forked from Azure/aks-engine-azurestack
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdeploy.go
551 lines (469 loc) · 20.9 KB
/
deploy.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT license.
package cmd
import (
"context"
"encoding/base64"
"fmt"
"io/ioutil"
"math/rand"
"os"
"path"
"path/filepath"
"strconv"
"strings"
"time"
"github.com/leonelquinteros/gotext"
log "github.com/sirupsen/logrus"
"github.com/spf13/cobra"
"encoding/json"
"github.com/Azure/aks-engine/pkg/api"
"github.com/Azure/aks-engine/pkg/armhelpers"
"github.com/Azure/aks-engine/pkg/engine"
"github.com/Azure/aks-engine/pkg/engine/transform"
"github.com/Azure/aks-engine/pkg/helpers"
"github.com/Azure/aks-engine/pkg/i18n"
"github.com/Azure/azure-sdk-for-go/services/graphrbac/1.6/graphrbac"
"github.com/Azure/go-autorest/autorest/to"
"github.com/pkg/errors"
)
const (
deployName = "deploy"
deployShortDescription = "Deploy an Azure Resource Manager template"
deployLongDescription = "Deploy an Azure Resource Manager template, parameters file and other assets for a cluster"
)
type deployCmd struct {
authProvider
apimodelPath string
dnsPrefix string
autoSuffix bool
outputDirectory string // can be auto-determined from clusterDefinition
forceOverwrite bool
caCertificatePath string
caPrivateKeyPath string
parametersOnly bool
set []string
// derived
containerService *api.ContainerService
apiVersion string
locale *gotext.Locale
client armhelpers.AKSEngineClient
resourceGroup string
random *rand.Rand
location string
}
func newDeployCmd() *cobra.Command {
dc := deployCmd{
authProvider: &authArgs{},
}
deployCmd := &cobra.Command{
Use: deployName,
Short: deployShortDescription,
Long: deployLongDescription,
RunE: func(cmd *cobra.Command, args []string) error {
if err := dc.validateArgs(cmd, args); err != nil {
return errors.Wrap(err, "validating deployCmd")
}
if err := dc.mergeAPIModel(); err != nil {
return errors.Wrap(err, "merging API model in deployCmd")
}
if err := dc.loadAPIModel(); err != nil {
return errors.Wrap(err, "loading API model")
}
if dc.apiVersion == "vlabs" {
if err := dc.validateAPIModelAsVLabs(); err != nil {
return errors.Wrap(err, "validating API model after populating values")
}
} else {
log.Warnf("API model validation is only available for \"apiVersion\": \"vlabs\", skipping validation...")
}
return dc.run()
},
}
f := deployCmd.Flags()
f.StringVarP(&dc.apimodelPath, "api-model", "m", "", "path to your cluster definition file")
f.StringVarP(&dc.dnsPrefix, "dns-prefix", "p", "", "dns prefix (unique name for the cluster)")
f.BoolVar(&dc.autoSuffix, "auto-suffix", false, "automatically append a compressed timestamp to the dnsPrefix to ensure cluster name uniqueness")
f.StringVarP(&dc.outputDirectory, "output-directory", "o", "", "output directory (derived from FQDN if absent)")
f.StringVar(&dc.caCertificatePath, "ca-certificate-path", "", "path to the CA certificate to use for Kubernetes PKI assets")
f.StringVar(&dc.caPrivateKeyPath, "ca-private-key-path", "", "path to the CA private key to use for Kubernetes PKI assets")
f.StringVarP(&dc.resourceGroup, "resource-group", "g", "", "resource group to deploy to (will use the DNS prefix from the apimodel if not specified)")
f.StringVarP(&dc.location, "location", "l", "", "location to deploy to (required)")
f.BoolVarP(&dc.forceOverwrite, "force-overwrite", "f", false, "automatically overwrite existing files in the output directory")
f.StringArrayVar(&dc.set, "set", []string{}, "set values on the command line (can specify multiple or separate values with commas: key1=val1,key2=val2)")
addAuthFlags(dc.getAuthArgs(), f)
return deployCmd
}
func (dc *deployCmd) validateArgs(cmd *cobra.Command, args []string) error {
var err error
dc.locale, err = i18n.LoadTranslations()
if err != nil {
return errors.Wrap(err, "loading translation files")
}
if dc.apimodelPath == "" {
if len(args) == 1 {
dc.apimodelPath = args[0]
} else if len(args) > 1 {
_ = cmd.Usage()
return errors.New("too many arguments were provided to 'deploy'")
}
}
if dc.apimodelPath != "" {
if _, err := os.Stat(dc.apimodelPath); os.IsNotExist(err) {
