I'm trying to run the sample script found here: https://learn.microsoft.com/en-au/azure/service-fabric/service-fabric-quickstart-containers-linux#create-a-service-fabric-cluster
#!/bin/bash
# Variables
ResourceGroupName='containertestcluster'
ClusterName='containertestcluster'
Location='eastus'
Password='q6D7nN%6ck#6'
Subject='containertestcluster.eastus.cloudapp.azure.com'
VaultName='containertestvault'
VmPassword='Mypa$$word!321'
VmUserName='sfadminuser'
# Login to Azure and set the subscription
az login
az account set --subscription <mySubscriptionID>
# Create resource group
az group create --name $ResourceGroupName --location $Location
# Create secure five node Linux cluster. Creates a key vault in a resource group
# and creates a certficate in the key vault. The certificate's subject name must match
# the domain that you use to access the Service Fabric cluster. The certificate is downloaded locally.
az sf cluster create --resource-group $ResourceGroupName --location $Location --certificate-output-folder . --certificate-password $Password --certificate-subject-name $Subject --cluster-name $ClusterName --cluster-size 5 --os UbuntuServer1604 --vault-name $VaultName --vault-resource-group $ResourceGroupName --vm-password $VmPassword --vm-user-name $VmUserName
From the command prompt or PowerShell, I run "az login" and login, then I copy & paste this script into the console but get errors when it comes to the variables.
I see you use the Shell script, it's more appropriate to run in Linux. For Windows, the PowerShell script is more suitable. And in Windows, the variables need to be set like this:
$varName = 'xxxx'
So you need to change all the variables like above. And I suggest you change the script into a PowerShell script.
Related
I am very new to Azure CLI and having problems in converting the following command
Set-AzCognitiveServicesAccount -ResourceGroupName rg-xxx -Name cs-xxx -DisableLocalAuth $false
Any help will be greatly appreciated.
Thanks in advance.
BR
I have reproduced in my environment and received same error as you have as below and I followed Microsoft-document:
az cognitiveservices account update --name YY -g XX --disable-local-auth $false
XX- Name of resource group
YY- Name of cognitive service
The above error states that az cognitiveservices account update command does not support argument --disable-local-auth .
This command only supports --name --resource-group --api-properties --custom-domain --encryption --sku --storage --tags arguments.
Alternatively, you can use Rest-Api to enable or disable local auths.
While creating webapps using Az cli in Azure, the command line have no option to mention the location parameter. However while creating from azure portal,there is a option where in we can select the region .
Following is the link to the command and the command itsel
https://learn.microsoft.com/en-us/cli/azure/webapp?view=azure-cli-latest
az webapp create --name
--plan
--resource-group
[--assign-identity]
[--deployment-container-image-name]
[--deployment-local-git]
[--deployment-source-branch]
[--deployment-source-url]
[--docker-registry-server-password]
[--docker-registry-server-user]
[--https-only {false, true}]
[--multicontainer-config-file]
[--multicontainer-config-type {COMPOSE, KUBE}]
[--role]
[--runtime]
[--scope]
[--startup-file]
[--subnet]
[--tags]
[--vnet]
You can use az webapp up CLI command which has a location switch like
az webapp up -n MyUniqueAppName --runtime "java:11:Java SE:11" -l locationName
BTW, if you even don't specify the location while using az webapp create it will be default to the region of "Resource Group" or if you are specifying app service plan then that region would be in use
You can use this cmdlet for specifying the location while creating the web app in Azure:
New-AzwebApp [[-ResourceGroupName] <String>] [-Name] <String> [[-Location] <String>] ...
Of course, the next question will be some parameters like specifying runtime environment missing in the New-AzWebApp cmdlet, we need to use different combination of cmdlets for our requirement.
Please refer to one of these workarounds that shows how to choose the runtime environment when using the New-AzWebApp cmdlet.
Refer here for more information on New-AzWebApp cmdlet parameters.
