I have been tasked with backing up certain files the exist on a Linux VM in azure to an azure backup vault.
I'm following the follwing documentation :-
http://azure.microsoft.com/en-gb/documentation/articles/backup-configure-vault/
However i can't see a backp agent for a linux box?
Am i missing something?
T
I don't believe there's a backup agent for Linux. You would use your standard backup/restore strategy here, for example rsync if it's just files or Bacula for something else. However, if the files absolutely need to be in the vault (say, because there are Windows Server VMs that need to use them) then I would suggest you use Azure Files to get the files out of Linux, then back them up from the Windows VMs. You can of course scp them, or use other methods. HTH.
This is what I had to do in a CentOS VM (credit goes to this serverfault answer).
Install the agent in the VM via SSH terminal:
wget https://raw.githubusercontent.com/Azure/WALinuxAgent/WALinuxAgent-2.0.12/waagent
chmod +x waagent
sudo cp waagent /usr/sbin
sudo /usr/sbin/waagent -install -verbose
sudo service waagent restart
Then I had to run the following cmdlets in an Azure PowerShell window, in order to flag the agent as installed:
$vm = Get-AzureVM -ServiceName 'myAzureServiceName' -Name 'myAzureVMName'
$vm.GetInstance().ProvisionGuestAgent = $true
Update-AzureVM -ServiceName 'myAzureServiceName' –Name 'myAzureVMName' -VM $vm.VM
Related
I am trying to use Add-AzVMSshPublicKey cmdlet to update ssh key on existing Azure linux VM , command executed without an issue but key hasnt been updated on server.
Is there any other way available where i can able to achieve OR any Azure cli command to do same ?
The Add-AzVMSshPublicKey cmdlet is used to add the public keys for SSH for a virtual machine, when only creating the VM. If you use the command with Update-AzVM, the command will error. So it does not use to add the keys after VM is created.
The following example updates the SSH key for the user azureuser on the VM named myVM.
az vm user update \
--resource-group myResourceGroup \
--name myVM \
--username azureuser \
--ssh-key-value ~/.ssh/id_rsa.pub
You can use the above CLI commands to append the new public key text to the ~/.ssh/authorized_keys file for the admin user on the VM. This does not replace or remove any existing SSH keys. You can SSH into that VM to remove the old public key if you would like to remove it.
Read Manage administrative users, SSH, and check or repair disks on Linux VMs using the VMAccess Extension with the Azure CLI for more details.
Alternatively, you can reset the SSH key from the Azure portal---> reset password.
I'm running a set of powerCLI scripts from Ubuntu to connect to VCenter do a bunch of configuration changes. Every script is invoked via SSH, so it is connecting and disconnecting to the VCenter everytime. This is rather time consuming, is it possible to setup powerCLI/powershell environment to connect to a VCenter automatically? Or, maintain a session of a powerCLI/powershell so remote connections can re-use it? One possibility is to use "screen" command to share the session, but i'm hoping someone has a more elegant idea.
You can use PowerCLI6.5.1 to do most of what you are asking. Install
from the PowerShell gallery.
Find the Module
Find-Module -Name VMware.PowerCLI
Install
Install-Module -Name VMware.PowerCLI –Scope CurrentUser
if you run into an error during installation I fixed it with AllowClobber "-AllowClobber" command
Import-Module VMware.PowerCLI
A couple of examples
Connect-VIServer "Server" -SessionId $sessionId
Connect to a server and save the session ID - $serverObject.SessionId You will be able to restore a existing server connection.
Connect-VIServer "Server" -User user -Password pass -SaveCredentials
Will save the credentials to the credential store. That way you can reuse them and they are encrypted.
