I am building a Release Pipeline on Azure DevOps. Part of my release is to copy a bunch of files to the Azure VM. As far as I understand, the target machine needs to have PowerShell 5986 port open.
I have a VM with port 5986 open (I verified that by invoking remotely some commands on this VM with "PowerShell on Target Machines" task).
I added "Windows Machine File Copy" task and filled fields:
- Source
- Machines
- Admin Login
- Password
- Destination Folder
In "Machines" field, I put IP of the target machine.
As a result of running the release, I'm getting an error:
Failed to Create PSDrive with Destination:
'\\11.11.11.11\C$\TargetDirectory',
ErrorMessage: 'The network path was not found' The network path was
not found
I also tried to put IP address with a port, in this form: 11.11.11.11:5986
Then, I got this error:
Cannot convert value "\23.97.151.221:5986" to type "System.Uri".
Error: "Invalid URI: The hostname could not be parsed."
Documentation (https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/deploy/windows-machine-file-copy?view=azure-devops) says that IP address with a port is allowed.
What's the issue here?
I was getting the exact same error while doing these:
Initially in my release pipeline, I had an agent job and I created a Windows machine file copy task under the job and filled in all details correctly. I set the Machines field with the public IP address of my target server (a Windows azure VM) and I always got this error you reported.
I tried to use the Azure file copy task instead but I was faced with another problem (error message: Unable to get FQDN for all resources in ResourceGroup: {resourceGroupName}) which I couldn't get to fix after a lot of efforts.
This is the solution that worked for me:
Instead of running an agent job, I ran a Deployment Group Job. With deployment groups, I didn't need an IP address to connect to my VM. Setting up a deployment group for your Azure VM is very simple and well explained here
I created a Windows Machine File Copy task under the Deployment Group job I added. I filled same details for the task except that instead of the IP address of the Windows VM, I entered the computer name in the Machines field and the file copy task ran successfully!
I hope this helps
The problem is because you can't use that task to copy files across Windows Domain boundary! That is to say, if you build on host A and want to copy files to host B, then A and B must be in the same Windows Domain, otherwise you'll get the error like
##[error]Failed to Create PSDrive with Destination: '\\your-server-name-or-ip\some\path', ErrorMessage: 'The network path was not found'
That is to say, if you're using a hosted agent, then you're not able to copy files with that task to any host you have, no matter it has a public IP or not, or a FQDN, because they are not in the same Windows Domain!
You have two options to work around it:
Use Azure File Copy task if your target is an Azure VM or Azure Storage
Use private hosted agent and make sure your target host and your private agent are in the same Windows Domain
Last but not least, the document should really make it clear! It wasted me a lot of time on solving the problem!
go to the destination folder, right-click the folder select properties,share option is there, click that one and share everyone option is there
The solution is to go to the target server and SHARE the directory where the files would be copied. In Windows, just go to Properties of the directory, Sharing tab, and Share it to the user which is used in the VSTS task.
The answer is pretty simple, the DevOps Tasks are actually running PowerShell on you VM and trying to create a PSDrive.
Try using the task mentioned in the screenshot below:
Related
I have created the app service in existing internal app service environment. And then I’m trying to deploy the source code into above app service using Azure DevOps CI & CD pipelines. But, in the release pipeline I’m getting the below error message in Azure DevOps:
Error: Error Code: ERROR_DESTINATION_INVALID
More Information: Could not connect to the remote computer ("xx-xxxx-v1-api-dev.scm.xxx-int-nonp.xxxcloudapps.com"). Make sure that the remote computer name is correct and that you are able to connect to that computer. Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_DESTINATION_INVALID.
Error: The remote name could not be resolved: 'xx-xxxx-v1-api-dev.scm.xxx-int-nonp.xxxxcloudapps.com'
Error count: 1.
Note: I’m using self-hosted agent in the release pipeline. I have tried to access Kudu environment for the above service in the private virtual machine. But, the kudu not opening.
So, please suggest me how to fix the above issue.
Kindly set/add the following to the Application setting and see if it helps.
Name: WEBSITE_WEBDEPLOY_USE_SCM
Value: false
If I have understood your issue correctly (using private link).
For accessing the Kudu console, or Kudu REST API (deployment with Azure DevOps self-hosted agents for example), you must create two records in your Azure DNS private zone or your custom DNS server. Kindly check this document for more details. If you haven't added the records, kindly see if that works.
Name Type Value
mywebapp.privatelink.azurewebsites.net A PrivateEndpointIP
mywebapp.scm.privatelink.azurewebsites.net A PrivateEndpointIP
https://learn.microsoft.com/azure/app-service/networking/private-endpoint#dns
Ensure that the release pipeline is running in the right host. Because the endpoint is private for the SCM too, the DevOps Agent must be in a network with access with the endpoint, so mandatory to use self-hosted Devops Agent.
