We want to host an image on Azure marketplace but it will be a closed VM. I dont want any user to run any script or install any software using Azure VM extensions, thus want to disable the extensions.
Is there any way I can disable the extension ?
Looks like you are using a weird approach. This is essentially a SaaS, but you plan to distribute it as IaaS.
Even if you kill waagent after VM provision nothing prevent user from using mounting your VHD to another VM and do whatever he wants. So you should really aim at SaaS\PaaS approach
Related
I have been told that there is another way to access an Azure VM without using RDP. What other ways are out there?
You can use Azure Cloud Shell to work with any WM using the command line (bash for Linux VMs and PowerShell for Windows WMs)
You can find common info about Azure Cloud Shell usage here: Overview of Azure Cloud Shell
Connection flow for Windows WMs here: Interactively log on to a remote VM
Connection to Linux VM here: SSH into your Linux VM
Just to add to existing answer, all the regular ways to manage virtual machines are available (winrm\ssh), you can also use custom script extension to run command on your virtual machines without exposing management endpoints on those vm (more secure, but less trivial).
You can also use Invoke-AzVmRunCommand\az vm run-command invoke to run commands on the vm directly (similar to custom script extension).
Reading:
https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-windows
https://learn.microsoft.com/en-us/cli/azure/vm/run-command?view=azure-cli-latest
https://learn.microsoft.com/en-us/powershell/module/az.compute/invoke-azvmruncommand?view=azps-1.3.0
I am trying to better understand azure virtual machine scale sets and how my company can use it. Currently we run a custom software (wpf program) that will need to be deployed and updated on all VMs.
Is a extension where I setup the deploy of the wpf?
Can I pull the files from a git repo to deploy?
How do I config this?
Not directly. there is a custom script extension and azure powershell dsc extension (and several others, like chef) which allow you to do pretty much anything, but nothing built-in
No, you cannot do that natively, you can use those extensions to do whatever you like. Or, better, you can use ci\cd systems (like Azure Devops) to do that. You need to install agent on the vm (in most cases) and then use that ci\cd system to deploy to vmss instances.
Another alternative - using images, that is a native way, but you need to prebuild images (packer, questionmark).
I have created a Azure Scale Set upto 3 Linux VMs using the Azure Portal. I have successfully installed java, maven and git on the first VM. I was able to run my App on the first VM.
I have a fan out trigger at 60% and fan in at 25%. Whenever my processing exceeds 60% a new VM is started.
But how do I deploy my app on the second VM? I have gone through this and found the second option custom VM image suitable for my purpose. But I fail to understand how it is achieved.
Is there a easier way or do I have to manually install everything that I did on my first VM?
You have several options available to do this, detailed here
From a single image that you keep refreshing each time you update the app or the os
using a VM Extension - refresh the extension url each time you want to update the vms, and then issue a ps or rest command to roll out the updates
use something like puppet/chef/dsc to pull updates from somewhere and install them - you could use msdeploy for example
use msdeploy from a script that iterates your vms and remote deploys.
I'm sure there are other ways too...
To do this, you will need to create a generalized VM image, put it into a storage account, then create a scale set based on that image.
Here are instructions for creating a generalized Windows VM image, see here: https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-windows-classic-createportal/
For Linux, see here: https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-linux-upload-vhd/
Once the image is in a storage account, you can use this example template to deploy it in a scale set (assumes Windows image): https://github.com/Azure/azure-quickstart-templates/tree/master/201-vmss-windows-customimage
Hope this helps! :)
I am new to azure RM model.Please help me to copy and install an exe in VM created in resource manager portal using powershell script or using API. Thanks in advance.
If you want to do the install the EXE remotely then the VM needs to be configured to allow for remote management - you can do this via WinRM. See: https://www.penflip.com/powershellorg/secrets-of-powershell-remoting/blob/master/accessing-remote-computers.txt and http://tarkus.me/post/64761019099/windows-azure-vms-remote-management
Setting this up is non-trivial (you need to ensure it's secure). You could also try adding an VM extension to the VM that will do the copy. Since the VM is already provision I think the only option here would be to use DSC though I've never added a DSC extension to a VM post-provisioning, it should work. That would require authoring and staging a DSC script in addition to adding the extension but definitely less complex than enabling remote management.
Simplest by far is as Gaurav suggested and log on to the VM and copy from there.
I have an existing VM with a configured Sharepoint environment. I would like to use this machine as a base for creating multiple azure VM instances for several developers to work on. Is such scenario possible? Is running 'sysprep' (will ruin my sharepoint) unevitable?
I would also be able to upgrade the 'image' (e.g. install windows updates) and create VM's from it afterwards.
How can I achieve this? I know cloudshare offers similar solution, so I suppose it also can be done in azure.
You certainly can make an image from a Virtual Machine. The entire process is described here. Also look at my other SO answer about a caveat when running sysprep (regarding not letting the VM image shut down after sysprep runs).
Once you have your image, it will be available in your Virtual Machine gallery, where you can choose it as your baseline for new VMs (either via portal or PowerShell / CLI).
If, in the future, you do updates on your master image, you'd need to re-create an image for future deployments. Or... you'd need to install the updates on each deployed VM instance.
Note: With web/worker role instances (which doesn't help for SharePoint but could help with other workloads you have), the Windows Server OS image is maintained by Microsoft. Should there be an OS update, these are taken care of for you.