I was able to create a azure acr task using the below command:
az acr task create --registry myregistry \
--name demo_task \
--image demo_app:{{.Run.ID}} \
--file demo.Dockerfile \
--context https://github.com/hm-group/repo.git#branch \
--git-access-token your_token --debug
But, I don't want to provide git repository. Just want to use --file and tried build this task using below command:
az acr task create --registry productionai \
--name demo_task \
--image demo_app:{{.Run.ID}} \
--file demo.Dockerfile
Error:
If the task is not a System Task, --context-path must be provided.
We can provide --context as /dev/null if we want to use only file without providing context.
Command:
az acr task create --registry myregistry \
--name demo_task \
--image demo_app:{{.Run.ID}} \
--file demo.Dockerfile \
--context /dev/null
Related
I am trying to clean few Azure container registry images from all repository. For now I am entering repository name one-by-one but this looks vary tedious like this.
PURGE_CMD="acr purge --filter 'aag:.*' --filter 'aap_6.0:.*' --ago 1d --untagged --keep 7"
az acr task create --name PurgeACRImages \
--cmd "$PURGE_CMD" \
--schedule "5 6 * * 1" \
--registry myregistry \
--timeout 18000 \
--context /dev/null
Here I have given name of two repository, now I have 800 repository and it's really hard to type 800 repository in this PURGE_CMD command.
I need a command through which I can select all repo from ACR and store into PURGE_CMD
We can loop on the output of az acr repository list to concatenate repository name filters to the PURGE_CMD variable.
If you are using a Linux client, run the following from the command line:
PURGE_CMD="acr purge --ago 1d --untagged --keep 7"
for i in $(az acr repository list -n <yourRegistryName> -o tsv);do PURGE_CMD+=" --filter '"$i":.'";done
echo $PURGE_CMD
If you are using Windows Powershell run the following from the command line:
$PURGE_CMD="acr purge --ago 1d --untagged --keep 7"
foreach ($i in $(az acr repository list -n <yourRegistryName> -o tsv)){$PURGE_CMD+=" --filter '"+$i+":.'"}
echo $PURGE_CMD
Note: replace <yourRegistryName> with the name of your Azure Container Registry.
Finally you can run:
az acr task create --name PurgeACRImages
--cmd "$PURGE_CMD"
--schedule "5 6 * * 1"
--registry myregistry
--timeout 18000
--context /dev/null
$PURGE_CMD="acr purge --filter '.*:.*' --ago 30d" command looks good for me. So, there are 2 expressions: for repo name and for tag name
I am creating my disk as follows:
az disk create -g ML-Resource-Group -n myDataDisk --size-gb 256 --location eastus --max-shares 2 --sku Premium_LRS
And I am creating my first VM as follows:
az vm create --resource-group ML-Resource-Group --name PVM --image microsoft-dsvm:ubuntu-1804:1804-gen2:20.11.04 --generate-ssh-keys --location eastus
And I am creating my second VM as follows:
az vm create \
--resource-group ML-Resource-Group \
--name VMTest \
--image microsoft-dsvm:ubuntu-1804:1804-gen2:20.11.04 \
--generate-ssh-keys \
--priority Spot \
--max-price -1 \
--location eastus \
--eviction-policy Deallocate \
--output json \
--verbose \
--size "Standard_ND12s"
I attach myDataDisk to PVM as:
diskId=$(az disk show -g ML-Resource-Group -n myDataDisk --query 'id' -o tsv)
az vm disk attach -g ML-Resource-Group --vm-name PVM --name $diskId
This step is performed successfully. But when I try attaching the disk to VMTest in the same way as above, I get the following error:
Deployment failed. Correlation ID:
140afdfe-8b92-4c4d-a9a9-521d8bf3a497. Cannot change network spine of
shared disk myDataDisk while it is attached to running VM(s)
/subscriptions/39472272-11a1-4c87-9de5-92aaeac6f7cf/resourceGroups/ML-Resource-Group/providers/Microsoft.Compute/virtualMachines/PVM.
Target: 'VM:
'/subscriptions/39472272-11a1-4c87-9de5-92aaeac6f7cf/resourceGroups/ML-Resource-Group/providers/Microsoft.Compute/virtualMachines/VMTest',
disk:
'/subscriptions/39472272-11a1-4c87-9de5-92aaeac6f7cf/resourceGroups/ML-Resource-Group/providers/Microsoft.Compute/disks/myDataDisk''.