Kindly see this doc for more details:
https://learn.microsoft.com/azure/app-service/networking/private-endpoint#dns
If the issue still persists, kindly capture a network trace/HAR or client-side HTTP log/review the logs.
P.S. Kindly do not share any PII data on the public forum for your privacy.
In Azure pipeline when creating a VM through deployment template, we have the option to 'Configure with WinRM agent' as given below.
This acts as a custom extension behind the scenes. But the downloading of this custom extension can be blocked by an internal vnet in Azure. This is the error we are getting.
<datetime> Adding extension 'WinRMCustomScriptExtension' on virtual machine <vmname>
<datetime> Failed to add the extension to the vm: <vmname>. Error: "VM has reported a failure when processing extension 'WinRMCustomScriptExtension'. Error message: \"Failed to download all specified files. Exiting. Error Message: The underlying connection was closed: An unexpected error occurred on a send.\"\r\n\r\nMore information on troubleshooting is available at https://aka.ms/VMExtensionCSEWindowsTroubleshoot "
Since the files cannot be downloaded, I am thinking of a couple of solutions:
How can I know which powershell files azure is using to setup winrm?
Location to store files would be storage account (same vnet as VM)
Perhaps not use WinRM at all and use custom script extension to resolve
everything (with all files from storage account). I hope error from extension stops the pipeline if it happens.
Is there a better solution to resolve this? To me it looks like a bad design by azure as it is not covering non-public VMs.
EDIT:
Found answer to #1) https://aka.ms/vstsconfigurewinrm. This was shown in Raw logs of the pipeline when diagnostics were enabled
Even if you know - how does it help you? It won't be able to download them anyway and you cant really tell it to use local files
If you enable service endpoins and allow your subnet to talk to the storage account - it should work
there is a way to configure WinRM when you create the VM. Keyvault example
You could use script extension like you wanted to as well, but script extension has to download stuff to the Vm as well. Example
From my local Windows command prompt, I can copy files to local Windows machines, and run commands on the local Windows machines with psexec. (For example, launching .bat files). I can also start/stop and query services on the Windows machines, for example with sc \machineIP query (servicename).
I am learning to be able to do the same thing with a stock Windows machine hosted in Azure.
Having created a stock Windows Server VM in Azure from the command line, what more must I do? Currently on the Azure VM, for testing, I have:
Turned off the Firewall
Disabled simple file sharing wizard
Shared C, with permissions for 'everyone'
Started 'remote registry' service
Added registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\LocalAccountTokenFilterPolicy with value of 1 (hex)
I am able to RDP to the machine without a problem, with the given public IP address, username, and password.
I note that I cannot access: \publicIP\c$
And psexec returns 'The network path was not found. Make sure the default admin$ share is enabled on (publicIP)' when running the command:
psexec.exe \\(publicIP) -u(username) -p (password) -i 1 cmd /c c:\runMe.bat
In the Azure portal, navigate into the resource group where your VM resides. Select the 'Network Security Group' profile used by your VM (eg, yourVMnameNSG) -> edit -> add inbound security rules.
eg:
Name: psexec
Source: any
Destination: any
Service: Custom (Any/135)
Action: allow
Repeat for required services
I need to connect my existing VMs to new Virtual Network. Documentations says you have to redeploy them, but I could not find any source which says how to redeploy an existing VM.
Thanks,
Prasad
Create an image of your VM:
Select your VM
Hit Capture on the bottom bar. Give it a name and make sure it completes successfully
Navigate to Cloud Service >> Select the CS >> Delete >> Chose CS and it's deployments
Review the list of VMs and disks that are going to be deleted
Delete
Redeploy the VM from Image:
Click New >> Compute >> Virtual Machine >> From Gallery
On the right side >> Click My Images >> Select your captured image
Complete the wizard. Make sure to select the correct Virtual Network.
Pre-requisites:
Virtual Network is in the same location as the captured Image. Otherwise you will have to move the VHD to a storage located in the same data center as the new Virtual Network. Virtual Network will not show up on the list if this pre-requisite is not met.
If you intend to use the captured image to deploy several other VMs with the same content you will have to run sysprep (windows) or deprovision waagent (linux) before capturing. Otherwise you will have connectivity problems since all the vms will share the same unique Ids.
More Info:
How to Capture a Windows Virtual Machine to Use as a Template:
http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-capture-image-windows-server/
How to Capture a Linux Virtual Machine to Use as a Template: http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-linux-capture-image/
I'm trying to use the azure command line to start a vm:
azure vm start myvmnamehere
But it's telling me:
No deployments were found
I'm guessing that I need to specify the location "West US"?
azure vm start is going to start a virtual machine that you've already created, within a specific region. To do that, you'd first need to call azure vm create. You would first create your vm from an image in the gallery (and within a dns name, xxxxx.cloudapp.net). To see the images available to you, try running azure vm image list.
Also: don't forget to add --ssh or --rdp so you can have remote access, when calling azure vm create.
Jeff Wilcox blogged about this in more detail, here.