Not able to purge Azure CDN Endpoint using Azure CLI - azure

I'm using Azure CLI to purge all the contents from Azure CDN endpoint. I got a reference from Microsoft Docs: https://learn.microsoft.com/en-us/cli/azure/cdn/endpoint?view=azure-cli-latest
I'm trying exactly same commands with proper params but it says - "Endpoint(s) not found. Please verify the resource(s), group or it's parent resources exist."
az cdn endpoint purge -g <my-resource-group> --profile-name \
<name-of-cdn-profile> --content-paths '/*' --name <cdn-endpoint-name>
-renders the above error
however, I can see the CDN endpoint when I issue the list command:
az cdn endpoint list -g <my-resource-group> --profile-name <cd>n-profile-name>
the above command works fine and returns the endpoint which I'm trying to purge
Anyone having a similar experience?
TIA!

I can produce this error, please check the parameter --name <cdn-endpoint-name>, It should not have a suffix like .azureedge.net. The endpoint name is the name of the resource which type is Endpoint in your resource group.

With above options I was unable to fix it and then I realized a small issue! Below is the option with double quotes rather single quotes fixed it for me!
az cdn profile list
az cdn endpoint purge --resource-group {rg_name} --name {cdn_name} --profile-name {cdn_profile_name} --content-paths "/*"

Related

Problem with Azure in Microsoft learning path module (Kubernetes)

I am just doing this module of Microsoft course:
https://learn.microsoft.com/en-us/learn/modules/microservices-aspnet-core/
I created an azure subscription and tried to run the script given in unit 2.
Something is going on in the console, but at some point it shows something like this:
Getting credentials for AKS...
(ResourceNotFound) The Resource 'Microsoft.ContainerService/managedClusters/eshop-learn-aks' under resource group 'eshop-learn-rg' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix
Code: ResourceNotFound
Message: The Resource 'Microsoft.ContainerService/managedClusters/eshop-learn-aks' under resource group 'eshop-learn-rg' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix
Installing NGINX ingress controller
error: You must be logged in to the server (the server has asked for the client to provide credentials)
error: You must be logged in to the server (the server has asked for the client to provide credentials)
error: You must be logged in to the server (the server has asked for the client to provide credentials)
Getting load balancer public IP
> kubectl get svc -n ingress-nginx -o json | jq -r -e '.items[0].status.loadBalancer.ingress[0].ip // empty'
error: You must be logged in to the server (the server has asked for the client to provide credentials)
Waiting for load balancer IP...
Am I doing something wrong? Strictly followed instructions.
Edit:
I think problem is with VM, not AKS.
> az aks create -n eshop-learn-aks -g eshop-learn-rg --node-count 1 --node-vm-size Standard_D2_v5 --vm-set-type VirtualMachineScaleSets -l centralus --enable-managed-identity --generate-ssh-keys -o json
ERROR: (BadRequest) The VM size of AgentPoolProfile:nodepool1 is not allowed in your subscription in location 'centralus'.
You need to log in :
az login
az account set --subscription <YOUR SUB ID>
az aks get-credentials --resource-group <AKS RG> --name <AKS NAME>
The 'CentralUS' location doesn't accept new VM with the type of subscription you have.
You need to use another location.
To do that, you need to declare a variable 'defaultRegion' in the bash shell (ex.: declare defaultRegion=eastus) before executing wget

Azure CDN purge command issue

I have created a CDN named 'cdn-profile', in resource group 'rgDev' . In the CDN the endpoint created is 'webqa.azureedge.net'. Inside that I have created a custom domain 'qa.example.com'. I wanted to purge the CDN cache. Below is the command I run.
$ResourceGroupName='rgDev'
$EndpointName='qa.example.com'
$ProfileName='cdn-profile'
$CDNEndPointName='webqa.azureedge.net'
az cdn endpoint purge -g $ResourceGroupName -n $EndpointName --profile-name $ProfileName --content-paths '/*' --name $CDNEndPointName
This gives me below error:
Endpoint(s) not found. Please verify the resource(s), group or it's parent resources exist.
What am I missing here?
In the Azure CLI command az cdn endpoint purge, the name of the CDN endpoint is webqa(It is the name of the resource that type is Endpoint in your resource group.) instead of the hostname webqa.azureedge.net or qa.example.com.
You should use it like this:
$ResourceGroupName='rgDev'
$ProfileName='cdn-profile'
$CDNEndPointName='webqa'
az cdn endpoint purge -g $ResourceGroupName --profile-name $ProfileName --content-paths '/*' --name $CDNEndPointName

WSL - Can't login or pull image from an azure container registry

I have set up WSL. And then installed docked following this tutorial and then installed azure cli.
I can login from windows command line; but I cannot login to azure container registry by using the command below from bash
$ az acr login --name $ACRNAME
I get the following error
Error response from daemon: Get https://ACRNAME.azurecr.io/v2/:
unauthorized: authentication required
And also if i tried to pull the image by
$ docker pull ${ACRNAME}.azurecr.io/image_name
get the same error
Error response from daemon: Get https://ACRNAME.azurecr.io/v2/:
unauthorized: authentication required
But i am able to see the list. The following command returns list
$ az acr repository list -n $ACRNAME
I have found this closed issue and change my machine DNS server to 8.8.8.8 but no progress. What am i missing?
For you issue, you maybe use the wrong username and password. So, first you can check your username and password which you choose to login. You can get the information in portal: container->Access keys.
You can get more information from this document az acr with az acr check-name and az acr create.

