I need to find the current usage of IP addresses within subnets in Azure. I found free IPs in Virtual Networks->subnets but the number is the total available IP addresses within the subnet. How can I see how many of the available IPs within the subnet are actually in use (how many of them are free)? Is there a way to set the monitoring for free IP addresses (or used IP addresses) for Azure subnets?
Thanks in advance.
You can call the listUsage API /subscriptions/****/resourceGroups/aoprod9574-stamp-canadacentral-rg/providers/Microsoft.Network/virtualNetworks/vnet-name/usages?api-version=2021-02-01 to get the current allocations per Subnet in a VNet
{
"value": [
{
"currentValue": 3,
"id": "/subscriptions/****/resourceGroups/my-rg/providers/Microsoft.Network/virtualNetworks/aoprod9574-canadacen-vnet/subnets/cosmosdb-pe-snet",
"limit": 27,
"name": {
"localizedValue": "Subnet size and usage",
"value": "SubnetSpace"
},
"resourceGroup": "my-rg",
"unit": "Count"
},
{
"currentValue": 93,
"id": "/subscriptions/****/resourceGroups/my-rg/providers/Microsoft.Network/virtualNetworks/aoprod9574-canadacen-vnet/subnets/kubernetes-snet",
"limit": 1019,
"name": {
"localizedValue": "Subnet size and usage",
"value": "SubnetSpace"
},
"resourceGroup": "my-rg",
"unit": "Count"
}
]
}
Related
I am trying to write a policy which identifies all VM's attached to a specified subnet and ensure that they are backed up to a specified Backup Vault within the same location. Identifying the VM's is easy but restricting the VM's that are attached to a specified subnet is proving difficult.
My test environment contains 3 VM's 2 connected to 1 subnet with the other connected to a different subnet but I have been unable to get this to correctly select the affected resources (1 or 2 VM's) depending on the subnet chosen when running the policy.
Below is the basis of the test but it is not working. Any help would be appreciated.
"parameters": {
"subnetId": {
"type": "String",
"metadata": {
"displayName": "Subnet which contains the VM's to backup.",
"description": "Specify to subnet the the VM's are connected to.",
"strongType": "Microsoft.Network/virtualNetworks/subnets"
}
},
"vaultLocation": {
"type": "String",
"metadata": {
"displayName": "Location (Specify the location of the VMs that you want to protect)",
"description": "Specify the location of the VMs that you want to protect. VMs should be backed up to a vault in the same location. For example - CanadaCentral",
"strongType": "location"
}
}
....
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Compute/virtualMachines"
},
{
"field": "Microsoft.Compute/virtualMachines/networkProfile.networkInterfaceConfigurations[*].ipConfigurations[*].subnet.id",
"equals": "[parameters('subnetId')]"
},
{
"field": "location",
"equals": "[parameters('vaultLocation')]"
}
]
}
....
}
In my template output, I'd like to return the allocated public IP address.
I tried the following in the "outputs" section: (in an output of 'object' type)
"ipobj": "[reference(variables('publicIPAddressName'),'2020-07-01','Full')]"
This works and returns the whole publicIpAddress object:
"ipobj": {
"apiVersion": "2020-07-01",
"location": "eastus",
"sku": {
"name": "Basic",
"tier": "Regional"
},
"properties": {
"provisioningState": "Succeeded",
"resourceGuid": "...",
"ipAddress": "...",
"publicIPAddressVersion": "IPv4",
"publicIPAllocationMethod": "Dynamic",
"idleTimeoutInMinutes": 4,
"dnsSettings": {
"domainNameLabel": "simplelinuxvm-zktwk4fzmy5p4",
"fqdn": "simplelinuxvm-zktwk4fzmy5p4.eastus.cloudapp.azure.com"
},
"ipTags": [],
"ipConfiguration": {
"id": "/subscriptions/.../resourceGroups/.../providers/Microsoft.Network/networkInterfaces/simpleLinuxVMNetInt/ipConfigurations/ipconfig1"
}
},
"subscriptionId": "...",
"resourceGroupName": "...",
"scope": "",
"resourceId": "Microsoft.Network/publicIpAddresses/simpleLinuxVMPublicIP",
"referenceApiVersion": "2020-07-01",
"condition": true,
"isConditionTrue": true,
"isTemplateResource": false,
"isAction": false,
"provisioningOperation": "Read"
}
This is in line with the API documentation of the publicIpAddress object.
