Getting facts from an Azure VM with Ansible with Azure - azure

I'm trying to have a single playbook that will create a VM in Azure and also run a playbook on it once it is created.
I can get the VM to be created but as the Public IP doesn't exist before it is created I can't use for the inventory. This is my current yaml:
---
- hosts: localhost
tasks:
- name: Create virtual network
azure_rm_virtualnetwork:
resource_group: az-test
name: az-test-vnet
address_prefixes: "10.43.0.0/16"
- name: Add subnet
azure_rm_subnet:
resource_group: az-test
name: az-test-subnet
address_prefix: "10.43.0.0/24"
virtual_network: az-test-vnet
- name: Create VM
azure_rm_virtualmachine:
resource_group: az-test
name: az-test-vm
vm_size: Standard_DS1_v2
admin_username: az-test
ssh_password_enabled: false
ssh_public_keys:
- path: /home/az-test/.ssh/authorized_keys
key_data: "ssh-rsa xxxx "
image:
offer: CentOS
publisher: OpenLogic
sku: '7.4'
version: latest
#- name: Get facts for all Public IPs within a resource groups
# azure_rm_publicip_facts:
# resource_group: az-test
The last bit there's an Ansible Azure module that should return all public IPs in the resource group but that fails.
Even if I could dynamically retrive the Public IP address, could the playbook even be run on it as ansible-playbook was initially only run on 'localhost' and the Public IP is not in the inventory?
Using latest of everything:
ansible 2.4.3.0
python 2.7
azure-cli-core-2.0.31
Apologies for the messy YAML formatting..
EDIT:
Can see Ansible is gathering facts that I can use but not exactly sure how to reference them?
"ansible_facts": {
"azure_vm": {
"id": "/subscriptions/x/resourceGroups/az-test/providers/Microsoft.Compute/virtualMachines/az-test",
"location": "eastus",
"name": "az-test",
"powerstate": "running",
"properties": {
"hardwareProfile": {
"vmSize": "Standard_DS1_v2"
},
"instanceView": {
"disks": [
{
"name": "az-test.vhd",
"statuses": [
{
"code": "ProvisioningState/succeeded",
"displayStatus": "Provisioning succeeded",
"level": "Info",
"time": "2018-04-16Tx"
}
]
}
],
"extensions": [
{
"name": "OmsAgentForLinux",
"statuses": [
{
"code": "ProvisioningState/succeeded",
"displayStatus": "Provisioning succeeded",
"level": "Info",
"message": "Enable succeeded"
}
],
"type": "Microsoft.EnterpriseCloud.Monitoring.OmsAgentForLinux",
"typeHandlerVersion": "1.4.60.2"
}
],
"statuses": [
{
"code": "ProvisioningState/succeeded",
"displayStatus": "Provisioning succeeded",
"level": "Info",
"time": "2018-04-16Tx"
},
{
"code": "PowerState/running",
"displayStatus": "VM running",
"level": "Info"
}
],
"vmAgent": {
"extensionHandlers": [
{
"status": {
"code": "ProvisioningState/succeeded",
"displayStatus": "Ready",
"level": "Info",
"message": "Plugin enabled"
},
"type": "Microsoft.EnterpriseCloud.Monitoring.OmsAgentForLinux",
"typeHandlerVersion": "1.4.60.2"
}
],
"statuses": [
{
"code": "ProvisioningState/succeeded",
"displayStatus": "Ready",
"level": "Info",
"message": "Guest Agent is running",
"time": "2018-04-16Tx"
}
],
"vmAgentVersion": "2.2.25"
}
},
"networkProfile": {
"networkInterfaces": [
{
"id": "/subscriptions/x/resourceGroups/az-test/providers/Microsoft.Network/networkInterfaces/az-test01",
"name": "az-test01",
"properties": {
"dnsSettings": {
"appliedDnsServers": [],
"dnsServers": [],
"internalDomainNameSuffix": "x.bx.internal.cloudapp.net"
},
"enableAcceleratedNetworking": false,
"enableIPForwarding": false,
"ipConfigurations": [
{
"etag": "W/\"x\"",
"id": "/subscriptions/x/resourceGroups/az-test/providers/Microsoft.Network/networkInterfaces/az-test01/ipConfigurations/default",
"name": "default",
"properties": {
"primary": true,
"privateIPAddress": "10.43.0.5",
"privateIPAddressVersion": "IPv4",
"privateIPAllocationMethod": "Dynamic",
"provisioningState": "Succeeded",
"publicIPAddress": {
"id": "/subscriptions/x/resourceGroups/az-test/providers/Microsoft.Network/publicIPAddresses/az-test01",
"name": "az-test01",
"properties": {
"idleTimeoutInMinutes": 4,
"ipAddress": "52.x.x.x",
"ipConfiguration": {
"id": "/subscriptions/x/resourceGroups/az-test/providers/Microsoft.Network/networkInterfaces/az-test01/ipConfigurations/default"
},
"provisioningState": "Succeeded",
"publicIPAddressVersion": "IPv4",
"publicIPAllocationMethod": "Static",
"resourceGuid": "x"
}
},
"subnet": {
"id": "/subscriptions/x/resourceGroups/az-test/providers/Microsoft.Network/virtualNetworks/az-test-vnet/subnets/az-test-subnet"
}
}
}
],
"macAddress": "00-0D-3A-1D-E1-8A",
"networkSecurityGroup": {
"id": "/subscriptions/x/resourceGroups/az-test/providers/Microsoft.Network/networkSecurityGroups/az-test01"
},
"primary": true,
"provisioningState": "Succeeded",
"resourceGuid": "x",
"virtualMachine": {
"id": "/subscriptions/x/resourceGroups/az-test/providers/Microsoft.Compute/virtualMachines/az-test"
}
}
}
]
},
"osProfile": {
"adminUsername": "az-test",
"computerName": "az-test",
"linuxConfiguration": {
"disablePasswordAuthentication": true,
"ssh": {
"publicKeys": [
{
"keyData": "ssh-rsa AAx ",
"path": "/home/az-test/.ssh/authorized_keys"
}
]
}
},
"secrets": []
},
"provisioningState": "Succeeded",
"storageProfile": {
"dataDisks": [],
"imageReference": {
"offer": "CentOS",
"publisher": "OpenLogic",
"sku": "7.4",
"version": "7.4.20180118"
},
"osDisk": {
"caching": "ReadOnly",
"createOption": "fromImage",
"diskSizeGB": 30,
"name": "az-test.vhd",
"osType": "Linux",
"vhd": {
"uri": "https://x.blob.core.windows.net/vhds/az-test.vhd"
}
}
},
"vmId": "x"
},
"resources": [
{
"id": "/subscriptions/x/resourceGroups/az-test/providers/Microsoft.Compute/virtualMachines/az-test/extensions/OmsAgentForLinux",
"location": "eastus",
"name": "OmsAgentForLinux",
"properties": {
"autoUpgradeMinorVersion": true,
"provisioningState": "Succeeded",
"publisher": "Microsoft.EnterpriseCloud.Monitoring",
"settings": {
"azureResourceId": "/subscriptions/x/resourcegroups/az-test/providers/microsoft.compute/virtualmachines/az-test",
"stopOnMultipleConnections": true,
"workspaceId": "x"
},
"type": "OmsAgentForLinux",
"typeHandlerVersion": "1.0"
},
"type": "Microsoft.Compute/virtualMachines/extensions"
}
],
"tags": {},
"type": "Microsoft.Compute/virtualMachines"
}
}


The module name should be azure_rm_publicipaddress_facts instead of azure_rm_publicip_facts

Related

Can not deploy ARM template of Azure App Service with Linux that has mounted storage