return errors.Errorf("specified api model does not exist (%s)", dc.apimodelPath)
}
}
if dc.location == "" {
return errors.New("--location must be specified")
}
dc.location = helpers.NormalizeAzureRegion(dc.location)
return nil
}
func (dc *deployCmd) mergeAPIModel() error {
var err error
if dc.apimodelPath == "" {
log.Infoln("no --api-model was specified, using default model")
var f *os.File
f, err = ioutil.TempFile("", fmt.Sprintf("%s-default-api-model_%s-%s_", filepath.Base(os.Args[0]), BuildSHA, GitTreeState))
if err != nil {
return errors.Wrap(err, "error creating temp file for default API model")
}
log.Infoln("default api model generated at", f.Name())
defer f.Close()
if err = writeDefaultModel(f); err != nil {
return err
}
dc.apimodelPath = f.Name()
}
// if --set flag has been used
if len(dc.set) > 0 {
m := make(map[string]transform.APIModelValue)
transform.MapValues(m, dc.set)
// overrides the api model and generates a new file
dc.apimodelPath, err = transform.MergeValuesWithAPIModel(dc.apimodelPath, m)
if err != nil {
return errors.Wrapf(err, "error merging --set values with the api model: %s", dc.apimodelPath)
}
log.Infoln(fmt.Sprintf("new API model file has been generated during merge: %s", dc.apimodelPath))
}
return nil
}
func (dc *deployCmd) loadAPIModel() error {
var caCertificateBytes []byte
var caKeyBytes []byte
var err error
apiloader := &api.Apiloader{
Translator: &i18n.Translator{
Locale: dc.locale,
},
}
// do not validate when initially loading the apimodel, validation is done later after autofilling values
dc.containerService, dc.apiVersion, err = apiloader.LoadContainerServiceFromFile(dc.apimodelPath, false, false, nil)
if err != nil {
return errors.Wrap(err, "error parsing the api model")
}
if dc.containerService.Properties.MasterProfile == nil {
return errors.New("MasterProfile can't be nil")
}
// consume dc.caCertificatePath and dc.caPrivateKeyPath
if (dc.caCertificatePath != "" && dc.caPrivateKeyPath == "") || (dc.caCertificatePath == "" && dc.caPrivateKeyPath != "") {
return errors.New("--ca-certificate-path and --ca-private-key-path must be specified together")
}
if dc.caCertificatePath != "" {
if caCertificateBytes, err = ioutil.ReadFile(dc.caCertificatePath); err != nil {
return errors.Wrap(err, "failed to read CA certificate file")
}
if caKeyBytes, err = ioutil.ReadFile(dc.caPrivateKeyPath); err != nil {
return errors.Wrap(err, "failed to read CA private key file")
}
prop := dc.containerService.Properties
if prop.CertificateProfile == nil {
prop.CertificateProfile = &api.CertificateProfile{}
}
prop.CertificateProfile.CaCertificate = string(caCertificateBytes)
prop.CertificateProfile.CaPrivateKey = string(caKeyBytes)
}
if dc.containerService.Location == "" {
dc.containerService.Location = dc.location
} else if dc.containerService.Location != dc.location {
return errors.New("--location does not match api model location")
}
if dc.containerService.Properties.IsCustomCloudProfile() {
err = dc.containerService.SetCustomCloudProfileEnvironment()
if err != nil {
return errors.Wrap(err, "error parsing the api model")
}
if err = writeCustomCloudProfile(dc.containerService); err != nil {
return errors.Wrap(err, "error writing custom cloud profile")
}
if dc.containerService.Properties.CustomCloudProfile.IdentitySystem == "" || dc.containerService.Properties.CustomCloudProfile.IdentitySystem != dc.authProvider.getAuthArgs().IdentitySystem {
if dc.authProvider != nil {
dc.containerService.Properties.CustomCloudProfile.IdentitySystem = dc.authProvider.getAuthArgs().IdentitySystem
}
}
}
if err = dc.getAuthArgs().validateAuthArgs(); err != nil {
return err
}
dc.client, err = dc.authProvider.getClient()
if err != nil {
return errors.Wrap(err, "failed to get client")
}
if err = autofillApimodel(dc); err != nil {
return err
}
dc.random = rand.New(rand.NewSource(time.Now().UnixNano()))
return nil
}
func autofillApimodel(dc *deployCmd) error {
if dc.containerService.Properties.LinuxProfile != nil {
if dc.containerService.Properties.LinuxProfile.AdminUsername == "" {
log.Warnf("apimodel: no linuxProfile.adminUsername was specified. Will use 'azureuser'.")