I want to update the key vault secret values by getting the function app default key and service bus connection string using PowerShell/CLI script.
So, can anyone please help me out on this issue.
Based on the above requirement, We have written the below PowerShell script to pull the function app key value (default & MasterKey), function app application setting (Azure webjob storage) value.
Using those key values the script will create a secrets in the respective key vault.
Here is the PowerShell Script:
$accountInfo = az account show
$accountInfoObject = $accountInfo | ConvertFrom-Json
$subscriptionId = $accountInfoObject.id
$resourceGroup = <ResourceGroupName>
$functionName = <functionName>
$vaultname=<vaultName>
$functionkeylist = az rest --method post --uri "https://management.azure.com/subscriptions/$subscriptionId/resourceGroups/$resourceGroup/providers/Microsoft.Web/sites/$functionName/host/default/listKeys?api-version=2018-11-01"
$keylistobject = $functionkeylist | ConvertFrom-Json
##To pull the functionapp specific setting
$appsetting=az functionapp config appsettings list --name $functionName --resource-group $resourceGroup --query "[?name=='AzureWebJobsStorage'].{Value:value}" -o tsv ##pulling specific functionappsetting
##This block will create the secrets for specific app setting & functionapp key
az keyvault secret set --name $functionName'defaultkey' --vault-name $vaultname --value $keylistobject.functionKeys.default
az keyvault secret set --name $functionName'masterkey' --vault-name $vaultname --value $keylistobject.masterKey
az keyvault secret set --name $functionName'webappstorage' --vault-name $vaultname --value $appsetting
Note:
In the above PowerShell we have pulled existing app setting AzureWebJobStorage created a secret in the keyvault. would suggest you change the $appsettings block with the respective functionapp appsetting to create a secret in keyvault.
Here is the sample output for reference:
Updated Answer:
Add the below code to above PowerShell script which will pull the service bus connection string app setting of functionapp & will store connection string value as secret in key vault.
$servucebusappsetting=az functionapp config appsettings list --name $functionName --resource-group $resourceGroup --query "[?name=='azfapsb_RootManageSharedAccessKey_SERVICEBUS'].{Value:value}" -o tsv ##app setting of service connection string will be in the format (<servicebusName>_RootManageSharedAccessKey_SERVICEBUS)
az keyvault secret set --name $functionName'ServiceBusConnectionString' --vault-name $vaultname --value $servucebusappsetting
I have a Powershell script using Azure Powershell to update an Virtual Machine Scale Set (under Azure Service Fabric) to add/remove the certificates that are used by the associated service fabric virtual machines. This script works as intended and I have the following commands (I've removed some of the other logic to focus on the issue):
# This gets the Virtual Machine Scale Set object
$virtualMachineScaleSet = Get-Azvmss -ResourceGroupName $myResourceGroupName -VMScaleSetName $myVMScaleSetName
# Example of removing items from certificate items from the VMSS object.
$virtualMachineScaleSet.VirtualMachineProfile.osProfile.Secrets[$mySecretIndex].VaultCertificates.RemoveAt($myCertificateIndexThatIWantToRemove)
# Example of creating new certificate config
$newCertificateUrl = (Get-AzKeyVaultCertificate -VaultName $myKeyvaultName -Name $myCertificateName).SecretId
$newCertificateConfig = New-AzvmssVaultCertificateConfig -CertificateUrl $newCertificateUrl -CertificateStore "My"
# Example of adding new certificate to the VMSS object
$virtualMachineScaleSet.VirtualMachineProfile.OsProfile.Secrets[$mySecretIndex].VaultCertificates.Add($newCertificateConfig)
# Committing the update to VMSS
Update-Azvmss -ResourceGroupName $myResourceGroupName -VirtualMachineScaleSet $virtualMachineScaleSet -VMScaleSetName $myVMScaleSetName
The above script works fine. However, I'm now trying to convert each of the above commands to Azure CLI. The way the script will invoke means that I cannot mix and match Azure Powershell and Azure CLI commands in the same script. The commands I have so far are causing problems:
# This gets me the Virtual Machine Scale Set object
$virtualMachineScaleSet = az vmss show --name $myVMScaleSetName --resource-group $myResourceGroupName | ConvertFrom-Json
# Trying to RemoveAt gives the error: MethodInvocationException: Exception calling "RemoveAt" with "1" argument(s): "Collection was of a fixed size."
$virtualMachineScaleSet.VirtualMachineProfile.osProfile.Secrets[$mySecretIndex].VaultCertificates.RemoveAt($myCertificateIndexThatIWantToRemove)
# Not sure the CLI equivalent commands of this
$newCertificateUrl = (Get-AzKeyVaultCertificate -VaultName $myKeyvaultName -Name $myCertificateName).SecretId
$newCertificateConfig = New-AzvmssVaultCertificateConfig -CertificateUrl $newCertificateUrl -CertificateStore "My"
# Trying to Add gives the error: MethodInvocationException: Exception calling "RemoveAt" with "1" argument(s): "Collection was of a fixed size."
$virtualMachineScaleSet.VirtualMachineProfile.OsProfile.Secrets[$mySecretIndex].VaultCertificates.Add($newCertificateConfig)
So my questions are.
What are the CLI equivalent commands for the Azure Powershell script?
Why doesn't the VMSS object in the Azure CLI script seem to be the same? (At least in that I cannot change the VaultCertificates array)
Thank you in advance
All the PowerShell you used can change into two equivalent CLI commands.
One for remove:
az vmss update --resource-group $myResourceGroupName --name $myVMScaleSetName --remove virtualMachineProfile.osProfile.secrets index
One for add:
az vmss update --resource-group $myResourceGroupName --name $myVMScaleSetName --add virtualMachineProfile.osProfile.secrets '{"sourceVault": {"id": "resourceId"},"vaultCertificates": [{"certificateStore": null,"certificateUrl": "certificateUrl"}]}'
My deployment script uses PowerShell with the AzureRM module. I am trying to find the equivalent of the following Azure CLI call. That call creates an Azure Function based on a Docker image.
az functionapp create --name <app_name> --storage-account <storage_name> --resource-group myResourceGroup --plan myPremiumPlan --deployment-container-image-name <docker-id>/mydockerimage:v1.0.0
Anybody has an idea what is the PowerShell/AzureRM equivalent of "az functionapp create"?
If your ideal goal is to deploy a function app, there are multiple ways to create one.
You can use the below AzureRm command to provision / create a new Function App
New-AzureRmResource -ResourceType ‘Microsoft.Web/Sites’ -ResourceName $functionAppName -kind ‘functionapp’ -Location $location -ResourceGroupName $resourceGroupName -Properties #{} -force
Or You can use a ARM Template to deploy a function app - Details
Or you can use Zip Deploy to deploy your function app. -
As HariHaran said, there are several ways to create new function app. But if you want to create function based on docker image, it may be difficult to implement if use "New-AzureRmResource". So I think you can install az module in powershell, you can continue use "az functionapp create" commmand, you can refer to this tutorial to install it. But az module will not be compatible with AzureRM, so we'd better uninstall AzureRM before that, you can refer to this page about the compatible of az module and AzureRM.
You can use the New-AzFunctionApp cmdlet which is part of the Az.Functions module. This module is currently in Preview.
# First install PowerShell 6 or 7 from https://github.com/PowerShell/PowerShell/releases
# To install the Az.Functions module, Open PowerShell and run:
Install-Module -Name Az.Functions -AllowPrerelease
Alternatively, you can download it from https://www.powershellgallery.com/packages/Az.Functions/0.0.1-preview
For feedback and requests, please file an issue at https://github.com/Azure/azure-powershell/issues. Make sure you include in the title [Az.Functions]. Thanks!