Read entire file from Azure VM, via Azure CLI - azure

I'm trying to retrieve a docker log for an application, from an Azure Devops Pipeline. In a pipeline step, I can run a bash script on the VM that's hosting the application, using the Azure CLI like this. This reads the docker log from the VM hosting the application:
az vmss run-command invoke --command-id RunShellScript --instance-id 0 -n aks-myservicename-12345678-vmss -g my-resource-group --scripts "docker logs [container_id]" > testing.txt
The problem is that the output of az vmss run-command invoke is limited to a max 4096 bytes - see https://learn.microsoft.com/en-us/azure/virtual-machines/linux/run-command#restrictions
Is there any way I can read the entire docker log?
The following reference documents an --output-blob-uri parameter that can be used with az vm run-command create. I'm wondering if that gives a way to output the docker log to a file that I can then access by using another Azure CLI step. I haven't found any documentation though on how this works https://learn.microsoft.com/en-us/cli/azure/vmss/run-command?view=azure-cli-latest

Related

Azure VM run-command fails with piped commands

I am trying to install Azure CLI on an ubuntu VM running in Azure.
I am using the run-command cli operation to execute the command
az vm run-command invoke --command-id RunShellScript --name trainingVM-1 --resource-group azure-privsec --scripts "curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash"
When running a non-piped command, the command works fine but when I run the above piped command to install azure-cli, it fails with the error:
Could not retrieve credential from local cache for service principal 8bf34d22-7230-47e7-907e-e0df201xxxxx. Please run 'az login' for this service principal.
One of the reasons could be that I am using an old version of Azure cli(2.29.2). For now, I dont have the leverage to upgrade the azure-cli version.
What can be the best way to install azure-cli on my VM using the run-command cli call.
Edit:
Splitting into two commands like this works for me but I am still trying to see if we can consolidate it into a single command:
az vm run-command invoke --command-id RunShellScript --name trainingVM-1 --resource-group azure-privsec --scripts "wget -O /tmp/file.sh https://aka.ms/InstallAzureCLIDeb"
az vm run-command invoke --command-id RunShellScript --name trainingVM-1 --resource-group azure-privsec --scripts "sudo bash /tmp/file.sh"
Tested in Azure PowerShell and Azure DevOps pipeline, your first Azure VM run-command run successfully.
Use Azure PowerShell, I can run this command directly without any issue.
Use Azure CLI task in the DevOps pipeline and use a Microsoft-hosted agent.
Please ensure that the service principal corresponding to the Azure Resource Manager connection(Service Connection) has sufficient permission for your Azure VM, such as owner or contributor permissions.
Then I can see the command run successfully.
There are some docs for your reference:
Manage service connections
Connect to Microsoft Azure

Custom Script Extension failing on Virtual Scale Set upgrade

I have created an Azure virtual scaleset with Linux VMs. I have to run Azure CLI commands via release pipelines on these VMs so I am trying to install a Azure CLI using Custom Extensions so that every time a new VM is up CLI is installed on the VM.
I have created a .sh file with below command on blob storage :
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
I ran below command on from the CLI to deploy the custom extension :
az vmss extension set --vmss-name <VMSS Name> --resource-group <Resource Group> --name CustomScript --version 2.0 --publisher Microsoft.Azure.Extensions --settings '{"FileUris": ["https://<Blobscriptpath>/preinstallscript.sh"],"commandToExecute": "bash /preinstallscript.sh"}'
This command is installing the extension and I can see that on Azure but when I am upgrading the VM instance I am getting below error:
"Failed to upgrade virtual machine instance ''. Error: Multiple VM extensions failed to be provisioned on the VM. Please see the VM extension instance view for other failures. The first extension failed due to the error: VM has reported a failure when processing extension 'CustomScript'. Error message: "Enable failed: failed to get configuration: json validation error: invalid public settings JSON: FileUris: Additional property FileUris is not allowed""
Below are the images from Azure Portal showing the Extension:
Please suggest if I am missing something.
According to the error message, Additional property FileUris is not allowed, you should use fileUris instead of FileUris. Read the Property values.
Also, If the blob is not public, you need to provide the storage account name and key to access the blob. For example, you can provide a .sh file on the blob storage.
#!/bin/bash
curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
and deploy the custom extension with CLI.
az vmss extension set --vmss-name <VMSS Name> --resource-group <Resource Group> --name CustomScript --version 2.0 --publisher Microsoft.Azure.Extensions --settings '{"fileUris": ["https://xxx.blob.core.windows.net/shscripts/preinstallscript.sh"],"commandToExecute": "sh preinstallscript.sh"}'
Edit
After installing the VMSS, you can upgrade the VMSS instance to take this script effect.

