From 585633b25bba54fc91f6d0f7650e21a265520d52 Mon Sep 17 00:00:00 2001 From: vmarcella Date: Tue, 19 Dec 2023 21:38:42 +0000 Subject: [PATCH 01/46] [update] authentication for the pipeline. --- .github/workflows/scenario-testing.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/scenario-testing.yaml b/.github/workflows/scenario-testing.yaml index fc4828c9..84744889 100644 --- a/.github/workflows/scenario-testing.yaml +++ b/.github/workflows/scenario-testing.yaml @@ -9,7 +9,9 @@ on: branches: - main workflow_dispatch: - +permissions: + id-token: write + contents: read jobs: test-ocd-scenarios: runs-on: ubuntu-latest @@ -20,9 +22,11 @@ jobs: make build-all make test-all - name: Sign into Azure - uses: azure/actions/login@v1 + uses: azure/login@v1 with: - creds: ${{ secrets.AZURE_CREDENTIALS }} + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTION }} - name: Run all one click deployment scenarios. uses: azure/CLI@v1 if: github.event_name != 'pull_request' From 0908b3681cfe7328bc09ad3e3acf4c601cf04c32 Mon Sep 17 00:00:00 2001 From: vmarcella Date: Tue, 19 Dec 2023 21:53:18 +0000 Subject: [PATCH 02/46] [update] pipeline environment for allowing any branch to run the scenario tests. --- .github/workflows/scenario-testing.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/scenario-testing.yaml b/.github/workflows/scenario-testing.yaml index 84744889..9e6a648b 100644 --- a/.github/workflows/scenario-testing.yaml +++ b/.github/workflows/scenario-testing.yaml @@ -15,6 +15,7 @@ permissions: jobs: test-ocd-scenarios: runs-on: ubuntu-latest + environment: Production steps: - uses: actions/checkout@v2 - name: Build all targets. From 4f687a267ab6ce0c3c4d57573bc5cf20eeac2aa1 Mon Sep 17 00:00:00 2001 From: vmarcella Date: Tue, 19 Dec 2023 21:59:57 +0000 Subject: [PATCH 03/46] [add] comment around the environment addition. --- .github/workflows/scenario-testing.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/scenario-testing.yaml b/.github/workflows/scenario-testing.yaml index 9e6a648b..73242dd6 100644 --- a/.github/workflows/scenario-testing.yaml +++ b/.github/workflows/scenario-testing.yaml @@ -15,6 +15,8 @@ permissions: jobs: test-ocd-scenarios: runs-on: ubuntu-latest + # This is needed in order to obtain OIDC tokens to sign this pipeline into + # the testing subscription for any branch in this repository. environment: Production steps: - uses: actions/checkout@v2 From 4335e8813ae9ce6c65e15cfdb09873cb6321fb94 Mon Sep 17 00:00:00 2001 From: vmarcella Date: Tue, 19 Dec 2023 22:06:42 +0000 Subject: [PATCH 04/46] [update] environment name. --- .github/workflows/scenario-testing.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/scenario-testing.yaml b/.github/workflows/scenario-testing.yaml index 73242dd6..14a24bc4 100644 --- a/.github/workflows/scenario-testing.yaml +++ b/.github/workflows/scenario-testing.yaml @@ -15,9 +15,9 @@ permissions: jobs: test-ocd-scenarios: runs-on: ubuntu-latest - # This is needed in order to obtain OIDC tokens to sign this pipeline into + # This is needed in order to obtain OIDC tokens to sign this pipeline into # the testing subscription for any branch in this repository. - environment: Production + environment: ScenarioTesting steps: - uses: actions/checkout@v2 - name: Build all targets. From 897dcd278aac0fb1f26d02e009a45e18c1751ea5 Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Thu, 23 Nov 2023 16:01:11 +0000 Subject: [PATCH 05/46] VMSS Scanerio update --- .../ocd/CreateVMSSwithAppGWLinux/README.md | 120 ++++++++++++++++++ 1 file changed, 120 insertions(+) create mode 100644 scenarios/ocd/CreateVMSSwithAppGWLinux/README.md diff --git a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md new file mode 100644 index 00000000..c20bf4e4 --- /dev/null +++ b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md @@ -0,0 +1,120 @@ +# Create a Linux VM and SSH On Azure + +## Define Environment Variables + +The First step in this tutorial is to define environment variables. + +```bash +export RANDOM_ID="$(openssl rand -hex 3)" +export MY_RESOURCE_GROUP_NAME="myVMResourceGroup$RANDOM_ID" +export REGION=EastUS +export MY_VM_NAME="myVM$RANDOM_ID" +export MY_USERNAME=azureuser +export MY_VM_IMAGE="Canonical:0001-com-ubuntu-minimal-jammy:minimal-22_04-lts-gen2:latest" +``` + +# Login to Azure using the CLI + +In order to run commands against Azure using the CLI you need to login. This is done, very simply, though the `az login` command: + +# Create a resource group + +A resource group is a container for related resources. All resources must be placed in a resource group. We will create one for this tutorial. The following command creates a resource group with the previously defined $MY_RESOURCE_GROUP_NAME and $REGION parameters. + +```bash +az group create --name $MY_RESOURCE_GROUP_NAME --location $REGION +``` + +Results: + + +```json +{ + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMResourceGroup", + "location": "eastus", + "managedBy": null, + "name": "myVMResourceGroup", + "properties": { + "provisioningState": "Succeeded" + }, + "tags": null, + "type": "Microsoft.Resources/resourceGroups" +} +``` + +## Create the Virtual Machine + +To create a VM in this resource group we need to run a simple command, here we have provided the `--generate-ssh-keys` flag, this will cause the CLI to look for an avialable ssh key in `~/.ssh`, if one is found it will be used, otherwise one will be generated and stored in `~/.ssh`. We also provide the `--public-ip-sku Standard` flag to ensure that the machine is accessible via a public IP. Finally, we are deploying the latest `Ubuntu 22.04` image. + +All other values are configured using environment variables. + +```bash +az vm create \ + --resource-group $MY_RESOURCE_GROUP_NAME \ + --name $MY_VM_NAME \ + --image $MY_VM_IMAGE \ + --admin-username $MY_USERNAME \ + --assign-identity \ + --generate-ssh-keys \ + --public-ip-sku Standard +``` + +Results: + + +```json +{ + "fqdns": "", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM", + "location": "eastus", + "macAddress": "00-0D-3A-10-4F-70", + "powerState": "VM running", + "privateIpAddress": "10.0.0.4", + "publicIpAddress": "52.147.208.85", + "resourceGroup": "myVMResourceGroup", + "zones": "" +} +``` + +### Enable Azure AD login for a Linux Virtual Machine in Azure + +The following example has deploys a Linux VM and then installs the extension to enable Azure AD login for a Linux VM. VM extensions are small applications that provide post-deployment configuration and automation tasks on Azure virtual machines. + +```bash +az vm extension set \ + --publisher Microsoft.Azure.ActiveDirectory \ + --name AADSSHLoginForLinux \ + --resource-group $MY_RESOURCE_GROUP_NAME \ + --vm-name $MY_VM_NAME +``` + +# Store IP Address of VM in order to SSH +run the following command to get the IP Address of the VM and store it as an environment variable + +```bash +export IP_ADDRESS=$(az vm show --show-details --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_VM_NAME --query publicIps --output tsv) +``` + +# SSH Into VM + + + + + +You can now SSH into the VM by running the output of the following command in your ssh client of choice + +```bash +ssh -o StrictHostKeyChecking=no $MY_USERNAME@$IP_ADDRESS +``` + +# Next Steps + +* [VM Documentation](https://learn.microsoft.com/en-us/azure/virtual-machines/) +* [Use Cloud-Init to initialize a Linux VM on first boot](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-automate-vm-deployment) +* [Create custom VM images](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-custom-images) +* [Load Balance VMs](https://learn.microsoft.com/en-us/azure/load-balancer/quickstart-load-balancer-standard-public-cli) \ No newline at end of file From 3a41e28d60c72c1baaf5dea050f1bfa4d5237110 Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Thu, 23 Nov 2023 16:19:32 +0000 Subject: [PATCH 06/46] VMSS Scanerio update --- .../ocd/CreateVMSSwithAppGWLinux/README.md | 20 +++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md index c20bf4e4..3a640f1a 100644 --- a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md +++ b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md @@ -1,18 +1,30 @@ -# Create a Linux VM and SSH On Azure +# Create a Virtual Machine Scale Set with Application Gateway with Linux image ## Define Environment Variables The First step in this tutorial is to define environment variables. ```bash + export RANDOM_ID="$(openssl rand -hex 3)" -export MY_RESOURCE_GROUP_NAME="myVMResourceGroup$RANDOM_ID" +export MY_RESOURCE_GROUP_NAME="myVMSSResourceGroup$RANDOM_ID" export REGION=EastUS -export MY_VM_NAME="myVM$RANDOM_ID" +export MY_VMSS_NAME="myVMSS$RANDOM_ID" export MY_USERNAME=azureuser export MY_VM_IMAGE="Canonical:0001-com-ubuntu-minimal-jammy:minimal-22_04-lts-gen2:latest" -``` + +export MY_VNET_NAME="myVNet$RANDOM_ID" +export NETWORK_PREFIX="$(($RANDOM % 254 + 1))" +export MY_VNET_PREFIX="10.$NETWORK_PREFIX.0.0/16" +export MY_VM_SN_NAME="myVMSN$RANDOM_ID" +export MY_VM_SN_PREFIX="10.$NETWORK_PREFIX.0.0/24" +export MY_APPGWSN_NAME="myAPPGWSN$RANDOM_ID" +export MY_APPGWSN_PREFIX="10.$NETWORK_PREFIX.1.0/24" +export MY_APPGW_NAME="myAPPGW$RANDOM_ID" +export MY_APPGW_BACKENDPOOL_NAME="myAPPGWBackendpool$RANDOM_ID" + +``` # Login to Azure using the CLI In order to run commands against Azure using the CLI you need to login. This is done, very simply, though the `az login` command: From 604f03248817c4bdb71ca381654e93cdbcd26c4f Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Mon, 4 Dec 2023 17:07:55 +0000 Subject: [PATCH 07/46] VMSS updates --- .../ocd/CreateVMSSwithAppGWLinux/README.md | 64 ++++++++++++------- 1 file changed, 41 insertions(+), 23 deletions(-) diff --git a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md index 3a640f1a..8533fd07 100644 --- a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md +++ b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md @@ -42,10 +42,10 @@ Results: ```json { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMResourceGroup", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx", "location": "eastus", "managedBy": null, - "name": "myVMResourceGroup", + "name": "myVMSSResourceGroupxxxxxx", "properties": { "provisioningState": "Succeeded" }, @@ -54,40 +54,58 @@ Results: } ``` -## Create the Virtual Machine +## Create Network Resources -To create a VM in this resource group we need to run a simple command, here we have provided the `--generate-ssh-keys` flag, this will cause the CLI to look for an avialable ssh key in `~/.ssh`, if one is found it will be used, otherwise one will be generated and stored in `~/.ssh`. We also provide the `--public-ip-sku Standard` flag to ensure that the machine is accessible via a public IP. Finally, we are deploying the latest `Ubuntu 22.04` image. +You need to create network resources before you proceed the VMSS steps. In this step you're going to create a VNET, 2 subnets 1 for Application Gateway and 1 for VMs. You also need to have a public IP to attach your Application Gateway to be able to reach your web application from internet. -All other values are configured using environment variables. + +# Create network resources ```bash -az vm create \ - --resource-group $MY_RESOURCE_GROUP_NAME \ - --name $MY_VM_NAME \ - --image $MY_VM_IMAGE \ - --admin-username $MY_USERNAME \ - --assign-identity \ - --generate-ssh-keys \ - --public-ip-sku Standard +az network vnet create --name $MY_VNET_NAME --resource-group $MY_RESOURCE_GROUP_NAME --location $REGION --address-prefix $MY_VNET_PREFIX --subnet-name $MY_VM_SN_NAME --subnet-prefix $MY_VM_SN_PREFIX ``` Results: -```json +```json { - "fqdns": "", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM", - "location": "eastus", - "macAddress": "00-0D-3A-10-4F-70", - "powerState": "VM running", - "privateIpAddress": "10.0.0.4", - "publicIpAddress": "52.147.208.85", - "resourceGroup": "myVMResourceGroup", - "zones": "" + "newVNet": { + "addressSpace": { + "addressPrefixes": [ + "10.X.0.0/16" + ] + }, + "enableDdosProtection": false, + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx", + "location": "eastus", + "name": "myVNetxxxxxx", + "provisioningState": "Succeeded", + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "resourceGuid": "f00034be-612e-4462-a711-93d0bb263e46", + "subnets": [ + { + "addressPrefix": "10.66.0.0/24", + "delegations": [], + "etag": "W/\"578bda48-b14b-4246-ab8e-0db6e1238695\"", + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", + "name": "myVMSN3a43e4", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Enabled", + "provisioningState": "Succeeded", + "resourceGroup": "myVMSSResourceGroup3a43e4", + "type": "Microsoft.Network/virtualNetworks/subnets" + } + ], + "type": "Microsoft.Network/virtualNetworks", + "virtualNetworkPeerings": [] + } } ``` + + ### Enable Azure AD login for a Linux Virtual Machine in Azure The following example has deploys a Linux VM and then installs the extension to enable Azure AD login for a Linux VM. VM extensions are small applications that provide post-deployment configuration and automation tasks on Azure virtual machines. From d8486a1a348bf9b42ebdd153b6762f69b321d205 Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Mon, 4 Dec 2023 17:12:23 +0000 Subject: [PATCH 08/46] VMSS updates --- scenarios/ocd/CreateVMSSwithAppGWLinux/README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md index 8533fd07..d36c190b 100644 --- a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md +++ b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md @@ -86,15 +86,15 @@ Results: "resourceGuid": "f00034be-612e-4462-a711-93d0bb263e46", "subnets": [ { - "addressPrefix": "10.66.0.0/24", + "addressPrefix": "10.X.0.0/24", "delegations": [], - "etag": "W/\"578bda48-b14b-4246-ab8e-0db6e1238695\"", - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", - "name": "myVMSN3a43e4", + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myVMSNxxxxxx", + "name": "myVMSNxxxxxx", "privateEndpointNetworkPolicies": "Disabled", "privateLinkServiceNetworkPolicies": "Enabled", "provisioningState": "Succeeded", - "resourceGroup": "myVMSSResourceGroup3a43e4", + "resourceGroup": "myVMSSResourceGroupxxxxxx", "type": "Microsoft.Network/virtualNetworks/subnets" } ], From cdf50c0b952cd0a02439a2d1fc613dc35f97baec Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Mon, 4 Dec 2023 17:18:59 +0000 Subject: [PATCH 09/46] VMSS updates --- scenarios/ocd/CreateVMSSwithAppGWLinux/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md index d36c190b..d4d44154 100644 --- a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md +++ b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md @@ -54,12 +54,12 @@ Results: } ``` -## Create Network Resources +# Create Network Resources You need to create network resources before you proceed the VMSS steps. In this step you're going to create a VNET, 2 subnets 1 for Application Gateway and 1 for VMs. You also need to have a public IP to attach your Application Gateway to be able to reach your web application from internet. -# Create network resources +#### Create Virtual Network (VNET) ```bash az network vnet create --name $MY_VNET_NAME --resource-group $MY_RESOURCE_GROUP_NAME --location $REGION --address-prefix $MY_VNET_PREFIX --subnet-name $MY_VM_SN_NAME --subnet-prefix $MY_VM_SN_PREFIX From 4ce12f9a5b0ea38518e418914036c25d197c933f Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Tue, 5 Dec 2023 12:19:41 +0000 Subject: [PATCH 10/46] VMSS update --- .../ocd/CreateVMSSwithAppGWLinux/README.md | 574 +++++++++++++++++- 1 file changed, 570 insertions(+), 4 deletions(-) diff --git a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md index d4d44154..84d78bed 100644 --- a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md +++ b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md @@ -11,9 +11,7 @@ export MY_RESOURCE_GROUP_NAME="myVMSSResourceGroup$RANDOM_ID" export REGION=EastUS export MY_VMSS_NAME="myVMSS$RANDOM_ID" export MY_USERNAME=azureuser -export MY_VM_IMAGE="Canonical:0001-com-ubuntu-minimal-jammy:minimal-22_04-lts-gen2:latest" - - +export MY_VM_IMAGE="Ubuntu2204" export MY_VNET_NAME="myVNet$RANDOM_ID" export NETWORK_PREFIX="$(($RANDOM % 254 + 1))" export MY_VNET_PREFIX="10.