Skip to content

update FabricDetails to use class object for consistency #526

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
arudell wants to merge 1 commit into
base: main
Choose a base branch
from
Open

update FabricDetails to use class object for consistency #526

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 10 additions & 1 deletion src/SdnDiagnostics.psm1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,15 @@ if (Confirm-IsFailoverClusterNC) {
#### CLASSES & ENUMS #####
##########################

class SdnFabricInfrastructure {
[System.String[]]$NetworkController
[System.String[]]$LoadBalancerMux
[System.String[]]$Gateway
[System.String]$NcUrl
[System.String]$RestApiVersion
[System.String[]]$FabricNodes
}

##########################
#### ARG COMPLETERS ######
##########################
Expand Down Expand Up @@ -416,7 +425,7 @@ function Start-SdnCertificateRotation {
[Parameter(Position = 1)][SecureString]$param2,
[Parameter(Position = 2)][PSCredential]$param3,
[Parameter(Position = 3)][String]$param4,
[Parameter(Position = 4)][System.Object]$param5
[Parameter(Position = 4)][SdnFabricInfrastructure]$param5
)

New-SdnNetworkControllerNodeCertificate -NotAfter $param1 -CertPassword $param2 -Credential $param3 -Path $param4 -FabricDetails $param5
Expand Down
5 changes: 3 additions & 2 deletions src/modules/SdnDiag.Common.psm1
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.

using module ..\SdnDiagnostics.psm1
Import-Module $PSScriptRoot\SdnDiag.Utilities.psm1

$configurationData = Import-PowerShellDataFile -Path "$PSScriptRoot\SdnDiag.Common.Config.psd1"
Expand Down Expand Up @@ -90,7 +91,7 @@ function Copy-CertificateToFabric {
[Parameter(Mandatory = $true, ParameterSetName = 'NetworkControllerNode')]
[Parameter(Mandatory = $true, ParameterSetName = 'LoadBalancerMuxNode')]
[Parameter(Mandatory = $true, ParameterSetName = 'ServerNode')]
[System.Object]$FabricDetails,
[SdnFabricInfrastructure]$FabricDetails,

[Parameter(Mandatory = $true, ParameterSetName = 'NetworkControllerRest')]
[Switch]$NetworkControllerRestCertificate,
Expand Down Expand Up @@ -312,7 +313,7 @@ function Copy-UserProvidedCertificateToFabric {
[System.Security.SecureString]$CertPassword,

[Parameter(Mandatory = $true)]
[System.Object]$FabricDetails,
[SdnFabricInfrastructure]$FabricDetails,

[Parameter(Mandatory = $false)]
[System.Boolean]$RotateNodeCerts = $false,
Expand Down
61 changes: 30 additions & 31 deletions src/modules/SdnDiag.LoadBalancerMux.psm1
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.

using module ..\SdnDiagnostics.psm1
Import-Module $PSScriptRoot\SdnDiag.Common.psm1
Import-Module $PSScriptRoot\SdnDiag.Utilities.psm1

Expand Down Expand Up @@ -458,7 +459,7 @@ function New-SdnMuxCertificate {
.PARAMETER Path
Specifies the file path location where a .cer file is exported automatically.
.PARAMETER FabricDetails
The SDN Fabric details derived from Get-SdnInfrastructureInfo.
The EnvironmentInfo derived from Get-SdnInfrastructureInfo.
.PARAMETER Credential
Specifies a user account that has permission to perform this action. The default is the current user
.EXAMPLE
Expand All @@ -474,21 +475,15 @@ function New-SdnMuxCertificate {
[System.String]$Path = "$(Get-WorkingDirectory)\MuxCert_{0}" -f (Get-FormattedDateTimeUTC),

[Parameter(Mandatory = $false)]
[System.Object]$FabricDetails,
[SdnFabricInfrastructure]$FabricDetails,

[System.Management.Automation.PSCredential]
[System.Management.Automation.Credential()]
$Credential = [System.Management.Automation.PSCredential]::Empty
)

$config = Get-SdnModuleConfiguration -Role 'LoadBalancerMux'
$confirmFeatures = Confirm-RequiredFeaturesInstalled -Name $config.windowsFeature
if (-NOT ($confirmFeatures)) {
throw New-Object System.NotSupportedException("The current machine is not a LoadBalancerMux, run this on LoadBalancerMux.")
}

# ensure that the module is running as local administrator
Confirm-IsAdmin
Confirm-IsAdmin # ensure that the module is running as local administrator
Confirm-IsLoadBalancerMux # ensure that the module is running on a Load Balancer Mux

try {
if (-NOT (Test-Path -Path $Path -PathType Container)) {
Expand All @@ -508,14 +503,17 @@ function New-SdnMuxCertificate {
[System.String]$cerFilePath = "$(Join-Path -Path $CertPath.FullName -ChildPath $subjectName.ToString().ToLower().Replace('.','_').Replace("=",'_').Trim()).cer"
"Exporting certificate to {0}" -f $cerFilePath | Trace-Output
$exportedCertificate = Export-Certificate -Cert $certificate -FilePath $cerFilePath -Type CERT
Copy-CertificateToFabric -CertFile $exportedCertificate.FullName -FabricDetails $FabricDetails -LoadBalancerMuxNodeCert -Credential $Credential

$certObject = [PSCustomObject]@{
# distribute the certificate to the Network Controller(s) in the fabric to be installed in trusted root store
if ($FabricDetails){
"Distributing certificate to the SDN Fabric" | Trace-Output
Copy-CertificateToFabric -CertFile $exportedCertificate.FullName -FabricDetails $FabricDetails -LoadBalancerMuxNodeCert -Credential $Credential
}

return [PSCustomObject]@{
Certificate = $certificate
FileInfo = $exportedCertificate
}

return $certObject
}
catch {
$_ | Trace-Exception
Expand Down Expand Up @@ -617,26 +615,27 @@ function Start-SdnMuxCertificateRotation {
$restCredParam = @{ NcRestCredential = $NcRestCredential }
}

try {
"Starting certificate rotation" | Trace-Output
"Retrieving current SDN environment details" | Trace-Output

if ([String]::IsNullOrEmpty($CertPath)) {
[System.String]$CertPath = "$(Get-WorkingDirectory)\MuxCert_{0}" -f (Get-FormattedDateTimeUTC)
if ([String]::IsNullOrEmpty($CertPath)) {
[System.String]$CertPath = "$(Get-WorkingDirectory)\MuxCert_{0}" -f (Get-FormattedDateTimeUTC)

if (-NOT (Test-Path -Path $CertPath -PathType Container)) {
$null = New-Item -Path $CertPath -ItemType Directory -Force
}
if (-NOT (Test-Path -Path $CertPath -PathType Container)) {
$null = New-Item -Path $CertPath -ItemType Directory -Force
}
}

[System.IO.FileSystemInfo]$CertPath = Get-Item -Path $CertPath -ErrorAction Stop
$sdnFabricDetails = Get-SdnInfrastructureInfo -NetworkController $NetworkController -Credential $Credential @restCredParam -ErrorAction Stop
if ($Global:SdnDiagnostics.EnvironmentInfo.ClusterConfigType -ine 'ServiceFabric') {
throw New-Object System.NotSupportedException("This function is only supported on Service Fabric clusters.")
}
"Starting certificate rotation" | Trace-Output
"Retrieving current SDN environment details" | Trace-Output

$ncRestParams = $restCredParam.Clone()
$ncRestParams.Add('NcUri', $sdnFabricDetails.NcUrl)
[System.IO.FileSystemInfo]$CertPath = Get-Item -Path $CertPath -ErrorAction Stop
$sdnFabricDetails = Get-SdnInfrastructureInfo -NetworkController $NetworkController -Credential $Credential @restCredParam -ErrorAction Stop
if ($Global:SdnDiagnostics.EnvironmentInfo.ClusterConfigType -ine 'ServiceFabric') {
throw New-Object System.NotSupportedException("This function is only supported on Service Fabric clusters.")
}

