I've created a template that creates an AKS cluster with two nodepools.
Now I tried to delete the second nodepool by removing it from the template.
az deployment group validate --resource-group <rsg-name> --template-file <template-filet.bicep> --parameters <parameterfile.json>
I tried it with both --mode Incremental and --mode Complete, but the nodepool isn't deleted. If I add new node pools to the template they are created like expected. So isn't it possible to delete node pools by editing the template?
If I am not mistaken, Node Pools are in a separated Resource Group. Meaning a complete deployment would only cleanup resources within the specified Resource Group - which is not the node pool Resource Group.
Related
Normally when you create resources using ARM templates and the azure CLI you can create using:
az deployment group create --resource-group $resourceGroupName --template-file "infra/template.json" --parameters "infra/parameters.json"
Then when I want to delete the resources I can:
az group delete --name $resourceGroupName
However, with Databricks this will create other resource groups as well. Even if you delete the DB resource group, you've still got these other lingering resource groups. I'd like to be able to delete the databricks AND all of the other resources that were created, without having to do extra manual steps.
Any idea of a clean way to do this?
The managed resource group created by Databricks cannot be deleted manually since it was created by the Databricks resource itself. The deny assignment prevents deletion of the managed resource group.
One way to remove resource is to delete the existing workspace following is the example using azure cli
Through AZURE CLI
I have created resource group tvs and databricks tvs for the demo purpose
Delete resource
Use following command in AzureCLI to delete a resource.
Azure CLICopy
az resource delete \
--resource-group tvs\
--name tvs\
--ids *****\
(NOTE : ids is the id of the resource that can be picked from JSON view)
Before deletion
After deletion
Delete resource group
Use following command in AzureCLI to delete the resource group.
Azure CLICopy
az group delete --name tvs
Azure doesn’t currently provide a way to delete multiple resource groups at the same time.
Here’s a method that works for me.
Open Azure Portal
Click on Resource Groups
Select the Resource Groups that you want to delete
Click “Assign tags”
Assign a new tag called “disposable-service”(can be named anything) and tag value to be true
Open Azure Cloud Shell https://shell.azure.com or click on the Azure Shell icon in the Azure Portal toolbar.
the following script into Cloud Shell and hit enter.
az group list --tag disposable-service=true --query "[].[id]" --output tsv
I recently created inside one of my resource groups an Azure Container App (with an environment & the rest) just for learning reasons (at the West Europe region). After I played with that, I decided to delete it. I tried to delete it without any success from the portal.
Looking around in the portal I found out that a new resource group had been created with name MC_braverock-518cbd83-rg_braverock-518cbd83_westeurope. This resource group was never generated by me. It appears that inside it there are a public IP address, a NSG & 2 Kubernetes Load Balancers.
I tried then to delete that auto-generated (somehow) resource group but again with no success. I literarily can't even touch it. I tried to delete all resources one by one. Nothing again. I even issued the command az group delete --resource-group "MC_braverock-518cbd83-rg_braverock-518cbd83_westeurope" from inside the Azure Cloud Shell and it seems that the cli gets stuck in Running.... When I had issued the command from the portal it was still running for a whole hour. So, obviously something is going wrong.
I visited the page https://resources.azure.com/, then I visited that resource group and the Json in the resource group that returned is having the following:
"provisioningState": "Deleting".
Do you know how I can delete the resources & the resource group?
I am almost confident that this is not being deleted... :(
EDIT:
Trying to delete manually one of the Load Balancers in that resource group I get a message that the Load Balancer in that subscription can not be deleted as it is in use by a virtual machine scale set that it is on a totally different subscription (a subscription that I am not aware off).
To delete the resources and the resource group, you can try using Resource Explorer (azure.com) portal as there might be some dependencies to delete the resource group/resources.
You can try deleting the resources like below:
Go to Resource Explorer (azure.com) portal -> Click on your subscription -> Expand Resource groups -> Select your Resource Group
Expand Providers -> Microsoft.Network -> networkSecurityGroups -> Select your NSG -> Action(POST,DELETE) -> Delete
In my environment testnsg networkSecurityGroup deleted successfully in the Azure Portal.
You can try deleting the required Azure Resources by following the same process. If still, you are not able to delete the Azure resource Group try checking the child resources associated to that resource group.
I tried to reproduce the same in my environment and got the same error like below:
az network lb delete -g ResourceGroupName -n LoadBalancerName
The error "LoadBalancerUseByVirtualMachineScaleSet" usually occurs if backendpool is being used by any other resource.