$NETWORK_PREFIX.0.0/16" @@ -59,7 +57,7 @@ Results: You need to create network resources before you proceed the VMSS steps. In this step you're going to create a VNET, 2 subnets 1 for Application Gateway and 1 for VMs. You also need to have a public IP to attach your Application Gateway to be able to reach your web application from internet. -#### Create Virtual Network (VNET) +#### Create Virtual Network (VNET) and VM Subnet ```bash az network vnet create --name $MY_VNET_NAME --resource-group $MY_RESOURCE_GROUP_NAME --location $REGION --address-prefix $MY_VNET_PREFIX --subnet-name $MY_VM_SN_NAME --subnet-prefix $MY_VM_SN_PREFIX @@ -104,6 +102,574 @@ Results: } ``` +### Create Application Gateway Resources + +```bash +az network vnet subnet create --name $MY_APPGW_SN_NAME --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --address-prefix $MY_APPGW_SN_PREFIX -o JSON +``` + +Results: + + +```json +{ + "addressPrefix": "10.66.1.0/24", + "delegations": [], + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myAPPGWSNxxxxxx", + "name": "myAPPGWSNxxxxxx", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Enabled", + "provisioningState": "Succeeded", + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/virtualNetworks/subnets" +} +``` + + +```bash +az network public-ip create --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --sku Standard --location $REGION --allocation-method static --version IPv4 --zone 1 2 3 -o JSON + ``` + +Results: + + +```json +{ + "publicIp": { + "ddosSettings": { + "protectionMode": "VirtualNetworkInherited" + }, + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/publicIPAddresses//myAPPGWPublicIPxxxxxx", + "idleTimeoutInMinutes": 4, + "ipAddress": "X.X.X.X", + "ipTags": [], + "location": "eastus", + "name": "/myAPPGWPublicIPxxxxxx", + "provisioningState": "Succeeded", + "publicIPAddressVersion": "IPv4", + "publicIPAllocationMethod": "Static", + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "resourceGuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", + "sku": { + "name": "Standard", + "tier": "Regional" + }, + "type": "Microsoft.Network/publicIPAddresses", + "zones": [ + "1", + "2", + "3" + ] + } +} +``` + +```bash +az network application-gateway create --name $MY_APPGW_NAME --location $REGION --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --subnet $MY_APPGW_SN_NAME --capacity 2 --sku Standard_v2 --http-settings-cookie-based-affinity Disabled --frontend-port 80 --http-settings-port 80 --http-settings-protocol Http --public-ip-address $MY_APPGW_PUBLIC_IP_NAME --priority 1001 -o JSON + ``` + + +```json +{ + "applicationGateway": { + "backendAddressPools": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendAddressPools/appGatewayBackendPool", + "name": "appGatewayBackendPool", + "properties": { + "backendAddresses": [], + "provisioningState": "Succeeded", + "requestRoutingRules": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ] + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/backendAddressPools" + } + ], + "backendHttpSettingsCollection": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendHttpSettingsCollection/appGatewayBackendHttpSettings", + "name": "appGatewayBackendHttpSettings", + "properties": { + "connectionDraining": { + "drainTimeoutInSec": 1, + "enabled": false + }, + "cookieBasedAffinity": "Disabled", + "pickHostNameFromBackendAddress": false, + "port": 80, + "protocol": "Http", + "provisioningState": "Succeeded", + "requestRoutingRules": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ], + "requestTimeout": 30 + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/backendHttpSettingsCollection" + } + ], + "backendSettingsCollection": [], + "frontendIPConfigurations": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendIPConfigurations/appGatewayFrontendIP", + "name": "appGatewayFrontendIP", + "properties": { + "httpListeners": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ], + "privateIPAllocationMethod": "Dynamic", + "provisioningState": "Succeeded", + "publicIPAddress": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/publicIPAddresses/myAPPGWPublicIPxxxxxx", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/frontendIPConfigurations" + } + ], + "frontendPorts": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendPorts/appGatewayFrontendPort", + "name": "appGatewayFrontendPort", + "properties": { + "httpListeners": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ], + "port": 80, + "provisioningState": "Succeeded" + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/frontendPorts" + } + ], + "gatewayIPConfigurations": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/gatewayIPConfigurations/appGatewayFrontendIP", + "name": "appGatewayFrontendIP", + "properties": { + "provisioningState": "Succeeded", + "subnet": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myAPPGWSNxxxxxx", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/gatewayIPConfigurations" + } + ], + "httpListeners": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", + "name": "appGatewayHttpListener", + "properties": { + "frontendIPConfiguration": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendIPConfigurations/appGatewayFrontendIP", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "frontendPort": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendPorts/appGatewayFrontendPort", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "hostNames": [], + "protocol": "Http", + "provisioningState": "Succeeded", + "requestRoutingRules": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ], + "requireServerNameIndication": false + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/httpListeners" + } + ], + "listeners": [], + "loadDistributionPolicies": [], + "operationalState": "Running", + "privateEndpointConnections": [], + "privateLinkConfigurations": [], + "probes": [], + "provisioningState": "Succeeded", + "redirectConfigurations": [], + "requestRoutingRules": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", + "name": "rule1", + "properties": { + "backendAddressPool": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "backendHttpSettings": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendHttpSettingsCollection/appGatewayBackendHttpSettings", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "httpListener": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "priority": 1001, + "provisioningState": "Succeeded", + "ruleType": "Basic" + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/requestRoutingRules" + } + ], + "resourceGuid": "d6da1e9a-9d53-4292-bda5-3883963034ff", + "rewriteRuleSets": [], + "routingRules": [], + "sku": { + "capacity": 2, + "family": "Generation_1", + "name": "Standard_v2", + "tier": "Standard_v2" + }, + "sslCertificates": [], + "sslProfiles": [], + "trustedClientCertificates": [], + "trustedRootCertificates": [], + "urlPathMaps": [] + } +} + ``` + + + + +```bash + az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --instance-count 2 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON + ``` + +Results: + + +```json +{ + "vmss": { + "doNotRunExtensionsOnOverprovisionedVMs": false, + "orchestrationMode": "Uniform", + "overprovision": true, + "provisioningState": "Succeeded", + "singlePlacementGroup": true, + "timeCreated": "2023-12-04T16:10:30.5546744+00:00", + "uniqueId": "ae68f82c-54f3-4263-8252-7f25f1b276bb", + "upgradePolicy": { + "mode": "Automatic", + "rollingUpgradePolicy": { + "maxBatchInstancePercent": 20, + "maxSurge": false, + "maxUnhealthyInstancePercent": 20, + "maxUnhealthyUpgradedInstancePercent": 20, + "pauseTimeBetweenBatches": "PT0S", + "rollbackFailedInstancesOnPolicyBreach": false + } + }, + "virtualMachineProfile": { + "networkProfile": { + "networkInterfaceConfigurations": [ + { + "name": "myvms0ce7Nic", + "properties": { + "disableTcpStateTracking": false, + "dnsSettings": { + "dnsServers": [] + }, + "enableAcceleratedNetworking": false, + "enableIPForwarding": false, + "ipConfigurations": [ + { + "name": "myvms0ce7IPConfig", + "properties": { + "applicationGatewayBackendAddressPools": [ + { + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroup3a43e4" + } + ], + "privateIPAddressVersion": "IPv4", + "subnet": { + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", + "resourceGroup": "myVMSSResourceGroup3a43e4" + } + } + } + ], + "primary": true + } + } + ] + }, + "osProfile": { + "adminUsername": "azureuser", + "allowExtensionOperations": true, + "computerNamePrefix": "myvms0ce7", + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "enableVMAgentPlatformUpdates": false, + "provisionVMAgent": true, + "ssh": { + "publicKeys": [ + { + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDChUiONFSUdk5nk00XeujLNIfdijKwBR/cqAqAw8xa57BlI22Azntp625scK9Gpze9wFNj/bPDS29+PZXOaEjVljYHU/tgcbcvHR0sNUNoAvMPHRfSN2WebDUCDHK1hBQxPwiI4OWTbpYRm/E2deGe5gUpBoaA1AwOZVs1+6Z6unHOkhslqLJmNW+Rb8YUtRnbL3XZLUOwyPSkNMgARiMb+QWq0W2V6TtD+rM2pMVIf/D21PdHLsTBQ+DC0DeUyBlgGiueqijGcD0zmE6N6nAu2ps7sO+zxmnP37zbIRbwEHfdpQkPwnx42REgZ7ep/K9gnwWzSk1uIrxrSGypPqUV", + "path": "/home/azureuser/.ssh/authorized_keys" + } + ] + } + }, + "requireGuestProvisionSignal": true, + "secrets": [] + }, + "storageProfile": { + "diskControllerType": "SCSI", + "imageReference": { + "offer": "0001-com-ubuntu-minimal-jammy", + "publisher": "Canonical", + "sku": "minimal-22_04-lts-gen2", + "version": "latest" + }, + "osDisk": { + "caching": "ReadWrite", + "createOption": "FromImage", + "diskSizeGB": 30, + "managedDisk": { + "storageAccountType": "Premium_LRS" + }, + "osType": "Linux" + } + }, + "timeCreated": "2023-12-04T16:10:30.5546744+00:00" + } + } +} +``` + + +```bash +az vmss extension set --publisher Microsoft.Azure.Extensions --version 2.0 --name CustomScript --resource-group $MY_RESOURCE_GROUP_NAME --vmss-name $MY_VMSS_NAME --settings '{ "fileUris": ["https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh"], "commandToExecute": "./automate_nginx.sh" }' -o JSON +``` + +Results: + + +```json +{ + "additionalCapabilities": null, + "automaticRepairsPolicy": null, + "constrainedMaximumCapacity": null, + "doNotRunExtensionsOnOverprovisionedVMs": false, + "extendedLocation": null, + "hostGroup": null, + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSS3a43e4", + "identity": null, + "location": "eastus", + "name": "myVMSS3a43e4", + "orchestrationMode": "Uniform", + "overprovision": true, + "plan": null, + "platformFaultDomainCount": null, + "priorityMixPolicy": null, + "provisioningState": "Succeeded", + "proximityPlacementGroup": null, + "resourceGroup": "myVMSSResourceGroup3a43e4", + "scaleInPolicy": null, + "singlePlacementGroup": true, + "sku": { + "capacity": 2, + "name": "Standard_DS2_v2", + "tier": "Standard" + }, + "spotRestorePolicy": null, + "tags": {}, + "timeCreated": "2023-12-04T16:10:30.554674+00:00", + "type": "Microsoft.Compute/virtualMachineScaleSets", + "uniqueId": "ae68f82c-54f3-4263-8252-7f25f1b276bb", + "upgradePolicy": { + "automaticOsUpgradePolicy": null, + "mode": "Automatic", + "rollingUpgradePolicy": { + "enableCrossZoneUpgrade": null, + "maxBatchInstancePercent": 20, + "maxSurge": false, + "maxUnhealthyInstancePercent": 20, + "maxUnhealthyUpgradedInstancePercent": 20, + "pauseTimeBetweenBatches": "PT0S", + "prioritizeUnhealthyInstances": null, + "rollbackFailedInstancesOnPolicyBreach": false + } + }, + "virtualMachineProfile": { + "applicationProfile": null, + "billingProfile": null, + "capacityReservation": null, + "diagnosticsProfile": null, + "evictionPolicy": null, + "extensionProfile": { + "extensions": [ + { + "autoUpgradeMinorVersion": true, + "enableAutomaticUpgrade": null, + "forceUpdateTag": null, + "id": null, + "name": "CustomScript", + "protectedSettings": null, + "protectedSettingsFromKeyVault": null, + "provisionAfterExtensions": null, + "provisioningState": null, + "publisher": "Microsoft.Azure.Extensions", + "settings": { + "commandToExecute": "./automate_nginx.sh", + "fileUris": [ + "https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh" + ] + }, + "suppressFailures": null, + "type": null, + "typeHandlerVersion": "2.0", + "typePropertiesType": "CustomScript" + } + ], + "extensionsTimeBudget": null + }, + "hardwareProfile": null, + "licenseType": null, + "networkProfile": { + "healthProbe": null, + "networkApiVersion": null, + "networkInterfaceConfigurations": [ + { + "deleteOption": null, + "disableTcpStateTracking": false, + "dnsSettings": { + "dnsServers": [] + }, + "enableAcceleratedNetworking": false, + "enableFpga": null, + "enableIpForwarding": false, + "ipConfigurations": [ + { + "applicationGatewayBackendAddressPools": [ + { + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroup3a43e4" + } + ], + "applicationSecurityGroups": null, + "loadBalancerBackendAddressPools": null, + "loadBalancerInboundNatPools": null, + "name": "myvms0ce7IPConfig", + "primary": null, + "privateIpAddressVersion": "IPv4", + "publicIpAddressConfiguration": null, + "subnet": { + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", + "resourceGroup": "myVMSSResourceGroup3a43e4" + } + } + ], + "name": "myvms0ce7Nic", + "networkSecurityGroup": null, + "primary": true + } + ] + }, + "osProfile": { + "adminPassword": null, + "adminUsername": "azureuser", + "allowExtensionOperations": true, + "computerNamePrefix": "myvms0ce7", + "customData": null, + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "enableVmAgentPlatformUpdates": false, + "patchSettings": null, + "provisionVmAgent": true, + "ssh": { + "publicKeys": [ + { + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDChUiONFSUdk5nk00XeujLNIfdijKwBR/cqAqAw8xa57BlI22Azntp625scK9Gpze9wFNj/bPDS29+PZXOaEjVljYHU/tgcbcvHR0sNUNoAvMPHRfSN2WebDUCDHK1hBQxPwiI4OWTbpYRm/E2deGe5gUpBoaA1AwOZVs1+6Z6unHOkhslqLJmNW+Rb8YUtRnbL3XZLUOwyPSkNMgARiMb+QWq0W2V6TtD+rM2pMVIf/D21PdHLsTBQ+DC0DeUyBlgGiueqijGcD0zmE6N6nAu2ps7sO+zxmnP37zbIRbwEHfdpQkPwnx42REgZ7ep/K9gnwWzSk1uIrxrSGypPqUV", + "path": "/home/azureuser/.ssh/authorized_keys" + } + ] + } + }, + "requireGuestProvisionSignal": true, + "secrets": [], + "windowsConfiguration": null + }, + "priority": null, + "scheduledEventsProfile": null, + "securityPostureReference": null, + "securityProfile": null, + "serviceArtifactReference": null, + "storageProfile": { + "dataDisks": null, + "diskControllerType": "SCSI", + "imageReference": { + "communityGalleryImageId": null, + "exactVersion": null, + "id": null, + "offer": "0001-com-ubuntu-minimal-jammy", + "publisher": "Canonical", + "sharedGalleryImageId": null, + "sku": "minimal-22_04-lts-gen2", + "version": "latest" + }, + "osDisk": { + "caching": "ReadWrite", + "createOption": "FromImage", + "deleteOption": null, + "diffDiskSettings": null, + "diskSizeGb": 30, + "image": null, + "managedDisk": { + "diskEncryptionSet": null, + "securityProfile": null, + "storageAccountType": "Premium_LRS" + }, + "name": null, + "osType": "Linux", + "vhdContainers": null, + "writeAcceleratorEnabled": null + } + }, + "userData": null + }, + "zoneBalance": null, + "zones": null +} +``` + + +```bash +az network public-ip show --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --query [ipAddress] --output tsv +``` ### Enable Azure AD login for a Linux Virtual Machine in Azure From 727f7b2890b6106c4195fd48b1724b67b5a99d8c Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Tue, 5 Dec 2023 12:20:54 +0000 Subject: [PATCH 11/46] VMSS update --- .../ocd/CreateVMSSwithAppGWLinux/README.md | 35 ------------------- 1 file changed, 35 deletions(-) diff --git a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md index 84d78bed..af72e683 100644 --- a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md +++ b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md @@ -672,41 +672,6 @@ az network public-ip show --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_AP ``` -### Enable Azure AD login for a Linux Virtual Machine in Azure - -The following example has deploys a Linux VM and then installs the extension to enable Azure AD login for a Linux VM. VM extensions are small applications that provide post-deployment configuration and automation tasks on Azure virtual machines. - -```bash -az vm extension set \ - --publisher Microsoft.Azure.ActiveDirectory \ - --name AADSSHLoginForLinux \ - --resource-group $MY_RESOURCE_GROUP_NAME \ - --vm-name $MY_VM_NAME -``` - -# Store IP Address of VM in order to SSH -run the following command to get the IP Address of the VM and store it as an environment variable - -```bash -export IP_ADDRESS=$(az vm show --show-details --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_VM_NAME --query publicIps --output tsv) -``` - -# SSH Into VM - - - - - -You can now SSH into the VM by running the output of the following command in your ssh client of choice - -```bash -ssh -o StrictHostKeyChecking=no $MY_USERNAME@$IP_ADDRESS -``` # Next Steps From b8911d715ac95041d72e7814e5eddd496529833f Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Tue, 5 Dec 2023 13:12:03 +0000 Subject: [PATCH 12/46] VMSS update --- scenarios/ocd/CreateVMSSwithAppGWLinux/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md index af72e683..fd2a4bbb 100644 --- a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md +++ b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md @@ -17,8 +17,8 @@ export NETWORK_PREFIX="$(($RANDOM % 254 + 1))" export MY_VNET_PREFIX="10.$NETWORK_PREFIX.0.0/16" export MY_VM_SN_NAME="myVMSN$RANDOM_ID" export MY_VM_SN_PREFIX="10.$NETWORK_PREFIX.0.0/24" -export MY_APPGWSN_NAME="myAPPGWSN$RANDOM_ID" -export MY_APPGWSN_PREFIX="10.$NETWORK_PREFIX.1.0/24" +export MY_APPGW_SN_NAME="myAPPGWSN$RANDOM_ID" +export MY_APPGW_SN_PREFIX="10.$NETWORK_PREFIX.1.0/24" export MY_APPGW_NAME="myAPPGW$RANDOM_ID" export MY_APPGW_BACKENDPOOL_NAME="myAPPGWBackendpool$RANDOM_ID" From 3ea4d2a1ecc6a5dcbf51c28a184453db86ee6750 Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Tue, 5 Dec 2023 13:17:39 +0000 Subject: [PATCH 13/46] VMSS update --- scenarios/ocd/CreateVMSSwithAppGWLinux/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md index fd2a4bbb..88a5e3a1 100644 --- a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md +++ b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md @@ -20,7 +20,7 @@ export MY_VM_SN_PREFIX="10.$NETWORK_PREFIX.0.0/24" export MY_APPGW_SN_NAME="myAPPGWSN$RANDOM_ID" export MY_APPGW_SN_PREFIX="10.