I am working on DevOps In that I am started the working Cross Browser Testing by Following bellow link
https://blogs.msdn.microsoft.com/mvpawardprogram/2017/02/14/cross-browser-automate-test/
whenever I am queue the build it will be successes only for the first time but whenever I restarted my VM(Virtual machine) and connected to it then it gives the below exception.
Can you please tell me how to resolve the above issue and
If you create a VM via the portal you do not get a prompt for the DNS.
So, VSTS when it deploys for the first time, it installs WINRM and as
part of this process installs a SSL Cert based on the address of the
server. So, if by the time you deploy and you've NOT subsequently
gone in and input the DNS of your VM in the Public IP resource, it
will use the IP address as the CN for the SSL Cert.
This is not an issue if you do not (a) shutdown your VM OR (B) use a
static IP but is an issue if you (c) do shutdown your VM OR (d) use a
dynamic IP. (c) & (d) describes our usage.
So, what we did is to automate the creation of the VM and added
dnsSettings property to the ARM template template.json and supplied
the DNS at runtime time via an inline parameter value:
{
"name": "[parameters('publicIpAddressName')]",
"type": "Microsoft.Network/publicIpAddresses",
"apiVersion": "2016-09-01",
"location": "[parameters('location')]",
"properties": {
"publicIpAllocationMethod": "[parameters('publicIpAddressType')]",
"dnsSettings" : {
"domainNameLabel" : "[parameters('virtualMachineName')]"
}
}
},
More information, you can refer to this thread: The SSL certificate contains a common name (CN) that does not match the hostname
Related
I have my web app running on Azure with scale out to have multiple instances.
I can get the list instances name using the Management API of Azure as below
https://management.azure.com/subscriptions/"SubscriptionID"/resourceGroups/"ResournceGroupName"/providers/Microsoft.Web/sites/"sitename"/instances?api-version=2018-02-01
This API provides me the below information
"value": [
{
"id": "/subscriptions/subscriptionid/resourceGroups/websitename/providers/Microsoft.Web/sites/websitename/instances/instancename",
"name": "68e9f48782245c3a112318 INSTANCE NAME ac97aa9f0b55a4b0eb7a0",
"type": "Microsoft.Web/sites/instances",
"location": "UK West",
"properties": {
"name": "68e9f48782245c3a112318 INSTANCE NAME ac97aa9f0b55a4b0eb7a0",
"siteInstanceName": "68e9f48782245c3a112318 INSTANCE NAME ac97aa9f0b55a4b0eb7a0"
}
I wanted to know the IP address of each instance. Can any one please help me how can i get that.
You can't know beforehand which IP address a given app instance will
use to make the outbound connection
So, unfortunately, you just can know the possible outbound IP addresses and not the exact IP address. The inbound IP address may also change when you perform some actions. But you can get a static inbound IP address if you configure an IP-based SSL binding. See Get static inbound IP.
You can retrieve the possible IP list of the scaled instances in Azure Portal. Find the possibilities of retrieving the IP of scaled instances here.
I have an Azure Load Balancer in front of a Azure VM Scale Set (VMSS). I also have a NAT pool configured on the Load Balancer like the following:
{
"name": "InstanceInputEndpointNatPool",
"properties": {
"backendPort": 10000,
"frontendIPConfiguration": {
"id": "[concat(resourceId('Microsoft.Network/loadBalancers', variables('loadBalancers_01_name')), '/frontendIPConfigurations/LoadBalancerIPConfig')]"
},
"frontendPortRangeStart": 10100,
"frontendPortRangeEnd": 10500,
"protocol": "Tcp"
}
}
Essentially, for each VM in the VMSS, the load balancer forwards a request received at DNSName:PORT(between 10100-10500) to one of the VMs:10000(same backend port).
Is it possible to retrieve the PORT assigned to this VM, programmatically in C#, for a program running on that VM? This would help me directly target that VM port.
You may refer the article and find the code on GitHub link.
Today, I found I cannot remote into my Azure VM scale set instances (win 2016 Nano Server). I then tried restart the VM scale set instance using powershell but got following like error:
Restart-AzureRmVmss : Long running operation failed with status 'Failed'. Additional Info:'VM 'master-vmss_0' has not
reported status for VM agent or extensions. Please verify the VM has a running VM agent, and can establish outbound
connections to Azure storage.'
ErrorCode: VMAgentStatusCommunicationError
ErrorMessage: VM 'master-vmss_0' has not reported status for VM agent or extensions. Please verify the VM has a
running VM agent, and can establish outbound connections to Azure storage.
Our VM scale sets has been running correctly for nearly one year. What happened on VMSS? Did Azure make changes on VMSS recently?