We are trying to deploy Azure Linux App Service, that also has mounted storage. Here's our ARM template
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"Environment": {
"type": "String",
"allowedValues": [
"dev",
"stg",
"prd"
]
},
"Region": {
"type": "string",
"allowedValues": [
"eu",
"we"
]
},
"MagentoMediaFileShareName": {
"type": "string"
},
"StorageAccountName": {
"type": "string"
},
"StorageAccountAccessKey": {
"type": "securestring"
},
"MagentoMediaMountPath": {
"type": "string",
"defaultValue": "/var/www/html/pub/external_media"
}
},
"variables": {
"Location": "[resourceGroup().location]",
"ResourcePrefix": "[format('ariva-{0}-{1}-magento', parameters('Environment'), parameters('Region'))]",
"WebSiteName": "[concat(variables('ResourcePrefix'), '-web')]",
"ServicePlanId": "[format('/subscriptions/{0}/resourceGroups/ariva-{1}-{2}/providers/Microsoft.Web/serverfarms/ariva-{1}-{2}-asp', subscription().subscriptionId, parameters('Environment'), parameters('Region'))]"
},
"resources": [
{
"type": "Microsoft.Web/sites",
"apiVersion": "2020-12-01",
"name": "[variables('WebSiteName')]",
"location": "[variables('Location')]",
"kind": "app,linux,container",
"properties": {
"enabled": true,
"hostNameSslStates": [
{
"name": "[concat(variables('WebSiteName'), '.azurewebsites.net')]",
"sslState": "Disabled",
"hostType": "Standard"
},
{
"name": "[concat(variables('WebSiteName'), '.scm.azurewebsites.net')]",
"sslState": "Disabled",
"hostType": "Repository"
}
],
"serverFarmId": "[variables('ServicePlanId')]",
"reserved": true,
"isXenon": false,
"hyperV": false,
"siteConfig": {
"numberOfWorkers": 1,
"linuxFxVersion": "DOCKER|mcr.microsoft.com/appsvc/staticsite:latest",
"acrUseManagedIdentityCreds": false,
"alwaysOn": false,
"http20Enabled": false,
"functionAppScaleLimit": 0,
"minimumElasticInstanceCount": 1
},
"scmSiteAlsoStopped": false,
"clientAffinityEnabled": false,
"clientCertEnabled": false,
"clientCertMode": "Required",
"hostNamesDisabled": false,
"customDomainVerificationId": "1071794BD68C78EC0A4569F03C034F6E1B21BD4E6D35725D99523AC00AE12AA1",
"containerSize": 0,
"dailyMemoryTimeQuota": 0,
"keyVaultReferenceIdentity": "SystemAssigned",
"httpsOnly": false,
"redundancyMode": "None",
"storageAccountRequired": false
}
},
{
"type": "Microsoft.Web/sites/basicPublishingCredentialsPolicies",
"apiVersion": "2020-12-01",
"name": "[concat(variables('WebSiteName'), '/ftp')]",
"location": "[variables('Location')]",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', variables('WebSiteName'))]"
],
"properties": {
"allow": true
}
},
{
"type": "Microsoft.Web/sites/basicPublishingCredentialsPolicies",
"apiVersion": "2020-12-01",
"name": "[concat(variables('WebSiteName'), '/scm')]",
"location": "[variables('Location')]",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', variables('WebSiteName'))]"
],
"properties": {
"allow": true
}
},
{
"type": "Microsoft.Web/sites/config",
"apiVersion": "2020-12-01",
"name": "[concat(variables('WebSiteName'), '/web')]",
"location": "[variables('Location')]",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', variables('WebSiteName'))]"
],
"properties": {
"numberOfWorkers": 1,
"defaultDocuments": [
"Default.htm",
"Default.html",
"Default.asp",
"index.htm",
"index.html",
"iisstart.htm",
"default.aspx",
"index.php",
"hostingstart.html"
],
"netFrameworkVersion": "v4.0",
"linuxFxVersion": "DOCKER|mcr.microsoft.com/appsvc/staticsite:latest",
"requestTracingEnabled": false,
"remoteDebuggingEnabled": false,
"remoteDebuggingVersion": "VS2019",
"httpLoggingEnabled": false,
"acrUseManagedIdentityCreds": false,
"logsDirectorySizeLimit": 35,
"detailedErrorLoggingEnabled": false,
"publishingUsername": "[concat('$', variables('WebSiteName'))]",
"azureStorageAccounts": {
"magento-media": {
"type": "AzureFiles",
"accountName": "[parameters('StorageAccountName')]",
"shareName": "[parameters('MagentoMediaFileShareName')]",
"mountPath": "[parameters('MagentoMediaMountPath')]",
"accessKey": "[parameters('StorageAccountAccessKey')]"
}
},
"scmType": "None",
"use32BitWorkerProcess": true,
"webSocketsEnabled": true,
"alwaysOn": true,
"managedPipelineMode": "Integrated",
"virtualApplications": [
{
"virtualPath": "/",
"physicalPath": "site\\wwwroot",
"preloadEnabled": false
}
],
"loadBalancing": "LeastRequests",
"experiments": {
"rampUpRules": []
},
"autoHealEnabled": false,
"vnetRouteAllEnabled": false,
"vnetPrivatePortsCount": 0,
"localMySqlEnabled": false,
"ipSecurityRestrictions": [
{
"ipAddress": "Any",
"action": "Allow",
"priority": 1,
"name": "Allow all",
"description": "Allow all access"
}
],
"scmIpSecurityRestrictions": [
{
"ipAddress": "Any",
"action": "Allow",
"priority": 1,
"name": "Allow all",
"description": "Allow all access"
}
],
"scmIpSecurityRestrictionsUseMain": false,
"http20Enabled": true,
"minTlsVersion": "1.2",
"scmMinTlsVersion": "1.0",
"ftpsState": "AllAllowed",
"preWarmedInstanceCount": 0,
"functionAppScaleLimit": 0,
//"healthCheckPath": "/health_check.php",
"functionsRuntimeScaleMonitoringEnabled": false,
"minimumElasticInstanceCount": 1
}
},
{
"type": "Microsoft.Web/sites/hostNameBindings",
"apiVersion": "2020-12-01",
"name": "[concat(variables('WebSiteName'), '/', variables('WebSiteName'), '.azurewebsites.net')]",
"location": "[variables('Location')]",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', variables('WebSiteName'))]"
],
"properties": {
"siteName": "[variables('WebSiteName')]",
"hostNameType": "Verified"
}
}
]
}
If we execute this exact template, we will receive the following error
{
"status": "Failed",
"error": {
"code": "BadRequest",
"message": "Required parameter AccessKey is missing.",
"details": [
{
"message": "Required parameter AccessKey is missing."
},
{
"code": "BadRequest"
},
{}
]
}
}
We receive the same error if we have storage manually mounted through portal and try to change the configurations or add deployment slots.
As soon as I remove the mounted storage configuration, everything works just fine.
We need to have this in our DevOps pipeline, it's not acceptable that we unmount-remount the storage manually before and after the deployments. That would cause major issues and downtime. What can we do to overcome the issue?
UPDATE 1
I've tried to create a totally separate web app and storage account all manually. As soon as I hooked the storage mount and tried to enable health checks for instance, I got the same error. I think there's a bug in Azure.
UPDATE 2
Here is the template that deploys the dependent storage account
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"Environment": {
"type": "String",
"allowedValues": [
"dev",
"stg",
"prd"
]
},
"Region": {
"type": "string",
"allowedValues": [
"eu",
"we"
]
}
},
"variables": {
"Location": "[resourceGroup().location]",
"StorageAccountName": "[format('ariva{0}{1}magentostorage', parameters('Environment'), parameters('Region'))]",
"MagentoMediaFileShareName": "magento-media"
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2021-04-01",
"name": "[variables('StorageAccountName')]",
"location": "[variables('Location')]",
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"kind": "StorageV2",
"properties": {
"allowCrossTenantReplication": true,
"minimumTlsVersion": "TLS1_2",
"allowBlobPublicAccess": true,
"allowSharedKeyAccess": true,
"networkAcls": {
"resourceAccessRules": [],
"bypass": "AzureServices",
"virtualNetworkRules": [],
"ipRules": [],
"defaultAction": "Allow"
},
"supportsHttpsTrafficOnly": true,
"encryption": {
"services": {
"file": {
"keyType": "Account",
"enabled": true
},
"blob": {
"keyType": "Account",
"enabled": true
}
},
"keySource": "Microsoft.Storage"
},
"accessTier": "Hot"
}
},
{
"type": "Microsoft.Storage/storageAccounts/blobServices",
"apiVersion": "2021-04-01",
"name": "[concat(variables('StorageAccountName'), '/default')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('StorageAccountName'))]"
],
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"properties": {
"changeFeed": {
"enabled": false
},
"restorePolicy": {
"enabled": false
},
"containerDeleteRetentionPolicy": {
"enabled": true,
"days": 7
},
"cors": {
"corsRules": []
},
"deleteRetentionPolicy": {
"enabled": true,
"days": 7
},
"isVersioningEnabled": false
}
},
{
"type": "Microsoft.Storage/storageAccounts/fileServices",
"apiVersion": "2021-04-01",
"name": "[concat(variables('StorageAccountName'), '/default')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('StorageAccountName'))]"
],
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"properties": {
"shareDeleteRetentionPolicy": {
"enabled": true,
"days": 7
}
}
},
{
"type": "Microsoft.Storage/storageAccounts/queueServices",
"apiVersion": "2021-04-01",
"name": "[concat(variables('StorageAccountName'), '/default')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('StorageAccountName'))]"
],
"properties": {
"cors": {
"corsRules": []
}
}
},
{
"type": "Microsoft.Storage/storageAccounts/tableServices",
"apiVersion": "2021-04-01",
"name": "[concat(variables('StorageAccountName'), '/default')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('StorageAccountName'))]"
],
"properties": {
"cors": {
"corsRules": []
}
}
},
{
"type": "Microsoft.Storage/storageAccounts/fileServices/shares",
"apiVersion": "2021-04-01",
"name": "[concat(variables('StorageAccountName'), '/default/', variables('MagentoMediaFileShareName'))]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts/fileServices', variables('StorageAccountName'), 'default')]",
"[resourceId('Microsoft.Storage/storageAccounts', variables('StorageAccountName'))]"
],
"properties": {
"accessTier": "TransactionOptimized",
"shareQuota": 5120,
"enabledProtocols": "SMB"
}
}
],
"outputs": {
"MagentoMediaFileShareName": {
"type": "string",
"value": "[variables('MagentoMediaFileShareName')]"
},
"StorageAccountName": {
"type": "string",
"value": "[variables('StorageAccountName')]"
},
"StorageAccountAccessKey": {
"type": "securestring",
"value": "[listKeys(variables('StorageAccountName'), '2019-04-01').keys[0].value]"
}
}
}
UPDATE 3 - temporary workaround
We were able to find a temporary workaround. Instead of deploying the file mount through the ARM template, we've removed that bit from ARM template, after, we use the following build step in our DevOps pipeline to mount the storage through azure CLI
- task: AzureCLI#2
displayName: 'Attach media volume'
inputs:
azureSubscription: '${{ parameters.azureSubscription }}'
scriptType: pscore
scriptLocation: inlineScript
inlineScript: |
az webapp config storage-account add `
--resource-group ${{ parameters.resourceGroup }} `
--name "$(WebSiteName)" `
--access-key "$(StorageAccountAccessKey)" `
--custom-id magento-media `
--storage-type AzureFiles `
--share-name "$(MagentoMediaFileShareName)" `
--account-name "$(StorageAccountName)" `
--mount-path "/var/www/html/pub/external_media"
This doesn't solve the problem of course.
Doing so, ARM template will essentially remove the mount and then it will be deployed by the script, causing downtime
When mount is in place, we still can't change any of the WebApp properties through the portal and we will get the error that AccessKey is missing

azureStorageAccounts is not part of Microsoft.Web sites/config 2020-12-01 however it is under Microsoft.Web sites 2020-12-01 SiteConfig property. This may be the reason accessKey wasn't found, wasn't uploaded. I would move azureStorageAccounts under siteConfig

Creating a internal standard load balancer with HA ports in Azure

I am trying to create a internal standard load balancer in Azure with HA ports using ARM template . I am getting below validation error.
{
"code": "InvalidTemplateDeployment",
"details": [
{
"code": "PortValueIsOutOfRange",
"message": "Resource DC10TESTCPW01 has invalid value of Port (0). The value must be between 1 and 65535.",
"details": []
}
],
"message": "The template deployment 'Microsoft.Template-20210524012843' is not valid according to the validation procedure. The tracking id is '585f5d57-4423-47a8-a45d-4a0e371b47c2'. See inner errors for details."
}

Sample:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"adminUsername": {
"type": "string",
"metadata": {
"description": "Admin username"
}
},
"adminPassword": {
"type": "securestring",
"metadata": {
"description": "Admin password"
}
},
"vmNamePrefix": {
"type": "string",
"defaultValue": "BackendVM",
"metadata": {
"description": "Prefix to use for VM names"
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
},
"vmSize": {
"type": "string",
"defaultValue": "Standard_DS1_V2",
"metadata": {
"description": "Size of the virtual machines"
}
}
},
"variables": {
"availabilitySetName": "AvSet",
"storageAccountType": "Standard_LRS",
"storageAccountName": "[uniqueString(resourceGroup().id)]",
"virtualNetworkName": "vNet",
"subnetName": "backendSubnet",
"loadBalancerName": "ilb",
"networkInterfaceName": "nic",
"subnetRef": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworkName'), variables('subnetName'))]",
"numberOfInstances": 2
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2019-06-01",
"name": "[variables('storageAccountName')]",
"location": "[parameters('location')]",
"sku": {
"name": "[variables('storageAccountType')]"
},
"kind": "StorageV2"
},
{
"type": "Microsoft.Compute/availabilitySets",
"apiVersion": "2020-06-01",
"name": "[variables('availabilitySetName')]",
"location": "[parameters('location')]",
"sku": {
"name": "Aligned"
},
"properties": {
"PlatformUpdateDomainCount": 2,
"PlatformFaultDomainCount": 2
}
},
{
"type": "Microsoft.Network/virtualNetworks",
"apiVersion": "2020-06-01",
"name": "[variables('virtualNetworkName')]",
"location": "[parameters('location')]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"10.0.0.0/16"
]
},
"subnets": [
{
"name": "[variables('subnetName')]",
"properties": {
"addressPrefix": "10.0.2.0/24"
}
}
]
}
},
{
"type": "Microsoft.Network/networkInterfaces",
"apiVersion": "2020-06-01",
"name": "[concat(variables('networkInterfaceName'), copyindex())]",
"location": "[parameters('location')]",
"copy": {
"name": "nicLoop",
"count": "[variables('numberOfInstances')]"
},
"dependsOn": [
"[variables('virtualNetworkName')]",
"[variables('loadBalancerName')]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"subnet": {
"id": "[variables('subnetRef')]"
},
"loadBalancerBackendAddressPools": [
{
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools', variables('loadBalancerName'), 'BackendPool1')]"
}
]
}
}
]
}
},
{
"type": "Microsoft.Network/loadBalancers",
"apiVersion": "2020-06-01",
"name": "[variables('loadBalancerName')]",
"location": "[parameters('location')]",
"sku": {
"name": "Standard"
},
"dependsOn": [
"[variables('virtualNetworkName')]"
],
"properties": {
"frontendIPConfigurations": [
{
"properties": {
"subnet": {
"id": "[variables('subnetRef')]"
},
"privateIPAddress": "10.0.2.6",
"privateIPAllocationMethod": "Static"
},
"name": "LoadBalancerFrontend"
}
],
"backendAddressPools": [
{
"name": "BackendPool1"
}
],
"loadBalancingRules": [
{
"properties": {
"frontendIPConfiguration": {
"id": "[resourceId('Microsoft.Network/loadBalancers/frontendIpConfigurations', variables('loadBalancerName'), 'LoadBalancerFrontend')]"
},
"backendAddressPool": {
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools', variables('loadBalancerName'), 'BackendPool1')]"
},
"probe": {
"id": "[resourceId('Microsoft.Network/loadBalancers/probes', variables('loadBalancerName'), 'lbprobe')]"
},
"protocol": "Tcp",
"frontendPort": 80,
"backendPort": 80,
"idleTimeoutInMinutes": 15
},
"Name": "lbrule"
}
],
"probes": [
{
"properties": {
"protocol": "Tcp",
"port": 80,
"intervalInSeconds": 15,
"numberOfProbes": 2
},
"name": "lbprobe"
}
]
}
},
{
"type": "Microsoft.Compute/virtualMachines",
"apiVersion": "2020-06-01",
"name": "[concat(parameters('vmNamePrefix'), copyindex())]",
"location": "[parameters('location')]",
"copy": {
"name": "virtualMachineLoop",
"count": "[variables('numberOfInstances')]"
},
"dependsOn": [
"[variables('storageAccountName')]",
"nicLoop",
"[variables('availabilitySetName')]"
],
"properties": {
"availabilitySet": {
"id": "[resourceId('Microsoft.Compute/availabilitySets',variables('availabilitySetName'))]"
},
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[concat(parameters('vmNamePrefix'), copyIndex())]",
"adminUsername": "[parameters('adminUsername')]",
"adminPassword": "[parameters('adminPassword')]"
},
"storageProfile": {
"imageReference": {
"publisher": "MicrosoftWindowsServer",
"offer": "WindowsServer",
"sku": "2019-Datacenter",
"version": "latest"
},
"osDisk": {
"createOption": "FromImage"
}
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('networkInterfaceName'), copyindex()))]"
}
]
},
"diagnosticsProfile": {
"bootDiagnostics": {
"enabled": true,
"storageUri": "[reference(variables('storageAccountName')).primaryEndpoints.blob]"
}
}
}
}
]
}
Update with HA:
Configure more than one front-end private IP address for a single
internal Standard Load Balancer resource.
Configure multipleload-balancing rules, where each rule has a single unique front-end IP address selected.
Select the HA ports option, and then set Floating IP to Enabled for all the load-balancing rules.
JSON View:
{
"name": "ilb1",
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1",
"etag": "W/\"<ETAG>\"",
"type": "Microsoft.Network/loadBalancers",
"location": "westeurope",
"tags": {},
"properties": {
"provisioningState": "Succeeded",
"resourceGuid": "<ResourceGuid>",
"frontendIPConfigurations": [
{
"name": "LoadBalancerFrontEnd",
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/frontendIPConfigurations/LoadBalancerFrontEnd",
"etag": "W/\"<ETAG>\"",
"type": "Microsoft.Network/loadBalancers/frontendIPConfigurations",
"properties": {
"provisioningState": "Succeeded",
"privateIPAddress": "10.0.0.6",
"privateIPAllocationMethod": "Static",
"subnet": {
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/virtualNetworks/<RG>-vnet/subnets/default"
},
"loadBalancingRules": [
{
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/loadBalancingRules/rule1"
}
]
}
},
{
"name": "ilbIP2",
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/frontendIPConfigurations/ilbIP2",
"etag": "W/\"<ETAG>\"",
"type": "Microsoft.Network/loadBalancers/frontendIPConfigurations",
"properties": {
"provisioningState": "Succeeded",
"privateIPAddress": "10.0.0.7",
"privateIPAllocationMethod": "Static",
"subnet": {
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/virtualNetworks/<RG>-vnet/subnets/default"
},
"loadBalancingRules": [
{
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/loadBalancingRules/rule2"
}
]
}
}
],
"backendAddressPools": [
{
"name": "poolbackend1",
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/backendAddressPools/poolbackend1",
"etag": "W/\"<ETAG>\"",
"properties": {
"provisioningState": "Succeeded",
"loadBalancingRules": [
{
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/loadBalancingRules/rule1"
},
{
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/loadBalancingRules/rule2"
}
]
},
"type": "Microsoft.Network/loadBalancers/backendAddressPools"
}
],
"loadBalancingRules": [
{
"name": "rule1",
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/loadBalancingRules/rule1",
"etag": "W/\"<ETAG>\"",
"type": "Microsoft.Network/loadBalancers/loadBalancingRules",
"properties": {
"provisioningState": "Succeeded",
"frontendIPConfiguration": {
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/frontendIPConfigurations/LoadBalancerFrontEnd"
},
"frontendPort": 0,
"backendPort": 0,
"enableFloatingIP": true,
"idleTimeoutInMinutes": 4,
"protocol": "All",
"loadDistribution": "SourceIP",
"disableOutboundSnat": true,
"backendAddressPool": {
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/backendAddressPools/poolbackend1"
},
"probe": {
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/probes/Hprobe1"
}
}
},
{
"name": "rule2",
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/loadBalancingRules/rule2",
"etag": "W/\"<ETAG>\"",
"type": "Microsoft.Network/loadBalancers/loadBalancingRules",
"properties": {
"provisioningState": "Succeeded",
"frontendIPConfiguration": {
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/frontendIPConfigurations/ilbIP2"
},
"frontendPort": 0,
"backendPort": 0,
"enableFloatingIP": true,
"idleTimeoutInMinutes": 4,
"protocol": "All",
"loadDistribution": "SourceIP",
"disableOutboundSnat": true,
"backendAddressPool": {
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/backendAddressPools/poolbackend1"
},
"probe": {
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/probes/Hprobe1"
}
}
}
],
"probes": [
{
"name": "Hprobe1",
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/probes/Hprobe1",
"etag": "W/\"<ETAG>\"",
"properties": {
"provisioningState": "Succeeded",
"protocol": "Tcp",
"port": 80,
"intervalInSeconds": 5,
"numberOfProbes": 2,
"loadBalancingRules": [
{
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/loadBalancingRules/rule1"
},
{
"id": "/subscriptions/<SubscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/loadBalancers/ilb1/loadBalancingRules/rule2"
}
]
},
"type": "Microsoft.Network/loadBalancers/probes"
}
],
"inboundNatRules": [],
"inboundNatPools": []
},
"sku": {
"name": "Standard"
}
}
ILB HA Template:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"loadBalancers_ilb1_name": {
"defaultValue": "ilb1",
"type": "String"
},
"virtualNetworks_<RG>_vnet_externalid": {
"defaultValue": "/subscriptions/<subscriptionId>/resourceGroups/<RG>/providers/Microsoft.Network/virtualNetworks/<RG>-vnet",
"type": "String"
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.Network/loadBalancers",
"apiVersion": "2020-11-01",
"name": "[parameters('loadBalancers_ilb1_name')]",
"location": "westeurope",
"dependsOn": [
"[resourceId('Microsoft.Network/loadBalancers/backendAddressPools', parameters('loadBalancers_ilb1_name'), 'poolbackend1')]"
],
"sku": {
"name": "Standard",
"tier": "Regional"
},
"properties": {
"frontendIPConfigurations": [
{
"name": "LoadBalancerFrontEnd",
"properties": {
"privateIPAddress": "10.0.0.6",
"privateIPAllocationMethod": "Static",
"subnet": {
"id": "[concat(parameters('virtualNetworks_<RG>_vnet_externalid'), '/subnets/default')]"
},
"privateIPAddressVersion": "IPv4"
},
"zones": [
"1",
"2",
"3"
]
},
{
"name": "ilbIP2",
"properties": {
"privateIPAddress": "10.0.0.7",
"privateIPAllocationMethod": "Static",
"subnet": {
"id": "[concat(parameters('virtualNetworks_<RG>_vnet_externalid'), '/subnets/default')]"
},
"privateIPAddressVersion": "IPv4"
},
"zones": [
"1",
"2",
"3"
]
}
],
"backendAddressPools": [
{
"name": "poolbackend1",
"properties": {
"loadBalancerBackendAddresses": [
{
"name": "1a959793-169e-4e7f-8711-128f237dbf67",
"properties": {
"ipAddress": "10.0.0.9",
"virtualNetwork": {
"id": "[parameters('virtualNetworks_<RG>_vnet_externalid')]"
}
}
}
]
}
}
],
"loadBalancingRules": [
{
"name": "rule1",
"properties": {
"frontendIPConfiguration": {
"id": "[concat(resourceId('Microsoft.Network/loadBalancers', parameters('loadBalancers_ilb1_name')), '/frontendIPConfigurations/LoadBalancerFrontEnd')]"
},
"frontendPort": 0,
"backendPort": 0,
"enableFloatingIP": true,
"idleTimeoutInMinutes": 4,
"protocol": "All",
"enableTcpReset": false,
"loadDistribution": "SourceIP",
"disableOutboundSnat": true,
"backendAddressPool": {
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools', parameters('loadBalancers_ilb1_name'), 'poolbackend1')]"
},
"probe": {
"id": "[concat(resourceId('Microsoft.Network/loadBalancers', parameters('loadBalancers_ilb1_name')), '/probes/Hprobe1')]"
}
}
},
{
"name": "rule2",
"properties": {
"frontendIPConfiguration": {
"id": "[concat(resourceId('Microsoft.Network/loadBalancers', parameters('loadBalancers_ilb1_name')), '/frontendIPConfigurations/ilbIP2')]"
},
"frontendPort": 0,
"backendPort": 0,
"enableFloatingIP": true,
"idleTimeoutInMinutes": 4,
"protocol": "All",
"enableTcpReset": false,
"loadDistribution": "SourceIP",
"disableOutboundSnat": true,
"backendAddressPool": {
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools', parameters('loadBalancers_ilb1_name'), 'poolbackend1')]"
},
"probe": {
"id": "[concat(resourceId('Microsoft.Network/loadBalancers', parameters('loadBalancers_ilb1_name')), '/probes/Hprobe1')]"
}
}
}
],
"probes": [
{
"name": "Hprobe1",
"properties": {
"protocol": "Tcp",
"port": 80,
"intervalInSeconds": 5,
"numberOfProbes": 2
}
}
],
"inboundNatRules": [],
"outboundRules": [],
"inboundNatPools": []
}
},
{
"type": "Microsoft.Network/loadBalancers/backendAddressPools",
"apiVersion": "2020-11-01",
"name": "[concat(parameters('loadBalancers_ilb1_name'), '/poolbackend1')]",
"dependsOn": [
"[resourceId('Microsoft.Network/loadBalancers', parameters('loadBalancers_ilb1_name'))]"
],
"properties": {
"loadBalancerBackendAddresses": [
{
"name": "1a959793-169e-4e7f-8711-128f237dbf67",
"properties": {
"ipAddress": "10.0.0.9",
"virtualNetwork": {
"id": "[parameters('virtualNetworks_<RG>_vnet_externalid')]"
}
}
}
]
}
}
]
}

Arm template if condition

I am trying to implement if condition for the arm template. Idea is from the parameter to read if it suppose to deploy in prod or nonprod sub and have the subnets predefined. Then deploy storage and add some subnets to the storage account virtual network list.
The following line causing troubles:
"virtualNetworkRules": "[if(equals(parameters('Sub'), 'nonprod'),'variables('nonprodvirtualNetworkSubnets').virtualNetworkRulesCopy', 'variables('prodvirtualNetworkSubnets').virtualNetworkRulesCopy', )]",
All help is much appreciated.
"Parameters": {
"Sub": {
"type": "string",
"defaultValue": "nonprod",
"metadata": {
"description": "Prod or nonprod sub"
}
}
},
"variables": {
"subscriptionId": "[subscription().subscriptionId]",
"resourcegroupName": "[toUpper(concat(parameters('splitSubscriptionName')[0], '-', parameters('splitSubscriptionName')[1], '-', parameters('splitSubscriptionName')[2], '-02-NET-RSG'))]",
"virtualNetworkname": "[toLower(concat(parameters('splitSubscriptionName')[0], '-', parameters('splitSubscriptionName')[1], '-', parameters('splitSubscriptionName')[2], '-02-NET-', parameters('splitSubscriptionName')[3], '-00-net'))]",
"storageAccountType": "Standard_LRS", // "allowedValues": ["Standard_LRS", "Standard_GRS", "Standard_ZRS", "Premium_LRS"]
"blobServicesName": "default",
"VirtualNetworkExternalId": "[concat('/subscriptions/', variables('subscriptionId'), '/resourceGroups/', variables('resourcegroupName'), '/providers/Microsoft.Network/virtualNetworks/', variables('virtualNetworkname'), '/subnets/')]",
"nonprodAllowedSubnets": [
"mngm00-devtest-sub",
"mngm01-devtest-sub",
"mngm02-devtest-sub"
],
"prodAllowedSubnets": [
"mngm00-prod-sub",
"mngm01-prod-sub"
],
"nonprodvirtualNetworkSubnets": {
"copy": [
{
"name": "virtualNetworkRulesCopy",
"count": "[length(variables('nonprodAllowedSubnets'))]",
"input": {
"id": "[concat(variables('VirtualNetworkExternalId'), variables('nonprodAllowedSubnets')[copyIndex('virtualNetworkRulesCopy')])]",
"action": "Allow",
"state": "Succeeded"
}
}
]
},
"prodvirtualNetworkSubnets": {
"copy": [
{
"name": "virtualNetworkRulesCopy",
"count": "[length(variables('prodAllowedSubnets'))]",
"input": {
"id": "[concat(variables('VirtualNetworkExternalId'), variables('prodAllowedSubnets')[copyIndex('virtualNetworkRulesCopy')])]",
"action": "Allow",
"state": "Succeeded"
}
}
]
}
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2019-04-01",
"name": "[parameters('storageAccountName')]",
"location": "[resourceGroup().location]",
"sku": {
"name": "[variables('storageAccountType')]"
},
"kind": "[parameters('storageAccountKind')]",
"properties": {
"accessTier": "[parameters('accessTier')]",
"supportsHttpsTrafficOnly": true,
"allowBlobPublicAccess": false,
"networkAcls": {
"bypass": "AzureServices",
"virtualNetworkRules": "[if(equals(parameters('Sub'), 'nonprod'),'variables('nonprodvirtualNetworkSubnets').virtualNetworkRulesCopy', 'variables('prodvirtualNetworkSubnets').virtualNetworkRulesCopy', )]",
"defaultAction": "Deny"
},
"encryption": {
"services": {
"file": {
"enabled": true
},
"blob": {
"enabled": true
}
},
"keySource": "Microsoft.Storage"
}
}
}
]
}

it should be like this:
[if(equals(parameters('Sub'), 'nonprod'), variables('nonprodvirtualNetworkSubnets').virtualNetworkRulesCopy, variables('prodvirtualNetworkSubnets').virtualNetworkRulesCopy]
so drop ' from your if

Rerunning ARM template cause error

I have a very simple ARM template which spins up an app service plan and a website. When I delete plan or resource group it works fine and creates new plan and website. Following is the template:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"environment": {
"type": "string",
"metadata": {
"comments": "The environment to suffix to distinguish resources in different groups"
}
"allowedValues": ["Test","Uat","Stage"]
},
"planName": {
"type": "string"
},
/*Other Parameters*/
}
},
"variables": {
"planNameFull": /*expression*/,
"siteTestNameFull": /*expression*/,
"appDomainName": /*expression*/
},
"resources": [
{
"comments": "Application Plan (Serverfarm)",
"type": "Microsoft.Web/serverfarms",
"sku": {
"name": "S1",
"tier": "Standard",
"Size": "S1",
"family": "S",
"capacity": "1"
},
"kind": "app",
"name": "[variables('planNameFull')]",
"apiVersion": "2016-09-01",
"location": "[resourceGroup().location]",
"tags": {
"[concat('hidden-related:', resourceGroup().id, '/providers/Microsoft.Web/serverfarms/', variables('planNameFull'))]": "empty",
"displayName": "[variables('planNameFull')]"
},
"properties": {
"name": "[variables('planNameFull')]",
"workerTierName": null,
"adminSiteName": null,
"hostingEnvironmentProfile": null,
"perSiteScaling": false,
"reserved": false,
"targetWorkerCount": 0,
"targetWorkerSizeId": 0
}
},
{
"comments": "Test Web Site",
"type": "Microsoft.Web/sites",
"kind": "app",
"name": "[variables('siteTestNameFull')]",
"apiVersion": "2016-08-01",
"location": "[resourceGroup().location]",
"tags": {
"[concat('hidden-related:', resourceGroup().id, '/providers/Microsoft.Web/serverfarms/', variables('planNameFull'))]": "empty",
"displayName": "[variables('siteTestNameFull')]"
},
"properties": {
"clientAffinityEnabled": true,
"enabled": true,
"hostNameSslStates": [
{
"name:": "[concat(variables('siteTestNameFull') ,'.azurewebsites.net')]",
"sslState": "Disabled",
"hostType": "Standard"
},
{
"name:": "[concat(variables('siteTestNameFull') ,'scm.azurewebsites.net')]",
"sslState": "Disabled",
"hostType": "Repository"
}
],
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms',variables('planNameFull'))]"
},
"dependsOn": [ "[resourceId('Microsoft.Web/serverfarms',variables('planNameFull'))]" ],
"resources": [
{
"comments": "Test Web Site Config.",
"type": "Microsoft.Web/sites/config",
"name": "[concat(variables('siteTestNameFull'),'/web')]",
"apiVersion": "2015-08-01",
"tags": {
"[concat('hidden-related:', resourceGroup().id, '/providers/Microsoft.Web/serverfarms/', variables('planNameFull'))]": "empty",
"description": "[concat('Moula ', variables('siteTestNameFull'),' Settings')]",
"displayName": "[concat(variables('siteTestNameFull'),' App Settings')]"
},
"properties": {
"numberOfWorkers": 1,
"defaultDocuments": [ "index.html" ],
"netFrameworkVersion": "v4.7",
"publishingUsername": "[parameters('webPublishingUser')]",
"publishingPassword": "[parameters('webPublishingPwd')]",
"siteAuthSettings": { "isAadAutoProvisioned": false },
"ipSecurityRestrictions": [
{
"ipAddress": "115.xx.xxx.27",
"subnetMask": null
},
{
"ipAddress": "34.xxx.xx.90",
"subnetMask": null
}
],
"appSettings": {
"WEBSITE_TIME_ZONE": "[parameters('websiteTimezone')]",
"WEBSITE_LOAD_CERTIFICATES": "[parameters('testCertificate')]"
},
"use32BitWorkerProcess": false,
"managedPipelineMode": "Integrated",
"virtualApplications": [
{
"virtualPath": "/",
"physicalPath": "site\\wwwroot",
"preloadEnabled": false,
"vitualDirectories": null
}
],
"loadBalancingRules": [ "LeastRequests" ]
},
"dependsOn": [ "[resourceId('Microsoft.Web/sites',variables('siteTestNameFull'))]" ]
}
]
}
],
"outputs": {
"planId": {
"type": "string",
"value": "[resourceId('Microsoft.Web/serverfarms', variables('planNameFull'))]"
},
"TestAppId": {
"type": "string",
"value": "[resourceId('Microsoft.Web/sites',variables('siteTestNameFull'))]"
}
}
}
My problem is that I want to run this template as VSTS build pipeline step. When I try to run template again without making any changes, it causes following error always:
Template deployment returned the following errors:
1:09:17 PM - Resource Microsoft.Web/sites 'TestWebsite' failed with message '{
"error": {
"code": "InternalServerError",
"message": "There was an unexpected InternalServerError. Please try again later. x-ms-correlation-request-id: 8cd06d54-vvvv-wwww-xxxx-5e55029fc640"
}
}'
What I'm doing wrong?

There are multiple reasons for this type of error. This is the official documenation.
Downtime of either the service you're deploying to in the region you're deploying to.
Downtime of Azure DevOps itself.
The resource type you're trying to deploy isn't yet available in that region.

VMSS extensions in linked ARM template

I have a scale set with 5 extensions. 2 of them are for Service Profiler, to install .net 4.6.1, and for the service profiler agent itself. When I deploy the template with all 5 extensions, due (I think..) to the .net installation requiring a restart of the vm, the template will always result in a status of failed. However, it doesn't seem to have actually failed, as when the vm restarts, it resumes any extensions that haven't finished (again, I think.. Unfortunately, my project isn't in the position to be able to test this infrastructure with an application atm).
So, I have attempted to move the 2 service profiler extensions to a linked template, so the status of the scale set will go to succeeded, and actions after this won't be impacted. (As well as other resources in the template being dependent on the scale set, I assume application deployment from VSTS release manager won't happen if the infrastructure deployment 'failed'.)
So my linked template simply has the scale set resource, but with only the extensions defined:
"resources": [
{
"apiVersion": "2016-03-30",
"type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[variables('vmNodeType0Name')]",
"location": "[resourceGroup().location]",
"properties": {
"virtualMachineProfile": {
"extensionProfile": {
"extensions": [
{
"properties": {
"publisher": "Microsoft.Compute",
"type": "CustomScriptExtension",
"typeHandlerVersion": "1.7",
"autoUpgradeMinorVersion": false,
"settings": {
"fileUris": [ "https://serviceprofiler.azurewebsites.net/content/downloads/InstallNetFx46.ps1" ],
"commandToExecute": "powershell.exe -ExecutionPolicy Unrestricted -File InstallNetFx46.ps1"
},
"forceUpdateTag": "RerunExtension"
},
"name": "CustomScriptExtensionInstallNet46"
},
{
"properties": {
"publisher": "Microsoft.VisualStudio.ServiceProfiler",
"type": "ServiceProfilerAgent",
"typeHandlerVersion": "0.1",
"autoUpgradeMinorVersion": true,
"settings": {
"config": {
"ServiceName": "<nameChanged>",
"CircularEtlBufferMB": 200,
"MonitorSamplingRate": 1.0,
"ProfileSamplingRate": 0.05,
"AgentLogFilter": "Warning",
"ProvideUsageTelemetryData": true,
"EtwMetrics": [
{
"ProviderName": "Microsoft-ServiceFabric-Actors",
"ProviderKeywords": 2,
"ProviderLevel": "Verbose",
"Event": "ActorMethod/Start",
"EventStop": "ActorMethod/Stop",
"Name": "methodName"
},
{
"ProviderName": "Microsoft-ServiceFabric-Actors",
"ProviderKeywords": 4,
"ProviderLevel": "Verbose",
"Event": "ActorSaveState/Start",
"EventStop": "ActorSaveState/Stop",
"Name": "actorType"
},
{
"ProviderName": "<nameChanged>",
"ProviderKeywords": 0,
"ProviderLevel": "Informational",
"Event": "Request/Start",
"EventStop": "Request/Stop",
"Name": "url"
}
],
"Tags": [
{
"Type": "Performance",
"Settings": {
"SampleIntervalInSeconds": "5",
"SamplesToConsider": "6",
"Triggers": [
{
"Name": "High CPU",
"Description": "High CPU usage",
"PerfCounter": "Processor Information\\% Processor Time\\_Total",
"Operator": ">",
"Metric": "70"
},
{
"Name": "Busy Disk",
"Description": "High disk usage",
"PerfCounter": "PhysicalDisk\\% Disk Time\\_Total",
"Operator": ">",
"Metric": "10"
},
{
"Name": "Memory Pressure",
"Description": "High memory usage",
"PerfCounter": "Memory\\Available MBytes",
"Operator": "<",
"Metric": "400"
},
{
"Name": "High GC",
"Description": "High GC time",
"PerfCounter": ".NET CLR Memory\\% Time in GC\\_Global_",
"Operator": ">",
"Metric": "10"
}
]
}
},
{
"Type": "Version",
"Settings": {
"Source": {
"Type": "ServiceFabric"
}
}
}
]
}
},
"protectedSettings": {
"storageAccountName": "[variables('applicationDiagnosticsStorageAccountName')]",
"storageAccountKey": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('applicationDiagnosticsStorageAccountName')),'2015-05-01-preview').key1]",
"storageAccountEndPoint": "https://core.windows.net/"
}
},
"name": "ServiceProfilerAgent"
}
]
}
}
}
However, I get this error message:
"message": "{\r\n \"error\": {\r\n \"code\": \"OperationNotAllowed\",\r\n \"message\": \"VM Scale Set extensions of handler 'Microsoft.Azure.ServiceFabric.ServiceFabricNode' can be deleted only at the time of VM Scale Set deletion.\"\r\n }\r\n}"
},
Seems kind of strange considering I'm not trying to delete anything. And ofc there is literally nothing, as far as I can tell, in the documentation about extensions in linked templates, or anywhere else...
Is this even supported? Or should I just leave it in 1 template?
Any help would be great!

the error message about deleting extensions is because the extension list is applied as a whole, so if you don't have the two original extensions (from the main template) it will think you are deleting them. I.e. you'd need to include all 4 extensions in the list.
The suggestion in the comments of using a custom image with .Net installed is a good one. Another option for getting information on to the machine is to use the customData property - though it probably won't help this specific case.
There are some requests to create a platform image with latest .Net installed (I'm wondering whether any of the marketplace images already have this), and I think we should do it.