And I can retrieve some of the properties as well, using the reference without the 'Full' parameter, which, according to the Azure doc, should return the properties of the object.
These work:
"[reference(variables('publicIPAddressName')).dnsSettings.fqdn]"
"[reference(variables('publicIPAddressName')).publicIPAddressVersion]"
But some other properties are not accessible:
"[reference(variables('publicIPAddressName')).ipAddress]"
"[reference(variables('publicIPAddressName'),'2020-07-01','Full').properties.ipAddress]"
According to the error message, (in case of the middle example):
The template output '...' is not valid: The language expression property 'ipAddress' doesn't exist, available properties are 'provisioningState, resourceGuid, publicIPAddressVersion, publicIPAllocationMethod, idleTimeoutInMinutes, dnsSettings, ipTags'
So it seems like Azure doesn't let me access the properties which are however there in the full output.
Is there any explanation/intention behind that, or a workaround at least ?
Note: the same happens if I define a "string" output (i.e. not as part of an object) as
"ip": {
"type": "string",
"value": "[reference(variables('publicIPAddressName')).ipAddress]"
}
or
"ip": {
"type": "string",
"value": "[reference(variables('publicIPAddressName'),'2020-07-01','Full').properties.ipAddress]"
},
I faced similar issue recently, and below are some of the references where the reason for this scenario is mentioned.
According to this:
i)
The 'ipaddress' property only exists if the 'publicIPAllocationMethod'
is set to 'Static'. ( A Static Public IP Address). If you did this on
an IP Address that was not static, it would return an error, but work
for those that were static.
ii)
It will only have the 'ipAddress' Property when attached to a service
or VM which is running. If the VM is 'Stopped', it will not have the
ipAddress property.
And, looks like there is an open issue in github in this link, related to this. Refer to this, in case it gets resolved in the future.
Check this link as well, where it is mentioned that:
This is a known limitation in the platform where a dynamic public IP
address doesn't resolve itself until the VM is up and running. There
are two options to workaround:
i) Create the Public IP Address in static mode. That will ensure that
Public IP address is immediately allocated. However, note that you
might incur additional charges.
ii) Change the dependency from Public IP address to the Virtual Machine
that the IP address is attached to. This will ensure that the public
IP address is always available.
When you output the properties of publicIpAddress object, you should pay attention to define the correct type that matches the output value.
"outputs": {
"publicIpipAddress": {
"type": "string",
"value": "[reference(parameters('publicIPAddresses_vmc_backupPublicIP_name'),'2020-07-01','Full').properties.ipAddress]"
},
"idleTimeoutInMinutes": {
"type": "int",
"value": "[reference(parameters('publicIPAddresses_vmc_backupPublicIP_name'),'2020-07-01','Full').properties.idleTimeoutInMinutes]"
}
}
I need to get memory used by azure VM, but i am not getting .
Tried this https://management.azure.com/subscriptions/XXXXXXXXXXXXXXXXXXXX/resourceGroups/XXXXXXXXXXXX/providers/Microsoft.Compute/virtualMachines/XXXXXXX/providers/microsoft.insights/metrics?timespan=2019-03-31T11:30:00.000Z/2020-09-14T11:00:00.000Z&interval=P1D&metricnames=\Memory\% Committed Bytes In Use&aggregation=Average&api-version=2018-01-01&metricnamespace=azure.vm.windows.guestmetrics
Response I am getting
{
"cost": 0,
"timespan": "2020-08-14T11:00:00Z/2020-09-14T11:00:00Z",
"interval": "P1D",
"value": [
{
"id": "/subscriptions/xxxxxxxxxxxxxxxxxx/resourceGroups/xxxxxxxxxxxxx/providers/Microsoft.Compute/virtualMachines/xxxxxxx/providers/Microsoft.Insights/metrics/\Memory\% Committed Bytes In Use",
"type": "Microsoft.Insights/metrics",
"name": {
"value": "\Memory\% Committed Bytes In Use",
"localizedValue": "\Memory\% Committed Bytes In Use"
},
"unit": "Unspecified",
"timeseries": [],
"errorCode": "Success"
}
],
"namespace": "azure.vm.windows.guestmetrics",
"resourceregion": "westus2"
}
Make sure you have enabled the guest-level monitoring for Azure virtual machines then try again.