To resolve the error, try executing below commands in CloudShell like below:
Delete the load balancer associated with the VMSS:
az vmss update --resource-group ResourceGroupName1 --name VmssName --remove virtualMachineProfile.networkProfile.networkInterfaceConfigurations[0].ipConfigurations[0].loadBalancerBackendAddressPools 0
Update the VMSS instance:
az vmss update-instances --instance-ids "*" -n VmssName -g ResourceGroupName1
Now, delete load balancer and it will be deleted successfully like below:
az network lb delete -g ResourceGroupName -n LoadBalancerName
Reference:
Update or delete an existing load balancer used by virtual machine scale sets - Azure Load Balancer
This is a side artifact of Container app managedEnvironment resource. You need to first delete the environment in order to get artifacts to get automatically removed.
As JJ mentioned, the MC_* resource group is created when you create ACAs with the internal configuration. You try to find whether you have any container app environments in your subscription. Could be that you created your test app in a wrong resource group and can't find it now. :)
Try deleting all container app envs this resource group will automatically be gone.
With az deployment group create --template-file vm.bicep -g "Something", I can create just fine things which are defined in the file vm.bicep (or ARM template vm.json for that matter).
But how do I actually get rid of EXACTLY just the resources that had been created by running create with a template file? az deployment group delete doesn't support a --template-file parameter.
Edit: Clarification: I only want to get rid of what has been created by the template. Not everything in a Resource Group.
I have created an instance of Azure Kubernetes Service (AKS) and have discovered that apart from the resource group I created the AKS instance in, one more resource group is created for me.
Eg:
My AKS Resource Group: Production_MyAKSInstance
Additional Resource Group: MC_MyResourceGroup-Production_MyAKSInstance_westeurope
Is there a way to rename the Additional Resource Group something like Production_MyAKSInstance_Supportive?
You can't rename it however you can specify a name when you create the cluster.
https://learn.microsoft.com/en-us/azure/aks/faq
By default, AKS will name the node resource group
MC_resourcegroupname_clustername_location, but you can also provide
your own name.
To specify your own resource group name, install the aks-preview Azure
CLI extension version 0.3.2 or later. When you create an AKS cluster
by using the az aks create command, use the --node-resource-group
parameter and specify a name for the resource group. If you use an
Azure Resource Manager template to deploy an AKS cluster, you can
define the resource group name by using the nodeResourceGroup
property.
The secondary resource group is automatically created by the Azure
resource provider in your own subscription. You can specify a custom
resource group name only when you're creating the cluster. As you work
with the node resource group, keep in mind that you cannot:
Specify an existing resource group for the node resource group.
Specify a different subscription for the node resource group. Change
the node resource group name after the cluster has been created.
Specify names for the managed resources within the node resource
group. Modify or delete Azure-created tags of managed resources within
the node resource group.
Our team is using a deployment that uses multiple ARM templates to setup our environment. The first ARM template is set to deployment mode 'Complete' and removes everything, but a storage account. We're using Azure CLI to make the deployment:
az group deployment create \
--mode Incremental \
--resource-group $resourceGroupName \
--template-file $BUILD_SOURCESDIRECTORY'/Infrastructure/azuredeploy.json' \
--parameters $BUILD_SOURCESDIRECTORY'/Infrastructure/azuredeploy.parameters.'$environment'.json' \
--query $query \
--output json
However one of our resource groups contains a few locked resources (which are managed by a different team). In that particular case the strategy with a 'Complete' deployment mode fails, because Azure cannot remove the locked resources.
Understandably of course, but maybe there's a way around this? Can we, for example, instruct the ARM template to ignore specific resources? Or use CLI to instruct something similar?
The obvious way would be to move the resources to a separate resource group, but unfortunately that's not a possiblity for us. I couldn't find any other way yet, but maybe I missed something. Thanks for any answers in advance.
Another way to get around this apart from moving resources to a separate resource group (which you say is ruled out in your case anyway), would be to use Conditions with your resources.
Do note that in complete mode, Resource Manager deletes resources that exist in the resource group but aren't specified in the template. Resources that are specified in the template, but not deployed because a condition evaluates to false, aren't deleted.
For more detail on the syntax and examples, please refer to the following resources:
Structure and syntax of Azure Resource Manager templates
Conditionally deploy a resource in an Azure Resource Manager template
Hope this helps!