- Confidential VM (CVM)
If you want to build on Linux or MacOS, make sure you have golang installed. If not, you can download it by following these instructions:
# update your system
sudo apt update
sudo apt upgrade
# download the go binary
wget https://dl.google.com/go/go1.15.5.linux-amd64.tar.gz
# extract binaries tarball
sudo tar -C /usr/local/ -xzf go1.15.5.linux-amd64.tar.gz
# set the right path
cd /usr/local/
echo $PATH
sudo nano $HOME/.profile
inside your profile, append the following:
export PATH=$PATH:/usr/local/go/bin
save and apply changes:
source $HOME/.profile
check that it installed correctly:
go version
On Linux or MacOS, execute:
make build
Alternatively, you can build with a Docker container:
docker run \
-v $PWD:/go/src/github.com/microsoft/acc-vm-engine \
-w /go/src/github.com/microsoft/acc-vm-engine \
golang:1.15-alpine go build ./cmd/acc-vm-engine
A sample configuration file for CVM deployment is located in the test/ folder. If your machine runs Linux or MacOS, you can execute the following command to generate templates for a windows vm deployment:
./acc-vm-engine generate -c ./test/cvm-win.json
Please note that for a linux deployment, you will have to put your ssh public key into the test/cvm-ubuntu.json parameter file under 'admin_password_or_key' or you will not be able to connect. Then execute:
./acc-vm-engine generate -c ./test/cvm-ubuntu.json
In case you need to generate an ssh public key, you can use the following command and use the public key content that it outputs into your ~/.ssh folder:
ssh-keygen -t rsa -b 4096 -C "[email protected]"
Alternatively, use Docker container:
docker run \
-v $PWD:/go/src/github.com/microsoft/acc-vm-engine \
-w /go/src/github.com/microsoft/acc-vm-engine \
golang:1.15-alpine ./acc-vm-engine generate -c ./test/cvm-win.json
The template and parameter files will be generated in _output
directory (by default).
Use Azure CLI or PowerShell to deploy the VM.
When using Azure CLI, you may want to log in to Azure and set default subscription. This is a one-time operation:
SUB=<subscription ID>
az login
az account set --subscription ${SUB}
Create a resource group and deploy the VM:
RGROUP=<resource group name>
LOC=<deployment region>
az group create -n ${RGROUP} -l ${LOC}
az deployment group create \
--resource-group ${RGROUP} \
--name MyDeployment \
--template-file ./_output/azuredeploy.json \
--parameters @./_output/azuredeploy.parameters.json