$ncRestParams = $restCredParam.Clone()
$ncRestParams.Add('NcUri', $sdnFabricDetails.NcUrl)

try {
$loadBalancerMuxes = Get-SdnLoadBalancerMux @ncRestParams -ErrorAction Stop

# before we proceed with anything else, we want to make sure that all the Network Controllers and MUXes within the SDN fabric are running the current version
Expand Down Expand Up @@ -664,7 +663,7 @@ function Start-SdnMuxCertificateRotation {
[Parameter(Position = 0)][DateTime]$param1,
[Parameter(Position = 1)][PSCredential]$param2,
[Parameter(Position = 2)][String]$param3,
[Parameter(Position = 3)][System.Object]$param4
[Parameter(Position = 3)][SdnFabricInfrastructure]$param4
)

New-SdnMuxCertificate -NotAfter $param1 -Credential $param2 -Path $param3 -FabricDetails $param4
Expand Down
49 changes: 18 additions & 31 deletions src/modules/SdnDiag.NetworkController.psm1
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.

using module ..\SdnDiagnostics.psm1
Import-Module $PSScriptRoot\SdnDiag.Common.psm1
Import-Module $PSScriptRoot\SdnDiag.Utilities.psm1
Import-Module $PSScriptRoot\SdnDiag.NetworkController.FC.psm1
Expand All @@ -15,15 +16,6 @@ New-Variable -Name 'SdnDiagnostics_NC' -Scope 'Script' -Force -Value @{
#### CLASSES & ENUMS #####
##########################

class SdnFabricInfrastructure {
[System.String[]]$NetworkController
[System.String[]]$LoadBalancerMux
[System.String[]]$Gateway
[System.String]$NcUrl
[System.String]$RestApiVersion
[System.String[]]$FabricNodes
}

enum SdnApiResource {
AccessControlLists
AuditingSettingsConfig
Expand Down Expand Up @@ -2500,7 +2492,12 @@ function New-SdnNetworkControllerNodeCertificate {
Specifies the date and time, as a DateTime object, that the certificate expires. To obtain a DateTime object, use the Get-Date cmdlet. The default value for this parameter is one year after the certificate was created.
.PARAMETER CertPassword
Specifies the password for the exported PFX file in the form of a secure string.
.PARAMETER Path
Specifies the directory path to save the exported certificate file.
.PARAMETER FabricDetails
The EnvironmentInfo derived from Get-SdnInfrastructureInfo.
.PARAMETER Credential
Specifies a user account that has permission to perform this action. The default is the current user
.EXAMPLE
#>

Expand All @@ -2516,33 +2513,20 @@ function New-SdnNetworkControllerNodeCertificate {
[System.String]$Path = "$(Get-WorkingDirectory)\Cert_{0}" -f (Get-FormattedDateTimeUTC),

[Parameter(Mandatory = $false)]
[System.Object]$FabricDetails,
[SdnFabricInfrastructure]$FabricDetails,

[System.Management.Automation.PSCredential]
[System.Management.Automation.Credential()]
$Credential = [System.Management.Automation.PSCredential]::Empty
)

$config = Get-SdnModuleConfiguration -Role 'NetworkController'
$confirmFeatures = Confirm-RequiredFeaturesInstalled -Name $config.windowsFeature
if (-NOT ($confirmFeatures)) {
throw New-Object System.NotSupportedException("The current machine is not a NetworkController, run this on NetworkController.")
}

Confirm-IsAdmin # ensure that the module is running as local administrator
Confirm-IsNetworkController # ensure that the module is running on Network Controller
if ($Global:SdnDiagnostics.EnvironmentInfo.ClusterConfigType -ine 'ServiceFabric') {
throw New-Object System.NotSupportedException("This function is only supported on Service Fabric clusters.")
}

