From bf95e217cbad323e1d353461b50fb97503c9ba73 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Wed, 27 Apr 2016 11:33:46 +0100
Subject: [PATCH 01/53] Add new azure resorce manager branch and privider
 terraform file

---
 terraform/azure_rmprovider/provider.tf | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 terraform/azure_rmprovider/provider.tf

diff --git a/terraform/azure_rmprovider/provider.tf b/terraform/azure_rmprovider/provider.tf
new file mode 100644
index 00000000..3cf279d8
--- /dev/null
+++ b/terraform/azure_rmprovider/provider.tf
@@ -0,0 +1,9 @@
+/* Configure auth 2 resource manager authentication. This requires an aplication to be set up in Azure, see
+https://www.terraform.io/docs/providers/azurerm/index.html fo details. */
+
+provider "azurerm" {
+  subscription_id = "${var.subscription_id}"
+  client_id       = "${var.client_id}"
+  client_secret   = "${var.client_secret}"
+  tenant_id       = "${var.tenant_id}"
+}
\ No newline at end of file

From 690b73f50ddcae56aad3f017838376e94ba1ec2c Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Wed, 27 Apr 2016 12:23:32 +0100
Subject: [PATCH 02/53] Addition of terraform variables file

---
 terraform/azure_rmprovider/variables.tf | 28 +++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 terraform/azure_rmprovider/variables.tf

diff --git a/terraform/azure_rmprovider/variables.tf b/terraform/azure_rmprovider/variables.tf
new file mode 100644
index 00000000..ec761415
--- /dev/null
+++ b/terraform/azure_rmprovider/variables.tf
@@ -0,0 +1,28 @@
+variable "subscription_id" { 
+	description = "The Azure subscrition identifier (guid)." 
+} 
+
+variable "client_id" { 
+	description = "The oAuth 2 client id. " 
+} 
+
+variable "client_secret" { 
+	description = "The oAuth 2 client secret." 
+}
+
+variable "tenant_id" { 
+	description = "The oAuth 2 tenant id." 
+}
+
+variable "location" { 
+	description = "The deployment azure data centre location." 
+}
+
+variable "vn_cidr_block" { 
+	description = "Cidr block for the VN." 
+} 
+ 
+variable "subnet_cidr_block" { 
+	description = "CIDR for private subnet" 
+} 
+

From d2d56493f54b932607659a63bb911baf5c2ec818 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Wed, 27 Apr 2016 12:30:09 +0100
Subject: [PATCH 03/53] Rename folder to azurerm

---
 terraform/{azure_rmprovider => azurerm}/provider.tf  | 0
 terraform/{azure_rmprovider => azurerm}/variables.tf | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 rename terraform/{azure_rmprovider => azurerm}/provider.tf (100%)
 rename terraform/{azure_rmprovider => azurerm}/variables.tf (100%)

diff --git a/terraform/azure_rmprovider/provider.tf b/terraform/azurerm/provider.tf
similarity index 100%
rename from terraform/azure_rmprovider/provider.tf
rename to terraform/azurerm/provider.tf
diff --git a/terraform/azure_rmprovider/variables.tf b/terraform/azurerm/variables.tf
similarity index 100%
rename from terraform/azure_rmprovider/variables.tf
rename to terraform/azurerm/variables.tf

From 51c370dba122ce87016b6fbd7563a3d2be41ec14 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 28 Apr 2016 10:32:42 +0100
Subject: [PATCH 04/53] Addition of virtual network and storage account

---
 terraform/azurerm/bastian-publicip.tf       |  7 +++++++
 terraform/azurerm/network-security-group.tf | 18 ++++++++++++++++++
 terraform/azurerm/resourcegroup.tf          |  5 +++++
 terraform/azurerm/storage.tf                | 15 +++++++++++++++
 terraform/azurerm/variables.tf              | 14 +++++++++++++-
 terraform/azurerm/virtual-network-subnet.tf |  6 ++++++
 terraform/azurerm/virtual-network.tf        |  7 +++++++
 7 files changed, 71 insertions(+), 1 deletion(-)
 create mode 100644 terraform/azurerm/bastian-publicip.tf
 create mode 100644 terraform/azurerm/network-security-group.tf
 create mode 100644 terraform/azurerm/resourcegroup.tf
 create mode 100644 terraform/azurerm/storage.tf
 create mode 100644 terraform/azurerm/virtual-network-subnet.tf
 create mode 100644 terraform/azurerm/virtual-network.tf

diff --git a/terraform/azurerm/bastian-publicip.tf b/terraform/azurerm/bastian-publicip.tf
new file mode 100644
index 00000000..0641cdba
--- /dev/null
+++ b/terraform/azurerm/bastian-publicip.tf
@@ -0,0 +1,7 @@
+#Create Public IP Address for bastian server
+resource "azurerm_public_ip" "bastian_publicip" {
+    name = "BastianPublicIp"
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    public_ip_address_allocation = "static"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/network-security-group.tf b/terraform/azurerm/network-security-group.tf
new file mode 100644
index 00000000..726c92bc
--- /dev/null
+++ b/terraform/azurerm/network-security-group.tf
@@ -0,0 +1,18 @@
+#Create Network Security Group
+resource "azurerm_network_security_group" "network_security_group" {
+    name = "AzureRM_NetworkSecurityGroup"
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+
+    security_rule {
+        name = "AzureRM_SecurityRuleTcp"
+        priority = 100
+        direction = "Inbound"
+        access = "Allow"
+        protocol = "Tcp"
+        source_port_range = "*"
+        destination_port_range = "*"
+        source_address_prefix = "*"
+        destination_address_prefix = "*"
+    }
+}
\ No newline at end of file
diff --git a/terraform/azurerm/resourcegroup.tf b/terraform/azurerm/resourcegroup.tf
new file mode 100644
index 00000000..e066efd5
--- /dev/null
+++ b/terraform/azurerm/resourcegroup.tf
@@ -0,0 +1,5 @@
+# Create a resource group
+resource "azurerm_resource_group" "resource_group" {
+    name     = "AzureRM-Resource-Group"
+    location = "${var.region}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/storage.tf b/terraform/azurerm/storage.tf
new file mode 100644
index 00000000..8073d282
--- /dev/null
+++ b/terraform/azurerm/storage.tf
@@ -0,0 +1,15 @@
+# Create a storage account
+resource "azurerm_storage_account" "storage_account" {
+    name = "${var.storage_account_name}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    location = "${var.region}"
+    account_type = "Standard_GRS"
+}
+
+# Create storage container
+resource "azurerm_storage_container" "storage_container" {
+    name = "${var.storage_container_name}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    storage_account_name = "${azurerm_storage_account.storage_account.name}"
+    container_access_type = "private"
+} 
\ No newline at end of file
diff --git a/terraform/azurerm/variables.tf b/terraform/azurerm/variables.tf
index ec761415..ed2d2995 100644
--- a/terraform/azurerm/variables.tf
+++ b/terraform/azurerm/variables.tf
@@ -14,15 +14,27 @@ variable "tenant_id" {
 	description = "The oAuth 2 tenant id." 
 }
 
-variable "location" { 
+variable "region" { 
 	description = "The deployment azure data centre location." 
+	default = "North Europe"
 }
 
 variable "vn_cidr_block" { 
 	description = "Cidr block for the VN." 
+	default = "10.0.0.0/16"
 } 
  
 variable "subnet_cidr_block" { 
 	description = "CIDR for private subnet" 
+	default     = "10.0.0.0/24"
 } 
 
+variable "storage_account_name" { 
+    description = "Storage account name" 
+    default = "mesosimages" 
+} 
+
+variable "storage_container_name" { 
+    description = "Storage container name" 
+    default = "mesosimages-container" 
+} 
\ No newline at end of file
diff --git a/terraform/azurerm/virtual-network-subnet.tf b/terraform/azurerm/virtual-network-subnet.tf
new file mode 100644
index 00000000..5a41df75
--- /dev/null
+++ b/terraform/azurerm/virtual-network-subnet.tf
@@ -0,0 +1,6 @@
+resource "azurerm_subnet" "subnet" {
+    name = "AzureRM_Subnet"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    virtual_network_name = "${azurerm_virtual_network.virtual_network.name}"
+    address_prefix = "${var.subnet_cidr_block}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/virtual-network.tf b/terraform/azurerm/virtual-network.tf
new file mode 100644
index 00000000..dde47dda
--- /dev/null
+++ b/terraform/azurerm/virtual-network.tf
@@ -0,0 +1,7 @@
+# Create a virtual network
+resource "azurerm_virtual_network" "virtual_network" {
+  name                = "AzureRM-Virtual-Network"
+  resource_group_name = "${azurerm_resource_group.resource_group.name}"
+  address_space       = ["${var.vn_cidr_block}"]
+  location            = "${var.region}"
+} 
\ No newline at end of file

From 3aedd81cd18fb3b5a6d778b4584d1d3523fc834c Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 28 Apr 2016 17:01:37 +0100
Subject: [PATCH 05/53] Addition bastion server and master servers
 configuration

---
 terraform/azurerm/bastion-publicip.tf       |  7 +++
 terraform/azurerm/bastion-server.tf         | 47 +++++++++++++++++++
 terraform/azurerm/master-publicip.tf        |  9 ++++
 terraform/azurerm/mesos-masters.tf          | 51 +++++++++++++++++++++
 terraform/azurerm/network-security-group.tf | 43 +++++++++++++++--
 terraform/azurerm/storage.tf                |  3 +-
 terraform/azurerm/variables.tf              | 27 ++++++++++-
 terraform/azurerm/virtual-network-subnet.tf |  3 +-
 terraform/azurerm/virtual-network.tf        |  3 +-
 9 files changed, 186 insertions(+), 7 deletions(-)
 create mode 100644 terraform/azurerm/bastion-publicip.tf
 create mode 100644 terraform/azurerm/bastion-server.tf
 create mode 100644 terraform/azurerm/master-publicip.tf
 create mode 100644 terraform/azurerm/mesos-masters.tf

diff --git a/terraform/azurerm/bastion-publicip.tf b/terraform/azurerm/bastion-publicip.tf
new file mode 100644
index 00000000..4dfa65eb
--- /dev/null
+++ b/terraform/azurerm/bastion-publicip.tf
@@ -0,0 +1,7 @@
+#Create Public IP Address for bastion server
+resource "azurerm_public_ip" "bastion_publicip" {
+    name = "BastionPublicIp"
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    public_ip_address_allocation = "static"
+}
diff --git a/terraform/azurerm/bastion-server.tf b/terraform/azurerm/bastion-server.tf
new file mode 100644
index 00000000..ca1af2b5
--- /dev/null
+++ b/terraform/azurerm/bastion-server.tf
@@ -0,0 +1,47 @@
+# Create a network interface for bastion server
+resource "azurerm_network_interface" "bastion_network_interface" {
+    name = "Bastion_NetworkInterface"
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
+
+    ip_configuration {
+        name = "bastionipconfiguration"
+        subnet_id = "${azurerm_subnet.subnet.id}"
+        private_ip_address_allocation = "dynamic"
+		public_ip_address_id = "${azurerm_public_ip.bastion_publicip.id}"
+    }
+}
+
+# NAT/VPN server
+resource "azurerm_virtual_machine" "bastion" {
+    name = "apollo-bastion"
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    network_interface_ids = ["${azurerm_network_interface.bastion_network_interface.id}"]
+    vm_size = "${var.instance_type.master}"
+
+    storage_image_reference {
+    	publisher = "Canonical"
+		offer = "UbuntuServer"
+		sku = "14.04.2-LTS"
+		version = "latest"
+    }
+
+    storage_os_disk {
+        name = "bastiondisk"
+        vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/bastiondisk.vhd"
+        caching = "ReadWrite"
+        create_option = "FromImage"
+    }
+
+    os_profile {
+	computer_name = "${var.bastion_server_computername}"
+    	admin_username = "${var.bastion_server_username}"
+    	admin_password = "${var.bastion_server_password}"
+    }
+
+    os_profile_linux_config {
+    disable_password_authentication = false
+    }
+}
diff --git a/terraform/azurerm/master-publicip.tf b/terraform/azurerm/master-publicip.tf
new file mode 100644
index 00000000..e7630175
--- /dev/null
+++ b/terraform/azurerm/master-publicip.tf
@@ -0,0 +1,9 @@
+#Create Public IP Address for master servers
+resource "azurerm_public_ip" "master_publicip" {
+    name = "MasterPublicIp-${count.index}" 
+	count = "${var.masters_count}" 
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    public_ip_address_allocation = "static"
+}
+
diff --git a/terraform/azurerm/mesos-masters.tf b/terraform/azurerm/mesos-masters.tf
new file mode 100644
index 00000000..54a127f4
--- /dev/null
+++ b/terraform/azurerm/mesos-masters.tf
@@ -0,0 +1,51 @@
+# Create a network interface for bastion server
+resource "azurerm_network_interface" "master_network_interface" {
+    name = "Master_NetworkInterface-${count.index}" 
+	count = "${var.masters_count}"
+	location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
+
+    ip_configuration {
+        name = "masteripconfiguration-${count.index}"
+        subnet_id = "${azurerm_subnet.subnet.id}"
+        private_ip_address_allocation = "dynamic"
+		public_ip_address_id = "${element(azurerm_public_ip.master_publicip.*.id, count.index)}"
+    }
+}
+
+# Master server
+resource "azurerm_virtual_machine" "master" {
+    name = "apollo-mesos-master-${count.index}"
+	count = "${var.masters_count}"
+    location = "${var.region}"
+	depends_on = ["azurerm_virtual_machine.bastion"]
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    network_interface_ids = ["${element(azurerm_network_interface.master_network_interface.*.id, count.index)}"] 
+    vm_size = "${var.instance_type.master}"
+
+    storage_image_reference {
+    	publisher = "Canonical"
+		offer = "UbuntuServer"
+		sku = "14.04.2-LTS"
+		version = "latest"
+    }
+
+    storage_os_disk {
+        name = "masterdisk${count.index}"
+        vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/masterdisk-${count.index}.vhd"
+        caching = "ReadWrite"
+        create_option = "FromImage"
+    }
+
+    os_profile {
+	computer_name = "Mesos-Master-${count.index}"
+    	admin_username = "${var.bastion_server_username}"
+    	admin_password = "${var.bastion_server_password}"
+    }
+
+    os_profile_linux_config {
+    disable_password_authentication = false
+    }
+}
+
diff --git a/terraform/azurerm/network-security-group.tf b/terraform/azurerm/network-security-group.tf
index 726c92bc..7e2ee982 100644
--- a/terraform/azurerm/network-security-group.tf
+++ b/terraform/azurerm/network-security-group.tf
@@ -5,14 +5,51 @@ resource "azurerm_network_security_group" "network_security_group" {
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
 
     security_rule {
-        name = "AzureRM_SecurityRuleTcp"
+        name = "AzureRM_SecurityRuleSSH"
         priority = 100
         direction = "Inbound"
         access = "Allow"
         protocol = "Tcp"
         source_port_range = "*"
-        destination_port_range = "*"
+        destination_port_range = "22"
         source_address_prefix = "*"
         destination_address_prefix = "*"
     }
-}
\ No newline at end of file
+	
+	security_rule {
+        name = "AzureRM_SecurityRuleOpenVPN"
+        priority = 101
+        direction = "Inbound"
+        access = "Allow"
+        protocol = "Tcp"
+        source_port_range = "*"
+        destination_port_range = "1194"
+        source_address_prefix = "*"
+        destination_address_prefix = "*"
+    }
+	
+	security_rule {
+        name = "AzureRM_SecurityRuleOpenHTTPS"
+        priority = 102
+        direction = "Inbound"
+        access = "Allow"
+        protocol = "Tcp"
+        source_port_range = "*"
+        destination_port_range = "443"
+        source_address_prefix = "*"
+        destination_address_prefix = "*"
+    }
+	
+	security_rule {
+        name = "AzureRM_SecurityRuleOpenHTTP"
+        priority = 103
+        direction = "Inbound"
+        access = "Allow"
+        protocol = "Tcp"
+        source_port_range = "*"
+        destination_port_range = "80"
+        source_address_prefix = "*"
+        destination_address_prefix = "*"
+    }
+}
+
diff --git a/terraform/azurerm/storage.tf b/terraform/azurerm/storage.tf
index 8073d282..a08322e4 100644
--- a/terraform/azurerm/storage.tf
+++ b/terraform/azurerm/storage.tf
@@ -12,4 +12,5 @@ resource "azurerm_storage_container" "storage_container" {
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     storage_account_name = "${azurerm_storage_account.storage_account.name}"
     container_access_type = "private"
-} 
\ No newline at end of file
+} 
+
diff --git a/terraform/azurerm/variables.tf b/terraform/azurerm/variables.tf
index ed2d2995..8f795010 100644
--- a/terraform/azurerm/variables.tf
+++ b/terraform/azurerm/variables.tf
@@ -37,4 +37,29 @@ variable "storage_account_name" {
 variable "storage_container_name" { 
     description = "Storage container name" 
     default = "mesosimages-container" 
-} 
\ No newline at end of file
+} 
+
+variable "instance_type" { 
+	default = { 
+	master = "Standard_A0" 
+	slave  = "Standard_A0" 
+	} 
+} 
+
+variable "bastion_server_computername" { 
+	description = "Username to access server"
+	default = "bastion"
+} 
+
+variable "bastion_server_username" { 
+	description = "Username to access server"
+} 
+
+variable "bastion_server_password" { 
+	description = "Password to access server"
+} 
+  
+variable "masters_count" { 
+	description = "The number of masters." 
+    default = "2" 
+} 
diff --git a/terraform/azurerm/virtual-network-subnet.tf b/terraform/azurerm/virtual-network-subnet.tf
index 5a41df75..133cdedc 100644
--- a/terraform/azurerm/virtual-network-subnet.tf
+++ b/terraform/azurerm/virtual-network-subnet.tf
@@ -1,6 +1,7 @@
+#Create Subnet
 resource "azurerm_subnet" "subnet" {
     name = "AzureRM_Subnet"
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     virtual_network_name = "${azurerm_virtual_network.virtual_network.name}"
     address_prefix = "${var.subnet_cidr_block}"
-}
\ No newline at end of file
+}
diff --git a/terraform/azurerm/virtual-network.tf b/terraform/azurerm/virtual-network.tf
index dde47dda..76e83fb8 100644
--- a/terraform/azurerm/virtual-network.tf
+++ b/terraform/azurerm/virtual-network.tf
@@ -4,4 +4,5 @@ resource "azurerm_virtual_network" "virtual_network" {
   resource_group_name = "${azurerm_resource_group.resource_group.name}"
   address_space       = ["${var.vn_cidr_block}"]
   location            = "${var.region}"
-} 
\ No newline at end of file
+}
+

From 809a9c919ab0e6eb192827612a8a16f09e8a0545 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Fri, 29 Apr 2016 14:42:42 +0100
Subject: [PATCH 06/53] updates and addition of slave server configuration

---
 terraform/azurerm/bastian-publicip.tf         |  7 ---
 ...-publicip.tf => mesos-master-publicips.tf} |  6 ++-
 terraform/azurerm/mesos-masters.tf            | 19 ++++---
 terraform/azurerm/mesos-slave-publicips.tf    | 12 +++++
 terraform/azurerm/mesos-slaves.tf             | 54 +++++++++++++++++++
 terraform/azurerm/variables.tf                | 31 ++++++++++-
 6 files changed, 112 insertions(+), 17 deletions(-)
 delete mode 100644 terraform/azurerm/bastian-publicip.tf
 rename terraform/azurerm/{master-publicip.tf => mesos-master-publicips.tf} (87%)
 create mode 100644 terraform/azurerm/mesos-slave-publicips.tf
 create mode 100644 terraform/azurerm/mesos-slaves.tf

diff --git a/terraform/azurerm/bastian-publicip.tf b/terraform/azurerm/bastian-publicip.tf
deleted file mode 100644
index 0641cdba..00000000
--- a/terraform/azurerm/bastian-publicip.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-#Create Public IP Address for bastian server
-resource "azurerm_public_ip" "bastian_publicip" {
-    name = "BastianPublicIp"
-    location = "${var.region}"
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    public_ip_address_allocation = "static"
-}
\ No newline at end of file
diff --git a/terraform/azurerm/master-publicip.tf b/terraform/azurerm/mesos-master-publicips.tf
similarity index 87%
rename from terraform/azurerm/master-publicip.tf
rename to terraform/azurerm/mesos-master-publicips.tf
index e7630175..3e05ec22 100644
--- a/terraform/azurerm/master-publicip.tf
+++ b/terraform/azurerm/mesos-master-publicips.tf
@@ -1,9 +1,13 @@
+/* 
+
 #Create Public IP Address for master servers
 resource "azurerm_public_ip" "master_publicip" {
     name = "MasterPublicIp-${count.index}" 
-	count = "${var.masters_count}" 
+	count = "${var.master_count}" 
     location = "${var.region}"
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     public_ip_address_allocation = "static"
 }
 
+*/
+
diff --git a/terraform/azurerm/mesos-masters.tf b/terraform/azurerm/mesos-masters.tf
index 54a127f4..ec03f0d1 100644
--- a/terraform/azurerm/mesos-masters.tf
+++ b/terraform/azurerm/mesos-masters.tf
@@ -1,7 +1,9 @@
-# Create a network interface for bastion server
+/*
+
+# Create a network interface for master server
 resource "azurerm_network_interface" "master_network_interface" {
     name = "Master_NetworkInterface-${count.index}" 
-	count = "${var.masters_count}"
+	count = "${var.master_count}"
 	location = "${var.region}"
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
@@ -15,9 +17,9 @@ resource "azurerm_network_interface" "master_network_interface" {
 }
 
 # Master server
-resource "azurerm_virtual_machine" "master" {
+resource "azurerm_virtual_machine" "mesos_master" {
     name = "apollo-mesos-master-${count.index}"
-	count = "${var.masters_count}"
+	count = "${var.master_count}"
     location = "${var.region}"
 	depends_on = ["azurerm_virtual_machine.bastion"]
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
@@ -25,10 +27,10 @@ resource "azurerm_virtual_machine" "master" {
     vm_size = "${var.instance_type.master}"
 
     storage_image_reference {
-    	publisher = "Canonical"
-		offer = "UbuntuServer"
-		sku = "14.04.2-LTS"
-		version = "latest"
+    	publisher = "${var.atlas_artifact_master.publisher}"
+		offer = "${var.atlas_artifact_master.offer}"
+		sku = "${var.atlas_artifact_master.sku}"
+		version = "${var.atlas_artifact_master.version}"
     }
 
     storage_os_disk {
@@ -49,3 +51,4 @@ resource "azurerm_virtual_machine" "master" {
     }
 }
 
+*/
\ No newline at end of file
diff --git a/terraform/azurerm/mesos-slave-publicips.tf b/terraform/azurerm/mesos-slave-publicips.tf
new file mode 100644
index 00000000..080d1bea
--- /dev/null
+++ b/terraform/azurerm/mesos-slave-publicips.tf
@@ -0,0 +1,12 @@
+/*
+
+#Create Public IP Address for slave servers
+resource "azurerm_public_ip" "slave_publicip" {
+    name = "SlavePublicIp-${count.index}" 
+	count = "${var.slave_count}" 
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    public_ip_address_allocation = "static"
+}
+
+*/
diff --git a/terraform/azurerm/mesos-slaves.tf b/terraform/azurerm/mesos-slaves.tf
new file mode 100644
index 00000000..35f4b990
--- /dev/null
+++ b/terraform/azurerm/mesos-slaves.tf
@@ -0,0 +1,54 @@
+/*
+
+# Create a network interface for slave server
+resource "azurerm_network_interface" "slave_network_interface" {
+    name = "Slave_NetworkInterface-${count.index}" 
+	count = "${var.slave_count}"
+	location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
+
+    ip_configuration {
+        name = "slaveipconfiguration-${count.index}"
+        subnet_id = "${azurerm_subnet.subnet.id}"
+        private_ip_address_allocation = "dynamic"
+		public_ip_address_id = "${element(azurerm_public_ip.slave_publicip.*.id, count.index)}"
+    }
+}
+
+# Slave server
+resource "azurerm_virtual_machine" "mesos_slave" {
+    name = "apollo-mesos-slave-${count.index}"
+	count = "${var.slave_count}"
+    location = "${var.region}"
+	depends_on = ["azurerm_virtual_machine.bastion", "azurerm_virtual_machine.mesos_master"]
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    network_interface_ids = ["${element(azurerm_network_interface.slave_network_interface.*.id, count.index)}"] 
+    vm_size = "${var.instance_type.slave}"
+
+    storage_image_reference {
+    	publisher = "${var.atlas_artifact_slave.publisher}"
+		offer = "${var.atlas_artifact_slave.offer}"
+		sku = "${var.atlas_artifact_slave.sku}"
+		version = "${var.atlas_artifact_slave.version}"
+    }
+
+    storage_os_disk {
+        name = "slavedisk${count.index}"
+        vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/slavedisk-${count.index}.vhd"
+        caching = "ReadWrite"
+        create_option = "FromImage"
+    }
+
+    os_profile {
+	computer_name = "Mesos-Slave-${count.index}"
+    	admin_username = "${var.bastion_server_username}"
+    	admin_password = "${var.bastion_server_password}"
+    }
+
+    os_profile_linux_config {
+    disable_password_authentication = false
+    }
+}
+
+*/
\ No newline at end of file
diff --git a/terraform/azurerm/variables.tf b/terraform/azurerm/variables.tf
index 8f795010..52ca2904 100644
--- a/terraform/azurerm/variables.tf
+++ b/terraform/azurerm/variables.tf
@@ -39,6 +39,24 @@ variable "storage_container_name" {
     default = "mesosimages-container" 
 } 
 
+variable "atlas_artifact_master" { 
+	default = { 
+		publisher = ""
+		offer =""
+		"sku" = ""
+		"version" = ""	 
+	}
+} 
+
+variable "atlas_artifact_slave" { 
+	default = { 
+		publisher = ""
+		offer =""
+		"sku" = ""
+		"version" = ""	 
+	}
+} 
+
 variable "instance_type" { 
 	default = { 
 	master = "Standard_A0" 
@@ -59,7 +77,18 @@ variable "bastion_server_password" {
 	description = "Password to access server"
 } 
   
-variable "masters_count" { 
+variable "master_count" { 
 	description = "The number of masters." 
     default = "2" 
 } 
+
+variable "slave_count" { 
+	description = "The number of slaves." 
+    default = "2" 
+} 
+
+variable "docker_version" { 
+	description = "Docker version" 
+	default = "1.9.0-0~trusty" 
+} 
+

From 6b79f6ca7c9c3557cba39fe49678abbde8abe5b5 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Fri, 6 May 2016 09:48:07 +0100
Subject: [PATCH 07/53] update slave references to agent

---
 .../{mesos-slave-publicips.tf => mesos-agent-publicips.tf}        | 0
 terraform/azurerm/{mesos-slaves.tf => mesos-agents.tf}            | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 rename terraform/azurerm/{mesos-slave-publicips.tf => mesos-agent-publicips.tf} (100%)
 rename terraform/azurerm/{mesos-slaves.tf => mesos-agents.tf} (100%)

diff --git a/terraform/azurerm/mesos-slave-publicips.tf b/terraform/azurerm/mesos-agent-publicips.tf
similarity index 100%
rename from terraform/azurerm/mesos-slave-publicips.tf
rename to terraform/azurerm/mesos-agent-publicips.tf
diff --git a/terraform/azurerm/mesos-slaves.tf b/terraform/azurerm/mesos-agents.tf
similarity index 100%
rename from terraform/azurerm/mesos-slaves.tf
rename to terraform/azurerm/mesos-agents.tf

From 57e9c82efde874e3c117e575ef584e3eb99d6ef6 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Mon, 9 May 2016 11:50:59 +0100
Subject: [PATCH 08/53] Updates to run remote execution scripts on server

---
 terraform/azurerm/bastion-server.tf         | 43 ++++++++++++++++--
 terraform/azurerm/mesos-agent-publicips.tf  | 14 +++---
 terraform/azurerm/mesos-agents.tf           | 50 ++++++++++-----------
 terraform/azurerm/mesos-master-publicips.tf |  7 +--
 terraform/azurerm/mesos-masters.tf          | 14 +++---
 terraform/azurerm/variables.tf              | 35 ++++++++++++---
 6 files changed, 102 insertions(+), 61 deletions(-)

diff --git a/terraform/azurerm/bastion-server.tf b/terraform/azurerm/bastion-server.tf
index ca1af2b5..c4d5a7c1 100644
--- a/terraform/azurerm/bastion-server.tf
+++ b/terraform/azurerm/bastion-server.tf
@@ -36,12 +36,47 @@ resource "azurerm_virtual_machine" "bastion" {
     }
 
     os_profile {
-	computer_name = "${var.bastion_server_computername}"
+		computer_name = "${var.bastion_server_computername}"
     	admin_username = "${var.bastion_server_username}"
     	admin_password = "${var.bastion_server_password}"
     }
-
+	
     os_profile_linux_config {
-    disable_password_authentication = false
-    }
+		disable_password_authentication = false
+		
+		/* ssh_keys {
+			path = "/home/${var.bastion_server_username}/.ssh/authorized_keys"
+			key_data = "${file("${var.ssh_public_key_file}")}"
+		} */
+	}
+	
+	provisioner "remote-exec" {
+		
+		connection {
+			host = "${azurerm_public_ip.bastion_publicip.ip_address}"
+			type = "ssh"
+			user = "${var.bastion_server_username}"
+			password = "${var.bastion_server_password}"
+			/* private_key = "${file("${var.ssh_private_key_file}")}" */
+		}
+		
+		inline = [
+				  "sudo iptables -t nat -A POSTROUTING -j MASQUERADE",
+				  "echo 1 | sudo tee /proc/sys/net/ipv4/conf/all/forwarding",
+				  /* Install docker */
+				  /* Add the repository to your APT sources */
+				  "sudo -E sh -c 'echo deb https://apt.dockerproject.org/repo ubuntu-trusty main > /etc/apt/sources.list.d/docker.list'",
+				  /* Then import the repository key */
+				  "sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D",
+				  "sudo apt-get update",
+				  /* Install docker-engine */
+				  "sudo apt-get install -y docker-engine=${var.docker_version}",
+				  "sudo service docker start",
+				  /* Initialize open vpn data container */
+				  "sudo mkdir -p /etc/openvpn",
+				  "sudo docker run --name ovpn-data -v /etc/openvpn busybox",
+				  /* Generate OpenVPN server config */
+				  "sudo docker run --volumes-from ovpn-data --rm gosuri/openvpn ovpn_genconfig -p ${var.vn_cidr_block} -u udp://${azurerm_public_ip.bastion_publicip.id}"
+				] 
+	}
 }
diff --git a/terraform/azurerm/mesos-agent-publicips.tf b/terraform/azurerm/mesos-agent-publicips.tf
index 080d1bea..c7b36b96 100644
--- a/terraform/azurerm/mesos-agent-publicips.tf
+++ b/terraform/azurerm/mesos-agent-publicips.tf
@@ -1,12 +1,8 @@
-/*
-
-#Create Public IP Address for slave servers
-resource "azurerm_public_ip" "slave_publicip" {
-    name = "SlavePublicIp-${count.index}" 
-	count = "${var.slave_count}" 
+#Create Public IP Address for agent servers
+resource "azurerm_public_ip" "agent_publicip" {
+    name = "AgentPublicIp-${count.index}" 
+	count = "${var.agent_count}" 
     location = "${var.region}"
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     public_ip_address_allocation = "static"
-}
-
-*/
+}
\ No newline at end of file
diff --git a/terraform/azurerm/mesos-agents.tf b/terraform/azurerm/mesos-agents.tf
index 35f4b990..2f9637cf 100644
--- a/terraform/azurerm/mesos-agents.tf
+++ b/terraform/azurerm/mesos-agents.tf
@@ -1,54 +1,50 @@
-/*
-
-# Create a network interface for slave server
-resource "azurerm_network_interface" "slave_network_interface" {
-    name = "Slave_NetworkInterface-${count.index}" 
-	count = "${var.slave_count}"
+# Create a network interface for agent server
+resource "azurerm_network_interface" "agent_network_interface" {
+    name = "Agent_NetworkInterface-${count.index}" 
+	count = "${var.agent_count}"
 	location = "${var.region}"
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
 
     ip_configuration {
-        name = "slaveipconfiguration-${count.index}"
+        name = "agentipconfiguration-${count.index}"
         subnet_id = "${azurerm_subnet.subnet.id}"
         private_ip_address_allocation = "dynamic"
-		public_ip_address_id = "${element(azurerm_public_ip.slave_publicip.*.id, count.index)}"
+		public_ip_address_id = "${element(azurerm_public_ip.agent_publicip.*.id, count.index)}"
     }
 }
 
-# Slave server
-resource "azurerm_virtual_machine" "mesos_slave" {
-    name = "apollo-mesos-slave-${count.index}"
-	count = "${var.slave_count}"
+# Agent server
+resource "azurerm_virtual_machine" "mesos_agent" {
+    name = "apollo-mesos-agent-${count.index}"
+	count = "${var.agent_count}"
     location = "${var.region}"
 	depends_on = ["azurerm_virtual_machine.bastion", "azurerm_virtual_machine.mesos_master"]
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    network_interface_ids = ["${element(azurerm_network_interface.slave_network_interface.*.id, count.index)}"] 
-    vm_size = "${var.instance_type.slave}"
+    network_interface_ids = ["${element(azurerm_network_interface.agent_network_interface.*.id, count.index)}"] 
+    vm_size = "${var.instance_type.agent}"
 
     storage_image_reference {
-    	publisher = "${var.atlas_artifact_slave.publisher}"
-		offer = "${var.atlas_artifact_slave.offer}"
-		sku = "${var.atlas_artifact_slave.sku}"
-		version = "${var.atlas_artifact_slave.version}"
+    	publisher = "${var.atlas_artifact_agent.publisher}"
+		offer = "${var.atlas_artifact_agent.offer}"
+		sku = "${var.atlas_artifact_agent.sku}"
+		version = "${var.atlas_artifact_agent.version}"
     }
 
     storage_os_disk {
-        name = "slavedisk${count.index}"
-        vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/slavedisk-${count.index}.vhd"
+        name = "agentdisk${count.index}"
+        vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/agentdisk-${count.index}.vhd"
         caching = "ReadWrite"
         create_option = "FromImage"
     }
 
     os_profile {
-	computer_name = "Mesos-Slave-${count.index}"
-    	admin_username = "${var.bastion_server_username}"
-    	admin_password = "${var.bastion_server_password}"
+		computer_name = "Mesos-Agent-${count.index}"
+    	admin_username = "${var.agent_server_username}"
+    	admin_password = "${var.agent_server_password}"
     }
 
     os_profile_linux_config {
-    disable_password_authentication = false
+		disable_password_authentication = false
     }
-}
-
-*/
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/terraform/azurerm/mesos-master-publicips.tf b/terraform/azurerm/mesos-master-publicips.tf
index 3e05ec22..7aaa3edc 100644
--- a/terraform/azurerm/mesos-master-publicips.tf
+++ b/terraform/azurerm/mesos-master-publicips.tf
@@ -1,5 +1,3 @@
-/* 
-
 #Create Public IP Address for master servers
 resource "azurerm_public_ip" "master_publicip" {
     name = "MasterPublicIp-${count.index}" 
@@ -7,7 +5,4 @@ resource "azurerm_public_ip" "master_publicip" {
     location = "${var.region}"
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     public_ip_address_allocation = "static"
-}
-
-*/
-
+}
\ No newline at end of file
diff --git a/terraform/azurerm/mesos-masters.tf b/terraform/azurerm/mesos-masters.tf
index ec03f0d1..f4d0d7df 100644
--- a/terraform/azurerm/mesos-masters.tf
+++ b/terraform/azurerm/mesos-masters.tf
@@ -1,5 +1,3 @@
-/*
-
 # Create a network interface for master server
 resource "azurerm_network_interface" "master_network_interface" {
     name = "Master_NetworkInterface-${count.index}" 
@@ -41,14 +39,12 @@ resource "azurerm_virtual_machine" "mesos_master" {
     }
 
     os_profile {
-	computer_name = "Mesos-Master-${count.index}"
-    	admin_username = "${var.bastion_server_username}"
-    	admin_password = "${var.bastion_server_password}"
+		computer_name = "Mesos-Master-${count.index}"
+    	admin_username = "${var.master_server_username}"
+    	admin_password = "${var.master_server_password}"
     }
 
     os_profile_linux_config {
-    disable_password_authentication = false
+		disable_password_authentication = false
     }
-}
-
-*/
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/terraform/azurerm/variables.tf b/terraform/azurerm/variables.tf
index 52ca2904..2290fc72 100644
--- a/terraform/azurerm/variables.tf
+++ b/terraform/azurerm/variables.tf
@@ -48,7 +48,7 @@ variable "atlas_artifact_master" {
 	}
 } 
 
-variable "atlas_artifact_slave" { 
+variable "atlas_artifact_agent" { 
 	default = { 
 		publisher = ""
 		offer =""
@@ -60,7 +60,7 @@ variable "atlas_artifact_slave" {
 variable "instance_type" { 
 	default = { 
 	master = "Standard_A0" 
-	slave  = "Standard_A0" 
+	agent  = "Standard_A0" 
 	} 
 } 
 
@@ -76,15 +76,31 @@ variable "bastion_server_username" {
 variable "bastion_server_password" { 
 	description = "Password to access server"
 } 
+
+variable "master_server_username" { 
+	description = "Username to access master server"
+} 
+
+variable "master_server_password" { 
+	description = "Password to access master server"
+} 
+
+variable "agent_server_username" { 
+	description = "Username to access agent server"
+} 
+
+variable "agent_server_password" { 
+	description = "Password to access agent server"
+} 
   
 variable "master_count" { 
 	description = "The number of masters." 
-    default = "2" 
+    default = "1" 
 } 
 
-variable "slave_count" { 
-	description = "The number of slaves." 
-    default = "2" 
+variable "agent_count" { 
+	description = "The number of agents." 
+    default = "1" 
 } 
 
 variable "docker_version" { 
@@ -92,3 +108,10 @@ variable "docker_version" {
 	default = "1.9.0-0~trusty" 
 } 
 
+variable "ssh_public_key_file" { 
+	description = "Public key required to connect via ssh"
+} 
+
+variable "ssh_private_key_file" { 
+	description = "Public key required to connect via ssh"
+} 

From cd19c54e045e47bac9d9d3c7a388a45de4013214 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Tue, 10 May 2016 14:47:45 +0100
Subject: [PATCH 09/53] update remote-exec to use certificate authentication,
 requires Terraform v0.6.16

---
 terraform/azurerm/bastion-server.tf | 25 +++++++++++--------------
 1 file changed, 11 insertions(+), 14 deletions(-)

diff --git a/terraform/azurerm/bastion-server.tf b/terraform/azurerm/bastion-server.tf
index c4d5a7c1..bb478e1c 100644
--- a/terraform/azurerm/bastion-server.tf
+++ b/terraform/azurerm/bastion-server.tf
@@ -42,24 +42,21 @@ resource "azurerm_virtual_machine" "bastion" {
     }
 	
     os_profile_linux_config {
-		disable_password_authentication = false
+		disable_password_authentication = true
 		
-		/* ssh_keys {
+		ssh_keys {
 			path = "/home/${var.bastion_server_username}/.ssh/authorized_keys"
-			key_data = "${file("${var.ssh_public_key_file}")}"
-		} */
+			key_data = "${file("${var.ssh_public_key_file}")}" # openssh format 
+		}
+	}
+	
+	connection {
+		host = "${azurerm_public_ip.bastion_publicip.ip_address}"
+		user = "${var.bastion_server_username}"
+		private_key = "${file("${var.ssh_private_key_file}")}" # openssh format 
 	}
 	
 	provisioner "remote-exec" {
-		
-		connection {
-			host = "${azurerm_public_ip.bastion_publicip.ip_address}"
-			type = "ssh"
-			user = "${var.bastion_server_username}"
-			password = "${var.bastion_server_password}"
-			/* private_key = "${file("${var.ssh_private_key_file}")}" */
-		}
-		
 		inline = [
 				  "sudo iptables -t nat -A POSTROUTING -j MASQUERADE",
 				  "echo 1 | sudo tee /proc/sys/net/ipv4/conf/all/forwarding",
@@ -79,4 +76,4 @@ resource "azurerm_virtual_machine" "bastion" {
 				  "sudo docker run --volumes-from ovpn-data --rm gosuri/openvpn ovpn_genconfig -p ${var.vn_cidr_block} -u udp://${azurerm_public_ip.bastion_publicip.id}"
 				] 
 	}
-}
+}
\ No newline at end of file