"Incorrect padding" when trying to create managed Kubernetes cluster on Azure with AKS

I am working through the instructions outlined here to try and set up a Couchbase cluster on Azure Container Service (AKS). That tutorial is using terminal/Mac, and I'm using Powershell/Windows.
I'm getting an error before I even get to the Couchbase part. I successfully created a resource group (which I called "cb_ask_spike", and yes it does appear on the Portal) from the command line, but then I try to create an AKS cluster:
az aks create --resource-group cb_aks_spike --name cbakscluster
I also tried:
az aks create --resource-group cb_aks_spike --name cbakscluster --generate-ssh-keys
In both cases, I get an error:
az aks create: error: Incorrect padding
I don't know what this error message means, and I can't seem to find any reference to it in the documentation or anywhere. What am I doing wrong?
I'm using azure-cli v2.0.31.
I am fairly confident that I solved why I'm getting this error, and I've updated issue 6142 on azure-cli. At this time, I believe this is a bug, and it's not fixed, but there is a workaround.
First it's important to note that --generate-ssh generates a new ssh key in ~/.ssh
I had a hunch that since ~ for me is "C:\Users\Matthew Groves" that the space in the path was causing the problem. Sure enough, I created a new account called "mgroves". ~ is now "C:\Users\mgroves" and voila, I don't get the "incorrect padding" error message anymore.
So, the workaround is either to use a new account (huge pain) or rename the folder (this is what I have done, and it's also a huge pain and I'm still finding little problems here and there all throughout my system because of it.
In addition to the now approved answer there is a solution that doesn't require you to change any directory or account name and is also easy to implement as well.
As correctly stated in the other answers the Azure CLI cannot handle the actual location where the generated SSH keys will be stored if there is a space in the path. I.e. C:\Users\Admin Account\.ssh\.
When using the az aks create command you can either use --generate-ssh-keys to let the Azure CLI handle it, OR you can specify an already existing SSH key with --ssh-key-value.
I used Git Bash to generate a new SSH key pair in the C:\Users\Admin Account\.ssh\ directory:
ssh-keygen -f ~/.ssh/aks-ssh
Now create the Azure AKS cluster while pointing to this new SSH key with:
az aks create \
--resource-group YourResourceGroup \
--name YourClusterName \
--node-count 3 \
--kubernetes-version 1.16.8 \
--ssh-key-value ~\.ssh\aks-ssh.pub
And you are good to go!
Just verified today using az cli in Powershell for version 2.0.31. You might need to first run the az group and then create az aks command. Screenshot for your reference.

How to get the list of docker images from Azure private registry

I have a linux system where I have installed dockers. I also have a registry on azure for which I have the user name and password. To get a list of docker images from a private registry we can simply use curl command like below:
curl localhost:5000/v2/_catalog
This command I tested when I installed private registry on my machine and it was giving me the list of images which I have in the registry. Now I have azure registry. I can login to it successfully but don't know what command I can run to get the list of docker images. Is this possible.? For example, if I run:
curl myregistry.azurecr.io/v2/_catalog
It shows:
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>
How do I get the list of images stored in azure registry from my linux machine
Thanks
You can use the container registry cli for azure:
az acr repository list --name <acrName> --output table
https://learn.microsoft.com/en-us/azure/container-registry/container-registry-get-started-azure-cli
It is important to understand how docker lists the images in the registry.
Docker CLI provides command to pull/push/delete images from a private Azure Registry like myprivate.azurecr.io after the user authenticates itself using docker login command but the docker CLI does not provide any command to list the images in the private registry.
It is important to understand that the docker image ls only lists the images present on the local machine and not in a registry.
There are multiple answers that describe the Docker HTTP API V2 (Refer here) to list the images present in the registry. The HTTP v2 API v2/_catalog and other only work with local registry created on-premise but when user wants to list the images present in the Private Azure Registry one needs to use Azure CLI
What is Local Registry ?
The Registry is a stateless, highly scalable server side application that stores and lets you distribute Docker images. The Registry is open-source, under the permissive Apache license. Local Registry can be created to store and distribute images in house or on-premise.
Refer here : https://docs.docker.com/registry/ . One can create a private registry,push and pull image from there using Dokcker HTTP API V2.
Azure CR is a special type and inorder to list the images there is no other option to Azure CLI.
Use Case
- List the top three images present in the registry
The command for the same can be
az acr repository show-tags -n <RegistryName> --repository <RepositoryName> --orderby time_desc --output table | select -First 5
Not used to Azure I accidentally got stuck on the idea that I needed the Azure credentials to access the API, these answers strengthening that perception, but given you have the u/p you should be able to access it with curl in a simple:
curl -L --user <username>:<password> myregistry.azurecr.io/v2/_catalog
{"repositories":["name1", "name2", "nameN"]}
As yamenk said, you could use Azure CLI 2.0 to get your registry on azure.
Azure Cli 2.0 works on linux and docker, so I think it could work your linux machine.
Also, you could use Azure Rest APi to get registry on azure.
GET https://management.azure.com/subscriptions/<subscription id>/resourceGroups/<rg>/providers/Microsoft.ContainerRegistry/registries/<registry name>?api-version=2017-10-01
For get token, please refer to this link.
Using API like below:
curl -X "GET" "https://management.azure.com/subscriptions/********/resourceGroups/shuiapp/providers/Microsoft.ContainerRegistry/registries/shuitest?api-version=2017-10-01" \
-H "Authorization: Bearer $token" \
-H "Content-Type: application/json"

Resources