Via the Azure cli I can get the Operating system version for Windows machines (using sku), but this does not work for Linux machines.
When I look at the Linux VM in the portal it shows "Operating System" "Linux (centos 7.9.2009)"
How do I get this detail via CLI? (will accept powershell or resource graph kql also)
I had a browse of resources.azure.com and there does not seem anything obvious to query for.
I've also poked around with Powershell Get-AzVM, and Resource graph kusto query.
Here's how i get the info for Windows
az vm list --query '[].{ Name:name, offer:storageProfile.imageReference.offer, publisher:storageProfile.imageReference.publisher, sku:storageProfile.imageReference.sku, version:storageProfile.imageReference.version, os:storageProfile.osDisk.osType}'
sample output of that cmd is
{
"Name": "myLinuxServerName",
"offer": null,
"os": "Linux",
"publisher": null,
"sku": null,
"version": null
},
{
"Name": "myWindowsServerName",
"offer": "WindowsServer",
"os": "Windows",
"publisher": "MicrosoftWindowsServer",
"sku": "2019-Datacenter",
"version": "latest"
},
here's what i was doing in KQL
resources
| where type == "microsoft.compute/virtualmachines" and properties.storageProfile.imageReference.offer == "WindowsServer"
| project name,offer=properties.storageProfile.imageReference.offer,sku=properties.storageProfile.imageReference.sku,version=properties.storageProfile.imageReference.version,minorversion=properties.storageProfile.imageReference.exactVersion
I figured it out!
There are a couple of other variables that are populated.
osName=properties.extended.instanceView.osName
result=centos
osVersion=properties.extended.instanceView.osVersion
result=7.9.2009
My full command is-
resources
| where type == "microsoft.compute/virtualmachines"
| project name,offer=properties.storageProfile.imageReference.offer,sku=properties.storageProfile.imageReference.sku,publisher=properties.storageProfile.imageReference.publisher,version=properties.storageProfile.imageReference.version,minorversion=properties.storageProfile.imageReference.exactVersion,osName=properties.extended.instanceView.osName,osVersion=properties.extended.instanceView.osVersion
| order by ['name'] asc
The other variables still say "null" for my Linux servers
Related
I can create a virtual machine with the UI :
via Azure marketplace with Flexify.io, however, I want to use the command since I want the VM to be created when it's secured (SSL).
These are the image for Flexify.io :
https://hub.docker.com/r/flexifyio/ce/tags
So I tried to use the command below :
az vm create --resource-group myresourcegroups --name staging-images --image flexifyio/ce:latest --admin-username azureuser --generate-ssh-keys --custom-data ~/Documents/cloud-init-web-server.txt --secrets "$vm_secret"
This is the flexify.io image flexifyio/ce:latest, but am getting this error :
Invalid image "flexifyio/ce:latest". Use a valid image URN, custom image name, custom image id, VHD blob URI, or pick an image from ['CentOS', 'Debian', 'Flatcar', 'openSUSE-Leap', 'RHEL', 'SLES', 'UbuntuLTS', 'Win2022Datacenter', 'Win2022AzureEditionCore', 'Win2019Datacenter', 'Win2016Datacenter', 'Win2012R2Datacenter', 'Win2012Datacenter', 'Win2008R2SP1'].
See VM create -h for more information on specifying an image.
How best can I do this?
The --image argument for az vm commands can be used to reference an image available on the Azure Marketplace, not Docker Hub (or any other repository, for that matter). Azure Marketplace is also the source of the images you see in the VM creation flow in the Azure Portal.
To find the identifier for the image you want to create your VM with, use az vm image list --all --publisher Flexify, which yields some results:
[
{
"architecture": "x64",
"offer": "migration-vm",
"publisher": "flexify-io",
"sku": "migration-vm-ce",
"urn": "flexify-io:migration-vm:migration-vm-ce:2.12.10",
"version": "2.12.10"
},
{
"architecture": "x64",
"offer": "multi-cloud",
"publisher": "flexify-io",
"sku": "multi-cloud-vm-ce",
"urn": "flexify-io:multi-cloud:multi-cloud-vm-ce:2.12.0",
"version": "2.12.0"
},
{
"architecture": "x64",
"offer": "multi-cloud",
"publisher": "flexify-io",
"sku": "multi-cloud-vm-ce",
"urn": "flexify-io:multi-cloud:multi-cloud-vm-ce:2.12.2",
"version": "2.12.2"
},
{
"architecture": "x64",
"offer": "single-vm",
"publisher": "flexify-io",
"sku": "single-vm-ce",
"urn": "flexify-io:single-vm:single-vm-ce:2.12.10",
"version": "2.12.10"
}
]
Then pass the urn value of the image you want to deploy to your VM like so:
az vm create --resource-group myresourcegroups --name staging-images --image flexify-io:single-vm:single-vm-ce:2.12.10 --admin-username azureuser --generate-ssh-keys --custom-data ~/Documents/cloud-init-web-server.txt --secrets "$vm_secret"
I am using a custom script extension for VM in ARM Template:
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"name": "[concat(parameters('vm-Name'),'-0',copyIndex(1),'/script')]",
"apiVersion": "2015-05-01-preview",
"location": "[resourceGroup().location]",
"copy": {
"name": "storagepoolloop",
"count": "[parameters('virtualMachineCount')]"
},
"dependsOn": [
"virtualMachineLoop",
"nicLoop"
],
"properties": {
"publisher": "Microsoft.Compute",
"type": "CustomScriptExtension",
"typeHandlerVersion": "1.4",
"settings": {
"fileUris": [
],
"commandToExecute": "[parameters('commandToExecute')]"
}
}
}
where parameters = "powershell.exe $(Agent.TempDirectory)/$(script.secureFilePath)"
I am using azure devops secure files to store my script. I have Download a secure file task before deploying the vm.