dc.containerService.Properties.LinuxProfile.AdminUsername = "azureuser"
}
}
if dc.dnsPrefix != "" && dc.containerService.Properties.MasterProfile.DNSPrefix != "" {
return errors.New("invalid configuration: the apimodel masterProfile.dnsPrefix and --dns-prefix were both specified")
}
if dc.containerService.Properties.MasterProfile.DNSPrefix == "" {
if dc.dnsPrefix == "" {
return errors.New("apimodel: missing masterProfile.dnsPrefix and --dns-prefix was not specified")
}
dc.containerService.Properties.MasterProfile.DNSPrefix = dc.dnsPrefix
}
if dc.autoSuffix {
suffix := strconv.FormatInt(time.Now().Unix(), 16)
dc.containerService.Properties.MasterProfile.DNSPrefix += "-" + suffix
log.Infof("Generated random suffix %s, DNS Prefix is %s", suffix, dc.containerService.Properties.MasterProfile.DNSPrefix)
}
if dc.outputDirectory == "" {
dc.outputDirectory = path.Join("_output", dc.containerService.Properties.MasterProfile.DNSPrefix)
}
if _, err := os.Stat(dc.outputDirectory); !dc.forceOverwrite && err == nil {
return errors.Errorf("Output directory already exists and forceOverwrite flag is not set: %s", dc.outputDirectory)
}
if dc.resourceGroup == "" {
dnsPrefix := dc.containerService.Properties.MasterProfile.DNSPrefix
log.Warnf("--resource-group was not specified. Using the DNS prefix from the apimodel as the resource group name: %s", dnsPrefix)
dc.resourceGroup = dnsPrefix
if dc.location == "" {
return errors.New("--resource-group was not specified. --location must be specified in case the resource group needs creation")
}
}
if dc.containerService.Properties.LinuxProfile != nil && (dc.containerService.Properties.LinuxProfile.SSH.PublicKeys == nil ||
len(dc.containerService.Properties.LinuxProfile.SSH.PublicKeys) == 0 ||
dc.containerService.Properties.LinuxProfile.SSH.PublicKeys[0].KeyData == "") {
translator := &i18n.Translator{
Locale: dc.locale,
}
var publicKey string
_, publicKey, err := helpers.CreateSaveSSH(dc.containerService.Properties.LinuxProfile.AdminUsername, dc.outputDirectory, translator)
if err != nil {
return errors.Wrap(err, "Failed to generate SSH Key")
}
dc.containerService.Properties.LinuxProfile.SSH.PublicKeys = []api.PublicKey{{KeyData: publicKey}}
}
ctx, cancel := context.WithTimeout(context.Background(), armhelpers.DefaultARMOperationTimeout)
defer cancel()
_, err := dc.client.EnsureResourceGroup(ctx, dc.resourceGroup, dc.location, nil)
if err != nil {
return err
}
k8sConfig := dc.containerService.Properties.OrchestratorProfile.KubernetesConfig
useManagedIdentity := k8sConfig != nil && to.Bool(k8sConfig.UseManagedIdentity)
if !useManagedIdentity {
spp := dc.containerService.Properties.ServicePrincipalProfile
if spp != nil && spp.ClientID == "" && spp.Secret == "" && spp.KeyvaultSecretRef == nil && (dc.getAuthArgs().ClientID.String() == "" || dc.getAuthArgs().ClientID.String() == "00000000-0000-0000-0000-000000000000") && dc.getAuthArgs().ClientSecret == "" {
log.Warnln("apimodel: ServicePrincipalProfile was missing or empty, creating application...")
// TODO: consider caching the creds here so they persist between subsequent runs of 'deploy'
appName := dc.containerService.Properties.MasterProfile.DNSPrefix
appURL := fmt.Sprintf("https://%s/", appName)
var replyURLs *[]string
var requiredResourceAccess *[]graphrbac.RequiredResourceAccess
applicationResp, servicePrincipalObjectID, secret, createErr := dc.client.CreateApp(ctx, appName, appURL, replyURLs, requiredResourceAccess)
if createErr != nil {
return errors.Wrap(createErr, "apimodel invalid: ServicePrincipalProfile was empty, and we failed to create valid credentials")
}
applicationID := to.String(applicationResp.AppID)
log.Warnf("created application with applicationID (%s) and servicePrincipalObjectID (%s).", applicationID, servicePrincipalObjectID)
log.Warnln("apimodel: ServicePrincipalProfile was empty, assigning role to application...")
err = dc.client.CreateRoleAssignmentSimple(ctx, dc.resourceGroup, servicePrincipalObjectID)
if err != nil {
return errors.Wrap(err, "apimodel: could not create or assign ServicePrincipal")
}
dc.containerService.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
ClientID: applicationID,
Secret: secret,
ObjectID: servicePrincipalObjectID,
}
} else if (dc.containerService.Properties.ServicePrincipalProfile == nil || ((dc.containerService.Properties.ServicePrincipalProfile.ClientID == "" || dc.containerService.Properties.ServicePrincipalProfile.ClientID == "00000000-0000-0000-0000-000000000000") && dc.containerService.Properties.ServicePrincipalProfile.Secret == "")) && dc.getAuthArgs().ClientID.String() != "" && dc.getAuthArgs().ClientSecret != "" {
dc.containerService.Properties.ServicePrincipalProfile = &api.ServicePrincipalProfile{
ClientID: dc.getAuthArgs().ClientID.String(),
Secret: dc.getAuthArgs().ClientSecret,
}
}
}
if k8sConfig != nil && k8sConfig.Addons != nil && k8sConfig.IsContainerMonitoringAddonEnabled() {
log.Infoln("container monitoring addon enabled")
cloudOrDependenciesLocation := dc.containerService.GetCloudSpecConfig().CloudName
if dc.containerService.Properties.IsCustomCloudProfile() {
cloudOrDependenciesLocation = string(dc.containerService.Properties.CustomCloudProfile.DependenciesLocation)
}
workspaceDomain := helpers.GetLogAnalyticsWorkspaceDomain(cloudOrDependenciesLocation)
err := dc.configureContainerMonitoringAddon(ctx, k8sConfig, workspaceDomain)
if err != nil {
return errors.Wrap(err, "Failed to configure container monitoring addon")
}
}
return nil
}
// validateAPIModelAsVLabs converts the ContainerService object to a vlabs ContainerService object and validates it
func (dc *deployCmd) validateAPIModelAsVLabs() error {
return api.ConvertContainerServiceToVLabs(dc.containerService).Validate(false)
}
func (dc *deployCmd) run() error {
ctx := engine.Context{
Translator: &i18n.Translator{
Locale: dc.locale,
},
}
templateGenerator, err := engine.InitializeTemplateGenerator(ctx)
if err != nil {
return errors.Wrap(err, "initializing template generator")
}
certsgenerated, err := dc.containerService.SetPropertiesDefaults(api.PropertiesDefaultsParams{
IsScale: false,
IsUpgrade: false,
PkiKeySize: helpers.DefaultPkiKeySize,
})
if err != nil {
return errors.Wrapf(err, "in SetPropertiesDefaults template %s", dc.apimodelPath)
}
if dc.containerService.Properties.IsAzureStackCloud() {
if err = dc.validateOSBaseImage(); err != nil {
return errors.Wrapf(err, "validating OS base images required by %s", dc.apimodelPath)
}
}
template, parameters, err := templateGenerator.GenerateTemplateV2(dc.containerService, engine.DefaultGeneratorCode, BuildTag)
if err != nil {
return errors.Wrapf(err, "generating template %s", dc.apimodelPath)
}
if template, err = transform.PrettyPrintArmTemplate(template); err != nil {
return errors.Wrap(err, "pretty-printing template")
}
var parametersFile string
if parametersFile, err = transform.BuildAzureParametersFile(parameters); err != nil {
return errors.Wrap(err, "pretty-printing template parameters")
}
writer := &engine.ArtifactWriter{
Translator: &i18n.Translator{
Locale: dc.locale,
},
}
if err = writer.WriteTLSArtifacts(dc.containerService, dc.apiVersion, template, parametersFile, dc.outputDirectory, certsgenerated, dc.parametersOnly); err != nil {
return errors.Wrap(err, "writing artifacts")
}
templateJSON := make(map[string]interface{})
parametersJSON := make(map[string]interface{})
if err = json.Unmarshal([]byte(template), &templateJSON); err != nil {
return err
}
if err = json.Unmarshal([]byte(parameters), ¶metersJSON); err != nil {
return err
}
cx, cancel := context.WithTimeout(context.Background(), armhelpers.DefaultARMOperationTimeout)
defer cancel()
deploymentSuffix := dc.random.Int31()
if res, err := dc.client.DeployTemplate(
cx,
dc.resourceGroup,
fmt.Sprintf("%s-%d", dc.resourceGroup, deploymentSuffix),
templateJSON,
parametersJSON,
); err != nil {
if res.Response.Response != nil && res.Body != nil {
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
log.Errorf(string(body))
}
return err
}
return nil
}
// configure api model addon config with container monitoring addon