From 5274c5b9ebfcd65cbd06bce4b74b816e2933dd39 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Wed, 27 Apr 2016 11:33:46 +0100
Subject: [PATCH 10/53] Add new azure resorce manager branch and privider
 terraform file

---
 terraform/azure_rmprovider/provider.tf | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 terraform/azure_rmprovider/provider.tf

diff --git a/terraform/azure_rmprovider/provider.tf b/terraform/azure_rmprovider/provider.tf
new file mode 100644
index 00000000..3cf279d8
--- /dev/null
+++ b/terraform/azure_rmprovider/provider.tf
@@ -0,0 +1,9 @@
+/* Configure auth 2 resource manager authentication. This requires an aplication to be set up in Azure, see
+https://www.terraform.io/docs/providers/azurerm/index.html fo details. */
+
+provider "azurerm" {
+  subscription_id = "${var.subscription_id}"
+  client_id       = "${var.client_id}"
+  client_secret   = "${var.client_secret}"
+  tenant_id       = "${var.tenant_id}"
+}
\ No newline at end of file

From 929821085906c8ed4b62f26127d35b3aea3f3e3a Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Wed, 27 Apr 2016 12:23:32 +0100
Subject: [PATCH 11/53] Addition of terraform variables file

---
 terraform/azure_rmprovider/variables.tf | 28 +++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 terraform/azure_rmprovider/variables.tf

diff --git a/terraform/azure_rmprovider/variables.tf b/terraform/azure_rmprovider/variables.tf
new file mode 100644
index 00000000..ec761415
--- /dev/null
+++ b/terraform/azure_rmprovider/variables.tf
@@ -0,0 +1,28 @@
+variable "subscription_id" { 
+	description = "The Azure subscrition identifier (guid)." 
+} 
+
+variable "client_id" { 
+	description = "The oAuth 2 client id. " 
+} 
+
+variable "client_secret" { 
+	description = "The oAuth 2 client secret." 
+}
+
+variable "tenant_id" { 
+	description = "The oAuth 2 tenant id." 
+}
+
+variable "location" { 
+	description = "The deployment azure data centre location." 
+}
+
+variable "vn_cidr_block" { 
+	description = "Cidr block for the VN." 
+} 
+ 
+variable "subnet_cidr_block" { 
+	description = "CIDR for private subnet" 
+} 
+

From 63028d13c883c822b6115083a803e95a8613a33a Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Wed, 27 Apr 2016 12:30:09 +0100
Subject: [PATCH 12/53] Rename folder to azurerm

---
 terraform/{azure_rmprovider => azurerm}/provider.tf  | 0
 terraform/{azure_rmprovider => azurerm}/variables.tf | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 rename terraform/{azure_rmprovider => azurerm}/provider.tf (100%)
 rename terraform/{azure_rmprovider => azurerm}/variables.tf (100%)

diff --git a/terraform/azure_rmprovider/provider.tf b/terraform/azurerm/provider.tf
similarity index 100%
rename from terraform/azure_rmprovider/provider.tf
rename to terraform/azurerm/provider.tf
diff --git a/terraform/azure_rmprovider/variables.tf b/terraform/azurerm/variables.tf
similarity index 100%
rename from terraform/azure_rmprovider/variables.tf
rename to terraform/azurerm/variables.tf

From f778e8304ef97bd44d4d2f8a3e733aebae1cd506 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 28 Apr 2016 10:32:42 +0100
Subject: [PATCH 13/53] Addition of virtual network and storage account

---
 terraform/azurerm/bastian-publicip.tf       |  7 +++++++
 terraform/azurerm/network-security-group.tf | 18 ++++++++++++++++++
 terraform/azurerm/resourcegroup.tf          |  5 +++++
 terraform/azurerm/storage.tf                | 15 +++++++++++++++
 terraform/azurerm/variables.tf              | 14 +++++++++++++-
 terraform/azurerm/virtual-network-subnet.tf |  6 ++++++
 terraform/azurerm/virtual-network.tf        |  7 +++++++
 7 files changed, 71 insertions(+), 1 deletion(-)
 create mode 100644 terraform/azurerm/bastian-publicip.tf
 create mode 100644 terraform/azurerm/network-security-group.tf
 create mode 100644 terraform/azurerm/resourcegroup.tf
 create mode 100644 terraform/azurerm/storage.tf
 create mode 100644 terraform/azurerm/virtual-network-subnet.tf
 create mode 100644 terraform/azurerm/virtual-network.tf

diff --git a/terraform/azurerm/bastian-publicip.tf b/terraform/azurerm/bastian-publicip.tf
new file mode 100644
index 00000000..0641cdba
--- /dev/null
+++ b/terraform/azurerm/bastian-publicip.tf
@@ -0,0 +1,7 @@
+#Create Public IP Address for bastian server
+resource "azurerm_public_ip" "bastian_publicip" {
+    name = "BastianPublicIp"
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    public_ip_address_allocation = "static"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/network-security-group.tf b/terraform/azurerm/network-security-group.tf
new file mode 100644
index 00000000..726c92bc
--- /dev/null
+++ b/terraform/azurerm/network-security-group.tf
@@ -0,0 +1,18 @@
+#Create Network Security Group
+resource "azurerm_network_security_group" "network_security_group" {
+    name = "AzureRM_NetworkSecurityGroup"
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+
+    security_rule {
+        name = "AzureRM_SecurityRuleTcp"
+        priority = 100
+        direction = "Inbound"
+        access = "Allow"
+        protocol = "Tcp"
+        source_port_range = "*"
+        destination_port_range = "*"
+        source_address_prefix = "*"
+        destination_address_prefix = "*"
+    }
+}
\ No newline at end of file
diff --git a/terraform/azurerm/resourcegroup.tf b/terraform/azurerm/resourcegroup.tf
new file mode 100644
index 00000000..e066efd5
--- /dev/null
+++ b/terraform/azurerm/resourcegroup.tf
@@ -0,0 +1,5 @@
+# Create a resource group
+resource "azurerm_resource_group" "resource_group" {
+    name     = "AzureRM-Resource-Group"
+    location = "${var.region}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/storage.tf b/terraform/azurerm/storage.tf
new file mode 100644
index 00000000..8073d282
--- /dev/null
+++ b/terraform/azurerm/storage.tf
@@ -0,0 +1,15 @@
+# Create a storage account
+resource "azurerm_storage_account" "storage_account" {
+    name = "${var.storage_account_name}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    location = "${var.region}"
+    account_type = "Standard_GRS"
+}
+
+# Create storage container
+resource "azurerm_storage_container" "storage_container" {
+    name = "${var.storage_container_name}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    storage_account_name = "${azurerm_storage_account.storage_account.name}"
+    container_access_type = "private"
+} 
\ No newline at end of file
diff --git a/terraform/azurerm/variables.tf b/terraform/azurerm/variables.tf
index ec761415..ed2d2995 100644
--- a/terraform/azurerm/variables.tf
+++ b/terraform/azurerm/variables.tf
@@ -14,15 +14,27 @@ variable "tenant_id" {
 	description = "The oAuth 2 tenant id." 
 }
 
-variable "location" { 
+variable "region" { 
 	description = "The deployment azure data centre location." 
+	default = "North Europe"
 }
 
 variable "vn_cidr_block" { 
 	description = "Cidr block for the VN." 
+	default = "10.0.0.0/16"
 } 
  
 variable "subnet_cidr_block" { 
 	description = "CIDR for private subnet" 
+	default     = "10.0.0.0/24"
 } 
 
+variable "storage_account_name" { 
+    description = "Storage account name" 
+    default = "mesosimages" 
+} 
+
+variable "storage_container_name" { 
+    description = "Storage container name" 
+    default = "mesosimages-container" 
+} 
\ No newline at end of file
diff --git a/terraform/azurerm/virtual-network-subnet.tf b/terraform/azurerm/virtual-network-subnet.tf
new file mode 100644
index 00000000..5a41df75
--- /dev/null
+++ b/terraform/azurerm/virtual-network-subnet.tf
@@ -0,0 +1,6 @@
+resource "azurerm_subnet" "subnet" {
+    name = "AzureRM_Subnet"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    virtual_network_name = "${azurerm_virtual_network.virtual_network.name}"
+    address_prefix = "${var.subnet_cidr_block}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/virtual-network.tf b/terraform/azurerm/virtual-network.tf
new file mode 100644
index 00000000..dde47dda
--- /dev/null
+++ b/terraform/azurerm/virtual-network.tf
@@ -0,0 +1,7 @@
+# Create a virtual network
+resource "azurerm_virtual_network" "virtual_network" {
+  name                = "AzureRM-Virtual-Network"
+  resource_group_name = "${azurerm_resource_group.resource_group.name}"
+  address_space       = ["${var.vn_cidr_block}"]
+  location            = "${var.region}"
+} 
\ No newline at end of file

From 88c2bd85b8d58c5f45c5fe6ef49be646f0616753 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 28 Apr 2016 17:01:37 +0100
Subject: [PATCH 14/53] Addition bastion server and master servers
 configuration

---
 terraform/azurerm/bastion-publicip.tf       |  7 +++
 terraform/azurerm/bastion-server.tf         | 47 +++++++++++++++++++
 terraform/azurerm/master-publicip.tf        |  9 ++++
 terraform/azurerm/mesos-masters.tf          | 51 +++++++++++++++++++++
 terraform/azurerm/network-security-group.tf | 43 +++++++++++++++--
 terraform/azurerm/storage.tf                |  3 +-
 terraform/azurerm/variables.tf              | 27 ++++++++++-
 terraform/azurerm/virtual-network-subnet.tf |  3 +-
 terraform/azurerm/virtual-network.tf        |  3 +-
 9 files changed, 186 insertions(+), 7 deletions(-)
 create mode 100644 terraform/azurerm/bastion-publicip.tf
 create mode 100644 terraform/azurerm/bastion-server.tf
 create mode 100644 terraform/azurerm/master-publicip.tf
 create mode 100644 terraform/azurerm/mesos-masters.tf

diff --git a/terraform/azurerm/bastion-publicip.tf b/terraform/azurerm/bastion-publicip.tf
new file mode 100644
index 00000000..4dfa65eb
--- /dev/null
+++ b/terraform/azurerm/bastion-publicip.tf
@@ -0,0 +1,7 @@
+#Create Public IP Address for bastion server
+resource "azurerm_public_ip" "bastion_publicip" {
+    name = "BastionPublicIp"
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    public_ip_address_allocation = "static"
+}
diff --git a/terraform/azurerm/bastion-server.tf b/terraform/azurerm/bastion-server.tf
new file mode 100644
index 00000000..ca1af2b5
--- /dev/null
+++ b/terraform/azurerm/bastion-server.tf
@@ -0,0 +1,47 @@
+# Create a network interface for bastion server
+resource "azurerm_network_interface" "bastion_network_interface" {
+    name = "Bastion_NetworkInterface"
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
+
+    ip_configuration {
+        name = "bastionipconfiguration"
+        subnet_id = "${azurerm_subnet.subnet.id}"
+        private_ip_address_allocation = "dynamic"
+		public_ip_address_id = "${azurerm_public_ip.bastion_publicip.id}"
+    }
+}
+
+# NAT/VPN server
+resource "azurerm_virtual_machine" "bastion" {
+    name = "apollo-bastion"
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    network_interface_ids = ["${azurerm_network_interface.bastion_network_interface.id}"]
+    vm_size = "${var.instance_type.master}"
+
+    storage_image_reference {
+    	publisher = "Canonical"
+		offer = "UbuntuServer"
+		sku = "14.04.2-LTS"
+		version = "latest"
+    }
+
+    storage_os_disk {
+        name = "bastiondisk"
+        vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/bastiondisk.vhd"
+        caching = "ReadWrite"
+        create_option = "FromImage"
+    }
+
+    os_profile {
+	computer_name = "${var.bastion_server_computername}"
+    	admin_username = "${var.bastion_server_username}"
+    	admin_password = "${var.bastion_server_password}"
+    }
+
+    os_profile_linux_config {
+    disable_password_authentication = false
+    }
+}
diff --git a/terraform/azurerm/master-publicip.tf b/terraform/azurerm/master-publicip.tf
new file mode 100644
index 00000000..e7630175
--- /dev/null
+++ b/terraform/azurerm/master-publicip.tf
@@ -0,0 +1,9 @@
+#Create Public IP Address for master servers
+resource "azurerm_public_ip" "master_publicip" {
+    name = "MasterPublicIp-${count.index}" 
+	count = "${var.masters_count}" 
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    public_ip_address_allocation = "static"
+}
+
diff --git a/terraform/azurerm/mesos-masters.tf b/terraform/azurerm/mesos-masters.tf
new file mode 100644
index 00000000..54a127f4
--- /dev/null
+++ b/terraform/azurerm/mesos-masters.tf
@@ -0,0 +1,51 @@
+# Create a network interface for bastion server
+resource "azurerm_network_interface" "master_network_interface" {
+    name = "Master_NetworkInterface-${count.index}" 
+	count = "${var.masters_count}"
+	location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
+
+    ip_configuration {
+        name = "masteripconfiguration-${count.index}"
+        subnet_id = "${azurerm_subnet.subnet.id}"
+        private_ip_address_allocation = "dynamic"
+		public_ip_address_id = "${element(azurerm_public_ip.master_publicip.*.id, count.index)}"
+    }
+}
+
+# Master server
+resource "azurerm_virtual_machine" "master" {
+    name = "apollo-mesos-master-${count.index}"
+	count = "${var.masters_count}"
+    location = "${var.region}"
+	depends_on = ["azurerm_virtual_machine.bastion"]
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    network_interface_ids = ["${element(azurerm_network_interface.master_network_interface.*.id, count.index)}"] 
+    vm_size = "${var.instance_type.master}"
+
+    storage_image_reference {
+    	publisher = "Canonical"
+		offer = "UbuntuServer"
+		sku = "14.04.2-LTS"
+		version = "latest"
+    }
+
+    storage_os_disk {
+        name = "masterdisk${count.index}"
+        vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/masterdisk-${count.index}.vhd"
+        caching = "ReadWrite"
+        create_option = "FromImage"
+    }
+
+    os_profile {
+	computer_name = "Mesos-Master-${count.index}"
+    	admin_username = "${var.bastion_server_username}"
+    	admin_password = "${var.bastion_server_password}"
+    }
+
+    os_profile_linux_config {
+    disable_password_authentication = false
+    }
+}
+
diff --git a/terraform/azurerm/network-security-group.tf b/terraform/azurerm/network-security-group.tf
index 726c92bc..7e2ee982 100644
--- a/terraform/azurerm/network-security-group.tf
+++ b/terraform/azurerm/network-security-group.tf
@@ -5,14 +5,51 @@ resource "azurerm_network_security_group" "network_security_group" {
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
 
     security_rule {
-        name = "AzureRM_SecurityRuleTcp"
+        name = "AzureRM_SecurityRuleSSH"
         priority = 100
         direction = "Inbound"
         access = "Allow"
         protocol = "Tcp"
         source_port_range = "*"
-        destination_port_range = "*"
+        destination_port_range = "22"
         source_address_prefix = "*"
         destination_address_prefix = "*"
     }
-}
\ No newline at end of file
+	
+	security_rule {
+        name = "AzureRM_SecurityRuleOpenVPN"
+        priority = 101
+        direction = "Inbound"
+        access = "Allow"
+        protocol = "Tcp"
+        source_port_range = "*"
+        destination_port_range = "1194"
+        source_address_prefix = "*"
+        destination_address_prefix = "*"
+    }
+	
+	security_rule {
+        name = "AzureRM_SecurityRuleOpenHTTPS"
+        priority = 102
+        direction = "Inbound"
+        access = "Allow"
+        protocol = "Tcp"
+        source_port_range = "*"
+        destination_port_range = "443"
+        source_address_prefix = "*"
+        destination_address_prefix = "*"
+    }
+	
+	security_rule {
+        name = "AzureRM_SecurityRuleOpenHTTP"
+        priority = 103
+        direction = "Inbound"
+        access = "Allow"
+        protocol = "Tcp"
+        source_port_range = "*"
+        destination_port_range = "80"
+        source_address_prefix = "*"
+        destination_address_prefix = "*"
+    }
+}
+
diff --git a/terraform/azurerm/storage.tf b/terraform/azurerm/storage.tf
index 8073d282..a08322e4 100644
--- a/terraform/azurerm/storage.tf
+++ b/terraform/azurerm/storage.tf
@@ -12,4 +12,5 @@ resource "azurerm_storage_container" "storage_container" {
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     storage_account_name = "${azurerm_storage_account.storage_account.name}"
     container_access_type = "private"
-} 
\ No newline at end of file
+} 
+
diff --git a/terraform/azurerm/variables.tf b/terraform/azurerm/variables.tf
index ed2d2995..8f795010 100644
--- a/terraform/azurerm/variables.tf
+++ b/terraform/azurerm/variables.tf
@@ -37,4 +37,29 @@ variable "storage_account_name" {
 variable "storage_container_name" { 
     description = "Storage container name" 
     default = "mesosimages-container" 
-} 
\ No newline at end of file
+} 
+
+variable "instance_type" { 
+	default = { 
+	master = "Standard_A0" 
+	slave  = "Standard_A0" 
+	} 
+} 
+
+variable "bastion_server_computername" { 
+	description = "Username to access server"
+	default = "bastion"
+} 
+
+variable "bastion_server_username" { 
+	description = "Username to access server"
+} 
+
+variable "bastion_server_password" { 
+	description = "Password to access server"
+} 
+  
+variable "masters_count" { 
+	description = "The number of masters." 
+    default = "2" 
+} 
diff --git a/terraform/azurerm/virtual-network-subnet.tf b/terraform/azurerm/virtual-network-subnet.tf
index 5a41df75..133cdedc 100644
--- a/terraform/azurerm/virtual-network-subnet.tf
+++ b/terraform/azurerm/virtual-network-subnet.tf
@@ -1,6 +1,7 @@
+#Create Subnet
 resource "azurerm_subnet" "subnet" {
     name = "AzureRM_Subnet"
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     virtual_network_name = "${azurerm_virtual_network.virtual_network.name}"
     address_prefix = "${var.subnet_cidr_block}"
-}
\ No newline at end of file
+}
diff --git a/terraform/azurerm/virtual-network.tf b/terraform/azurerm/virtual-network.tf
index dde47dda..76e83fb8 100644
--- a/terraform/azurerm/virtual-network.tf
+++ b/terraform/azurerm/virtual-network.tf
@@ -4,4 +4,5 @@ resource "azurerm_virtual_network" "virtual_network" {
   resource_group_name = "${azurerm_resource_group.resource_group.name}"
   address_space       = ["${var.vn_cidr_block}"]
   location            = "${var.region}"
-} 
\ No newline at end of file
+}
+

From 974d0faee203f77276aa2c35eba6670a504951eb Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Fri, 29 Apr 2016 14:42:42 +0100
Subject: [PATCH 15/53] updates and addition of slave server configuration

---
 terraform/azurerm/bastian-publicip.tf         |  7 ---
 ...-publicip.tf => mesos-master-publicips.tf} |  6 ++-
 terraform/azurerm/mesos-masters.tf            | 19 ++++---
 terraform/azurerm/mesos-slave-publicips.tf    | 12 +++++
 terraform/azurerm/mesos-slaves.tf             | 54 +++++++++++++++++++
 terraform/azurerm/variables.tf                | 31 ++++++++++-
 6 files changed, 112 insertions(+), 17 deletions(-)
 delete mode 100644 terraform/azurerm/bastian-publicip.tf
 rename terraform/azurerm/{master-publicip.tf => mesos-master-publicips.tf} (87%)
 create mode 100644 terraform/azurerm/mesos-slave-publicips.tf
 create mode 100644 terraform/azurerm/mesos-slaves.tf

diff --git a/terraform/azurerm/bastian-publicip.tf b/terraform/azurerm/bastian-publicip.tf
deleted file mode 100644
index 0641cdba..00000000
--- a/terraform/azurerm/bastian-publicip.tf
+++ /dev/null
@@ -1,7 +0,0 @@
-#Create Public IP Address for bastian server
-resource "azurerm_public_ip" "bastian_publicip" {
-    name = "BastianPublicIp"
-    location = "${var.region}"
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    public_ip_address_allocation = "static"
-}
\ No newline at end of file
diff --git a/terraform/azurerm/master-publicip.tf b/terraform/azurerm/mesos-master-publicips.tf
similarity index 87%
rename from terraform/azurerm/master-publicip.tf
rename to terraform/azurerm/mesos-master-publicips.tf
index e7630175..3e05ec22 100644
--- a/terraform/azurerm/master-publicip.tf
+++ b/terraform/azurerm/mesos-master-publicips.tf
@@ -1,9 +1,13 @@
+/* 
+
 #Create Public IP Address for master servers
 resource "azurerm_public_ip" "master_publicip" {
     name = "MasterPublicIp-${count.index}" 
-	count = "${var.masters_count}" 
+	count = "${var.master_count}" 
     location = "${var.region}"
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     public_ip_address_allocation = "static"
 }
 
+*/
+
diff --git a/terraform/azurerm/mesos-masters.tf b/terraform/azurerm/mesos-masters.tf
index 54a127f4..ec03f0d1 100644
--- a/terraform/azurerm/mesos-masters.tf
+++ b/terraform/azurerm/mesos-masters.tf
@@ -1,7 +1,9 @@
-# Create a network interface for bastion server
+/*
+
+# Create a network interface for master server
 resource "azurerm_network_interface" "master_network_interface" {
     name = "Master_NetworkInterface-${count.index}" 
-	count = "${var.masters_count}"
+	count = "${var.master_count}"
 	location = "${var.region}"
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
@@ -15,9 +17,9 @@ resource "azurerm_network_interface" "master_network_interface" {
 }
 
 # Master server
-resource "azurerm_virtual_machine" "master" {
+resource "azurerm_virtual_machine" "mesos_master" {
     name = "apollo-mesos-master-${count.index}"
-	count = "${var.masters_count}"
+	count = "${var.master_count}"
     location = "${var.region}"
 	depends_on = ["azurerm_virtual_machine.bastion"]
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
@@ -25,10 +27,10 @@ resource "azurerm_virtual_machine" "master" {
     vm_size = "${var.instance_type.master}"
 
     storage_image_reference {
-    	publisher = "Canonical"
-		offer = "UbuntuServer"
-		sku = "14.04.2-LTS"
-		version = "latest"
+    	publisher = "${var.atlas_artifact_master.publisher}"
+		offer = "${var.atlas_artifact_master.offer}"
+		sku = "${var.atlas_artifact_master.sku}"
+		version = "${var.atlas_artifact_master.version}"
     }
 
     storage_os_disk {
@@ -49,3 +51,4 @@ resource "azurerm_virtual_machine" "master" {
     }
 }
 
+*/
\ No newline at end of file
diff --git a/terraform/azurerm/mesos-slave-publicips.tf b/terraform/azurerm/mesos-slave-publicips.tf
new file mode 100644
index 00000000..080d1bea
--- /dev/null
+++ b/terraform/azurerm/mesos-slave-publicips.tf
@@ -0,0 +1,12 @@
+/*
+
+#Create Public IP Address for slave servers
+resource "azurerm_public_ip" "slave_publicip" {
+    name = "SlavePublicIp-${count.index}" 
+	count = "${var.slave_count}" 
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    public_ip_address_allocation = "static"
+}
+
+*/
diff --git a/terraform/azurerm/mesos-slaves.tf b/terraform/azurerm/mesos-slaves.tf
new file mode 100644
index 00000000..35f4b990
--- /dev/null
+++ b/terraform/azurerm/mesos-slaves.tf
@@ -0,0 +1,54 @@
+/*
+
+# Create a network interface for slave server
+resource "azurerm_network_interface" "slave_network_interface" {
+    name = "Slave_NetworkInterface-${count.index}" 
+	count = "${var.slave_count}"
+	location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
+
+    ip_configuration {
+        name = "slaveipconfiguration-${count.index}"
+        subnet_id = "${azurerm_subnet.subnet.id}"
+        private_ip_address_allocation = "dynamic"
+		public_ip_address_id = "${element(azurerm_public_ip.slave_publicip.*.id, count.index)}"
+    }
+}
+
+# Slave server
+resource "azurerm_virtual_machine" "mesos_slave" {
+    name = "apollo-mesos-slave-${count.index}"
+	count = "${var.slave_count}"
+    location = "${var.region}"
+	depends_on = ["azurerm_virtual_machine.bastion", "azurerm_virtual_machine.mesos_master"]
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+    network_interface_ids = ["${element(azurerm_network_interface.slave_network_interface.*.id, count.index)}"] 
+    vm_size = "${var.instance_type.slave}"
+
+    storage_image_reference {
+    	publisher = "${var.atlas_artifact_slave.publisher}"
+		offer = "${var.atlas_artifact_slave.offer}"
+		sku = "${var.atlas_artifact_slave.sku}"
+		version = "${var.atlas_artifact_slave.version}"
+    }
+
+    storage_os_disk {
+        name = "slavedisk${count.index}"
+        vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/slavedisk-${count.index}.vhd"
+        caching = "ReadWrite"
+        create_option = "FromImage"
+    }
+
+    os_profile {
+	computer_name = "Mesos-Slave-${count.index}"
+    	admin_username = "${var.bastion_server_username}"
+    	admin_password = "${var.bastion_server_password}"
+    }
+
+    os_profile_linux_config {
+    disable_password_authentication = false
+    }
+}
+
+*/
\ No newline at end of file
diff --git a/terraform/azurerm/variables.tf b/terraform/azurerm/variables.tf
index 8f795010..52ca2904 100644
--- a/terraform/azurerm/variables.tf
+++ b/terraform/azurerm/variables.tf
@@ -39,6 +39,24 @@ variable "storage_container_name" {
     default = "mesosimages-container" 
 } 
 
+variable "atlas_artifact_master" { 
+	default = { 
+		publisher = ""
+		offer =""
+		"sku" = ""
+		"version" = ""	 
+	}
+} 
+
+variable "atlas_artifact_slave" { 
+	default = { 
+		publisher = ""
+		offer =""
+		"sku" = ""
+		"version" = ""	 
+	}
+} 
+
 variable "instance_type" { 
 	default = { 
 	master = "Standard_A0" 
@@ -59,7 +77,18 @@ variable "bastion_server_password" {
 	description = "Password to access server"
 } 
   
-variable "masters_count" { 
+variable "master_count" { 
 	description = "The number of masters." 
     default = "2" 
 } 
+
+variable "slave_count" { 
+	description = "The number of slaves." 
+    default = "2" 
+} 
+
+variable "docker_version" { 
+	description = "Docker version" 
+	default = "1.9.0-0~trusty" 
+} 
+

From d8e04d65fc64dd0659a87aa02da31c908f54c861 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Fri, 6 May 2016 09:48:07 +0100
Subject: [PATCH 16/53] update slave references to agent

---
 .../{mesos-slave-publicips.tf => mesos-agent-publicips.tf}        | 0
 terraform/azurerm/{mesos-slaves.tf => mesos-agents.tf}            | 0
 2 files changed, 0 insertions(+), 0 deletions(-)
 rename terraform/azurerm/{mesos-slave-publicips.tf => mesos-agent-publicips.tf} (100%)
 rename terraform/azurerm/{mesos-slaves.tf => mesos-agents.tf} (100%)

diff --git a/terraform/azurerm/mesos-slave-publicips.tf b/terraform/azurerm/mesos-agent-publicips.tf
similarity index 100%
rename from terraform/azurerm/mesos-slave-publicips.tf
rename to terraform/azurerm/mesos-agent-publicips.tf
diff --git a/terraform/azurerm/mesos-slaves.tf b/terraform/azurerm/mesos-agents.tf
similarity index 100%
rename from terraform/azurerm/mesos-slaves.tf
rename to terraform/azurerm/mesos-agents.tf

From 15cda480f0eeee75def7fe1ce80ef6f60f14410a Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Mon, 9 May 2016 11:50:59 +0100
Subject: [PATCH 17/53] Updates to run remote execution scripts on server

---
 terraform/azurerm/bastion-server.tf         | 43 ++++++++++++++++--
 terraform/azurerm/mesos-agent-publicips.tf  | 14 +++---
 terraform/azurerm/mesos-agents.tf           | 50 ++++++++++-----------
 terraform/azurerm/mesos-master-publicips.tf |  7 +--
 terraform/azurerm/mesos-masters.tf          | 14 +++---
 terraform/azurerm/variables.tf              | 35 ++++++++++++---
 6 files changed, 102 insertions(+), 61 deletions(-)

diff --git a/terraform/azurerm/bastion-server.tf b/terraform/azurerm/bastion-server.tf
index ca1af2b5..c4d5a7c1 100644
--- a/terraform/azurerm/bastion-server.tf
+++ b/terraform/azurerm/bastion-server.tf
@@ -36,12 +36,47 @@ resource "azurerm_virtual_machine" "bastion" {
     }
 
     os_profile {
-	computer_name = "${var.bastion_server_computername}"
+		computer_name = "${var.bastion_server_computername}"
     	admin_username = "${var.bastion_server_username}"
     	admin_password = "${var.bastion_server_password}"
     }
-
+	
     os_profile_linux_config {
-    disable_password_authentication = false
-    }
+		disable_password_authentication = false
+		
+		/* ssh_keys {
+			path = "/home/${var.bastion_server_username}/.ssh/authorized_keys"
+			key_data = "${file("${var.ssh_public_key_file}")}"
+		} */
+	}
+	
+	provisioner "remote-exec" {
+		
+		connection {
+			host = "${azurerm_public_ip.bastion_publicip.ip_address}"
+			type = "ssh"
+			user = "${var.bastion_server_username}"
+			password = "${var.bastion_server_password}"
+			/* private_key = "${file("${var.ssh_private_key_file}")}" */
+		}
+		
+		inline = [
+				  "sudo iptables -t nat -A POSTROUTING -j MASQUERADE",
+				  "echo 1 | sudo tee /proc/sys/net/ipv4/conf/all/forwarding",
+				  /* Install docker */
+				  /* Add the repository to your APT sources */
+				  "sudo -E sh -c 'echo deb https://apt.dockerproject.org/repo ubuntu-trusty main > /etc/apt/sources.list.d/docker.list'",
+				  /* Then import the repository key */
+				  "sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D",
+				  "sudo apt-get update",
+				  /* Install docker-engine */
+				  "sudo apt-get install -y docker-engine=${var.docker_version}",
+				  "sudo service docker start",
+				  /* Initialize open vpn data container */
+				  "sudo mkdir -p /etc/openvpn",
+				  "sudo docker run --name ovpn-data -v /etc/openvpn busybox",
+				  /* Generate OpenVPN server config */
+				  "sudo docker run --volumes-from ovpn-data --rm gosuri/openvpn ovpn_genconfig -p ${var.vn_cidr_block} -u udp://${azurerm_public_ip.bastion_publicip.id}"
+				] 
+	}
 }
diff --git a/terraform/azurerm/mesos-agent-publicips.tf b/terraform/azurerm/mesos-agent-publicips.tf
index 080d1bea..c7b36b96 100644
--- a/terraform/azurerm/mesos-agent-publicips.tf
+++ b/terraform/azurerm/mesos-agent-publicips.tf
@@ -1,12 +1,8 @@
-/*
-
-#Create Public IP Address for slave servers
-resource "azurerm_public_ip" "slave_publicip" {
-    name = "SlavePublicIp-${count.index}" 
-	count = "${var.slave_count}" 
+#Create Public IP Address for agent servers
+resource "azurerm_public_ip" "agent_publicip" {
+    name = "AgentPublicIp-${count.index}" 
+	count = "${var.agent_count}" 
     location = "${var.region}"
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     public_ip_address_allocation = "static"
-}
-
-*/
+}
\ No newline at end of file
diff --git a/terraform/azurerm/mesos-agents.tf b/terraform/azurerm/mesos-agents.tf
index 35f4b990..2f9637cf 100644
--- a/terraform/azurerm/mesos-agents.tf
+++ b/terraform/azurerm/mesos-agents.tf
@@ -1,54 +1,50 @@
-/*
-
-# Create a network interface for slave server
-resource "azurerm_network_interface" "slave_network_interface" {
-    name = "Slave_NetworkInterface-${count.index}" 
-	count = "${var.slave_count}"
+# Create a network interface for agent server
+resource "azurerm_network_interface" "agent_network_interface" {
+    name = "Agent_NetworkInterface-${count.index}" 
+	count = "${var.agent_count}"
 	location = "${var.region}"
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
 
     ip_configuration {
-        name = "slaveipconfiguration-${count.index}"
+        name = "agentipconfiguration-${count.index}"
         subnet_id = "${azurerm_subnet.subnet.id}"
         private_ip_address_allocation = "dynamic"
-		public_ip_address_id = "${element(azurerm_public_ip.slave_publicip.*.id, count.index)}"
+		public_ip_address_id = "${element(azurerm_public_ip.agent_publicip.*.id, count.index)}"
     }
 }
 
-# Slave server
-resource "azurerm_virtual_machine" "mesos_slave" {
-    name = "apollo-mesos-slave-${count.index}"
-	count = "${var.slave_count}"
+# Agent server
+resource "azurerm_virtual_machine" "mesos_agent" {
+    name = "apollo-mesos-agent-${count.index}"
+	count = "${var.agent_count}"
     location = "${var.region}"
 	depends_on = ["azurerm_virtual_machine.bastion", "azurerm_virtual_machine.mesos_master"]
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    network_interface_ids = ["${element(azurerm_network_interface.slave_network_interface.*.id, count.index)}"] 
-    vm_size = "${var.instance_type.slave}"
+    network_interface_ids = ["${element(azurerm_network_interface.agent_network_interface.*.id, count.index)}"] 
+    vm_size = "${var.instance_type.agent}"
 
     storage_image_reference {
-    	publisher = "${var.atlas_artifact_slave.publisher}"
-		offer = "${var.atlas_artifact_slave.offer}"
-		sku = "${var.atlas_artifact_slave.sku}"
-		version = "${var.atlas_artifact_slave.version}"
+    	publisher = "${var.atlas_artifact_agent.publisher}"
+		offer = "${var.atlas_artifact_agent.offer}"
+		sku = "${var.atlas_artifact_agent.sku}"
+		version = "${var.atlas_artifact_agent.version}"
     }
 
     storage_os_disk {
-        name = "slavedisk${count.index}"
-        vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/slavedisk-${count.index}.vhd"
+        name = "agentdisk${count.index}"
+        vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/agentdisk-${count.index}.vhd"
         caching = "ReadWrite"
         create_option = "FromImage"
     }
 
     os_profile {
-	computer_name = "Mesos-Slave-${count.index}"
-    	admin_username = "${var.bastion_server_username}"
-    	admin_password = "${var.bastion_server_password}"
+		computer_name = "Mesos-Agent-${count.index}"
+    	admin_username = "${var.agent_server_username}"
+    	admin_password = "${var.agent_server_password}"
     }
 
     os_profile_linux_config {
-    disable_password_authentication = false
+		disable_password_authentication = false
     }
-}
-
-*/
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/terraform/azurerm/mesos-master-publicips.tf b/terraform/azurerm/mesos-master-publicips.tf
index 3e05ec22..7aaa3edc 100644
--- a/terraform/azurerm/mesos-master-publicips.tf
+++ b/terraform/azurerm/mesos-master-publicips.tf
@@ -1,5 +1,3 @@
-/* 
-
 #Create Public IP Address for master servers
 resource "azurerm_public_ip" "master_publicip" {
     name = "MasterPublicIp-${count.index}" 
@@ -7,7 +5,4 @@ resource "azurerm_public_ip" "master_publicip" {
     location = "${var.region}"
     resource_group_name = "${azurerm_resource_group.resource_group.name}"
     public_ip_address_allocation = "static"
-}
-
-*/
-
+}
\ No newline at end of file
diff --git a/terraform/azurerm/mesos-masters.tf b/terraform/azurerm/mesos-masters.tf
index ec03f0d1..f4d0d7df 100644
--- a/terraform/azurerm/mesos-masters.tf
+++ b/terraform/azurerm/mesos-masters.tf
@@ -1,5 +1,3 @@
-/*
-
 # Create a network interface for master server
 resource "azurerm_network_interface" "master_network_interface" {
     name = "Master_NetworkInterface-${count.index}" 
@@ -41,14 +39,12 @@ resource "azurerm_virtual_machine" "mesos_master" {
     }
 
     os_profile {
-	computer_name = "Mesos-Master-${count.index}"
-    	admin_username = "${var.bastion_server_username}"
-    	admin_password = "${var.bastion_server_password}"
+		computer_name = "Mesos-Master-${count.index}"
+    	admin_username = "${var.master_server_username}"
+    	admin_password = "${var.master_server_password}"
     }
 
     os_profile_linux_config {
-    disable_password_authentication = false
+		disable_password_authentication = false
     }
-}
-
-*/
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/terraform/azurerm/variables.tf b/terraform/azurerm/variables.tf
index 52ca2904..2290fc72 100644
--- a/terraform/azurerm/variables.tf
+++ b/terraform/azurerm/variables.tf
@@ -48,7 +48,7 @@ variable "atlas_artifact_master" {
 	}
 } 
 
-variable "atlas_artifact_slave" { 
+variable "atlas_artifact_agent" { 
 	default = { 
 		publisher = ""
 		offer =""
@@ -60,7 +60,7 @@ variable "atlas_artifact_slave" {
 variable "instance_type" { 
 	default = { 
 	master = "Standard_A0" 
-	slave  = "Standard_A0" 
+	agent  = "Standard_A0" 
 	} 
 } 
 
@@ -76,15 +76,31 @@ variable "bastion_server_username" {
 variable "bastion_server_password" { 
 	description = "Password to access server"
 } 
+
+variable "master_server_username" { 
+	description = "Username to access master server"
+} 
+
+variable "master_server_password" { 
+	description = "Password to access master server"
+} 
+
+variable "agent_server_username" { 
+	description = "Username to access agent server"
+} 
+
+variable "agent_server_password" { 
+	description = "Password to access agent server"
+} 
   
 variable "master_count" { 
 	description = "The number of masters." 
-    default = "2" 
+    default = "1" 
 } 
 
-variable "slave_count" { 
-	description = "The number of slaves." 
-    default = "2" 
+variable "agent_count" { 
+	description = "The number of agents." 
+    default = "1" 
 } 
 
 variable "docker_version" { 
@@ -92,3 +108,10 @@ variable "docker_version" {
 	default = "1.9.0-0~trusty" 
 } 
 
+variable "ssh_public_key_file" { 
+	description = "Public key required to connect via ssh"
+} 
+
+variable "ssh_private_key_file" { 
+	description = "Public key required to connect via ssh"
+} 

From be8a3d44ea13a977cd2e5a03708cf9f086c810e3 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Tue, 10 May 2016 14:47:45 +0100
Subject: [PATCH 18/53] update remote-exec to use certificate authentication,
 requires Terraform v0.6.16

---
 terraform/azurerm/bastion-server.tf | 25 +++++++++++--------------
 1 file changed, 11 insertions(+), 14 deletions(-)

diff --git a/terraform/azurerm/bastion-server.tf b/terraform/azurerm/bastion-server.tf
index c4d5a7c1..bb478e1c 100644
--- a/terraform/azurerm/bastion-server.tf
+++ b/terraform/azurerm/bastion-server.tf
@@ -42,24 +42,21 @@ resource "azurerm_virtual_machine" "bastion" {
     }
 	
     os_profile_linux_config {
-		disable_password_authentication = false
+		disable_password_authentication = true
 		
-		/* ssh_keys {
+		ssh_keys {
 			path = "/home/${var.bastion_server_username}/.ssh/authorized_keys"
-			key_data = "${file("${var.ssh_public_key_file}")}"
-		} */
+			key_data = "${file("${var.ssh_public_key_file}")}" # openssh format 
+		}
+	}
+	
+	connection {
+		host = "${azurerm_public_ip.bastion_publicip.ip_address}"
+		user = "${var.bastion_server_username}"
+		private_key = "${file("${var.ssh_private_key_file}")}" # openssh format 
 	}
 	
 	provisioner "remote-exec" {
-		
-		connection {
-			host = "${azurerm_public_ip.bastion_publicip.ip_address}"
-			type = "ssh"
-			user = "${var.bastion_server_username}"
-			password = "${var.bastion_server_password}"
-			/* private_key = "${file("${var.ssh_private_key_file}")}" */
-		}
-		
 		inline = [
 				  "sudo iptables -t nat -A POSTROUTING -j MASQUERADE",
 				  "echo 1 | sudo tee /proc/sys/net/ipv4/conf/all/forwarding",
@@ -79,4 +76,4 @@ resource "azurerm_virtual_machine" "bastion" {
 				  "sudo docker run --volumes-from ovpn-data --rm gosuri/openvpn ovpn_genconfig -p ${var.vn_cidr_block} -u udp://${azurerm_public_ip.bastion_publicip.id}"
 				] 
 	}
-}
+}
\ No newline at end of file

