I'm working on an Azure CLI script to automate the creation of a vnet in our cloud infrastructure. One of the parts in this script is linking a VNET to a Azure Private DNS. This should be easy, but apperently the difficulty is the fact that the VNET and the Private DNS are in a different resourcegroup.
This is my script;
az network private-dns link vnet create --name MyLink \
--registration-enabled true \
--resource-group my-vnet-resourcegroup\
--subscription 'My Subscription' \
--tags Domain=MyDomain \
--virtual-network my-own-vnet \
--zone-name myzone.nu
Now when exuting i'm getting the following error;
Can not perform requested operation on nested resource. Parent resource 'myzone.nu' not found.
So I updated the script to look at the resourcegroup for the private DNS;
az network private-dns link vnet create --name MyLink \
--registration-enabled true \
--resource-group my-privatedns-resourcegroup \
--subscription 'My Subscription' \
--tags Domain=MyDomain \
--virtual-network my-own-vnet \
--zone-name myzone.nu
This gives me the following error;
Deployment failed. Correlation ID: (SomeGuid). Virtual network resource not found for '/subscriptions//resourceGroups/my-privatedns-resourcegroup/providers/Microsoft.Network/virtualNetworks/my-own-vnet'
I'm quite stuck at the moment on how to fix this. Anybody else ran into this before? I'm open to suggestions!
You could pass virtual network Id to the private DNS link vNet creation if the Virtual network is in another resource group which differs from your DNS zone resource group.
VnetID=$(az network vnet show -g vnet-rg -n my-vnet --query 'id' -o tsv)
az network private-dns link vnet create -n mylink -e true -g dns-rg -z myzone.nu -v $VnetID
or, you could use Azure Powershell.
$vnet = Get-AzVirtualNetwork -name my-own-vnet -ResourceGroupName my-vnet-resourcegroup
New-AzPrivateDnsVirtualNetworkLink -ZoneName private.contoso.com `
-ResourceGroupName MyAzureResourceGroup -Name "mylink" `
-VirtualNetworkId $vnet.id -EnableRegistration
Related
I have an Azure VMSS (Virtual Machine Scale Set) with a few instances, linked to an "image gallery". The VMSS is configured in such a way that it is supposed to always choose the latest version of a specific image from the image gallery.
How and where can I see, which version of the image is installed on a specific instance?
If the image gallery is configured to install the latest image on new instances, the image version can potentially vary between instances. The actually installed version of an image is stored in the storageProfile.imageReference.exactVersion property of the vmss object.
Listing the installed image version for a specific machine in an existing scale set:
az vmss show --resource-group "<resource group name>" \
--subscription "<subscription name>" \
--name <vmss name> \
--instance-id <instance id> \
--query storageProfile.imageReference.exactVersion
The reply matches the version number defined in the image gallery:
"2021.06.1782103"
If the instance id is not known, it is possible to get all instance ids of an existing scale set:
az vmss list-instances --resource-group "<resource group name>" \
--subscription "<subscription name>" \
--name <vmss name> \
--query [].instanceId
[
"1141",
"1142",
"1143"
]
To further simplify things, one could list the installed image version for each machine in an existing scale set. This allows, for example, to see if all instances are at the same version or one is left behind:
az vmss list-instances --resource-group "<resource group name>" \
--subscription "<subscription name>" \
--name <vmss name> \
--query [].storageProfile.imageReference.exactVersion
In an example with 3 instances the reply may indicate that two machines are on the later version (...03), and one machine is still on an older version of the image (...02):
[
"2021.06.1782102",
"2021.06.1782103",
"2021.06.1782103"
]
Finally, to combine this one can also query for instanceId and installed image version at the same time:
az vmss list-instances --resource-group "<resource group name>" --subscription "<subscription name>" --name <vmss name> --query "[].[instanceId,storageProfile.imageReference.exactVersion]"
[
[
"1141",
"2021.06.1782102"
],
[
"1142",
"2021.06.1782103"
],
[
"1143",
"2021.06.1782103"
]
]
You can get the exect version of image reference for one specfic instance by using the Get-AzVmssVM cmdlet with the following sytax:
(Get-AzVmssVM -ResourceGroupName $rgName -Name $ScaleSetName -InstanceId $instanceId).StorageProfile.ImageReference
Im trying to create a Business Central container in Azure and am using the following in powershell.