How can I query which docker image is currently deployed to an app service from an azure release pipeline?

I have an Azure release pipeline that uses an Azure Web App for Containers task to deploy a docker image on an Azure App Service.
The image is specified in the form of some_image:$(Build.BuildId). The pipeline works as intended and successfully updates the App Service with the latest built of the image.
I want from an other release pipeline to execute a docker run command using that image. I've noticed that version 1 of the Docker task allows me to execute such a docker run command on a docker image (no idea why run is missing from version 2), but how can I specify the docker image? How can I get which image is the currently deployed on that App Service?
You can either use PowerShell or Shell script in the YAML pipeline. Since you already know the container registry and the image name, just use the below command to get the latest version
az acr repository show-tags -n MyRegistry --repository MyRepository --top 1 --orderby time_desc --detail
https://learn.microsoft.com/en-us/cli/azure/acr/repository?view=azure-cli-latest#az_acr_repository_show_tags
Might be too late now, but what you want to do is to get the value of LinuxFXVersion (if you're running docker on Linux) property from Azure Resource Explorer.
Using a combination of Azure PowerShell and CLI, you can have these commands to retrieve the current image running on your web app:
$webAppProperties = (az webapp config show --subscription "<subscription-id>" --resource-group "<resource-group-name>" -n "<webapp-name>") | ConvertFrom-Json
$webAppProperties.linuxFXVersion
Assuming you have the right permissions to your subscription from Azure Pipelines, you should be able to use this information for the next steps.

Azure VM turn on and off from inside itself

The end goal is to create a Jenkins job that starts an Azure VM on and then turn it off. I have seen commands online that state how to turn VMs on and off. I have a master Windows VM. Can I start this VM from inside itself using Azure CLI? If it can be done then I can add it into Windows batch command of Jenkins job.
Can I start this VM from inside itself using Azure CLI?
As far as I know, Azure VM is based on hyper-v virtualization technology refer to this. I don't think you can start a virtualization machine from VM itself whatever it's using Azure CLI or not. You need to start it from hyper-v host or hyper-v management UI.
The Run Command feature uses the virtual machine (VM) agent to run PowerShell scripts within an Azure Windows VM. I have tried the Azure windows VM, I can stop or start Azure VM but for deallocated VM, I can not start it using this method.
az vm run-command invoke --command-id RunPowerShellScript --name <vmname> -g <vmrg> --scripts 'shutdown /s /t 0'
az vm run-command invoke --command-id RunPowerShellScript --name <vmname> -g <vmrg> --scripts 'restart'
If you don't from VM itself. Usually, you can use Azure CLI 2.0: Quickly Start / Stop ALL VMs,
# usage example
az vm start --name MyVM --resource-group MyVMGroup
az vm deallocate --name MyVM --resource-group MyVMGroup
az vm stop --name MyVM --resource-group MyVMGroup
Moreover, for Azure VM, the Start/Stop VMs during off-hours feature make you start or stops enabled Azure VMs. You could refer to this blog for more details.

How can we run multiple CLI command in Azure Bash together?

I have Multiple Resources to deploy in my Environment using CLI command all together. For Example: I need to create VM, Web App, Redis Cache, etc using a single script.
Instead of creating individual resources can we create all together.
One way is to put all your commands in a .sh shell script. Below is an example of how you can do this:
#!/bin/bash
az group create -n MyResourceGroup -l centralus
az vm create -n MyVm -g MyResourceGroup --image UbuntuLTS
az webapp create -g MyResourceGroup -p MyPlan -n MyUniqueAppName
# More Azure CLI commands to create resources
Then you can run your script inside your local environment bash shell or Azure Cloud Shell like this:
username#Azure:~$ ./script.sh
Another way is to use an ARM template to deploy your resources.

Resources