.

d11c24ba · Recolic · 041786f6 · d11c24ba · d11c24ba
Commit d11c24ba authored 1 month ago by Recolic
--- a/mymsbin/azvm-deploy.sh
+++ b/mymsbin/azvm-deploy.sh
@@ -88,7 +88,7 @@ echo -e "${COLOR_RED_BLD}II Deploy $vmcount VMs at location $location, in res_gr

 # Create RG if not exists.
 if ! az group show -g "$resgrp" > /dev/null 2>&1; then
-    debugexec az group create -n "$resgrp" --location "$location"
+    debugexec az group create -n "$resgrp" --location "$location" || exit $?
 fi

 # Create an availability set if we want deploy into TiP.

--- a/srv-deps/azv-plugin-slb
+++ b/srv-deps/azv-plugin-slb
@@ -50,16 +50,16 @@ function plugin_after_vm_creat () {
    var_default_val enable_outbound_rule_fix 1
    debugexec az network lb create --resource-group $resgrp --name $LB_NAME --sku Standard --frontend-ip-name $FE_IP --backend-pool-name $BE_PL --vnet-name $vnetname || exit

-    if [[ $enable_outbound_rule_fix = 1 ]]; then
-        # This is an unreliable trick to use NIC directly. It's from good-case ARM template dump. 
-        debugexec az network lb address-pool update -g $resgrp --lb-name $LB_NAME -n $BE_PL --vnet $vnetname --backend-addresses [0].name="${resgrp}_${vmname}VMNicipconfig${vmname}" || exit
-    else
+    #if [[ $enable_outbound_rule_fix = 1 ]]; then
+    #    # This is an unreliable trick to use NIC directly. It's from good-case ARM template dump. 
+    #    debugexec az network lb address-pool update -g $resgrp --lb-name $LB_NAME -n $BE_PL --vnet $vnetname --backend-addresses [0].name="${resgrp}_${vmname}VMNicipconfig${vmname}" || exit
+    #else
        echo -e "$COLOR_RED_BLD Warning: enable_outbound_rule_fix not enabled. outbound_ports_per_vm limit won't make effect $COLOR_CLR" 1>&2
        # When a backend pool is configured by IP address, the backend instances are not secure by default and still use default outbound access.
        # This means: outbound_ports_per_vm won't make effect
        # Ref: https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/default-outbound-access#how-can-i-transition-to-an-explicit-method-of-public-connectivity-and-disable-default-outbound-access
        debugexec az network lb address-pool update -g $resgrp --lb-name $LB_NAME -n $BE_PL --vnet $vnetname --backend-addresses "[{name:addr1,ip-address:10.0.0.4}]" || exit
-    fi
+    #fi

    # TODO: The correct way to redirect PUBLIC:4022 to VM1:22. But azure-cli cannot associate nat-rule to machine. Even if u manually created one on az portal, it will de-associate after some time.
    # debugexec az network lb inbound-nat-rule create --resource-group $resgrp --lb-name $LB_NAME  --name nat_rule_nt --protocol Tcp --frontend-port 4022 --backend-port 22 --frontend-ip-name $FE_IP || exit