From def61f63ec3ca44f6600474386227f88845fe856 Mon Sep 17 00:00:00 2001 From: Kris Turner Date: Tue, 17 Mar 2026 09:47:53 -0400 Subject: [PATCH 1/3] feat: add central variables.example.yml and gitignore variables.yml (issue #15) - Create config/variables.example.yml with IIC example values - Consolidates cluster, credential, and testing config into single entry point - Uses keyvault:// URI format for all secrets - Follows org-wide snake_case naming convention - Subdirectory configs (clusters/, credentials/, profiles/) remain for detailed configs Resolves AzureLocal/azurelocal.github.io#15 --- .gitignore | 3 + config/variables.example.yml | 133 +++++++++++++++++++++++++++++++++++ 2 files changed, 136 insertions(+) create mode 100644 config/variables.example.yml diff --git a/.gitignore b/.gitignore index 7afd989..7b87ad8 100644 --- a/.gitignore +++ b/.gitignore @@ -33,6 +33,9 @@ config/credentials/*.key config/credentials/*.pem config/credentials/.env +# User-specific config (actual values — never commit) +config/variables.yml + # Generated solution config files (built from master-environment.yml) # Uncomment the next line if you want these regenerated every time: # config/variables/solutions/*.json diff --git a/config/variables.example.yml b/config/variables.example.yml new file mode 100644 index 0000000..7c477c0 --- /dev/null +++ b/config/variables.example.yml @@ -0,0 +1,133 @@ +# ============================================================================= +# variables.example.yml +# Central configuration — single source of truth for load testing deployments. +# +# Copy this file to variables.yml and fill in your values: +# cp config/variables.example.yml config/variables.yml +# +# DO NOT commit variables.yml — it is excluded by .gitignore. +# +# Key Vault References: +# Secrets use keyvault:// URIs and are resolved at runtime. +# Format: keyvault:/// +# NEVER put actual passwords or secrets in this file. +# +# Detailed configs live in subdirectories: +# - config/clusters/ Cluster definitions (per-cluster YAML) +# - config/credentials/ Key Vault credential mappings +# - config/profiles/ Workload profiles (vmfleet, fio, iperf, etc.) +# - config/variables/ Master variable registry and solution schemas +# ============================================================================= + + +# ============================================================================= +# Azure +# ============================================================================= +azure: + subscription_id: "00000000-0000-0000-0000-000000000000" + tenant_id: "00000000-0000-0000-0000-000000000000" + resource_group: "rg-loadtools-eus-01" + location: "eastus" + + +# ============================================================================= +# Key Vault +# ============================================================================= +keyvault: + name: "kv-iic-loadtools" + auth_method: "az_cli" # managed_identity | service_principal | az_cli + + +# ============================================================================= +# Azure Local Cluster +# ============================================================================= +azure_local: + cluster_name: "azl-cluster-01" + cluster_domain: "iic.local" + nodes: + - name: "azl-node-01" + management_ip: "10.0.0.1" + storage_ip: "10.0.1.1" + - name: "azl-node-02" + management_ip: "10.0.0.2" + storage_ip: "10.0.1.2" + + +# ============================================================================= +# Storage +# ============================================================================= +storage: + csv_path: "C:\\ClusterStorage\\Volume1" + collect_volume_path: "C:\\ClusterStorage\\Collect" + base_vhd_path: "C:\\ClusterStorage\\Collect\\BaseImage.vhdx" + + +# ============================================================================= +# Networking +# ============================================================================= +networking: + management: + subnet: "10.0.0.0/24" + vlan_id: 0 + storage: + subnet: "10.0.1.0/24" + vlan_id: 100 + rdma_enabled: true + compute: + subnet: "10.0.2.0/24" + vlan_id: 200 + + +# ============================================================================= +# Credentials (mapped to Key Vault secrets) +# ============================================================================= +credentials: + cluster_admin_username: "keyvault://kv-iic-loadtools/hci-cluster-admin-user" + cluster_admin_password: "keyvault://kv-iic-loadtools/hci-cluster-admin-pwd" + vmfleet_admin_username: "keyvault://kv-iic-loadtools/vmfleet-admin-user" + vmfleet_admin_password: "keyvault://kv-iic-loadtools/vmfleet-admin-pwd" + + +# ============================================================================= +# Testing Defaults +# ============================================================================= +testing: + default_tool: "vmfleet" # vmfleet | fio | iperf | hammerdb | stress-ng + default_profile: "general" # Profile name from config/profiles// + duration_seconds: 300 + warmup_seconds: 60 + + +# ============================================================================= +# Monitoring & Reporting +# ============================================================================= +monitoring: + log_analytics_workspace_id: "00000000-0000-0000-0000-000000000000" + log_analytics_shared_key: "keyvault://kv-iic-loadtools/log-analytics-key" + enable_real_time: true + collection_interval_seconds: 10 + +reporting: + output_dir: "reports" + format: "html" # html | json | csv + include_charts: true + + +# ============================================================================= +# WinRM +# ============================================================================= +winrm: + port: 5985 + use_ssl: false + authentication: "Kerberos" # Kerberos | Negotiate | Basic + operation_timeout_seconds: 300 + + +# ============================================================================= +# Tags +# ============================================================================= +tags: + project: "LoadTools" + environment: "production" + workload: "performance-testing" + solution: "loadtools-azure-local" From 53c78c2ebf41a79827d617328b73b168cbe5b381 Mon Sep 17 00:00:00 2001 From: Kris Turner Date: Tue, 17 Mar 2026 10:01:48 -0400 Subject: [PATCH 2/3] ci: add JSON Schema and update validate-config workflow Add config/schema/variables.schema.json for validating variables.example.yml. Replace old ajv-cli workflow with standardized Python-based validation. Part of AzureLocal/azurelocal.github.io#15 --- .github/workflows/validate-config.yml | 66 +++++-------- config/schema/variables.schema.json | 136 ++++++++++++++++++++++++++ 2 files changed, 158 insertions(+), 44 deletions(-) create mode 100644 config/schema/variables.schema.json diff --git a/.github/workflows/validate-config.yml b/.github/workflows/validate-config.yml index 8187454..538f0ef 100644 --- a/.github/workflows/validate-config.yml +++ b/.github/workflows/validate-config.yml @@ -1,7 +1,8 @@ # ============================================================================= -# validate-config.yml - Validate configuration files +# validate-config.yml — Validate config/variables.example.yml against schema # ============================================================================= -# Validates YAML configs against JSON Schema and checks for syntax errors. +# Triggered on PRs and pushes that touch config/ or this workflow. +# Validates YAML syntax and JSON Schema compliance. # ============================================================================= name: Validate Configuration @@ -22,61 +23,38 @@ permissions: contents: read jobs: - validate-config: + validate: runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v4 - - name: Setup Node.js (for ajv-cli) - uses: actions/setup-node@v4 + - name: Setup Python + uses: actions/setup-python@v5 with: - node-version: '20' + python-version: '3.12' - - name: Install validation tools - run: | - npm install -g ajv-cli yaml-lint - - - name: Lint YAML files - run: | - find config -name '*.yml' -o -name '*.yaml' | while read f; do - echo "Validating YAML