I have also tried directly referencing script file name
"powershell.exe $(Agent.TempDirectory)/puscript.ps1"
I am using classic Release pipeline, if this is not the right way please guide how to use powershell script stored in secure files.
Any help is appreciated. Thanks in advance.
The script will need to be downloaded on to the VM you're creating, not downloaded onto the machine that is deploying the ARM. That command does not actually get executed until the VM starts the extension, so the variable $(Agent.TempDirectory) refers to the directory on the machine executing the pipeline and won't exist when the VM starts up.
I did the same thing for a VM custom extension by including the script in the image that I was using to create the VM. If you're not using a custom image, you can add the storage account information to download it in the protectedSettings like this:
"protectedSettings": {
"commandToExecute": "powershell.exe puscript.ps1",
"storageAccountName": "yourstorageaccount",
"storageAccountKey": "<account key>",
"fileUris": [
"https://yourstorageaccount.blob.core.windows.net/container/puscript.ps1"
]
}
ref: https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-windows#extension-schema
You can try like as below steps:
Use the Download Secure File task to download the PowerShell script file. On the task, set a Reference name for use.
Use the PowerShell task (or Azure PowerShell task) to execute the PowerShell script.
Consider you want execute the PowerShell script to run ARM Template deployment, you could use the Azure PowerShell task.
Does anyone have a sample ARM Template to install SCOM agent on an Azure VM ?
I searched through Microsoft docs but couldn't find an example.
Also, What are the other critic points during operating this task?
Could you go through the steps?
Any help is appreciated.
Thanks
• You can surely install SCOM agent through custom script extension in an ARM template as below. Use a SAS token to download the SCOM agent installation package, viz., MOMAgent.msi in the Azure VM during deployment itself and then use a powershell script to invoke the silent install of SCOM agent.
ARM Template: -
Using the default quickstart template for deploying an Azure VM through ARM template as given in this link : -
https://learn.microsoft.com/en-us/azure/virtual-machines/windows/quick-create-template?toc=/azure/azure-resource-manager/templates/toc.json
In this template, you must add the below custom script extension installation content in ‘resources’ section in the above ARM template. Please check the formatting of the ARM template code correctly, i.e., commas, curly brackets, square brackets, etc. Also, ensure to open HTTPS port 443 inbound also as below. Please ensure that the required ports for successful communication between SCOM Management Server and the SCOM agent installed on the Azure VM are opened as below through the addition of various security rules: -
"securityRules": [
{
"name": "default-allow-3389",
"properties": {
"priority": 1000,
"access": "Allow",
"direction": "Inbound",
"destinationPortRange": "3389",
"protocol": "Tcp",
"sourcePortRange": "*",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*"
}
},
{
"name": "AllowHTTPSInBound",
"properties": {
"priority": 1010,
"access": "Allow",
"direction": "Inbound",
"destinationPortRange": "443",
"protocol": "Tcp",
"sourcePortRange": "*",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*"
}
}
]
For including the custom script extension in your Azure VM deployment, kindly add the below ARM template commands as stated above.
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"apiVersion": "2021-04-01",
"name": "[concat(parameters('vmName'),'/', 'InstallWebServer')]",
"location": "[parameters('location')]",
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachines/',parameters('vmName'))]"
],
"properties": {
"publisher": "Microsoft.Compute",
"type": "CustomScriptExtension",
"typeHandlerVersion": "1.7",
"autoUpgradeMinorVersion": true,
"protectedSettings": {
"storageAccountName": "SCOM",
"storageAccountKey": "EN6iUzOfVe8Ht0xvyxnqK/iXEGTEunznASsumuz0FR4SCvc2mFFHUJfbMy1/GSK7gXk0MB38MMo7+AStoKxC/w==",
"fileUris": [
"https://SCOM.blob.core.windows.net/SCOMAgent/Testdemo2.ps1"
],
"commandToExecute": "powershell.exe -ExecutionPolicy Unrestricted -File Testdemo2.ps1"
}
}
}
Also, please note that you need to provision a storage account container already for storing the powershell script and the application package in it so that you can use that storage account’s key, its name and the powershell script’s blob URI in place of the same as requested above. Also, please change the name of the powershell script to be executed through the extension in ‘commandToExecute’ section. I have used the name of the script as ‘Testdemo2.ps1’ so have entered the blob URI of that script and its name accordingly in the ARM template above.
