We've recently switched to using Azure package deployment for our sites (https://github.com/Azure/app-service-announcements/issues/84) - and it's great! It's a great feature which has radically simplified our deployments. However we have a second site which will not run when packaged (but does run when not packaged).
We followed the standard procedure for setting a site to run from a package;
created the folder /data/SitePackages from ftp,
drop the package in there along with the packagename.txt file
set the App config setting WEBSITE_RUN_FROM_PACKAGE=1
However we receive "You do not have permission to view this directory or page." on the homepage, and any other subsequent page we receive "The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.". It's as though the site isn't loading the package at all? Azure Log stream show's "HTTP Error 401.3 - Unauthorized" on the home page and a standard 404 for anything else.
From the Azure portal, if i click console and ls to see a directory listing of the files it thinks it's running all I see is a single file;
FAILED TO DOWNLOAD ZIP FILE.txt
Turns out this was the azure portal not loading the package. Looking at our TeamCity setup, the step which generates the "packagename.txt" file has a typo, so the zip file Azure was trying to load did not exist.
Related
I want to create an Azure "Managed App" definition, in preparation for making an Azure Marketplace offering. I am following these MS instructions, and I had specifically been using this MS example managed app. There were was an error(s) in the documentation, which I posted to the MS team (along with my proposed fixes). Nevertheless, I did get the MS example working!
My next step was to replace the original MS sample deployment bundle...
https://raw.githubusercontent.com/Azure/azure-managedapp-samples/master/Managed%20Application%20Sample%20Packages/201-managed-storage-account/managedstorage.zip
...with my own deployment bundle...
https://github.com/brentarias/azureStaticEmpty/raw/master/baselinepocapp.zip
This didn't work. When issuing the az managedapp definition create command, I received the following error:
(DownloadItemFromBlobFailed) Download of the item from blob at 'https://github.com/brentarias/azureStaticEmpty/raw/master/baselinepocapp.zip' failed due to a failed connection.
Code: DownloadItemFromBlobFailed
Message: Download of the item from blob at 'https://github.com/brentarias/azureStaticEmpty/raw/master/baselinepocapp.zip' failed due to a failed connection.
It makes no sense to have a "connection" error, so I assumed that the REAL error was something inside of my deployment bundle. To test that theory, I copied the original MS sample bundle to a variety of places that I control, including Azure BLOB storage. One example location I placed the copied MS deployment file was here:
https://github.com/brentarias/azureStaticEmpty/raw/master/managedstorage.zip
When using this latter URL, I still received the same "connection" error.
In short, the only way for me to bypass the "connection" error is if I use the original sample MS deployment, from the original path that MS supplied. Incidentally, I also tried a variant URL of the original MS sample:
https://github.com/Azure/azure-managedapp-samples/raw/master/Managed%20Application%20Sample%20Packages/201-managed-storage-account/managedstorage.zip
Suddenly the deployment works! However, that location is still the original MS-owned repo "azure-managedapp-samples". This simply seems to confirm that if the deployment does not come from a MS-owned repo, I am then unable to make the deployment.
What am I doing wrong?
Update 2/3/2023
I finally found a way to make this work! When using an Azure storage account, simply having a publicly visible URL for the deployment bundle is insufficient. I need to have a "shared access signature" URL for that deployment bundle...and then the az managedapp definition create command works!
However, my overall question still is unanswered:
What are the valid file-share platforms that the az managedapp definition create supports? Besides github and Azure BLOB, what else?
What exact configuration do I need to make with a github raw link, before it is considered "kosher" by the managedapp definition create?
In Azure DevOps we have the following Azure App Service deploy task in our release pipeline:
This works good but it adds Application settings WEBSITE_RUN_FROM_PACKAGE = 1 for Azure App Service
The web application starts but for some reason /lib/ionic/release/css/ionic.min.css is not loaded with this setting.
If I remove WEBSITE_RUN_FROM_PACKAGE and upload the exact same files via FTP everything works as expected.
I know WEBSITE_RUN_FROM_PACKAGE comes from the .zip file deployment but is there anyway to modify the task to simply upload a folder or do I need to use the FTP upload task then? I know WEBSITE_RUN_FROM_PACKAGE makes wwwroot read-only but what could be causing this? With this setting a GET to the resource simple gives the following error:
The resource you are looking for has been removed, had its name
changed, or is temporarily unavailable.
https://learn.microsoft.com/en-us/azure/azure-functions/run-functions-from-deployment-package
Solved the upload with FTP Upload task
https://learn.microsoft.com/en-us/azure/devops/pipelines/tasks/utility/ftp-upload?view=azure-devops
However after doing this I still had the same error.
Went into App Service Console and there I could not see the file at all.
I finally solved it by looking at the file name, /lib/ionic/release/css/ionic.min.css. In our .gitignore file we exclude [Rr]elease/. Adding a ignore with !AppFolder/** solved it so the files were added to git.
I'm trying to follow the tutorials at MS Learn about Containers in Azure. I'm trying to push a docker image to my recently created azure container registry I'm using the az acr build command in the Azure CLI, I'm also using a docker file. After running the command I get this message in the console "Packing source code into tar to upload..." then after a couple of minutes I get this:
[WinError 5] Access is denied: '.\\AppData\\Local\\Application Data'
I did a little research and it's supposed that's a junction folder in Win 10 which means it only exists for backwards compatibility, it only redirects you to the new location Microsoft uses.