From 92f594a0f0185c3df6b391ac6deb73b3c99fa857 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Tue, 10 May 2016 16:57:27 +0100
Subject: [PATCH 19/53] Clean up formatting

---
 terraform/azurerm/bastion-publicip.tf       |  8 +-
 terraform/azurerm/bastion-server.tf         | 62 +++++++-------
 terraform/azurerm/mesos-agent-publicips.tf  |  8 +-
 terraform/azurerm/mesos-agents.tf           | 28 +++---
 terraform/azurerm/mesos-master-publicips.tf |  8 +-
 terraform/azurerm/mesos-masters.tf          | 56 ++++++------
 terraform/azurerm/network-security-group.tf | 94 ++++++++++-----------
 terraform/azurerm/provider.tf               |  8 +-
 terraform/azurerm/resourcegroup.tf          |  4 +-
 terraform/azurerm/storage.tf                | 16 ++--
 terraform/azurerm/virtual-network-subnet.tf |  8 +-
 terraform/azurerm/virtual-network.tf        |  8 +-
 12 files changed, 154 insertions(+), 154 deletions(-)

diff --git a/terraform/azurerm/bastion-publicip.tf b/terraform/azurerm/bastion-publicip.tf
index 4dfa65eb..d171ad12 100644
--- a/terraform/azurerm/bastion-publicip.tf
+++ b/terraform/azurerm/bastion-publicip.tf
@@ -1,7 +1,7 @@
 #Create Public IP Address for bastion server
 resource "azurerm_public_ip" "bastion_publicip" {
-    name = "BastionPublicIp"
-    location = "${var.region}"
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    public_ip_address_allocation = "static"
+	name = "BastionPublicIp"
+	location = "${var.region}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	public_ip_address_allocation = "static"
 }
diff --git a/terraform/azurerm/bastion-server.tf b/terraform/azurerm/bastion-server.tf
index bb478e1c..dc1d5bf6 100644
--- a/terraform/azurerm/bastion-server.tf
+++ b/terraform/azurerm/bastion-server.tf
@@ -1,47 +1,47 @@
 # Create a network interface for bastion server
 resource "azurerm_network_interface" "bastion_network_interface" {
-    name = "Bastion_NetworkInterface"
-    location = "${var.region}"
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
+	name = "Bastion_NetworkInterface"
+	location = "${var.region}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
 
-    ip_configuration {
-        name = "bastionipconfiguration"
-        subnet_id = "${azurerm_subnet.subnet.id}"
-        private_ip_address_allocation = "dynamic"
+	ip_configuration {
+		name = "bastionipconfiguration"
+		subnet_id = "${azurerm_subnet.subnet.id}"
+		private_ip_address_allocation = "dynamic"
 		public_ip_address_id = "${azurerm_public_ip.bastion_publicip.id}"
-    }
+	}
 }
 
 # NAT/VPN server
 resource "azurerm_virtual_machine" "bastion" {
-    name = "apollo-bastion"
-    location = "${var.region}"
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    network_interface_ids = ["${azurerm_network_interface.bastion_network_interface.id}"]
-    vm_size = "${var.instance_type.master}"
+	name = "apollo-bastion"
+	location = "${var.region}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	network_interface_ids = ["${azurerm_network_interface.bastion_network_interface.id}"]
+	vm_size = "${var.instance_type.master}"
 
-    storage_image_reference {
-    	publisher = "Canonical"
+	storage_image_reference {
+		publisher = "Canonical"
 		offer = "UbuntuServer"
 		sku = "14.04.2-LTS"
 		version = "latest"
-    }
+	}
 
-    storage_os_disk {
-        name = "bastiondisk"
-        vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/bastiondisk.vhd"
-        caching = "ReadWrite"
-        create_option = "FromImage"
-    }
+	storage_os_disk {
+		name = "bastiondisk"
+		vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/bastiondisk.vhd"
+		caching = "ReadWrite"
+		create_option = "FromImage"
+	}
 
-    os_profile {
+	os_profile {
 		computer_name = "${var.bastion_server_computername}"
-    	admin_username = "${var.bastion_server_username}"
-    	admin_password = "${var.bastion_server_password}"
-    }
-	
-    os_profile_linux_config {
+		admin_username = "${var.bastion_server_username}"
+		admin_password = "${var.bastion_server_password}"
+	}
+
+	os_profile_linux_config {
 		disable_password_authentication = true
 		
 		ssh_keys {
@@ -49,13 +49,13 @@ resource "azurerm_virtual_machine" "bastion" {
 			key_data = "${file("${var.ssh_public_key_file}")}" # openssh format 
 		}
 	}
-	
+
 	connection {
 		host = "${azurerm_public_ip.bastion_publicip.ip_address}"
 		user = "${var.bastion_server_username}"
 		private_key = "${file("${var.ssh_private_key_file}")}" # openssh format 
 	}
-	
+
 	provisioner "remote-exec" {
 		inline = [
 				  "sudo iptables -t nat -A POSTROUTING -j MASQUERADE",
diff --git a/terraform/azurerm/mesos-agent-publicips.tf b/terraform/azurerm/mesos-agent-publicips.tf
index c7b36b96..f23960f8 100644
--- a/terraform/azurerm/mesos-agent-publicips.tf
+++ b/terraform/azurerm/mesos-agent-publicips.tf
@@ -1,8 +1,8 @@
 #Create Public IP Address for agent servers
 resource "azurerm_public_ip" "agent_publicip" {
-    name = "AgentPublicIp-${count.index}" 
+	name = "AgentPublicIp-${count.index}" 
 	count = "${var.agent_count}" 
-    location = "${var.region}"
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    public_ip_address_allocation = "static"
+	location = "${var.region}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	public_ip_address_allocation = "static"
 }
\ No newline at end of file
diff --git a/terraform/azurerm/mesos-agents.tf b/terraform/azurerm/mesos-agents.tf
index 2f9637cf..686c92a3 100644
--- a/terraform/azurerm/mesos-agents.tf
+++ b/terraform/azurerm/mesos-agents.tf
@@ -1,31 +1,31 @@
 # Create a network interface for agent server
 resource "azurerm_network_interface" "agent_network_interface" {
-    name = "Agent_NetworkInterface-${count.index}" 
+	name = "Agent_NetworkInterface-${count.index}" 
 	count = "${var.agent_count}"
 	location = "${var.region}"
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
 
-    ip_configuration {
-        name = "agentipconfiguration-${count.index}"
-        subnet_id = "${azurerm_subnet.subnet.id}"
-        private_ip_address_allocation = "dynamic"
+	ip_configuration {
+		name = "agentipconfiguration-${count.index}"
+		subnet_id = "${azurerm_subnet.subnet.id}"
+		private_ip_address_allocation = "dynamic"
 		public_ip_address_id = "${element(azurerm_public_ip.agent_publicip.*.id, count.index)}"
-    }
+	}
 }
 
 # Agent server
 resource "azurerm_virtual_machine" "mesos_agent" {
-    name = "apollo-mesos-agent-${count.index}"
+	name = "apollo-mesos-agent-${count.index}"
 	count = "${var.agent_count}"
-    location = "${var.region}"
+	location = "${var.region}"
 	depends_on = ["azurerm_virtual_machine.bastion", "azurerm_virtual_machine.mesos_master"]
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    network_interface_ids = ["${element(azurerm_network_interface.agent_network_interface.*.id, count.index)}"] 
-    vm_size = "${var.instance_type.agent}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	network_interface_ids = ["${element(azurerm_network_interface.agent_network_interface.*.id, count.index)}"] 
+	vm_size = "${var.instance_type.agent}"
 
     storage_image_reference {
-    	publisher = "${var.atlas_artifact_agent.publisher}"
+		publisher = "${var.atlas_artifact_agent.publisher}"
 		offer = "${var.atlas_artifact_agent.offer}"
 		sku = "${var.atlas_artifact_agent.sku}"
 		version = "${var.atlas_artifact_agent.version}"
diff --git a/terraform/azurerm/mesos-master-publicips.tf b/terraform/azurerm/mesos-master-publicips.tf
index 7aaa3edc..0cdb1286 100644
--- a/terraform/azurerm/mesos-master-publicips.tf
+++ b/terraform/azurerm/mesos-master-publicips.tf
@@ -1,8 +1,8 @@
 #Create Public IP Address for master servers
 resource "azurerm_public_ip" "master_publicip" {
-    name = "MasterPublicIp-${count.index}" 
+	name = "MasterPublicIp-${count.index}" 
 	count = "${var.master_count}" 
-    location = "${var.region}"
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    public_ip_address_allocation = "static"
+	location = "${var.region}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	public_ip_address_allocation = "static"
 }
\ No newline at end of file
diff --git a/terraform/azurerm/mesos-masters.tf b/terraform/azurerm/mesos-masters.tf
index f4d0d7df..0254254d 100644
--- a/terraform/azurerm/mesos-masters.tf
+++ b/terraform/azurerm/mesos-masters.tf
@@ -1,50 +1,50 @@
 # Create a network interface for master server
 resource "azurerm_network_interface" "master_network_interface" {
-    name = "Master_NetworkInterface-${count.index}" 
+	name = "Master_NetworkInterface-${count.index}" 
 	count = "${var.master_count}"
 	location = "${var.region}"
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
 
-    ip_configuration {
-        name = "masteripconfiguration-${count.index}"
-        subnet_id = "${azurerm_subnet.subnet.id}"
-        private_ip_address_allocation = "dynamic"
+	ip_configuration {
+		name = "masteripconfiguration-${count.index}"
+		subnet_id = "${azurerm_subnet.subnet.id}"
+		private_ip_address_allocation = "dynamic"
 		public_ip_address_id = "${element(azurerm_public_ip.master_publicip.*.id, count.index)}"
-    }
+	}
 }
 
 # Master server
 resource "azurerm_virtual_machine" "mesos_master" {
-    name = "apollo-mesos-master-${count.index}"
+	name = "apollo-mesos-master-${count.index}"
 	count = "${var.master_count}"
-    location = "${var.region}"
+	location = "${var.region}"
 	depends_on = ["azurerm_virtual_machine.bastion"]
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    network_interface_ids = ["${element(azurerm_network_interface.master_network_interface.*.id, count.index)}"] 
-    vm_size = "${var.instance_type.master}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	network_interface_ids = ["${element(azurerm_network_interface.master_network_interface.*.id, count.index)}"] 
+	vm_size = "${var.instance_type.master}"
 
-    storage_image_reference {
-    	publisher = "${var.atlas_artifact_master.publisher}"
+	storage_image_reference {
+		publisher = "${var.atlas_artifact_master.publisher}"
 		offer = "${var.atlas_artifact_master.offer}"
 		sku = "${var.atlas_artifact_master.sku}"
 		version = "${var.atlas_artifact_master.version}"
-    }
+	}
 
-    storage_os_disk {
-        name = "masterdisk${count.index}"
-        vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/masterdisk-${count.index}.vhd"
-        caching = "ReadWrite"
-        create_option = "FromImage"
-    }
+	storage_os_disk {
+		name = "masterdisk${count.index}"
+		vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/masterdisk-${count.index}.vhd"
+		caching = "ReadWrite"
+		create_option = "FromImage"
+	}
 
-    os_profile {
+	os_profile {
 		computer_name = "Mesos-Master-${count.index}"
-    	admin_username = "${var.master_server_username}"
-    	admin_password = "${var.master_server_password}"
-    }
+		admin_username = "${var.master_server_username}"
+		admin_password = "${var.master_server_password}"
+	}
 
-    os_profile_linux_config {
+	os_profile_linux_config {
 		disable_password_authentication = false
-    }
+	}
 }
\ No newline at end of file
diff --git a/terraform/azurerm/network-security-group.tf b/terraform/azurerm/network-security-group.tf
index 7e2ee982..1f63e8da 100644
--- a/terraform/azurerm/network-security-group.tf
+++ b/terraform/azurerm/network-security-group.tf
@@ -1,55 +1,55 @@
 #Create Network Security Group
 resource "azurerm_network_security_group" "network_security_group" {
-    name = "AzureRM_NetworkSecurityGroup"
-    location = "${var.region}"
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	name = "AzureRM_NetworkSecurityGroup"
+	location = "${var.region}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
 
-    security_rule {
-        name = "AzureRM_SecurityRuleSSH"
-        priority = 100
-        direction = "Inbound"
-        access = "Allow"
-        protocol = "Tcp"
-        source_port_range = "*"
-        destination_port_range = "22"
-        source_address_prefix = "*"
-        destination_address_prefix = "*"
-    }
-	
 	security_rule {
-        name = "AzureRM_SecurityRuleOpenVPN"
-        priority = 101
-        direction = "Inbound"
-        access = "Allow"
-        protocol = "Tcp"
-        source_port_range = "*"
-        destination_port_range = "1194"
-        source_address_prefix = "*"
-        destination_address_prefix = "*"
-    }
-	
+		name = "AzureRM_SecurityRuleSSH"
+		priority = 100
+		direction = "Inbound"
+		access = "Allow"
+		protocol = "Tcp"
+		source_port_range = "*"
+		destination_port_range = "22"
+		source_address_prefix = "*"
+		destination_address_prefix = "*"
+	}
+
+	security_rule {
+		name = "AzureRM_SecurityRuleOpenVPN"
+		priority = 101
+		direction = "Inbound"
+		access = "Allow"
+		protocol = "Tcp"
+		source_port_range = "*"
+		destination_port_range = "1194"
+		source_address_prefix = "*"
+		destination_address_prefix = "*"
+	}
+
 	security_rule {
-        name = "AzureRM_SecurityRuleOpenHTTPS"
-        priority = 102
-        direction = "Inbound"
-        access = "Allow"
-        protocol = "Tcp"
-        source_port_range = "*"
-        destination_port_range = "443"
-        source_address_prefix = "*"
-        destination_address_prefix = "*"
-    }
-	
+		name = "AzureRM_SecurityRuleOpenHTTPS"
+		priority = 102
+		direction = "Inbound"
+		access = "Allow"
+		protocol = "Tcp"
+		source_port_range = "*"
+		destination_port_range = "443"
+		source_address_prefix = "*"
+		destination_address_prefix = "*"
+	}
+
 	security_rule {
-        name = "AzureRM_SecurityRuleOpenHTTP"
-        priority = 103
-        direction = "Inbound"
-        access = "Allow"
-        protocol = "Tcp"
-        source_port_range = "*"
-        destination_port_range = "80"
-        source_address_prefix = "*"
-        destination_address_prefix = "*"
-    }
+		name = "AzureRM_SecurityRuleOpenHTTP"
+		priority = 103
+		direction = "Inbound"
+		access = "Allow"
+		protocol = "Tcp"
+		source_port_range = "*"
+		destination_port_range = "80"
+		source_address_prefix = "*"
+		destination_address_prefix = "*"
+	}
 }
 
diff --git a/terraform/azurerm/provider.tf b/terraform/azurerm/provider.tf
index 3cf279d8..66fd5ba1 100644
--- a/terraform/azurerm/provider.tf
+++ b/terraform/azurerm/provider.tf
@@ -2,8 +2,8 @@
 https://www.terraform.io/docs/providers/azurerm/index.html fo details. */
 
 provider "azurerm" {
-  subscription_id = "${var.subscription_id}"
-  client_id       = "${var.client_id}"
-  client_secret   = "${var.client_secret}"
-  tenant_id       = "${var.tenant_id}"
+	subscription_id = "${var.subscription_id}"
+	client_id       = "${var.client_id}"
+	client_secret   = "${var.client_secret}"
+	tenant_id       = "${var.tenant_id}"
 }
\ No newline at end of file
diff --git a/terraform/azurerm/resourcegroup.tf b/terraform/azurerm/resourcegroup.tf
index e066efd5..5616309f 100644
--- a/terraform/azurerm/resourcegroup.tf
+++ b/terraform/azurerm/resourcegroup.tf
@@ -1,5 +1,5 @@
 # Create a resource group
 resource "azurerm_resource_group" "resource_group" {
-    name     = "AzureRM-Resource-Group"
-    location = "${var.region}"
+	name     = "AzureRM-Resource-Group"
+	location = "${var.region}"
 }
\ No newline at end of file
diff --git a/terraform/azurerm/storage.tf b/terraform/azurerm/storage.tf
index a08322e4..8c39f7c0 100644
--- a/terraform/azurerm/storage.tf
+++ b/terraform/azurerm/storage.tf
@@ -1,16 +1,16 @@
 # Create a storage account
 resource "azurerm_storage_account" "storage_account" {
-    name = "${var.storage_account_name}"
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    location = "${var.region}"
-    account_type = "Standard_GRS"
+	name = "${var.storage_account_name}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	location = "${var.region}"
+	account_type = "Standard_GRS"
 }
 
 # Create storage container
 resource "azurerm_storage_container" "storage_container" {
-    name = "${var.storage_container_name}"
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    storage_account_name = "${azurerm_storage_account.storage_account.name}"
-    container_access_type = "private"
+	name = "${var.storage_container_name}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	storage_account_name = "${azurerm_storage_account.storage_account.name}"
+	container_access_type = "private"
 } 
 
diff --git a/terraform/azurerm/virtual-network-subnet.tf b/terraform/azurerm/virtual-network-subnet.tf
index 133cdedc..83a5ec25 100644
--- a/terraform/azurerm/virtual-network-subnet.tf
+++ b/terraform/azurerm/virtual-network-subnet.tf
@@ -1,7 +1,7 @@
 #Create Subnet
 resource "azurerm_subnet" "subnet" {
-    name = "AzureRM_Subnet"
-    resource_group_name = "${azurerm_resource_group.resource_group.name}"
-    virtual_network_name = "${azurerm_virtual_network.virtual_network.name}"
-    address_prefix = "${var.subnet_cidr_block}"
+	name = "AzureRM_Subnet"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	virtual_network_name = "${azurerm_virtual_network.virtual_network.name}"
+	address_prefix = "${var.subnet_cidr_block}"
 }
diff --git a/terraform/azurerm/virtual-network.tf b/terraform/azurerm/virtual-network.tf
index 76e83fb8..ad860517 100644
--- a/terraform/azurerm/virtual-network.tf
+++ b/terraform/azurerm/virtual-network.tf
@@ -1,8 +1,8 @@
 # Create a virtual network
 resource "azurerm_virtual_network" "virtual_network" {
-  name                = "AzureRM-Virtual-Network"
-  resource_group_name = "${azurerm_resource_group.resource_group.name}"
-  address_space       = ["${var.vn_cidr_block}"]
-  location            = "${var.region}"
+	name                = "AzureRM-Virtual-Network"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	address_space       = ["${var.vn_cidr_block}"]
+	location            = "${var.region}"
 }
 

From 522d7c70af0117f9ded6dc2e7a44242250edcf95 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Tue, 10 May 2016 17:06:03 +0100
Subject: [PATCH 20/53] Clean up formatting

---
 terraform/azurerm/bastion-server.tf |  2 +-
 terraform/azurerm/mesos-agents.tf   | 32 ++++++++++++++---------------
 2 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/terraform/azurerm/bastion-server.tf b/terraform/azurerm/bastion-server.tf
index dc1d5bf6..777d5981 100644
--- a/terraform/azurerm/bastion-server.tf
+++ b/terraform/azurerm/bastion-server.tf
@@ -74,6 +74,6 @@ resource "azurerm_virtual_machine" "bastion" {
 				  "sudo docker run --name ovpn-data -v /etc/openvpn busybox",
 				  /* Generate OpenVPN server config */
 				  "sudo docker run --volumes-from ovpn-data --rm gosuri/openvpn ovpn_genconfig -p ${var.vn_cidr_block} -u udp://${azurerm_public_ip.bastion_publicip.id}"
-				] 
+			] 
 	}
 }
\ No newline at end of file
diff --git a/terraform/azurerm/mesos-agents.tf b/terraform/azurerm/mesos-agents.tf
index 686c92a3..de027fa8 100644
--- a/terraform/azurerm/mesos-agents.tf
+++ b/terraform/azurerm/mesos-agents.tf
@@ -24,27 +24,27 @@ resource "azurerm_virtual_machine" "mesos_agent" {
 	network_interface_ids = ["${element(azurerm_network_interface.agent_network_interface.*.id, count.index)}"] 
 	vm_size = "${var.instance_type.agent}"
 
-    storage_image_reference {
+	storage_image_reference {
 		publisher = "${var.atlas_artifact_agent.publisher}"
 		offer = "${var.atlas_artifact_agent.offer}"
 		sku = "${var.atlas_artifact_agent.sku}"
-		version = "${var.atlas_artifact_agent.version}"
-    }
-
-    storage_os_disk {
-        name = "agentdisk${count.index}"
-        vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/agentdisk-${count.index}.vhd"
-        caching = "ReadWrite"
-        create_option = "FromImage"
-    }
+		version = "${var.atlas_artifact_agent.version}"	
+	}
+	
+	storage_os_disk {
+        	name = "agentdisk${count.index}"
+        	vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/agentdisk-${count.index}.vhd"
+        	caching = "ReadWrite"
+        	create_option = "FromImage"
+    	}
 
-    os_profile {
+    	os_profile {
 		computer_name = "Mesos-Agent-${count.index}"
-    	admin_username = "${var.agent_server_username}"
-    	admin_password = "${var.agent_server_password}"
-    }
+    		admin_username = "${var.agent_server_username}"
+    		admin_password = "${var.agent_server_password}"
+    	}
 
-    os_profile_linux_config {
+    	os_profile_linux_config {
 		disable_password_authentication = false
-    }
+    	}
 }
\ No newline at end of file

From c0f64c7cdfceba22c12d97a47df204e5e8700d10 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Tue, 10 May 2016 17:08:43 +0100
Subject: [PATCH 21/53] Clean up formatting

---
 terraform/azurerm/variables.tf | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/terraform/azurerm/variables.tf b/terraform/azurerm/variables.tf
index 2290fc72..5047df43 100644
--- a/terraform/azurerm/variables.tf
+++ b/terraform/azurerm/variables.tf
@@ -30,13 +30,13 @@ variable "subnet_cidr_block" {
 } 
 
 variable "storage_account_name" { 
-    description = "Storage account name" 
-    default = "mesosimages" 
+    	description = "Storage account name" 
+    	default = "mesosimages" 
 } 
 
 variable "storage_container_name" { 
-    description = "Storage container name" 
-    default = "mesosimages-container" 
+    	description = "Storage container name" 
+    	default = "mesosimages-container" 
 } 
 
 variable "atlas_artifact_master" { 
@@ -95,12 +95,12 @@ variable "agent_server_password" {
   
 variable "master_count" { 
 	description = "The number of masters." 
-    default = "1" 
+    	default = "1" 
 } 
 
 variable "agent_count" { 
 	description = "The number of agents." 
-    default = "1" 
+    	default = "1" 
 } 
 
 variable "docker_version" { 

From 7f35c1e2fc6e5662bb11a641c4cc238d996a1b52 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Mon, 16 May 2016 10:57:51 +0100
Subject: [PATCH 22/53] Move into 'private-cloud' folder

---
 terraform/azurerm/{ => private-cloud}/bastion-publicip.tf       | 0
 terraform/azurerm/{ => private-cloud}/bastion-server.tf         | 0
 terraform/azurerm/{ => private-cloud}/mesos-agent-publicips.tf  | 0
 terraform/azurerm/{ => private-cloud}/mesos-agents.tf           | 0
 terraform/azurerm/{ => private-cloud}/mesos-master-publicips.tf | 0
 terraform/azurerm/{ => private-cloud}/mesos-masters.tf          | 0
 terraform/azurerm/{ => private-cloud}/network-security-group.tf | 0
 terraform/azurerm/{ => private-cloud}/provider.tf               | 0
 terraform/azurerm/{ => private-cloud}/resourcegroup.tf          | 0
 terraform/azurerm/{ => private-cloud}/storage.tf                | 0
 terraform/azurerm/{ => private-cloud}/variables.tf              | 0
 terraform/azurerm/{ => private-cloud}/virtual-network-subnet.tf | 0
 terraform/azurerm/{ => private-cloud}/virtual-network.tf        | 0
 13 files changed, 0 insertions(+), 0 deletions(-)
 rename terraform/azurerm/{ => private-cloud}/bastion-publicip.tf (100%)
 rename terraform/azurerm/{ => private-cloud}/bastion-server.tf (100%)
 rename terraform/azurerm/{ => private-cloud}/mesos-agent-publicips.tf (100%)
 rename terraform/azurerm/{ => private-cloud}/mesos-agents.tf (100%)
 rename terraform/azurerm/{ => private-cloud}/mesos-master-publicips.tf (100%)
 rename terraform/azurerm/{ => private-cloud}/mesos-masters.tf (100%)
 rename terraform/azurerm/{ => private-cloud}/network-security-group.tf (100%)
 rename terraform/azurerm/{ => private-cloud}/provider.tf (100%)
 rename terraform/azurerm/{ => private-cloud}/resourcegroup.tf (100%)
 rename terraform/azurerm/{ => private-cloud}/storage.tf (100%)
 rename terraform/azurerm/{ => private-cloud}/variables.tf (100%)
 rename terraform/azurerm/{ => private-cloud}/virtual-network-subnet.tf (100%)
 rename terraform/azurerm/{ => private-cloud}/virtual-network.tf (100%)

diff --git a/terraform/azurerm/bastion-publicip.tf b/terraform/azurerm/private-cloud/bastion-publicip.tf
similarity index 100%
rename from terraform/azurerm/bastion-publicip.tf
rename to terraform/azurerm/private-cloud/bastion-publicip.tf
diff --git a/terraform/azurerm/bastion-server.tf b/terraform/azurerm/private-cloud/bastion-server.tf
similarity index 100%
rename from terraform/azurerm/bastion-server.tf
rename to terraform/azurerm/private-cloud/bastion-server.tf
diff --git a/terraform/azurerm/mesos-agent-publicips.tf b/terraform/azurerm/private-cloud/mesos-agent-publicips.tf
similarity index 100%
rename from terraform/azurerm/mesos-agent-publicips.tf
rename to terraform/azurerm/private-cloud/mesos-agent-publicips.tf
diff --git a/terraform/azurerm/mesos-agents.tf b/terraform/azurerm/private-cloud/mesos-agents.tf
similarity index 100%
rename from terraform/azurerm/mesos-agents.tf
rename to terraform/azurerm/private-cloud/mesos-agents.tf
diff --git a/terraform/azurerm/mesos-master-publicips.tf b/terraform/azurerm/private-cloud/mesos-master-publicips.tf
similarity index 100%
rename from terraform/azurerm/mesos-master-publicips.tf
rename to terraform/azurerm/private-cloud/mesos-master-publicips.tf
diff --git a/terraform/azurerm/mesos-masters.tf b/terraform/azurerm/private-cloud/mesos-masters.tf
similarity index 100%
rename from terraform/azurerm/mesos-masters.tf
rename to terraform/azurerm/private-cloud/mesos-masters.tf
diff --git a/terraform/azurerm/network-security-group.tf b/terraform/azurerm/private-cloud/network-security-group.tf
similarity index 100%
rename from terraform/azurerm/network-security-group.tf
rename to terraform/azurerm/private-cloud/network-security-group.tf
diff --git a/terraform/azurerm/provider.tf b/terraform/azurerm/private-cloud/provider.tf
similarity index 100%
rename from terraform/azurerm/provider.tf
rename to terraform/azurerm/private-cloud/provider.tf
diff --git a/terraform/azurerm/resourcegroup.tf b/terraform/azurerm/private-cloud/resourcegroup.tf
similarity index 100%
rename from terraform/azurerm/resourcegroup.tf
rename to terraform/azurerm/private-cloud/resourcegroup.tf
diff --git a/terraform/azurerm/storage.tf b/terraform/azurerm/private-cloud/storage.tf
similarity index 100%
rename from terraform/azurerm/storage.tf
rename to terraform/azurerm/private-cloud/storage.tf
diff --git a/terraform/azurerm/variables.tf b/terraform/azurerm/private-cloud/variables.tf
similarity index 100%
rename from terraform/azurerm/variables.tf
rename to terraform/azurerm/private-cloud/variables.tf
diff --git a/terraform/azurerm/virtual-network-subnet.tf b/terraform/azurerm/private-cloud/virtual-network-subnet.tf
similarity index 100%
rename from terraform/azurerm/virtual-network-subnet.tf
rename to terraform/azurerm/private-cloud/virtual-network-subnet.tf
diff --git a/terraform/azurerm/virtual-network.tf b/terraform/azurerm/private-cloud/virtual-network.tf
similarity index 100%
rename from terraform/azurerm/virtual-network.tf
rename to terraform/azurerm/private-cloud/virtual-network.tf

From a6c68cbde40f61cf1fe5f30d1d34659b478c9e49 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Mon, 16 May 2016 16:34:13 +0100
Subject: [PATCH 23/53] Update to configure VM's through bastion host

---
 .../azurerm/private-cloud/bastion-publicip.tf |  13 +++
 .../azurerm/private-cloud/bastion-server.tf   | 101 ++++++++++++++----
 .../private-cloud/mesos-agent-publicips.tf    |   8 --
 .../mesos-agents-availability-set.tf          |  11 ++
 .../azurerm/private-cloud/mesos-agents.tf     |  87 +++++++++++++--
 .../private-cloud/mesos-master-publicips.tf   |   8 --
 .../mesos-masters-availability-set.tf         |  11 ++
 .../azurerm/private-cloud/mesos-masters.tf    |  89 +++++++++++++--
 .../private-cloud/network-security-group.tf   |   4 +
 .../{resourcegroup.tf => resource-group.tf}   |   5 +
 terraform/azurerm/private-cloud/storage.tf    |  54 +++++++++-
 terraform/azurerm/private-cloud/variables.tf  |  35 ++++--
 .../private-cloud/virtual-network-subnet.tf   |   9 ++
 .../azurerm/private-cloud/virtual-network.tf  |  10 +-
 14 files changed, 378 insertions(+), 67 deletions(-)
 delete mode 100644 terraform/azurerm/private-cloud/mesos-agent-publicips.tf
 create mode 100644 terraform/azurerm/private-cloud/mesos-agents-availability-set.tf
 delete mode 100644 terraform/azurerm/private-cloud/mesos-master-publicips.tf
 create mode 100644 terraform/azurerm/private-cloud/mesos-masters-availability-set.tf
 rename terraform/azurerm/private-cloud/{resourcegroup.tf => resource-group.tf} (60%)

diff --git a/terraform/azurerm/private-cloud/bastion-publicip.tf b/terraform/azurerm/private-cloud/bastion-publicip.tf
index d171ad12..c34bf8ec 100644
--- a/terraform/azurerm/private-cloud/bastion-publicip.tf
+++ b/terraform/azurerm/private-cloud/bastion-publicip.tf
@@ -5,3 +5,16 @@ resource "azurerm_public_ip" "bastion_publicip" {
 	resource_group_name = "${azurerm_resource_group.resource_group.name}"
 	public_ip_address_allocation = "static"
 }
+
+#Output
+output "bastion_publicip_id" {
+	value = "${azurerm_public_ip.bastion_publicip.id}"
+}
+
+output "bastion_publicip_ipaddress" {
+	value = "${azurerm_public_ip.bastion_publicip.ip_address}"
+}
+
+output "bastion_publicip_fqdn" {
+	value = "${azurerm_public_ip.bastion_publicip.fqdn}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/bastion-server.tf b/terraform/azurerm/private-cloud/bastion-server.tf
index 777d5981..56bd09fc 100644
--- a/terraform/azurerm/private-cloud/bastion-server.tf
+++ b/terraform/azurerm/private-cloud/bastion-server.tf
@@ -22,10 +22,10 @@ resource "azurerm_virtual_machine" "bastion" {
 	vm_size = "${var.instance_type.master}"
 
 	storage_image_reference {
-		publisher = "Canonical"
-		offer = "UbuntuServer"
-		sku = "14.04.2-LTS"
-		version = "latest"
+		publisher = "${var.artifact_bastion.publisher}"
+		offer = "${var.artifact_bastion.offer}"
+		sku = "${var.artifact_bastion.sku}"
+		version = "${var.artifact_bastion.version}"	
 	}
 
 	storage_os_disk {
@@ -50,30 +50,87 @@ resource "azurerm_virtual_machine" "bastion" {
 		}
 	}
 
+	tags { 
+		Name = "apollo-mesos-bastion" 
+     		role = "bastion" 
+	} 
+
 	connection {
 		host = "${azurerm_public_ip.bastion_publicip.ip_address}"
 		user = "${var.bastion_server_username}"
 		private_key = "${file("${var.ssh_private_key_file}")}" # openssh format 
 	}
 
+	# Do some early bootstrapping of the CoreOS machines. This will install
+  
+	# python and pip so we can use as the ansible_python_interpreter in our playbooks
+  
+	provisioner "file" {
+    
+		source = "coreos"
+
+    		destination = "/tmp"
+  
+	}
+  
+	
+	# provisioner "file" { 
+     	#	source	= "../../scripts/coreos" 
+	#	destination = "/tmp" 
+	#}
+
 	provisioner "remote-exec" {
+    
 		inline = [
-				  "sudo iptables -t nat -A POSTROUTING -j MASQUERADE",
-				  "echo 1 | sudo tee /proc/sys/net/ipv4/conf/all/forwarding",
-				  /* Install docker */
-				  /* Add the repository to your APT sources */
-				  "sudo -E sh -c 'echo deb https://apt.dockerproject.org/repo ubuntu-trusty main > /etc/apt/sources.list.d/docker.list'",
-				  /* Then import the repository key */
-				  "sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D",
-				  "sudo apt-get update",
-				  /* Install docker-engine */
-				  "sudo apt-get install -y docker-engine=${var.docker_version}",
-				  "sudo service docker start",
-				  /* Initialize open vpn data container */
-				  "sudo mkdir -p /etc/openvpn",
-				  "sudo docker run --name ovpn-data -v /etc/openvpn busybox",
-				  /* Generate OpenVPN server config */
-				  "sudo docker run --volumes-from ovpn-data --rm gosuri/openvpn ovpn_genconfig -p ${var.vn_cidr_block} -u udp://${azurerm_public_ip.bastion_publicip.id}"
-			] 
-	}
+      
+			"sudo chmod -R +x /tmp/coreos",
+      
+			"/tmp/coreos/bootstrap.sh",
+      
+			"~/bin/python /tmp/coreos/get-pip.py",
+      
+			"sudo mv /tmp/coreos/runner ~/bin/pip && sudo chmod 0755 ~/bin/pip",
+      
+			"sudo rm -rf /tmp/coreos",
+      
+			# Initialize open VPN container and server config     
+			"sudo iptables -t nat -A POSTROUTING -j MASQUERADE",
+      
+			"sudo docker run --name ovpn-data -v /etc/openvpn busybox",
+      
+			"sudo docker run --volumes-from ovpn-data --rm gosuri/openvpn ovpn_genconfig -p ${var.vpc_cidr_block} -u udp://${azurerm_public_ip.bastion_publicip.ip_address}"
+    
+		]
+  
+	} 
+}
+
+# Bastion network interface outputs
+output "bastion_network_interface_id" {
+	value = "${azurerm_network_interface.bastion_network_interface.id}"
+}
+
+output "bastion_network_interface_macaddress" {
+	value = "${azurerm_network_interface.bastion_network_interface.mac_address}"
+}
+
+output "bastion_network_interface_privateipaddress" {
+	value = "${azurerm_network_interface.bastion_network_interface.private_ip_address}"
+}
+
+output "bastion_network_interface_virtualmachineid" {
+	value = "${azurerm_network_interface.bastion_network_interface.virtual_machine_id}"
+}
+
+output "bastion_network_interface_applieddnsservers" {
+	value = "${azurerm_network_interface.bastion_network_interface.applied_dns_servers}"
+}
+
+output "bastion_network_interface_internalfqdn" {
+    value = "${azurerm_network_interface.bastion_network_interface.internal_fqdn}"
+}
+
+# Bastion virtual machine outputs
+output "bastion_virtual_machine_id" {
+	value = "${azurerm_virtual_machine.bastion.id}"
 }
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/mesos-agent-publicips.tf b/terraform/azurerm/private-cloud/mesos-agent-publicips.tf
deleted file mode 100644
index f23960f8..00000000
--- a/terraform/azurerm/private-cloud/mesos-agent-publicips.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-#Create Public IP Address for agent servers
-resource "azurerm_public_ip" "agent_publicip" {
-	name = "AgentPublicIp-${count.index}" 
-	count = "${var.agent_count}" 
-	location = "${var.region}"
-	resource_group_name = "${azurerm_resource_group.resource_group.name}"
-	public_ip_address_allocation = "static"
-}
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/mesos-agents-availability-set.tf b/terraform/azurerm/private-cloud/mesos-agents-availability-set.tf
new file mode 100644
index 00000000..8e5c8c46
--- /dev/null
+++ b/terraform/azurerm/private-cloud/mesos-agents-availability-set.tf
@@ -0,0 +1,11 @@
+# Create an availability set for agent servers
+resource "azurerm_availability_set" "agent" {
+	name = "Agent_AvailabilitySet" 
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	location = "${var.region}"
+}
+
+# Mesos agent availability set outputs
+output "mesos_agent_virtual_machine_ids" {
+	value = "${azurerm_availability_set.agent.id}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/mesos-agents.tf b/terraform/azurerm/private-cloud/mesos-agents.tf
index de027fa8..92dd21b2 100644
--- a/terraform/azurerm/private-cloud/mesos-agents.tf
+++ b/terraform/azurerm/private-cloud/mesos-agents.tf
@@ -10,7 +10,6 @@ resource "azurerm_network_interface" "agent_network_interface" {
 		name = "agentipconfiguration-${count.index}"
 		subnet_id = "${azurerm_subnet.subnet.id}"
 		private_ip_address_allocation = "dynamic"
-		public_ip_address_id = "${element(azurerm_public_ip.agent_publicip.*.id, count.index)}"
 	}
 }
 