# ensure that the module is running as local administrator
Confirm-IsAdmin

try {
if ($null -eq $FabricDetails) {
$FabricDetails = [SdnFabricInfrastructure]@{
NetworkController = (Get-SdnNetworkControllerSFNode).Server
}
}

if (-NOT (Test-Path -Path $Path -PathType Container)) {
"Creating directory {0}" -f $Path | Trace-Output
$CertPath = New-Item -Path $Path -ItemType Directory -Force
Expand All @@ -2560,15 +2544,18 @@ function New-SdnNetworkControllerNodeCertificate {
[System.String]$pfxFilePath = "$(Join-Path -Path $CertPath.FullName -ChildPath $nodeCertSubject.ToString().ToLower().Replace('.','_').Replace("=",'_').Trim()).pfx"
"Exporting pfx certificate to {0}" -f $pfxFilePath | Trace-Output
$exportedCertificate = Export-PfxCertificate -Cert $certificate -FilePath $pfxFilePath -Password $CertPassword -CryptoAlgorithmOption AES256_SHA256
$null = Import-SdnCertificate -FilePath $exportedCertificate.FullName -CertStore 'Cert:\LocalMachine\Root' -CertPassword $CertPassword

Copy-CertificateToFabric -CertFile $exportedCertificate.FullName -CertPassword $CertPassword -FabricDetails $FabricDetails `
-NetworkControllerNodeCert -Credential $Credential
# distribute the certificate to the Network Controller(s) in the fabric to be installed in trusted root store
if ($FabricDetails) {
"Distributing certificate to the SDN Fabric" | Trace-Output
Copy-CertificateToFabric -CertFile $exportedCertificate.FullName -CertPassword $CertPassword -FabricDetails $FabricDetails `
-NetworkControllerNodeCert -Credential $Credential
}

return ([PSCustomObject]@{
return [PSCustomObject]@{
Certificate = $certificate
FileInfo = $exportedCertificate
})
}
}
catch {
$_ | Trace-Exception
Expand Down Expand Up @@ -2601,7 +2588,7 @@ function New-SdnNetworkControllerRestCertificate {
[System.String]$Path = "$(Get-WorkingDirectory)\Cert_{0}" -f (Get-FormattedDateTimeUTC),

[Parameter(Mandatory = $false)]
[System.Object]$FabricDetails,
[SdnFabricInfrastructure]$FabricDetails,

[System.Management.Automation.PSCredential]
[System.Management.Automation.Credential()]
Expand Down
49 changes: 27 additions & 22 deletions src/modules/SdnDiag.Server.psm1
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.

using module ..\SdnDiagnostics.psm1
Import-Module $PSScriptRoot\SdnDiag.Common.psm1
Import-Module $PSScriptRoot\SdnDiag.Utilities.psm1

Expand Down Expand Up @@ -2657,7 +2658,7 @@ function New-SdnServerCertificate {
.PARAMETER Path
Specifies the file path location where a .cer file is exported automatically.
.PARAMETER FabricDetails
The SDN Fabric details derived from Get-SdnInfrastructureInfo.
The EnvironmentInfo derived from Get-SdnInfrastructureInfo.
.PARAMETER Credential
Specifies a user account that has permission to perform this action. The default is the current user
.EXAMPLE
Expand All @@ -2673,7 +2674,7 @@ function New-SdnServerCertificate {
[System.String]$Path = "$(Get-WorkingDirectory)\ServerCert_{0}" -f (Get-FormattedDateTimeUTC),

[Parameter(Mandatory = $false)]
[System.Object]$FabricDetails,
[SdnFabricInfrastructure]$FabricDetails,

[System.Management.Automation.PSCredential]
[System.Management.Automation.Credential()]
Expand Down Expand Up @@ -2727,14 +2728,17 @@ function New-SdnServerCertificate {
[System.String]$cerFilePath = "$(Join-Path -Path $CertPath.FullName -ChildPath $subjectName.ToString().ToLower().Replace('.','_').Replace("=",'_').Trim()).cer"
"Exporting certificate to {0}" -f $cerFilePath | Trace-Output
$exportedCertificate = Export-Certificate -Cert $certificate -FilePath $cerFilePath -Type CERT
Copy-CertificateToFabric -CertFile $exportedCertificate.FullName -FabricDetails $FabricDetails -ServerNodeCert -Credential $Credential