syntax: $f" - yamllint "$f" || echo "WARN: $f has lint issues" - done + - name: Install dependencies + run: pip install pyyaml jsonschema - - name: Validate JSON files + - name: Validate variables.example.yml against schema run: | - find config -name '*.json' | while read f; do - echo "Validating JSON syntax: $f" - python3 -m json.tool "$f" > /dev/null - done - - - name: Validate master config against schema - run: | - # Convert YAML to JSON for schema validation - pip install pyyaml python3 -c " import yaml, json, sys - with open('config/variables/master-environment.yml') as f: + from jsonschema import validate, ValidationError + + with open('config/variables.example.yml') as f: data = yaml.safe_load(f) - json.dump(data, sys.stdout) - " > /tmp/master-config.json - ajv validate \ - -s config/variables/schema.json \ - -d /tmp/master-config.json \ - || echo "Schema validation completed with issues" + with open('config/schema/variables.schema.json') as f: + schema = json.load(f) - - name: Validate solution configs - run: | - for f in config/variables/solutions/*.json; do - echo "Checking solution config: $f" - python3 -c " - import json - with open('$f') as fh: - data = json.load(fh) - assert '_metadata' in data, 'Missing _metadata section' - print(f\" Solution: {data['_metadata']['solution']} - OK\") + try: + validate(instance=data, schema=schema) + print('✅ config/variables.example.yml passes schema validation') + except ValidationError as e: + print(f'❌ Schema validation failed: {e.message}') + print(f' Path: {\" > \".join(str(p) for p in e.absolute_path)}') + sys.exit(1) " - done diff --git a/config/schema/variables.schema.json b/config/schema/variables.schema.json new file mode 100644 index 0000000..a8adee4 --- /dev/null +++ b/config/schema/variables.schema.json @@ -0,0 +1,136 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "$id": "https://github.com/AzureLocal/azurelocal-loadtools/config/schema/variables.schema.json", + "title": "Load Tools Variables", + "description": "Schema for config/variables.example.yml — validates required sections and key structure.", + "type": "object", + "required": ["azure", "keyvault", "azure_local", "storage", "credentials", "testing", "tags"], + "properties": { + "azure": { + "type": "object", + "required": ["subscription_id", "tenant_id", "resource_group", "location"], + "properties": { + "subscription_id": { "type": "string" }, + "tenant_id": { "type": "string" }, + "resource_group": { "type": "string" }, + "location": { "type": "string" } + } + }, + "keyvault": { + "type": "object", + "required": ["name"], + "properties": { + "name": { "type": "string" }, + "auth_method": { "type": "string", "enum": ["managed_identity", "service_principal", "az_cli"] } + } + }, + "azure_local": { + "type": "object", + "required": ["cluster_name", "nodes"], + "properties": { + "cluster_name": { "type": "string" }, + "cluster_domain": { "type": "string" }, + "nodes": { + "type": "array", + "minItems": 1, + "items": { + "type": "object", + "required": ["name", "management_ip"], + "properties": { + "name": { "type": "string" }, + "management_ip": { "type": "string" }, + "storage_ip": { "type": "string" } + } + } + } + } + }, + "storage": { + "type": "object", + "required": ["csv_path"], + "properties": { + "csv_path": { "type": "string" }, + "collect_volume_path": { "type": "string" }, + "base_vhd_path": { "type": "string" } + } + }, + "networking": { + "type": "object", + "properties": { + "management": { + "type": "object", + "properties": { + "subnet": { "type": "string" }, + "vlan_id": { "type": "integer" } + } + }, + "storage": { + "type": "object", + "properties": { + "subnet": { "type": "string" }, + "vlan_id": { "type": "integer" }, + "rdma_enabled": { "type": "boolean" } + } + }, + "compute": { + "type": "object", + "properties": { + "subnet": { "type": "string" }, + "vlan_id": { "type": "integer" } + } + } + } + }, + "credentials": { + "type": "object", + "required": ["cluster_admin_username", "cluster_admin_password"], + "properties": { + "cluster_admin_username": { "type": "string" }, + "cluster_admin_password": { "type": "string" }, + "vmfleet_admin_username": { "type": "string" }, + "vmfleet_admin_password": { "type": "string" } + } + }, + "testing": { + "type": "object", + "required": ["default_tool"], + "properties": { + "default_tool": { "type": "string", "enum": ["vmfleet", "fio", "iperf", "hammerdb", "stress-ng"] }, + "default_profile": { "type": "string" }, + "duration_seconds": { "type": "integer", "minimum": 