I am trying to install Azure CLI on an ubuntu VM running in Azure.
I am using the run-command cli operation to execute the command
az vm run-command invoke --command-id RunShellScript --name trainingVM-1 --resource-group azure-privsec --scripts "curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash"
When running a non-piped command, the command works fine but when I run the above piped command to install azure-cli, it fails with the error:
Could not retrieve credential from local cache for service principal 8bf34d22-7230-47e7-907e-e0df201xxxxx. Please run 'az login' for this service principal.
One of the reasons could be that I am using an old version of Azure cli(2.29.2). For now, I dont have the leverage to upgrade the azure-cli version.
What can be the best way to install azure-cli on my VM using the run-command cli call.
Edit:
Splitting into two commands like this works for me but I am still trying to see if we can consolidate it into a single command:
az vm run-command invoke --command-id RunShellScript --name trainingVM-1 --resource-group azure-privsec --scripts "wget -O /tmp/file.sh https://aka.ms/InstallAzureCLIDeb"
az vm run-command invoke --command-id RunShellScript --name trainingVM-1 --resource-group azure-privsec --scripts "sudo bash /tmp/file.sh"
Tested in Azure PowerShell and Azure DevOps pipeline, your first Azure VM run-command run successfully.
Use Azure PowerShell, I can run this command directly without any issue.
Use Azure CLI task in the DevOps pipeline and use a Microsoft-hosted agent.
Please ensure that the service principal corresponding to the Azure Resource Manager connection(Service Connection) has sufficient permission for your Azure VM, such as owner or contributor permissions.
Then I can see the command run successfully.
There are some docs for your reference:
Manage service connections
Connect to Microsoft Azure
Related
I am running a command from the azure CLI to execute a script on a linux VM running in Azure.
The command looks like this:
az vm run-command invoke --command-id RunShellScript --name <\VMName> --resource-group <\RGName> --scripts "curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash"
The script installs azure CLI on the VM.
The command results into error:
Could not retrieve credential from local cache for service principal 0cf4e5cf-de8f-4524-8be6-5e2exxxxxx. Please run 'az login' for this service principal.
Can someone help me understand the problem here.
When I run the command without the piped sudo, the command works fine.
I tried to reproduce the same in my environment I got the same error as below
az vm run-command invoke --command-id RunShellScript --name <\VMName> --resource-group <\RGName> --scripts "curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash"
This error may occur if you are not using latest version, please check your version like below and try to update your version:
az version
Also, I have tried logging in with my service principal in Azure CLI and tried running the command to install azure-cli inside the VM and it run successfully.
az login --service principal -u <AppID> -p <secret> --tenant <TenantID>
You can also install latest version locally by using this MsDocs
Reference:
Azure CLI GitHub Action fails with Azure CLI 2.30.0: Could not retrieve credential from local cache for service principal · Issue #20154 · Azure/azure-cli · GitHub
I'm trying to retrieve a docker log for an application, from an Azure Devops Pipeline. In a pipeline step, I can run a bash script on the VM that's hosting the application, using the Azure CLI like this. This reads the docker log from the VM hosting the application:
az vmss run-command invoke --command-id RunShellScript --instance-id 0 -n aks-myservicename-12345678-vmss -g my-resource-group --scripts "docker logs [container_id]" > testing.txt
The problem is that the output of az vmss run-command invoke is limited to a max 4096 bytes - see https://learn.microsoft.com/en-us/azure/virtual-machines/linux/run-command#restrictions
Is there any way I can read the entire docker log?
The following reference documents an --output-blob-uri parameter that can be used with az vm run-command create. I'm wondering if that gives a way to output the docker log to a file that I can then access by using another Azure CLI step. I haven't found any documentation though on how this works https://learn.microsoft.com/en-us/cli/azure/vmss/run-command?view=azure-cli-latest
I have created an Azure virtual scaleset with Linux VMs. I have to run Azure CLI commands via release pipelines on these VMs so I am trying to install a Azure CLI using Custom Extensions so that every time a new VM is up CLI is installed on the VM.
