My goal is to have a VM to run builds for Azure DevOps with a user-assigned managed identity so we can keep everything connectionStringLess.
I have just created an Azure Lab and a VM in it.
The reason for this in the lab is so we can shut it down during nights and weekends.
However, I can't find the option to assign managed identities to it.
If possible, how do I do it?
Looks the lab VM (Microsoft.DevTestLab/labs/virtualmachines) does not support MSI currently, you need to use the azure VM(Microsoft.Compute/virtualMachines).
Reference - Services that support managed identities for Azure resources.
Besides, I notice you use the lab VM for auto-start/stop reason, actually the Azure VM also supports that, see Start/Stop VMs during off-hours solution in Azure Automation, not only schedule VMs to start and stop, but also other features.
Related
I want to give access to somebody to a virtual machine on Azure (with the RDP connection file) and let him start/stop the VM but without giving him access to the Azure Portal account.
Is there a (simple) way to start/stop virtual machine on Azure without having to access the portal ? By "simple" I mean something that you don't need to run some line code and that can be as easy as opening a RDP file.
Alternatively, is there a way not to be billed of a running (but idle) virtual machine ?
You can use a Powershell script to start/stop the VM.
No you will be billed for the stopped VMs also as long as you have checked them out.
For your requirement, I think the best way is to use the Service principal with the role of Virtual Machine Contributor. It just lets the user manage the VM, but without access to the VM and also do not have the permission to access the Azure portal.
Then you can use this service principal to execute the Azure CLI, Azure PowerShell commands or the REST API to start/stop the Azure VM, it does not cost.
Is there a (simple) way to start/stop virtual machine on Azure without having to access the portal ? By "simple" I mean something that you don't need to run some line code and that can be as easy as opening a RDP file.
There are SDK's available which you can use along with CLI to have programmatic access to the VM - in this manner, you do not require access to the portal.
Alternatively, is there a way not to be billed of running (but idle) virtual machine?
You will be billed for idle VM as this still means that VM is operational. To save costs, terminate the VM and create the VM again when required.
We are using an Azure Classic Virtual Machine!! It does not show 'AutoShutDown' Blade. Is this feature not available for Classic VM? When I searched, there is also an option to use Runbook in Automation Account to do this. Is anyone used this with classic VM?
This feature is not available with classic vms. its 2019, you should migrate to ARM anyway. but you could use custom powershell runbook to shutdown classic vms using a schedule.
you'd need to tag the resource groups (cant tag classic resources) and invoke the runbook hourly. this would be a nice starting point. in fact it does what you ask for.
Azure resource groups give a redeploy button not sure how and when to use that. Would appreciate best practices.
In general, when we facing difficulties troubleshooting, redeploying the deployment may help.
For example, when we can't connect to Azure VM or application access to windows-based Azure VM, we can try to redeploy it. When you redeploy a VM, it moves the VM to a new node within the Azure infrastructure and then powers it back on, retaining all your configuration options and associated resources.
More information about redeploy Azure VM, please refer to this link.
By default, when we select redeploy in Azure resource group deployments, Azure will use this template to deploy this resource.
We are using Azure Automation DSC and were able to do simple things like create Automation account, create Resource group, VM creation and even able to deploy a web site on the target VM. All using powershell scripting.
How can we deploy Azure Cloud Services (web role / worker role)? what are the cmdlets? Any pointers? Please help.
What more things can be achieved using this? Moreover what limitations we can expect here.
Best Regards
Azure DSC is really focused on Azure's Infrastructure as a Service (IaaS) offering. Basically you can configure virtual servers (Windows and Linux) hosted on Azure.
To manage configurations for other services in Azure it is recommended to utilize Azure Resource Manager (ARM) which will allow you to define and configure Azure services in JSON.
Microsoft offers a lot of Quick Start ARM templates that can be accessed at the Azure Quickstart site.
How can we configure VM Role on Azure Emulator? Is this possible or do i need to do my testing on Windows Azure Management Portal.
Thanks,
Mrinal Jaiswal
On Azure F&Q its written that Emulator supports VM role but to much dismay it doesn't. I talked to Microsoft Tech team and got this answer.
One good thing they told me was, if i want to use VM on Azure it will be better if i use extra-small deployment it will increase my compute hours and i can host 2 extra-small VM role on azure in free trail account.