Figured out the solution! A Proximity Placement Group is to be made as follows:
az ppg create \
-n myPPG \
-g ML-Resource-Group \
-l eastus \
-t standard
And then passed as a parameter in --ppg while creating VMs such as:
az vm create -n PVM -g ML-Resource-Group --image microsoft-dsvm:ubuntu-1804:1804-gen2:20.11.04 --generate-ssh-keys --ppg myPPG --location eastus --verbose
I am trying to run an image on ACI, whenever it is trying to pull image as this
pulling image "mysql#sha256:asakjvnankvaknaklfvkabjaoenla"
the container is failing, whereas in command i have given image as mysql:latest.
az container create \
--resource-group $ACI_PERS_RESOURCE_GROUP \
--name xxxxxxx \
--location eastus \
--image mysql:latest \
--dns-name-label xxxxxxxx \
--environment-variables MYSQL_ROOT_PASSWORD=password#123 \
--ports 3306 33060 \
--azure-file-volume-account-name $ACI_PERS_STORAGE_ACCOUNT_NAME \
--azure-file-volume-account-key $STORAGE_KEY \
--azure-file-volume-share-name $ACI_PERS_SHARE_NAME2 \
--azure-file-volume-mount-path /var/lib/mysql
The issue is when it try to pull image as mysql#sha256:asakjvnankvaknaklfvkabjaoenla, the continer fails to start while if the image pulled is pulling image "mysql:latest" than container works.
Attaching the pic for refrenece.
Not sure why this issue is happening
Command to run three containers
ACI_PERS_RESOURCE_GROUP=myresourcegroup
ACI_PERS_STORAGE_ACCOUNT_NAME=mydatabasest2501
ACI_PERS_LOCATION=eastus
ACI_PERS_SHARE_NAME=mysqlshare1
ACI_PERS_SHARE_NAME2=mysqlshare2
ACI_PERS_SHARE_NAME3=mysqlshare3
#I already have storage account so only creating fileshare
# Create the file share
az storage share create \
--name $ACI_PERS_SHARE_NAME \
--account-name $ACI_PERS_STORAGE_ACCOUNT_NAME
# Create the file share
az storage share create \
--name $ACI_PERS_SHARE_NAME2 \
--account-name $ACI_PERS_STORAGE_ACCOUNT_NAME
# Create the file share
az storage share create \
--name $ACI_PERS_SHARE_NAME3 \
--account-name $ACI_PERS_STORAGE_ACCOUNT_NAME
echo $ACI_PERS_STORAGE_ACCOUNT_NAME
STORAGE_KEY=$(az storage account keys list --resource-group $ACI_PERS_RESOURCE_GROUP --account-name $ACI_PERS_STORAGE_ACCOUNT_NAME --query "[0].value" --output tsv)
echo $STORAGE_KEY
az container create \
--resource-group $ACI_PERS_RESOURCE_GROUP \
--name contaier1 \
--location eastus \
--image mysql:latest \
--dns-name-label uniqueddns1 \
--environment-variables MYSQL_ROOT_PASSWORD=password#123 \
--ports 3306 33060 \
--azure-file-volume-account-name $ACI_PERS_STORAGE_ACCOUNT_NAME \
--azure-file-volume-account-key $STORAGE_KEY \
--azure-file-volume-share-name $ACI_PERS_SHARE_NAME \
--azure-file-volume-mount-path /var/lib/mysql
az container create \
--resource-group $ACI_PERS_RESOURCE_GROUP \
--name contaier2 \
--location eastus \
--image mysql:latest \
--dns-name-label uniqueddns2 \
--environment-variables MYSQL_ROOT_PASSWORD=password#123 \
--ports 3306 33060 \
--azure-file-volume-account-name $ACI_PERS_STORAGE_ACCOUNT_NAME \
--azure-file-volume-account-key $STORAGE_KEY \
--azure-file-volume-share-name $ACI_PERS_SHARE_NAME2 \
--azure-file-volume-mount-path /var/lib/mysql
az container create \
--resource-group $ACI_PERS_RESOURCE_GROUP \
--name contaier3 \
--location eastus \
--image mysql:latest \
--dns-name-label uniqueddns3 \
--environment-variables MYSQL_ROOT_PASSWORD=password#123 \
--ports 3306 33060 \
--azure-file-volume-account-name $ACI_PERS_STORAGE_ACCOUNT_NAME \
--azure-file-volume-account-key $STORAGE_KEY \
--azure-file-volume-share-name $ACI_PERS_SHARE_NAME3 \
--azure-file-volume-mount-path /var/lib/mysql
The problem does not due to the reason that you think, it's a problem with the volume that mounts the Azure File Share to the existing folder which is the dependency of the MySQL. When you mount the File Share, it will Occlude the existing folder then all the files in this folder will not be accessible. Therefore MySQL will not work fine anymore by losing the dependencies. See more details here.