Here is my full scale set resource, with all extensions in the single template. It originally didn't work, but it does now...
{
"apiVersion": "[variables('vmssApiVersion')]",
"type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[parameters('vmNodeType0Name')]",
"location": "[variables('computeLocation')]",
"tags": {
"resourceType": "node",
"environmentName": "[parameters('prefix')]",
"displayName": "[parameters('vmNodeType0DisplayName')]"
},
"dependsOn": [
"storageLoop",
"[variables('lbID0')]",
"[concat('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]",
"[concat('Microsoft.Storage/storageAccounts/', variables('supportLogStorageAccountName'))]",
"[concat('Microsoft.Storage/storageAccounts/', variables('applicationDiagnosticsStorageAccountName'))]",
"[concat('Microsoft.Automation/automationAccounts/', parameters('automationAccountName'))]",
"[concat('Microsoft.Automation/automationAccounts/', parameters('automationAccountName'),'/Modules/',variables('dscModules').xNetworking.ModuleName)]",
"[concat('Microsoft.Automation/automationAccounts/', parameters('automationAccountName'),'/Configurations/', parameters('configurationName'))]"
],
"properties": {
"overprovision": "[parameters('overProvision')]",
"upgradePolicy": {
"mode": "Automatic"
},
"virtualMachineProfile": {
"extensionProfile": {
"extensions": [
{
"properties": {
"publisher": "Microsoft.Compute",
"type": "CustomScriptExtension",
"typeHandlerVersion": "1.7",
"autoUpgradeMinorVersion": false,
"settings": {
"fileUris": [ "https://serviceprofiler.azurewebsites.net/content/downloads/InstallNetFx46.ps1" ],
"commandToExecute": "powershell.exe -ExecutionPolicy Unrestricted -File InstallNetFx46.ps1"
},
"forceUpdateTag": "RerunExtension"
},
"name": "CustomScriptExtensionInstallNet46"
},
{
"properties": {
"publisher": "Microsoft.VisualStudio.ServiceProfiler",
"type": "ServiceProfilerAgent",
"typeHandlerVersion": "0.1",
"autoUpgradeMinorVersion": true,
"settings": {
"config": {
"ServiceName": "<nameChanged>",
"CircularEtlBufferMB": 200,
"MonitorSamplingRate": 1.0,
"ProfileSamplingRate": 0.05,
"AgentLogFilter": "Warning",
"ProvideUsageTelemetryData": true,
"EtwMetrics": [
{
"ProviderName": "Microsoft-ServiceFabric-Actors",
"ProviderKeywords": 2,
"ProviderLevel": "Verbose",
"Event": "ActorMethod/Start",
"EventStop": "ActorMethod/Stop",
"Name": "methodName"
},
{
"ProviderName": "Microsoft-ServiceFabric-Actors",
"ProviderKeywords": 4,
"ProviderLevel": "Verbose",
"Event": "ActorSaveState/Start",
"EventStop": "ActorSaveState/Stop",
"Name": "actorType"
},
{
"ProviderName": "<nameChanged>",
"ProviderKeywords": 0,
"ProviderLevel": "Informational",
"Event": "Request/Start",
"EventStop": "Request/Stop",
"Name": "url"
}
],
"Tags": [
{
"Type": "Performance",
"Settings": {
"SampleIntervalInSeconds": "5",
"SamplesToConsider": "6",
"Triggers": [
{
"Name": "High CPU",
"Description": "High CPU usage",
"PerfCounter": "Processor Information\\% Processor Time\\_Total",
"Operator": ">",
"Metric": "70"
},
{
"Name": "Busy Disk",
"Description": "High disk usage",
"PerfCounter": "PhysicalDisk\\% Disk Time\\_Total",
"Operator": ">",
"Metric": "10"
},
{
"Name": "Memory Pressure",
"Description": "High memory usage",
"PerfCounter": "Memory\\Available MBytes",
"Operator": "<",
"Metric": "400"
},
{
"Name": "High GC",
"Description": "High GC time",
"PerfCounter": ".NET CLR Memory\\% Time in GC\\_Global_",
"Operator": ">",
"Metric": "10"
}
]
}
},
{
"Type": "Version",
"Settings": {
"Source": {
"Type": "ServiceFabric"
}
}
}
]
}
},
"protectedSettings": {
"storageAccountName": "[variables('applicationDiagnosticsStorageAccountName')]",
"storageAccountKey": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('applicationDiagnosticsStorageAccountName')),'2015-05-01-preview').key1]",
"storageAccountEndPoint": "https://core.windows.net/"
}
},
"name": "ServiceProfilerAgent"
},
{
"name": "[concat(parameters('vmNodeType0Name'),'_ServiceFabricNode')]",
"properties": {
"type": "ServiceFabricNode",
"autoUpgradeMinorVersion": false,
"protectedSettings": {
"StorageAccountKey1": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('supportLogStorageAccountName')),'2015-05-01-preview').key1]",
"StorageAccountKey2": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('supportLogStorageAccountName')),'2015-05-01-preview').key2]"
},
"publisher": "Microsoft.Azure.ServiceFabric",
"settings": {
"clusterEndpoint": "[reference(parameters('clusterName')).clusterEndpoint]",
"nodeTypeRef": "[parameters('vmNodeType0Name')]",
"dataPath": "D:\\\\SvcFab",
"durabilityLevel": "Bronze",
"certificate": {
"thumbprint": "[parameters('certificateThumbprint')]",
"x509StoreName": "[parameters('certificateStoreValue')]"
}
},
"typeHandlerVersion": "1.0"
}
},
{
"name": "[concat('VMDiagnosticsVmExt','_vmNodeType0Name')]",
"properties": {
"type": "IaaSDiagnostics",
"autoUpgradeMinorVersion": true,
"protectedSettings": {
"storageAccountName": "[variables('applicationDiagnosticsStorageAccountName')]",
"storageAccountKey": "[listkeys(variables('accountid'), '2015-05-01-preview').key1]",
"storageAccountEndPoint": "https://core.windows.net/"
},
"publisher": "Microsoft.Azure.Diagnostics",
"settings": {
"WadCfg": {
"DiagnosticMonitorConfiguration": {
"overallQuotaInMB": "50000",
"EtwProviders": {
"EtwEventSourceProviderConfiguration": [
{
"provider": "Microsoft-ServiceFabric-Actors",
"scheduledTransferKeywordFilter": "1",
"scheduledTransferPeriod": "PT5M",
"DefaultEvents": {
"eventDestination": "ServiceFabricReliableActorEventTable"
}
},
{
"provider": "Microsoft-ServiceFabric-Services",
"scheduledTransferPeriod": "PT5M",
"DefaultEvents": {
"eventDestination": "ServiceFabricReliableServiceEventTable"
}
}
],
"EtwManifestProviderConfiguration": [
{
"provider": "cbd93bc2-71e5-4566-b3a7-595d8eeca6e8",
"scheduledTransferLogLevelFilter": "Information",
"scheduledTransferKeywordFilter": "4611686018427387904",
"scheduledTransferPeriod": "PT5M",
"DefaultEvents": {
"eventDestination": "ServiceFabricSystemEventTable"
}
}
]
}
}
},
"StorageAccount": "[variables('applicationDiagnosticsStorageAccountName')]"
},
"typeHandlerVersion": "1.5"
}
},
{
"name": "Microsoft.Powershell.DSC",
"properties": {
"publisher": "Microsoft.Powershell",
"type": "DSC",
"typeHandlerVersion": "2.17",
"autoUpgradeMinorVersion": true,
"protectedSettings": {
"Items": {
"registrationKeyPrivate": "[parameters('registrationKey')]"
}
},
"settings": {
"WmfVersion": "latest",
"ModulesUrl": "https://raw.github.com/Azure/azure-quickstart-templates/master/201-vmss-automation-dsc/UpdateLCMforAAPull.zip",
"SasToken": "[parameters('_artifactsLocationSasToken')]",
"ConfigurationFunction": "UpdateLCMforAAPull.ps1\\ConfigureLCMforAAPull",
"Properties": [
{
"Name": "RegistrationKey",
"Value": {
"UserName": "[parameters('adminUserName')]",
"Password": "PrivateSettingsRef:registrationKeyPrivate"
},
"TypeName": "System.Management.Automation.PSCredential"
},
{
"Name": "RegistrationUrl",
"Value": "[parameters('registrationUrl')]",
"TypeName": "System.String"
},
{
"Name": "NodeConfigurationName",
"Value": "[parameters('nodeConfigurationName')]",
"TypeName": "System.String"
},
{
"Name": "ConfigurationMode",
"Value": "[parameters('configurationMode')]",
"TypeName": "System.String"
},
{
"Name": "ConfigurationModeFrequencyMins",
"Value": "[parameters('configurationModeFrequencyMins')]",
"TypeName": "System.Int32"
},
{
"Name": "RefreshFrequencyMins",
"Value": "[parameters('refreshFrequencyMins')]",
"TypeName": "System.Int32"
},
{
"Name": "RebootNodeIfNeeded",
"Value": "[parameters('rebootNodeIfNeeded')]",
"TypeName": "System.Boolean"
},
{
"Name": "ActionAfterReboot",
"Value": "[parameters('actionAfterReboot')]",
"TypeName": "System.String"
},
{
"Name": "AllowModuleOverwrite",
"Value": "[parameters('allowModuleOverwrite')]",
"TypeName": "System.Boolean"
},
{
"Name": "Timestamp",
"Value": "[parameters('timestamp')]",
"TypeName": "System.String"
}
]
}
}
}
]
},
"networkProfile": {
"networkInterfaceConfigurations": [
{
"name": "[concat(variables('nicName'), '-0')]",
"properties": {
"ipConfigurations": [
{
"name": "[concat(variables('nicName'),'-',0)]",
"properties": {
"loadBalancerBackendAddressPools": [
{
"id": "[variables('lbPoolID0')]"
}
],
"loadBalancerInboundNatPools": [
{
"id": "[variables('lbNatPoolID0')]"
}
],
"subnet": {
"id": "[variables('subnet0Ref')]"
}
}
}
],
"primary": true
}
}
]
},
"osProfile": {
"adminPassword": "[parameters('adminPassword')]",
"adminUsername": "[parameters('adminUsername')]",
"computernamePrefix": "[parameters('vmNodeType0Name')]",
"secrets": [
{
"sourceVault": {
"id": "[parameters('sourceVaultValue')]"
},
"vaultCertificates": [
{
"certificateStore": "[parameters('certificateStoreValue')]",
"certificateUrl": "[parameters('certificateUrlValue')]"
}
]
}
]
},
"storageProfile": {
"imageReference": {
"publisher": "[parameters('vmImagePublisher')]",
"offer": "[parameters('vmImageOffer')]",
"sku": "[parameters('vmImageSku')]",
"version": "[parameters('vmImageVersion')]"
},
"osDisk": {
"vhdContainers": [
"[concat('https://', variables('uniqueStringArray')[0], '.blob.core.windows.net/', parameters('vmStorageAccountContainerNameType0'))]",
"[concat('https://', variables('uniqueStringArray')[1], '.blob.core.windows.net/', parameters('vmStorageAccountContainerNameType0'))]",
"[concat('https://', variables('uniqueStringArray')[2], '.blob.core.windows.net/', parameters('vmStorageAccountContainerNameType0'))]",
"[concat('https://', variables('uniqueStringArray')[3], '.blob.core.windows.net/', parameters('vmStorageAccountContainerNameType0'))]",
"[concat('https://', variables('uniqueStringArray')[4], '.blob.core.windows.net/', parameters('vmStorageAccountContainerNameType0'))]"
],
"name": "vmssosdisk",
"caching": "ReadOnly",
"createOption": "FromImage"
}
}
}
},
"sku": {
"name": "[parameters('vmNodeType0Size')]",
"capacity": "5",
"tier": "Standard"
}
}

Resources