Once the above has been done, please ensure the successful execution of silent installation commands for the SCOM agent to be installed locally so that they can be accordingly modified in the powershell script. Please find my powershell script as below. Ensure that this script and the MOMAgent.msi is uploaded beforehand, and the access level of the container is set to ‘Anonymous and public access’: -
Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
Install-Module -Name Az.Storage -AllowClobber -Force
Import-Module -Name Az.Storage -Force
$StorageAccountName = "SCOM"
$ContainerName = "SCOMAgent"
$Blob1Name = "MOMAgent.msi"
$TargetFolderPath = "C:\"
$context = New-AzStorageContext -StorageAccountName $StorageAccountName -SASToken "sp=r&st=2022-02-10T08:40:34Z&se=2022-02-10T16:40:34Z&spr=https&sv=2020-08-04&sr=b&sig=DRDulljKTJiRbVPAXAJkTHi8QlnlbjPpVR3aueEf9xU%3D"
Get-AzStorageBlobContent -Blob $Blob1Name -Container $ContainerName -Context $context -Destination $TargetFolderPath
$arg="/I C:\MOMAgent.msi /QN USE_SETTINGS_FROM_AD=1 MANAGEMENT_GROUP=MGname MANAGEMENT_SERVER_DNS=MSname SECURE_PORT=PortNumber ACTIONS_USE_COMPUTER_ACCOUNT=0 ACTIONSUSER=UserName ACTIONSDOMAIN=DomainName ACTIONSPASSWORD=Password INSTALLDIR=C:\ProgramFiles\ AcceptEndUserLicenseAgreement=1"
Start-Process msiexec.exe -Wait -ArgumentList $arg ’
If you intend to modify the above arguments as stated by me for SCOM agent installation on the Azure VM, please refer to the documentation link below. It clearly explains the various command line arguments to be passed for SCOM agent installation. Please note that these arguments depend on your existing SCOM Server setup and configuration settings so accordingly ensure to open/modify the port settings accordingly for Azure VM as well as for other components in the SCOM setup.
https://learn.microsoft.com/en-us/system-center/scom/manage-deploy-windows-agent-manually?view=sc-om-2019#to-deploy-the-operations-manager-agent-from-the-command-line
Then edit the parameters file with the desired values in ‘adminUsername’, ‘adminPassword’ and ‘location’ and save it in the same location where template file is stored and execute the commands below from powershell console with elevated privileges locally, i.e., through the path where these ARM template files are stored by browsing to that path in powershell itself.
az login
az deployment group create -n <name of the deployment> -g <name of the resource group> --template-file "azuredeployVM.json" --parameters "azuredeployVM.parameters.json" ’
Thus, after successful deployment, you will be able to see the SCOM agent installed during the VM creation itself. In this way, you can install the SCOM agent in Azure VM through ARM template with storage account provisioning.
We are using an Azure CLI command to start/stop/deallocate VMs.
az vm start -g trg -n AzureCoE-VS1
This command used to give an output like
{
"endTime": "2018-08-03T10:20:56.271327+00:00",
"error": null,
"name": "1bc3b4ec-16b1-4f1f-a6a7-78fc23e62677",
"startTime": "2018-08-03T10:20:46.849438+00:00",
"status": "Succeeded"
}
However, we are no longer able to see this output as a result of which our application is breaking.
this used to work earlier.
I know I can remove extensions for Azure Virtual machines, however how can I do the same for an Azure Scale Set deployed with RM?
You could use Azure CLI 2.0 to remove VMSS's extensions. You could use the following command.
az vmss extension delete --name
--resource-group
--vmss-name
I test in my lab, you could refer to the following examples.
1.List VMSS extesnion.
root#shui:~/.ssh# az vmss extension list --resource-group shuivmss --vmss-name shui
[
{
"autoUpgradeMinorVersion": true,
"id": null,
"name": "customScript",
"protectedSettings": null,
"provisioningState": null,
"publisher": "Microsoft.Compute",
"settings": {
"fileUris": [
"https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/201-vmss-custom-script-windows/scripts/helloWorld.ps1"
]
},
"type": "CustomScriptExtension",
"typeHandlerVersion": "1.8"
}
]
2.Get extension name and remove it.
az vmss extension delete --name customScript --resource-group shuivmss --vmss-name shui
More information about az vmss extension usage please refer to this link.
I would imagine that using the Remove-AzureRmVmssExtension Powershell cmdlet is the easiest way. I was unable to find any real examples, but I'm pretty sure it shouldn't be very hard.
Reference:
https://learn.microsoft.com/en-us/powershell/module/azurerm.compute/remove-azurermvmssextension?view=azurermps-4.0.0