@@ -19,16 +18,17 @@ resource "azurerm_virtual_machine" "mesos_agent" {
 	name = "apollo-mesos-agent-${count.index}"
 	count = "${var.agent_count}"
 	location = "${var.region}"
+	availability_set_id = "${azurerm_availability_set.agent.id}"
 	depends_on = ["azurerm_virtual_machine.bastion", "azurerm_virtual_machine.mesos_master"]
 	resource_group_name = "${azurerm_resource_group.resource_group.name}"
 	network_interface_ids = ["${element(azurerm_network_interface.agent_network_interface.*.id, count.index)}"] 
 	vm_size = "${var.instance_type.agent}"
 
 	storage_image_reference {
-		publisher = "${var.atlas_artifact_agent.publisher}"
-		offer = "${var.atlas_artifact_agent.offer}"
-		sku = "${var.atlas_artifact_agent.sku}"
-		version = "${var.atlas_artifact_agent.version}"	
+		publisher = "${var.artifact_agent.publisher}"
+		offer = "${var.artifact_agent.offer}"
+		sku = "${var.artifact_agent.sku}"
+		version = "${var.artifact_agent.version}"	
 	}
 	
 	storage_os_disk {
@@ -45,6 +45,81 @@ resource "azurerm_virtual_machine" "mesos_agent" {
     	}
 
     	os_profile_linux_config {
-		disable_password_authentication = false
+		disable_password_authentication = true
+		
+		ssh_keys {
+			path = "/home/${var.agent_server_username}/.ssh/authorized_keys"
+			key_data = "${file("${var.ssh_public_key_file}")}" # openssh format 
+		}
     	}
+
+	tags = { 
+		Name = "apollo-mesos-agent-${count.index}" 
+		role = "mesos_agents" 
+	} 
+
+	connection { 
+     		user = "${var.agent_server_username}" 
+		host = "${element(azurerm_network_interface.agent_network_interface.*.private_ip_address, count.index)}"
+     		private_key = "${file("${var.ssh_private_key_file}")}" # openssh format
+     		bastion_host = "${azurerm_public_ip.bastion_publicip.ip_address}"
+		bastion_user = "${var.bastion_server_username}"
+     		bastion_private_key = "${file("${var.ssh_private_key_file}")}" # openssh format
+	}
+
+	# Do some early bootstrapping of the CoreOS machines. This will install 
+   	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
+   	provisioner "file" {
+    
+		source = "coreos"
+
+    		destination = "/tmp"
+  
+	}
+  
+
+	# provisioner "file" { 
+     	#	source      = "../../scripts/coreos" 
+     	#	destination = "/tmp" 
+   	# } 
+
+	provisioner "remote-exec" { 
+		inline = [ 
+			"sudo chmod -R +x /tmp/coreos", 
+			"/tmp/coreos/bootstrap.sh", 
+			"~/bin/python /tmp/coreos/get-pip.py", 
+			"sudo mv /tmp/coreos/runner ~/bin/pip && sudo chmod 0755 ~/bin/pip", 
+			"sudo rm -rf /tmp/coreos" 
+		] 
+	} 
+}
+
+# Mesos agent network interface outputs
+output "mesos_agent_network_interface_ids" {
+	value = "${join(",", azurerm_network_interface.agent_network_interface.*.id)}"
+}
+
+output "mesos_agent_network_interface_macaddresses" {
+	value = "${join(",", azurerm_network_interface.agent_network_interface.*.mac_address)}"
+}
+
+output "mesos_agent_network_interface_privateipaddresses" {
+	value = "${join(",", azurerm_network_interface.agent_network_interface.*.private_ip_address)}"
+}
+
+output "mesos_agent_network_interface_virtualmachineids" {
+	value = "${join(",", azurerm_network_interface.agent_network_interface.*.virtual_machine_id)}"
+}
+
+output "mesos_agent_network_interface_applieddnsservers" {
+	value = "${join(",", azurerm_network_interface.agent_network_interface.*.applied_dns_servers)}"
+}
+
+output "mesos_agent_network_interface_internalfqdns" {
+	value = "${join(",", azurerm_network_interface.agent_network_interface.*.internal_fqdn)}"
+}
+
+# Mesos agent virtual machine outputs
+output "mesos_agent_virtual_machine_ids" {
+	value = "${join(",", azurerm_virtual_machine.mesos_agent.*.id)}"
 }
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/mesos-master-publicips.tf b/terraform/azurerm/private-cloud/mesos-master-publicips.tf
deleted file mode 100644
index 0cdb1286..00000000
--- a/terraform/azurerm/private-cloud/mesos-master-publicips.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-#Create Public IP Address for master servers
-resource "azurerm_public_ip" "master_publicip" {
-	name = "MasterPublicIp-${count.index}" 
-	count = "${var.master_count}" 
-	location = "${var.region}"
-	resource_group_name = "${azurerm_resource_group.resource_group.name}"
-	public_ip_address_allocation = "static"
-}
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/mesos-masters-availability-set.tf b/terraform/azurerm/private-cloud/mesos-masters-availability-set.tf
new file mode 100644
index 00000000..2f4f674a
--- /dev/null
+++ b/terraform/azurerm/private-cloud/mesos-masters-availability-set.tf
@@ -0,0 +1,11 @@
+# Create an availability set for master servers
+resource "azurerm_availability_set" "master" {
+	name = "Master_AvailabilitySet" 
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	location = "${var.region}"
+}
+
+# Mesos master availability set outputs
+output "mesos_master_virtual_machine_ids" {
+	value = "${azurerm_availability_set.master.id}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/mesos-masters.tf b/terraform/azurerm/private-cloud/mesos-masters.tf
index 0254254d..30ed93d0 100644
--- a/terraform/azurerm/private-cloud/mesos-masters.tf
+++ b/terraform/azurerm/private-cloud/mesos-masters.tf
@@ -10,7 +10,6 @@ resource "azurerm_network_interface" "master_network_interface" {
 		name = "masteripconfiguration-${count.index}"
 		subnet_id = "${azurerm_subnet.subnet.id}"
 		private_ip_address_allocation = "dynamic"
-		public_ip_address_id = "${element(azurerm_public_ip.master_publicip.*.id, count.index)}"
 	}
 }
 
@@ -19,16 +18,17 @@ resource "azurerm_virtual_machine" "mesos_master" {
 	name = "apollo-mesos-master-${count.index}"
 	count = "${var.master_count}"
 	location = "${var.region}"
+	availability_set_id = "${azurerm_availability_set.master.id}"
 	depends_on = ["azurerm_virtual_machine.bastion"]
 	resource_group_name = "${azurerm_resource_group.resource_group.name}"
 	network_interface_ids = ["${element(azurerm_network_interface.master_network_interface.*.id, count.index)}"] 
 	vm_size = "${var.instance_type.master}"
 
 	storage_image_reference {
-		publisher = "${var.atlas_artifact_master.publisher}"
-		offer = "${var.atlas_artifact_master.offer}"
-		sku = "${var.atlas_artifact_master.sku}"
-		version = "${var.atlas_artifact_master.version}"
+		publisher = "${var.artifact_master.publisher}"
+		offer = "${var.artifact_master.offer}"
+		sku = "${var.artifact_master.sku}"
+		version = "${var.artifact_master.version}"
 	}
 
 	storage_os_disk {
@@ -39,12 +39,87 @@ resource "azurerm_virtual_machine" "mesos_master" {
 	}
 
 	os_profile {
-		computer_name = "Mesos-Master-${count.index}"
+		computer_name = "apollo-mesos-master-${count.index}"
 		admin_username = "${var.master_server_username}"
 		admin_password = "${var.master_server_password}"
 	}
 
 	os_profile_linux_config {
-		disable_password_authentication = false
+		disable_password_authentication = true
+		
+		ssh_keys {
+			path = "/home/${var.master_server_username}/.ssh/authorized_keys"
+			key_data = "${file("${var.ssh_public_key_file}")}" # openssh format 
+		}
 	}
+
+	tags { 
+     		Name = "apollo-mesos-master-${count.index}" 
+     		role = "mesos_masters" 
+   	}
+
+   	connection { 
+     		user = "${var.master_server_username}" 
+		host = "${element(azurerm_network_interface.master_network_interface.*.private_ip_address, count.index)}"
+     		private_key = "${file("${var.ssh_private_key_file}")}" # openssh format
+     		bastion_host = "${azurerm_public_ip.bastion_publicip.ip_address}"
+		bastion_user = "${var.bastion_server_username}"
+     		bastion_private_key = "${file("${var.ssh_private_key_file}")}" # openssh format
+	}
+	
+	# Do some early bootstrapping of the CoreOS machines. This will install 
+   	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
+   	provisioner "file" {
+    
+		source = "coreos"
+
+    		destination = "/tmp"
+  
+	}
+  
+
+	# provisioner "file" { 
+     	#	source      = "../../scripts/coreos" 
+     	#	destination = "/tmp" 
+   	# } 
+
+   	provisioner "remote-exec" { 
+     		inline = [ 
+       			"sudo chmod -R +x /tmp/coreos", 
+       			"/tmp/coreos/bootstrap.sh", 
+       			"~/bin/python /tmp/coreos/get-pip.py", 
+       			"sudo mv /tmp/coreos/runner ~/bin/pip && sudo chmod 0755 ~/bin/pip", 
+       			"sudo rm -rf /tmp/coreos" 
+     		] 
+   	}
+}
+
+# Mesos master network interface outputs
+output "mesos_master_network_interface_ids" {
+	value = "${join(",", azurerm_network_interface.master_network_interface.*.id)}"
+}
+
+output "mesos_master_network_interface_macaddresses" {
+	value = "${join(",", azurerm_network_interface.master_network_interface.*.mac_address)}"
+}
+
+output "mesos_master_network_interface_privateipaddresses" {
+	value = "${join(",", azurerm_network_interface.master_network_interface.*.private_ip_address)}"
+}
+
+output "mesos_master_network_interface_virtualmachineids" {
+	value = "${join(",", azurerm_network_interface.master_network_interface.*.virtual_machine_id)}"
+}
+
+output "mesos_master_network_interface_applieddnsservers" {
+	value = "${join(",", azurerm_network_interface.master_network_interface.*.applied_dns_servers)}"
+}
+
+output "mesos_master_network_interface_internalfqdns" {
+	value = "${join(",", azurerm_network_interface.master_network_interface.*.internal_fqdn)}"
+}
+
+# Mesos master virtual machine outputs
+output "mesos_master_virtual_machine_ids" {
+	value = "${join(",", azurerm_virtual_machine.mesos_master.*.id)}"
 }
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/network-security-group.tf b/terraform/azurerm/private-cloud/network-security-group.tf
index 1f63e8da..bcde1e09 100644
--- a/terraform/azurerm/private-cloud/network-security-group.tf
+++ b/terraform/azurerm/private-cloud/network-security-group.tf
@@ -53,3 +53,7 @@ resource "azurerm_network_security_group" "network_security_group" {
 	}
 }
 
+#Output
+output "network_security_group_id" {
+	value = "${azurerm_network_security_group.network_security_group.id}"
+}
diff --git a/terraform/azurerm/private-cloud/resourcegroup.tf b/terraform/azurerm/private-cloud/resource-group.tf
similarity index 60%
rename from terraform/azurerm/private-cloud/resourcegroup.tf
rename to terraform/azurerm/private-cloud/resource-group.tf
index 5616309f..75be4923 100644
--- a/terraform/azurerm/private-cloud/resourcegroup.tf
+++ b/terraform/azurerm/private-cloud/resource-group.tf
@@ -2,4 +2,9 @@
 resource "azurerm_resource_group" "resource_group" {
 	name     = "AzureRM-Resource-Group"
 	location = "${var.region}"
+}
+
+#Output
+output "resource_group_id" {
+	value = "${azurerm_resource_group.resource_group.id}"
 }
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/storage.tf b/terraform/azurerm/private-cloud/storage.tf
index 8c39f7c0..3aa64e7b 100644
--- a/terraform/azurerm/private-cloud/storage.tf
+++ b/terraform/azurerm/private-cloud/storage.tf
@@ -3,7 +3,7 @@ resource "azurerm_storage_account" "storage_account" {
 	name = "${var.storage_account_name}"
 	resource_group_name = "${azurerm_resource_group.resource_group.name}"
 	location = "${var.region}"
-	account_type = "Standard_GRS"
+	account_type = "${var.storage_account_type}"
 }
 
 # Create storage container
@@ -12,5 +12,55 @@ resource "azurerm_storage_container" "storage_container" {
 	resource_group_name = "${azurerm_resource_group.resource_group.name}"
 	storage_account_name = "${azurerm_storage_account.storage_account.name}"
 	container_access_type = "private"
-} 
+	depends_on = ["azurerm_storage_account.storage_account"]
+}
+
+# Storage Account Output
+output "storage_account_id" {
+	value = "${azurerm_storage_account.storage_account.id}"
+}
+
+output "storage_account_primary_location" {
+	value = "${azurerm_storage_account.storage_account.primary_location}"
+}
+
+output "storage_account_secondary_location" {
+	value = "${azurerm_storage_account.storage_account.secondary_location}"
+}
+
+output "storage_account_primary_blob_endpoint" {
+	value = "${azurerm_storage_account.storage_account.primary_blob_endpoint}"
+}
+
+output "storage_account_secondary_blob_endpoint" {
+	value = "${azurerm_storage_account.storage_account.secondary_blob_endpoint}"
+}
+
+output "storage_account_primary_queue_endpoint" {
+	value = "${azurerm_storage_account.storage_account.primary_queue_endpoint}"
+}
+
+output "storage_account_secondary_queue_endpoint" {
+	value = "${azurerm_storage_account.storage_account.secondary_queue_endpoint}"
+}
+
+output "storage_account_primary_table_endpoint" {
+	value = "${azurerm_storage_account.storage_account.primary_table_endpoint}"
+}
+
+output "storage_account_secondary_table_endpoint" {
+	value = "${azurerm_storage_account.storage_account.secondary_table_endpoint}"
+}
+
+output "storage_account_primary_file_endpoint" {
+	value = "${azurerm_storage_account.storage_account.primary_file_endpoint}"
+}
 
+# Storage Container Output
+output "storage_container_id" {
+	value = "${azurerm_storage_container.storage_container.id}"
+}
+
+output "storage_container_properties" {
+	value = "${azurerm_storage_container.storage_container.properties}"
+}
diff --git a/terraform/azurerm/private-cloud/variables.tf b/terraform/azurerm/private-cloud/variables.tf
index 5047df43..9ca60cc7 100644
--- a/terraform/azurerm/private-cloud/variables.tf
+++ b/terraform/azurerm/private-cloud/variables.tf
@@ -19,7 +19,7 @@ variable "region" {
 	default = "North Europe"
 }
 
-variable "vn_cidr_block" { 
+variable "vpc_cidr_block" { 
 	description = "Cidr block for the VN." 
 	default = "10.0.0.0/16"
 } 
@@ -34,26 +34,39 @@ variable "storage_account_name" {
     	default = "mesosimages" 
 } 
 
+variable "storage_account_type" { 
+    	description = "Storage account type" 
+}
+
 variable "storage_container_name" { 
     	description = "Storage container name" 
     	default = "mesosimages-container" 
 } 
 
-variable "atlas_artifact_master" { 
+variable "artifact_bastion" { 
+	default = { 
+		publisher = "CoreOS"
+		offer ="CoreOS"
+		"sku" = "Stable"
+		"version" = "latest"	 
+	}
+} 
+
+variable "artifact_master" { 
 	default = { 
-		publisher = ""
-		offer =""
-		"sku" = ""
-		"version" = ""	 
+		publisher = "CoreOS"
+		offer ="CoreOS"
+		"sku" = "Stable"
+		"version" = "latest"	 
 	}
 } 
 
-variable "atlas_artifact_agent" { 
+variable "artifact_agent" { 
 	default = { 
-		publisher = ""
-		offer =""
-		"sku" = ""
-		"version" = ""	 
+		publisher = "CoreOS"
+		offer ="CoreOS"
+		"sku" = "Stable"
+		"version" = "latest"	 
 	}
 } 
 
diff --git a/terraform/azurerm/private-cloud/virtual-network-subnet.tf b/terraform/azurerm/private-cloud/virtual-network-subnet.tf
index 83a5ec25..aed6f4b5 100644
--- a/terraform/azurerm/private-cloud/virtual-network-subnet.tf
+++ b/terraform/azurerm/private-cloud/virtual-network-subnet.tf
@@ -5,3 +5,12 @@ resource "azurerm_subnet" "subnet" {
 	virtual_network_name = "${azurerm_virtual_network.virtual_network.name}"
 	address_prefix = "${var.subnet_cidr_block}"
 }
+
+#Output
+output "subnet_id" {
+	value = "${azurerm_subnet.subnet.id}"
+}
+
+output "subnet_ip_configurations" {
+	value = "${azurerm_subnet.subnet.ip_configurations}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/virtual-network.tf b/terraform/azurerm/private-cloud/virtual-network.tf
index ad860517..b7c3a0ff 100644
--- a/terraform/azurerm/private-cloud/virtual-network.tf
+++ b/terraform/azurerm/private-cloud/virtual-network.tf
@@ -1,8 +1,12 @@
 # Create a virtual network
 resource "azurerm_virtual_network" "virtual_network" {
-	name                = "AzureRM-Virtual-Network"
+	name = "AzureRM-Virtual-Network"
 	resource_group_name = "${azurerm_resource_group.resource_group.name}"
-	address_space       = ["${var.vn_cidr_block}"]
-	location            = "${var.region}"
+	address_space = ["${var.vpc_cidr_block}"]
+	location = "${var.region}"
 }
 
+#Output
+output "network_confirguration_id" {
+	value = "${azurerm_virtual_network.virtual_network.id}"
+}
\ No newline at end of file

From 53dc1e1230fc91a190ccda6b7e8940362be3c29c Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Mon, 16 May 2016 16:38:15 +0100
Subject: [PATCH 24/53] Update servers to copy files from correct location.

---
 .../azurerm/private-cloud/bastion-server.tf     | 15 +++------------
 terraform/azurerm/private-cloud/mesos-agents.tf | 17 ++++-------------
 .../azurerm/private-cloud/mesos-masters.tf      | 17 ++++-------------
 3 files changed, 11 insertions(+), 38 deletions(-)

diff --git a/terraform/azurerm/private-cloud/bastion-server.tf b/terraform/azurerm/private-cloud/bastion-server.tf
index 56bd09fc..3ed2b519 100644
--- a/terraform/azurerm/private-cloud/bastion-server.tf
+++ b/terraform/azurerm/private-cloud/bastion-server.tf
@@ -65,19 +65,10 @@ resource "azurerm_virtual_machine" "bastion" {
   
 	# python and pip so we can use as the ansible_python_interpreter in our playbooks
   
-	provisioner "file" {
-    
-		source = "coreos"
-
-    		destination = "/tmp"
-  
+	provisioner "file" { 
+     		source	= "../../scripts/coreos" 
+		destination = "/tmp" 
 	}
-  
-	
-	# provisioner "file" { 
-     	#	source	= "../../scripts/coreos" 
-	#	destination = "/tmp" 
-	#}
 
 	provisioner "remote-exec" {
     
diff --git a/terraform/azurerm/private-cloud/mesos-agents.tf b/terraform/azurerm/private-cloud/mesos-agents.tf
index 92dd21b2..fd6d50cd 100644
--- a/terraform/azurerm/private-cloud/mesos-agents.tf
+++ b/terraform/azurerm/private-cloud/mesos-agents.tf
@@ -69,19 +69,10 @@ resource "azurerm_virtual_machine" "mesos_agent" {
 
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
-   	provisioner "file" {
-    
-		source = "coreos"
-
-    		destination = "/tmp"
-  
-	}
-  
-
-	# provisioner "file" { 
-     	#	source      = "../../scripts/coreos" 
-     	#	destination = "/tmp" 
-   	# } 
+	provisioner "file" { 
+     		source      = "../../scripts/coreos" 
+     		destination = "/tmp" 
+   	} 
 
 	provisioner "remote-exec" { 
 		inline = [ 
diff --git a/terraform/azurerm/private-cloud/mesos-masters.tf b/terraform/azurerm/private-cloud/mesos-masters.tf
index 30ed93d0..5ab4fd26 100644
--- a/terraform/azurerm/private-cloud/mesos-masters.tf
+++ b/terraform/azurerm/private-cloud/mesos-masters.tf
@@ -69,19 +69,10 @@ resource "azurerm_virtual_machine" "mesos_master" {
 	
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
-   	provisioner "file" {
-    
-		source = "coreos"
-
-    		destination = "/tmp"
-  
-	}
-  
-
-	# provisioner "file" { 
-     	#	source      = "../../scripts/coreos" 
-     	#	destination = "/tmp" 
-   	# } 
+	provisioner "file" { 
+     		source      = "../../scripts/coreos" 
+     		destination = "/tmp" 
+   	} 
 
    	provisioner "remote-exec" { 
      		inline = [ 

From 5ae33fc00686043f5e5b4cc8c0c03b6a95e2f436 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Mon, 16 May 2016 16:40:19 +0100
Subject: [PATCH 25/53] Fix format issue.

---
 terraform/azurerm/private-cloud/bastion-server.tf | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/terraform/azurerm/private-cloud/bastion-server.tf b/terraform/azurerm/private-cloud/bastion-server.tf
index 3ed2b519..f564b315 100644
--- a/terraform/azurerm/private-cloud/bastion-server.tf
+++ b/terraform/azurerm/private-cloud/bastion-server.tf
@@ -62,9 +62,8 @@ resource "azurerm_virtual_machine" "bastion" {
 	}
 
 	# Do some early bootstrapping of the CoreOS machines. This will install
-  
 	# python and pip so we can use as the ansible_python_interpreter in our playbooks
-  
+
 	provisioner "file" { 
      		source	= "../../scripts/coreos" 
 		destination = "/tmp" 

From a8142a7b88ef89f4cbf2c6d8817b104f861ee76b Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Mon, 16 May 2016 16:41:20 +0100
Subject: [PATCH 26/53] Fix format issue.

---
 terraform/azurerm/private-cloud/bastion-server.tf | 1 -
 1 file changed, 1 deletion(-)

diff --git a/terraform/azurerm/private-cloud/bastion-server.tf b/terraform/azurerm/private-cloud/bastion-server.tf
index f564b315..2bfba76d 100644
--- a/terraform/azurerm/private-cloud/bastion-server.tf
+++ b/terraform/azurerm/private-cloud/bastion-server.tf
@@ -63,7 +63,6 @@ resource "azurerm_virtual_machine" "bastion" {
 
 	# Do some early bootstrapping of the CoreOS machines. This will install
 	# python and pip so we can use as the ansible_python_interpreter in our playbooks
-
 	provisioner "file" { 
      		source	= "../../scripts/coreos" 
 		destination = "/tmp" 

From 12effba577fe114e43bf5d7f45eb5f1c1e179e42 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Tue, 17 May 2016 16:56:07 +0100
Subject: [PATCH 27/53] Inclusion of cloud config and seperation of subnets

---
 .../private-cloud/agent-cloud-config.yml.tpl  | 48 +++++++++++++++++++
 .../bastion-cloud-config.yml.tpl              | 20 ++++++++
 .../azurerm/private-cloud/bastion-server.tf   | 26 ++++++++--
 .../private-cloud/master-cloud-config.yml.tpl | 22 +++++++++
 .../azurerm/private-cloud/mesos-agents.tf     | 24 ++++++++--
 .../azurerm/private-cloud/mesos-masters.tf    | 26 +++++++---
 .../template_file.etcd_discovery_url.tf       | 12 +++++
 terraform/azurerm/private-cloud/variables.tf  | 14 +++++-
 .../private-cloud/virtual-network-subnet.tf   | 16 -------
 .../private-cloud/virtual-network-subnets.tf  | 35 ++++++++++++++
 10 files changed, 209 insertions(+), 34 deletions(-)
 create mode 100644 terraform/azurerm/private-cloud/agent-cloud-config.yml.tpl
 create mode 100644 terraform/azurerm/private-cloud/bastion-cloud-config.yml.tpl
 create mode 100644 terraform/azurerm/private-cloud/master-cloud-config.yml.tpl
 create mode 100644 terraform/azurerm/private-cloud/template_file.etcd_discovery_url.tf
 delete mode 100644 terraform/azurerm/private-cloud/virtual-network-subnet.tf
 create mode 100644 terraform/azurerm/private-cloud/virtual-network-subnets.tf

diff --git a/terraform/azurerm/private-cloud/agent-cloud-config.yml.tpl b/terraform/azurerm/private-cloud/agent-cloud-config.yml.tpl
new file mode 100644
index 00000000..4a8640b3
--- /dev/null
+++ b/terraform/azurerm/private-cloud/agent-cloud-config.yml.tpl
@@ -0,0 +1,48 @@
+#cloud-config
+
+coreos:
+  units:
+    - name: format-ebs-volume.service
+      command: start
+      content: |
+        [Unit]
+        Description=Formats the ebs volume if needed
+        Before=docker.service
+        [Service]
+        Type=oneshot
+        RemainAfterExit=yes
+        ExecStart=/bin/bash -c '(/usr/sbin/blkid -t TYPE=ext4 | grep /dev/xvdb) || (/usr/sbin/wipefs -fa /dev/xvdb && /usr/sbin/mkfs.ext4 /dev/xvdb)'
+    - name: var-lib-docker.mount
+      command: start
+      content: |
+        [Unit]
+        Description=Mount ephemeral to /var/lib/docker
+        Requires=format-ebs-volume.service
+        After=format-ebs-volume.service
+        [Mount]
+        What=/dev/xvdb
+        Where=/var/lib/docker
+        Type=ext4
+     - name: docker.service
+       drop-ins:
+        - name: 10-wait-docker.conf
+          content: |
+            [Unit]
+            After=var-lib-docker.mount
+            Requires=var-lib-docker.mount
+  etcd2:
+    proxy: on
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    discovery: ${etcd_discovery_url}
+  fleet:
+    metadata: "role=agent,region=${region}"
+    public-ip: "$public_ipv4"
+    etcd_servers: "http://localhost:2379"
+  locksmith:
+    endpoint: "http://localhost:2379"
+  units:
+    - name: etcd2.service
+      command: start
+  update:
+    reboot-strategy: best-effort
+manage_etc_hosts: localhost
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/bastion-cloud-config.yml.tpl b/terraform/azurerm/private-cloud/bastion-cloud-config.yml.tpl
new file mode 100644
index 00000000..e99c9fde
--- /dev/null
+++ b/terraform/azurerm/private-cloud/bastion-cloud-config.yml.tpl
@@ -0,0 +1,20 @@
+#cloud-config 
+
+coreos:
+  etcd2:
+    proxy: on
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    discovery: ${etcd_discovery_url}
+  fleet:
+    metadata: "role=bastion,region=${region}"
+    etcd_servers: "http://localhost:2379"
+  locksmith:
+    endpoint: "http://localhost:2379"
+  units:
+    - name: docker.service
+      command: start
+    - name: etcd2.service
+      command: start
+  update:
+    reboot-strategy: best-effort
+manage_etc_hosts: localhost
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/bastion-server.tf b/terraform/azurerm/private-cloud/bastion-server.tf
index 2bfba76d..eb3af2ad 100644
--- a/terraform/azurerm/private-cloud/bastion-server.tf
+++ b/terraform/azurerm/private-cloud/bastion-server.tf
@@ -7,19 +7,31 @@ resource "azurerm_network_interface" "bastion_network_interface" {
 
 	ip_configuration {
 		name = "bastionipconfiguration"
-		subnet_id = "${azurerm_subnet.subnet.id}"
+		subnet_id = "${element(azurerm_subnet.public.*.id, count.index)}"
 		private_ip_address_allocation = "dynamic"
 		public_ip_address_id = "${azurerm_public_ip.bastion_publicip.id}"
 	}
 }
 
+# User profile template
+resource "template_file" "bastion_cloud_init" { 
+	template = "${file("bastion-cloud-config.yml.tpl")}" 
+	depends_on = ["template_file.etcd_discovery_url"] 
+	vars { 
+		etcd_discovery_url = "${file(var.etcd_discovery_url_file)}" 
+		size = "${var.master_count}" 
+		vpc_cidr_block = "${var.vpc_cidr_block}" 
+		region = "${var.region}" 
+	} 
+}
+
 # NAT/VPN server
 resource "azurerm_virtual_machine" "bastion" {
 	name = "apollo-bastion"
 	location = "${var.region}"
 	resource_group_name = "${azurerm_resource_group.resource_group.name}"
 	network_interface_ids = ["${azurerm_network_interface.bastion_network_interface.id}"]
-	vm_size = "${var.instance_type.master}"
+	vm_size = "${var.instance_type.bastion}"
 
 	storage_image_reference {
 		publisher = "${var.artifact_bastion.publisher}"
@@ -39,6 +51,7 @@ resource "azurerm_virtual_machine" "bastion" {
 		computer_name = "${var.bastion_server_computername}"
 		admin_username = "${var.bastion_server_username}"
 		admin_password = "${var.bastion_server_password}"
+		custom_data = "${base64encode(template_file.bastion_cloud_init.rendered)}"
 	}
 
 	os_profile_linux_config {
@@ -62,10 +75,13 @@ resource "azurerm_virtual_machine" "bastion" {
 	}
 
 	# Do some early bootstrapping of the CoreOS machines. This will install
+  
 	# python and pip so we can use as the ansible_python_interpreter in our playbooks
-	provisioner "file" { 
-     		source	= "../../scripts/coreos" 
-		destination = "/tmp" 
+  
+	provisioner "file" {
+    
+		source      = "../../scripts/coreos" 
+     		destination = "/tmp  
 	}
 
 	provisioner "remote-exec" {
diff --git a/terraform/azurerm/private-cloud/master-cloud-config.yml.tpl b/terraform/azurerm/private-cloud/master-cloud-config.yml.tpl
new file mode 100644
index 00000000..df2f0b6e
--- /dev/null
+++ b/terraform/azurerm/private-cloud/master-cloud-config.yml.tpl
@@ -0,0 +1,22 @@
+#cloud-config
+
+coreos:
+  etcd2:
+    # $private_ipv4 is populated by the cloud provider
+    # we don't have a $public_ipv4 in the private VPC
+    advertise-client-urls: http://$private_ipv4:2379,http://$private_ipv4:4001
+    initial-advertise-peer-urls: http://$private_ipv4:2380
+    # listen on both the official ports and the legacy ports
+    # legacy ports can be omitted if your application doesn't depend on them
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    # Discovery is populated by Terraform
+    discovery: ${etcd_discovery_url}
+  fleet:
+    metadata: "role=master,region=${region}"
+  units:
+    - name: etcd2.service
+      command: start
+  update:
+    reboot-strategy: best-effort
+manage_etc_hosts: localhost
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/mesos-agents.tf b/terraform/azurerm/private-cloud/mesos-agents.tf
index fd6d50cd..8b9c4bc9 100644
--- a/terraform/azurerm/private-cloud/mesos-agents.tf
+++ b/terraform/azurerm/private-cloud/mesos-agents.tf
@@ -8,11 +8,23 @@ resource "azurerm_network_interface" "agent_network_interface" {
 
 	ip_configuration {
 		name = "agentipconfiguration-${count.index}"
-		subnet_id = "${azurerm_subnet.subnet.id}"
+		subnet_id = "${element(azurerm_subnet.private.*.id, count.index)}"
 		private_ip_address_allocation = "dynamic"
 	}
 }
 
+# User profile template
+resource "template_file" "agent_cloud_init" { 
+	template = "${file("agent-cloud-config.yml.tpl")}" 
+	depends_on = ["template_file.etcd_discovery_url"] 
+	vars { 
+		etcd_discovery_url = "${file(var.etcd_discovery_url_file)}" 
+		size = "${var.master_count}" 
+		vpc_cidr_block = "${var.vpc_cidr_block}" 
+		region = "${var.region}" 
+	} 
+}
+
 # Agent server
 resource "azurerm_virtual_machine" "mesos_agent" {
 	name = "apollo-mesos-agent-${count.index}"
@@ -42,6 +54,7 @@ resource "azurerm_virtual_machine" "mesos_agent" {
 		computer_name = "Mesos-Agent-${count.index}"
     		admin_username = "${var.agent_server_username}"
     		admin_password = "${var.agent_server_password}"
+		custom_data = "${base64encode(template_file.agent_cloud_init.rendered)}"
     	}
 
     	os_profile_linux_config {
@@ -69,10 +82,11 @@ resource "azurerm_virtual_machine" "mesos_agent" {
 
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
-	provisioner "file" { 
-     		source      = "../../scripts/coreos" 
-     		destination = "/tmp" 
-   	} 
+   	provisioner "file" {
+    
+		source      = "../../scripts/coreos" 
+     		destination = "/tmp  
+	}
 
 	provisioner "remote-exec" { 
 		inline = [ 
diff --git a/terraform/azurerm/private-cloud/mesos-masters.tf b/terraform/azurerm/private-cloud/mesos-masters.tf
index 5ab4fd26..4452f7f5 100644
--- a/terraform/azurerm/private-cloud/mesos-masters.tf
+++ b/terraform/azurerm/private-cloud/mesos-masters.tf
@@ -8,11 +8,23 @@ resource "azurerm_network_interface" "master_network_interface" {
 
 	ip_configuration {
 		name = "masteripconfiguration-${count.index}"
-		subnet_id = "${azurerm_subnet.subnet.id}"
+		subnet_id = "${element(azurerm_subnet.private.*.id, count.index)}"
 		private_ip_address_allocation = "dynamic"
 	}
 }
 
+# User profile template
+resource "template_file" "master_cloud_init" { 
+	template = "${file("master-cloud-config.yml.tpl")}" 
+	depends_on = ["template_file.etcd_discovery_url"] 
+	vars { 
+		etcd_discovery_url = "${file(var.etcd_discovery_url_file)}" 
+		size = "${var.master_count}" 
+		vpc_cidr_block = "${var.vpc_cidr_block}" 
+		region = "${var.region}" 
+	} 
+}
+
 # Master server
 resource "azurerm_virtual_machine" "mesos_master" {
 	name = "apollo-mesos-master-${count.index}"
@@ -42,6 +54,7 @@ resource "azurerm_virtual_machine" "mesos_master" {
 		computer_name = "apollo-mesos-master-${count.index}"
 		admin_username = "${var.master_server_username}"
 		admin_password = "${var.master_server_password}"
+		custom_data = "${base64encode(template_file.master_cloud_init.rendered)}"
 	}
 
 	os_profile_linux_config {
@@ -69,12 +82,13 @@ resource "azurerm_virtual_machine" "mesos_master" {
 	
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
-	provisioner "file" { 
-     		source      = "../../scripts/coreos" 
-     		destination = "/tmp" 
-   	} 
+   	provisioner "file" {
+    
+		source      = "../../scripts/coreos" 
+     		destination = "/tmp  
+	}
 
-   	provisioner "remote-exec" { 
+	provisioner "remote-exec" { 
      		inline = [ 
        			"sudo chmod -R +x /tmp/coreos", 
        			"/tmp/coreos/bootstrap.sh", 
diff --git a/terraform/azurerm/private-cloud/template_file.etcd_discovery_url.tf b/terraform/azurerm/private-cloud/template_file.etcd_discovery_url.tf
new file mode 100644
index 00000000..631cc0bb
--- /dev/null
+++ b/terraform/azurerm/private-cloud/template_file.etcd_discovery_url.tf
@@ -0,0 +1,12 @@
+# Generate an etcd URL for the cluster 
+resource "template_file" "etcd_discovery_url" { 
+	# template = "${file(/dev/null)}" 
+	provisioner "local-exec" { 
+		command = "curl https://discovery.etcd.io/new?size=${var.master_count} > ${var.etcd_discovery_url_file}" 
+	} 
+	
+	# This will regenerate the discovery URL if the cluster size changes, we include the bastion here 
+   	vars { 
+		size = "${var.master_count}" 
+   	} 
+} 
diff --git a/terraform/azurerm/private-cloud/variables.tf b/terraform/azurerm/private-cloud/variables.tf
index 9ca60cc7..bcea32e9 100644
--- a/terraform/azurerm/private-cloud/variables.tf
+++ b/terraform/azurerm/private-cloud/variables.tf
@@ -24,9 +24,14 @@ variable "vpc_cidr_block" {
 	default = "10.0.0.0/16"
 } 
  
-variable "subnet_cidr_block" { 
+variable "private_subnet_cidr_block" { 
 	description = "CIDR for private subnet" 
-	default     = "10.0.0.0/24"
+	default     = "10.0.1.0/24,10.0.2.0/24,10.0.3.0/24"
+} 
+
+variable "public_subnet_cidr_block" { 
+	description = "CIDR for public subnet" 
+	default     = "10.0.101.0/24,10.0.102.0/24,10.0.103.0/24"
 } 
 
 variable "storage_account_name" { 
@@ -72,6 +77,7 @@ variable "artifact_agent" {
 
 variable "instance_type" { 
 	default = { 
+	bastion = "Standard_A0"
 	master = "Standard_A0" 
 	agent  = "Standard_A0" 
 	} 
@@ -128,3 +134,7 @@ variable "ssh_public_key_file" {
 variable "ssh_private_key_file" { 
 	description = "Public key required to connect via ssh"
 } 
+
+variable "etcd_discovery_url_file" { 
+	default = "etcd_discovery_url.txt" 
+}
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/virtual-network-subnet.tf b/terraform/azurerm/private-cloud/virtual-network-subnet.tf
deleted file mode 100644
index aed6f4b5..00000000
--- a/terraform/azurerm/private-cloud/virtual-network-subnet.tf
+++ /dev/null
@@ -1,16 +0,0 @@
-#Create Subnet
-resource "azurerm_subnet" "subnet" {
-	name = "AzureRM_Subnet"
-	resource_group_name = "${azurerm_resource_group.resource_group.name}"
-	virtual_network_name = "${azurerm_virtual_network.virtual_network.name}"
-	address_prefix = "${var.subnet_cidr_block}"
-}
-
-#Output
-output "subnet_id" {
-	value = "${azurerm_subnet.subnet.id}"
-}
-
-output "subnet_ip_configurations" {
-	value = "${azurerm_subnet.subnet.ip_configurations}"
-}
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/virtual-network-subnets.tf b/terraform/azurerm/private-cloud/virtual-network-subnets.tf
new file mode 100644
index 00000000..d8953110
--- /dev/null
+++ b/terraform/azurerm/private-cloud/virtual-network-subnets.tf
@@ -0,0 +1,35 @@
+#Create public subnets
+resource "azurerm_subnet" "public" {
+	name = "AzureRM_Public_Subnet-${count.index}"
+	count = "${length(compact(split(",", var.public_subnet_cidr_block)))}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	virtual_network_name = "${azurerm_virtual_network.virtual_network.name}"
+	address_prefix = "${element(split(",", var.public_subnet_cidr_block), count.index)}"
+}
+
+#Create private subnets
+resource "azurerm_subnet" "private" {
+	name = "AzureRM_Private_Subnet-${count.index}"
+	count = "${length(compact(split(",", var.private_subnet_cidr_block)))}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	virtual_network_name = "${azurerm_virtual_network.virtual_network.name}"
+	address_prefix = "${element(split(",", var.private_subnet_cidr_block), count.index)}"
+}
+
+# Public subnets output
+output "subnet_ids" {
+	value = "${join(",", azurerm_subnet.public.*.id)}"
+}
+
+output "subnet_ip_configurations" {
+	value = "${join(",", azurerm_subnet.public.ip_configurations)}"
+}
+
+# Private subnets output
+output "subnet_ids" {
+	value = "${join(",", azurerm_subnet.private.*.id)}"
+}
+
+output "subnet_ip_configurations" {
+	value = "${join(",", azurerm_subnet.private.ip_configurations)}"
+}
\ No newline at end of file

From d7412d95f962dcf49ca4266e76c8bdf6576f049f Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Tue, 17 May 2016 17:01:03 +0100
Subject: [PATCH 28/53] Fix format issues

---
 terraform/azurerm/private-cloud/bastion-server.tf | 9 ++++-----
 terraform/azurerm/private-cloud/mesos-masters.tf  | 4 ++--
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/terraform/azurerm/private-cloud/bastion-server.tf b/terraform/azurerm/private-cloud/bastion-server.tf
index eb3af2ad..d8a78011 100644
--- a/terraform/azurerm/private-cloud/bastion-server.tf
+++ b/terraform/azurerm/private-cloud/bastion-server.tf
@@ -75,13 +75,12 @@ resource "azurerm_virtual_machine" "bastion" {
 	}
 
 	# Do some early bootstrapping of the CoreOS machines. This will install
-  
+
 	# python and pip so we can use as the ansible_python_interpreter in our playbooks
-  
+
 	provisioner "file" {
-    
-		source      = "../../scripts/coreos" 
-     		destination = "/tmp  
+		source = "../../scripts/coreos"
+		destination = "/tmp
 	}
 
 	provisioner "remote-exec" {
diff --git a/terraform/azurerm/private-cloud/mesos-masters.tf b/terraform/azurerm/private-cloud/mesos-masters.tf
index 4452f7f5..3b99240f 100644
--- a/terraform/azurerm/private-cloud/mesos-masters.tf
+++ b/terraform/azurerm/private-cloud/mesos-masters.tf
@@ -84,8 +84,8 @@ resource "azurerm_virtual_machine" "mesos_master" {
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
    	provisioner "file" {
     
-		source      = "../../scripts/coreos" 
-     		destination = "/tmp  
+		source      = "../../scripts/coreos"
+		destination = "/tmp  
 	}
 
 	provisioner "remote-exec" { 

From 0af0c9d512ba29c5d77732e285a2f8531508269c Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Tue, 17 May 2016 17:02:54 +0100
Subject: [PATCH 29/53] Fix format issues

---
 terraform/azurerm/private-cloud/bastion-server.tf | 2 --
 terraform/azurerm/private-cloud/mesos-agents.tf   | 1 -
 terraform/azurerm/private-cloud/mesos-masters.tf  | 1 -
 3 files changed, 4 deletions(-)

diff --git a/terraform/azurerm/private-cloud/bastion-server.tf b/terraform/azurerm/private-cloud/bastion-server.tf
index d8a78011..64fb73fa 100644
--- a/terraform/azurerm/private-cloud/bastion-server.tf
+++ b/terraform/azurerm/private-cloud/bastion-server.tf
@@ -75,9 +75,7 @@ resource "azurerm_virtual_machine" "bastion" {
 	}
 
 	# Do some early bootstrapping of the CoreOS machines. This will install
-
 	# python and pip so we can use as the ansible_python_interpreter in our playbooks
-
 	provisioner "file" {
 		source = "../../scripts/coreos"
 		destination = "/tmp
diff --git a/terraform/azurerm/private-cloud/mesos-agents.tf b/terraform/azurerm/private-cloud/mesos-agents.tf
index 8b9c4bc9..f311b908 100644
--- a/terraform/azurerm/private-cloud/mesos-agents.tf
+++ b/terraform/azurerm/private-cloud/mesos-agents.tf
@@ -83,7 +83,6 @@ resource "azurerm_virtual_machine" "mesos_agent" {
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
    	provisioner "file" {
-    
 		source      = "../../scripts/coreos" 
      		destination = "/tmp  
 	}
diff --git a/terraform/azurerm/private-cloud/mesos-masters.tf b/terraform/azurerm/private-cloud/mesos-masters.tf
index 3b99240f..0326cb95 100644
--- a/terraform/azurerm/private-cloud/mesos-masters.tf
+++ b/terraform/azurerm/private-cloud/mesos-masters.tf
@@ -83,7 +83,6 @@ resource "azurerm_virtual_machine" "mesos_master" {
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
    	provisioner "file" {
-    
 		source      = "../../scripts/coreos"
 		destination = "/tmp  
 	}

From 712d6302c30cc3c94f821bc6e2ccd888967a72a7 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Wed, 18 May 2016 17:36:01 +0100
Subject: [PATCH 30/53] Update to create bastion security group

---
 .../private-cloud/bastion-security-group.tf   | 63 +++++++++++++++++++
 .../azurerm/private-cloud/bastion-server.tf   | 36 ++++-------
 .../azurerm/private-cloud/mesos-agents.tf     |  6 +-
 .../azurerm/private-cloud/mesos-masters.tf    | 38 +++++------
 .../private-cloud/network-security-group.tf   | 44 ++++---------
 terraform/azurerm/private-cloud/storage.tf    |  2 +-
 terraform/azurerm/private-cloud/variables.tf  | 15 ++---
 7 files changed, 119 insertions(+), 85 deletions(-)
 create mode 100644 terraform/azurerm/private-cloud/bastion-security-group.tf

diff --git a/terraform/azurerm/private-cloud/bastion-security-group.tf b/terraform/azurerm/private-cloud/bastion-security-group.tf
new file mode 100644
index 00000000..bd851209
--- /dev/null
+++ b/terraform/azurerm/private-cloud/bastion-security-group.tf
@@ -0,0 +1,63 @@
+#Create Network Security Group
+resource "azurerm_network_security_group" "bastion_security_group" {
+	name = "AzureRM_NetworkSecurityGroup"
+	location = "${var.region}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+
+	security_rule {
+		name = "AzureRM_SecurityRuleSSH"
+		priority = 100
+		direction = "Inbound"
+		access = "Allow"
+		protocol = "Tcp"
+		source_port_range = "*"
+		destination_port_range = "22"
+		source_address_prefix = "*"
+		destination_address_prefix = "*"
+	}
+
+	security_rule {
+		name = "AzureRM_SecurityRuleOpenVPN"
+		priority = 101
+		direction = "Inbound"
+		access = "Allow"
+		protocol = "Tcp"
+		source_port_range = "*"
+		destination_port_range = "1194"
+		source_address_prefix = "*"
+		destination_address_prefix = "*"
+	}
+
+	security_rule {
+		name = "AzureRM_SecurityRuleOpenHTTPS"
+		priority = 102
+		direction = "Inbound"
+		access = "Allow"
+		protocol = "Tcp"
+		source_port_range = "*"
+		destination_port_range = "443"
+		source_address_prefix = "*"
+		destination_address_prefix = "*"
+	}
+
+	security_rule {
+		name = "AzureRM_SecurityRuleOpenHTTP"
+		priority = 103
+		direction = "Inbound"
+		access = "Allow"
+		protocol = "Tcp"
+		source_port_range = "*"
+		destination_port_range = "80"
+		source_address_prefix = "*"
+		destination_address_prefix = "*"
+	}
+	
+	tags { 
+		Name = "bastion-apollo-sg" 
+	}
+}
+
+#Output
+output "network_security_group_id" {
+	value = "${azurerm_network_security_group.bastion_security_group.id}"
+}
diff --git a/terraform/azurerm/private-cloud/bastion-server.tf b/terraform/azurerm/private-cloud/bastion-server.tf
index 64fb73fa..9b299e4b 100644
--- a/terraform/azurerm/private-cloud/bastion-server.tf
+++ b/terraform/azurerm/private-cloud/bastion-server.tf
@@ -3,7 +3,7 @@ resource "azurerm_network_interface" "bastion_network_interface" {
 	name = "Bastion_NetworkInterface"
 	location = "${var.region}"
 	resource_group_name = "${azurerm_resource_group.resource_group.name}"
-	network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
+	network_security_group_id = "${azurerm_network_security_group.bastion_security_group.id}"
 
 	ip_configuration {
 		name = "bastionipconfiguration"
@@ -76,34 +76,24 @@ resource "azurerm_virtual_machine" "bastion" {
 
 	# Do some early bootstrapping of the CoreOS machines. This will install
 	# python and pip so we can use as the ansible_python_interpreter in our playbooks
-	provisioner "file" {
-		source = "../../scripts/coreos"
-		destination = "/tmp
+	provisioner "file" { 
+		source	= "../../scripts/coreos" 
+		destination = "/tmp" 
 	}
 
 	provisioner "remote-exec" {
-    
-		inline = [
-      
-			"sudo chmod -R +x /tmp/coreos",
-      
-			"/tmp/coreos/bootstrap.sh",
-      
-			"~/bin/python /tmp/coreos/get-pip.py",
-      
-			"sudo mv /tmp/coreos/runner ~/bin/pip && sudo chmod 0755 ~/bin/pip",
-      
-			"sudo rm -rf /tmp/coreos",
+    	inline = [
+     		"sudo chmod -R +x /tmp/coreos",
+      		"/tmp/coreos/bootstrap.sh",
+      		"~/bin/python /tmp/coreos/get-pip.py",
+      		"sudo mv /tmp/coreos/runner ~/bin/pip && sudo chmod 0755 ~/bin/pip",
+      		"sudo rm -rf /tmp/coreos",
       
 			# Initialize open VPN container and server config     
 			"sudo iptables -t nat -A POSTROUTING -j MASQUERADE",
-      
-			"sudo docker run --name ovpn-data -v /etc/openvpn busybox",
-      
-			"sudo docker run --volumes-from ovpn-data --rm gosuri/openvpn ovpn_genconfig -p ${var.vpc_cidr_block} -u udp://${azurerm_public_ip.bastion_publicip.ip_address}"
-    
-		]
-  
+      		"sudo docker run --name ovpn-data -v /etc/openvpn busybox",
+      		"sudo docker run --volumes-from ovpn-data --rm gosuri/openvpn ovpn_genconfig -p ${var.vpc_cidr_block} -u udp://${azurerm_public_ip.bastion_publicip.ip_address}"
+    	]
 	} 
 }
 
diff --git a/terraform/azurerm/private-cloud/mesos-agents.tf b/terraform/azurerm/private-cloud/mesos-agents.tf
index f311b908..82245f28 100644
--- a/terraform/azurerm/private-cloud/mesos-agents.tf
+++ b/terraform/azurerm/private-cloud/mesos-agents.tf
@@ -82,10 +82,10 @@ resource "azurerm_virtual_machine" "mesos_agent" {
 
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
-   	provisioner "file" {
+	provisioner "file" { 
 		source      = "../../scripts/coreos" 
-     		destination = "/tmp  
-	}
+		destination = "/tmp" 
+	} 
 
 	provisioner "remote-exec" { 
 		inline = [ 
diff --git a/terraform/azurerm/private-cloud/mesos-masters.tf b/terraform/azurerm/private-cloud/mesos-masters.tf
index 0326cb95..76e4149c 100644
--- a/terraform/azurerm/private-cloud/mesos-masters.tf
+++ b/terraform/azurerm/private-cloud/mesos-masters.tf
@@ -70,32 +70,32 @@ resource "azurerm_virtual_machine" "mesos_master" {
      		Name = "apollo-mesos-master-${count.index}" 
      		role = "mesos_masters" 
    	}
-
-   	connection { 
-     		user = "${var.master_server_username}" 
+	
+	connection { 
+     	user = "${var.master_server_username}" 
 		host = "${element(azurerm_network_interface.master_network_interface.*.private_ip_address, count.index)}"
-     		private_key = "${file("${var.ssh_private_key_file}")}" # openssh format
-     		bastion_host = "${azurerm_public_ip.bastion_publicip.ip_address}"
+     	private_key = "${file("${var.ssh_private_key_file}")}" # openssh format
+     	bastion_host = "${azurerm_public_ip.bastion_publicip.ip_address}"
 		bastion_user = "${var.bastion_server_username}"
-     		bastion_private_key = "${file("${var.ssh_private_key_file}")}" # openssh format
+     	bastion_private_key = "${file("${var.ssh_private_key_file}")}" # openssh format
 	}
-	
+
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
-   	provisioner "file" {
-		source      = "../../scripts/coreos"
-		destination = "/tmp  
-	}
+	provisioner "file" { 
+		source      = "../../scripts/coreos" 
+		destination = "/tmp" 
+	} 
 
 	provisioner "remote-exec" { 
-     		inline = [ 
-       			"sudo chmod -R +x /tmp/coreos", 
-       			"/tmp/coreos/bootstrap.sh", 
-       			"~/bin/python /tmp/coreos/get-pip.py", 
-       			"sudo mv /tmp/coreos/runner ~/bin/pip && sudo chmod 0755 ~/bin/pip", 
-       			"sudo rm -rf /tmp/coreos" 
-     		] 
-   	}
+		inline = [ 
+			"sudo chmod -R +x /tmp/coreos", 
+			"/tmp/coreos/bootstrap.sh", 
+			"~/bin/python /tmp/coreos/get-pip.py", 
+			"sudo mv /tmp/coreos/runner ~/bin/pip && sudo chmod 0755 ~/bin/pip", 
+			"sudo rm -rf /tmp/coreos" 
+		] 
+	}
 }
 
 # Mesos master network interface outputs
diff --git a/terraform/azurerm/private-cloud/network-security-group.tf b/terraform/azurerm/private-cloud/network-security-group.tf
index bcde1e09..d77f322b 100644
--- a/terraform/azurerm/private-cloud/network-security-group.tf
+++ b/terraform/azurerm/private-cloud/network-security-group.tf
@@ -1,56 +1,36 @@
 #Create Network Security Group
 resource "azurerm_network_security_group" "network_security_group" {
-	name = "AzureRM_NetworkSecurityGroup"
+	name = "AzureRM_BastionNetworkSecurityGroup"
 	location = "${var.region}"
 	resource_group_name = "${azurerm_resource_group.resource_group.name}"
 
 	security_rule {
-		name = "AzureRM_SecurityRuleSSH"
+		name = "AzureRM_SecurityRuleInbound"
 		priority = 100
 		direction = "Inbound"
 		access = "Allow"
-		protocol = "Tcp"
+		protocol = "*"
 		source_port_range = "*"
-		destination_port_range = "22"
+		destination_port_range = "*"
 		source_address_prefix = "*"
 		destination_address_prefix = "*"
 	}
 
 	security_rule {
-		name = "AzureRM_SecurityRuleOpenVPN"
+		name = "AzureRM_SecurityRuleOutbound"
 		priority = 101
-		direction = "Inbound"
-		access = "Allow"
-		protocol = "Tcp"
-		source_port_range = "*"
-		destination_port_range = "1194"
-		source_address_prefix = "*"
-		destination_address_prefix = "*"
-	}
-
-	security_rule {
-		name = "AzureRM_SecurityRuleOpenHTTPS"
-		priority = 102
-		direction = "Inbound"
-		access = "Allow"
-		protocol = "Tcp"
-		source_port_range = "*"
-		destination_port_range = "443"
-		source_address_prefix = "*"
-		destination_address_prefix = "*"
-	}
-
-	security_rule {
-		name = "AzureRM_SecurityRuleOpenHTTP"
-		priority = 103
-		direction = "Inbound"
+		direction = "Outbound"
 		access = "Allow"
-		protocol = "Tcp"
+		protocol = "*"
 		source_port_range = "*"
-		destination_port_range = "80"
+		destination_port_range = "*"
 		source_address_prefix = "*"
 		destination_address_prefix = "*"
 	}
+	
+	tags { 
+		Name = "default-apollo-sg" 
+	} 
 }
 
 #Output
diff --git a/terraform/azurerm/private-cloud/storage.tf b/terraform/azurerm/private-cloud/storage.tf
index 3aa64e7b..04b282e6 100644
--- a/terraform/azurerm/private-cloud/storage.tf
+++ b/terraform/azurerm/private-cloud/storage.tf
@@ -9,10 +9,10 @@ resource "azurerm_storage_account" "storage_account" {
 # Create storage container
 resource "azurerm_storage_container" "storage_container" {
 	name = "${var.storage_container_name}"
+	depends_on = ["azurerm_storage_account.storage_account"]
 	resource_group_name = "${azurerm_resource_group.resource_group.name}"
 	storage_account_name = "${azurerm_storage_account.storage_account.name}"
 	container_access_type = "private"
-	depends_on = ["azurerm_storage_account.storage_account"]
 }
 
 # Storage Account Output
diff --git a/terraform/azurerm/private-cloud/variables.tf b/terraform/azurerm/private-cloud/variables.tf
index bcea32e9..d1dbf583 100644
--- a/terraform/azurerm/private-cloud/variables.tf
+++ b/terraform/azurerm/private-cloud/variables.tf
@@ -35,17 +35,18 @@ variable "public_subnet_cidr_block" {
 } 
 
 variable "storage_account_name" { 
-    	description = "Storage account name" 
-    	default = "mesosimages" 
+	description = "Storage account name" 
+	default = "mesosimages" 
 } 
 
+# I.E. Standard_GRS
 variable "storage_account_type" { 
-    	description = "Storage account type" 
+	description = "Storage account type" 
 }
 
 variable "storage_container_name" { 
-    	description = "Storage container name" 
-    	default = "mesosimages-container" 
+	description = "Storage container name" 
+	default = "mesosimages-container" 
 } 
 
 variable "artifact_bastion" { 
@@ -128,11 +129,11 @@ variable "docker_version" {
 } 
 
 variable "ssh_public_key_file" { 
-	description = "Public key required to connect via ssh"
+	description = "Public key file path required to connect via ssh"
 } 
 
 variable "ssh_private_key_file" { 
-	description = "Public key required to connect via ssh"
+	description = "Public key file path required to connect via ssh"
 } 
 
 variable "etcd_discovery_url_file" { 

From cf8eb3fea5d12d1f9b5c4ad6c06a162094220f3b Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Wed, 18 May 2016 17:38:47 +0100
Subject: [PATCH 31/53] Fix formatting

---
 terraform/azurerm/private-cloud/mesos-agents.tf  | 2 +-
 terraform/azurerm/private-cloud/mesos-masters.tf | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/azurerm/private-cloud/mesos-agents.tf b/terraform/azurerm/private-cloud/mesos-agents.tf
index 82245f28..31349910 100644
--- a/terraform/azurerm/private-cloud/mesos-agents.tf
+++ b/terraform/azurerm/private-cloud/mesos-agents.tf
@@ -83,7 +83,7 @@ resource "azurerm_virtual_machine" "mesos_agent" {
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
 	provisioner "file" { 
-		source      = "../../scripts/coreos" 
+		source = "../../scripts/coreos" 
 		destination = "/tmp" 
 	} 
 
diff --git a/terraform/azurerm/private-cloud/mesos-masters.tf b/terraform/azurerm/private-cloud/mesos-masters.tf
index 76e4149c..adc789ef 100644
--- a/terraform/azurerm/private-cloud/mesos-masters.tf
+++ b/terraform/azurerm/private-cloud/mesos-masters.tf
@@ -83,7 +83,7 @@ resource "azurerm_virtual_machine" "mesos_master" {
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
 	provisioner "file" { 
-		source      = "../../scripts/coreos" 
+		source = "../../scripts/coreos" 
 		destination = "/tmp" 
 	} 
 

From 0ebb252e1ac3e0dfdf817cb09b2e236185e69979 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Wed, 18 May 2016 17:41:44 +0100
Subject: [PATCH 32/53] Fix formatting

---
 terraform/azurerm/private-cloud/bastion-server.tf |  2 +-
 terraform/azurerm/private-cloud/mesos-masters.tf  | 12 ++++++------
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/terraform/azurerm/private-cloud/bastion-server.tf b/terraform/azurerm/private-cloud/bastion-server.tf
index 9b299e4b..d63fdcf4 100644
--- a/terraform/azurerm/private-cloud/bastion-server.tf
+++ b/terraform/azurerm/private-cloud/bastion-server.tf
@@ -93,7 +93,7 @@ resource "azurerm_virtual_machine" "bastion" {
 			"sudo iptables -t nat -A POSTROUTING -j MASQUERADE",
       		"sudo docker run --name ovpn-data -v /etc/openvpn busybox",
       		"sudo docker run --volumes-from ovpn-data --rm gosuri/openvpn ovpn_genconfig -p ${var.vpc_cidr_block} -u udp://${azurerm_public_ip.bastion_publicip.ip_address}"
-    	]
+		]
 	} 
 }
 
diff --git a/terraform/azurerm/private-cloud/mesos-masters.tf b/terraform/azurerm/private-cloud/mesos-masters.tf
index adc789ef..24969243 100644
--- a/terraform/azurerm/private-cloud/mesos-masters.tf
+++ b/terraform/azurerm/private-cloud/mesos-masters.tf
@@ -67,17 +67,17 @@ resource "azurerm_virtual_machine" "mesos_master" {
 	}
 
 	tags { 
-     		Name = "apollo-mesos-master-${count.index}" 
-     		role = "mesos_masters" 
+		Name = "apollo-mesos-master-${count.index}" 
+		role = "mesos_masters" 
    	}
 	
 	connection { 
-     	user = "${var.master_server_username}" 
+		user = "${var.master_server_username}" 
 		host = "${element(azurerm_network_interface.master_network_interface.*.private_ip_address, count.index)}"
-     	private_key = "${file("${var.ssh_private_key_file}")}" # openssh format
-     	bastion_host = "${azurerm_public_ip.bastion_publicip.ip_address}"
+		private_key = "${file("${var.ssh_private_key_file}")}" # openssh format
+		bastion_host = "${azurerm_public_ip.bastion_publicip.ip_address}"
 		bastion_user = "${var.bastion_server_username}"
-     	bastion_private_key = "${file("${var.ssh_private_key_file}")}" # openssh format
+		bastion_private_key = "${file("${var.ssh_private_key_file}")}" # openssh format
 	}
 
 	# Do some early bootstrapping of the CoreOS machines. This will install 

From 2f65fa91e289eaa28df9db441b21b31e2870ae74 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Mon, 23 May 2016 08:13:23 +0100
Subject: [PATCH 33/53] Addition of public azure infrastructure

---
 .../public-cloud/agent-cloud-config.yml.tpl   |  48 ++++++
 .../public-cloud/master-cloud-config.yml.tpl  |  19 +++
 .../public-cloud/mesos-agent-publicips.tf     |   8 +
 .../mesos-agents-availability-set.tf          |  11 ++
 .../azurerm/public-cloud/mesos-agents.tf      | 104 +++++++++++++
 .../public-cloud/mesos-master-publicips.tf    |   8 +
 .../mesos-masters-availability-set.tf         |  11 ++
 .../azurerm/public-cloud/mesos-masters.tf     | 103 +++++++++++++
 .../public-cloud/network-security-group.tf    |  39 +++++
 terraform/azurerm/public-cloud/provider.tf    |   9 ++
 .../azurerm/public-cloud/resource-group.tf    |  10 ++
 terraform/azurerm/public-cloud/storage.tf     |  66 ++++++++
 .../template_file.etcd_discovery_url.tf       |  12 ++
 terraform/azurerm/public-cloud/variables.tf   | 141 ++++++++++++++++++
 .../public-cloud/virtual-network-subnets.tf   |  17 +++
 .../azurerm/public-cloud/virtual-network.tf   |  12 ++
 16 files changed, 618 insertions(+)
 create mode 100644 terraform/azurerm/public-cloud/agent-cloud-config.yml.tpl
 create mode 100644 terraform/azurerm/public-cloud/master-cloud-config.yml.tpl
 create mode 100644 terraform/azurerm/public-cloud/mesos-agent-publicips.tf
 create mode 100644 terraform/azurerm/public-cloud/mesos-agents-availability-set.tf
 create mode 100644 terraform/azurerm/public-cloud/mesos-agents.tf
 create mode 100644 terraform/azurerm/public-cloud/mesos-master-publicips.tf
 create mode 100644 terraform/azurerm/public-cloud/mesos-masters-availability-set.tf
 create mode 100644 terraform/azurerm/public-cloud/mesos-masters.tf
 create mode 100644 terraform/azurerm/public-cloud/network-security-group.tf
 create mode 100644 terraform/azurerm/public-cloud/provider.tf
 create mode 100644 terraform/azurerm/public-cloud/resource-group.tf
 create mode 100644 terraform/azurerm/public-cloud/storage.tf
 create mode 100644 terraform/azurerm/public-cloud/template_file.etcd_discovery_url.tf
 create mode 100644 terraform/azurerm/public-cloud/variables.tf
 create mode 100644 terraform/azurerm/public-cloud/virtual-network-subnets.tf
 create mode 100644 terraform/azurerm/public-cloud/virtual-network.tf

diff --git a/terraform/azurerm/public-cloud/agent-cloud-config.yml.tpl b/terraform/azurerm/public-cloud/agent-cloud-config.yml.tpl
new file mode 100644
index 00000000..d47f1372
--- /dev/null
+++ b/terraform/azurerm/public-cloud/agent-cloud-config.yml.tpl
@@ -0,0 +1,48 @@
+#cloud-config
+
+coreos:
+  units:
+    - name: format-ebs-volume.service
+      command: start
+      content: |
+        [Unit]
+        Description=Formats the ebs volume if needed
+        Before=docker.service
+        [Service]
+        Type=oneshot
+        RemainAfterExit=yes
+        ExecStart=/bin/bash -c '(/usr/sbin/blkid -t TYPE=ext4 | grep /dev/xvdb) || (/usr/sbin/wipefs -fa /dev/xvdb && /usr/sbin/mkfs.ext4 /dev/xvdb)'
+    - name: var-lib-docker.mount
+      command: start
+      content: |
+        [Unit]
+        Description=Mount ephemeral to /var/lib/docker
+        Requires=format-ebs-volume.service
+        After=format-ebs-volume.service
+        [Mount]
+        What=/dev/xvdb
+        Where=/var/lib/docker
+        Type=ext4
+    - name: docker.service
+      drop-ins:
+        - name: 10-wait-docker.conf
+          content: |
+            [Unit]
+            After=var-lib-docker.mount
+            Requires=var-lib-docker.mount
+  etcd2:
+    proxy: on
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    discovery: ${etcd_discovery_url}
+  fleet:
+    metadata: "role=agent,region=${region}"
+    public-ip: "$public_ipv4"
+    etcd_servers: "http://localhost:2379"
+  locksmith:
+    endpoint: "http://localhost:2379"
+  units:
+    - name: etcd2.service
+      command: start
+  update:
+    reboot-strategy: best-effort
+manage_etc_hosts: localhost
\ No newline at end of file
diff --git a/terraform/azurerm/public-cloud/master-cloud-config.yml.tpl b/terraform/azurerm/public-cloud/master-cloud-config.yml.tpl
new file mode 100644
index 00000000..e1041f43
--- /dev/null
+++ b/terraform/azurerm/public-cloud/master-cloud-config.yml.tpl
@@ -0,0 +1,19 @@
+#cloud-config
+
+coreos:
+  etcd2:
+    # $public_ipv4 and $private_ipv4 are populated by the cloud provider
+    advertise-client-urls: http://$public_ipv4:2379
+    initial-advertise-peer-urls: http://$private_ipv4:2380
+    listen-client-urls: http://0.0.0.0:2379,http://0.0.0.0:4001
+    listen-peer-urls: http://$private_ipv4:2380,http://$private_ipv4:7001
+    discovery: ${etcd_discovery_url}
+  fleet:
+    metadata: "role=master,region=${region}"
+    public-ip: "$public_ipv4"
+  units:
+    - name: etcd2.service
+      command: start
+  update:
+    reboot-strategy: best-effort
+manage_etc_hosts: localhost
\ No newline at end of file
diff --git a/terraform/azurerm/public-cloud/mesos-agent-publicips.tf b/terraform/azurerm/public-cloud/mesos-agent-publicips.tf
new file mode 100644
index 00000000..f23960f8
--- /dev/null
+++ b/terraform/azurerm/public-cloud/mesos-agent-publicips.tf
@@ -0,0 +1,8 @@
+#Create Public IP Address for agent servers
+resource "azurerm_public_ip" "agent_publicip" {
+	name = "AgentPublicIp-${count.index}" 
+	count = "${var.agent_count}" 
+	location = "${var.region}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	public_ip_address_allocation = "static"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/public-cloud/mesos-agents-availability-set.tf b/terraform/azurerm/public-cloud/mesos-agents-availability-set.tf
new file mode 100644
index 00000000..8e5c8c46
--- /dev/null
+++ b/terraform/azurerm/public-cloud/mesos-agents-availability-set.tf
@@ -0,0 +1,11 @@
+# Create an availability set for agent servers
+resource "azurerm_availability_set" "agent" {
+	name = "Agent_AvailabilitySet" 
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	location = "${var.region}"
+}
+
+# Mesos agent availability set outputs
+output "mesos_agent_virtual_machine_ids" {
+	value = "${azurerm_availability_set.agent.id}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/public-cloud/mesos-agents.tf b/terraform/azurerm/public-cloud/mesos-agents.tf
new file mode 100644
index 00000000..c31fb39f
--- /dev/null
+++ b/terraform/azurerm/public-cloud/mesos-agents.tf
@@ -0,0 +1,104 @@
+# Create a network interface for agent server
+resource "azurerm_network_interface" "agent_network_interface" {
+	name = "Agent_NetworkInterface-${count.index}" 
+	count = "${var.agent_count}"
+	location = "${var.region}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
+
+	ip_configuration {
+		name = "agentipconfiguration-${count.index}"
+		subnet_id = "${element(azurerm_subnet.public.*.id, count.index)}"
+		private_ip_address_allocation = "dynamic"
+		public_ip_address_id = "${azurerm_public_ip.agent_publicip.id}"
+	}
+}
+
+# User profile template
+resource "template_file" "agent_cloud_init" { 
+	template = "${file("agent-cloud-config.yml.tpl")}" 
+	depends_on = ["template_file.etcd_discovery_url"] 
+	vars { 
+		etcd_discovery_url = "${file(var.etcd_discovery_url_file)}" 
+		size = "${var.master_count}" 
+		vpc_cidr_block = "${var.vpc_cidr_block}" 
+		region = "${var.region}" 
+	} 
+}
+
+# Agent server
+resource "azurerm_virtual_machine" "mesos_agent" {
+	name = "apollo-mesos-agent-${count.index}"
+	count = "${var.agent_count}"
+	location = "${var.region}"
+	availability_set_id = "${azurerm_availability_set.agent.id}"
+	depends_on = ["azurerm_virtual_machine.mesos_master"]
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	network_interface_ids = ["${element(azurerm_network_interface.agent_network_interface.*.id, count.index)}"] 
+	vm_size = "${var.instance_type.agent}"
+
+	storage_image_reference {
+		publisher = "${var.artifact_agent.publisher}"
+		offer = "${var.artifact_agent.offer}"
+		sku = "${var.artifact_agent.sku}"
+		version = "${var.artifact_agent.version}"	
+	}
+	
+	storage_os_disk {
+        	name = "agentdisk${count.index}"
+        	vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/agentdisk-${count.index}.vhd"
+        	caching = "ReadWrite"
+        	create_option = "FromImage"
+    	}
+
+    	os_profile {
+			computer_name = "Mesos-Agent-${count.index}"
+    		admin_username = "${var.agent_server_username}"
+    		admin_password = "${var.agent_server_password}"
+			custom_data = "${base64encode(template_file.agent_cloud_init.rendered)}"
+    	}
+
+    	os_profile_linux_config {
+			disable_password_authentication = true
+		
+		ssh_keys {
+			path = "/home/${var.agent_server_username}/.ssh/authorized_keys"
+			key_data = "${file("${var.ssh_public_key_file}")}" # openssh format 
+		}
+    }
+
+	tags = { 
+		Name = "apollo-mesos-agent-${count.index}" 
+		role = "mesos_agents" 
+	} 
+}
+
+# Mesos agent network interface outputs
+output "mesos_agent_network_interface_ids" {
+	value = "${join(",", azurerm_network_interface.agent_network_interface.*.id)}"
+}
+
+output "mesos_agent_network_interface_macaddresses" {
+	value = "${join(",", azurerm_network_interface.agent_network_interface.*.mac_address)}"
+}
+
+output "mesos_agent_network_interface_privateipaddresses" {
+	value = "${join(",", azurerm_network_interface.agent_network_interface.*.private_ip_address)}"
+}
+
+output "mesos_agent_network_interface_virtualmachineids" {
+	value = "${join(",", azurerm_network_interface.agent_network_interface.*.virtual_machine_id)}"
+}
+
+output "mesos_agent_network_interface_applieddnsservers" {
+	value = "${join(",", azurerm_network_interface.agent_network_interface.*.applied_dns_servers)}"
+}
+
+output "mesos_agent_network_interface_internalfqdns" {
+	value = "${join(",", azurerm_network_interface.agent_network_interface.*.internal_fqdn)}"
+}
+
+# Mesos agent virtual machine outputs
+output "mesos_agent_virtual_machine_ids" {
+	value = "${join(",", azurerm_virtual_machine.mesos_agent.*.id)}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/public-cloud/mesos-master-publicips.tf b/terraform/azurerm/public-cloud/mesos-master-publicips.tf
new file mode 100644
index 00000000..0cdb1286
--- /dev/null
+++ b/terraform/azurerm/public-cloud/mesos-master-publicips.tf
@@ -0,0 +1,8 @@
+#Create Public IP Address for master servers
+resource "azurerm_public_ip" "master_publicip" {
+	name = "MasterPublicIp-${count.index}" 
+	count = "${var.master_count}" 
+	location = "${var.region}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	public_ip_address_allocation = "static"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/public-cloud/mesos-masters-availability-set.tf b/terraform/azurerm/public-cloud/mesos-masters-availability-set.tf
new file mode 100644
index 00000000..2f4f674a
--- /dev/null
+++ b/terraform/azurerm/public-cloud/mesos-masters-availability-set.tf
@@ -0,0 +1,11 @@
+# Create an availability set for master servers
+resource "azurerm_availability_set" "master" {
+	name = "Master_AvailabilitySet" 
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	location = "${var.region}"
+}
+
+# Mesos master availability set outputs
+output "mesos_master_virtual_machine_ids" {
+	value = "${azurerm_availability_set.master.id}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/public-cloud/mesos-masters.tf b/terraform/azurerm/public-cloud/mesos-masters.tf
new file mode 100644
index 00000000..c61135f5
--- /dev/null
+++ b/terraform/azurerm/public-cloud/mesos-masters.tf
@@ -0,0 +1,103 @@
+# Create a network interface for master server
+resource "azurerm_network_interface" "master_network_interface" {
+	name = "Master_NetworkInterface-${count.index}" 
+	count = "${var.master_count}"
+	location = "${var.region}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	network_security_group_id = "${azurerm_network_security_group.network_security_group.id}"
+
+	ip_configuration {
+		name = "masteripconfiguration-${count.index}"
+		subnet_id = "${element(azurerm_subnet.public.*.id, count.index)}"
+		private_ip_address_allocation = "dynamic"
+		public_ip_address_id = "${azurerm_public_ip.master_publicip.id}"
+	}
+}
+
+# User profile template
+resource "template_file" "master_cloud_init" { 
+	template = "${file("master-cloud-config.yml.tpl")}" 
+	depends_on = ["template_file.etcd_discovery_url"] 
+	vars { 
+		etcd_discovery_url = "${file(var.etcd_discovery_url_file)}" 
+		size = "${var.master_count}" 
+		vpc_cidr_block = "${var.vpc_cidr_block}" 
+		region = "${var.region}" 
+	} 
+}
+
+# Master server
+resource "azurerm_virtual_machine" "mesos_master" {
+	name = "apollo-mesos-master-${count.index}"
+	count = "${var.master_count}"
+	location = "${var.region}"
+	availability_set_id = "${azurerm_availability_set.master.id}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	network_interface_ids = ["${element(azurerm_network_interface.master_network_interface.*.id, count.index)}"] 
+	vm_size = "${var.instance_type.master}"
+
+	storage_image_reference {
+		publisher = "${var.artifact_master.publisher}"
+		offer = "${var.artifact_master.offer}"
+		sku = "${var.artifact_master.sku}"
+		version = "${var.artifact_master.version}"
+	}
+
+	storage_os_disk {
+		name = "masterdisk${count.index}"
+		vhd_uri = "${azurerm_storage_account.storage_account.primary_blob_endpoint}${azurerm_storage_container.storage_container.name}/masterdisk-${count.index}.vhd"
+		caching = "ReadWrite"
+		create_option = "FromImage"
+	}
+
+	os_profile {
+		computer_name = "apollo-mesos-master-${count.index}"
+		admin_username = "${var.master_server_username}"
+		admin_password = "${var.master_server_password}"
+		custom_data = "${base64encode(template_file.master_cloud_init.rendered)}"
+	}
+
+	os_profile_linux_config {
+		disable_password_authentication = true
+		
+		ssh_keys {
+			path = "/home/${var.master_server_username}/.ssh/authorized_keys"
+			key_data = "${file("${var.ssh_public_key_file}")}" # openssh format 
+		}
+	}
+
+	tags { 
+     	Name = "apollo-mesos-master-${count.index}" 
+     	role = "mesos_masters" 
+   	}
+}
+
+# Mesos master network interface outputs
+output "mesos_master_network_interface_ids" {
+	value = "${join(",", azurerm_network_interface.master_network_interface.*.id)}"
+}
+
+output "mesos_master_network_interface_macaddresses" {
+	value = "${join(",", azurerm_network_interface.master_network_interface.*.mac_address)}"
+}
+
+output "mesos_master_network_interface_privateipaddresses" {
+	value = "${join(",", azurerm_network_interface.master_network_interface.*.private_ip_address)}"
+}
+
+output "mesos_master_network_interface_virtualmachineids" {
+	value = "${join(",", azurerm_network_interface.master_network_interface.*.virtual_machine_id)}"
+}
+
+output "mesos_master_network_interface_applieddnsservers" {
+	value = "${join(",", azurerm_network_interface.master_network_interface.*.applied_dns_servers)}"
+}
+
+output "mesos_master_network_interface_internalfqdns" {
+	value = "${join(",", azurerm_network_interface.master_network_interface.*.internal_fqdn)}"
+}
+
+# Mesos master virtual machine outputs
+output "mesos_master_virtual_machine_ids" {
+	value = "${join(",", azurerm_virtual_machine.mesos_master.*.id)}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/public-cloud/network-security-group.tf b/terraform/azurerm/public-cloud/network-security-group.tf
new file mode 100644
index 00000000..e0b56035
--- /dev/null
+++ b/terraform/azurerm/public-cloud/network-security-group.tf
@@ -0,0 +1,39 @@
+#Create Network Security Group
+resource "azurerm_network_security_group" "network_security_group" {
+	name = "AzureRM_NetworkSecurityGroup"
+	location = "${var.region}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+
+	security_rule {
+		name = "AzureRM_SecurityRuleInbound"
+		priority = 100
+		direction = "Inbound"
+		access = "Allow"
+		protocol = "*"
+		source_port_range = "*"
+		destination_port_range = "*"
+		source_address_prefix = "*"
+		destination_address_prefix = "*"
+	}
+
+	security_rule {
+		name = "AzureRM_SecurityRuleOutbound"
+		priority = 101
+		direction = "Outbound"
+		access = "Allow"
+		protocol = "*"
+		source_port_range = "*"
+		destination_port_range = "*"
+		source_address_prefix = "*"
+		destination_address_prefix = "*"
+	}
+	
+	tags { 
+		Name = "default-apollo-sg" 
+	} 
+}
+
+#Output
+output "network_security_group_id" {
+	value = "${azurerm_network_security_group.network_security_group.id}"
+}
diff --git a/terraform/azurerm/public-cloud/provider.tf b/terraform/azurerm/public-cloud/provider.tf
new file mode 100644
index 00000000..66fd5ba1
--- /dev/null
+++ b/terraform/azurerm/public-cloud/provider.tf
@@ -0,0 +1,9 @@
+/* Configure auth 2 resource manager authentication. This requires an aplication to be set up in Azure, see
+https://www.terraform.io/docs/providers/azurerm/index.html fo details. */
+
+provider "azurerm" {
+	subscription_id = "${var.subscription_id}"
+	client_id       = "${var.client_id}"
+	client_secret   = "${var.client_secret}"
+	tenant_id       = "${var.tenant_id}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/public-cloud/resource-group.tf b/terraform/azurerm/public-cloud/resource-group.tf
new file mode 100644
index 00000000..75be4923
--- /dev/null
+++ b/terraform/azurerm/public-cloud/resource-group.tf
@@ -0,0 +1,10 @@
+# Create a resource group
+resource "azurerm_resource_group" "resource_group" {
+	name     = "AzureRM-Resource-Group"
+	location = "${var.region}"
+}
+
+#Output
+output "resource_group_id" {
+	value = "${azurerm_resource_group.resource_group.id}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/public-cloud/storage.tf b/terraform/azurerm/public-cloud/storage.tf
new file mode 100644
index 00000000..3aa64e7b
--- /dev/null
+++ b/terraform/azurerm/public-cloud/storage.tf
@@ -0,0 +1,66 @@
+# Create a storage account
+resource "azurerm_storage_account" "storage_account" {
+	name = "${var.storage_account_name}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	location = "${var.region}"
+	account_type = "${var.storage_account_type}"
+}
+
+# Create storage container
+resource "azurerm_storage_container" "storage_container" {
+	name = "${var.storage_container_name}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	storage_account_name = "${azurerm_storage_account.storage_account.name}"
+	container_access_type = "private"
+	depends_on = ["azurerm_storage_account.storage_account"]
+}
+
+# Storage Account Output
+output "storage_account_id" {
+	value = "${azurerm_storage_account.storage_account.id}"
+}
+
+output "storage_account_primary_location" {
+	value = "${azurerm_storage_account.storage_account.primary_location}"
+}
+
+output "storage_account_secondary_location" {
+	value = "${azurerm_storage_account.storage_account.secondary_location}"
+}
+
+output "storage_account_primary_blob_endpoint" {
+	value = "${azurerm_storage_account.storage_account.primary_blob_endpoint}"
+}
+
+output "storage_account_secondary_blob_endpoint" {
+	value = "${azurerm_storage_account.storage_account.secondary_blob_endpoint}"
+}
+
+output "storage_account_primary_queue_endpoint" {
+	value = "${azurerm_storage_account.storage_account.primary_queue_endpoint}"
+}
+
+output "storage_account_secondary_queue_endpoint" {
+	value = "${azurerm_storage_account.storage_account.secondary_queue_endpoint}"
+}
+
+output "storage_account_primary_table_endpoint" {
+	value = "${azurerm_storage_account.storage_account.primary_table_endpoint}"
+}
+
+output "storage_account_secondary_table_endpoint" {
+	value = "${azurerm_storage_account.storage_account.secondary_table_endpoint}"
+}
+
+output "storage_account_primary_file_endpoint" {
+	value = "${azurerm_storage_account.storage_account.primary_file_endpoint}"
+}
+
+# Storage Container Output
+output "storage_container_id" {
+	value = "${azurerm_storage_container.storage_container.id}"
+}
+
+output "storage_container_properties" {
+	value = "${azurerm_storage_container.storage_container.properties}"
+}
diff --git a/terraform/azurerm/public-cloud/template_file.etcd_discovery_url.tf b/terraform/azurerm/public-cloud/template_file.etcd_discovery_url.tf
new file mode 100644
index 00000000..631cc0bb
--- /dev/null
+++ b/terraform/azurerm/public-cloud/template_file.etcd_discovery_url.tf
@@ -0,0 +1,12 @@
+# Generate an etcd URL for the cluster 
+resource "template_file" "etcd_discovery_url" { 
+	# template = "${file(/dev/null)}" 
+	provisioner "local-exec" { 
+		command = "curl https://discovery.etcd.io/new?size=${var.master_count} > ${var.etcd_discovery_url_file}" 
+	} 
+	
+	# This will regenerate the discovery URL if the cluster size changes, we include the bastion here 
+   	vars { 
+		size = "${var.master_count}" 
+   	} 
+} 
diff --git a/terraform/azurerm/public-cloud/variables.tf b/terraform/azurerm/public-cloud/variables.tf
new file mode 100644
index 00000000..c3b62af8
--- /dev/null
+++ b/terraform/azurerm/public-cloud/variables.tf
@@ -0,0 +1,141 @@
+variable "subscription_id" { 
+	description = "The Azure subscrition identifier (guid)." 
+} 
+
+variable "client_id" { 
+	description = "The oAuth 2 client id. " 
+} 
+
+variable "client_secret" { 
+	description = "The oAuth 2 client secret." 
+}
+
+variable "tenant_id" { 
+	description = "The oAuth 2 tenant id." 
+}
+
+variable "region" { 
+	description = "The deployment azure data centre location." 
+	default = "North Europe"
+}
+
+variable "vpc_cidr_block" { 
+	description = "Cidr block for the VN." 
+	default = "10.0.0.0/16"
+} 
+ 
+variable "private_subnet_cidr_block" { 
+	description = "CIDR for private subnet" 
+	default     = "10.0.1.0/24,10.0.2.0/24,10.0.3.0/24"
+} 
+
+variable "public_subnet_cidr_block" { 
+	description = "CIDR for public subnet" 
+	default     = "10.0.101.0/24,10.0.102.0/24,10.0.103.0/24"
+} 
+
+variable "storage_account_name" { 
+    description = "Storage account name" 
+    default = "mesosimages" 
+} 
+
+# I.E. Standard_GRS
+variable "storage_account_type" { 
+    description = "Storage account type" 
+}
+
+variable "storage_container_name" { 
+    description = "Storage container name" 
+    default = "mesosimages-container" 
+} 
+
+variable "artifact_bastion" { 
+	default = { 
+		publisher = "CoreOS"
+		offer ="CoreOS"
+		"sku" = "Stable"
+		"version" = "latest"	 
+	}
+} 
+
+variable "artifact_master" { 
+	default = { 
+		publisher = "CoreOS"
+		offer ="CoreOS"
+		"sku" = "Stable"
+		"version" = "latest"	 
+	}
+} 
+
+variable "artifact_agent" { 
+	default = { 
+		publisher = "CoreOS"
+		offer ="CoreOS"
+		"sku" = "Stable"
+		"version" = "latest"	 
+	}
+} 
+
+variable "instance_type" { 
+	default = { 
+	bastion = "Standard_A0"
+	master = "Standard_A0" 
+	agent  = "Standard_A0" 
+	} 
+} 
+
+variable "bastion_server_computername" { 
+	description = "Username to access server"
+	default = "bastion"
+} 
+
+variable "bastion_server_username" { 
+	description = "Username to access server"
+} 
+
+variable "bastion_server_password" { 
+	description = "Password to access server"
+} 
+
+variable "master_server_username" { 
+	description = "Username to access master server"
+} 
+
+variable "master_server_password" { 
+	description = "Password to access master server"
+} 
+
+variable "agent_server_username" { 
+	description = "Username to access agent server"
+} 
+
+variable "agent_server_password" { 
+	description = "Password to access agent server"
+} 
+  
+variable "master_count" { 
+	description = "The number of masters." 
+    	default = "1" 
+} 
+
+variable "agent_count" { 
+	description = "The number of agents." 
+    	default = "1" 
+} 
+
+variable "docker_version" { 
+	description = "Docker version" 
+	default = "1.9.0-0~trusty" 
+} 
+
+variable "ssh_public_key_file" { 
+	description = "Public key file path required to connect via ssh"
+} 
+
+variable "ssh_private_key_file" { 
+	description = "Public key file path required to connect via ssh"
+} 
+
+variable "etcd_discovery_url_file" { 
+	default = "etcd_discovery_url.txt" 
+}
\ No newline at end of file
diff --git a/terraform/azurerm/public-cloud/virtual-network-subnets.tf b/terraform/azurerm/public-cloud/virtual-network-subnets.tf
new file mode 100644
index 00000000..2dd519ee
--- /dev/null
+++ b/terraform/azurerm/public-cloud/virtual-network-subnets.tf
@@ -0,0 +1,17 @@
+#Create public subnets
+resource "azurerm_subnet" "public" {
+	name = "AzureRM_Public_Subnet-${count.index}"
+	count = "${length(compact(split(",", var.public_subnet_cidr_block)))}"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	virtual_network_name = "${azurerm_virtual_network.virtual_network.name}"
+	address_prefix = "${element(split(",", var.public_subnet_cidr_block), count.index)}"
+}
+
+# Public subnets output
+output "subnet_ids" {
+	value = "${join(",", azurerm_subnet.public.*.id)}"
+}
+
+output "subnet_ip_configurations" {
+	value = "${join(",", azurerm_subnet.public.ip_configurations)}"
+}
\ No newline at end of file
diff --git a/terraform/azurerm/public-cloud/virtual-network.tf b/terraform/azurerm/public-cloud/virtual-network.tf
new file mode 100644
index 00000000..b7c3a0ff
--- /dev/null
+++ b/terraform/azurerm/public-cloud/virtual-network.tf
@@ -0,0 +1,12 @@
+# Create a virtual network
+resource "azurerm_virtual_network" "virtual_network" {
+	name = "AzureRM-Virtual-Network"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	address_space = ["${var.vpc_cidr_block}"]
+	location = "${var.region}"
+}
+
+#Output
+output "network_confirguration_id" {
+	value = "${azurerm_virtual_network.virtual_network.id}"
+}
\ No newline at end of file

From a0ca621fa76937ea806090435d75954647dd1eb4 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Mon, 23 May 2016 08:16:10 +0100
Subject: [PATCH 34/53] Fix formatting

---
 terraform/azurerm/public-cloud/mesos-agents.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/azurerm/public-cloud/mesos-agents.tf b/terraform/azurerm/public-cloud/mesos-agents.tf
index c31fb39f..792db690 100644
--- a/terraform/azurerm/public-cloud/mesos-agents.tf
+++ b/terraform/azurerm/public-cloud/mesos-agents.tf
@@ -65,7 +65,7 @@ resource "azurerm_virtual_machine" "mesos_agent" {
 			path = "/home/${var.agent_server_username}/.ssh/authorized_keys"
 			key_data = "${file("${var.ssh_public_key_file}")}" # openssh format 
 		}
-    }
+	}
 
 	tags = { 
 		Name = "apollo-mesos-agent-${count.index}" 

From 24423d4a63f73defadf1118b0f2e52f74499f468 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Wed, 25 May 2016 17:53:00 +0100
Subject: [PATCH 35/53] Addition of route tables and gateway

---
 .../azurerm/private-cloud/bastion-server.tf   |  4 +-
 .../private-cloud/gateway-local-network.tf    | 13 +++++
 .../azurerm/private-cloud/mesos-agents.tf     |  2 +-
 .../azurerm/private-cloud/mesos-masters.tf    |  2 +-
 terraform/azurerm/private-cloud/provider.tf   |  6 +--
 .../azurerm/private-cloud/resource-group.tf   |  2 +-
 terraform/azurerm/private-cloud/variables.tf  | 36 ++++++-------
 .../private-cloud/virtual-network-subnets.tf  | 54 ++++++++++++++++++-
 8 files changed, 92 insertions(+), 27 deletions(-)
 create mode 100644 terraform/azurerm/private-cloud/gateway-local-network.tf

diff --git a/terraform/azurerm/private-cloud/bastion-server.tf b/terraform/azurerm/private-cloud/bastion-server.tf
index d63fdcf4..266dbf7b 100644
--- a/terraform/azurerm/private-cloud/bastion-server.tf
+++ b/terraform/azurerm/private-cloud/bastion-server.tf
@@ -7,7 +7,7 @@ resource "azurerm_network_interface" "bastion_network_interface" {
 
 	ip_configuration {
 		name = "bastionipconfiguration"
-		subnet_id = "${element(azurerm_subnet.public.*.id, count.index)}"
+		subnet_id = "${element(azurerm_subnet.public.*.id, 0)}"
 		private_ip_address_allocation = "dynamic"
 		public_ip_address_id = "${azurerm_public_ip.bastion_publicip.id}"
 	}
@@ -77,7 +77,7 @@ resource "azurerm_virtual_machine" "bastion" {
 	# Do some early bootstrapping of the CoreOS machines. This will install
 	# python and pip so we can use as the ansible_python_interpreter in our playbooks
 	provisioner "file" { 
-		source	= "../../scripts/coreos" 
+		source	= "coreos" 
 		destination = "/tmp" 
 	}
 
diff --git a/terraform/azurerm/private-cloud/gateway-local-network.tf b/terraform/azurerm/private-cloud/gateway-local-network.tf
new file mode 100644
index 00000000..39f91649
--- /dev/null
+++ b/terraform/azurerm/private-cloud/gateway-local-network.tf
@@ -0,0 +1,13 @@
+#Create Public IP Address for local network gateway
+resource "azurerm_local_network_gateway" "gateway" {
+	name = "AzureRM_LocalNetworkGateway"
+	resource_group_name = "${azurerm_resource_group.resource_group.name}"
+	location = "${var.region}"
+	gateway_address = "${azurerm_public_ip.bastion_publicip.ip_address}"
+	address_space = ["${var.vpc_cidr_block}"]
+}
+
+#Output
+output "gateway_local_network_id" {
+	value = "${azurerm_local_network_gateway.gateway.id}"
+}
diff --git a/terraform/azurerm/private-cloud/mesos-agents.tf b/terraform/azurerm/private-cloud/mesos-agents.tf
index 31349910..63b9b888 100644
--- a/terraform/azurerm/private-cloud/mesos-agents.tf
+++ b/terraform/azurerm/private-cloud/mesos-agents.tf
@@ -83,7 +83,7 @@ resource "azurerm_virtual_machine" "mesos_agent" {
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
 	provisioner "file" { 
-		source = "../../scripts/coreos" 
+		source = "coreos" 
 		destination = "/tmp" 
 	} 
 
diff --git a/terraform/azurerm/private-cloud/mesos-masters.tf b/terraform/azurerm/private-cloud/mesos-masters.tf
index 24969243..4c1bccb7 100644
--- a/terraform/azurerm/private-cloud/mesos-masters.tf
+++ b/terraform/azurerm/private-cloud/mesos-masters.tf
@@ -83,7 +83,7 @@ resource "azurerm_virtual_machine" "mesos_master" {
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
 	provisioner "file" { 
-		source = "../../scripts/coreos" 
+		source = "coreos" 
 		destination = "/tmp" 
 	} 
 
diff --git a/terraform/azurerm/private-cloud/provider.tf b/terraform/azurerm/private-cloud/provider.tf
index 66fd5ba1..57476fdd 100644
--- a/terraform/azurerm/private-cloud/provider.tf
+++ b/terraform/azurerm/private-cloud/provider.tf
@@ -3,7 +3,7 @@ https://www.terraform.io/docs/providers/azurerm/index.html fo details. */
 
 provider "azurerm" {
 	subscription_id = "${var.subscription_id}"
-	client_id       = "${var.client_id}"
-	client_secret   = "${var.client_secret}"
-	tenant_id       = "${var.tenant_id}"
+	client_id = "${var.client_id}"
+	client_secret = "${var.client_secret}"
+	tenant_id = "${var.tenant_id}"
 }
\ No newline at end of file
diff --git a/terraform/azurerm/private-cloud/resource-group.tf b/terraform/azurerm/private-cloud/resource-group.tf
index 75be4923..32a6ac68 100644
--- a/terraform/azurerm/private-cloud/resource-group.tf
+++ b/terraform/azurerm/private-cloud/resource-group.tf
@@ -1,6 +1,6 @@
 # Create a resource group
 resource "azurerm_resource_group" "resource_group" {
-	name     = "AzureRM-Resource-Group"
+	name = "AzureRM-Resource-Group"
 	location = "${var.region}"
 }
 
diff --git a/terraform/azurerm/private-cloud/variables.tf b/terraform/azurerm/private-cloud/variables.tf
index d1dbf583..3df7bf60 100644
--- a/terraform/azurerm/private-cloud/variables.tf
+++ b/terraform/azurerm/private-cloud/variables.tf
@@ -26,35 +26,35 @@ variable "vpc_cidr_block" {
  
 variable "private_subnet_cidr_block" { 
 	description = "CIDR for private subnet" 
-	default     = "10.0.1.0/24,10.0.2.0/24,10.0.3.0/24"
+	default = "10.0.1.0/24,10.0.2.0/24,10.0.3.0/24"
 } 
 
 variable "public_subnet_cidr_block" { 
 	description = "CIDR for public subnet" 
-	default     = "10.0.101.0/24,10.0.102.0/24,10.0.103.0/24"
+	default = "10.0.101.0/24,10.0.102.0/24,10.0.103.0/24"
 } 
 
 variable "storage_account_name" { 
-	description = "Storage account name" 
-	default = "mesosimages" 
+    description = "Storage account name" 
+    default = "mesosimages" 
 } 
 
 # I.E. Standard_GRS
 variable "storage_account_type" { 
-	description = "Storage account type" 
+    description = "Storage account type" 
 }
 
 variable "storage_container_name" { 
-	description = "Storage container name" 
-	default = "mesosimages-container" 
+    description = "Storage container name" 
+    default = "mesosimages-container" 
 } 
 
 variable "artifact_bastion" { 
 	default = { 
 		publisher = "CoreOS"
 		offer ="CoreOS"
-		"sku" = "Stable"
-		"version" = "latest"	 
+		sku = "Stable"
+		version = "latest"	 
 	}
 } 
 
@@ -62,8 +62,8 @@ variable "artifact_master" {
 	default = { 
 		publisher = "CoreOS"
 		offer ="CoreOS"
-		"sku" = "Stable"
-		"version" = "latest"	 
+		sku = "Stable"
+		version = "latest"	 
 	}
 } 
 
@@ -71,16 +71,16 @@ variable "artifact_agent" {
 	default = { 
 		publisher = "CoreOS"
 		offer ="CoreOS"
-		"sku" = "Stable"
-		"version" = "latest"	 
+		sku = "Stable"
+		version = "latest"	 
 	}
 } 
 
 variable "instance_type" { 
 	default = { 
-	bastion = "Standard_A0"
-	master = "Standard_A0" 
-	agent  = "Standard_A0" 
+		bastion = "Standard_A0"
+		master = "Standard_A0" 
+		agent  = "Standard_A0" 
 	} 
 } 
 
@@ -115,12 +115,12 @@ variable "agent_server_password" {
   
 variable "master_count" { 
 	description = "The number of masters." 
-    	default = "1" 
+	default = "1" 
 } 
 
 variable "agent_count" { 
 	description = "The number of agents." 
-    	default = "1" 
+	default = "1" 
 } 
 
 variable "docker_version" { 
diff --git a/terraform/azurerm/private-cloud/virtual-network-subnets.tf b/terraform/azurerm/private-cloud/virtual-network-subnets.tf
index d8953110..669d6cf3 100644
--- a/terraform/azurerm/private-cloud/virtual-network-subnets.tf
+++ b/terraform/azurerm/private-cloud/virtual-network-subnets.tf
@@ -5,6 +5,23 @@ resource "azurerm_subnet" "public" {
 	resource_group_name = "${azurerm_resource_group.resource_group.name}"
 	virtual_network_name = "${azurerm_virtual_network.virtual_network.name}"
 	address_prefix = "${element(split(",", var.public_subnet_cidr_block), count.index)}"
+	route_table_id = "${azurerm_route_table.public.id}"
+}
+
+resource "azurerm_route_table" "public" {
+    name = "AzureRM_Public_Route_Table"
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+
+    route {
+        name = "AzureRM_Public_Route"
+        address_prefix = "0.0.0.0/0"
+        next_hop_type = "Internet"
+    }
+
+    tags {
+        environment = "default-public"
+    }
 }
 
 #Create private subnets
@@ -14,6 +31,24 @@ resource "azurerm_subnet" "private" {
 	resource_group_name = "${azurerm_resource_group.resource_group.name}"
 	virtual_network_name = "${azurerm_virtual_network.virtual_network.name}"
 	address_prefix = "${element(split(",", var.private_subnet_cidr_block), count.index)}"
+	route_table_id = "${azurerm_route_table.private.id}"
+}
+
+resource "azurerm_route_table" "private" {
+    name = "AzureRM_Private_Route_Table"
+    location = "${var.region}"
+    resource_group_name = "${azurerm_resource_group.resource_group.name}"
+
+    route {
+        name = "AzureRM_Private_Route"
+        address_prefix = "0.0.0.0/0"
+        next_hop_type = "VirtualAppliance"
+		next_hop_in_ip_address = "${azurerm_network_interface.bastion_network_interface.private_ip_address}"
+    }
+
+    tags {
+        environment = "default-private"
+    }
 }
 
 # Public subnets output
@@ -25,6 +60,14 @@ output "subnet_ip_configurations" {
 	value = "${join(",", azurerm_subnet.public.ip_configurations)}"
 }
 
+output "public_route_table_id" {
+	value = "${azurerm_route_table.public.id}"
+}
+
+output "public_route_table_subnets" {
+	value = "${join(",", azurerm_route_table.public.subnets)}"
+}
+
 # Private subnets output
 output "subnet_ids" {
 	value = "${join(",", azurerm_subnet.private.*.id)}"
@@ -32,4 +75,13 @@ output "subnet_ids" {
 
 output "subnet_ip_configurations" {
 	value = "${join(",", azurerm_subnet.private.ip_configurations)}"
-}
\ No newline at end of file
+}
+
+output "private_route_table_id" {
+	value = "${azurerm_route_table.private.id}"
+}
+
+output "private_route_table_subnets" {
+	value = "${join(",", azurerm_route_table.private.subnets)}"
+}
+

From 9b57654f250bce6e89f71e802dc486c0e1b06b29 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Wed, 25 May 2016 18:14:36 +0100
Subject: [PATCH 36/53] Fix formatting

---
 terraform/azurerm/private-cloud/bastion-server.tf |  2 +-
 terraform/azurerm/private-cloud/variables.tf      | 10 +++++-----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/terraform/azurerm/private-cloud/bastion-server.tf b/terraform/azurerm/private-cloud/bastion-server.tf
index 266dbf7b..69556d6d 100644
--- a/terraform/azurerm/private-cloud/bastion-server.tf
+++ b/terraform/azurerm/private-cloud/bastion-server.tf
@@ -119,7 +119,7 @@ output "bastion_network_interface_applieddnsservers" {
 }
 
 output "bastion_network_interface_internalfqdn" {
-    value = "${azurerm_network_interface.bastion_network_interface.internal_fqdn}"
+	value = "${azurerm_network_interface.bastion_network_interface.internal_fqdn}"
 }
 
 # Bastion virtual machine outputs
diff --git a/terraform/azurerm/private-cloud/variables.tf b/terraform/azurerm/private-cloud/variables.tf
index 3df7bf60..1d4a96ea 100644
--- a/terraform/azurerm/private-cloud/variables.tf
+++ b/terraform/azurerm/private-cloud/variables.tf
@@ -35,18 +35,18 @@ variable "public_subnet_cidr_block" {
 } 
 
 variable "storage_account_name" { 
-    description = "Storage account name" 
-    default = "mesosimages" 
+	description = "Storage account name" 
+	default = "mesosimages" 
 } 
 
 # I.E. Standard_GRS
 variable "storage_account_type" { 
-    description = "Storage account type" 
+	description = "Storage account type" 
 }
 
 variable "storage_container_name" { 
-    description = "Storage container name" 
-    default = "mesosimages-container" 
+	description = "Storage container name" 
+	default = "mesosimages-container" 
 } 
 
 variable "artifact_bastion" { 

From ba9c292372933082d684989e2c2504eba279791d Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 26 May 2016 07:45:42 +0100
Subject: [PATCH 37/53] Create README.md

---
 terraform/azurerm/README.md | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 terraform/azurerm/README.md

diff --git a/terraform/azurerm/README.md b/terraform/azurerm/README.md
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/terraform/azurerm/README.md
@@ -0,0 +1 @@
+

From 0c2dc51d04abb9365bc39621b4cf33970a4def1e Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 26 May 2016 07:47:45 +0100
Subject: [PATCH 38/53] Delete README.md

---
 terraform/azurerm/README.md | 1 -
 1 file changed, 1 deletion(-)
 delete mode 100644 terraform/azurerm/README.md

diff --git a/terraform/azurerm/README.md b/terraform/azurerm/README.md
deleted file mode 100644
index 8b137891..00000000
--- a/terraform/azurerm/README.md
+++ /dev/null
@@ -1 +0,0 @@
-

From 8587ef0e51018a2f971647097fec328d56eb6c63 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 26 May 2016 07:53:53 +0100
Subject: [PATCH 39/53] Create README.md

---
 terraform/azurerm/README.md | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 terraform/azurerm/README.md

diff --git a/terraform/azurerm/README.md b/terraform/azurerm/README.md
new file mode 100644
index 00000000..b57c6c1c
--- /dev/null
+++ b/terraform/azurerm/README.md
@@ -0,0 +1,2 @@
+Azure Resource Manager terraform configuration
+==============================================

From 9eba56a91cb95638a3a378758ef4f681d470f519 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 26 May 2016 07:59:39 +0100
Subject: [PATCH 40/53] Update README.md

---
 terraform/azurerm/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/azurerm/README.md b/terraform/azurerm/README.md
index b57c6c1c..d066a4b7 100644
--- a/terraform/azurerm/README.md
+++ b/terraform/azurerm/README.md
@@ -1,2 +1,2 @@
-Azure Resource Manager terraform configuration
-==============================================
+#### Azure Resource Manager terraform configuration
+

From 8161be62df24476f5af1220924e7de4c099d6a79 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 26 May 2016 08:00:11 +0100
Subject: [PATCH 41/53] Update README.md

---
 terraform/azurerm/README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/terraform/azurerm/README.md b/terraform/azurerm/README.md
index d066a4b7..0bbda83f 100644
--- a/terraform/azurerm/README.md
+++ b/terraform/azurerm/README.md
@@ -1,2 +1,3 @@
 #### Azure Resource Manager terraform configuration
+---------------------------------------------------
 

From b5734426df0317a8434e3e9cbc8e4f5884697892 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 26 May 2016 08:16:44 +0100
Subject: [PATCH 42/53] Update README.md

---
 terraform/azurerm/README.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/terraform/azurerm/README.md b/terraform/azurerm/README.md
index 0bbda83f..f6f83418 100644
--- a/terraform/azurerm/README.md
+++ b/terraform/azurerm/README.md
@@ -1,3 +1,7 @@
-#### Azure Resource Manager terraform configuration
+### Azure Resource Manager terraform configuration
 ---------------------------------------------------
 
+This folder contains the terraform configuration for a public and private infrastructure provisioned in Azure and is created by reverse engineering existing AWS architecture, https://github.com/Capgemini/Apollo/tree/master/terraform/aws.
+
+The configuration is based on Terraform's Azure Resource Manager provider, https://www.terraform.io/docs/providers/azurerm/index.html.
+To allow terrafom to create the infrastructure within Azure the following information is require by the 'provider.tf' file, subscription id, client id, client secret, tenant id. To set up oAuth authentication in your Azure subscription follow this guide https://www.terraform.io/docs/providers/azurerm/index.html.  

From e7713af5e399175a83d173f3bcf2b745a31e3a3b Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 26 May 2016 08:17:41 +0100
Subject: [PATCH 43/53] Update README.md

---
 terraform/azurerm/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/azurerm/README.md b/terraform/azurerm/README.md
index f6f83418..42309f8a 100644
--- a/terraform/azurerm/README.md
+++ b/terraform/azurerm/README.md
@@ -4,4 +4,4 @@
 This folder contains the terraform configuration for a public and private infrastructure provisioned in Azure and is created by reverse engineering existing AWS architecture, https://github.com/Capgemini/Apollo/tree/master/terraform/aws.
 
 The configuration is based on Terraform's Azure Resource Manager provider, https://www.terraform.io/docs/providers/azurerm/index.html.
-To allow terrafom to create the infrastructure within Azure the following information is require by the 'provider.tf' file, subscription id, client id, client secret, tenant id. To set up oAuth authentication in your Azure subscription follow this guide https://www.terraform.io/docs/providers/azurerm/index.html.  
+To allow terrafom to create the infrastructure within your Azure subscription the following information is require by the 'provider.tf' file, subscription id, client id, client secret, tenant id. To set up oAuth authentication follow this guide https://www.terraform.io/docs/providers/azurerm/index.html.  

From b0e357ff42b67fcd315e24811a0621a19ef717cc Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 26 May 2016 08:24:05 +0100
Subject: [PATCH 44/53] Update README.md

---
 terraform/azurerm/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/azurerm/README.md b/terraform/azurerm/README.md
index 42309f8a..a3935a29 100644
--- a/terraform/azurerm/README.md
+++ b/terraform/azurerm/README.md
@@ -3,5 +3,5 @@
 
 This folder contains the terraform configuration for a public and private infrastructure provisioned in Azure and is created by reverse engineering existing AWS architecture, https://github.com/Capgemini/Apollo/tree/master/terraform/aws.
 
-The configuration is based on Terraform's Azure Resource Manager provider, https://www.terraform.io/docs/providers/azurerm/index.html.
-To allow terrafom to create the infrastructure within your Azure subscription the following information is require by the 'provider.tf' file, subscription id, client id, client secret, tenant id. To set up oAuth authentication follow this guide https://www.terraform.io/docs/providers/azurerm/index.html.  
+The configuration is based on Terraform's ARM provider, https://www.terraform.io/docs/providers/azurerm/index.html.
+To allow terrafom to create the infrastructure within your Azure subscription the following information is required by the 'provider.tf' file, subscription id, client id, client secret, tenant id. To set up oAuth authentication follow this guide https://www.terraform.io/docs/providers/azurerm/index.html.  

From 76e8517fec89f24189601203e2f976bd47b7d3e8 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 26 May 2016 08:27:37 +0100
Subject: [PATCH 45/53] update path to script files

---
 terraform/azurerm/private-cloud/bastion-server.tf | 2 +-
 terraform/azurerm/private-cloud/mesos-agents.tf   | 2 +-
 terraform/azurerm/private-cloud/mesos-masters.tf  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/terraform/azurerm/private-cloud/bastion-server.tf b/terraform/azurerm/private-cloud/bastion-server.tf
index 69556d6d..83d7fc42 100644
--- a/terraform/azurerm/private-cloud/bastion-server.tf
+++ b/terraform/azurerm/private-cloud/bastion-server.tf
@@ -77,7 +77,7 @@ resource "azurerm_virtual_machine" "bastion" {
 	# Do some early bootstrapping of the CoreOS machines. This will install
 	# python and pip so we can use as the ansible_python_interpreter in our playbooks
 	provisioner "file" { 
-		source	= "coreos" 
+		source	= "../../scripts/coreos" 
 		destination = "/tmp" 
 	}
 
diff --git a/terraform/azurerm/private-cloud/mesos-agents.tf b/terraform/azurerm/private-cloud/mesos-agents.tf
index 63b9b888..31349910 100644
--- a/terraform/azurerm/private-cloud/mesos-agents.tf
+++ b/terraform/azurerm/private-cloud/mesos-agents.tf
@@ -83,7 +83,7 @@ resource "azurerm_virtual_machine" "mesos_agent" {
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
 	provisioner "file" { 
-		source = "coreos" 
+		source = "../../scripts/coreos" 
 		destination = "/tmp" 
 	} 
 
diff --git a/terraform/azurerm/private-cloud/mesos-masters.tf b/terraform/azurerm/private-cloud/mesos-masters.tf
index 4c1bccb7..24969243 100644
--- a/terraform/azurerm/private-cloud/mesos-masters.tf
+++ b/terraform/azurerm/private-cloud/mesos-masters.tf
@@ -83,7 +83,7 @@ resource "azurerm_virtual_machine" "mesos_master" {
 	# Do some early bootstrapping of the CoreOS machines. This will install 
    	# python and pip so we can use as the ansible_python_interpreter in our playbooks 
 	provisioner "file" { 
-		source = "coreos" 
+		source = "../../scripts/coreos" 
 		destination = "/tmp" 
 	} 
 

From 726d1045022bd9de35ec6f9e553f83360bc02f05 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 26 May 2016 08:47:56 +0100
Subject: [PATCH 46/53] Update README.md

---
 terraform/azurerm/README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/terraform/azurerm/README.md b/terraform/azurerm/README.md
index a3935a29..b5c508ce 100644
--- a/terraform/azurerm/README.md
+++ b/terraform/azurerm/README.md
@@ -1,7 +1,9 @@
 ### Azure Resource Manager terraform configuration
 ---------------------------------------------------
 
-This folder contains the terraform configuration for a public and private infrastructure provisioned in Azure and is created by reverse engineering existing AWS architecture, https://github.com/Capgemini/Apollo/tree/master/terraform/aws.
+This folder contains the terraform configuration for a public and private infrastructure provisioned in Azure and is created by attempting to reverse engineering existing AWS architecture, https://github.com/Capgemini/Apollo/tree/master/terraform/aws.
 
 The configuration is based on Terraform's ARM provider, https://www.terraform.io/docs/providers/azurerm/index.html.
 To allow terrafom to create the infrastructure within your Azure subscription the following information is required by the 'provider.tf' file, subscription id, client id, client secret, tenant id. To set up oAuth authentication follow this guide https://www.terraform.io/docs/providers/azurerm/index.html.  
+
+Connection to the server instances is via ssh authenticated by a public / private key certificate in openssh format. I used Putty to generate the public / private key files. There was an issue certificate only authentication **so please use Terraform verion v0.6.16 or higher**.

From 2ee172af064c69939c98e480a629fd3b3c67ee2c Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 26 May 2016 08:57:26 +0100
Subject: [PATCH 47/53] Update README.md

---
 terraform/azurerm/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/azurerm/README.md b/terraform/azurerm/README.md
index b5c508ce..7e1faf30 100644
--- a/terraform/azurerm/README.md
+++ b/terraform/azurerm/README.md
@@ -1,7 +1,7 @@
 ### Azure Resource Manager terraform configuration
 ---------------------------------------------------
 
-This folder contains the terraform configuration for a public and private infrastructure provisioned in Azure and is created by attempting to reverse engineering existing AWS architecture, https://github.com/Capgemini/Apollo/tree/master/terraform/aws.
+This folder contains the terraform configuration for a public and private infrastructure provisioned in Azure and is created by attempting to reverse engineering and match the existing AWS architecture, https://github.com/Capgemini/Apollo/tree/master/terraform/aws.
 
 The configuration is based on Terraform's ARM provider, https://www.terraform.io/docs/providers/azurerm/index.html.
 To allow terrafom to create the infrastructure within your Azure subscription the following information is required by the 'provider.tf' file, subscription id, client id, client secret, tenant id. To set up oAuth authentication follow this guide https://www.terraform.io/docs/providers/azurerm/index.html.  

From e08dd7a48e4630d48483691f5308b6769460b069 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Thu, 26 May 2016 09:04:45 +0100
Subject: [PATCH 48/53] Create README.md

---
 terraform/azurerm/private-cloud/README.md | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 terraform/azurerm/private-cloud/README.md

diff --git a/terraform/azurerm/private-cloud/README.md b/terraform/azurerm/private-cloud/README.md
new file mode 100644
index 00000000..8b137891
--- /dev/null
+++ b/terraform/azurerm/private-cloud/README.md
@@ -0,0 +1 @@
+

From 7baefffe5b3a611ec2d546cc25d52c75914a91ab Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Tue, 31 May 2016 08:22:13 +0100
Subject: [PATCH 49/53] Add images folder

---
 terraform/azurerm/images/ARMArchitecture.png | Bin 0 -> 28738 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 terraform/azurerm/images/ARMArchitecture.png

diff --git a/terraform/azurerm/images/ARMArchitecture.png b/terraform/azurerm/images/ARMArchitecture.png
new file mode 100644
index 0000000000000000000000000000000000000000..078833de518ad7cc7ccfc796b4e2e80b1ce3681e
GIT binary patch
literal 28738
zcmbrlcRbu(&^E5u=%RN*L=Yu9tM^``6QYaWSrJ|I8g=#F5=19D(QEWxR}ZT!%e!*l
z_wRY$&->@^4<EbVGBan+oNKO`b2d_4RSpM>0t*2F0Y^bzS`z^Q=@9_|aSj6se#L3Z
zg#`W&(M?lM5}|sG>Hz))#aco|0s-M$9QM6AD*QX9v%J0=0s?N&(;wo1Q>i8Vz26Gb
z658G-$L#^cG&%vNnShfPYvZ}{Lt^&TONK8N8}F(pCMnzA^<kh_&ZHHtD@_u;c`?Ao
z5oco`awym^$E+jhocwNav6x~)iKLQvQU{T<e@bfNH9i*PE6R&pMCDwrApFFz{^ir7
z(-Gj+MW)Ygdb)MaUV7T8Q@~u^?n0gQ_^RL4(VEw(kD;?RbJCC{cY387GlcP<Pp1EW
zKFx7LE+$Tpb4Hi0mOUSdBr)hi=&q0E_u99s+r!_lEyx@eLl>?u&8Y;b25~ZJ+rg>f
zob3-mUXQbn#PElu_2-r^=|otKz`Krq>xLF`ORk5p(7fd?f|i>M$K63p`Vjnlj@)oQ
z2O#nL()J6fV_m>qj#%_!_$C*+EL<5r&-&CM?I*$(>w%8o@VMTNW}G=i2=cdENUP_8
zZz{ed#w698<KhAd`3y587;B}?aXcfFhIf`d1Ya^@7lFJUl2Gz~Z$;id9O`3p9RxS=
zZ3^4dy?)mN2;S3>MzgT&TA)GRGmfH92Kz14-cAOn(Z<4jc`BR1dpXp1?$&WndT=O;
zf-*{hG>ZY^Epl+v_Gxe?#YZ&(tyeTt9vn{tSsH->bBjx9XS#o%E`G3kdI&#zd(-~M
zN}Yx2Yb2|WG3o$AS|3GD8xpuGXunRQh)5c?xtlHk9gkMO(YB-v8~%pmWyqJBg&#gk
zIqyhDe(jb4d3PA$S25mfDdaYn(XRaSZM^TdL*@cy{$4H+mqskVM(0Tx!zf(w^Wjk2
z#md=n_yoB(C_P;+Xo62m2~6Z(d3Ib>_$r+c>q!k6d}`L8W)boRH8UI9eEh(oyzr!m
zp1T=7InzYqJemNgWb4xvMMOm2B7TN3NtitJNn$?5G`_f&9w1RnGTM4Y?FZGpjQ?1#
z=XNCM;UcEdp^?jP6pyoc$GTC}d0pH{rq+~dzWw^gU7+WzUf|cL*CG434cNH{<+KX4
z^jIz{<22lx;a6Xz3_qqIxcWm_8jpc|)v3wU3$VI1{_{}$m3$LKUKt4E0i(1=DG=zg
z-ha3$7>)hWfBOfBCMxGf<mRGc4oB{U{?K#z$8XUG-~FGdf&SZZ=+D2y%Gu+bpa*$@
zDNurZ^qH5Rii?0u0U<9X6k*c6X+5}3%^wcwYU3P?10E%8K#Xb+_v7xNN)bSK(63Kj
zqwqb4)cGvYBpK67)AY@bx1j%i+*%FCr5E|ms3zvIbc|=R{+qiSrY1^I6L^(}J|fCx
z_;_<Q(D;mlzUY(#IvLZ-Sad#-N{bp~SmV3?=1=2e5UBU={VMLmefc3xN2Hr}r-1j;
z@2}(gCs``bqM!MA`@>>BM48=y83E$k642)D4<jegeNJ51Iw<V0WIm{AJr#6n?dT8L
zpo9g;hvP1%o8r^=_Rc`a{9)idn)WI6i0_s{EAxlwK@Uh1@uIC3U%XoIDj&<51)1Yt
z2R6XQY0mPQ>a7Ev?~u<qu*zwzZYH|Ib1n~Dl4wm_?~)Gk7S=nm&Sh!^$~11qauUd;
z0v_Cl>E6^zsa0PimBvGFH%^@dolz1zPiZmA=Ko+Zgp{IU<PNQ&7}r53!(WG#O8z=9
zao%F|lI7v;6gZof<A^NK_)O)qS<;$#5LFd;54e(<7Fi7(=m>m_$+FkKUWYoOd$J^k
zax-L{H63mUjMgv{F(IR>%fgywP9A9!Iy=|<!ykk-bKgrb(*mQt_Ri3XOEz(^iMtXP
zJ;VyQNlM%<2b0uRiN`%)XNiWMFuExzi5F?=fCL=o>N(MylyGAeuoydi@e?p)sUysm
z0pnAYYOWdO>7~uv#%aC>g+-kGb`Q(4uVi`ujj#fw{DNR$Ip8sto}56f-@92$5%#q#
z_8m!dRtc*nijv)LlYSfrhyFz45)P2@Sp$nFV@H~B(M%j`L=1DtR|ZNx09f@gO1A{s
z3}19AyCL|YgX(~uDVCm{@ZFU_*PX+OAog8$0mgv31XB2G3hYv4A;fH-^CF;_m%5()
zi7Hb>JjDjg8h`~ImXNO`Ng_zPnb1k=wvf`X+Ue1jqZCeRq&Q*s-)_z^tkX4ey<XpD
z@__wKkNGlW41r>-4Sd2Df{|~=8%jZ3n`#&uoJq@w#&OWD6P270{1@`VD>rBvU9dq$
zYtHWr(1Aw4#z#8^BcR(ZFp7kpzB+5fx&s~*qcDs~l~-#B+QHDtV=+l(#jt7Wjo&=X
zPO?1p3P+i8%hy}Re#M_zOM$M%@2H+f;S-pS4g0RCX+V;We0u``CIgmsy`RC>g&o9_
z$_X`V4cH|X`V|r|vjJu{$p}}=U!T391AbbZNcUPwlTwEKtDV<*!D_8I8!4dG&bz&#
zJ3pZJP!%AKBdBkPc|6}*^uojPl&Hc&E~m-!F#+e%Xx<yL)f1eVx=iVEH2}7BAV_q7
z=AzSdm)`9qdUqeE10Zj`8ut&4il>-lW2a?N<|)g6^Y)QG_B)TEWJF}y8CI{tES{$=
zH+{%Um13xZl@XfPqc?%s>#HW@8mf2ei@!y^w>b9lVs2Ts<xX}MKqn7r>#Mm`2?U*K
z3-jXH(X8F_98Krn?s(Sbi1ZVp=|hc$xjkWDkXt=bz0$1PYhD8V)D>a(!<{s54h~u!
zBu9dkY65eQAT<iJan(MU8psP^7Pk8eytNy(hhi(Sr3Sw<<_{Mf7L_ZB$``#3op!?j
zmL&3o#vh!*o=lC#a$LC5NeXxZfwU3NOm-Bk1>QRkCnzDbVz^@b`4TU8uTzto<Oj!}
zoEzPnu${K(1!G#DKV>REfCzs&S<0k3Uf&H!dCB@g+|Kp_uik2Dz+rnNeCZ^xJ3CUw
zkpWV$*A{{gv&aRyCn!bi)}9{p5VOcswm`c+UK&`_OFzcLu`|-hW4LGL@8wCo<xu=~
zX|P;GnCAV}UKH4RZ906EBNRWM<?L93k@kpGawHNyUb<A)t;&4pq})?7#+c;A0zTwN
zK_|6N;0Yzfh7PqPu)LI3<^FFzNheN!V66hW4?Lw>dJ3h41JD#$F3$HaK^Te-xT(m3
z3VPo}ECfB>mo6Z?I{~?Z<v6{bGO6^%P$0xj5K>U{&-1tbuxjIPo<rXW!PbY2YUzcc
ze}xXhQ|6Z)rPLI4K+Br`lUhe}`0YL{<_|As;yP?!!Oe{LQEPrt@a?mLz6PXV*yOLJ
z1cIcUQRTG8SA<WxTFE@lD@vi0A2^?qX#E!r(oU>0+JHIjCxKNKGkrCZ;JrhyWA33R
z+a-BH#(sExcFeVsVCzv8yo~xMU(jca!}-wrw?yzbE^zYuJIJESrFtF`-k=ygK+C~j
z>cIZuVh(f;mNVsh{-oGXVGYV-0)sy`UC8hxWs>A%;Tz{1ZzTK`X!YMby*TW64Ir@3
z=<P41UHS7G{#1mn+blcYz<1_vTwu9Iktc$YKWpR*L;hB&;1CUMwjK~mf<IOt@d31Q
zIS06H<+TnxVk_x<yeN8Ce<a1}vlSKJw->nF%i1j%*fePw)^-R!%^bm|2Q#F;jf~L%
z_^vBqaCu2aI`_XYz2x4ke{LU5r9Z*$cM{3@7WMK2dTCUx6;n>g;6~mG`uh)CaGjGS
zE1~$)2-S<Nj;CWiLn-r*q&%I^hq4mM-)<p|-7RM``!!fxkr9Fg)qHbUIqbNE4?Omu
zH~|?QXsH37NkcjK*(F(j;dS&%5`&9mA9HK*AaWzc;!$L=Z3$N<I(_d=>mmKd^Y*h>
zG_OYW*4@<nZH-D8UuPL|Ln_mmCb>qgISPRx_|Nk)3p>t9^WJx6d;m%!B^=np9D1Kw
znfl@$l6#kJdrY0z2r!CC>h}wnL~;|@GENGONS#{D#4WtTnB*7uB9*2PC}{W4ug0Xl
ze4~%Tn)zdWFX^RwTR!#MaFm6R24Y!}<(6V*iZ3&9_zaZZHEs{i1zvvXT1d$PUs3}i
za1+Ngc@P7Bu9f#mjSDCB^AVOau$pmsjj#p6joW9W+UXH=5n>T-!lRyFpuLNtdiPe{
zkGYUI9=AbTm{4I41-&t~jH2+q|8eh81{<@;Z5M@}Gk^j2MS^tQ*B6=q$xB>s3X_)4
zJxZ-FOgeuWeEQnroq$R8qlQB}Szj2dm!H1q=dJ+5181r+34<e6f`*Z(bI%);W5h@^
z#Bj=ri8o}i`FUI+*a+Xl+(hP4AV0<N61xqE<a1lPe}tnHEaOok`5ZsvDyr?fd;*BA
zpP|mgxPeI>ZwQ1aF|#*w`{}4OY?CEWD{#3~<XLM4ul66`r_&2`ypzXH(0J11h&=kU
z=Ch03%VG^c^rz03-0sh`Ns*-Jy7BY84L6_jTIRHp%}Ns>PVxen!1*EYB*+nBgKBc}
z)A6hQJ9nmcsB-y15GL=ppX{XjG}-7vAj&Tg>2S$D-`spby_e)QLxdtY6HzgvaHB@N
zqIvrfDR5jM8FiVUi(9fOS|B>k^kc01ONp~#axs7o(MNfIv?i=F#Cu5JC3aR_*JpIW
z%Y!-%dL$k#@@=1F%K=lA_s_q-;$nKm2w{{y+}KZlh|Gx#`v9dEAQY0+AT8C=<;>#p
z2S_>-=dz!DDVN>ZN_&OgIe`)pCvY?DL!pS{?eYmVf~hbJl}3U}g(=hqqbqD4Rnr1P
zmp)#-%&e<q2>-s1CV`DvwfX0fIlJyHj_A#Ba&uH7F6MU)`ejZ!{nWl-OMT=)rX7s;
z#d{&lDC9k{@vjNxR@=V0zbhi)P^5<&#uk(rloZUfUb{r;kDNsW11(6;V8~zs1zV*g
z5b$D9KjCv|k$B_dy7Ua*f58y26p6st*yurmpi8wSnteAy(|+})a7bXD<h(gG5#t!8
z6Uf$k$q-5ZDUf`i#=!q!Kwq4BpOh>D6_3BmpctXsK^Zej$&$Mcc9(_01xG=81F7Q8
zApT8b0*bq_#EGu02s3g>Tu;!4U$_G6^%&v;xFk#%d-7+b=(t>%lKX7|mSNi!w2!1A
ze$sqR1<q_CbjuE8{pS@gJ11Jc=Bkl*0!eA4Wt;sOzG&(V6ysbCQ{{geM8gU6Fp1ER
zhjSG7b%Tk>0=76|i1fMHQ3Ym>527hH4pxa$LRU|aR8MdyYUO(jlKsqY&mSc1oIB71
z^9a3Fung(BCGp3;Mn{{<(^8$h(XU2*XGMh<N(v;P^^>T^j~M-8bla`_4nvQg<(-vo
z8GG$d<8{vW4C8||BnVRjvHq-W?=wZ?g<rBp9i`xplai=oFu+|eCBdRPK0rfdEGXpe
zP3p}_q%}hG3X@Ef%^&aqM{@m+07K%F&AU*1D&ZR7*%!ty_=TTPrDHV}Xt)PV3xM&j
zx7O2qzt|(DCd57}O<3(i%DnMEx7R-3NCPvq(-W4MbiFzuRiAicVFE+g&U(>j@S0KO
zbq{`!pY-PP<g$c|I>#<aShNBfCft_Z<xhtBjTjp*K_^&YsP1dvnm%pwB%YvIal_C-
zdH$o@?&(*_5&~7c@%!)+PjUn&R<RxQQ{eg5QLR^)$e)DJuQWCxHm(izjd0|rQu&R-
zhtAXDt>9euWB>Wz=RLdHvNq(3@WnF@2;MKQ7jAhdknzUv20_E%P<Mg2<#5%u%KMzN
zH@b^_?`?eNmf|HMJUDid>v8Xl47@RwF}RfOx7nP|Ndm;-EaG<kROE~qk*Swzg9#s~
z(zMU?q$KF_11H&~x>ODkNj~W88?vb51bQJ*XbjHcmuqjo!P!gxY;HPmebKSlW*WKm
zu79OfnFjn}7UUlkg?^R6--a1jbN6_{<HC%1dumdoLaCd<`up<dWY>u@jRAT~n!fJh
zhu@F;P91gA+j+7b_c5m%$@c}14<Cq3I7@jiN8nN|7E|~r)lrChi5&?iK3ceJDT7NG
z*PB*bE!OgS<TitUV=gsZ<NL-O__#B594Ele$BG@C{FatTI8E9-j~BCrz4|4lxsow<
zxL;Hy!1awhdm*W3uV_GO^D|!GX5@TK$b8>!VnbOCt?Rh!@mSbdVAYf*I)zV^JVde8
zZ7C;KhaxIia+V=@F%LK)HgQP{ycb7b7R05Yo=R>Lh<*9$)oOa9HAn<HqGm9Zx8g!T
zC`I|{;!RNwep5@d7*Z==dRd%br&k?jS(0{9o_m8m9h1P8VkU=xTo_JK#Y%Po?eKoD
zvZ{e}`BW|#T*Z5tbmr*-&P&g#k6_fj$sefp(nU@|Gk#ujf^+v)(3YS~Q3{deGEYSh
z;H*U6(Z&|GrRP*Y3uc}$x&of=k97*PzyJ+7AS0K{bEhy>>TCygo$w258!%G)ZBA#L
zr#1J4>^s|_!19VDnIfF*lzCLonHa^M+s}2(rM$dxn8Ny>>6a(`@hEs+IS#NmqAkjo
zPfZZaYTBNuNxeTmIF|ErJd!Me-QdNF`5sTQoMLDD8V3srjOHo!n5f&%7Ys=qiW8{g
z*9Y~gk0|WgWL5wtR18;w-}mt3O|DzovkG|cGlzxmlHq22*Fy*x&2{P{4~?DW&HngF
zNZAfgC9qpzi#|N0gHmqbsG4%d*fy9IgsVsKE2YVeHxV=7HeRY*oJ6h{elK^5&`Zpx
z$Z`IjEGg<)b|8OpJ|YdZDmzznxXO!U)Kw-`Y_yf>Aw{V?_4?jd!V_WTpuDlqq7LYV
z_84fty3T{gG7C${62<lng?0686Cd6an&SG1+E@sXl-DDf^+*&+3}hO+KjV$uX3FkO
zE8w?aNbvA@w<%HdqToW|l_OmMUCEoxw|)m?&geromV}7BU+?6KJao+c)PG9b6|5J(
zikgsy@G#v@e(;)Sm*`=R0Vd|WcRohTZdj1flL+6>5X*82tq_#*{Z>&&YOAhkU0RP7
zgOmBpDgdfw8)+vU%=KI|B*;YC?YO_Mi-D<}U`t4gUWRO6#yw87tX}-B?!^vrXQblc
z{kz!QuaU?y=PIGmMJ{0LiIclrlOfBkVW;KxFPYc!(D>doJ!hq03C+EM&9K6$S4~Ah
zgC}v9^nRTKuJ9Yk2`jV*Qi&g{jzS~53SS$Evv4kN$KSZ#NNBO&K6`b%z;eeBfPr;b
zt*%Fg#;*i>)^KOyL873Bh;9L9qAe|I>W3CwOC`Galu@Fg$It|`Cz;X8`}>qlPUTKP
znZFP50L%}RjCrY+LniqXR1y{0c2dz8T3HI#@Gmz$D*CMj^%Ti=2m4vxF@HylI;uR1
zsMZHtJ7f6GpAaExD?;#S?2pU~SU%RHVA|L*hc~6?r5)s%Fnz2Kp_!Xe#yx*q(-HGp
zR9H-*QM)aiI$D_yN!d;mF=e;%ru{W?_{?qVFWK|`hRRQyZdSpHJvI}Cb3}>eZ_2y1
zRdI1N0Re!Jp=Ty8Al`kGJ3%TI{9j{OW0qz|V>hs4R&iHYg;^2K*l36G1(t&E{AV8W
zV5KQhs$rkR$o|hMBzSvJ5pKkfW0g&e5!S;{Biolvlv&9w-cxiCqPRgn;U<(wFz0>}
ze$4ru@VV6TrCOIK?b`YD#mRGlGUM7QG_fJ3DYgl-tmjn8177!+o}1xJ(*T)j6$^oZ
zL0I+;eI(;c?j)|#dNI5`ac%)tU|%gO*!m5_>BTysfSk!0-|D+R7DP$%Yu@*n8lqI9
zc3_sI8!T0j^{_nmOMXaF<SX`m(G;!i%eEsZt;}1Jz7wx-G$WAicGSjtLRt>q-lxo=
zm#%3r_$+ybH_=Zn^f_5OL_x`yY345od^QKaC=(BemF;aY#V<qnJWF}WScX_$=sg?I
zUHqBg_0Yg(!CG0jlZ3_;?5ZVW`<`>+f>n0Y-IHL5OmDGHZIReFB6FPM!OTi)M$Lbr
z0yMrJl1xw=%_>K;;c#>W&26@K#>|Ro9|o%1x^72WQr&H*QQdwjoa&F=-yAy1F=b;?
z<tFj@%IKM0&bxk+_KJaA;Yrf<$MG5?LKd@uRl_%5`}Z$IQ*z#?@Y$SLT>v+gQ*=LD
zI)4`8YOsu$jq@jbDKbnZ?5biFygf$?H*r%j=@3Pg`-d8=_ikcF$QjA==(sePkp+Tm
zR5X;3*0U1N^<(P294=4hHIcO@V8>Zk8#b5_EX|$qO0htZa^fR|Q4TjsWlaJ0j2@yD
z^ge|d!V|(%267chg0cq9sG$}D4dVX(dqoG)LbT@50?2&~fGuFh3i?5WV+(buSD>*T
zHKJA<zxV;<Fj)I>g=rIlC%B>`U_i#azKxjs-R(A1i-f~_wHz|6Rl)o-eMSwl5cp~W
z8R9l+K{?*yfADRxti!CUyQrqa9434{P*Lm#9wRFQVada^#la;=V^+n$mo6l2SCFN~
zMIF_-n~smSje267CxjNF#Ii|HTS`s9^ZgcR^ZqwTjluWzuP;vTjtBBj%yu3O$D92R
zzRaya{XSOBsF@}}%Ra%!k~OLd>rE2kRBmb7INMUay}H(G>C^^br*RrLnRQ{NIkim;
zBtvcCb<XqsCg_H|jq?~~ArKn%j~mt<!ob!c{^Tu3sHH%YrjxKW1CQm;p?ld7d2YSr
zZ?|*T%k5XQ!*N^Mli!B*vOV}YQv)7H=RF5yuj*g8FhjJE;6rmaf}P!uh_GC!uB6;K
z1zfbG46tmlm_FP#I&}UniI1-4dl-}LkK9Y=T<&-nStnewU2E}plkZBpzFG^Ov1sD^
z)`fpONIlF~Ekus|ZLoHrVR+e62NCYqr&)q45XdZo4pIHVF}*^Hgf>IE<>nq_1(53D
zO^en}SjW~Rqp?qqUw*vb8i9vzNsg!2GOgW72|3*3xm#csv7tC);DTXYuk>zNtLtO`
z^ye=hNJTw+oZc_jIUgieonxv&>YQ(<h|+4roB+@-ertYoSpK)=vz^c5qE1Aes4dlB
zmgMusbvnRWCxfY)w;DNvpJ7#x@>p(6tt}He;vRd<m1}|OEN7>-9}12Bx7B6Pq5Zj$
z51i|><EPZ^UI#n-v4j#lmB4uy>elzix4>6}((zDRlz(Pip%Cq8M&_`ZkLZ<t$%(V+
zdhYVMF~TFR3Teq3*47RyI<K#vK{w53Cps*z1y1<+9)bgJx}^tY;6Vi!5D$-rx`lF(
z_j^C*?BV+uj2SiV)q-4d5`Ob~%cZ=TLSV+z0uZVJGMohLHQvh<X^{r_6l8YC$b(v*
z4f*4CqibeF3vPr95%^68cz3p;@n3$GO&9y$;`J+N%Tv9-hi6BUE8+}iRP8y5oW8^T
zIYmt>tZJbN7?p&Z(yk8JUiAX{LGoWrrXPY_;L^4Efcr#JkR*)cKVTNG6BbpGo<d-8
z*na`I3uZZ5P~MX|D#X33cu|ommYxTUcEw77+M+!<CIK3`j(jGFoQ63w4v)qF$U)Eb
z+dKEBg0l`#m!oJ;WSZRn@<4h8XdS9uZzfz{4~?wp<n-Pk{oT=zyY#0wW=4$%?j-T?
znYaXs1Fbar=hgnrAG-nM1Wudb>Q6)QQPS;T_F*`>(E*tVH6cgpb%cQ?U;YCd|KNq2
zI>05aem`uSQ_=WJaSk_}_BOmuSNu(O%h_Ac`BV}$nlg|TJZ6J{<)F4NbL3tdWX(xM
zz<YT%Oma=Y<YL|)bJ);+q~gC}4G++t3nK7|nhO3f!e)IXNZMSoW*)S>!7f2oTNMzV
zSz*%rIM=vb3oc5#T^%1~cVWI8%syQ(c0^iQhg0mofm06+YVz4xU{hNo3tarn=_}^B
zKg~y8!qJNG7%u|yzQ+3*{2J1Oz3uXAC^l>txOt7x$9IoQAKOBb<@>Au=DEblti&EW
z2QMYlKWpu;QARUr%d9wnnw)i^Z<qc&rnBb4jc1PG1Fy+1OPPQy@|G!_Ym`|Y2C#`p
zZR+!4I24JO%;J5D7O+2Cm5esKXY+Z_t+tY<7AzC@3orXvAB>K*8(U<m>Pg%VJ_~!q
zH~QG=d<Z6mEv{qwbWHAj&C{z4a}tjJ<1^P7ZjvfM@ef{_LBZBG{WJJt0tX-&EIDqe
zGuDq^Mb(fsX$Dy`=iv~$D&Q?$PdK()09^c12anD%s9pzh9#zulbxC?0bf`lk<XJI|
zMes*pK($ugp2e%sb<wSc2@l9L#<B)4PP^DK=RadsHih*<8SSyUvZW)F^9p=-x?hlA
zUkJTS3HxZSkn~5q|MC3oz=9h~=o8}M!ZXhcn^GuwR)E}z_hE|CR^zLXNhIa$`Q9zP
z>zyKX!ZOf7607@iLiLVv(mx<=l?#-O#WHFFnC_RF-2EC}yKCDZP3mvTxefssw|j3Z
zYxW92kZ(?=6~?swCN{X9&;1o3CfD-|u553Syv*j-SMsnCgdf2#*v1t<UN$@5EozP2
zZB;P-GlCIGSfQ|roc98DFL>{g-Bj}NYsZhBmdW28z{62}1)P_;z)b<cwDJB8c-&Bp
zQ4|9?;8+ZK2xZ1j>wt#kEzvLEZHv(Yv9Ge$r{mYVk4=TxO(@%4u9ux4+OTb#v~S>&
zkD;$1JVd&<0eo*Sw#%abS-)?HAVjA36esIOY83ME?_h1fJG|^y6c4-6eqnSJ1|pfP
zg=oa;fb(o|B5&5eLz`oQ^rX@EaXJXMKtv5Wgav)M`vdm4qCR=LuCflLCF`Da`e25r
zuK!44vAr>tH$jf73<sCo+<r}HQmX67JS_VEa`+oc2+_6ghWqf@Ux=N%O!+RcePmmR
zh&nTFCI_rYd`kP_b^WEF8(|wMP<HHFXsMsN(exjMB13|j(klg6uh+4qafvEf1+X7n
zk|+<WhcDo#Ol>9$X1O8>HW|NHk=$2ZR#sb2XXqsCln>B^xSa~~$zC)(^a!Ll|BVKC
zYuAAV4q_j!OO^8TUXCYYl>OkR$I$`w$C@@kM|((7r2fpR-RHVj17AhXs2%>Bx8Xcs
z9<Lu5k-c6Ef`hf{Hhg=)%mOsY{^>7av5$hsFH|9br`#hH%)(=(Hly~=ZuPjuY-8$$
zVcm|>4=CnqQ;`%n_CetGJ~4|rEx^%@K&@v$e)AP?A@K9yn8xkWC+6(CGSq+k&H-`T
zj{RWzr8ECn1w4?Pp~Gd@{n`*_$!vnB38?xPMZac4BaJm?&SkJ!QF#i1gpb64?YH}e
zMZm?Vy5dq$Q#Kh$^k{IwDD7c4^~TuWXt+4#pzp2{D4U(A3FwQsrkBJ0Cj$oQm(zNN
z7KlyR&ZuohrDj31&VC@2fqraOa)HA?dN<Mcd5Q9HGlu+msSP;T%~(cS)`Ao?gNFXM
zi1c#WtDG@-0*!ZNaT#=WVuMWUX1$e#i61uMy`}N`lfvILp3|$=#)9{gg`NGDq%g1{
z&dI>vOw4~17D}t{qdC`jT``3OAqv#~)dpgKdx`8^Y<uuuNPlApNm_PFfM`x^YwG1j
z3Fz@&qWlqn@Q8?`YXWe(7Aj}emRG|@`O)sm^xTB+W#SzDrT%dATBOzZPNz2XxTVhD
zPoEo0OzP1&wNEr({ipz$MG%rf6#L7yNMF=Q|LV<((*!X79S<SIZ2<z{ZXo8?fh6r&
z8G#5J&DJ`zgoXxK4|B=EEC+OG!Gm9uy=XOhNI#ke?ykGF4P^V@?yYI>=^^0o=mJ)r
zn5JOXr~#}#L$D0wIUN8=@?K_D9JE~z%M1N;<Ua*(wET(N)SgvaH1x|_qG{oG-i*_l
zlVF@t6KQhk{@~rwHOFFs`x|pj7P;@DXuD{`|Mx>;bb&g2?w|h?$Z%MDN|1ZAaTgs=
z^zq$A$W=Xj>rx$A4)+^3{Cvd}DM7ch>4i2R37GXAm!c3DtN;D7@Q8nCw~TgG;myLA
zn_moYII`B#005dd_qW!feb2&zl}~O8NBzad3W0y~p0;GklY%libHktSAi>{-owgl+
zuSyAs6x={pS~tDnFEetCI&%!9G3Ww_o)l#i0>?~XsryOc8=`DmGjV=h=OZONMZj0<
z&v1rj67%YzK7Yj0oc$b5uN??no%w!DZ4aWu7sV6#`@=9E=^y6OgUsRUu%$ngO|)zB
zBTJ{pls)F8(R+BEI(g0mk>_pVefzB!EZe=SmBIVa&!$Hb(W1kAMQg0M0Jy1%r&fz&
ze1-H4ntryG>@o2gauI7ClR;hpoCg*g$=Jf9eZA5Og8X7q*6%*^2VKFFGyk$;1K1gf
zfgP?G;d>4sPJk~zP?M{}k-=K$&t&V(ZU44}*dx;EGl)gbPQkVBYN8gX^Zt9IY~-@v
zs?cEN*?aY|<?*;jIw6N4)S4;27Z4)9ef84j_hB9<v*XgVC6&QpWgx~~#W^xa&o1vp
zv+@&7uF!(5UzUiriyH9RQx3+e(TLUy|9aE%y3UUHU-t*8R)Eyc$sRYz1S~ogf^_ah
zPA44ME_a3snq_9=(sb!wP`l3HDcI7v5tF`thyOrL)ofb^($1Nd!LalA{1i}IGip=S
z^A7M1V{o0&tlH+D;+is#98Ejln43iN?tiT0J9Nmkzd%%Ra9&3@O&~lQg(T+=vpvn@
z*7hJC(>KZb8XizJK<;fTfmRFLuE9Z39l(&gMPXjili0FSTB21;{~T=3zfluEQ(KnL
zTV9X2q62Uz%L^Y&rb{>ZarvqoG;chr2}9URx}p|ngSQpUpN~qxLOf2QM6@wwVJHd4
zG0z_aK2Y;&z?j(gW~NUb9+uo@)nxC|QU8f~qP=Fby{BF!iULmNKNX}g!~zBVO?Od!
z?~wjmFG!MD$b~vU;zvQKHY#ozNJ1v%{z;$~jHxj>8&<~C`LzVNd8J$GGZO(%hgqX4
zu(Kld+AWj%liiUt#<uGd9qd5I+3(hl-c>guq(}Z)3b16lGIMyTt8I(iQVzV4cmC0*
z`r_D6#6nMhfM+`fS_ynNb?|q2l>;ZdZ)EcJIDJ0kKqCtd0sx}}3t2PcGI3P_--PQp
z76UI5ci@HE*BFHIau6*?>pdzq=h}@4WlrR{Ti4jYQ)!w=!Kaffo5Gh{0A`Ug5h#^R
zbUutm{#C`@T7ZO+<FScT1?TJE@S|TF`yG^94Avs;H$WxM+ns5(wPi<ccqTVma~eDL
zPAb$)A&Yvr6ejI|*<stP+7u1a(4V7zy~jmtlYnbHMtB8vFbp8{P(OF8oGjl`HGr(z
zOuh6;hIAj>tGR%31^IlHA?WffP@;t?WsSGd|F4CaU>1w37hxTO8qcLbt1)9|kQ!5u
zRl-J{vGQ$mZ?Q@m!1)R7C-gQTfzx5fe(TwN5eu3dJ?aeJ3u3?ODpC>8z5O`;x5}{I
z6hPlUz=x-lF}F|p(HO=6pC@CM`+C$O!b<eDTZ%P4S<u}@7u=b61{kJA-)vTVSrX(*
zL8v7;-_Pf;vyWm8Eb60H^mrYFJ#QD+VuX0FWHbgZ3P_e9%^>|t$+wArBXYWu7uqnB
z94KCA*N_Besfk(;#AUWx{^I}s(dFomjx|~h?}+~M4vfiwmelOwPd6{bYeSVx+g-L=
zuVpQ+HNoNEBU=aU)nc>&Rqz~8@<CY!c4j0WaPT_wXyH4(tCi#4=ep)HP{hr})}$8d
zWR^-8RH52GyVK?1BDF>opdX4~9dP)#%@uVl7%}Y*Z)kNP4eu9SI8(cRTexQaXVvV?
zsA<OZfrHX?UE6emF1%9RHDQ<7|B@UEFbmiOwAJCBnuDwaCz28{ffE7y+s~v<_jg4p
zvvH8XDs?~yxkJEs>ac38DGPxtWy}nobBg*sTe>D7QUNxC@vkH-@PJ1Rr;*pi=}*1q
zXS|w#q8YrlNrj5J4vWXDFEoaa<u9DgyxK*lGAdF}_Ug>Y^*R`Sr)UC{u5%Z|In{(A
zTGF*b|15a0HXzrsCmtHP_d&`3g%+5Fs|-XA@8&%90cL7|n<sA{{wVa{xIXnm6gaqO
zJHgXRjk0S4)F+~+@WNKt{2iXK)zB~g<$#OKuq>k^RJG2#-8$W7O1~t>a1N8!;ptOM
z-|ZVaje3r@8Y<Oucv-T`vpqR`=7wf^O&MAzSVlWTqePvu`HNCroFzE_aUjrgM**7%
zQg=4W0*X_Vid=4wW`)!pEqI@V^s~~glItte{<FAMWZ<3GZ`h4B03I9Uk^p;WCn*D1
zF87+N)bf-=#aZhT6mOWX-{n3gFDDC6Znr@;ji`R9$Z(5tylz`Yv!^&}Dp?(%k@u%F
zk$joT6`arMB*G6hxKO|9&+26S@&h9Jfc^DETG)QyQ??Rz$w0bB)sRr)$oD_wt<)IS
zG@jX19Um+y+_AmobZ#Msj7|lozo>}*>7(mb!WBSOQQKR4(-DEYQ<-Z;f^`@Xt<9er
zymc+?0n;B3E0ZP+9t}6cN6E%vNqdwNkj~xjYUo0*iLBi;0Wn>F;nLw1*cu<H3-(8+
zB9P6qqD@p}LRJ<=)$B18l~NMOPV&N^gWjfkd4-LX!v|4k_t*Y&<c&0c*G|^-B?^nk
zTFV0k>j9STDA?oIspY@0tMv|+e5Yu&Yg}$IzIK%F7;xRV=H;LN+r?&CWM_R+hNV?4
zV79RUd2eR+Zp?XB09sES`ad+<P8ZM<#j@2c?aPpTfzxrVtX5cuu3Sdz))VfB92(eo
zLub%7TN?S&b1szg8Xr!CUH+yOc$B%9`kW4Yhc1=UezC6(ZdhKKV0#h%Tx!gtk*kVp
zEYj!A+&{}abXM)_V<nsJ0b%oJ6qcj;3;sHrbE4@DOr->3r=3?UhfUEUj&cl;Y2SZ|
zZ^mpKxq2~F(X&QsCH)|@d8n3(E8F!b)s>L`phJvYI!rn;{Pf4mC!Q}b4ruPK{?)6G
z1GXL<>0=&_|3X~>3`14a<#8Jm_&A=f5*zIpv*jvjrw2F@p*WhcqqbVww!0yw34E|3
zVTYI8c_U32=gVq@^zScig|W&&bN?2EGZjGPYoUB=Dhi_vfp6i%`!BJZie6t#-lH?9
z8rPqIKLpL4bHapy&XY{EPlPSb#9r?$$(|Jh&qjf>ZZH(H&BGsiW{?x8tOIjikk5K!
zkUFXbJCnv9crKf4nQHTL?B=f{6tc|~cmw$<w<|kI4#<2KV{`Ao@Ch!ksrtFyMhDNc
zPn0qnJa85K(>-m=Z@j6XvKYv1tTFgRr?vdk4$s6d;H|$7l1|I-KgFl@v%%;hcb3Gr
zgLwsUfo`S9w#<H=q&p<KweCOltH3PXP=gN2Z2qDC)UB_RG(dam?25+o(aK!tkbMj}
zAw3RwAsx;Y`exL8k@~lJc$VIlgEo?cRNRlooUgSqo9E%{1<hC&0C)&4P;-j2_|ZL4
z_B@Lm_urb#P8)FU^^2SR;HG~(tFE!ibH_eQI5N`7bkte3P0e$@)9Q)pUF<h-%w{-_
z=ZKz9@jf%C^4{BZPz1AJy2lKx8Bo?x?|fab`aIC2427S7fj|+r3@yT><+UoH<o*sU
zjxGs2b)uE&{h-ctnPH(ax$dR$X-(TpTgs^qkS(FZRB~tpHK-nS=-+azR1FrrKcSK)
zw4DC=W>sgctSDRYkF-~gp(1OcztQ&VHK}XCELRHaw-vOX>YC>AR(Qrm>b%c4pSDyV
z58qlgXgB^fPAs{s2Rs++I#Om~tP0!aYj&w}=^f%$&IX4IsvX9e8z=tqyx-~S!W6!`
zAAM~AEgTC<s4JWroaW1|0}tTE<+O2Tpm4)UWpzyOvrL`ae{0T$GLZQIKKHiFCVJCn
z7AsTtD?d{)-oh;l<_)6L8d!|ZMzV4-G?I2s6b{LCo1|AwoW)h%phLEALp~);rZVg6
ziQ`!GOPo)I^2el0#!*IR-A-s(W}HbqhG>7);TYG(MVEd%m<7nR1Tg8vC_%$hZ5@8e
zNX295aKqcs`Xll8h%zJX-Nqn6mCF^FMaLs&BkNhppw20FL7F^Hl*q&VD2IUvmw%g|
zMu`%O@AQ-sryJowyDwd{pXft0b!V6$xE@E7&s`VR^jYS2qOy0=2I?QFR!48Ke?!+8
zZ0&xXLE%+wVoHK@5Y``B_8aeEz@}GF7KTtLa$nZb;G|$;9I<*e`hXjkr#IfkUKMLv
zN3vt>7$nS={niL3ep#zb+7A0YT7J7;i3Z`Zypo0F?ySEAT~$#&NX^%0S>PHNoP~-0
zCSGfCQRY!ny62{irK<0Tx3dh-@U=!}4AEDVmEUc1?VS$h)9-XG;TE)J^5b?)?uJ<S
zH|pLn^iGx>zZ9wl?((OWBV9b>+4ygAJjy^O8<j&~>%HUC;+|Ylw>2yxb6kN;dDvwP
zbVe->-g?H@1n@}x(>`^cdj~<Ty7<APR(Jy6B4067$rAjp$@u?1SqJU;!s^=wKT(~I
z{9kFYS_*=v`n%1W``Bv6jv!L(;L}@FX%Odb+I?6LBhcv%oRmMDO74=#iG(XDa-ee(
z`^N1scxHU$sdxQEpWkZ1Zk7Th4e!63a!u|&;UnQw8D|Q%KG2UdPxm^)>&QrDkb_C{
zJ2tnrFzW!?f{$*c;=phs^6VcX@>8E@c07lj)S(lSP5C>=V{$1ldn(-X^!M0XF6)^8
z1jd2UnSL>5-07cf#&}gmm=YmLWxZQ4+NZI@0cE&3k*<fR5bw?Jum$!w_OZ~n_ny~m
z#(s47a+;3PWjBKUiIWa`SV^9gLX>K3Rr<eF$DxD6wZw#-0<Womw?9vOX(WvP#Q2}O
zGw=c@Qd5wu0<^Z$bm=qvJBL=z6TGMP`yqT-Rn+`O<toS|a`Oxar<1h3iryFFtot2I
z`jpNm#}E6nUxL(kyRNblhc<}hHHC`U1f>mYF(-rv-k$lVEv=#p@ZYsR4uq)?iK+dk
zP!pgEdmU%8><-SqF;+<UE)gCN+>>xdWXqv-)$4%sJfCFwO5nrJ+;7nFS_Hl+s}yu7
zY-#*jad_2(>Hii!A-d0&8>D<A^52Hfr8aDy&6HGzU|H^nB*$xx5%B4|&qKLR$?M29
zl#D`sWteo7BDiGZUz8Z5r~qC$G$T;=$#EK3cJD?1&qT2J?s)qDcFP6g4;V*%rfLTL
z+P!bp%f^q)>$1=<sPUH}ttE6MX3eqCs}z02SZky{9yGe$TzccNV-Nga(r<e2?wu~V
z{@dn*76IQ=0yn9_d#7nFO2%)z9>0TryLg=mQ1?h58ISLAigH00m7MMCGS^+!C^rpT
zvNtyhC%gGU{y^e=0C8n&&R+Px+Y^=PVDx<Sc4<bFGmHN!`%78aOi1A7N{F7gTH83m
zf1!swi?{Zt?dC)0ck5wPtJ(Yiyd@7y-tLAE>MIPj$#vf`-0j~z73Vo|NZkX^<gif2
z9}TbI|D3V{-aB_%{Nr896ifAeLuGg9E?-0s+JBe5boKRBB6R3!y$WPvX)p4hto8}j
zJ#B@mXaTN)$3~ZUF|7;fM>mBPa9P|>OQ#5I{d={PF?RbiYaEL$js{hhs+A*hP~rtS
zU&S96v^0zI!BX0vUo`;)V~V99+Q%T3yl{ae%hz3M)n+QhI)D#yVkz@JcdewIM|u>#
zqu5NwUK)^#OV3P6JcZ?Oc&2qJI)>%IU&<w1ECrsdeB)dkfbT5-328bH7=G4ssA+IK
zY2R$zQbJY+bY&j#MJkN0>%1LP)shK&%P%_kH8HwRZaY{^G9@)DhqlQxv+PCB2=hoz
zvlD8k{bbW#n}|YD`YS~uzaVlG4hN2p6c+HK2ymM0;Ahzh-#TYS(T*s~*Wi_b{dDSU
z9Xc@I*!E^GV@Kl(@5*PD5v%?bj!Vl0L7oCz--qa{$+zf5P{J#3GOff(y{98hgW4Jt
z{n|w?&gnkB6lm1;3pBY*{=Myajd%EZwlY-B)!%Rh>M3W{dlLrgqTeJ*;<@m7axYC2
zLy#v*q+7{_k0ZI*h&3<DCJtZpxI_mj?|iC<Hp5RNz4UB73C%z&cwv#@o$t+@#zYZQ
zQO_WT*(+q2#)Ngpgg;B>kdel8W3XoxFvEa@7Q_hU?J=_>nOcS)Hb@*gx`g4`qH(nC
zrKCRFQ>QPElAWZ3@J!Uk;})BV(x)%{qKYk<9nY<sZ<u7BrJc}fYW4c!USsyA!=Z1*
zLW`lS{&EzOUOL4v!6~>@d&{K-NbgN!`ct#3hESwNw01(2sJ%E}F@@qP618%1DB#~)
zGT-((f(6$XNRT^1_LWy2<_|wAcCH~E7__>OTy?=T<&jLPRzZvJMWS_RZYVybMVx$Z
zV->x2IF@gD9c2Umpy=lHJU5QQZyJx>XcW}F9x}C;-}ngSxvqLsks+gLTkI;E$5l(4
zPTc9o-+_T}c)ZTk?4ao^AO~+D{xpkNXcW8x8Fi6>rW>uwX`e~yn~S!yAjfoAsv&M>
zvYEq<%vmbyS=R=q)DycD&Rem>{rm76j1Qfw-%geI7vc2(Y;Wf~{+RUndFSWgE(Igo
z_G}(E21;GH{EQ;t&)lTr@s~UaVzpT$pfdQ^@Z&r~MT&rgyKK?+oDb4IE2C_+nxcKV
z;eETJmAqbIyU$d)$=z!pIC}<+0fY(dr$09|Q~16<EKGNL%`=f=Da9!N%$@QTcqW^W
zokEfRslSXii{+becpm8ZUYjONF7k4y6J(YQKcoQ*cK6*$T@E#QSGJ(a-Sldb-!w<t
zU?B(TS+SL$j_pg^d{XSyHbVFvu5;%xz;XvXr)F{ld{$%=3*R7b`ed>)NoIuj@+~*L
zXcaGUYUrxpp!VQ9iV`3Kiu%17?z1XH#!srA4fvj91k8L_y1z8Q=+CMH^ID*9kVCHG
zz0bb~GmV?2eq-sN`k=gMc&_)J%vaA=K!J$UM1nIh$S^}3;kXU9k}L*4(1o3gt@x^H
zP)o@ct*)*%N7?G=9vkqiI+qkNtSeaYFcLwr5D&}54hn+z(&D?cX`YR~KfM-mO+$lf
zQPqiG9|=1*$-9kf0L<hOJX$+3pt?6Hnn~cWAWpd=(Zz#38JCkL^f>bd9SXvus~D}W
zw%3Y|;5-3OvDW*W?bVv>Ryb&WrpcW=h0yOWgG=k_O=DNTFKG(<U?K8(l4VK7y<#UD
z)=3h}Z3d&~$_FdZIqkcFZWRm_pr}sxKB&eT9Z*DML=-7@54DFLM<y+?TF1B}Q16$d
zu24)eT=nbaTjwH`&3F;`Gl!N%64$v#kvch$^V~dKj}HP2p*06iMt&q?0i~ebj?wgI
zdIk;pApFZm<k^TEBEmcie#xJq1!<~bFU~ffb5v2N+nxvie4}eHz>5z*boe5NIJAm6
zK)hfUPl9A}375%{<=H@G(+R!BEFKw{)69lp-<tN(Y8$kO?K|7Pc5xy4hBs{JP8ZKN
zOCk_a$~t5vPmg=ShIA01nBZPnyU6CapM0bY@6Kbss#<SzkZ}Hmr$dp!3w7ajN{R`w
z2G(B{JYFvdoO41~)|M~S^u9KzAg*A;{quYFo$Wq-ct6V<jMv&3Pe=TU;Emu)-iR%%
zYpCUC#V>1bcW~~&;zfBFL;iS<-H6WEGjZtE0X@3|6T$TqO)+*=Z4prV(js~<F_qS>
zSmD*HAB}y1#ZJyN@!cLCL^N5F0=!Z=wst?P$8+L<mjz!)*rOiR*3>zYKPG-;NP-{R
zJaSY_2`d)nb>mw+X}@0W`%+NzuF|yg0sbT0NU2Q6eNX0QXC5qX*2A$9TLIDE)y9;M
z=^f^6LPd(hO|DbVr6!s6<{dQwq9sjG`gnaZJ{%QPl`g)I%MsCzYhp}8_WYOS`wtUx
zGbb_6N_hoJ%IpRXt6Op3qJ4Q(8@1B4o$sq>!{IyTla*psC*eib>i6v;kSN;Nx3rV9
zq4qYd$1kO|$rY&Y3RAU0OF`SXiD~ufI#w}sE?A`hv<cASAx43@?Nsogo~MwUdf4%0
zhDCkO74V1w!Z#d|eWi#rsV;vAOiizMR^H)qd!B>smA#FXTfGJm_r4A(vuD-aUo#%p
znIV>sRhEA_(V?Iqvl~H~Q!+NTLv?QR=hKBP@T=WibIO^I``_J(1@r)*XI9(;iadg4
z1T!MIL70^ZwsEqqZv@Li**-2_?P3F>6nQov@3Azo<@reX;T$^yTS%H{3O~nhQ%TKt
zrI}gX(iM6Kpv9!M?mRF4GGdUhYpfR-cz#Q39m9Ti#9a47DeJmfn3VkvKPr+49Ie!0
zGZ&Q}^lLyvU=NQ!!#M%1gh?n+`?u0+Q+K5uyxgfmWFHCPMG-1#d>C3wcP2pMR9%z3
zGmY~Zd;H_{(AZerydX_PkB@R>XiNRkBEAn_^d%z&rlR9ql>TSvK#)y=Fo+93!l9nG
z?gzXAsSoSt<MbrSco^!6i*IW`8a*92<?6im$KjGgtRlLqs#PtgB?jN<Wd%)b=t)I{
z{Ulg<`t1fLX^t~RrWFG(ExeU6vAx^JvjP91jB*o#Rfx1yO!ht0%at5*RbA2P^aCu|
z1~sd+*hI*<dEsOf<eKM`EBdwJeeAk_uLNR7xROQjxAt_KQFtN!mbcBv<)c(V5igk>
zJj1v%4CI_`23{z2Mt4$NhyUEU@e7bVRDK?c+WWcQ3Arm5RStb6BQ_SXgkGnWi>T`F
zXu|k8V^iZ5FmriJv!-<`U5uq2s17YI<91AiPC`t9U0-THi4`sJU!@`ucDaA2RtMyr
zOm2J>$eKz;_=Up4STpa-Ly!SKduDF~ypYu6KupH83v;vRgnpkc05WI*5IjOVpRAHm
zdgRe#H@Ko7MMl&{su2?x_-@?LVi0{YN&gX5#F9|lwvG3)YEjzeX~OcJj}Bwgovz5d
z#Nsmeyw@Z7691br|6|zWJ!xL>v#m><Wa^YpLK{aI{^R6n{t3fX$dUtVEc7eWLf(p-
zBaXHgnP{@anhW6s2JjtGdvSXn`cafU<UPTON&BC@tzH{_tRHH#7F4`L-4~<YcDmg%
z_imWpGZgBra4bH%)8!0U#KsjGM<v60u`;dMMsj-bDMWnVz1S}eYKvpz%v|^_1h=wL
z&HZjk_r8>13@=b_G%9b(-@mul^d(E+2WnB=2L_coodNMK{cYXrDgkAIU#~G#5wozf
z0nXV2acU&&cj`;+zz-9s-w59@@l-6rw^;1OGkNH71^@>*YIBXNv}5C5L>)ET7~FwK
zpY*1Ca3+tTWprd8)UU0A)!z}Pe{eYcpjGb^n1BsNmn(0~`R=!_{%3vDvNz$aeJhSo
zma~J^+z(=SpnXcUmdwC|Vyhx`txrMMG3i_c_SL+IwD~MT=@@DYBv>fH2;Ot*X!HSt
zp&ym2^1i+%#afj$4;R^bcO!*NyRgJMJ{HU<3`RL++K=_8rHS1Uf)}**;#)lQj)(y$
zoX@ATy>yUoKTejC;GxGdI}_(caeGnbicR9Uu;b(-`Z-vbW@(M=A`dvrI(raeXB-_M
z3-k)Ccu%;1J#>)sd>RAZB|gQDI1w-Xard2Ima6lrMTz(#QcHKOjo=?#Lj3Fq%#on%
z*M78xAl39$()=hFn<{ll^T~I%%#umw4O$aCk2d2g7dQ;GyvP97&q>uDi=ybfyR|mP
zDPB)YA7?V8o`93s%&}7(-{dqGo3_XgBR@}#E65^G{VXMnn46j%X<8A3hC)y}n}2}6
zfCWO$h85bjqi5hIZirK|tUmrSqS_fkWk;9ePL*HpWfaasu*bNKYv>*Bfd@azg<})T
zT-d%|xcPyOtR>nLCwp|FGZ$M9k-#TWA-2|{TQwnE1NJ%vU+BYWx$S(`dz-6litiMP
z=-Vg@Z(Jxa;yg-O7mQkupG)hH;G^Oc%Y!DU=r-HKg3X&{s9it6k98tb6k*y5JF}ao
zbwx(?=XfL&Z$M%-15lu(4sV-(_tI!6b$}#+@fBGPx!C=x8sqy3F=X98FnV8YJ1Wk`
z8Z$QLY4)yZ<X6$t`8gZQ3QJb+464v$e2`wY$zTtTXJhnr&iSEKuktqr4|(acgJ@QS
zDY3A#!ri?1I)dN$NaaQfl0-anFtLbK9+xo>`guQwZQoAzC%-rIw^XUWbj2K=rYIeC
zQX^&xZDQ!d*Eb0oH$vw=VR?M-ikQFS->&y=u;Mo|{Z5_uSv=#b6f{P%mjIFpqj!R7
zUp-CG=uC(^URL@(qh!sq0ZdweXk!|haQBI1A94X>78BkPmWmlWonD@22v_5N;Fpno
zI$SD|fWUbcUnx5bITX*epQQ}1UTGT`h|)Pb(8TK$;;HWmCTNJK4u|L=P>XU$Z<@u)
z^NdyVSR%KQu`z_cL^4PqFZ$`tNAJ(~xu?<dh<_}IvTwt|u^YoJ7LM*{y!u2_=JWPH
z@yPc=I`<Xlz1EZY3{yg3NG%9V5gl~xoOTfgLKuZ%s{<%=*nc9IDOS)5<mAXT<{5k=
z?E3YT=552SmIJT3&y)tT@gKcBr|id#?@t~z6-DU+w#hSdqb6808&G7VHfM=3e|_%N
zAUS$rO!A{t|Cjxwnlrda4&$9{ru3F2c2--31Oo!*X0qHbE7N)5JH$F2z~6Z5U@l~t
zATRLxl*Ww|Dr=6ozvY(8i7rb!fqz16{#Gs%c}i}R+1a=D|CILS@lb!?|BP+yGm)ii
zgY4O}CB|4Qlr}0mku2GYEW<DuJ5da>CEAfJNtUrkvZkag*^^xu+wZ={`?LJMe|>+C
z-+wdr^}6?-d+s^+-q*S3JWsF1gjvKfyIsd|=|3ZTg5s@5xs~Pz7msNwcVBMHWC)ur
zm)<|R!V(|$Dm{dcj_*n+-Oi+!p~hD(eTTF4BO`l{i%}65yLQ_;ey;5OGQ|!^KMbBJ
z-=AFx@f*6H+rIZ_dH?66eH((|I*Ps6;%<9;aftZC(u)O&j-_$Rr7^q+`+!YG^S9OK
zbGs#?shZEQrK*YkRFlsRB}7hHIezU^g=G6$8RP76wUn_{|Gm}DB0rg%!}wFor@W4r
zom3ZU{3>_XndHnE)6O=ykxqOr(HG>$@(l-~A1^S|2`3V?B|?|a{&`}sJz}#HvOCvd
zsy&sKlbBUAde~WbVxU7i`i6{9rP_=H5=(uH=9_`qzIQ{~Spsi;Dbo>w3<*<(Y&Dn5
z${%;+!yQ<%qn)^gfghzST3Qul&#Ae8s*g+6VeBQnw>>G7W_u**{BS=Vn_d<3-Hr3&
zHH1j1d;|5_wN>nF6$ip}%$u~oWuU!5Q{vhCyQ>j~Esfh0ubGQ4%GySX!jUcNr~u?k
zefS5MQYb<%e2GrWoWQb=v#A?3XY8TvjHWTBH3L_GUqTbU;|Ud1Q8A6Ge#kGz5?4y7
z#z?W@Nn$l{eYMhw@7i2ybowMtDud3kb=b`+&*KB<cwi;-1MEqz$b5E4a-Ze=g@wFq
zRAnmG_a9?CvdprvEMuxQCO7>gh|c~&P6tk&bo;3j>E5HYYtIGUy4I4_?#BGkQ8LT)
z_KO369P&ULbr#A#WKDRCp1_6S=V+y9uhEie1|sM`Ul;5g{tTjjkz<znc^rkIZI;by
zPRB{foT6;~><{fYFA&0Sco=;W#m_*OcGSCX7?I^vHfn!j`PJ@XF&IwK{VMch&k8Y)
zm;BQ9#!OjuD<J^X!vLIMfDH+jz#10*YcH$FU+o#h!bjQD;c3mXJ8R(}c=?^kdLQ_j
zKBIG$=2L@nhykOJUMNNpw@zZHU2-LXu<lN9>H7uvodVDTS>2H(yL>;Z-Cd<&RS(na
zrIF?uC7sj3C3n9$tD=U4H(>rdlk><)<U{HTlHy1mLkU*~eVuXqtP)#=JzRLT6zIw0
zVlQbBA?*X5t^jRea}0G!il6Un^a>-!r$jf%wmX=|_&El9x}Hsm6I>;SFQSd{XtK}|
zJX=NcHN4P?my?RBdW3WFX}wiTzn!f@)8Wo7c!d3PTcN00`0fKnZWP4kxgt*M_oLkW
z)HJ0mTNo=6xd}FSLDcSW{gv}d#yHi_-dlVd2@Y$L!+4aPuonLOQB=82@T_ZTOqmV_
zZpM1oQd#SDI%A+b+g6hVq(>R=8IkJei*2dj&@*!?SfJ~up1{=PS4ecs2x&{YoniJX
z)Uw;<gwB4%0>{{oPs7Nug{8pZ_F~ck6a}3!x-Bh{SyHLK=;N1>9c9JQAf-2|7=S`V
zrk7i^+^$lWpDhx33(SFELh0QxdTjmDmRfs<otHjxuEq1RZ~eqCdtKSSY{#UwTFRHb
zPlcL?1qs9L$n)ogf~{A7YU>LP+(%%H!)A-Wisbp|ex~p4$@|^_yV4*(PO_m@#0Lvq
z7)@fC&3)gfD7+*$NZzz)-b1`t;%-6ya*_UGOAOQ_!(AjHxnk|Y6ZkNHVESPk518Ri
z?QtC6bN*OT!S$4Pnzs_u?U<;XYi-V+2roC-EwQOr#P%pW`j!1R?89iP5|J8(f67vQ
z<S%CPNrnzL{ze;T(n1Cz>V8BpQsY=5`WxOlfuDQNo1>2FnF8Kt`n)<^M>wwiQ;(e@
z`*C2`R95>NtaOp)71gxV=a90vRjv*y+-7W9hO^?BR3!d-gln)6S8ud@u(oKvfQIWp
zKno{^@Dcq8?E|bedAc89NZr#-=r#5ELInJDQ#p$st&Gx%GA@j`Wh}pf78egpBC?9H
za{a|MV4ijHoHsG5oV|YUH=TpX<y=HQSB*vk>@8c%rSq8cs3b}JW0^H|ix!yhW9Ajt
zM$UTS4YL|E*V0h*V=RKy6#Y7Ao%xxd8Q+?a-3XB62g^W_8BVQ&j}WFc1}^_6*`IIO
z9;ajar7QaAm%x=~?{pYCsE$ig=owg2*lo!KmS=diuM^<o1hL>Zcmb$hpX!P3%9St7
zw-N_I*uFhRNKL|?ifgm`<OFjn6WYA-?2^Ubv_)i;>%By_3!_)?-chbdb<0>fG1zRQ
znni5gdCeVW5SS6spC|#3x=~vRKooiqpj{A0%|trw5Z7s31r&V?c-S2QbSL%wh`qY|
z%N77090>!=D8TCJtktIh90iVNIlV@^gs_^X4~H6Q0fJHbN#Ku>Oh(e_4Cqi1(f_C|
zaMH+!Lzo085O+_hkKC;19!Ua^^FhpTs==HgCyqU+oa_$z=(&7ANQ`I3cI`7pfLPT-
z`%g(OLoKLL`cI9qcjC2|*n=2RdP>P;NfYD=PvG}h4G@#+fwek9O2zdzU6hy)H?Z{{
z{oCaxr0wMH1#U6w<>Y_k08GS9F+izgKE1^&KacOLOTQROLTxzm43e<dcF_xb8bOZ0
z{M*(DpqNT5ui{Sww^vF}DNs*d>y4AZq)eCuA$80hSgk1#ubSdo8VAohM!H7t0U{7}
zcWhdy#n^gv#xJQD^Nv~6`n75q2@3MA#4@ogQ#%NoyoSCNVa}E-`u&*#n};w2C&25B
zH**Z=*z-a2LxFJS&A^!@<VQ}u#uZ?UALSl{Hz-cKEp;H=!ftXZe;4?ch`7leX)7&b
z>xWRbi1joWRpf%}AL2^q#HynvL?$4&|5HoH@CXyIq$?lpXUD^78E8;?C82dxFL=V}
z2q=#*n<hiPn4@?hv1uFzNplZRXDWkIRKevgZ)^x9&Bbi)*y?^1Y0@)Fo)x^e%rryc
znxb#)&jM@<@ZUjuQqf=7@ZSnU;I~aA&Zy~6JYeD?sSU?uM0ddV>&w3*SUZS5+Sb=l
z3GCC6mR(?lg;8W6gJt)b>a(2X)XUnIk$a<I_jZ_2S%W&XU28&3(ns%K(S|GdXvfX&
zuPE{^Za2t1+|^fpmgDl6GWTQMIRPnT-g92-G|x(17f~|jpHb~ZAR26nF_r@c3aDV7
zFt9!@Rv7*j;X`dcF}8bSfi{*Ag4x?sj}d5s8xe4sP`Y{Mu}!*5R-4l6O6~`8%tyX>
z`-1i_AP!ode^dx8p=8#@S2~;Y8!x%A>I&g8H;mLq!f)V%el1v~$`I=5cD(c3TJ7NX
zNw7UdJQC5SwmDf_^}t-yVzSXEi7XjQnbJt$9+43+KqXbtM%&2;1n0kt`LC;8?=zlg
z>sYz3`r04D<-kD@B;i0k$c6L;*pK-K<2{h|iF$@wuz9xN0aVCMwgVMYU&0kD$!_H{
zasv(FJJ1mCZW<f#FX*3tqck>))#Pn4OMp}Y(G}mH*rr2~<5fTo^luDUMe_cyo<iq(
zDQ$Qjv|(`Y^zZ>4apUue!E^&p{<}up_}WH@!2c-2P<oLDeX{nWM>_jMc_Ju0xgrFj
z^4-yra};3$h6PN2IORbF^x)Kij4}T&i)AcIY=I3*72@0x0*G=y0kJ7$f7%3Ez33qT
z0M>&Rkx+|Nf}0x9cIpY19aab_=ZJs%QFHWeI<!oEq7<kBP?H1FC^UppNaF$^4ow9z
zz|KWcsN)z=^|U%LY#qD_wQU?jdGqeUo4};<UvKtM*eMHk^>j{3@gJyx=!2QkfQsRi
z;#a!=yJ7+zGnWkLf<pqVh3x=w!Hl0$-yIsk+!9W1hcZH-_mscI07J$RI+ZE&f^h%m
z2Wk`#ReO|T?I$ZwVO|1Y-oOE&27sccZTE8CU!+XoQLvcj3*X*Nsq3SRgYuX_8SO)e
z!TMY|`(FR)Kc;3PUYep);BX>{k~)y$Cs22E2ZPrKWJw*&iX7nFr2}~kgt}p(EDu8v
zG|S}!_E<y2gi(6?3-#u5&@|YTP-hw$YP<Hnnp1WvideaTJw-W*q7F=;o<uyQ-W3QN
z#Kn50<#21=I17bo$02eu02|Q<Ta>#FpvfD;&^g!{P5`=6bt%LD4$;L2t<wi{1Tob+
ztHS=j+EzcHi67APae0`-<~c<<2B1D*luG;%p28u@kY}i%rVq9f1_+>qmNH~u!AV3M
zI~XzuMZ`<sD5SGNI$=g>-j@b69|KO<T~!mY6n%aVs@t;^y|SPY3h?hJqg1E>V{PKu
zOntBVlU%mBlPCvdmg6E&exQip<>}ysE{jdtyF1cd{(}P}stQ0V-oik`Ek59kAAk9r
zea0pdLx4El<nP~_sQP0QpcTD>#=H!~ztCb+#v*rP7qmxV3j$)OQO<Ps=7k>%01eUI
z5WI+)@$v&Oj4T(l2j1;4R}%J?#?J1~TkS8i8|Thw=G2f+PBn33d_i=EchK7By7yxr
z<=nUX12=XCFX9oW#%c!yo1*vk>S|hj;TQstu#22C*~dcyh_f63-fA4+hn+cML;#Gr
zNXUF$HRKzHAz)X^&Skv=?GR<b(g*acCDbeXwGShTr7~pdVqq~DBXAwn1OS7G$4OL&
z@_}D*oL;XXJUNjz2?5TL&Z3pp*ofI#Jc5)P7>d6sazXo><zB>fV?l8|!Ug*`T1lHc
zJ#vDdfXD|<297=>bL<&frT~z!XI%~j9S-RsuBBq+s1M~^ffquPvu1|?>?6aET@gJn
zOYNi1Icj~r?)lc)<T=4V+rQZ}(Ws%0;1}9AtC1)@aH1#;TA5o+$G&oz|1bx8%CO@E
ztg3x=?xdse>#2;L4EiUR9{tX)-721v%}k1SuH9zku;7*vYtw9ErQPEDK3Br!<vG7}
zG&0e>)Z%+mxHWBG3fM{F`V%M5=6tu+C@*YiT#gM<ziCM-OWflbYvy0&8#oke3p2zS
z3*4KV9>z!B&rmDF-&;z^dL6uSYk0rXd^}yz>$ZeT3cof}SC9a930oGE8^8NoTl=G$
za%zvNS%rm73QFS6W3~X~+6jNuHGF^KldYV!m_);mg57DH=Gug-QrP&adF~6^o;m%r
zOU36#cFfz3e|Q$Ha+Ym(DX=Xr?PU2Sk>0pl6EkM1Y^QPI8y@-Fg2!YsLO-j>yxPyT
z^`AeF;ADtcS?0A%CF@);IXR<W1>`BcOAp>-QGk_kH`DfI&zqhpAb$h&3X5gg@T99>
zmzNVOHh73+;LQH{64QoTv~-4L(yXvZnDi2z!<%kP#0fcn$Ugc6iwN`d>COyUJ_{rk
zEbk63vE;nIi2bE8;DMpV*hT*$bmQ?7db8sh*y)dx6ws}(FN#Odx8RJs91oF)sx?G^
z`{6e8UWD5i3hi+9Q5$PYp>wfST*<)%hG-G7FBwaSf{>Z05eKqF7!hA@BT6c7D;i;r
z2~F}WddX#j128`_5s7hnGj+*|Fq0GZ(q9ZL;zMsJ<EWy~w~==f!oC@qi<w89Krqog
zB#C+`HXcHWYfbu|DAb`7{{B^tJI=yRNJgB09**n<@mdX2&=MD$L@s@+zw2LoI*n!K
zEJm9lZED;gp-E0C%fZ#bD2ZE)#5psBT+ro-!Z0oL70t80Tk$x28inV5+%w=s^cuZc
z8uv<(VMFVMbv18I+PXTUQYhw$55c4)<{mS1M=+{#Y{b*YU`mlI$xb#Z68%uMQ~pgu
zxt4<fpB7%^v$_;6?zyo5(m_T<K0??SpGi~MeEziEW@eW={5tna&Q*=qtk+GCq_8Fy
ze>G$HKm@B}kMO}XTI8O@qwUm!qy46_R3?>7i5SUWyTYm)%eWDI$XMqRH~q-`FL@+c
zoorRdywe*VVAEl>sn$m0pom}|{v|Q1TNBy%I(UlFXGXQv#)&agKCD>Sg8*+kn%38>
ziou20wP~stJ7*X4DGbc$2EE2qy&G|1i(_P#?u!+-!C9LqRyGf?t1Ra~G*p*KrH=OD
z*qc;fYG(3FPJzjPgD>Bg4emY)ZAoC?Z|xOcr(vhv2)|Ly@auN(>xhLuiSTaio+k}6
zYO`f7zOOf%-)#K0q;qbsqv~LBWE!U9<Jk}3iJFbd4&+>$Q7)MJr4;;fU4f{}v;PK5
z;tS}dP?#L{jSnZkulguKTUINFlYwZhX+`Vt`%_V8dZFUIRFjWtXsvF}nDh$Vjr1Hn
zT1{oA7YI1N-qOXBafvlsa3^l!M62CBmoc5&GGKcFtDWH4*nak0j(o!cx#h0j=9s+z
zwd}vLtf;v9I?=U0%fb~~We<$`quDDuGrfv_)QFi^x#r=t%d6DZ$?~*yUn8Qtst$7@
zh#mATO~vdA$BtY^(~@>Zd^JLO9rVqR!bc5Yhdcxp=pH1Z>oe9Ql?wOIN<4_uVs>zP
z7$&*OLoL&|bFE%8vmU`DBbR<&xn;vJ<-M)$k%)GKBaY#p62Ev-i~dVs&+bwg3GPI^
zPy%Frlvi^yfCm?d^Yt~Bd3VMmx;DC}dl=&nG31@?7^XuD#buw&`pd(7m*1l~_(^;U
zqBAe&nPS1J(;4OGp>X_G9r4CQMQ0>YOu>Km772G+-Nz7)i$Dp*5wFH9@!%w)F9{QI
zO|BvZzZ3vL^6yT_Cwy*^*wGQZ9K{Nq04NK=Bl4I&Llwgrj>X%SFWnaPF@m$p9EUki
z`8si0SWfOL|G0JSI-W_=hnor)*BG(G3!~}7|7!B?I(%$YT+~?Y^z<iqgz*ome9mxX
z!w1O^A{F0YNWagZY7g}yjXx4k=F8OQG14@q6QkPO*eHCmym3nr(bdYMizTT&z92+5
zz@BShEEsD5A%{_P+H{wSY_5S><e$Cfjn^+!r8ABvg~<{Jz0z|9Ljv8A)z$$fi!j4K
zBzNw^IO}+O>A2C;QGKrzj~Z(`pAj1RR1%_JagQ$MJNX^cXl#2O$8*7{lm`#xU{y9v
z?MQ{$I{fV8BaLV#If0WQ=@z#_rEXkQm=kxC8aA(<7d0LUUn9yiK6_v%cAM&?y;J(u
zTe8ABl?Cx;idYQ=?Tezsm$cXVlo$EO9G1A*+5;u4PQ6?YnH|f$GwOz6Z}L3yfm0=V
zpM6`i+P$FuQ)vvgXBu~Ut1eq2uK=EU)u`$HG(yd&Ao`8aYFp9gqh-iy3y%bZ-d}-1
zX67bC+LxFJdF@(k(ml84bos@Vt1n#W>TmAJmEo;Qjs!~v{j|+%ITLR3^ypG-x)H5V
zV`^UQ-zt&)w9N}8^ykmkY6bHNaB?O+Xbf&B;Wikx;W=c;H=p5!_$EHyAX~zOG*+|a
zA6MOB)_s^Hb~lPvx4H4gM3%l-Td4XBVf21!zzdguuT+<`LlbDZ0t_`U4%WQ*1>VRy
zmZHG$2!T{o%d{Owz)W|^#bPQ&eid6|S&=t>pS8lG!m$o^VZQq<Ner()b>{iyJ01Q|
zo_2Bx+-xSso_rc|G5+hv;+5IQXM%0TjG6>>9JDGQODP4XmX3HP7RHo3JiJgg*Z2<I
zp~)9op8AgKYV-4wWJduln<qql18SwpkLF1x(8-b_wzXtjpwWBuO?YG=Qg<{70av9d
zu{HR-6yhmmc{oz(S$A?{xG-&<Ruhf-BnP7^^=2j;t?|fy#0wP^%9wVx@sk7UmFRg#
zyu<NvA@R0?G#jdpHdM`t!N~Q-%U=<$#M1@8I@%oj^bLgIx=F{rP+=QAO|PME;c@Dt
zGxGeQGIoP@9)_32mJE3_9g6IhgTb_&e)n)WcwDpL>QU?<_BzcKyYFTJY%kF1)J=MC
zjFf^mEre;9+b+Lk68s82HSssWXVk-~7lJ)pql;eS^&6Q>g$*3Tv@vh~#eZNz;`%FQ
z-bC8UbRq?1pv}0z!4*1qfDej(5>7?4z{Ec+^M4duZ@?{9#j*9Zb$g!D9xq+g{#hTP
z^*kRySx^?s|L;E?HT~=(zqRLRV59YZuXXu2EQmSp<s2r0x^0J+!WqTR`-XoI(K@8)
z{&)Y+1GQ*iBzF$~XG2lsUT@rhO@|<23>#>#Og%&9EM@V2y%XPjI%QQ|N=kd5nn@-q
zq)!Oh(%w@@Uw3-5Svu(<U8gg-9Bo8>btR`Yqa!dpN!5|cP-?%!#${@tIws4o5BidX
z#DW+L#6p*KTFtipu`Nux&vRXAtDlokr8mk~evE2;zN0H3H-3n}j=&~uZM8!(4@mJX
zFB3p4=+-xQ*;M4HJPlcG_v3lquXnWB?HYH2L$#^Jst<7w`X<sh+O?R<$IjTSwr*%L
ziIpg_nro*xCrZ|L&NJuQ6n$Clv4yigMjC83*YP#oUfwD3RW2B9?3=XjlxNc|F|4|a
zr;!=Gz5L-E+a$LXo;N%_^!d#Ua)Yd`7$WL0uDR?QIEGVZr(=HLGnhX4=c;|{Fu7=d
z&Y&uWpQrwevbtD3_>~hQnyy<LxhmP$y6xF$u|cfk#+bM``6f}*lF~WqMCLNr%8z#)
z^Avklb<%lur<na*TC5jBz#x>EB~*EMN~z_`{gGnayXTtW_A$iQmm9wZIT?7aJ7yvh
z<q`@RbEyAA1G`+4?OT5Oe2xwCbED1b`4JIbC3$rc;SozD-ab4B=FQsg5>M_H?PTbD
zo+DI&2@*k)+Bn^{5MDdw_dTy4;$m=3K1DVcL^T!t`ozs@-CabZ>*1rRyb`KL5Tt)2
z7Mv@0L?lz4W<DXX{UwgiLSrKS!Qx>H4gMBA|4l#Av)B^5`lM_AGCKl9)gAI>ffmN2
z#_%D=FOh$a|KQn7E4yM5nb+0mCJ(bGH^$c)OyXUW6K-GXMBl^?hGxb+uq^-AA+ghX
z*V7ucb}aOiS`bh5okeY1E!c+>R<Lo;<2A6s-cz2sqI9i|Hx{pa2pPAj*F&%-2M4*u
zUiMVCh>Q?8mdfn83UEPX*gB<I>c@pXnKd)&e6$NfN7D?>_#A#Xbm>u)EH9Ua)dUmD
zMV-`UG}21@(qO0Xg|y%l>vaV>KEuew=Xdd|at|Bp4ll9N9BVGkWg!(8(=H&979R@R
zXfGd`Y<zI)<*D%(%~9#z%W|ym|9+B`QQK4OcBbiYyDeH~1{%?l*+d|mBBT5-y+{}M
zuQ}RY?jG~Pk^*IRF0j_~;Cv2w^88flxh#Yana#2N$>1N=G<K)(J!#5%#1@y3g262?
zWIu4F9#qsy3q~eM@2tB9{|xe~QF7Q(77GLy2>CIl8ZQ}iEokfGB9<HZOYa9e)_*c{
zAa1oc2wt3rzh7-H>|0hSHKwCKdO52U%+HRO-UXS6L55)m|CdV3CTt3&?&-%WUZ3}b
zM#2&mhx*F>8+VK@F7$)^jUC0NX{kCh>b*&CBaOf^$^pa-v&*L$)Z{jNIwKd`8*V<b
zzAE<t`&6Im19LD9e`qv1q~#vxuh$YXagDaZzP6X-J&i0QK5W(*Ge!Fxw#%DYQ9qhY
zB+836IVK9x8mvz#X!X{|tb{RcHP|fP*QpYDy?%1i#v_xM!)FmR6*D_JGb&Wr$LQdF
zytDZDS^qZ8Ld#(hSTNp9=!A+C&)l~TwuNJE#|tfYTr==44i=GS<fIa*ul3$X4ihQ_
zUtx^{Gbsu}I5fxLq_QAdX0GkB&tFZQcoODi^Lg)7U)ALyZCv+mxAr~12k#6y#5=|5
zOwunEDqx((Sy*&2ov(GCR$|h-By1L@F*7$LrJwB^Rf)(cNS35S2<FU{>-tUuc`CiL
zc!jG5>1O`TcGM>Bo<+5D#y?kd9tnN#M;qY=2nY~Lbga;F)*j|Dsn7V(4tpG~)WWIw
zX)!J29UqDRUi(Q9yKu0*h;{BdlEwXKBm3F&?Hc4iYUAEIF7HYDB#N=APS?PGpdKj~
zag81!;t*Y2j$&Q)fRXb<QR(ee^}gOtifZk6IHzjcy{a$s1Q_zz6StKZ)T5lBbZHyM
zE6BT_B;U&Ob8vK&oX>d>_Kf(6xOHnT%KvK1D^GCwZX<|$zci^B!dNNw6x*UAHF^m6
zsDo{w2$*0GzAO0F9W<*?!gS}vi$XrfAr{&;i#kuOyh*N$!|04!RdEXwU(4b-4vj@<
zqRkFP;vEa45j>NRqGs{s&P&{NGv|Z72;Y$V`Ehv{j17-6|5oZeyxP752vXwD;}rYe
zWF%YG8s;fok>vYZaXsa#mDp{I$gOgrP75a{`ZUP+l+OgVUx3TD6vmmC1AmW=tlv!A
z>$HhB(q*8MTVVJ&^*m--HWfZ5kgV8iXe$vtLo!jjjEs{kIxTLBf~}(Hoj#v4M=Ypb
zGK-6}Pk7ESS{B7Jn$|Ut^7qX!^QSZke%AHqdb4el#aPL1lCQC`;3tAU{xR$34Z)H6
z7=0uu&WpPi_hj`UeIWbAr8{j?O<yL@;?k|ZD>S8%R1Y;Z*kK4Gaw48YJg;t$0nflw
zs>DmxLd3LvCy4mt;{e**JJ{IGq5t!fL2cWLMFAj-oD5@Gct4e_Qrp|6t6nowqjwP0
zY*ckd4etfX;ygtPCCt@Kb=>5lZd{K#iZ&U?tr3S#zkF?mU$QF+CM<M=poAZl8|0Eq
zXgI0unC>Es_^ybE-nJUOEy1U>9H`t(T__M*tl>6E)7MiHhj5ZHnYu<#TIpMU*Nj5*
zCJR13UUj$s^}XCu#yQp#Eo)|Gd;U*0ZswkE5gR^fo1sOs7dk$(SuQU~9j!#$B9iW5
zYWaH~mZBg)FpK}#+A4Q;u8}BMyzLBuw;ms_*v>&4j=2M9aFD;?)88Ksf9ImQ#C%!m
z0|Snbga58;!88%NnAP#fY#MBTpcv11Ah*#z9<g`Bh=-S}Mcg_S|1or|4P}0h`K)71
zcu>Z80V9W=7f+iva3q*k<<*zS?0oKf%72i}?>89EOc$^dU@SDsxEM0Lj~fF-nCkSW
z#)46(wxUGAun+RLe=e!UWxX?`VMA1|M~Voj&|eCyAu)2A8j!tFUOUZVcBUnKQitft
zb@h&JZjZ-JU9f|0`FTbe0GR4udpdjWy!;-^t{U0T-y?wEKjCdFMrhpAlh4C+Bibg%
zXvQC|($1pi=%)DbU2hI5fsx@WEjU>cCAYKWZy2zN6zB*O5^uhw4!eObX#*kqge=~i
zXT;%gIanjYVD(PejZ3hEp{Fb*zO&^l8?&KnwVJh?c0qXC!Jpp}!@lQ}OnRzr^$X|%
ze;h-OO{<c0ySF9PCH3LWmj&?Y^_^!NMxVObx_^C2^}Cgw#wi+_1ABl<pI5x30uW)O
ziGSX=TK2QIR_PZiFpUo+GUgzv1VvA#;qE*hZI=91<4hyUJvVYP&~7vjC#pE6L^-A}
zgOoip(lr3WC$sX8!gs&KcTWY?lrG&?d!dcGctN{HND<Wc8Ewcod(6}RvB863g<IN*
z6aeX1HUCX`HS=wU{&Rv_cNMtTX>u=R-?7P592*D?Z(4qCwY$V*Wkqz8ta<4GbEc`;
zuDSbz>ENt6rMOH(S^iA>SpdpAlohBfcq2WHjKsW!tms2w_r9@%2RNc=briG?P!7cr
zteH^)aS;H*{!z$0u#v%mI}CW21mWYGqyT*URgme2cu4~i&Vw3stM%M&H3!J`XIg=^
z83S;F3<(to=8SrPE!8!$DYGtue+p^qD_a1$-x4NPvOLG|<xg?&X<$$Wv1I@!TYg0K
z3BWQ2**b3Z&K&}>LIC(k@E)d4RoR;$47>97E;xA}G<*edmS`tk0HxWn|L=E$K;9wV
zgGaWm9s%72UwOgs5g;-cnZH#qvZgEj9ILVO?jjhD9zbZs-_!z`jre}2+fmAg-~Ves
z${^{+4;TFb_LncX>;B!sSRBAEl+MFelPA*t^Cpx6iIT41oO#a9{eMv?rZndwca3qK
z=J$jv`;&js(C%0}(S2Qgy$sx4rUXD&00-ltWIk#l-M~M%s9o~H<KEZ#$A7@s4;bUn
z{%(YL<=U?A;!o#)6E4PWQ+9kB>wL`xbn#Vu<lkKop#(~$*1YbQ`_Hu&La_A*!^d$F
zH*uHEv`b`7_W#{9jU*6|7f-R(%DdovcrZaGk4Kx>L5>LAovB7(!2M?yl$lI->Yu;J
ziMlH&ALtHzKmI9~kOirw!Z@@`=H?hGJo-$_7FAZBe0G<Al!3s+O{SQKwEBu+2<rFu
zy`3F^y8y`IR0|RrIc>b6u}Yuq2Yxs*h2ls|XEGSH+C#BsH(+6V4`n@K8*2Nk<yAO4
z2u$fw+gC!meMLYsZ$KW5Qdvo-l;?sL3?3o1yGl8VR+$LQL<w{O;GqXskc%0apMOQa
z-iJGvV-1<{2gUFR^_qRTMTH*(guU#`ce4!^38|$=`q|x9D^7{2zWN0&9h5(SMjXAj
zowaUgfZRQnRe(m2Ln@}+i1&rzZvD{SA3u|QI4Wid+%;_VXz#zCMFWo{yZOpt!>jId
z)1zY|?jd`>zjPGK|HuMaoS>8$tad*NAC=Nd-Y$P8Xz_g{WE0$KIDaqt=^CJc!Y|Ea
zq=7epCUAvR+6@7SfRc(4Dp6`tJWoUcsGGO)N9!lR8z_O2W4&|ZK7_^)ltG3N<){nA
zce>t^fnd_y2EgZac*F#_UbwhH26w<xBeQ%%m-;_9G#Y9Mg=&FYiytdRX+-RKc#pKl
zerM6zEkRU9W8|mAmJ1GwnK593N0IU{R^PtE=D)9{gX<N*h+)skw1PnVP0l-~1;4%p
zJOX%0KM?5bjylg+kW6c);}1qT<;W9uw-}(krvSa+rj_?%@fyy=e79aS6iR_%MjQgq
zfjH1p`+|I4=_Du#2WCQvb(SVG0(AOIQXVSkjFSXi#PzeYz@GlG!9eLWn%t^DN-=O_
z-{4e)z1i(m=no3<h-{F0OJ(bO)~fp#(CCSx?OZ5#NU{^)p6MoQv9JomI!#}2H}tMN
z$i(4uU#^n7a_gxePfXDZ$Y}*n1$5=rLw5heZ$YlEp)ZEny_X>p@;`S@-7>!kQhk*G
z9fopvT!QFFX+U|rAR)BZk=M<vBj>pXPe}e?gvPoS1?1Epq*ig@m%k2h({TKnLA0>$
zOYxL?E#UMa|HpY~6}Xc{(eplip9csfm?{>ZwQ2#eR5zilWU-X8F7ywjOopM>Yq|sM
ze?SrrWp=3bw;2Yr0@pxzPy8Th&9(-#*&_?7SK!@w*VKi)a`bNZdB3MR!4lSBP&c)}
zLP-XjN-6X0Y~Wty|9xX^45alro7f5^6ftoC>{0P~(`vEZpI8a<o%{gHLIx|8E@i5t
z+T<iEU}}9Oo9T=F`mcEIW{~Uc(itPrYC5a=kCi2mu%u_A<GT76x^<2tsfYyH1P0%y
z*+k%JfVwpXa;G)Cz=CWpU>|dNHqQ9Ubxz#9Ul$}%W4ccm-GmaS2&df1yc>|n$S_3x
zDy3rKg&@%wN`d#Ly8sLF;DO)k9ske2+7kqJ_o>l>{CBEP&zXR{e^jUSP4!-5Y{UK!
D9cqV$