I have created a .sh file with below command on blob storage :
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
I ran below command on from the CLI to deploy the custom extension :
az vmss extension set --vmss-name <VMSS Name> --resource-group <Resource Group> --name CustomScript --version 2.0 --publisher Microsoft.Azure.Extensions --settings '{"FileUris": ["https://<Blobscriptpath>/preinstallscript.sh"],"commandToExecute": "bash /preinstallscript.sh"}'
This command is installing the extension and I can see that on Azure but when I am upgrading the VM instance I am getting below error:
"Failed to upgrade virtual machine instance ''. Error: Multiple VM extensions failed to be provisioned on the VM. Please see the VM extension instance view for other failures. The first extension failed due to the error: VM has reported a failure when processing extension 'CustomScript'. Error message: "Enable failed: failed to get configuration: json validation error: invalid public settings JSON: FileUris: Additional property FileUris is not allowed""
Below are the images from Azure Portal showing the Extension:
Please suggest if I am missing something.
According to the error message, Additional property FileUris is not allowed, you should use fileUris instead of FileUris. Read the Property values.
Also, If the blob is not public, you need to provide the storage account name and key to access the blob. For example, you can provide a .sh file on the blob storage.
#!/bin/bash
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
and deploy the custom extension with CLI.
az vmss extension set --vmss-name <VMSS Name> --resource-group <Resource Group> --name CustomScript --version 2.0 --publisher Microsoft.Azure.Extensions --settings '{"fileUris": ["https://xxx.blob.core.windows.net/shscripts/preinstallscript.sh"],"commandToExecute": "sh preinstallscript.sh"}'
Edit
After installing the VMSS, you can upgrade the VMSS instance to take this script effect.
The end goal is to create a Jenkins job that starts an Azure VM on and then turn it off. I have seen commands online that state how to turn VMs on and off. I have a master Windows VM. Can I start this VM from inside itself using Azure CLI? If it can be done then I can add it into Windows batch command of Jenkins job.
Can I start this VM from inside itself using Azure CLI?
As far as I know, Azure VM is based on hyper-v virtualization technology refer to this. I don't think you can start a virtualization machine from VM itself whatever it's using Azure CLI or not. You need to start it from hyper-v host or hyper-v management UI.
The Run Command feature uses the virtual machine (VM) agent to run PowerShell scripts within an Azure Windows VM. I have tried the Azure windows VM, I can stop or start Azure VM but for deallocated VM, I can not start it using this method.
az vm run-command invoke --command-id RunPowerShellScript --name <vmname> -g <vmrg> --scripts 'shutdown /s /t 0'
az vm run-command invoke --command-id RunPowerShellScript --name <vmname> -g <vmrg> --scripts 'restart'
If you don't from VM itself. Usually, you can use Azure CLI 2.0: Quickly Start / Stop ALL VMs,
# usage example
az vm start --name MyVM --resource-group MyVMGroup
az vm deallocate --name MyVM --resource-group MyVMGroup
az vm stop --name MyVM --resource-group MyVMGroup
Moreover, for Azure VM, the Start/Stop VMs during off-hours feature make you start or stops enabled Azure VMs. You could refer to this blog for more details.
I'm trying to create a Linux VM image using Azure CLI.
According to the Microsoft document below, before creating the VM image, I need to run "# sudo waagent -deprovision+user -force" command on the VM.
How to create an image of a virtual machine or VHD:
https://learn.microsoft.com/en-us/azure/virtual-machines/linux/capture-image
Instead of logging into the VM, I'm trying to use run-command as follows, but prompt does not get returned after the message " - Running ..".
# az vm run-command invoke -g rgName -n vmName --command-id RunShellScript --scripts "sudo waagent -deprovision+user -force"
- Running ..
Could you give me some advice on this issue?