$certObject = [PSCustomObject]@{
# distribute the certificate to the Network Controller(s) in the fabric to be installed in trusted root store
if ($FabricDetails) {
"Distributing certificate to SDN Fabric" | Trace-Output
Copy-CertificateToFabric -CertFile $exportedCertificate.FullName -FabricDetails $FabricDetails -ServerNodeCert -Credential $Credential
}

return [PSCustomObject]@{
Certificate = $certificate
FileInfo = $exportedCertificate
}

return $certObject
}
catch {
$_ | Trace-Exception
Expand Down Expand Up @@ -3057,26 +3061,27 @@ function Start-SdnServerCertificateRotation {
$restCredParam = @{ NcRestCredential = $NcRestCredential }
}

try {
"Starting certificate rotation" | Trace-Output
"Retrieving current SDN environment details" | Trace-Output
"Starting certificate rotation" | Trace-Output
"Retrieving current SDN environment details" | Trace-Output

if ([String]::IsNullOrEmpty($CertPath)) {
[System.String]$CertPath = "$(Get-WorkingDirectory)\ServerCert_{0}" -f (Get-FormattedDateTimeUTC)
if ([String]::IsNullOrEmpty($CertPath)) {
[System.String]$CertPath = "$(Get-WorkingDirectory)\ServerCert_{0}" -f (Get-FormattedDateTimeUTC)

if (-NOT (Test-Path -Path $CertPath -PathType Container)) {
$null = New-Item -Path $CertPath -ItemType Directory -Force
}
if (-NOT (Test-Path -Path $CertPath -PathType Container)) {
$null = New-Item -Path $CertPath -ItemType Directory -Force
}
}

[System.IO.FileSystemInfo]$CertPath = Get-Item -Path $CertPath -ErrorAction Stop
$sdnFabricDetails = Get-SdnInfrastructureInfo -NetworkController $NetworkController -Credential $Credential @restCredParam -ErrorAction Stop
if ($Global:SdnDiagnostics.EnvironmentInfo.ClusterConfigType -ine 'ServiceFabric') {
throw New-Object System.NotSupportedException("This function is only supported on Service Fabric clusters.")
}
[System.IO.FileSystemInfo]$CertPath = Get-Item -Path $CertPath -ErrorAction Stop
$sdnFabricDetails = Get-SdnInfrastructureInfo -NetworkController $NetworkController -Credential $Credential @restCredParam -ErrorAction Stop
if ($Global:SdnDiagnostics.EnvironmentInfo.ClusterConfigType -ine 'ServiceFabric') {
throw New-Object System.NotSupportedException("This function is only supported on Service Fabric clusters.")
}

$ncRestParams = $restCredParam.Clone()
$ncRestParams.Add('NcUri', $sdnFabricDetails.NcUrl)
$ncRestParams = $restCredParam.Clone()
$ncRestParams.Add('NcUri', $sdnFabricDetails.NcUrl)

try {
$servers = Get-SdnServer @ncRestParams -ErrorAction Stop

# before we proceed with anything else, we want to make sure that all the Network Controllers and Servers within the SDN fabric are running the current version
Expand All @@ -3103,7 +3108,7 @@ function Start-SdnServerCertificateRotation {
[Parameter(Position = 0)][DateTime]$param1,
[Parameter(Position = 1)][PSCredential]$param2,
[Parameter(Position = 2)][String]$param3,
[Parameter(Position = 3)][System.Object]$param4
[Parameter(Position = 3)][SdnFabricInfrastructure]$param4
)

New-SdnServerCertificate -NotAfter $param1 -Credential $param2 -Path $param3 -FabricDetails $param4
Expand Down