Anyone happen to have had this error?
I also tried to modify permissions to the Application Data folder but no matter which permissions it has it still throws the same exception.
UPDATE
The tutorial I'm trying to follow along is in this link.
I also tried to use the --verbose flag of the az acr build command and the error is being thrown in this file ```cli.azure.cli.core.util````. I looked over the azure cli github project and found the file but I'm not as good developer to figured out what's going on.
After a successful build using a hosted VS2017 agent, I'm trying to deploy on-prem using an local hosted agent which was setup using a domain account which should have sufficient permissions as it is in the local admin group. As I was digging around on this issue elsewhere, one user re-installed their agent using NTATHORITY\SYSTEM and it worked.
I d'ont really need to create or stop\start the website, just deploy the recent build artifact.
What permissions should I check or should I use another task?
019-04-06T21:03:10.3898646Z ERROR ( message:Configuration error
2019-04-06T21:03:10.3899503Z
2019-04-06T21:03:10.3899791Z Filename: redirection.config
2019-04-06T21:03:10.3900026Z 2019-04-06T21:03:10.3900293Z Line
Number: 0 2019-04-06T21:03:10.3900530Z 2019-04-06T21:03:10.3900852Z
Description: Cannot read configuration file due to insufficient
permissions 2019-04-06T21:03:10.3901076Z 2019-04-06T21:03:10.3901333Z
. ) 2019-04-06T21:03:10.8135484Z ##[error]Process 'appcmd.exe' exited
with code '5'.
An agent is running under a user. The error means that your user doesn't have permissions to read/modify the redirection.config file that is necessary to manage IIS.
You have multiple options to solve this.
Change the user were the agent is running under. In example: NTATHORITY\SYSTEM
Give permissions to the user were your agent is running under to the folder C:\Windows\System32\inetsrv\config. If you want to create app pools or websites etc, modify permissions are of course needed.
When we install Azure agent as a service(In Windows, search for 'Services' and look for something like Azure Pipelines Agent..), by default it is logged on as 'Network Service'. Change it to 'Local System' and the pipeline should be able to run IIS related tasks/commands.
I have a Visual Studio Enterprise MSDN subscription so I decided to move from Heroku to Microsoft Azure because I used to pay: now I don't. My Service Plan is the D1.
I wish I can trail the console.log strings of my Node JS application deployed on my Azure platform. My service plan is the shared one named
I deployed the app code on BitBucket and linked my repo to the application with a correct destribution. Correct means I see the green check flag. I deployed, on the main folder of the app, a file named IISNode.yml, here is the content:
nodeProcessCommandLine: "D:\Program Files (x86)\nodejs\0.12.6\node.exe"
loggingEnabled: true
debuggingEnabled: false
devErrorsEnabled: false
node_env: production
The firse line I copied from the iisnode.yml created by Azure itselves. The other lines I am not quite sure about the exact meanings of all of them, but I figured they were enough. If I visit the url: http://MY_APP_NAME.scm.azurewebsites.net/DebugConsole I can click on Tools->Log Stream menu but the page remains on loading.
I can reach the Azure Portal, enter my node app, Tools -> Application Log and Web Server log. The application log shows this (I think quite interesting) message:
System.ApplicationException: The trace listener AzureBlobTraceListener is disabled. ---> System.InvalidOperationException: The SAS URL for the cloud storage account is not specified. Use the environment variable 'DIAGNOSTICS_AZUREBLOBCONTAINERSASURL' to define it.
at Microsoft.WindowsAzure.WebSites.Diagnostics.AzureBlobTraceListener.RefreshConfig()
I have not reached informations about this "environment variable", and I can0t guess what the BLOB container has to do with my log application. And: what is the correct value for this variable? And if there is any, why is that one correct?
The Web Servier log is are empty. I can see http activities from the monitor of the app on the same portal, but still no log.
Am I missing something ? I decided to install Visual Studio, maybe this will help? I hope this has tools to be integrated with Azure for good. Meanwhile, where is the console log of my (Extremely Simple) node application?
You can view your logs in real time if you use the azure SCM interface. This can usually be accessed on the following url
https://{{ name of webapp }}.scm.azurewebsites.net/api/logstream
All your console output from your application is redirected here.
You can also use curl:
curl -u {{ deploymentCredentialsUsername:deploymentCredentialsPassword }} https://webapp-name.acm.azurewebsites.net/api/logstream
Otherwise you could use the nodejs azure cli. Install it with
npm install -g azure-cli
Switch to asm mode:
azure config mode asm
Then you can proceed to look at the logs from your terminal:
azure site log tail {{ webapp name }}
You can add an item in iisnode.yml named logDirectory, set the value as iisnode for example, then the application will create a folder in this name in your root directory and store files with stdout and stderr captures in it. You can refer to https://github.com/tjanczuk/iisnode/blob/master/src/samples/configuration/iisnode.yml#L94 for the details for this configuration.
You can store logs in files whatever you need via console.log(), then the application will create a html file index.html in the log folder to provide logs. You can visit the logs via the URL: http://<you_app_name>.azurewebsites.net/<log_file_name>/index.html
Additionally, you can leverage Node.js console class to customize logger, refer to https://nodejs.org/api/console.html#console_new_console_stdout_stderr for the sample
If you are using the Azure Portal web interface, you can find the console.log output under the Log Stream section under Monitoring.
Refer to the screenshot below: