Is it possible to move an already setup app gateway from one subnet to another?
As of now haven't seen any way from the portal to do so.
You can use this script to change the VNet or Subnet. Please test it to see if it meets your needs, before applying it to a production gateway. Also, take into account that there will be some downtime during the change.
#Login to Azure RM
Login-AzureRmAccount
#Get the Application Gateway config
$gw=Get-AzureRmApplicationGateway -Name GatewayName -ResourceGroupName RGName
#Set the new virtual network and store the config into a new variable
$gw2=Set-AzureRmApplicationGatewayIPConfiguration -SubnetId "/subscriptions/999999-9915-4b1c-accf-0c984bed2311/resourceGroups/RGName/providers/Microsoft.Network/virtualNetworks/NewVirtualNetwork/subnets/default" -ApplicationGateway $gw -Name $gw.GatewayIPConfigurations.name
#Stop the Gateway (you can't change the virtual network / subnet if the Gateway is running)
Stop-AzureRmApplicationGateway -ApplicationGateway $gw
#Set the new config
Set-AzureRmApplicationGateway -ApplicationGateway $gw2
The accepted answer by andresm53 is excellent.
However, as the PowerShell AzureRm module is being phased out in favor of the newer Az module, here is an Az version (with a slight improvement to save from having to look up the subnet id in order to paste it into the code).
This is based, in addition to andresm53's code, also on an example in the MS docs.
### Fill in your values ###
$GatewayResourceGroupName = "MyRG1"
$GatewayName = "MyGw"
$VnetResourceGroupName = "MyRG2" #may or may not be the same as $GatewayResourceGroupName
$VNetName = "MyVNet"
$SubnetName = "Subnet1"
###########################
$AppGw = Get-AzApplicationGateway -Name $GatewayName -ResourceGroupName $GatewayResourceGroupName
Stop-AzApplicationGateway -ApplicationGateway $AppGw
$VNet = Get-AzVirtualNetwork -Name $VNetName -ResourceGroupName $VnetResourceGroupName
$Subnet = Get-AzVirtualNetworkSubnetConfig -Name $SubnetName -VirtualNetwork $VNet
$AppGw = Set-AzApplicationGatewayIPConfiguration -ApplicationGateway $AppGw -Name $AppGw.GatewayIPConfigurations[0].Name -Subnet $Subnet
Set-AzApplicationGateway -ApplicationGateway $AppGw
Start-AzApplicationGateway -ApplicationGateway $AppGw
I did it using azure cli, it's necessary to perform some steps:
Stop the application gateway
Change the subnet
Start the application gateway (this will take some minutes)
Using azure cli:
1. stopping application gateway
az network application-gateway stop --subscription YOUR_SUBSCRIPTION_NAME --resource-group YOUR_APP_GATEWAY_RESOURCE_GROUP --name YOUR_APP_GATEWAY_NAME
2. Change the subnet.
2.1 At this point, you need to know your current vnet data, given by next command
az network application-gateway show \
--subscription YOUR_SUBSCRIPTION_NAME \
--resource-group YOUR_APP_GATEWAY_RESOURCE_GROUP \
--name YOUR_APP_GATEWAY_NAME
The output we need is at JSON section gatewayIpConfigurations
[
{
"etag": "REDACTED",
"id": "REDACTED",
"name": "REDACTED",
"provisioningState": "REDACTED",
"resourceGroup": "REDACTED",
"subnet": {
"id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.Network/virtualNetworks/YOUR_CURRENT_VNET/subnets/YOUR_CURRENT_SUBNET",
"resourceGroup": "REDACTED"
},
"type": "Microsoft.Network/applicationGateways/gatewayIPConfigurations"
}
]
2.2 To change the subnet, you need to modify YOUR_CURRENT_SUBNET by your new subnet
[
{
"etag": "REDACTED",
"id": "REDACTED",
"name": "REDACTED",
"provisioningState": "REDACTED",
"resourceGroup": "REDACTED",
"subnet": {
"id": "/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.Network/virtualNetworks/YOUR_CURRENT_VNET/subnets/YOUR_NEW_SUBNET",
"resourceGroup": "REDACTED"
},
"type": "Microsoft.Network/applicationGateways/gatewayIPConfigurations"
}
]
2.3 Copy the previous subnet id, put the proper subnet name you want now, and update it
az network application-gateway update \
--subscription YOUR_SUBSCRIPTION_NAME \
--resource-group YOUR_APP_GATEWAY_RESOURCE_GROUP \
--name YOUR_APP_GATEWAY_NAME \
--set gatewayIpConfigurations[0].subnet.id='/subscriptions/REDACTED/resourceGroups/REDACTED/providers/Microsoft.Network/virtualNetworks/YOUR_CURRENT_VNET/subnets/YOUR_NEW_SUBNET'
3. Start the application gateway
az network application-gateway start \
--subscription YOUR_SUBSCRIPTION_NAME \
--resource-group YOUR_APP_GATEWAY_RESOURCE_GROUPĀ \
--name YOUR_APP_GATEWAY_NAME
You cannot change Subnet/VNet association on a running Gateway. It needs to be in stopped state first. Also the VIP on the Gateway would change once it is started post update. Subnet move can be done via PowerShell/CLI and is not supported in portal currently.
It will affects the external IP address. Therefore the app gateway have to use dynamic ip address.
Once the app gateway has been stopped than the external IP will release so you will have a new one after it's started up.
Related
I've been following this guide to cloning an existing app. I'm running the Az Powershell Module via Docker.
Here's what I ran:
$destapp = New-AzWebApp -ResourceGroupName HLP-API-NEW -Name hlp-api-new -Location "UK South" -AppServicePlan hlp-api-plan-new -SourceWebApp $srcapp
HLP-API-NEW is a new resource group that I created; hlp-api-plan-new is likewise a new service plan.
Here's how I got $srcapp:
$srcapp = Get-AzWebApp -ResourceGroupName HLP-API -Name api-hlp
The service plan / resource group nams are definitely correct. I get the following error:
New-AzWebApp: Long running operation failed with stauts 'InternalServerError'
Does anyone know why this might be?
Please make sure your app is not under the below conditions. if it is in the below condition, we can't be able to clone it.
Restrictions to clone app
Auto scale settings are not cloned
Backup schedule settings are not cloned
VNET settings are not cloned
App Insights are not automatically set up on the destination app
Easy Auth settings are not cloned
Kudu Extension are not cloned
TiP rules are not cloned
Database content is not cloned
Outbound IP Addresses changes if cloning to a different scale unit
Not available for Linux Apps
Managed Identities are not cloned
Not available for Function Apps
If your app is not in the above criteria, you can clone it.
Ways follows
1. Using Slot parameter
To clone an existing app including all associated deployment slots, you need to use the Slots parameter.
$srcappslot = Get-AzWebAppSlot -ResourceGroupName <Your Resource Group> -Name <Your app name> -Slot <slot name>
$destapp = New-AzWebApp -ResourceGroupName <Your Resource Group> -Name <Your new app name> -Location <location to create app> -AppServicePlan <App service plan name> -SourceWebApp $srcappslot
2. Using the new App Service plan
$srcapp = Get-AzWebApp -ResourceGroupName <Your Resource Group> -Name <Your app name>
New-AzAppServicePlan -Location "Central US" -ResourceGroupName <Your Resource Group> -Name <App Service plan Name> -Tier Standard
$destapp = New-AzWebApp -ResourceGroupName <Your Resource Group> -Name <new app name to create> -Location <Location to create app> -AppServicePlan <Your new app service name> -SourceWebApp $srcapp
3. Using Existing App Service plan
$srcapp = Get-AzWebApp -ResourceGroupName <Your Resource Group> -Name <Your app name>
$destapp = New-AzWebApp -ResourceGroupName <Your Resource Group> -Name <new app name to create> -Location <Location to create app> -AppServicePlan <Specify exact App service file path (APP SERVICE PLAN> PROPERTIES>RESOURCEID)> -SourceWebApp $srcapp
I have the same problem, I don't understand what's wrong with my command. While scouring the Internet I found this command which is leading me towards a solution. You may find it helpful as well:
PS> Resolve-AzError
This provided me the clue I needed to chase:
Message : Long running operation failed with status 'InternalServerError'.
ServerMessage : Restore failed with errors: Detail: Hostname 'abc.somedomain.com' conflicts with an already existing hostname.
ExtendedCode: 04005
Good luck!
What is the equivalient of this code using New-AzAppServicePlan?
az appservice plan create --resource-group $ServerFarmResourceGroupName `
--name $AppServicePlanName `
--is-linux `
--location $ResourceGroupLocation `
--sku $AppServicePlanTier `
--number-of-workers $NumberOfWorkers
Is there really no way to create an App Service Plan using Az Powershell? Why can it only be done via Azure CLI or ARM?
I only found this answer, which basically uses ARM directly: How do I use Powershell to create an Azure Web App that runs on Linux?
There are some issues about this, suppose for now this is not supported for New-AzureRmAppServicePlan, however you could use New-AzureRmResource to create a linux plan. You could try the below command.
New-AzureRmResource -ResourceGroupName <>group name -Location "Central US" -ResourceType microsoft.web/serverfarms -ResourceName <plan name> -kind linux -Properties #{reserved="true"} -Sku #{name="S1";tier="Standard"; size="S1"; family="S"; capacity="1"} -Force
I originally used my script to create a ConsumptionPlan (Y1) through PowerShell and AzureCLI because I don't like when Azure put a generated name when creating a ConsumptionPlan.
Please find my solution to create a Linux App Service Plan (B1) using New-AzResource:
$fullObject = #{
location = "West Europe"
sku = #{
name = "B1"
tier = "Basic"
}
kind = "linux"
properties = #{
reserved = $true
}
}
$resourceGroupName = "rg-AppServicePlanLinux"
$serverFarmName = "aspl-test"
Write-Host "Step 1: CREATING APP SERVICE PLAN B1:Basic named [$serverFarmName]"
# Create a server farm which will host the function app in the resource group specified
New-AzResource -ResourceGroupName $resourceGroupName -ResourceType "Microsoft.Web/serverfarms" -Name $serverFarmName -IsFullObject -PropertyObject $fullObject -Force
So I used the ARM template to understand which information you need to provide on the -PropertyObject parameter
It also now seems possible to do an App Service Plan Linux with New-AzAppServicePlan command since Az PowerShell 4.3.0 (June 2020) with the parameter -Linux
Az.Websites
Added safeguard to delete created webapp if restore failed in 'Restore-AzDeletedWebApp'
Added 'SourceWebApp.Location' for 'New-AzWebApp' and 'New-AzWebAppSlot'
Fixed bug that prevented changing Container settings in 'Set-AzWebApp' and 'Set-AzWebAppSlot'
Fixed bug to get SiteConfig when -Name is not given for Get-AzWebApp
Added a support to create ASP for Linux Apps
Added exceptions for clone across resource groups
Release Note: https://learn.microsoft.com/en-us/powershell/azure/release-notes-azureps?view=azps-5.6.0&viewFallbackFrom=azps-4.3.0#azwebsites-7
New-AzAppServicePlan: https://learn.microsoft.com/en-us/powershell/module/az.websites/new-azappserviceplan?view=azps-5.6.0
If you get "The Service is unavailable" after deploying your new Function app (Consumption Plan) with Azure CLI, please make sure the following statement from Microsoft:
https://github.com/Azure/Azure-Functions/wiki/Creating-Function-Apps-in-an-existing-Resource-Group
I waste the whole day because I got another Function App (Premium Plan) in the same resource group I used to deploy the Consumption one.
This worked for me:
Adding -Linux as a parameter to my command
New-AzAppServicePlan -ResourceGroupName $RESOURCE_GROUP_NAME -Name $APP_SERVICE_PLAN_NAME -Location $RESOURCE_LOCATION -Linux -Tier $APP_SERVICE_PLAN_TIER -NumberofWorkers $APP_SERVICE_PLAN_WORKERS -WorkerSize $APP_SERVICE_PLAN_WORKER_SIZE
Example:
New-AzAppServicePlan -ResourceGroupName 'MyResourceGroup' -Name 'MyServicePlan' -Location 'northeurope' -Linux -Tier 'PremiumV2' -NumberofWorkers 2 -WorkerSize Medium
That's all.
I hope this helps
My Azure Service Fabric application sometimes requires paths longer than MAX_PATH, especially given the length of the work directory. As such, I'd like to enable long file paths (via the registry's LongPathsEnabled value, via group policy, or via some other mechanism, see https://superuser.com/questions/1119883/windows-10-enable-ntfs-long-paths-policy-option-missing). But I can't figure out how to do that.
The cluster runs on an Azure VMSS, so I can remote into the individual instances and set it manually, but that doesn't scale well of course.
UPDATE:
#4c74356b41's answer got me most of where I needed to be. My VMSS already had a customScript extension installed, so I actually had to modify it to include the PS command, here's my final command:
# Get the existing VMSS configuration
$vmss = Get-AzVmss -ResourceGroupName <resourceGroup> -Name <vmss>
# inspect $vmss to determine which extension is the customScript, in ours it's at index 3. Note the existing commandToExecute blob, you'll need to modify it to add the additional PS command
# modify the existing Settings.commandToExecute blob to add the reg set command
$vmss.VirtualMachineProfile.ExtensionProfile.Extensions[3].Settings.commandToExecute = 'powershell -ExecutionPolicy Unrestricted -File AzureQualysCloudAgentPowerShell_v2.ps1 && powershell -c "Set-ItemProperty -Path HKLM:\System\ControlSet001\Control\FileSystem -Name LongPathsEnabled -Value 1"'
# update the VMSS with the new config
Update-AzVmss -ResourceGroupName $vmss.ResourceGroupName -Name $vmss.Name -VirtualMachineScaleSet $vmss
I'd suggest using script extension and a simple powershell script to set this value. this will automatically get applied to all the instances (including to when you scale).
{
"apiVersion": "2018-06-01",
"type": "Microsoft.Compute/virtualMachineScaleSet/extensions",
"name": "config-app",
"location": "[resourceGroup().location]",
"properties": {
"publisher": "Microsoft.Compute",
"type": "CustomScriptExtension",
"typeHandlerVersion": "1.9",
"autoUpgradeMinorVersion": true,
"settings": {
"fileUris": []
},
"protectedSettings": {
"commandToExecute": "powershell -c 'Set-Item HKLM:\System\CurrentControlSet\Policies\LongPathsEnabled -Value 1'"
}
}
}
The command itself is probably a bit off, but you can experiment on your local and get it right and then put it into the script extension
https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-windows
I'm currently running into difficulty in creating an Azure VM from a custom VM image. I am following the guide from Azure from here: https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-linux-capture-image/
I've used Waagent and deprovisioned the machine as instructed, and deallocated, generalized, and captured my machine image (I have made some modifications to the core Ubuntu 16.04LTS image available from Azure software wise). I have successfully created the template.json file (Can provide it if needed). I then completed all the tasks below in the powershell script as outlined in the article, just extracting the parameters to variables to make things a bit easier.
## Global
$rgName = "testrg"
$location = "eastus"
## Storage
$storageName = "teststore"
$storageType = "Standard_GRS"
## Network
$nicname = "testnic"
$subnetName = "subnet1"
$vnetName = "testnet"
$vnetAddressPrefix = "10.0.0.0/16"
$vnetSubnetAddressPrefix = "10.0.0.0/24"
$ipName = "TestIP"
## Compute
$vmName = "testvm"
$computerName = "testcomputer"
$vmSize = "Standard_D1_v2"
$osDiskName = $vmName + "osDisk"
#template
$fileTemplate = "C:\AzureTemplate\template.json"
azure group create $rgName -l $location
azure network vnet create $rgName $vnetName -l $location
azure network vnet subnet create --resource-group $rgName --vnet-name $vnetName --name $subnetName --address-prefix $vnetSubnetAddressPrefix
azure network public-ip create $rgName $ipName -l $location
azure network nic create $rgName $nicName -k $subnetName -m $vnetName -p $ipName -l $location
azure network nic show $rgName $nicname
azure group deployment create $rgName $computerName -f $fileTemplate
I am able to successfully run all the commands to create the resource group and the network components, however, when I try to run the deployment command at the bottom of the powershell script, I get the following and it just hangs here indefinitely. Am I using the right approach to create a VM from a custom image? Or is that Azure guide outdated?
azure group deployment create $rgName $computerName -f $fileTemplate
[32minfo[39m: Executing command [1mgroup deployment create[22m
[32minfo[39m: Supply values for the following parameters
EDIT: Link to image showing the issue: http://imgur.com/a/Fgh8K
I believe your understanding is not complete. If you see at the last line it says Supply values for the following parameters
You need to pass the values for VM name, the admin user name and password, and the Id of the NIC you created previously. My be you should re-read the documentation. Here is the screenshot for your reference from https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-linux-capture-image/#deploy-a-new-vm-from-the-captured-image -
I have a new subscription to Azure but have existing VM's in a prior subscription. What is the easiest/best way to move my VM's to the new Subscription?
Thanks for reading.
I don't know if there's another option, but you can do this with powershell:
# Copy a virtual machine to a different subscription (no VNET)
.\vmcopy.ps1 -SourceSubscription "source subscription" `
-DestinationSubscription "destination subscription" `
-VirtualMachineName "existingvmname" `
-SourceServiceName "sourcecloudservice" `
-DestinationServiceName "destinationcloudservice" `
-DestinationStorageAccount "destinationstorageaccount" `
-Location "West US"
# Copy a virtual machine to a different subscription and specify an existing virtual network and subnet.
.\vmcopy.ps1 -SourceSubscription "source subscription" `
-DestinationSubscription "destination subscription" `
-VirtualMachineName "existingvmname" `
-SourceServiceName "sourcecloudservice" `
-DestinationServiceName "destinationcloudservice" `
-DestinationStorageAccount "destinationstorageaccount" `
-VNETName "DestinationVNET" `
-SubnetName "DestinationSubnet"
Source / more info
http://michaelwasham.com/2014/01/21/copy-a-windows-azure-virtual-machine-between-subscriptions/
For those who wonder if there is a better option: Yes, there is.
When you want to move instead of copy (as Thiago suggested) you should do the following:
Create a JSON file with this content:
{
"targetResourceGroup": "/subscriptions/<TARGET-SUBSCRIPTION-ID>/resourceGroups/<TARGET-RESOURCEGROUP-NAME>",
"resources": [
"<SOURCE-RESOURCE-ID>"
]
}
Note that you may have multiple resources which belongs to a VM: VM, cloudservice, storage account, VNet, reserved IP, ...
You need to add the resource IDs of all these resources into the JSON above.
Then you can run:
armclient post https://management.azure.com/subscriptions/<SOURCE-SUBSCRIPTION-ID>/resourceGroups/<SOURCE-RESOURCEGROUP>/moveResources?api-version=2015-01-01 #<PAHT_TO_JSON> -verbose
on your command line. You will ned armclient, which you can install by using choco:
choco install armclient