$NETWORK_PREFIX.1.0/24" export MY_APPGW_NAME="myAPPGW$RANDOM_ID" -export MY_APPGW_BACKENDPOOL_NAME="myAPPGWBackendpool$RANDOM_ID" +export MY_APPGW_PUBLIC_IP_NAME="myAPPGWPublicIP$RANDOM_ID" ``` # Login to Azure using the CLI @@ -32,7 +32,7 @@ In order to run commands against Azure using the CLI you need to login. This is A resource group is a container for related resources. All resources must be placed in a resource group. We will create one for this tutorial. The following command creates a resource group with the previously defined $MY_RESOURCE_GROUP_NAME and $REGION parameters. ```bash -az group create --name $MY_RESOURCE_GROUP_NAME --location $REGION +az group create --name $MY_RESOURCE_GROUP_NAME --location $REGION -o JSON ``` Results: @@ -60,7 +60,7 @@ You need to create network resources before you proceed the VMSS steps. In this #### Create Virtual Network (VNET) and VM Subnet ```bash -az network vnet create --name $MY_VNET_NAME --resource-group $MY_RESOURCE_GROUP_NAME --location $REGION --address-prefix $MY_VNET_PREFIX --subnet-name $MY_VM_SN_NAME --subnet-prefix $MY_VM_SN_PREFIX +az network vnet create --name $MY_VNET_NAME --resource-group $MY_RESOURCE_GROUP_NAME --location $REGION --address-prefix $MY_VNET_PREFIX --subnet-name $MY_VM_SN_NAME --subnet-prefix $MY_VM_SN_PREFIX -o JSON ``` Results: From df5506f54e0c6463290ad9629f0eb38e5d556574 Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Tue, 5 Dec 2023 16:32:37 +0000 Subject: [PATCH 14/46] VMSS updates --- .../ocd/CreateVMSSwithAppGWLinux/README.md | 34 +++++++++++++------ 1 file changed, 24 insertions(+), 10 deletions(-) diff --git a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md index 88a5e3a1..398fbf79 100644 --- a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md +++ b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md @@ -104,6 +104,9 @@ Results: ### Create Application Gateway Resources +Azure Application Gateway requires a dedicated subnet within your virtual network. The below command creates a subnet named $MY_APPGW_SN_NAME with specified address prefix named $MY_APPGW_SN_PREFIX in your VNET $MY_VNET_NAME + + ```bash az network vnet subnet create --name $MY_APPGW_SN_NAME --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --address-prefix $MY_APPGW_SN_PREFIX -o JSON ``` @@ -125,7 +128,7 @@ Results: "type": "Microsoft.Network/virtualNetworks/subnets" } ``` - +The below command creates a standard, zone redundant, static, public IPv4 in your resource group. ```bash az network public-ip create --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --sku Standard --location $REGION --allocation-method static --version IPv4 --zone 1 2 3 -o JSON @@ -166,8 +169,10 @@ Results: } ``` +In this step you create an Application Gateway that you're going to integrate with your Virtual Machine Scale Set. In this example we create a zone redundant Application Gateway with Standard_v2 SKU and enable Http communication for the Application Gateway. The public IP $MY_APPGW_PUBLIC_IP_NAME that we created in previous step attached to the Application Gateway. + ```bash -az network application-gateway create --name $MY_APPGW_NAME --location $REGION --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --subnet $MY_APPGW_SN_NAME --capacity 2 --sku Standard_v2 --http-settings-cookie-based-affinity Disabled --frontend-port 80 --http-settings-port 80 --http-settings-protocol Http --public-ip-address $MY_APPGW_PUBLIC_IP_NAME --priority 1001 -o JSON +az network application-gateway create --name $MY_APPGW_NAME --location $REGION --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --subnet $MY_APPGW_SN_NAME --capacity 2 --zones 1 2 3 --sku Standard_v2 --http-settings-cookie-based-affinity Disabled --frontend-port 80 --http-settings-port 80 --http-settings-protocol Http --public-ip-address $MY_APPGW_PUBLIC_IP_NAME --priority 1001 -o JSON ``` @@ -361,10 +366,12 @@ az network application-gateway create --name $MY_APPGW_NAME --location $REGION ``` +# Create Virtual Machine Scale Set +The below command creates a zone redundant Virtual Machine Scale Set (VMSS) within your resource group $MY_RESOURCE_GROUP_NAME. We integrate the Application Gateway that we created previous step. This command creates 2 Standard_DS2_v2 SKU Virtual Machines in subnet $MY_VM_SN_NAME. ```bash - az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --instance-count 2 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON + az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON ``` Results: @@ -409,13 +416,13 @@ Results: "properties": { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", "resourceGroup": "myVMSSResourceGroup3a43e4" } ], "privateIPAddressVersion": "IPv4", "subnet": { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", "resourceGroup": "myVMSSResourceGroup3a43e4" } } @@ -437,7 +444,7 @@ Results: "ssh": { "publicKeys": [ { - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDChUiONFSUdk5nk00XeujLNIfdijKwBR/cqAqAw8xa57BlI22Azntp625scK9Gpze9wFNj/bPDS29+PZXOaEjVljYHU/tgcbcvHR0sNUNoAvMPHRfSN2WebDUCDHK1hBQxPwiI4OWTbpYRm/E2deGe5gUpBoaA1AwOZVs1+6Z6unHOkhslqLJmNW+Rb8YUtRnbL3XZLUOwyPSkNMgARiMb+QWq0W2V6TtD+rM2pMVIf/D21PdHLsTBQ+DC0DeUyBlgGiueqijGcD0zmE6N6nAu2ps7sO+zxmnP37zbIRbwEHfdpQkPwnx42REgZ7ep/K9gnwWzSk1uIrxrSGypPqUV", + "keyData": "ssh-rsa xxxxxxx", "path": "/home/azureuser/.ssh/authorized_keys" } ] @@ -470,6 +477,10 @@ Results: } ``` +### Install ngnix with VMSS extensions + +The below command uses VMSS extension to run custom script. For testing purposes, here we install ngnix and publish a page that shows the hostname of the Virtual Machine that your HTTP requests hits. We use this custom script for this pusposes : https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh + ```bash az vmss extension set --publisher Microsoft.Azure.Extensions --version 2.0 --name CustomScript --resource-group $MY_RESOURCE_GROUP_NAME --vmss-name $MY_VMSS_NAME --settings '{ "fileUris": ["https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh"], "commandToExecute": "./automate_nginx.sh" }' -o JSON @@ -486,7 +497,7 @@ Results: "doNotRunExtensionsOnOverprovisionedVMs": false, "extendedLocation": null, "hostGroup": null, - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSS3a43e4", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSS3a43e4", "identity": null, "location": "eastus", "name": "myVMSS3a43e4", @@ -576,7 +587,7 @@ Results: { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", "resourceGroup": "myVMSSResourceGroup3a43e4" } ], @@ -588,7 +599,7 @@ Results: "privateIpAddressVersion": "IPv4", "publicIpAddressConfiguration": null, "subnet": { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", "resourceGroup": "myVMSSResourceGroup3a43e4" } } @@ -613,7 +624,7 @@ Results: "ssh": { "publicKeys": [ { - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDChUiONFSUdk5nk00XeujLNIfdijKwBR/cqAqAw8xa57BlI22Azntp625scK9Gpze9wFNj/bPDS29+PZXOaEjVljYHU/tgcbcvHR0sNUNoAvMPHRfSN2WebDUCDHK1hBQxPwiI4OWTbpYRm/E2deGe5gUpBoaA1AwOZVs1+6Z6unHOkhslqLJmNW+Rb8YUtRnbL3XZLUOwyPSkNMgARiMb+QWq0W2V6TtD+rM2pMVIf/D21PdHLsTBQ+DC0DeUyBlgGiueqijGcD0zmE6N6nAu2ps7sO+zxmnP37zbIRbwEHfdpQkPwnx42REgZ7ep/K9gnwWzSk1uIrxrSGypPqUV", + "keyData": "ssh-rsa xxxxxxx", "path": "/home/azureuser/.ssh/authorized_keys" } ] @@ -666,6 +677,9 @@ Results: } ``` +### Test the page + +The below command shows you the public IP of your Application Gateway. You can cpaste the IP adress to a browser page for testing. ```bash az network public-ip show --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --query [ipAddress] --output tsv From 02dc8cdf172830960f4835e77f5c0d47a5245bb3 Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Thu, 14 Dec 2023 10:26:10 +0000 Subject: [PATCH 15/46] VMSS Updates --- scenarios/ocd/CreateVMSSupdated/README.md | 695 ++++++++++++++++++++++ 1 file changed, 695 insertions(+) create mode 100644 scenarios/ocd/CreateVMSSupdated/README.md diff --git a/scenarios/ocd/CreateVMSSupdated/README.md b/scenarios/ocd/CreateVMSSupdated/README.md new file mode 100644 index 00000000..398fbf79 --- /dev/null +++ b/scenarios/ocd/CreateVMSSupdated/README.md @@ -0,0 +1,695 @@ +# Create a Virtual Machine Scale Set with Application Gateway with Linux image + +## Define Environment Variables + +The First step in this tutorial is to define environment variables. + +```bash + +export RANDOM_ID="$(openssl rand -hex 3)" +export MY_RESOURCE_GROUP_NAME="myVMSSResourceGroup$RANDOM_ID" +export REGION=EastUS +export MY_VMSS_NAME="myVMSS$RANDOM_ID" +export MY_USERNAME=azureuser +export MY_VM_IMAGE="Ubuntu2204" +export MY_VNET_NAME="myVNet$RANDOM_ID" +export NETWORK_PREFIX="$(($RANDOM % 254 + 1))" +export MY_VNET_PREFIX="10.$NETWORK_PREFIX.0.0/16" +export MY_VM_SN_NAME="myVMSN$RANDOM_ID" +export MY_VM_SN_PREFIX="10.$NETWORK_PREFIX.0.0/24" +export MY_APPGW_SN_NAME="myAPPGWSN$RANDOM_ID" +export MY_APPGW_SN_PREFIX="10.$NETWORK_PREFIX.1.0/24" +export MY_APPGW_NAME="myAPPGW$RANDOM_ID" +export MY_APPGW_PUBLIC_IP_NAME="myAPPGWPublicIP$RANDOM_ID" + +``` +# Login to Azure using the CLI + +In order to run commands against Azure using the CLI you need to login. This is done, very simply, though the `az login` command: + +# Create a resource group + +A resource group is a container for related resources. All resources must be placed in a resource group. We will create one for this tutorial. The following command creates a resource group with the previously defined $MY_RESOURCE_GROUP_NAME and $REGION parameters. + +```bash +az group create --name $MY_RESOURCE_GROUP_NAME --location $REGION -o JSON +``` + +Results: + + +```json +{ + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx", + "location": "eastus", + "managedBy": null, + "name": "myVMSSResourceGroupxxxxxx", + "properties": { + "provisioningState": "Succeeded" + }, + "tags": null, + "type": "Microsoft.Resources/resourceGroups" +} +``` + +# Create Network Resources + +You need to create network resources before you proceed the VMSS steps. In this step you're going to create a VNET, 2 subnets 1 for Application Gateway and 1 for VMs. You also need to have a public IP to attach your Application Gateway to be able to reach your web application from internet. + + +#### Create Virtual Network (VNET) and VM Subnet + +```bash +az network vnet create --name $MY_VNET_NAME --resource-group $MY_RESOURCE_GROUP_NAME --location $REGION --address-prefix $MY_VNET_PREFIX --subnet-name $MY_VM_SN_NAME --subnet-prefix $MY_VM_SN_PREFIX -o JSON +``` + +Results: + + +```json +{ + "newVNet": { + "addressSpace": { + "addressPrefixes": [ + "10.X.0.0/16" + ] + }, + "enableDdosProtection": false, + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx", + "location": "eastus", + "name": "myVNetxxxxxx", + "provisioningState": "Succeeded", + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "resourceGuid": "f00034be-612e-4462-a711-93d0bb263e46", + "subnets": [ + { + "addressPrefix": "10.X.0.0/24", + "delegations": [], + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myVMSNxxxxxx", + "name": "myVMSNxxxxxx", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Enabled", + "provisioningState": "Succeeded", + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/virtualNetworks/subnets" + } + ], + "type": "Microsoft.Network/virtualNetworks", + "virtualNetworkPeerings": [] + } +} +``` + +### Create Application Gateway Resources + +Azure Application Gateway requires a dedicated subnet within your virtual network. The below command creates a subnet named $MY_APPGW_SN_NAME with specified address prefix named $MY_APPGW_SN_PREFIX in your VNET $MY_VNET_NAME + + +```bash +az network vnet subnet create --name $MY_APPGW_SN_NAME --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --address-prefix $MY_APPGW_SN_PREFIX -o JSON +``` + +Results: + + +```json +{ + "addressPrefix": "10.66.1.0/24", + "delegations": [], + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myAPPGWSNxxxxxx", + "name": "myAPPGWSNxxxxxx", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Enabled", + "provisioningState": "Succeeded", + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/virtualNetworks/subnets" +} +``` +The below command creates a standard, zone redundant, static, public IPv4 in your resource group. + +```bash +az network public-ip create --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --sku Standard --location $REGION --allocation-method static --version IPv4 --zone 1 2 3 -o JSON + ``` + +Results: + + +```json +{ + "publicIp": { + "ddosSettings": { + "protectionMode": "VirtualNetworkInherited" + }, + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/publicIPAddresses//myAPPGWPublicIPxxxxxx", + "idleTimeoutInMinutes": 4, + "ipAddress": "X.X.X.X", + "ipTags": [], + "location": "eastus", + "name": "/myAPPGWPublicIPxxxxxx", + "provisioningState": "Succeeded", + "publicIPAddressVersion": "IPv4", + "publicIPAllocationMethod": "Static", + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "resourceGuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", + "sku": { + "name": "Standard", + "tier": "Regional" + }, + "type": "Microsoft.Network/publicIPAddresses", + "zones": [ + "1", + "2", + "3" + ] + } +} +``` + +In this step you create an Application Gateway that you're going to integrate with your Virtual Machine Scale Set. In this example we create a zone redundant Application Gateway with Standard_v2 SKU and enable Http communication for the Application Gateway. The public IP $MY_APPGW_PUBLIC_IP_NAME that we created in previous step attached to the Application Gateway. + +```bash +az network application-gateway create --name $MY_APPGW_NAME --location $REGION --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --subnet $MY_APPGW_SN_NAME --capacity 2 --zones 1 2 3 --sku Standard_v2 --http-settings-cookie-based-affinity Disabled --frontend-port 80 --http-settings-port 80 --http-settings-protocol Http --public-ip-address $MY_APPGW_PUBLIC_IP_NAME --priority 1001 -o JSON + ``` + + +```json +{ + "applicationGateway": { + "backendAddressPools": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendAddressPools/appGatewayBackendPool", + "name": "appGatewayBackendPool", + "properties": { + "backendAddresses": [], + "provisioningState": "Succeeded", + "requestRoutingRules": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ] + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/backendAddressPools" + } + ], + "backendHttpSettingsCollection": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendHttpSettingsCollection/appGatewayBackendHttpSettings", + "name": "appGatewayBackendHttpSettings", + "properties": { + "connectionDraining": { + "drainTimeoutInSec": 1, + "enabled": false + }, + "cookieBasedAffinity": "Disabled", + "pickHostNameFromBackendAddress": false, + "port": 80, + "protocol": "Http", + "provisioningState": "Succeeded", + "requestRoutingRules": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ], + "requestTimeout": 30 + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/backendHttpSettingsCollection" + } + ], + "backendSettingsCollection": [], + "frontendIPConfigurations": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendIPConfigurations/appGatewayFrontendIP", + "name": "appGatewayFrontendIP", + "properties": { + "httpListeners": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ], + "privateIPAllocationMethod": "Dynamic", + "provisioningState": "Succeeded", + "publicIPAddress": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/publicIPAddresses/myAPPGWPublicIPxxxxxx", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/frontendIPConfigurations" + } + ], + "frontendPorts": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendPorts/appGatewayFrontendPort", + "name": "appGatewayFrontendPort", + "properties": { + "httpListeners": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ], + "port": 80, + "provisioningState": "Succeeded" + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/frontendPorts" + } + ], + "gatewayIPConfigurations": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/gatewayIPConfigurations/appGatewayFrontendIP", + "name": "appGatewayFrontendIP", + "properties": { + "provisioningState": "Succeeded", + "subnet": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myAPPGWSNxxxxxx", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/gatewayIPConfigurations" + } + ], + "httpListeners": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", + "name": "appGatewayHttpListener", + "properties": { + "frontendIPConfiguration": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendIPConfigurations/appGatewayFrontendIP", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "frontendPort": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendPorts/appGatewayFrontendPort", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "hostNames": [], + "protocol": "Http", + "provisioningState": "Succeeded", + "requestRoutingRules": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ], + "requireServerNameIndication": false + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/httpListeners" + } + ], + "listeners": [], + "loadDistributionPolicies": [], + "operationalState": "Running", + "privateEndpointConnections": [], + "privateLinkConfigurations": [], + "probes": [], + "provisioningState": "Succeeded", + "redirectConfigurations": [], + "requestRoutingRules": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", + "name": "rule1", + "properties": { + "backendAddressPool": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "backendHttpSettings": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendHttpSettingsCollection/appGatewayBackendHttpSettings", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "httpListener": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "priority": 1001, + "provisioningState": "Succeeded", + "ruleType": "Basic" + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/requestRoutingRules" + } + ], + "resourceGuid": "d6da1e9a-9d53-4292-bda5-3883963034ff", + "rewriteRuleSets": [], + "routingRules": [], + "sku": { + "capacity": 2, + "family": "Generation_1", + "name": "Standard_v2", + "tier": "Standard_v2" + }, + "sslCertificates": [], + "sslProfiles": [], + "trustedClientCertificates": [], + "trustedRootCertificates": [], + "urlPathMaps": [] + } +} + ``` + + +# Create Virtual Machine Scale Set + +The below command creates a zone redundant Virtual Machine Scale Set (VMSS) within your resource group $MY_RESOURCE_GROUP_NAME. We integrate the Application Gateway that we created previous step. This command creates 2 Standard_DS2_v2 SKU Virtual Machines in subnet $MY_VM_SN_NAME. + +```bash + az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON + ``` + +Results: + + +```json +{ + "vmss": { + "doNotRunExtensionsOnOverprovisionedVMs": false, + "orchestrationMode": "Uniform", + "overprovision": true, + "provisioningState": "Succeeded", + "singlePlacementGroup": true, + "timeCreated": "2023-12-04T16:10:30.5546744+00:00", + "uniqueId": "ae68f82c-54f3-4263-8252-7f25f1b276bb", + "upgradePolicy": { + "mode": "Automatic", + "rollingUpgradePolicy": { + "maxBatchInstancePercent": 20, + "maxSurge": false, + "maxUnhealthyInstancePercent": 20, + "maxUnhealthyUpgradedInstancePercent": 20, + "pauseTimeBetweenBatches": "PT0S", + "rollbackFailedInstancesOnPolicyBreach": false + } + }, + "virtualMachineProfile": { + "networkProfile": { + "networkInterfaceConfigurations": [ + { + "name": "myvms0ce7Nic", + "properties": { + "disableTcpStateTracking": false, + "dnsSettings": { + "dnsServers": [] + }, + "enableAcceleratedNetworking": false, + "enableIPForwarding": false, + "ipConfigurations": [ + { + "name": "myvms0ce7IPConfig", + "properties": { + "applicationGatewayBackendAddressPools": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroup3a43e4" + } + ], + "privateIPAddressVersion": "IPv4", + "subnet": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", + "resourceGroup": "myVMSSResourceGroup3a43e4" + } + } + } + ], + "primary": true + } + } + ] + }, + "osProfile": { + "adminUsername": "azureuser", + "allowExtensionOperations": true, + "computerNamePrefix": "myvms0ce7", + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "enableVMAgentPlatformUpdates": false, + "provisionVMAgent": true, + "ssh": { + "publicKeys": [ + { + "keyData": "ssh-rsa xxxxxxx", + "path": "/home/azureuser/.ssh/authorized_keys" + } + ] + } + }, + "requireGuestProvisionSignal": true, + "secrets": [] + }, + "storageProfile": { + "diskControllerType": "SCSI", + "imageReference": { + "offer": "0001-com-ubuntu-minimal-jammy", + "publisher": "Canonical", + "sku": "minimal-22_04-lts-gen2", + "version": "latest" + }, + "osDisk": { + "caching": "ReadWrite", + "createOption": "FromImage", + "diskSizeGB": 30, + "managedDisk": { + "storageAccountType": "Premium_LRS" + }, + "osType": "Linux" + } + }, + "timeCreated": "2023-12-04T16:10:30.5546744+00:00" + } + } +} +``` + +### Install ngnix with VMSS extensions + +The below command uses VMSS extension to run custom script. For testing purposes, here we install ngnix and publish a page that shows the hostname of the Virtual Machine that your HTTP requests hits. We use this custom script for this pusposes : https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh + + +```bash +az vmss extension set --publisher Microsoft.Azure.Extensions --version 2.0 --name CustomScript --resource-group $MY_RESOURCE_GROUP_NAME --vmss-name $MY_VMSS_NAME --settings '{ "fileUris": ["https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh"], "commandToExecute": "./automate_nginx.sh" }' -o JSON +``` + +Results: + + +```json +{ + "additionalCapabilities": null, + "automaticRepairsPolicy": null, + "constrainedMaximumCapacity": null, + "doNotRunExtensionsOnOverprovisionedVMs": false, + "extendedLocation": null, + "hostGroup": null, + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSS3a43e4", + "identity": null, + "location": "eastus", + "name": "myVMSS3a43e4", + "orchestrationMode": "Uniform", + "overprovision": true, + "plan": null, + "platformFaultDomainCount": null, + "priorityMixPolicy": null, + "provisioningState": "Succeeded", + "proximityPlacementGroup": null, + "resourceGroup": "myVMSSResourceGroup3a43e4", + "scaleInPolicy": null, + "singlePlacementGroup": true, + "sku": { + "capacity": 2, + "name": "Standard_DS2_v2", + "tier": "Standard" + }, + "spotRestorePolicy": null, + "tags": {}, + "timeCreated": "2023-12-04T16:10:30.554674+00:00", + "type": "Microsoft.Compute/virtualMachineScaleSets", + "uniqueId": "ae68f82c-54f3-4263-8252-7f25f1b276bb", + "upgradePolicy": { + "automaticOsUpgradePolicy": null, + "mode": "Automatic", + "rollingUpgradePolicy": { + "enableCrossZoneUpgrade": null, + "maxBatchInstancePercent": 20, + "maxSurge": false, + "maxUnhealthyInstancePercent": 20, + "maxUnhealthyUpgradedInstancePercent": 20, + "pauseTimeBetweenBatches": "PT0S", + "prioritizeUnhealthyInstances": null, + "rollbackFailedInstancesOnPolicyBreach": false + } + }, + "virtualMachineProfile": { + "applicationProfile": null, + "billingProfile": null, + "capacityReservation": null, + "diagnosticsProfile": null, + "evictionPolicy": null, + "extensionProfile": { + "extensions": [ + { + "autoUpgradeMinorVersion": true, + "enableAutomaticUpgrade": null, + "forceUpdateTag": null, + "id": null, + "name": "CustomScript", + "protectedSettings": null, + "protectedSettingsFromKeyVault": null, + "provisionAfterExtensions": null, + "provisioningState": null, + "publisher": "Microsoft.Azure.Extensions", + "settings": { + "commandToExecute": "./automate_nginx.sh", + "fileUris": [ + "https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh" + ] + }, + "suppressFailures": null, + "type": null, + "typeHandlerVersion": "2.0", + "typePropertiesType": "CustomScript" + } + ], + "extensionsTimeBudget": null + }, + "hardwareProfile": null, + "licenseType": null, + "networkProfile": { + "healthProbe": null, + "networkApiVersion": null, + "networkInterfaceConfigurations": [ + { + "deleteOption": null, + "disableTcpStateTracking": false, + "dnsSettings": { + "dnsServers": [] + }, + "enableAcceleratedNetworking": false, + "enableFpga": null, + "enableIpForwarding": false, + "ipConfigurations": [ + { + "applicationGatewayBackendAddressPools": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroup3a43e4" + } + ], + "applicationSecurityGroups": null, + "loadBalancerBackendAddressPools": null, + "loadBalancerInboundNatPools": null, + "name": "myvms0ce7IPConfig", + "primary": null, + "privateIpAddressVersion": "IPv4", + "publicIpAddressConfiguration": null, + "subnet": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", + "resourceGroup": "myVMSSResourceGroup3a43e4" + } + } + ], + "name": "myvms0ce7Nic", + "networkSecurityGroup": null, + "primary": true + } + ] + }, + "osProfile": { + "adminPassword": null, + "adminUsername": "azureuser", + "allowExtensionOperations": true, + "computerNamePrefix": "myvms0ce7", + "customData": null, + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "enableVmAgentPlatformUpdates": false, + "patchSettings": null, + "provisionVmAgent": true, + "ssh": { + "publicKeys": [ + { + "keyData": "ssh-rsa xxxxxxx", + "path": "/home/azureuser/.ssh/authorized_keys" + } + ] + } + }, + "requireGuestProvisionSignal": true, + "secrets": [], + "windowsConfiguration": null + }, + "priority": null, + "scheduledEventsProfile": null, + "securityPostureReference": null, + "securityProfile": null, + "serviceArtifactReference": null, + "storageProfile": { + "dataDisks": null, + "diskControllerType": "SCSI", + "imageReference": { + "communityGalleryImageId": null, + "exactVersion": null, + "id": null, + "offer": "0001-com-ubuntu-minimal-jammy", + "publisher": "Canonical", + "sharedGalleryImageId": null, + "sku": "minimal-22_04-lts-gen2", + "version": "latest" + }, + "osDisk": { + "caching": "ReadWrite", + "createOption": "FromImage", + "deleteOption": null, + "diffDiskSettings": null, + "diskSizeGb": 30, + "image": null, + "managedDisk": { + "diskEncryptionSet": null, + "securityProfile": null, + "storageAccountType": "Premium_LRS" + }, + "name": null, + "osType": "Linux", + "vhdContainers": null, + "writeAcceleratorEnabled": null + } + }, + "userData": null + }, + "zoneBalance": null, + "zones": null +} +``` + +### Test the page + +The below command shows you the public IP of your Application Gateway. You can cpaste the IP adress to a browser page for testing. + +```bash +az network public-ip show --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --query [ipAddress] --output tsv +``` + + + +# Next Steps + +* [VM Documentation](https://learn.microsoft.com/en-us/azure/virtual-machines/) +* [Use Cloud-Init to initialize a Linux VM on first boot](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-automate-vm-deployment) +* [Create custom VM images](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-custom-images) +* [Load Balance VMs](https://learn.microsoft.com/en-us/azure/load-balancer/quickstart-load-balancer-standard-public-cli) \ No newline at end of file From 0acffa9c6d63921f14c415a653acb75efe77c736 Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Thu, 14 Dec 2023 13:39:59 +0000 Subject: [PATCH 16/46] VMSS updates --- scenarios/ocd/CreateVMSSupdated/README.md | 376 ++++++++++++++++++++-- 1 file changed, 356 insertions(+), 20 deletions(-) diff --git a/scenarios/ocd/CreateVMSSupdated/README.md b/scenarios/ocd/CreateVMSSupdated/README.md index 398fbf79..22004506 100644 --- a/scenarios/ocd/CreateVMSSupdated/README.md +++ b/scenarios/ocd/CreateVMSSupdated/README.md @@ -371,7 +371,7 @@ az network application-gateway create --name $MY_APPGW_NAME --location $REGION The below command creates a zone redundant Virtual Machine Scale Set (VMSS) within your resource group $MY_RESOURCE_GROUP_NAME. We integrate the Application Gateway that we created previous step. This command creates 2 Standard_DS2_v2 SKU Virtual Machines in subnet $MY_VM_SN_NAME. ```bash - az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON + az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --assign-identity --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON ``` Results: @@ -381,12 +381,17 @@ Results: { "vmss": { "doNotRunExtensionsOnOverprovisionedVMs": false, + "identity": { + "systemAssignedIdentity": "f94ce139-a0b1-4844-a836-1396b6572826", + "userAssignedIdentities": {} + }, "orchestrationMode": "Uniform", "overprovision": true, + "platformFaultDomainCount": 1, "provisioningState": "Succeeded", - "singlePlacementGroup": true, - "timeCreated": "2023-12-04T16:10:30.5546744+00:00", - "uniqueId": "ae68f82c-54f3-4263-8252-7f25f1b276bb", + "singlePlacementGroup": false, + "timeCreated": "2023-12-14T10:50:58.8584886+00:00", + "uniqueId": "ca55e9a8-4c6f-4491-b217-4420a312f993", "upgradePolicy": { "mode": "Automatic", "rollingUpgradePolicy": { @@ -402,7 +407,7 @@ Results: "networkProfile": { "networkInterfaceConfigurations": [ { - "name": "myvms0ce7Nic", + "name": "myvms5aa3Nic", "properties": { "disableTcpStateTracking": false, "dnsSettings": { @@ -412,18 +417,18 @@ Results: "enableIPForwarding": false, "ipConfigurations": [ { - "name": "myvms0ce7IPConfig", + "name": "myvms5aa3IPConfig", "properties": { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroup3a43e4" + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/applicationGateways/myAPPGWaf9072/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroupaf9072" } ], "privateIPAddressVersion": "IPv4", "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", - "resourceGroup": "myVMSSResourceGroup3a43e4" + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/virtualNetworks/myVNetaf9072/subnets/myVMSNaf9072", + "resourceGroup": "myVMSSResourceGroupaf9072" } } } @@ -436,7 +441,7 @@ Results: "osProfile": { "adminUsername": "azureuser", "allowExtensionOperations": true, - "computerNamePrefix": "myvms0ce7", + "computerNamePrefix": "myvms5aa3", "linuxConfiguration": { "disablePasswordAuthentication": true, "enableVMAgentPlatformUpdates": false, @@ -444,7 +449,7 @@ Results: "ssh": { "publicKeys": [ { - "keyData": "ssh-rsa xxxxxxx", + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDChUiONFSUdk5nk00XeujLNIfdijKwBR/cqAqAw8xa57BlI22Azntp625scK9Gpze9wFNj/bPDS29+PZXOaEjVljYHU/tgcbcvHR0sNUNoAvMPHRfSN2WebDUCDHK1hBQxPwiI4OWTbpYRm/E2deGe5gUpBoaA1AwOZVs1+6Z6unHOkhslqLJmNW+Rb8YUtRnbL3XZLUOwyPSkNMgARiMb+QWq0W2V6TtD+rM2pMVIf/D21PdHLsTBQ+DC0DeUyBlgGiueqijGcD0zmE6N6nAu2ps7sO+zxmnP37zbIRbwEHfdpQkPwnx42REgZ7ep/K9gnwWzSk1uIrxrSGypPqUV", "path": "/home/azureuser/.ssh/authorized_keys" } ] @@ -456,9 +461,9 @@ Results: "storageProfile": { "diskControllerType": "SCSI", "imageReference": { - "offer": "0001-com-ubuntu-minimal-jammy", + "offer": "0001-com-ubuntu-server-jammy", "publisher": "Canonical", - "sku": "minimal-22_04-lts-gen2", + "sku": "22_04-lts-gen2", "version": "latest" }, "osDisk": { @@ -471,8 +476,9 @@ Results: "osType": "Linux" } }, - "timeCreated": "2023-12-04T16:10:30.5546744+00:00" - } + "timeCreated": "2023-12-14T10:50:58.8584886+00:00" + }, + "zoneBalance": false } } ``` @@ -677,6 +683,337 @@ Results: } ``` +### Enable Azure AD login for a Linux Virtual Machine +The following command installs the extension to enable Azure AD login for a Linux VM. + +```bash + az vmss extension set --publisher Microsoft.Azure.ActiveDirectory --name AADSSHLoginForLinux --resource-group $MY_RESOURCE_GROUP_NAME --vmss-name $MY_VMSS_NAME +``` +Results: + + +```json +{ + "additionalCapabilities": null, + "automaticRepairsPolicy": null, + "constrainedMaximumCapacity": null, + "doNotRunExtensionsOnOverprovisionedVMs": false, + "extendedLocation": null, + "hostGroup": null, + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "identity": { + "principalId": "f94ce139-a0b1-4844-a836-1396b6572826", + "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "type": "SystemAssigned", + "userAssignedIdentities": null + }, + "location": "eastus", + "name": "myVMSSaf9072", + "orchestrationMode": "Uniform", + "overprovision": true, + "plan": null, + "platformFaultDomainCount": 1, + "priorityMixPolicy": null, + "provisioningState": "Succeeded", + "proximityPlacementGroup": null, + "resourceGroup": "myVMSSResourceGroupaf9072", + "scaleInPolicy": null, + "singlePlacementGroup": false, + "sku": { + "capacity": 2, + "name": "Standard_DS2_v2", + "tier": "Standard" + }, + "spotRestorePolicy": null, + "tags": {}, + "timeCreated": "2023-12-14T10:50:58.858488+00:00", + "type": "Microsoft.Compute/virtualMachineScaleSets", + "uniqueId": "ca55e9a8-4c6f-4491-b217-4420a312f993", + "upgradePolicy": { + "automaticOsUpgradePolicy": null, + "mode": "Automatic", + "rollingUpgradePolicy": { + "enableCrossZoneUpgrade": null, + "maxBatchInstancePercent": 20, + "maxSurge": false, + "maxUnhealthyInstancePercent": 20, + "maxUnhealthyUpgradedInstancePercent": 20, + "pauseTimeBetweenBatches": "PT0S", + "prioritizeUnhealthyInstances": null, + "rollbackFailedInstancesOnPolicyBreach": false + } + }, + "virtualMachineProfile": { + "applicationProfile": null, + "billingProfile": null, + "capacityReservation": null, + "diagnosticsProfile": null, + "evictionPolicy": null, + "extensionProfile": { + "extensions": [ + { + "autoUpgradeMinorVersion": true, + "enableAutomaticUpgrade": null, + "forceUpdateTag": null, + "id": null, + "name": "AADSSHLoginForLinux", + "protectedSettings": null, + "protectedSettingsFromKeyVault": null, + "provisionAfterExtensions": null, + "provisioningState": null, + "publisher": "Microsoft.Azure.ActiveDirectory", + "settings": null, + "suppressFailures": null, + "type": null, + "typeHandlerVersion": "1.0", + "typePropertiesType": "AADSSHLoginForLinux" + } + ], + "extensionsTimeBudget": null + }, + "hardwareProfile": null, + "licenseType": null, + "networkProfile": { + "healthProbe": null, + "networkApiVersion": null, + "networkInterfaceConfigurations": [ + { + "deleteOption": null, + "disableTcpStateTracking": false, + "dnsSettings": { + "dnsServers": [] + }, + "enableAcceleratedNetworking": false, + "enableFpga": null, + "enableIpForwarding": false, + "ipConfigurations": [ + { + "applicationGatewayBackendAddressPools": [ + { + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/applicationGateways/myAPPGWaf9072/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroupaf9072" + } + ], + "applicationSecurityGroups": null, + "loadBalancerBackendAddressPools": null, + "loadBalancerInboundNatPools": null, + "name": "myvms5aa3IPConfig", + "primary": null, + "privateIpAddressVersion": "IPv4", + "publicIpAddressConfiguration": null, + "subnet": { + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/virtualNetworks/myVNetaf9072/subnets/myVMSNaf9072", + "resourceGroup": "myVMSSResourceGroupaf9072" + } + } + ], + "name": "myvms5aa3Nic", + "networkSecurityGroup": null, + "primary": true + } + ] + }, + "osProfile": { + "adminPassword": null, + "adminUsername": "azureuser", + "allowExtensionOperations": true, + "computerNamePrefix": "myvms5aa3", + "customData": null, + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "enableVmAgentPlatformUpdates": false, + "patchSettings": null, + "provisionVmAgent": true, + "ssh": { + "publicKeys": [ + { + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDChUiONFSUdk5nk00XeujLNIfdijKwBR/cqAqAw8xa57BlI22Azntp625scK9Gpze9wFNj/bPDS29+PZXOaEjVljYHU/tgcbcvHR0sNUNoAvMPHRfSN2WebDUCDHK1hBQxPwiI4OWTbpYRm/E2deGe5gUpBoaA1AwOZVs1+6Z6unHOkhslqLJmNW+Rb8YUtRnbL3XZLUOwyPSkNMgARiMb+QWq0W2V6TtD+rM2pMVIf/D21PdHLsTBQ+DC0DeUyBlgGiueqijGcD0zmE6N6nAu2ps7sO+zxmnP37zbIRbwEHfdpQkPwnx42REgZ7ep/K9gnwWzSk1uIrxrSGypPqUV", + "path": "/home/azureuser/.ssh/authorized_keys" + } + ] + } + }, + "requireGuestProvisionSignal": true, + "secrets": [], + "windowsConfiguration": null + }, + "priority": null, + "scheduledEventsProfile": null, + "securityPostureReference": null, + "securityProfile": null, + "serviceArtifactReference": null, + "storageProfile": { + "dataDisks": null, + "diskControllerType": "SCSI", + "imageReference": { + "communityGalleryImageId": null, + "exactVersion": null, + "id": null, + "offer": "0001-com-ubuntu-server-jammy", + "publisher": "Canonical", + "sharedGalleryImageId": null, + "sku": "22_04-lts-gen2", + "version": "latest" + }, + "osDisk": { + "caching": "ReadWrite", + "createOption": "FromImage", + "deleteOption": null, + "diffDiskSettings": null, + "diskSizeGb": 30, + "image": null, + "managedDisk": { + "diskEncryptionSet": null, + "securityProfile": null, + "storageAccountType": "Premium_LRS" + }, + "name": null, + "osType": "Linux", + "vhdContainers": null, + "writeAcceleratorEnabled": null + } + }, + "userData": null + }, + "zoneBalance": false, + "zones": [ + "1", + "2", + "3" + ] +} + +``` + +# Define an autoscale profle + +To enable autoscale on a scale set, you first define an autoscale profile. This profile defines the default, minimum, and maximum scale set capacity. These limits let you control cost by not continually creating VM instances, and balance acceptable performance with a minimum number of instances that remain in a scale-in event. +The following example sets the default, and minimum, capacity of 2 VM instances, and a maximum of 10: + +```bash +az monitor autoscale create --resource-group $MY_RESOURCE_GROUP_NAME --resource $MY_VMSS_NAME --resource-type Microsoft.Compute/virtualMachineScaleSets --name autoscale --min-count 2 --max-count 10 --count 2 +``` + + +Results: + + +```json +{ + "enabled": true, + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/microsoft.insights/autoscalesettings/autoscale", + "location": "eastus", + "name": "autoscale", + "namePropertiesName": "autoscale", + "notifications": [ + { + "email": { + "customEmails": [], + "sendToSubscriptionAdministrator": false, + "sendToSubscriptionCoAdministrators": false + }, + "webhooks": [] + } + ], + "predictiveAutoscalePolicy": { + "scaleLookAheadTime": null, + "scaleMode": "Disabled" + }, + "profiles": [ + { + "capacity": { + "default": "2", + "maximum": "10", + "minimum": "2" + }, + "fixedDate": null, + "name": "default", + "recurrence": null, + "rules": [] + } + ], + "resourceGroup": "myVMSSResourceGroupaf9072", + "systemData": null, + "tags": {}, + "targetResourceLocation": null, + "targetResourceUri": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "type": "Microsoft.Insights/autoscaleSettings" +} +``` + +# Create a rule to autoscale out + +The Following command creates a rule that increases the number of VM instances in a scale set when the average CPU load is greater than 70% over a 5-minute period. When the rule triggers, the number of VM instances is increased by three. + +```bash +az monitor autoscale rule create --resource-group $MY_RESOURCE_GROUP_NAME --autoscale-name autoscale --condition "Percentage CPU > 70 avg 5m" --scale out 3 +``` + +Results: + + +```json +{ + "metricTrigger": { + "dimensions": [], + "dividePerInstance": null, + "metricName": "Percentage CPU", + "metricNamespace": null, + "metricResourceLocation": null, + "metricResourceUri": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "operator": "GreaterThan", + "statistic": "Average", + "threshold": "70", + "timeAggregation": "Average", + "timeGrain": "PT1M", + "timeWindow": "PT5M" + }, + "scaleAction": { + "cooldown": "PT5M", + "direction": "Increase", + "type": "ChangeCount", + "value": "3" + } +} +``` + +# Create a rule to autoscale in + +Create another rule with az monitor autoscale rule create that decreases the number of VM instances in a scale set when the average CPU load then drops below 30% over a 5-minute period. The following example defines the rule to scale in the number of VM instances by one. + +```bash +az monitor autoscale rule create --resource-group $MY_RESOURCE_GROUP_NAME --autoscale-name autoscale --condition "Percentage CPU < 30 avg 5m" --scale in 1 +``` + +Results: + + +```json +{ + "metricTrigger": { + "dimensions": [], + "dividePerInstance": null, + "metricName": "Percentage CPU", + "metricNamespace": null, + "metricResourceLocation": null, + "metricResourceUri": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "operator": "LessThan", + "statistic": "Average", + "threshold": "30", + "timeAggregation": "Average", + "timeGrain": "PT1M", + "timeWindow": "PT5M" + }, + "scaleAction": { + "cooldown": "PT5M", + "direction": "Decrease", + "type": "ChangeCount", + "value": "1" + } +} +``` + + ### Test the page The below command shows you the public IP of your Application Gateway. You can cpaste the IP adress to a browser page for testing. @@ -687,9 +1024,8 @@ az network public-ip show --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_AP + + # Next Steps -* [VM Documentation](https://learn.microsoft.com/en-us/azure/virtual-machines/) -* [Use Cloud-Init to initialize a Linux VM on first boot](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-automate-vm-deployment) -* [Create custom VM images](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-custom-images) -* [Load Balance VMs](https://learn.microsoft.com/en-us/azure/load-balancer/quickstart-load-balancer-standard-public-cli) \ No newline at end of file +* [VMSS Documentation](https://learn.microsoft.com/en-us/azure/virtual-machine-scale-sets/overview) From 17763b3143f10e0c2c757b7892a40e693037faed Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Thu, 14 Dec 2023 13:40:53 +0000 Subject: [PATCH 17/46] VMSS updates --- scenarios/ocd/CreateVMSSupdated/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scenarios/ocd/CreateVMSSupdated/README.md b/scenarios/ocd/CreateVMSSupdated/README.md index 22004506..97976981 100644 --- a/scenarios/ocd/CreateVMSSupdated/README.md +++ b/scenarios/ocd/CreateVMSSupdated/README.md @@ -885,7 +885,7 @@ Results: ``` -# Define an autoscale profle +# Define an autoscale profile To enable autoscale on a scale set, you first define an autoscale profile. This profile defines the default, minimum, and maximum scale set capacity. These limits let you control cost by not continually creating VM instances, and balance acceptable performance with a minimum number of instances that remain in a scale-in event. The following example sets the default, and minimum, capacity of 2 VM instances, and a maximum of 10: From 74e563efd75f183aea14bd4c7f82bda06952c34b Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Thu, 14 Dec 2023 15:17:33 +0000 Subject: [PATCH 18/46] VMSS updates --- scenarios/ocd/CreateVMSSupdated/README.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/scenarios/ocd/CreateVMSSupdated/README.md b/scenarios/ocd/CreateVMSSupdated/README.md index 97976981..0f070dd0 100644 --- a/scenarios/ocd/CreateVMSSupdated/README.md +++ b/scenarios/ocd/CreateVMSSupdated/README.md @@ -421,13 +421,13 @@ Results: "properties": { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/applicationGateways/myAPPGWaf9072/backendAddressPools/appGatewayBackendPool", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/applicationGateways/myAPPGWaf9072/backendAddressPools/appGatewayBackendPool", "resourceGroup": "myVMSSResourceGroupaf9072" } ], "privateIPAddressVersion": "IPv4", "subnet": { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/virtualNetworks/myVNetaf9072/subnets/myVMSNaf9072", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/virtualNetworks/myVNetaf9072/subnets/myVMSNaf9072", "resourceGroup": "myVMSSResourceGroupaf9072" } } @@ -700,7 +700,7 @@ Results: "doNotRunExtensionsOnOverprovisionedVMs": false, "extendedLocation": null, "hostGroup": null, - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", "identity": { "principalId": "f94ce139-a0b1-4844-a836-1396b6572826", "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47", @@ -790,7 +790,7 @@ Results: { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/applicationGateways/myAPPGWaf9072/backendAddressPools/appGatewayBackendPool", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/applicationGateways/myAPPGWaf9072/backendAddressPools/appGatewayBackendPool", "resourceGroup": "myVMSSResourceGroupaf9072" } ], @@ -802,7 +802,7 @@ Results: "privateIpAddressVersion": "IPv4", "publicIpAddressConfiguration": null, "subnet": { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/virtualNetworks/myVNetaf9072/subnets/myVMSNaf9072", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/virtualNetworks/myVNetaf9072/subnets/myVMSNaf9072", "resourceGroup": "myVMSSResourceGroupaf9072" } } @@ -901,7 +901,7 @@ Results: ```json { "enabled": true, - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/microsoft.insights/autoscalesettings/autoscale", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/microsoft.insights/autoscalesettings/autoscale", "location": "eastus", "name": "autoscale", "namePropertiesName": "autoscale", @@ -936,7 +936,7 @@ Results: "systemData": null, "tags": {}, "targetResourceLocation": null, - "targetResourceUri": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "targetResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", "type": "Microsoft.Insights/autoscaleSettings" } ``` @@ -960,7 +960,7 @@ Results: "metricName": "Percentage CPU", "metricNamespace": null, "metricResourceLocation": null, - "metricResourceUri": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", "operator": "GreaterThan", "statistic": "Average", "threshold": "70", @@ -996,7 +996,7 @@ Results: "metricName": "Percentage CPU", "metricNamespace": null, "metricResourceLocation": null, - "metricResourceUri": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", "operator": "LessThan", "statistic": "Average", "threshold": "30", From 71074ef9e54d5842aeb58ca678f7e4037011b66f Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Mon, 18 Dec 2023 11:33:05 +0000 Subject: [PATCH 19/46] VMSS updates --- .../CreateVMSSupdated/README-backup-18-12.md | 1031 +++++++++++++++++ scenarios/ocd/CreateVMSSupdated/README.md | 224 +--- 2 files changed, 1043 insertions(+), 212 deletions(-) create mode 100644 scenarios/ocd/CreateVMSSupdated/README-backup-18-12.md diff --git a/scenarios/ocd/CreateVMSSupdated/README-backup-18-12.md b/scenarios/ocd/CreateVMSSupdated/README-backup-18-12.md new file mode 100644 index 00000000..0f070dd0 --- /dev/null +++ b/scenarios/ocd/CreateVMSSupdated/README-backup-18-12.md @@ -0,0 +1,1031 @@ +# Create a Virtual Machine Scale Set with Application Gateway with Linux image + +## Define Environment Variables + +The First step in this tutorial is to define environment variables. + +```bash + +export RANDOM_ID="$(openssl rand -hex 3)" +export MY_RESOURCE_GROUP_NAME="myVMSSResourceGroup$RANDOM_ID" +export REGION=EastUS +export MY_VMSS_NAME="myVMSS$RANDOM_ID" +export MY_USERNAME=azureuser +export MY_VM_IMAGE="Ubuntu2204" +export MY_VNET_NAME="myVNet$RANDOM_ID" +export NETWORK_PREFIX="$(($RANDOM % 254 + 1))" +export MY_VNET_PREFIX="10.$NETWORK_PREFIX.0.0/16" +export MY_VM_SN_NAME="myVMSN$RANDOM_ID" +export MY_VM_SN_PREFIX="10.$NETWORK_PREFIX.0.0/24" +export MY_APPGW_SN_NAME="myAPPGWSN$RANDOM_ID" +export MY_APPGW_SN_PREFIX="10.$NETWORK_PREFIX.1.0/24" +export MY_APPGW_NAME="myAPPGW$RANDOM_ID" +export MY_APPGW_PUBLIC_IP_NAME="myAPPGWPublicIP$RANDOM_ID" + +``` +# Login to Azure using the CLI + +In order to run commands against Azure using the CLI you need to login. This is done, very simply, though the `az login` command: + +# Create a resource group + +A resource group is a container for related resources. All resources must be placed in a resource group. We will create one for this tutorial. The following command creates a resource group with the previously defined $MY_RESOURCE_GROUP_NAME and $REGION parameters. + +```bash +az group create --name $MY_RESOURCE_GROUP_NAME --location $REGION -o JSON +``` + +Results: + + +```json +{ + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx", + "location": "eastus", + "managedBy": null, + "name": "myVMSSResourceGroupxxxxxx", + "properties": { + "provisioningState": "Succeeded" + }, + "tags": null, + "type": "Microsoft.Resources/resourceGroups" +} +``` + +# Create Network Resources + +You need to create network resources before you proceed the VMSS steps. In this step you're going to create a VNET, 2 subnets 1 for Application Gateway and 1 for VMs. You also need to have a public IP to attach your Application Gateway to be able to reach your web application from internet. + + +#### Create Virtual Network (VNET) and VM Subnet + +```bash +az network vnet create --name $MY_VNET_NAME --resource-group $MY_RESOURCE_GROUP_NAME --location $REGION --address-prefix $MY_VNET_PREFIX --subnet-name $MY_VM_SN_NAME --subnet-prefix $MY_VM_SN_PREFIX -o JSON +``` + +Results: + + +```json +{ + "newVNet": { + "addressSpace": { + "addressPrefixes": [ + "10.X.0.0/16" + ] + }, + "enableDdosProtection": false, + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx", + "location": "eastus", + "name": "myVNetxxxxxx", + "provisioningState": "Succeeded", + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "resourceGuid": "f00034be-612e-4462-a711-93d0bb263e46", + "subnets": [ + { + "addressPrefix": "10.X.0.0/24", + "delegations": [], + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myVMSNxxxxxx", + "name": "myVMSNxxxxxx", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Enabled", + "provisioningState": "Succeeded", + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/virtualNetworks/subnets" + } + ], + "type": "Microsoft.Network/virtualNetworks", + "virtualNetworkPeerings": [] + } +} +``` + +### Create Application Gateway Resources + +Azure Application Gateway requires a dedicated subnet within your virtual network. The below command creates a subnet named $MY_APPGW_SN_NAME with specified address prefix named $MY_APPGW_SN_PREFIX in your VNET $MY_VNET_NAME + + +```bash +az network vnet subnet create --name $MY_APPGW_SN_NAME --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --address-prefix $MY_APPGW_SN_PREFIX -o JSON +``` + +Results: + + +```json +{ + "addressPrefix": "10.66.1.0/24", + "delegations": [], + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myAPPGWSNxxxxxx", + "name": "myAPPGWSNxxxxxx", + "privateEndpointNetworkPolicies": "Disabled", + "privateLinkServiceNetworkPolicies": "Enabled", + "provisioningState": "Succeeded", + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/virtualNetworks/subnets" +} +``` +The below command creates a standard, zone redundant, static, public IPv4 in your resource group. + +```bash +az network public-ip create --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --sku Standard --location $REGION --allocation-method static --version IPv4 --zone 1 2 3 -o JSON + ``` + +Results: + + +```json +{ + "publicIp": { + "ddosSettings": { + "protectionMode": "VirtualNetworkInherited" + }, + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/publicIPAddresses//myAPPGWPublicIPxxxxxx", + "idleTimeoutInMinutes": 4, + "ipAddress": "X.X.X.X", + "ipTags": [], + "location": "eastus", + "name": "/myAPPGWPublicIPxxxxxx", + "provisioningState": "Succeeded", + "publicIPAddressVersion": "IPv4", + "publicIPAllocationMethod": "Static", + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "resourceGuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", + "sku": { + "name": "Standard", + "tier": "Regional" + }, + "type": "Microsoft.Network/publicIPAddresses", + "zones": [ + "1", + "2", + "3" + ] + } +} +``` + +In this step you create an Application Gateway that you're going to integrate with your Virtual Machine Scale Set. In this example we create a zone redundant Application Gateway with Standard_v2 SKU and enable Http communication for the Application Gateway. The public IP $MY_APPGW_PUBLIC_IP_NAME that we created in previous step attached to the Application Gateway. + +```bash +az network application-gateway create --name $MY_APPGW_NAME --location $REGION --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --subnet $MY_APPGW_SN_NAME --capacity 2 --zones 1 2 3 --sku Standard_v2 --http-settings-cookie-based-affinity Disabled --frontend-port 80 --http-settings-port 