1 }, + "warmup_seconds": { "type": "integer", "minimum": 0 } + } + }, + "monitoring": { + "type": "object", + "properties": { + "log_analytics_workspace_id": { "type": "string" }, + "log_analytics_shared_key": { "type": "string" }, + "enable_real_time": { "type": "boolean" }, + "collection_interval_seconds": { "type": "integer", "minimum": 1 } + } + }, + "reporting": { + "type": "object", + "properties": { + "output_dir": { "type": "string" }, + "format": { "type": "string", "enum": ["html", "json", "csv"] }, + "include_charts": { "type": "boolean" } + } + }, + "winrm": { + "type": "object", + "properties": { + "port": { "type": "integer" }, + "use_ssl": { "type": "boolean" }, + "authentication": { "type": "string", "enum": ["Kerberos", "Negotiate", "Basic"] }, + "operation_timeout_seconds": { "type": "integer", "minimum": 1 } + } + }, + "tags": { + "type": "object", + "additionalProperties": { "type": "string" } + } + }, + "additionalProperties": false +} From 422edba0a0647a8a95a7753879bc96419492f0ab Mon Sep 17 00:00:00 2001 From: Kris Turner Date: Tue, 17 Mar 2026 10:13:33 -0400 Subject: [PATCH 3/3] docs: rename and rewrite variable reference to docs/reference/variables.md - Rename variable-reference.md to variables.md (standard naming) - Rewrite content to match sectioned YAML format from config/variables.example.yml - Add all sections: azure, keyvault, azure_local, storage, networking, credentials, testing, monitoring, reporting, winrm, tags - Add naming rules table and Key Vault resolution docs - Update mkdocs.yml nav entry Part of: AzureLocal/azurelocal.github.io#15 --- docs/reference/variable-reference.md | 79 --------- docs/reference/variables.md | 247 +++++++++++++++++++++++++++ mkdocs.yml | 2 +- 3 files changed, 248 insertions(+), 80 deletions(-) delete mode 100644 docs/reference/variable-reference.md create mode 100644 docs/reference/variables.md diff --git a/docs/reference/variable-reference.md b/docs/reference/variable-reference.md deleted file mode 100644 index 81f41af..0000000 --- a/docs/reference/variable-reference.md +++ /dev/null @@ -1,79 +0,0 @@ -# Variable Reference - -![Category: Reference](https://img.shields.io/badge/Category-Reference-7F8C8D?style=flat-square) - -This document provides a complete catalog of all variables defined in `master-environment.yml`. - -## Cluster Variables - -| Variable | Type | Required | Default | Description | -| --- | --- | --- | --- | --- | -| `cluster_name` | string | Yes | (none) | Azure Local cluster name | -| `cluster_domain` | string | Yes | (none) | Active Directory domain for the cluster | -| `cluster_nodes` | array | Yes | (none) | List of cluster node hostnames | -| `csv_path` | string | Yes | (none) | Path to the Cluster Shared Volume for VM storage | -| `collect_volume_path` | string | Yes | (none) | Path to the VMFleet Collect volume (ReFS, 200GB+) | -| `base_vhd_path` | string | Yes | (none) | Path to the Windows Server Core base VHDX | - -## VMFleet Variables - -| Variable | Type | Required | Default | Description | -| --- | --- | --- | --- | --- | -| `vm_count_per_node` | integer | Yes | 10 | Number of fleet VMs to create per cluster node | -| `vm_vcpu_count` | integer | Yes | 2 | Number of virtual CPUs per fleet VM | -| `vm_memory_gb` | integer | Yes | 2 | Memory allocation (GB) per fleet VM | -| `test_duration_seconds` | integer | Yes | 300 | Duration of each test pass in seconds | -| `warmup_seconds` | integer | No | 60 | Warmup period before measurement begins | -| `vmfleet_admin_username` | string | Yes | (none) | Administrator username for