See here for more info
https://blogs.vmware.com/PowerCLI/2017/04/powercli-install-process-powershell-gallery.html
How you add SSL Cert to an existing azure Linux VM from Azure Key vault. for windows we use the following command
$vaultId=(Get-AzureRmKeyVault -ResourceGroupName $resourceGroup -VaultName $keyVaultName).ResourceId
$vm = Add-AzureRmVMSecret -VM $vm -SourceVaultId $vaultId -CertificateStore "My" -CertificateUrl $certURL
Is there a similar one like this for linux vm? Is there a link similar to this for linux Secure IIS web server with SSL certificates on a Windows virtual machine in Azure
You could use Azure Cli to do this. Using following command.
secret=$(az keyvault secret list-versions \
--vault-name $keyvault_name \
--name mycert \
--query "[?attributes.enabled].id" --output tsv)
vm_secret=$(az vm format-secret --secret "$secret")
az vm update -n shui -g shuikeyvault --set osProfile.secrets="$vm_secret"
Then the certificate stores on /var/lib/waagent, you could use Azure Custom Script to use it.
Note: You should use "$vm_secret", I test in my lab, only $vm_secret does not work for me.
ssh-copy-id -i ~/.ssh/id_rsa.pub aht#myserver. But if you have rights to the VM but not the original key, you want to use azure vm reset-access to do so. It is in fact documented as a standalone ability:
help: -M, --ssh-key-file path to public key PEM file or SSH Public key file for SSH authentication (valid only when os-type is "Linux")
of course, it doesn't say what ELSE should happen here in order to ADD the key I provide to the currently running VM I'm targeting. But the result needs to be that if I specify a user that already exists, and there's a key already there, this one needs to be added to the directory.
You'll note that in Azure/azure-linux-extensions#295, https://github.com/Azure/azure-linux-extensions/issues/295 believes that using azure vm set-extensions ,then reset-access is broken.
Update a Key Vault for use with VMs
Set the deployment policy on an existing key vault with az keyvault update. The following updates the key vault named myKeyVault in the myResourceGroup resource group:
Azure CLI
Copy
az keyvault update -n myKeyVault -g myResourceGroup --set properties.enabledForDeployment=true
I want to reset admin password for my Azure VM running Windows deployed through ARM.
Reset VM password deployed with ARM.
Download and install Azure CLI https://azure.microsoft.com/en-us/documentation/articles/xplat-cli-install/
Open command line and enter the following command:C:\Program Files (x86)\Microsoft SDKs\Azure\CLI\wbin>azure login
Follow the instruction provided by command line
Select the Azure Subscription from which you want to reset the password for VM, Run command: Azure account set "Subscription Name" .
Run the command: azure vm reset-access -g [Resource Group name] -n [VMname] -u[username] -p[newPassword].(don’t use square bracket while forming command ).Make sure you don’t have VmExtension installed for Microsoft.Compute.VMAccessAgent handler.
I've tried absolutely everything I can think of to do a SSH reset of my user on my Linux VM (Hortonworks Sandbox to be precise).
The VMAccessForLinux will not install, it simply states that it fails to provision:
I've tried adding it as 1.*,1.1, 1.2 and now 1.4 as per https://github.com/Azure/azure-content/blob/master/articles/virtual-machines/virtual-machines-troubleshoot-ssh-connections.md
I can't access my SSH, and I can't do any of the Azure reset commands, either using Azure CLI or Azure PS.
The VM is a RM vm.
How can I resolve this?
In PS I get errors like:
I'm beyond tearing my hair out.
And before anyone suggest that I use the portal, this is what I'm offered there (thanks Azure):
I can't say if this is a universal fix, but I managed to resolve this issue, by using the following in the Azure CLI:
$ azure vm reset-access -n {VMNAME} -g {GROUPNAME} \
-u {SSH_USER} -p {SSH_PASS} -E 1.4 -vv --json
It did NOT work for my original user on the box though; I created ANOTHER user, and from there I did a password reset with a sudo on the box, then I could SSH into the box from that user.
Firstly, can you go through the instructions here if you've not already. The VM extension has changed recently and that is the latest doc to go through: https://azure.microsoft.com/en-us/blog/using-vmaccess-extension-to-reset-login-credentials-for-linux-vm/.
EDIT #1
Glad to see you resolved it by creating a new user with reset-access.
If azure vm reset-access should fail, the next step would have been to download this tool which can allow you to inspect the VHD when not logged onto the VM: https://github.com/paulmey/inspect-azure-vhd - and inspect Waagent log is /var/log/waagent.log (You can see extension updates here) and
extension.log in /var/log/azure/.