See - https://docs.bmc.com/docs/capacityoptimization/btco115/collecting-additional-metrics-using-guest-os-diagnostics-890312716.html
I am creating an Azure Web app with the name "CustomerX-app-001" the default custom domain that Azure creates after the creation of the Azure web app is : "Customerx-app-001.azurewebsites.net".
Inside my arm template I've tried to change this default hostname to "Customerx-app.azurewebsites.net" by doing these 2 solutions:
Adding the hostnamebinding resource inside the resource block of microsoft.web/sites
"resources": [
{
"type": "hostNameBindings",
"apiVersion": "2018-11-01",
"name": "[concat(parameters('CustomHostname'), '.azurewebsites.net')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('siteName'))]"
],
"properties": {
"siteName": "[parameters('siteName')]"
}
},
**Adding the hostnamebinding resource outside as a new resource block **
{
"type": "Microsoft.Web/sites/hostNameBindings",
"apiVersion": "2018-11-01",
"name": "[concat(parameters('siteName'), '/', parameters('CustomHostname'), '.azurewebsites.net')]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('siteName'))]"
],
"properties": {
"siteName": "[parameters('siteName')]",
"hostNameType": "Verified"
}
}
With CustomHostname being: "Customerx-app" and sitename being "Customerx-app-001"
Both solutions gave me the same error:
"Code": "BadRequest",
"Message": "Too many (2) hostnames in the default DNS zone. Limit is 1.",
"Target": null,
"Details": [
{
"Message": "Too many (2) hostnames in the default DNS zone. Limit is 1."
},
{
"Code": "BadRequest"
},
{
"ErrorEntity": {
"ExtendedCode": "04017",
"MessageTemplate": "Too many ({0}) hostnames in the default DNS zone. Limit is {1}.",
"Parameters": [
"2",
"1"
],
"Code": "BadRequest",
"Message": "Too many (2) hostnames in the default DNS zone. Limit is 1."
}
}
I am stuck at this for a while and figuring out why the problem occurs.
I think that the azure web app has 1 default DNS name that you can't change and that is always the name of the web app. If another DNS name needs to be added a new DNS record should be made and this record can be added to the web app. But solution 2 does exactly that with the only difference that the DNS name does not exist.
Is there anyone who can help me out here, or guide me in the right direction ?
You can only use a single *.azurewebsites.net dns name and it is being autogenerated. You can only add dns names on a domain you own (and you'd have to validate it first).
When i run the "Get-AzureVirtualNetworkGatewayConnection -Name Connection -ResourceGroupName POC -Debug" cmdlet the Provisionstate is Failed. I have delete the connection serveral times without any success.
Here the results:
{
"name": "GWConnection1",
"id": "/subscriptions/ed9cc7cb-a0e4-455c-8a65/resourceGroups/POC/providers/Microsoft.Network/connections/GWConnection1",
"etag": "W/\"e66d8c6f-d4a5-4bb1-80d2\"",
"type": "Microsoft.Network/connections",
"location": "eastus2",
"properties": {
"provisioningState": "Failed",
"resourceGuid": "1d6261cc-6a03-4efe-a492",
"virtualNetworkGateway1": {
"id": "/subscriptions/ed9cc7cb-a0e5-455c/resourceGroups/POC/providers/Microsoft.Network/virtualNetworkGateways/Gateway"
},
"localNetworkGateway2": {
"id": "/subscriptions/ed9cc7cb-a0e4/resourceGroups/POC/providers/Microsoft.Network/localNetworkGateways/PR-Network"
},
"connectionType": "IPsec",
"routingWeight": 10,
"sharedKey": "308201A006092A864886F70D010703A08201913082018D0201003182014930820145020100302D3019311730150603550403130E6E72702D656E6372797074696F6E021072E532F90B53108C4B29C242F8C9C148300D06092A864886F70D010101050004820100089C2DE40C535B5B43E641E5B867618E099169D567CD4BA6",
"connectionStatus": "Unknown",
"ingressBytesTransferred": 0,
"egressBytesTransferred": 0
}
}
NVM, I found the problem. I think it was that my local network is 192.168.0.0/24 and the azure network was 192.168.0.0/16 and the subnet was 192.168.1.0/24 and the gateway subnet was 192.168.3.0/24.
Although the local network and subnetworks dont overlap the address space was overlapping.