fleet VMs (sensitive) | -| `vmfleet_admin_password` | string | Yes | (none) | Administrator password for fleet VMs (sensitive — use Key Vault) | - -## Monitoring Variables - -| Variable | Type | Required | Default | Description | -| --- | --- | --- | --- | --- | -| `monitoring_enabled` | boolean | No | true | Enable metric collection during tests | -| `sample_interval_seconds` | integer | No | 5 | Metric sampling interval | -| `push_to_azure_monitor` | boolean | No | false | Send metrics to Azure Monitor / Log Analytics | -| `log_analytics_workspace_id` | string | No | (none) | Azure Log Analytics workspace ID (required if push enabled) | -| `log_analytics_shared_key` | string | No | (none) | Log Analytics shared key (sensitive — use Key Vault) | - -## Reporting Variables - -| Variable | Type | Required | Default | Description | -| --- | --- | --- | --- | --- | -| `report_formats` | array | No | ["PDF"] | Report output formats: PDF, DOCX, XLSX | -| `report_title` | string | No | "Azure Local Load Test Report" | Title on report cover page | -| `report_author` | string | No | "Azure Local Load Tools" | Author attribution on reports | -| `include_raw_data` | boolean | No | true | Include raw metrics in Excel report | - -## fio Variables - -| Variable | Type | Required | Default | Description | -| --- | --- | --- | --- | --- | -| `fio_runtime_seconds` | integer | No | 300 | Duration of fio test execution | -| `fio_block_size` | string | No | "4k" | Default block size for fio jobs | -| `fio_io_engine` | string | No | "libaio" | I/O engine for fio (libaio, io_uring, etc.) | - -## iPerf Variables - -| Variable | Type | Required | Default | Description | -| --- | --- | --- | --- | --- | -| `iperf_duration_seconds` | integer | No | 30 | Duration of each iPerf test | -| `iperf_parallel_streams` | integer | No | 4 | Number of parallel streams per iPerf test | -| `iperf_protocol` | string | No | "TCP" | Protocol: TCP or UDP | - -## HammerDB Variables - -| Variable | Type | Required | Default | Description | -| --- | --- | --- | --- | --- | -| `hammerdb_db_type` | string | No | "mssql" | Target database: mssql, postgresql, mysql | -| `hammerdb_warehouse_count` | integer | No | 10 | Number of TPC-C warehouses | -| `hammerdb_virtual_users` | integer | No | 4 | Number of virtual users for workload generation | - -## stress-ng Variables - -| Variable | Type | Required | Default | Description | -| --- | --- | --- | --- | --- | -| `stress_ng_timeout` | string | No | "5m" | Stress test duration | -| `stress_ng_stressors` | array | No | ["cpu", "vm", "hdd"] | Stressor classes to execute | -| `stress_ng_workers` | integer | No | 0 | Number of workers per stressor (0 = auto-detect CPU count) | diff --git a/docs/reference/variables.md b/docs/reference/variables.md new file mode 100644 index 0000000..472e2aa --- /dev/null +++ b/docs/reference/variables.md @@ -0,0 +1,247 @@ +# Variable Reference + +All load testing tools read from a single central configuration file: `config/variables.yml`. This file is the **single source of truth** — cluster details, credentials, testing defaults, and monitoring settings are all declared here and consumed by every automation tool. + +!!! tip "Getting started" + Copy the example and fill in your values: + ```powershell + cp config/variables.example.yml config/variables.yml + ``` + **Never commit** `variables.yml` — it is excluded by `.gitignore` because it contains environment-specific values and Key Vault references. + +!!! info "Additional configs" + Detailed configs live in subdirectories under `config/`: + + - `config/clusters/` — Per-cluster connection details + - `config/credentials/` — Key Vault credential mappings + - `config/profiles/` — Workload profiles (vmfleet, fio, iperf, etc.) + - `config/variables/` — Master variable registry and solution schemas + +--- + +## Naming Rules + +| Scope | Convention | Example | +|-------|-----------|---------| +| Top-level sections | `snake_case` | `azure_local`, `credentials` | +| Keys within sections | `snake_case` | `subscription_id`, `default_tool` | +| Booleans | Descriptive name | `enable_real_time: true` | +| Secrets | `keyvault://` URI | `keyvault://kv-name/secret-name` | + +--- + +## Azure + +```yaml +azure: + subscription_id: "00000000-0000-0000-0000-000000000000" + tenant_id: "00000000-0000-0000-0000-000000000000" + resource_group: "rg-loadtools-eus-01" + location: "eastus" +``` + +| Variable | Type | Required | Description | Default | +|----------|------|:--------:|-------------|---------| +| `azure.subscription_id` | string | **Yes** | Azure subscription ID | — | +| `azure.tenant_id` | string | **Yes** | Azure AD tenant ID | — | +| `azure.resource_group` | string | **Yes** | Resource group for load testing resources | — | +| `azure.location` | string | **Yes** | Azure region | `eastus` | + +--- + +## Key Vault + +```yaml +keyvault: + name: "kv-iic-loadtools" + auth_method: "az_cli" +``` + +| Variable | Type | Required | Description | Default | +|----------|------|:--------:|-------------|---------| +| `keyvault.name` | string | **Yes** | Key Vault name for all `keyvault://` URI resolution | — | +| `keyvault.auth_method` | string | No | Auth method: `managed_identity`, `service_principal`, or `az_cli` | `az_cli` | + +--- + +## Azure Local Cluster + +```yaml +azure_local: + cluster_name: "azl-cluster-01" + cluster_domain: "iic.local" + nodes: + - name: "azl-node-01" + management_ip: "10.0.0.1" + storage_ip: "10.0.1.1" +``` + +| Variable | Type | Required | Description | Default | +|----------|------|:--------:|-------------|---------| +| `azure_local.cluster_name` | string | **Yes** | Azure Local cluster name | — | +| `azure_local.cluster_domain` | string | **Yes** | Active Directory domain for the cluster | — | +| `azure_local.nodes` | list | **Yes** | Cluster nodes with name, management_ip, and storage_ip | — | + +--- + +## Storage + +```yaml +storage: + csv_path: "C:\\ClusterStorage\\Volume1" + collect_volume_path: "C:\\ClusterStorage\\Collect" + base_vhd_path: "C:\\ClusterStorage\\Collect\\BaseImage.vhdx" +``` + +| Variable | Type | Required | Description | Default | +|----------|------|:--------:|-------------|---------| +| `storage.csv_path` | string | **Yes** | Cluster Shared Volume path for VM storage | — | +| `storage.collect_volume_path` | string | No | VMFleet Collect volume path (ReFS, 200 GB+) | — | +| `storage.base_vhd_path` | string | No | Windows Server Core base VHDX path | — | + +--- + +## Networking + +```yaml +networking: + management: + subnet: "10.0.0.0/24" + vlan_id: 0 + storage: + subnet: "10.0.1.0/24" + vlan_id: 100 + rdma_enabled: true + compute: + subnet: "10.0.2.0/24" + vlan_id: 200 +``` + +| Variable | Type | Required | Description | Default | +|----------|------|:--------:|-------------|---------| +| `networking.management.subnet` | string | No | Management network CIDR | — | +| `networking.management.vlan_id` | integer | No | Management VLAN ID | `0` | +| `networking.storage.subnet` | string | No | Storage network CIDR | — | +| `networking.storage.vlan_id` | integer | No | Storage VLAN ID | — | +| `networking.storage.rdma_enabled` | boolean | No | Whether RDMA is enabled on storage NICs | `true` | +| `networking.compute.subnet` | string | No | Compute network CIDR | — | +| `networking.compute.vlan_id` | integer | No | Compute VLAN ID | — | + +--- + +## Credentials + +```yaml +credentials: + cluster_admin_username: "keyvault://kv-iic-loadtools/hci-cluster-admin-user" + cluster_admin_password: "keyvault://kv-iic-loadtools/hci-cluster-admin-pwd" + vmfleet_admin_username: "keyvault://kv-iic-loadtools/vmfleet-admin-user" + vmfleet_admin_password: "keyvault://kv-iic-loadtools/vmfleet-admin-pwd" +``` + +| Variable | Type | Required | Description | Default | +|----------|------|:--------:|-------------|---------| +| `credentials.cluster_admin_username` | string | **Yes** | Key Vault URI — cluster admin username | — | +| `credentials.cluster_admin_password` | string | **Yes** | Key Vault URI — cluster admin password | — | +| `credentials.vmfleet_admin_username` | string | No | Key Vault URI — VMFleet VM admin username | — | +| `credentials.vmfleet_admin_password` | string | No | Key Vault URI — VMFleet VM admin password | — | + +--- + +## Testing Defaults + +```yaml +testing: + default_tool: "vmfleet" + default_profile: "general" + duration_seconds: 300 + warmup_seconds: 60 +``` + +| Variable | Type | Required | Description | Default | +|----------|------|:--------:|-------------|---------| +| `testing.default_tool` | string | **Yes** | Default tool: `vmfleet`, `fio`, `iperf`, `hammerdb`, `stress-ng` | `vmfleet` | +| `testing.default_profile` | string | No | Profile name from `config/profiles//` | `general` | +| `testing.duration_seconds` | integer | No | Duration of each test pass in seconds | `300` | +| `testing.warmup_seconds` | integer | No | Warmup period before measurement | `60` | + +--- + +## Monitoring & Reporting + +```yaml +monitoring: + log_analytics_workspace_id: "00000000-0000-0000-0000-000000000000" + log_analytics_shared_key: "keyvault://kv-iic-loadtools/log-analytics-key" + enable_real_time: true + collection_interval_seconds: 10 + +reporting: + output_dir: "reports" + format: "html" + include_charts: true +``` + +| Variable | Type | Required | Description | Default | +|----------|------|:--------:|-------------|---------| +| `monitoring.log_analytics_workspace_id` | string | No | Log Analytics workspace ID | — | +| `monitoring.log_analytics_shared_key` | string | No | Key Vault URI — Log Analytics shared key | — | +| `monitoring.enable_real_time` | boolean | No | Enable real-time metric collection | `true` | +| `monitoring.collection_interval_seconds` | integer | No | Metric sampling interval | `10` | +| `reporting.output_dir` | string | No | Report output directory | `reports` | +| `reporting.format` | string | No | Output format: `html`, `json`, `csv` | `html` | +| `reporting.include_charts` | boolean | No | Include charts in reports | `true` | + +--- + +## WinRM + +```yaml +winrm: + port: 5985 + use_ssl: false + authentication: "Kerberos" + operation_timeout_seconds: 300 +``` + +| Variable | Type | Required | Description | Default | +|----------|------|:--------:|-------------|---------| +| `winrm.port` | integer | No | WinRM port | `5985` | +| `winrm.use_ssl` | boolean | No | Enable HTTPS for WinRM | `false` | +| `winrm.authentication` | string | No | Auth method: `Kerberos`, `Negotiate`, `Basic` | `Kerberos` | +| `winrm.operation_timeout_seconds` | integer | No | Command timeout in seconds | `300` | + +--- + +## Tags + +```yaml +tags: + project: "LoadTools" + environment: "production" + workload: "performance-testing" + solution: "loadtools-azure-local" +``` + +| Variable | Type | Required | Description | Default | +|----------|------|:--------:|-------------|---------| +| `tags.project` | string | No | Project tag | `LoadTools` | +| `tags.environment` | string | No | Environment tag | `production` | +| `tags.workload` | string | No | Workload tag | `performance-testing` | +| `tags.solution` | string | No | Solution tag | `loadtools-azure-local` | + +--- + +## Key Vault Secret Resolution + +Secrets are never stored in plaintext. The `keyvault://` URI format tells deployment tools to resolve the value at runtime: + +```yaml +cluster_admin_password: "keyvault://kv-iic-loadtools/hci-cluster-admin-pwd" +``` + +**Resolution flow:** + +1. Tool parses the URI → vault name: `kv-iic-loadtools`, secret name: `hci-cluster-admin-pwd` +2. Tool calls `az keyvault secret show --vault-name kv-iic-loadtools --name hci-cluster-admin-pwd` +3. Secret value is passed directly to the script — never written to disk diff --git a/mkdocs.yml b/mkdocs.yml index 3b87968..f1f2fe5 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -56,7 +56,7 @@ nav: - CI/CD Pipelines: operations/ci-cd.md - Credential Management: operations/credential-management.md - Reference: - - Variable Reference: reference/variable-reference.md + - Variable Reference: reference/variables.md - Cmdlet Reference: reference/cmdlet-reference.md - Glossary: reference/glossary.md - Standards: