us/powershell/module/azurerm.keyvault/add-azurekeyvaultkey?view=azurermps-4.0.0)
 cmdlet.
    +
    +* `osFamily: windows` tells Apache Brooklyn to consider it as a Windows 
machine
    +
    +* `useJcloudsSshInit: false` tells jclouds to not try to connect to the VM
    +
    +* `vmNameMaxLength: 15` tells the cloud client to strip the VM name to 
maximum 15 characters.
    +  This is the maximum size supported by Azure Windows VMs.
    +
    +* `winrm.useHttps` tells Apache Brooklyn to configure the WinRM client to 
use HTTPS.
    +
    +* `secrets` Specifies the KeyVault configuration
    +
    +  `sourceVault` Resource `id` of the KeyVault
    +
    +   `vaultCertificates` `certificateStore` has to use `My` as a value.
    +    KeyVault's `certificateUrl`. An URI to the [Secret 
Identifier](https://docs.microsoft.com/en-us/rest/api/keyvault/about-keys--secrets-and-certificates#BKMK_DataTypes)
    +
    +* `windowsConfiguration`
    +
    +   `provisionVMAgent` whether Azure to install an agent on the VM. It must 
be set to `true`
    +
    +   `winRM` It defines the `listeners` section. If `listeners` is `https` 
then `certificateUrl` needs to be set. Its value must match the one of 
`secrets`'s `certificateUrl`.
    +
    +* `additionalUnattendContent` Additional content. Normally it can be 
defined as `null`
    +
    +* `enableAutomaticUpdates` whether to enable the automatic windows 
updates. It can be set to `false`, if automatic updates are not desired
    +
    +###### Sample Windows Blueprint
    --- End diff --
    
    Sample Windows location catalog item


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---