$imageName = “mcr.microsoft.com/businesscentral:10.0.17763”
$resourceGroup = “d365rg”
$location = “EastUS”
$containerName = “d365bcdemo02”
$dnsName = “d365bcdemo02.eastus.azurecontainer.io”
$artifactUrl = Get-BCArtifactUrl -type sandbox -country us -select Latest
az container create -g $resourceGroup -n $containerName --image $imageName --os-type Windows --cpu 2
--memory 16 --ip-address public -e artifactUrl=$artifactUrl ACCEPT_EULA=Y USESSL=N ClickOnce=Y
publicDnsName=$dnsName --dns-name-label $containerName --ports 80 7046 7047 7048 7049 8080
But am constantly getting the error:
"az : The image 'mcr.microsoft.com/businesscentral:10.0.17763' in container group 'd365bcdemo02' is
not accessible. Please check the image and registry credential."
What credentials , i dont have a container registry and dont think you need one. What could be happening here ?
The issue is caused by the wrong image tag. So the solution is to use the tag available in the image.
I was using the following command
$cogVisionEndpoint = (az cognitiveservices account show -n $accountName -g $resourceGroupName --query endpoint --output tsv)
but I found out that this stopped working when I ran this on another machine with a slightly newer version of Azure-CLI.
The JSON returned by the az cognitiveservices account show command is not consistent and looks like it has changed from version to a version.
How can I reliably get this not having to worry about the version of Azure CLI on the machine that I'm running on?
Or is there a completely different way to get the endpoint value?
With the newest version you will find endpoint in properties and since you rely on CLI version installed on the given machine you can simply modify your code to something like this:
$cogVisionEndpoint = (az cognitiveservices account show -n $accountName -g $resourceGroupName --query endpoint --output tsv)
if( !$cogVisionEndpoint ) {
$cogVisionEndpoint = (az cognitiveservices account show -n $accountName -g $resourceGroupName --query "properties.endpoint" --output tsv)
}
Trying to create a new azure eventgrid endpoint subscription based on the code in the Microsoft tutorial here errors:
az eventgrid event-subscription create --source-resource-id $topicid --name eventsubscriptionname --endpoint-type storagequeue --endpoint $queueid --expiration-date "2020-05-15"
Deployment failed. Correlation ID: xxxx. The attempt to validate the provided azure endpoint resource:xxxx failed.
The tutorial says to ensure the account has write access to the storage, which it does, I am the owner. All properties in the command have valid values and I am executing from the azure cli.
What could I be doing wrong?
That's weird... I tried on my side and I have the expected result using the following commands :
$resourcegroup="your resource group"
$storagename="your storage name"
$queuename="your queue name"
$topicname="your topic name"
$subscriptionname="your subscription name"
$storageid=az storage account show --name $storagename --resource-group $resourcegroup --query id --output tsv
$queueid="$storageid/queueservices/default/queues/$queuename"
$topicid=az eventgrid topic show --name $topicname -g $resourcegroup --query id --output tsv
az eventgrid event-subscription create --source-resource-id $topicid --name $subscriptionname --endpoint-type storagequeue --endpoint $queueid --expiration-date "2020-05-15"
I sued PowerShell version 5.1.18362.752 and AZ CLI version 2.5.1
Is there a command to move Azure VM from one OMS( Log Analytics) work-space to the another OMS work-space ?
I read the documentation of AzureRmResource but not sure if this is the right option ?
According to your scenario, you need remove agent on your VM and install OMS agent with new OMS configuration. Here is the script you could use. I test in my lab, it works for me.
#!/bin/sh
# resource group name, vm nmae, OMS Id and OMS key.
rg=<resource group name>
vmname=<>
omsid="<>"
omskey=""
##Remvoe OMS agent from VM
az vm extension delete -g $rg --vm-name $vmname -n OmsAgentForLinux
# re-install and configure the OMS agent with your new OMS.
az vm extension set \
--resource-group $rg \
--vm-name $vmname \
--name OmsAgentForLinux \
--publisher Microsoft.EnterpriseCloud.Monitoring \
--version 1.0 --protected-settings '{"workspaceKey": "'"$omskey"'"}' \
--settings '{"workspaceId": "'"$omsid"'"}'
Use the command 'az vm extension set'.
Sample bash script for this.
#!/bin/sh
vmname=<Replace with your vm name>
rgname=<Replace with your Resource Group name>
omsid=<Replace with your OMS Id>
omskey=<Replace with your OMS key>
az vm extension set \
--resource-group $rgname \
--vm-name $vmname \
--name OmsAgentForLinux \
--publisher Microsoft.EnterpriseCloud.Monitoring \
--version 1.0 --protected-settings '{"workspaceKey": "'"$omskey"'"}' \
--settings '{"workspaceId": "'"$omsid"'"}'