Update with NSG outbound rule:
{
"name": "AllowVnetOutBound",
"properties": {
"provisioningState": "Succeeded",
"description": "Allow outbound traffic from all VMs to all VMs in VNET",
"access": "Allow",
"priority": 65000,
"direction": "Outbound",
}
},
{
"name": "AllowInternetOutBound",
"properties": {
"provisioningState": "Succeeded",
"description": "Allow outbound traffic from all VMs to Internet",
"access": "Allow",
"priority": 65001,
"direction": "Outbound",
}
},
{
"name": "DenyAllOutBound",
"etag": "W/\"a8e5e396-4f92-4118-b8ea-9b7d0111079f\"",
"properties": {
"provisioningState": "Succeeded",
"description": "Deny all outbound traffic",
"access": "Deny",
"priority": 65500,
"direction": "Outbound",
}
}
Check Network Security Group is blocking outbound connectivity from your VM?
VM Agent and Extensions are updated
If HTTPS is blocked to this storage account then you will get this error message. More information here http://www.deployazure.com/compute/virtual-machines/azure-vm-agent-extensions-deep-dive-part-3/
Our VM scale sets has been running correctly for nearly one year. What
happened on VMSS? Did Azure make changes on VMSS recently?
Recently, there are some maintenance in Azure, update host OS to windows server 2016. We can find the maintenance information in Azure portal, like this:
In your scenario, maybe we can create a new VM in VMSS' vnet, then use that VM to remote the VMSS instance, to check the VM agent status.
If the VM agent status is down, we should start it.
Update:
Recently you experienced an issue with starting VM failure after planned maintenance VM reboot. This is due to container fault issue in the backend.
Our backend engineer has checked the faulted tenant and applied mitigation. Can you try to restart the VMss again? If that does not work, please create a support ticket to Azure.
Again, sorry for all the inconvenience caused for you.
I am trying to configure an alternate remote desktop port (other than the default 3389) for an Azure Resource Manager Virtual Machine (the new kind, not the legacy Classic one).
I know how to do it for the Classic kind (via Endpoints), but I can not find an option like that for the new Resource Manager one.
The furthest I got was discovering that I can manipulate the rules for the Network Security Group associated to the VM, but I don't see an option there to map a specific public port to the 3389 private port for that given VM.
Any ideas?
Many thanks!
I think below sample template is what you are looking for
https://github.com/Azure/azure-quickstart-templates/blob/master/101-vm-with-rdp-port
Quote from above sample
"rdpPort": {
"type": "int",
"defaultValue": 50001,
"metadata": {
"description": "Public port number for RDP"
}
}
I'm a long time developer but not very experienced with DNS. Here's my problem:
Our app launches servers on Amazon EC2 for clients. One client wants to use custom DNS's for every server launched instead of the normal long public DNS provided by AWS: for example server-5.demo.ourclient.com, server-6.demo.ourclient.com.
What's the easiest/cleanest/best way to solve this challenge from inside our application that launches the servers and knows the Amazon public DNS? We can probably get control of demo.ourclient.com as well....
Are there nice hosted solutions with API's? Would we need to manage a DNS server for *.demo.ourclient.com?
Thanks!
Chad
Even better would be to use Route53, which is Amazon's Dynamic DNS service: http://aws.amazon.com/documentation/route53/
You could try one of the dynamic dns services. These allow you to define your own host names such as machine1.dyndns.org and attach that to an IP address. There are scripts you can run to update the dyndns resolver with the dynamic IP address provided by EC2.
I don't really understand why your client wouldn't either use an Elastic IP here, or an Elastic Load Balancer?
With an Elastic IP, you can keep a consistent name on your public DNS record and then manually or programmatically update the EC2 instance associated with that EIP whenever necessary using the elb API scripts.
With an Elastic Load Balancer, you could easily have just one active node attached to the ELB, and then could programmatically drop/add nodes and update Route53 accordingly.
You could use the internal machine's API to get the values (Instance ID, etc.) for these calls in a boostrap script.
This code gets your ip, and then sets it in route53. You have to provide the variables DOMAIN and HOSTED_ZONE_ID. You could run this at start up. If you don't want to rely on ifconfig.co, instead do
DOMAIN="desired.domain.com"
HOSTED_ZONE_ID="..."
# ANYWHERE, but relies on ifconfig.co
MYIP=$(curl -s ifconfig.co)
# ON EC2:
MYIP=$(curl -s curl 169.254.169.254/latest/meta-data/public-ipv4)
# create json to send to route53
cat > /tmp/actual_ip.json <<EOF
{
"Comment": "Update the A record set",
"Changes": [
{
"Action": "UPSERT",
"ResourceRecordSet": {
"Name": "$DOMAIN",
"Type": "A",
"TTL": 300,
"ResourceRecords": [
{
"Value": "$MYIP"
}
]
}
}
]
}
EOF
# update the dns entry
if ! /usr/local/bin/aws route53 change-resource-record-sets --hosted-zone-id $HOSTED_ZONE_ID --change-batch file:///tmp/actual_ip.json; then
echo "error calling aws $?"
fi