Mounting an Azure Files share to a container instance is similar to a
Docker bind mount. Be aware that if you mount a share into a container
directory in which files or directories exist, these files or
directories are obscured by the mount and are not accessible while the
container runs.
There are three ways to solve it. The first way is that not mount the File Share, but then you cannot persist the data of the database. The second way is to mount the File Share to a new folder that does not exist in the image and then copy the data to the new folder. The third way is that copy the dependencies into the File Share and then mount the File Share to the container, it will also work.
Update:
A possible solution is that you can push the MySQL image to an ACR and then use it to create ACI, in this way, all the things are the same, then maybe all ACI succeeds or fails.
I want to run a container instance (OrientDB database). I created an Azure file share and attached it to the instance (had to use Azure CLI command-line interface since Web GUI doesn't support it). The problem is that I need to give in the run parameters to map internal folder to external one. I am searching for days and simply cannot find how to give in the parameters. I am sure I am not the only one doing this but everything I found was not satisfactory. Help anyone?
I am so far using this command.
az container create -g ProjectX --name orientdb --image orientdb:3.0.32 `
--cpu 1 `
--memory 1.5 `
--environment-variables ORIENTDB_ROOT_PASSWORD=*** `
--os-type Linux `
--ports 80 2424 2480 `
--protocol TCP `
--ip-address public `
--dns-name-label *** `
--azure-file-volume-share-name *** `
--azure-file-volume-account-name *** `
--azure-file-volume-account-key *** `
--azure-file-volume-mount-path /mnt/azurevolume `
--restart-policy OnFailure
I don't know if "azure-file-volume-xxx" parameters are enough. I think not since I think these only attach the external volume to the container but performs no mapping.
And the command to run orientdb container locally is:
docker run -d --name orientdb -p 2424:2424 -p 2480:2480 \
-v <config_path>:/orientdb/config \
-v <databases_path>:/orientdb/databases \
-v <backup_path>:/orientdb/backup \
-e ORIENTDB_ROOT_PASSWORD=rootpwd \
orientdb
Thanks
Tomaz
I think you need to work with these parameters:
--azure-file-volume-account-name
--azure-file-volume-account-key
--azure-file-volume-share-name
--azure-file-volume-mount-path
https://learn.microsoft.com/en-us/azure/container-instances/container-instances-volume-azure-files
az container create \
--resource-group $ACI_PERS_RESOURCE_GROUP \
--name hellofiles \
--image mcr.microsoft.com/azuredocs/aci-hellofiles \
--dns-name-label aci-demo \
--ports 80 \
--azure-file-volume-account-name $ACI_PERS_STORAGE_ACCOUNT_NAME \
--azure-file-volume-account-key $STORAGE_KEY \
--azure-file-volume-share-name $ACI_PERS_SHARE_NAME \
--azure-file-volume-mount-path /aci/logs/
PREVIOUS ANSWER (where I was guessing about the docker image and command line prameters the OP was using)
In a nutshell:
Non "secret" aka sensitive values. You use ENVIRONMENT variables to "inject" configuration values.
Note the "--environment-variables"
az container create \
--resource-group myResourceGroup \
--name mycontainer2 \
--image mcr.microsoft.com/azuredocs/aci-wordcount:latest \
--restart-policy OnFailure \
--environment-variables 'NumWords'='5' 'MinLength'='8'
https://learn.microsoft.com/en-us/azure/container-instances/container-instances-environment-variables
Philosophically, you do NOT bake these values into your container. You container "reaches out" to get them...the simplest way your container can "reach out" is to read an environment variable.
..
For secrets, you use Azure KeyVault. This is outside the scope of your question, but I mention it so you avoid the bad security practice of using ENV variables for secrets.
Secrets would be "database passwords", "client_secret" for Oauth2, etc, etc.
Breadcrumbs:
https://learn.microsoft.com/en-us/azure/container-instances/container-instances-managed-identity
https://thorsten-hans.com/integrating-azure-keyvault-with-azure-container-services
I tried to create VM from another VM via Azure CLI with this command :
az vm create \
--resource-group my_resource \
--name newVMfromImage \
--image firstMachine-image \
--admin-username user_name \
--data-disk-sizes-gb 150 20 --size Standard_B1ms \
--verbose \
----ssh-key-value /path/to/publick/key/azure.pub
But I get this error :
az: error: unrecognized arguments: ----ssh-key-value
/path/to/publick/key/azure.pub
----ssh-key-value /path/to/publick/key/azure.pub
should only be:
--ssh-key-value /path/to/publick/key/azure.pub
Remove the 2 additional dashes.
Correct, the 4 dashes (----) indicates a wrong transmission while uploading the .PUB file.
Remove the 2 additional dashes.