func (dc *deployCmd) configureContainerMonitoringAddon(ctx context.Context, k8sConfig *api.KubernetesConfig, workspaceDomain string) error {
log.Infoln("configuring container monitoring addon info")
if k8sConfig == nil {
return errors.New("KubernetesConfig either null or invalid")
}
var workspaceResourceID string
var err error
addon := k8sConfig.GetAddonByName("container-monitoring")
if addon.Config == nil || len(addon.Config) == 0 || addon.Config["logAnalyticsWorkspaceResourceId"] != "" {
if dc.containerService.Properties.IsAzureStackCloud() {
return errors.New("This is not supported option for AzureStackCloud. Please provide config with workspaceGuid and workspaceKey")
}
workspaceResourceID = strings.TrimSpace(addon.Config["logAnalyticsWorkspaceResourceId"])
if workspaceResourceID != "" {
log.Infoln("using provided log analytics workspace resource id:", workspaceResourceID)
if !strings.HasPrefix(workspaceResourceID, "/") {
workspaceResourceID = "/" + workspaceResourceID
}
workspaceResourceID = strings.TrimSuffix(workspaceResourceID, "/")
} else {
log.Infoln("creating default log analytics workspace if not exists already")
workspaceResourceID, err = dc.client.EnsureDefaultLogAnalyticsWorkspace(ctx, dc.resourceGroup, dc.location)
if err != nil {
return errors.Wrap(err, "apimodel: Failed to create default log analytics workspace for container monitoring addon")
}
log.Infoln("successfully created or fetched default log analytics workspace:", workspaceResourceID)
}
resourceParts := strings.Split(workspaceResourceID, "/")
if len(resourceParts) != 9 {
return errors.Errorf("%s is not a valid azure resource id", workspaceResourceID)
}
workspaceSubscriptionID := resourceParts[2]
workspaceResourceGroup := resourceParts[4]
workspaceName := resourceParts[8]
log.Infoln("Retrieving log analytics workspace Guid, Key and location details for the workspace resource:", workspaceResourceID)
wsID, wsKey, wsLocation, err := dc.client.GetLogAnalyticsWorkspaceInfo(ctx, workspaceSubscriptionID, workspaceResourceGroup, workspaceName)
if err != nil {
return errors.Wrap(err, "apimodel: Failed to get the workspace Guid, Key and location details ")
}
log.Infoln("successfully retrieved log analytics workspace details")
log.Infoln("log analytics workspace id: ", wsID)
log.Infoln("adding container insights solution to log analytics workspace: ", workspaceResourceID)
_, err = dc.client.AddContainerInsightsSolution(ctx, workspaceSubscriptionID, workspaceResourceGroup, workspaceName, wsLocation)
if err != nil {
return errors.Wrap(err, "apimodel: Failed to get add container insights solution")
}
log.Infoln("successfully added container insights solution to log analytics workspace: ", workspaceResourceID)
log.Infoln("Adding log analytics workspaceGuid and workspaceKey, workspaceResourceId to the container monitoring addon")
for _, addon := range dc.containerService.Properties.OrchestratorProfile.KubernetesConfig.Addons {
if addon.Name == "container-monitoring" {
addon.Config["workspaceGuid"] = base64.StdEncoding.EncodeToString([]byte(wsID))
addon.Config["workspaceKey"] = base64.StdEncoding.EncodeToString([]byte(wsKey))
addon.Config["logAnalyticsWorkspaceResourceId"] = workspaceResourceID
addon.Config["workspaceDomain"] = base64.StdEncoding.EncodeToString([]byte(workspaceDomain))
}
}
} else {
log.Infoln("using provided workspaceGuid, workspaceKey in the container addon config")
workspaceGUID := addon.Config["workspaceGuid"]
workspaceKey := addon.Config["workspaceKey"]
addon.Config["workspaceDomain"] = base64.StdEncoding.EncodeToString([]byte(workspaceDomain))
log.Infoln("workspaceGuid:", workspaceGUID)
log.Infoln("workspaceKey:", workspaceKey)
log.Infoln("workspaceDomain:", workspaceDomain)
}
return nil
}
// validateOSBaseImage checks if the OS image is available on the target cloud (ATM, Azure Stack only)
func (dc *deployCmd) validateOSBaseImage() error {
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer cancel()
if err := armhelpers.ValidateRequiredImages(ctx, dc.location, dc.containerService.Properties, dc.client); err != nil {
return errors.Wrap(err, "OS base image not available in target cloud")
}
return nil
}