literal 0
HcmV?d00001


From 7cea6d724a4d5049bced4ece10acfdc6fd057f21 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Tue, 31 May 2016 08:26:28 +0100
Subject: [PATCH 50/53] Update README.md

---
 terraform/azurerm/README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/terraform/azurerm/README.md b/terraform/azurerm/README.md
index 7e1faf30..3c0283eb 100644
--- a/terraform/azurerm/README.md
+++ b/terraform/azurerm/README.md
@@ -7,3 +7,7 @@ The configuration is based on Terraform's ARM provider, https://www.terraform.io
 To allow terrafom to create the infrastructure within your Azure subscription the following information is required by the 'provider.tf' file, subscription id, client id, client secret, tenant id. To set up oAuth authentication follow this guide https://www.terraform.io/docs/providers/azurerm/index.html.  
 
 Connection to the server instances is via ssh authenticated by a public / private key certificate in openssh format. I used Putty to generate the public / private key files. There was an issue certificate only authentication **so please use Terraform verion v0.6.16 or higher**.
+
+The infrastructure is configured in line with the ARM architecture as shown in the diagram below.
+
+![architecture](images/ARMArchitecture.png)

From 4be27383006827acbd0491646826c9f5b7c318cf Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Tue, 31 May 2016 08:31:56 +0100
Subject: [PATCH 51/53] Update README.md

---
 terraform/azurerm/README.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/terraform/azurerm/README.md b/terraform/azurerm/README.md
index 3c0283eb..ee4c9feb 100644
--- a/terraform/azurerm/README.md
+++ b/terraform/azurerm/README.md
@@ -3,11 +3,11 @@
 
 This folder contains the terraform configuration for a public and private infrastructure provisioned in Azure and is created by attempting to reverse engineering and match the existing AWS architecture, https://github.com/Capgemini/Apollo/tree/master/terraform/aws.
 
-The configuration is based on Terraform's ARM provider, https://www.terraform.io/docs/providers/azurerm/index.html.
-To allow terrafom to create the infrastructure within your Azure subscription the following information is required by the 'provider.tf' file, subscription id, client id, client secret, tenant id. To set up oAuth authentication follow this guide https://www.terraform.io/docs/providers/azurerm/index.html.  
+The configuration is based on Terraform's ARM provider found here, https://www.terraform.io/docs/providers/azurerm/index.html.
+Before Terrafom can create infrastructure within your Azure subscription the following information is required by the 'provider.tf' file including, subscription id, client id, client secret, tenant id. To set up oAuth authentication follow this guide https://www.terraform.io/docs/providers/azurerm/index.html.  
 
-Connection to the server instances is via ssh authenticated by a public / private key certificate in openssh format. I used Putty to generate the public / private key files. There was an issue certificate only authentication **so please use Terraform verion v0.6.16 or higher**.
+Connection to the server instances is via ssh authenticated by a public / private key certificate in openssh format. Putty was used to generate the public / private key files. There was an issue with certificate only authentication **so please use Terraform verion v0.6.16 or higher**.
 
-The infrastructure is configured in line with the ARM architecture as shown in the diagram below.
+The infrastructure is configured inline with the ARM architecture as shown in the diagram below. Terraform does not yet support creating Load Balance resources thus it was not possible to replicate this feature from AWS.
 
 ![architecture](images/ARMArchitecture.png)

From 81c8910798334cd1ed006cd798a96acd57e02fc3 Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Tue, 31 May 2016 08:33:28 +0100
Subject: [PATCH 52/53] Update README.md

---
 terraform/azurerm/private-cloud/README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/terraform/azurerm/private-cloud/README.md b/terraform/azurerm/private-cloud/README.md
index 8b137891..c7898586 100644
--- a/terraform/azurerm/private-cloud/README.md
+++ b/terraform/azurerm/private-cloud/README.md
@@ -1 +1,2 @@
-
+#### Azure Resource Manager - Private cloud
+---------------------------------------------------

From f484bd4424a7dddce0221b3a421141cbffc21dfb Mon Sep 17 00:00:00 2001
From: heywoodj <james.heywood@capgemini.com>
Date: Tue, 31 May 2016 08:34:14 +0100
Subject: [PATCH 53/53] Delete README.md

---
 terraform/azurerm/private-cloud/README.md | 2 --
 1 file changed, 2 deletions(-)
 delete mode 100644 terraform/azurerm/private-cloud/README.md

diff --git a/terraform/azurerm/private-cloud/README.md b/terraform/azurerm/private-cloud/README.md
deleted file mode 100644
index c7898586..00000000
--- a/terraform/azurerm/private-cloud/README.md
+++ /dev/null
@@ -1,2 +0,0 @@
-#### Azure Resource Manager - Private cloud
----------------------------------------------------