80 --http-settings-protocol Http --public-ip-address $MY_APPGW_PUBLIC_IP_NAME --priority 1001 -o JSON + ``` + + +```json +{ + "applicationGateway": { + "backendAddressPools": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendAddressPools/appGatewayBackendPool", + "name": "appGatewayBackendPool", + "properties": { + "backendAddresses": [], + "provisioningState": "Succeeded", + "requestRoutingRules": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ] + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/backendAddressPools" + } + ], + "backendHttpSettingsCollection": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendHttpSettingsCollection/appGatewayBackendHttpSettings", + "name": "appGatewayBackendHttpSettings", + "properties": { + "connectionDraining": { + "drainTimeoutInSec": 1, + "enabled": false + }, + "cookieBasedAffinity": "Disabled", + "pickHostNameFromBackendAddress": false, + "port": 80, + "protocol": "Http", + "provisioningState": "Succeeded", + "requestRoutingRules": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ], + "requestTimeout": 30 + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/backendHttpSettingsCollection" + } + ], + "backendSettingsCollection": [], + "frontendIPConfigurations": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendIPConfigurations/appGatewayFrontendIP", + "name": "appGatewayFrontendIP", + "properties": { + "httpListeners": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ], + "privateIPAllocationMethod": "Dynamic", + "provisioningState": "Succeeded", + "publicIPAddress": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/publicIPAddresses/myAPPGWPublicIPxxxxxx", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/frontendIPConfigurations" + } + ], + "frontendPorts": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendPorts/appGatewayFrontendPort", + "name": "appGatewayFrontendPort", + "properties": { + "httpListeners": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ], + "port": 80, + "provisioningState": "Succeeded" + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/frontendPorts" + } + ], + "gatewayIPConfigurations": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/gatewayIPConfigurations/appGatewayFrontendIP", + "name": "appGatewayFrontendIP", + "properties": { + "provisioningState": "Succeeded", + "subnet": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myAPPGWSNxxxxxx", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/gatewayIPConfigurations" + } + ], + "httpListeners": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", + "name": "appGatewayHttpListener", + "properties": { + "frontendIPConfiguration": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendIPConfigurations/appGatewayFrontendIP", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "frontendPort": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendPorts/appGatewayFrontendPort", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "hostNames": [], + "protocol": "Http", + "provisioningState": "Succeeded", + "requestRoutingRules": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + } + ], + "requireServerNameIndication": false + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/httpListeners" + } + ], + "listeners": [], + "loadDistributionPolicies": [], + "operationalState": "Running", + "privateEndpointConnections": [], + "privateLinkConfigurations": [], + "probes": [], + "provisioningState": "Succeeded", + "redirectConfigurations": [], + "requestRoutingRules": [ + { + "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", + "name": "rule1", + "properties": { + "backendAddressPool": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "backendHttpSettings": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendHttpSettingsCollection/appGatewayBackendHttpSettings", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "httpListener": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", + "resourceGroup": "myVMSSResourceGroupxxxxxx" + }, + "priority": 1001, + "provisioningState": "Succeeded", + "ruleType": "Basic" + }, + "resourceGroup": "myVMSSResourceGroupxxxxxx", + "type": "Microsoft.Network/applicationGateways/requestRoutingRules" + } + ], + "resourceGuid": "d6da1e9a-9d53-4292-bda5-3883963034ff", + "rewriteRuleSets": [], + "routingRules": [], + "sku": { + "capacity": 2, + "family": "Generation_1", + "name": "Standard_v2", + "tier": "Standard_v2" + }, + "sslCertificates": [], + "sslProfiles": [], + "trustedClientCertificates": [], + "trustedRootCertificates": [], + "urlPathMaps": [] + } +} + ``` + + +# Create Virtual Machine Scale Set + +The below command creates a zone redundant Virtual Machine Scale Set (VMSS) within your resource group $MY_RESOURCE_GROUP_NAME. We integrate the Application Gateway that we created previous step. This command creates 2 Standard_DS2_v2 SKU Virtual Machines in subnet $MY_VM_SN_NAME. + +```bash + az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --assign-identity --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON + ``` + +Results: + + +```json +{ + "vmss": { + "doNotRunExtensionsOnOverprovisionedVMs": false, + "identity": { + "systemAssignedIdentity": "f94ce139-a0b1-4844-a836-1396b6572826", + "userAssignedIdentities": {} + }, + "orchestrationMode": "Uniform", + "overprovision": true, + "platformFaultDomainCount": 1, + "provisioningState": "Succeeded", + "singlePlacementGroup": false, + "timeCreated": "2023-12-14T10:50:58.8584886+00:00", + "uniqueId": "ca55e9a8-4c6f-4491-b217-4420a312f993", + "upgradePolicy": { + "mode": "Automatic", + "rollingUpgradePolicy": { + "maxBatchInstancePercent": 20, + "maxSurge": false, + "maxUnhealthyInstancePercent": 20, + "maxUnhealthyUpgradedInstancePercent": 20, + "pauseTimeBetweenBatches": "PT0S", + "rollbackFailedInstancesOnPolicyBreach": false + } + }, + "virtualMachineProfile": { + "networkProfile": { + "networkInterfaceConfigurations": [ + { + "name": "myvms5aa3Nic", + "properties": { + "disableTcpStateTracking": false, + "dnsSettings": { + "dnsServers": [] + }, + "enableAcceleratedNetworking": false, + "enableIPForwarding": false, + "ipConfigurations": [ + { + "name": "myvms5aa3IPConfig", + "properties": { + "applicationGatewayBackendAddressPools": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/applicationGateways/myAPPGWaf9072/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroupaf9072" + } + ], + "privateIPAddressVersion": "IPv4", + "subnet": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/virtualNetworks/myVNetaf9072/subnets/myVMSNaf9072", + "resourceGroup": "myVMSSResourceGroupaf9072" + } + } + } + ], + "primary": true + } + } + ] + }, + "osProfile": { + "adminUsername": "azureuser", + "allowExtensionOperations": true, + "computerNamePrefix": "myvms5aa3", + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "enableVMAgentPlatformUpdates": false, + "provisionVMAgent": true, + "ssh": { + "publicKeys": [ + { + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDChUiONFSUdk5nk00XeujLNIfdijKwBR/cqAqAw8xa57BlI22Azntp625scK9Gpze9wFNj/bPDS29+PZXOaEjVljYHU/tgcbcvHR0sNUNoAvMPHRfSN2WebDUCDHK1hBQxPwiI4OWTbpYRm/E2deGe5gUpBoaA1AwOZVs1+6Z6unHOkhslqLJmNW+Rb8YUtRnbL3XZLUOwyPSkNMgARiMb+QWq0W2V6TtD+rM2pMVIf/D21PdHLsTBQ+DC0DeUyBlgGiueqijGcD0zmE6N6nAu2ps7sO+zxmnP37zbIRbwEHfdpQkPwnx42REgZ7ep/K9gnwWzSk1uIrxrSGypPqUV", + "path": "/home/azureuser/.ssh/authorized_keys" + } + ] + } + }, + "requireGuestProvisionSignal": true, + "secrets": [] + }, + "storageProfile": { + "diskControllerType": "SCSI", + "imageReference": { + "offer": "0001-com-ubuntu-server-jammy", + "publisher": "Canonical", + "sku": "22_04-lts-gen2", + "version": "latest" + }, + "osDisk": { + "caching": "ReadWrite", + "createOption": "FromImage", + "diskSizeGB": 30, + "managedDisk": { + "storageAccountType": "Premium_LRS" + }, + "osType": "Linux" + } + }, + "timeCreated": "2023-12-14T10:50:58.8584886+00:00" + }, + "zoneBalance": false + } +} +``` + +### Install ngnix with VMSS extensions + +The below command uses VMSS extension to run custom script. For testing purposes, here we install ngnix and publish a page that shows the hostname of the Virtual Machine that your HTTP requests hits. We use this custom script for this pusposes : https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh + + +```bash +az vmss extension set --publisher Microsoft.Azure.Extensions --version 2.0 --name CustomScript --resource-group $MY_RESOURCE_GROUP_NAME --vmss-name $MY_VMSS_NAME --settings '{ "fileUris": ["https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh"], "commandToExecute": "./automate_nginx.sh" }' -o JSON +``` + +Results: + + +```json +{ + "additionalCapabilities": null, + "automaticRepairsPolicy": null, + "constrainedMaximumCapacity": null, + "doNotRunExtensionsOnOverprovisionedVMs": false, + "extendedLocation": null, + "hostGroup": null, + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSS3a43e4", + "identity": null, + "location": "eastus", + "name": "myVMSS3a43e4", + "orchestrationMode": "Uniform", + "overprovision": true, + "plan": null, + "platformFaultDomainCount": null, + "priorityMixPolicy": null, + "provisioningState": "Succeeded", + "proximityPlacementGroup": null, + "resourceGroup": "myVMSSResourceGroup3a43e4", + "scaleInPolicy": null, + "singlePlacementGroup": true, + "sku": { + "capacity": 2, + "name": "Standard_DS2_v2", + "tier": "Standard" + }, + "spotRestorePolicy": null, + "tags": {}, + "timeCreated": "2023-12-04T16:10:30.554674+00:00", + "type": "Microsoft.Compute/virtualMachineScaleSets", + "uniqueId": "ae68f82c-54f3-4263-8252-7f25f1b276bb", + "upgradePolicy": { + "automaticOsUpgradePolicy": null, + "mode": "Automatic", + "rollingUpgradePolicy": { + "enableCrossZoneUpgrade": null, + "maxBatchInstancePercent": 20, + "maxSurge": false, + "maxUnhealthyInstancePercent": 20, + "maxUnhealthyUpgradedInstancePercent": 20, + "pauseTimeBetweenBatches": "PT0S", + "prioritizeUnhealthyInstances": null, + "rollbackFailedInstancesOnPolicyBreach": false + } + }, + "virtualMachineProfile": { + "applicationProfile": null, + "billingProfile": null, + "capacityReservation": null, + "diagnosticsProfile": null, + "evictionPolicy": null, + "extensionProfile": { + "extensions": [ + { + "autoUpgradeMinorVersion": true, + "enableAutomaticUpgrade": null, + "forceUpdateTag": null, + "id": null, + "name": "CustomScript", + "protectedSettings": null, + "protectedSettingsFromKeyVault": null, + "provisionAfterExtensions": null, + "provisioningState": null, + "publisher": "Microsoft.Azure.Extensions", + "settings": { + "commandToExecute": "./automate_nginx.sh", + "fileUris": [ + "https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh" + ] + }, + "suppressFailures": null, + "type": null, + "typeHandlerVersion": "2.0", + "typePropertiesType": "CustomScript" + } + ], + "extensionsTimeBudget": null + }, + "hardwareProfile": null, + "licenseType": null, + "networkProfile": { + "healthProbe": null, + "networkApiVersion": null, + "networkInterfaceConfigurations": [ + { + "deleteOption": null, + "disableTcpStateTracking": false, + "dnsSettings": { + "dnsServers": [] + }, + "enableAcceleratedNetworking": false, + "enableFpga": null, + "enableIpForwarding": false, + "ipConfigurations": [ + { + "applicationGatewayBackendAddressPools": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroup3a43e4" + } + ], + "applicationSecurityGroups": null, + "loadBalancerBackendAddressPools": null, + "loadBalancerInboundNatPools": null, + "name": "myvms0ce7IPConfig", + "primary": null, + "privateIpAddressVersion": "IPv4", + "publicIpAddressConfiguration": null, + "subnet": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", + "resourceGroup": "myVMSSResourceGroup3a43e4" + } + } + ], + "name": "myvms0ce7Nic", + "networkSecurityGroup": null, + "primary": true + } + ] + }, + "osProfile": { + "adminPassword": null, + "adminUsername": "azureuser", + "allowExtensionOperations": true, + "computerNamePrefix": "myvms0ce7", + "customData": null, + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "enableVmAgentPlatformUpdates": false, + "patchSettings": null, + "provisionVmAgent": true, + "ssh": { + "publicKeys": [ + { + "keyData": "ssh-rsa xxxxxxx", + "path": "/home/azureuser/.ssh/authorized_keys" + } + ] + } + }, + "requireGuestProvisionSignal": true, + "secrets": [], + "windowsConfiguration": null + }, + "priority": null, + "scheduledEventsProfile": null, + "securityPostureReference": null, + "securityProfile": null, + "serviceArtifactReference": null, + "storageProfile": { + "dataDisks": null, + "diskControllerType": "SCSI", + "imageReference": { + "communityGalleryImageId": null, + "exactVersion": null, + "id": null, + "offer": "0001-com-ubuntu-minimal-jammy", + "publisher": "Canonical", + "sharedGalleryImageId": null, + "sku": "minimal-22_04-lts-gen2", + "version": "latest" + }, + "osDisk": { + "caching": "ReadWrite", + "createOption": "FromImage", + "deleteOption": null, + "diffDiskSettings": null, + "diskSizeGb": 30, + "image": null, + "managedDisk": { + "diskEncryptionSet": null, + "securityProfile": null, + "storageAccountType": "Premium_LRS" + }, + "name": null, + "osType": "Linux", + "vhdContainers": null, + "writeAcceleratorEnabled": null + } + }, + "userData": null + }, + "zoneBalance": null, + "zones": null +} +``` + +### Enable Azure AD login for a Linux Virtual Machine +The following command installs the extension to enable Azure AD login for a Linux VM. + +```bash + az vmss extension set --publisher Microsoft.Azure.ActiveDirectory --name AADSSHLoginForLinux --resource-group $MY_RESOURCE_GROUP_NAME --vmss-name $MY_VMSS_NAME +``` +Results: + + +```json +{ + "additionalCapabilities": null, + "automaticRepairsPolicy": null, + "constrainedMaximumCapacity": null, + "doNotRunExtensionsOnOverprovisionedVMs": false, + "extendedLocation": null, + "hostGroup": null, + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "identity": { + "principalId": "f94ce139-a0b1-4844-a836-1396b6572826", + "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "type": "SystemAssigned", + "userAssignedIdentities": null + }, + "location": "eastus", + "name": "myVMSSaf9072", + "orchestrationMode": "Uniform", + "overprovision": true, + "plan": null, + "platformFaultDomainCount": 1, + "priorityMixPolicy": null, + "provisioningState": "Succeeded", + "proximityPlacementGroup": null, + "resourceGroup": "myVMSSResourceGroupaf9072", + "scaleInPolicy": null, + "singlePlacementGroup": false, + "sku": { + "capacity": 2, + "name": "Standard_DS2_v2", + "tier": "Standard" + }, + "spotRestorePolicy": null, + "tags": {}, + "timeCreated": "2023-12-14T10:50:58.858488+00:00", + "type": "Microsoft.Compute/virtualMachineScaleSets", + "uniqueId": "ca55e9a8-4c6f-4491-b217-4420a312f993", + "upgradePolicy": { + "automaticOsUpgradePolicy": null, + "mode": "Automatic", + "rollingUpgradePolicy": { + "enableCrossZoneUpgrade": null, + "maxBatchInstancePercent": 20, + "maxSurge": false, + "maxUnhealthyInstancePercent": 20, + "maxUnhealthyUpgradedInstancePercent": 20, + "pauseTimeBetweenBatches": "PT0S", + "prioritizeUnhealthyInstances": null, + "rollbackFailedInstancesOnPolicyBreach": false + } + }, + "virtualMachineProfile": { + "applicationProfile": null, + "billingProfile": null, + "capacityReservation": null, + "diagnosticsProfile": null, + "evictionPolicy": null, + "extensionProfile": { + "extensions": [ + { + "autoUpgradeMinorVersion": true, + "enableAutomaticUpgrade": null, + "forceUpdateTag": null, + "id": null, + "name": "AADSSHLoginForLinux", + "protectedSettings": null, + "protectedSettingsFromKeyVault": null, + "provisionAfterExtensions": null, + "provisioningState": null, + "publisher": "Microsoft.Azure.ActiveDirectory", + "settings": null, + "suppressFailures": null, + "type": null, + "typeHandlerVersion": "1.0", + "typePropertiesType": "AADSSHLoginForLinux" + } + ], + "extensionsTimeBudget": null + }, + "hardwareProfile": null, + "licenseType": null, + "networkProfile": { + "healthProbe": null, + "networkApiVersion": null, + "networkInterfaceConfigurations": [ + { + "deleteOption": null, + "disableTcpStateTracking": false, + "dnsSettings": { + "dnsServers": [] + }, + "enableAcceleratedNetworking": false, + "enableFpga": null, + "enableIpForwarding": false, + "ipConfigurations": [ + { + "applicationGatewayBackendAddressPools": [ + { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/applicationGateways/myAPPGWaf9072/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroupaf9072" + } + ], + "applicationSecurityGroups": null, + "loadBalancerBackendAddressPools": null, + "loadBalancerInboundNatPools": null, + "name": "myvms5aa3IPConfig", + "primary": null, + "privateIpAddressVersion": "IPv4", + "publicIpAddressConfiguration": null, + "subnet": { + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/virtualNetworks/myVNetaf9072/subnets/myVMSNaf9072", + "resourceGroup": "myVMSSResourceGroupaf9072" + } + } + ], + "name": "myvms5aa3Nic", + "networkSecurityGroup": null, + "primary": true + } + ] + }, + "osProfile": { + "adminPassword": null, + "adminUsername": "azureuser", + "allowExtensionOperations": true, + "computerNamePrefix": "myvms5aa3", + "customData": null, + "linuxConfiguration": { + "disablePasswordAuthentication": true, + "enableVmAgentPlatformUpdates": false, + "patchSettings": null, + "provisionVmAgent": true, + "ssh": { + "publicKeys": [ + { + "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDChUiONFSUdk5nk00XeujLNIfdijKwBR/cqAqAw8xa57BlI22Azntp625scK9Gpze9wFNj/bPDS29+PZXOaEjVljYHU/tgcbcvHR0sNUNoAvMPHRfSN2WebDUCDHK1hBQxPwiI4OWTbpYRm/E2deGe5gUpBoaA1AwOZVs1+6Z6unHOkhslqLJmNW+Rb8YUtRnbL3XZLUOwyPSkNMgARiMb+QWq0W2V6TtD+rM2pMVIf/D21PdHLsTBQ+DC0DeUyBlgGiueqijGcD0zmE6N6nAu2ps7sO+zxmnP37zbIRbwEHfdpQkPwnx42REgZ7ep/K9gnwWzSk1uIrxrSGypPqUV", + "path": "/home/azureuser/.ssh/authorized_keys" + } + ] + } + }, + "requireGuestProvisionSignal": true, + "secrets": [], + "windowsConfiguration": null + }, + "priority": null, + "scheduledEventsProfile": null, + "securityPostureReference": null, + "securityProfile": null, + "serviceArtifactReference": null, + "storageProfile": { + "dataDisks": null, + "diskControllerType": "SCSI", + "imageReference": { + "communityGalleryImageId": null, + "exactVersion": null, + "id": null, + "offer": "0001-com-ubuntu-server-jammy", + "publisher": "Canonical", + "sharedGalleryImageId": null, + "sku": "22_04-lts-gen2", + "version": "latest" + }, + "osDisk": { + "caching": "ReadWrite", + "createOption": "FromImage", + "deleteOption": null, + "diffDiskSettings": null, + "diskSizeGb": 30, + "image": null, + "managedDisk": { + "diskEncryptionSet": null, + "securityProfile": null, + "storageAccountType": "Premium_LRS" + }, + "name": null, + "osType": "Linux", + "vhdContainers": null, + "writeAcceleratorEnabled": null + } + }, + "userData": null + }, + "zoneBalance": false, + "zones": [ + "1", + "2", + "3" + ] +} + +``` + +# Define an autoscale profile + +To enable autoscale on a scale set, you first define an autoscale profile. This profile defines the default, minimum, and maximum scale set capacity. These limits let you control cost by not continually creating VM instances, and balance acceptable performance with a minimum number of instances that remain in a scale-in event. +The following example sets the default, and minimum, capacity of 2 VM instances, and a maximum of 10: + +```bash +az monitor autoscale create --resource-group $MY_RESOURCE_GROUP_NAME --resource $MY_VMSS_NAME --resource-type Microsoft.Compute/virtualMachineScaleSets --name autoscale --min-count 2 --max-count 10 --count 2 +``` + + +Results: + + +```json +{ + "enabled": true, + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/microsoft.insights/autoscalesettings/autoscale", + "location": "eastus", + "name": "autoscale", + "namePropertiesName": "autoscale", + "notifications": [ + { + "email": { + "customEmails": [], + "sendToSubscriptionAdministrator": false, + "sendToSubscriptionCoAdministrators": false + }, + "webhooks": [] + } + ], + "predictiveAutoscalePolicy": { + "scaleLookAheadTime": null, + "scaleMode": "Disabled" + }, + "profiles": [ + { + "capacity": { + "default": "2", + "maximum": "10", + "minimum": "2" + }, + "fixedDate": null, + "name": "default", + "recurrence": null, + "rules": [] + } + ], + "resourceGroup": "myVMSSResourceGroupaf9072", + "systemData": null, + "tags": {}, + "targetResourceLocation": null, + "targetResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "type": "Microsoft.Insights/autoscaleSettings" +} +``` + +# Create a rule to autoscale out + +The Following command creates a rule that increases the number of VM instances in a scale set when the average CPU load is greater than 70% over a 5-minute period. When the rule triggers, the number of VM instances is increased by three. + +```bash +az monitor autoscale rule create --resource-group $MY_RESOURCE_GROUP_NAME --autoscale-name autoscale --condition "Percentage CPU > 70 avg 5m" --scale out 3 +``` + +Results: + + +```json +{ + "metricTrigger": { + "dimensions": [], + "dividePerInstance": null, + "metricName": "Percentage CPU", + "metricNamespace": null, + "metricResourceLocation": null, + "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "operator": "GreaterThan", + "statistic": "Average", + "threshold": "70", + "timeAggregation": "Average", + "timeGrain": "PT1M", + "timeWindow": "PT5M" + }, + "scaleAction": { + "cooldown": "PT5M", + "direction": "Increase", + "type": "ChangeCount", + "value": "3" + } +} +``` + +# Create a rule to autoscale in + +Create another rule with az monitor autoscale rule create that decreases the number of VM instances in a scale set when the average CPU load then drops below 30% over a 5-minute period. The following example defines the rule to scale in the number of VM instances by one. + +```bash +az monitor autoscale rule create --resource-group $MY_RESOURCE_GROUP_NAME --autoscale-name autoscale --condition "Percentage CPU < 30 avg 5m" --scale in 1 +``` + +Results: + + +```json +{ + "metricTrigger": { + "dimensions": [], + "dividePerInstance": null, + "metricName": "Percentage CPU", + "metricNamespace": null, + "metricResourceLocation": null, + "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "operator": "LessThan", + "statistic": "Average", + "threshold": "30", + "timeAggregation": "Average", + "timeGrain": "PT1M", + "timeWindow": "PT5M" + }, + "scaleAction": { + "cooldown": "PT5M", + "direction": "Decrease", + "type": "ChangeCount", + "value": "1" + } +} +``` + + +### Test the page + +The below command shows you the public IP of your Application Gateway. You can cpaste the IP adress to a browser page for testing. + +```bash +az network public-ip show --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --query [ipAddress] --output tsv +``` + + + + + +# Next Steps + +* [VMSS Documentation](https://learn.microsoft.com/en-us/azure/virtual-machine-scale-sets/overview) diff --git a/scenarios/ocd/CreateVMSSupdated/README.md b/scenarios/ocd/CreateVMSSupdated/README.md index 0f070dd0..f9c8e6e7 100644 --- a/scenarios/ocd/CreateVMSSupdated/README.md +++ b/scenarios/ocd/CreateVMSSupdated/README.md @@ -371,7 +371,7 @@ az network application-gateway create --name $MY_APPGW_NAME --location $REGION The below command creates a zone redundant Virtual Machine Scale Set (VMSS) within your resource group $MY_RESOURCE_GROUP_NAME. We integrate the Application Gateway that we created previous step. This command creates 2 Standard_DS2_v2 SKU Virtual Machines in subnet $MY_VM_SN_NAME. ```bash - az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --assign-identity --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON + az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --assign-identity --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON ``` Results: @@ -382,7 +382,7 @@ Results: "vmss": { "doNotRunExtensionsOnOverprovisionedVMs": false, "identity": { - "systemAssignedIdentity": "f94ce139-a0b1-4844-a836-1396b6572826", + "systemAssignedIdentity": "a1d40a38-b75e-47bc-b743-0588ba50ffd0", "userAssignedIdentities": {} }, "orchestrationMode": "Uniform", @@ -390,8 +390,8 @@ Results: "platformFaultDomainCount": 1, "provisioningState": "Succeeded", "singlePlacementGroup": false, - "timeCreated": "2023-12-14T10:50:58.8584886+00:00", - "uniqueId": "ca55e9a8-4c6f-4491-b217-4420a312f993", + "timeCreated": "2023-12-18T11:29:22.668574+00:00", + "uniqueId": "ed30a5ad-e8ed-43fa-93e7-55ad28ff3d93", "upgradePolicy": { "mode": "Automatic", "rollingUpgradePolicy": { @@ -407,7 +407,7 @@ Results: "networkProfile": { "networkInterfaceConfigurations": [ { - "name": "myvms5aa3Nic", + "name": "myvmsd8f0Nic", "properties": { "disableTcpStateTracking": false, "dnsSettings": { @@ -417,18 +417,18 @@ Results: "enableIPForwarding": false, "ipConfigurations": [ { - "name": "myvms5aa3IPConfig", + "name": "myvmsd8f0IPConfig", "properties": { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/applicationGateways/myAPPGWaf9072/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroupaf9072" + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/applicationGateways/myAPPGWa653af/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroupa653af" } ], "privateIPAddressVersion": "IPv4", "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/virtualNetworks/myVNetaf9072/subnets/myVMSNaf9072", - "resourceGroup": "myVMSSResourceGroupaf9072" + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/virtualNetworks/myVNeta653af/subnets/myVMSNa653af", + "resourceGroup": "myVMSSResourceGroupa653af" } } } @@ -441,7 +441,7 @@ Results: "osProfile": { "adminUsername": "azureuser", "allowExtensionOperations": true, - "computerNamePrefix": "myvms5aa3", + "computerNamePrefix": "myvmsd8f0", "linuxConfiguration": { "disablePasswordAuthentication": true, "enableVMAgentPlatformUpdates": false, @@ -476,213 +476,13 @@ Results: "osType": "Linux" } }, - "timeCreated": "2023-12-14T10:50:58.8584886+00:00" + "timeCreated": "2023-12-18T11:29:22.668574+00:00" }, "zoneBalance": false } } ``` -### Install ngnix with VMSS extensions - -The below command uses VMSS extension to run custom script. For testing purposes, here we install ngnix and publish a page that shows the hostname of the Virtual Machine that your HTTP requests hits. We use this custom script for this pusposes : https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh - - -```bash -az vmss extension set --publisher Microsoft.Azure.Extensions --version 2.0 --name CustomScript --resource-group $MY_RESOURCE_GROUP_NAME --vmss-name $MY_VMSS_NAME --settings '{ "fileUris": ["https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh"], "commandToExecute": "./automate_nginx.sh" }' -o JSON -``` - -Results: - - -```json -{ - "additionalCapabilities": null, - "automaticRepairsPolicy": null, - "constrainedMaximumCapacity": null, - "doNotRunExtensionsOnOverprovisionedVMs": false, - "extendedLocation": null, - "hostGroup": null, - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSS3a43e4", - "identity": null, - "location": "eastus", - "name": "myVMSS3a43e4", - "orchestrationMode": "Uniform", - "overprovision": true, - "plan": null, - "platformFaultDomainCount": null, - "priorityMixPolicy": null, - "provisioningState": "Succeeded", - "proximityPlacementGroup": null, - "resourceGroup": "myVMSSResourceGroup3a43e4", - "scaleInPolicy": null, - "singlePlacementGroup": true, - "sku": { - "capacity": 2, - "name": "Standard_DS2_v2", - "tier": "Standard" - }, - "spotRestorePolicy": null, - "tags": {}, - "timeCreated": "2023-12-04T16:10:30.554674+00:00", - "type": "Microsoft.Compute/virtualMachineScaleSets", - "uniqueId": "ae68f82c-54f3-4263-8252-7f25f1b276bb", - "upgradePolicy": { - "automaticOsUpgradePolicy": null, - "mode": "Automatic", - "rollingUpgradePolicy": { - "enableCrossZoneUpgrade": null, - "maxBatchInstancePercent": 20, - "maxSurge": false, - "maxUnhealthyInstancePercent": 20, - "maxUnhealthyUpgradedInstancePercent": 20, - "pauseTimeBetweenBatches": "PT0S", - "prioritizeUnhealthyInstances": null, - "rollbackFailedInstancesOnPolicyBreach": false - } - }, - "virtualMachineProfile": { - "applicationProfile": null, - "billingProfile": null, - "capacityReservation": null, - "diagnosticsProfile": null, - "evictionPolicy": null, - "extensionProfile": { - "extensions": [ - { - "autoUpgradeMinorVersion": true, - "enableAutomaticUpgrade": null, - "forceUpdateTag": null, - "id": null, - "name": "CustomScript", - "protectedSettings": null, - "protectedSettingsFromKeyVault": null, - "provisionAfterExtensions": null, - "provisioningState": null, - "publisher": "Microsoft.Azure.Extensions", - "settings": { - "commandToExecute": "./automate_nginx.sh", - "fileUris": [ - "https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh" - ] - }, - "suppressFailures": null, - "type": null, - "typeHandlerVersion": "2.0", - "typePropertiesType": "CustomScript" - } - ], - "extensionsTimeBudget": null - }, - "hardwareProfile": null, - "licenseType": null, - "networkProfile": { - "healthProbe": null, - "networkApiVersion": null, - "networkInterfaceConfigurations": [ - { - "deleteOption": null, - "disableTcpStateTracking": false, - "dnsSettings": { - "dnsServers": [] - }, - "enableAcceleratedNetworking": false, - "enableFpga": null, - "enableIpForwarding": false, - "ipConfigurations": [ - { - "applicationGatewayBackendAddressPools": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroup3a43e4" - } - ], - "applicationSecurityGroups": null, - "loadBalancerBackendAddressPools": null, - "loadBalancerInboundNatPools": null, - "name": "myvms0ce7IPConfig", - "primary": null, - "privateIpAddressVersion": "IPv4", - "publicIpAddressConfiguration": null, - "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", - "resourceGroup": "myVMSSResourceGroup3a43e4" - } - } - ], - "name": "myvms0ce7Nic", - "networkSecurityGroup": null, - "primary": true - } - ] - }, - "osProfile": { - "adminPassword": null, - "adminUsername": "azureuser", - "allowExtensionOperations": true, - "computerNamePrefix": "myvms0ce7", - "customData": null, - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "enableVmAgentPlatformUpdates": false, - "patchSettings": null, - "provisionVmAgent": true, - "ssh": { - "publicKeys": [ - { - "keyData": "ssh-rsa xxxxxxx", - "path": "/home/azureuser/.ssh/authorized_keys" - } - ] - } - }, - "requireGuestProvisionSignal": true, - "secrets": [], - "windowsConfiguration": null - }, - "priority": null, - "scheduledEventsProfile": null, - "securityPostureReference": null, - "securityProfile": null, - "serviceArtifactReference": null, - "storageProfile": { - "dataDisks": null, - "diskControllerType": "SCSI", - "imageReference": { - "communityGalleryImageId": null, - "exactVersion": null, - "id": null, - "offer": "0001-com-ubuntu-minimal-jammy", - "publisher": "Canonical", - "sharedGalleryImageId": null, - "sku": "minimal-22_04-lts-gen2", - "version": "latest" - }, - "osDisk": { - "caching": "ReadWrite", - "createOption": "FromImage", - "deleteOption": null, - "diffDiskSettings": null, - "diskSizeGb": 30, - "image": null, - "managedDisk": { - "diskEncryptionSet": null, - "securityProfile": null, - "storageAccountType": "Premium_LRS" - }, - "name": null, - "osType": "Linux", - "vhdContainers": null, - "writeAcceleratorEnabled": null - } - }, - "userData": null - }, - "zoneBalance": null, - "zones": null -} -``` - ### Enable Azure AD login for a Linux Virtual Machine The following command installs the extension to enable Azure AD login for a Linux VM. From 7fab75de903aab0bcf59e181f54f7af71a820692 Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Mon, 18 Dec 2023 13:13:39 +0000 Subject: [PATCH 20/46] update --- scenarios/ocd/CreateVMSSupdated/README.md | 71 +++++++++++------------ 1 file changed, 35 insertions(+), 36 deletions(-) diff --git a/scenarios/ocd/CreateVMSSupdated/README.md b/scenarios/ocd/CreateVMSSupdated/README.md index f9c8e6e7..a8ff0136 100644 --- a/scenarios/ocd/CreateVMSSupdated/README.md +++ b/scenarios/ocd/CreateVMSSupdated/README.md @@ -371,7 +371,7 @@ az network application-gateway create --name $MY_APPGW_NAME --location $REGION The below command creates a zone redundant Virtual Machine Scale Set (VMSS) within your resource group $MY_RESOURCE_GROUP_NAME. We integrate the Application Gateway that we created previous step. This command creates 2 Standard_DS2_v2 SKU Virtual Machines in subnet $MY_VM_SN_NAME. ```bash - az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --assign-identity --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON + az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON ``` Results: @@ -381,17 +381,13 @@ Results: { "vmss": { "doNotRunExtensionsOnOverprovisionedVMs": false, - "identity": { - "systemAssignedIdentity": "a1d40a38-b75e-47bc-b743-0588ba50ffd0", - "userAssignedIdentities": {} - }, "orchestrationMode": "Uniform", "overprovision": true, "platformFaultDomainCount": 1, "provisioningState": "Succeeded", "singlePlacementGroup": false, - "timeCreated": "2023-12-18T11:29:22.668574+00:00", - "uniqueId": "ed30a5ad-e8ed-43fa-93e7-55ad28ff3d93", + "timeCreated": "2023-12-18T11:47:36.5304981+00:00", + "uniqueId": "79aa92f5-cf99-486b-9b9c-32d67edd80dc", "upgradePolicy": { "mode": "Automatic", "rollingUpgradePolicy": { @@ -421,7 +417,7 @@ Results: "properties": { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/applicationGateways/myAPPGWa653af/backendAddressPools/appGatewayBackendPool", + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/applicationGateways/myAPPGWa653af/backendAddressPools/appGatewayBackendPool", "resourceGroup": "myVMSSResourceGroupa653af" } ], @@ -476,19 +472,22 @@ Results: "osType": "Linux" } }, - "timeCreated": "2023-12-18T11:29:22.668574+00:00" + "timeCreated": "2023-12-18T11:47:36.5304981+00:00" }, "zoneBalance": false } } ``` -### Enable Azure AD login for a Linux Virtual Machine -The following command installs the extension to enable Azure AD login for a Linux VM. +### Install ngnix with VMSS extensions + +The below command uses VMSS extension to run custom script. For testing purposes, here we install ngnix and publish a page that shows the hostname of the Virtual Machine that your HTTP requests hits. We use this custom script for this pusposes : https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh + ```bash - az vmss extension set --publisher Microsoft.Azure.ActiveDirectory --name AADSSHLoginForLinux --resource-group $MY_RESOURCE_GROUP_NAME --vmss-name $MY_VMSS_NAME +az vmss extension set --publisher Microsoft.Azure.Extensions --version 2.0 --name CustomScript --resource-group $MY_RESOURCE_GROUP_NAME --vmss-name $MY_VMSS_NAME --settings '{ "fileUris": ["https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh"], "commandToExecute": "./automate_nginx.sh" }' -o JSON ``` + Results: @@ -500,15 +499,10 @@ Results: "doNotRunExtensionsOnOverprovisionedVMs": false, "extendedLocation": null, "hostGroup": null, - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", - "identity": { - "principalId": "f94ce139-a0b1-4844-a836-1396b6572826", - "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47", - "type": "SystemAssigned", - "userAssignedIdentities": null - }, + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSa653af", + "identity": null, "location": "eastus", - "name": "myVMSSaf9072", + "name": "myVMSSa653af", "orchestrationMode": "Uniform", "overprovision": true, "plan": null, @@ -516,7 +510,7 @@ Results: "priorityMixPolicy": null, "provisioningState": "Succeeded", "proximityPlacementGroup": null, - "resourceGroup": "myVMSSResourceGroupaf9072", + "resourceGroup": "myVMSSResourceGroupa653af", "scaleInPolicy": null, "singlePlacementGroup": false, "sku": { @@ -526,9 +520,9 @@ Results: }, "spotRestorePolicy": null, "tags": {}, - "timeCreated": "2023-12-14T10:50:58.858488+00:00", + "timeCreated": "2023-12-18T11:47:36.530498+00:00", "type": "Microsoft.Compute/virtualMachineScaleSets", - "uniqueId": "ca55e9a8-4c6f-4491-b217-4420a312f993", + "uniqueId": "79aa92f5-cf99-486b-9b9c-32d67edd80dc", "upgradePolicy": { "automaticOsUpgradePolicy": null, "mode": "Automatic", @@ -556,17 +550,22 @@ Results: "enableAutomaticUpgrade": null, "forceUpdateTag": null, "id": null, - "name": "AADSSHLoginForLinux", + "name": "CustomScript", "protectedSettings": null, "protectedSettingsFromKeyVault": null, "provisionAfterExtensions": null, "provisioningState": null, - "publisher": "Microsoft.Azure.ActiveDirectory", - "settings": null, + "publisher": "Microsoft.Azure.Extensions", + "settings": { + "commandToExecute": "./automate_nginx.sh", + "fileUris": [ + "https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh" + ] + }, "suppressFailures": null, "type": null, - "typeHandlerVersion": "1.0", - "typePropertiesType": "AADSSHLoginForLinux" + "typeHandlerVersion": "2.0", + "typePropertiesType": "CustomScript" } ], "extensionsTimeBudget": null @@ -590,24 +589,24 @@ Results: { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/applicationGateways/myAPPGWaf9072/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroupaf9072" + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/applicationGateways/myAPPGWa653af/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroupa653af" } ], "applicationSecurityGroups": null, "loadBalancerBackendAddressPools": null, "loadBalancerInboundNatPools": null, - "name": "myvms5aa3IPConfig", + "name": "myvmsd8f0IPConfig", "primary": null, "privateIpAddressVersion": "IPv4", "publicIpAddressConfiguration": null, "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/virtualNetworks/myVNetaf9072/subnets/myVMSNaf9072", - "resourceGroup": "myVMSSResourceGroupaf9072" + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/virtualNetworks/myVNeta653af/subnets/myVMSNa653af", + "resourceGroup": "myVMSSResourceGroupa653af" } } ], - "name": "myvms5aa3Nic", + "name": "myvmsd8f0Nic", "networkSecurityGroup": null, "primary": true } @@ -617,7 +616,7 @@ Results: "adminPassword": null, "adminUsername": "azureuser", "allowExtensionOperations": true, - "computerNamePrefix": "myvms5aa3", + "computerNamePrefix": "myvmsd8f0", "customData": null, "linuxConfiguration": { "disablePasswordAuthentication": true, @@ -682,9 +681,9 @@ Results: "3" ] } - ``` + # Define an autoscale profile To enable autoscale on a scale set, you first define an autoscale profile. This profile defines the default, minimum, and maximum scale set capacity. These limits let you control cost by not continually creating VM instances, and balance acceptable performance with a minimum number of instances that remain in a scale-in event. From f6e6f55a2722a3c2865af3e05f3548c9c4c0fbf8 Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Mon, 18 Dec 2023 15:02:46 +0000 Subject: [PATCH 21/46] updated --- scenarios/ocd/CreateVMSSupdated/README.md | 30 ++++++++++++++--------- 1 file changed, 19 insertions(+), 11 deletions(-) diff --git a/scenarios/ocd/CreateVMSSupdated/README.md b/scenarios/ocd/CreateVMSSupdated/README.md index a8ff0136..241b2ea1 100644 --- a/scenarios/ocd/CreateVMSSupdated/README.md +++ b/scenarios/ocd/CreateVMSSupdated/README.md @@ -371,7 +371,7 @@ az network application-gateway create --name $MY_APPGW_NAME --location $REGION The below command creates a zone redundant Virtual Machine Scale Set (VMSS) within your resource group $MY_RESOURCE_GROUP_NAME. We integrate the Application Gateway that we created previous step. This command creates 2 Standard_DS2_v2 SKU Virtual Machines in subnet $MY_VM_SN_NAME. ```bash - az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON +az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --public-ip-per-vm --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON ``` Results: @@ -386,8 +386,8 @@ Results: "platformFaultDomainCount": 1, "provisioningState": "Succeeded", "singlePlacementGroup": false, - "timeCreated": "2023-12-18T11:47:36.5304981+00:00", - "uniqueId": "79aa92f5-cf99-486b-9b9c-32d67edd80dc", + "timeCreated": "2023-12-18T14:51:32.7740167+00:00", + "uniqueId": "b13f443e-ae79-46e9-8643-23d6177187ca", "upgradePolicy": { "mode": "Automatic", "rollingUpgradePolicy": { @@ -403,7 +403,7 @@ Results: "networkProfile": { "networkInterfaceConfigurations": [ { - "name": "myvmsd8f0Nic", + "name": "myvmsa53cNic", "properties": { "disableTcpStateTracking": false, "dnsSettings": { @@ -413,18 +413,26 @@ Results: "enableIPForwarding": false, "ipConfigurations": [ { - "name": "myvmsd8f0IPConfig", + "name": "myvmsa53cIPConfig", "properties": { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/applicationGateways/myAPPGWa653af/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroupa653af" + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup7e8bdd/providers/Microsoft.Network/applicationGateways/myAPPGW7e8bdd/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroup7e8bdd" } ], "privateIPAddressVersion": "IPv4", + "publicIPAddressConfiguration": { + "name": "instancepublicip", + "properties": { + "idleTimeoutInMinutes": 10, + "ipTags": [], + "publicIPAddressVersion": "IPv4" + } + }, "subnet": { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/virtualNetworks/myVNeta653af/subnets/myVMSNa653af", - "resourceGroup": "myVMSSResourceGroupa653af" + "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup7e8bdd/providers/Microsoft.Network/virtualNetworks/myVNet7e8bdd/subnets/myVMSN7e8bdd", + "resourceGroup": "myVMSSResourceGroup7e8bdd" } } } @@ -437,7 +445,7 @@ Results: "osProfile": { "adminUsername": "azureuser", "allowExtensionOperations": true, - "computerNamePrefix": "myvmsd8f0", + "computerNamePrefix": "myvmsa53c", "linuxConfiguration": { "disablePasswordAuthentication": true, "enableVMAgentPlatformUpdates": false, @@ -472,7 +480,7 @@ Results: "osType": "Linux" } }, - "timeCreated": "2023-12-18T11:47:36.5304981+00:00" + "timeCreated": "2023-12-18T14:51:32.7740167+00:00" }, "zoneBalance": false } From 64906c99b0797e1f288d9c64196fe629535506bb Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Tue, 19 Dec 2023 11:37:38 +0000 Subject: [PATCH 22/46] VMSS updates --- .../CreateVMSSupdated/README-backup-18-12.md | 1031 ----------------- .../ocd/CreateVMSSwithAppGWLinux/README.md | 695 ----------- 2 files changed, 1726 deletions(-) delete mode 100644 scenarios/ocd/CreateVMSSupdated/README-backup-18-12.md delete mode 100644 scenarios/ocd/CreateVMSSwithAppGWLinux/README.md diff --git a/scenarios/ocd/CreateVMSSupdated/README-backup-18-12.md b/scenarios/ocd/CreateVMSSupdated/README-backup-18-12.md deleted file mode 100644 index 0f070dd0..00000000 --- a/scenarios/ocd/CreateVMSSupdated/README-backup-18-12.md +++ /dev/null @@ -1,1031 +0,0 @@ -# Create a Virtual Machine Scale Set with Application Gateway with Linux image - -## Define Environment Variables - -The First step in this tutorial is to define environment variables. - -```bash - -export RANDOM_ID="$(openssl rand -hex 3)" -export MY_RESOURCE_GROUP_NAME="myVMSSResourceGroup$RANDOM_ID" -export REGION=EastUS -export MY_VMSS_NAME="myVMSS$RANDOM_ID" -export MY_USERNAME=azureuser -export MY_VM_IMAGE="Ubuntu2204" -export MY_VNET_NAME="myVNet$RANDOM_ID" -export NETWORK_PREFIX="$(($RANDOM % 254 + 1))" -export MY_VNET_PREFIX="10.$NETWORK_PREFIX.0.0/16" -export MY_VM_SN_NAME="myVMSN$RANDOM_ID" -export MY_VM_SN_PREFIX="10.$NETWORK_PREFIX.0.0/24" -export MY_APPGW_SN_NAME="myAPPGWSN$RANDOM_ID" -export MY_APPGW_SN_PREFIX="10.$NETWORK_PREFIX.1.0/24" -export MY_APPGW_NAME="myAPPGW$RANDOM_ID" -export MY_APPGW_PUBLIC_IP_NAME="myAPPGWPublicIP$RANDOM_ID" - -``` -# Login to Azure using the CLI - -In order to run commands against Azure using the CLI you need to login. This is done, very simply, though the `az login` command: - -# Create a resource group - -A resource group is a container for related resources. All resources must be placed in a resource group. We will create one for this tutorial. The following command creates a resource group with the previously defined $MY_RESOURCE_GROUP_NAME and $REGION parameters. - -```bash -az group create --name $MY_RESOURCE_GROUP_NAME --location $REGION -o JSON -``` - -Results: - - -```json -{ - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx", - "location": "eastus", - "managedBy": null, - "name": "myVMSSResourceGroupxxxxxx", - "properties": { - "provisioningState": "Succeeded" - }, - "tags": null, - "type": "Microsoft.Resources/resourceGroups" -} -``` - -# Create Network Resources - -You need to create network resources before you proceed the VMSS steps. In this step you're going to create a VNET, 2 subnets 1 for Application Gateway and 1 for VMs. You also need to have a public IP to attach your Application Gateway to be able to reach your web application from internet. - - -#### Create Virtual Network (VNET) and VM Subnet - -```bash -az network vnet create --name $MY_VNET_NAME --resource-group $MY_RESOURCE_GROUP_NAME --location $REGION --address-prefix $MY_VNET_PREFIX --subnet-name $MY_VM_SN_NAME --subnet-prefix $MY_VM_SN_PREFIX -o JSON -``` - -Results: - - -```json -{ - "newVNet": { - "addressSpace": { - "addressPrefixes": [ - "10.X.0.0/16" - ] - }, - "enableDdosProtection": false, - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx", - "location": "eastus", - "name": "myVNetxxxxxx", - "provisioningState": "Succeeded", - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "resourceGuid": "f00034be-612e-4462-a711-93d0bb263e46", - "subnets": [ - { - "addressPrefix": "10.X.0.0/24", - "delegations": [], - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myVMSNxxxxxx", - "name": "myVMSNxxxxxx", - "privateEndpointNetworkPolicies": "Disabled", - "privateLinkServiceNetworkPolicies": "Enabled", - "provisioningState": "Succeeded", - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/virtualNetworks/subnets" - } - ], - "type": "Microsoft.Network/virtualNetworks", - "virtualNetworkPeerings": [] - } -} -``` - -### Create Application Gateway Resources - -Azure Application Gateway requires a dedicated subnet within your virtual network. The below command creates a subnet named $MY_APPGW_SN_NAME with specified address prefix named $MY_APPGW_SN_PREFIX in your VNET $MY_VNET_NAME - - -```bash -az network vnet subnet create --name $MY_APPGW_SN_NAME --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --address-prefix $MY_APPGW_SN_PREFIX -o JSON -``` - -Results: - - -```json -{ - "addressPrefix": "10.66.1.0/24", - "delegations": [], - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myAPPGWSNxxxxxx", - "name": "myAPPGWSNxxxxxx", - "privateEndpointNetworkPolicies": "Disabled", - "privateLinkServiceNetworkPolicies": "Enabled", - "provisioningState": "Succeeded", - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/virtualNetworks/subnets" -} -``` -The below command creates a standard, zone redundant, static, public IPv4 in your resource group. - -```bash -az network public-ip create --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --sku Standard --location $REGION --allocation-method static --version IPv4 --zone 1 2 3 -o JSON - ``` - -Results: - - -```json -{ - "publicIp": { - "ddosSettings": { - "protectionMode": "VirtualNetworkInherited" - }, - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/publicIPAddresses//myAPPGWPublicIPxxxxxx", - "idleTimeoutInMinutes": 4, - "ipAddress": "X.X.X.X", - "ipTags": [], - "location": "eastus", - "name": "/myAPPGWPublicIPxxxxxx", - "provisioningState": "Succeeded", - "publicIPAddressVersion": "IPv4", - "publicIPAllocationMethod": "Static", - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "resourceGuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", - "sku": { - "name": "Standard", - "tier": "Regional" - }, - "type": "Microsoft.Network/publicIPAddresses", - "zones": [ - "1", - "2", - "3" - ] - } -} -``` - -In this step you create an Application Gateway that you're going to integrate with your Virtual Machine Scale Set. In this example we create a zone redundant Application Gateway with Standard_v2 SKU and enable Http communication for the Application Gateway. The public IP $MY_APPGW_PUBLIC_IP_NAME that we created in previous step attached to the Application Gateway. - -```bash -az network application-gateway create --name $MY_APPGW_NAME --location $REGION --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --subnet $MY_APPGW_SN_NAME --capacity 2 --zones 1 2 3 --sku Standard_v2 --http-settings-cookie-based-affinity Disabled --frontend-port 80 --http-settings-port 80 --http-settings-protocol Http --public-ip-address $MY_APPGW_PUBLIC_IP_NAME --priority 1001 -o JSON - ``` - - -```json -{ - "applicationGateway": { - "backendAddressPools": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendAddressPools/appGatewayBackendPool", - "name": "appGatewayBackendPool", - "properties": { - "backendAddresses": [], - "provisioningState": "Succeeded", - "requestRoutingRules": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - ] - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/backendAddressPools" - } - ], - "backendHttpSettingsCollection": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendHttpSettingsCollection/appGatewayBackendHttpSettings", - "name": "appGatewayBackendHttpSettings", - "properties": { - "connectionDraining": { - "drainTimeoutInSec": 1, - "enabled": false - }, - "cookieBasedAffinity": "Disabled", - "pickHostNameFromBackendAddress": false, - "port": 80, - "protocol": "Http", - "provisioningState": "Succeeded", - "requestRoutingRules": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - ], - "requestTimeout": 30 - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/backendHttpSettingsCollection" - } - ], - "backendSettingsCollection": [], - "frontendIPConfigurations": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendIPConfigurations/appGatewayFrontendIP", - "name": "appGatewayFrontendIP", - "properties": { - "httpListeners": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - ], - "privateIPAllocationMethod": "Dynamic", - "provisioningState": "Succeeded", - "publicIPAddress": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/publicIPAddresses/myAPPGWPublicIPxxxxxx", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/frontendIPConfigurations" - } - ], - "frontendPorts": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendPorts/appGatewayFrontendPort", - "name": "appGatewayFrontendPort", - "properties": { - "httpListeners": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - ], - "port": 80, - "provisioningState": "Succeeded" - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/frontendPorts" - } - ], - "gatewayIPConfigurations": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/gatewayIPConfigurations/appGatewayFrontendIP", - "name": "appGatewayFrontendIP", - "properties": { - "provisioningState": "Succeeded", - "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myAPPGWSNxxxxxx", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/gatewayIPConfigurations" - } - ], - "httpListeners": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", - "name": "appGatewayHttpListener", - "properties": { - "frontendIPConfiguration": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendIPConfigurations/appGatewayFrontendIP", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - }, - "frontendPort": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendPorts/appGatewayFrontendPort", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - }, - "hostNames": [], - "protocol": "Http", - "provisioningState": "Succeeded", - "requestRoutingRules": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - ], - "requireServerNameIndication": false - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/httpListeners" - } - ], - "listeners": [], - "loadDistributionPolicies": [], - "operationalState": "Running", - "privateEndpointConnections": [], - "privateLinkConfigurations": [], - "probes": [], - "provisioningState": "Succeeded", - "redirectConfigurations": [], - "requestRoutingRules": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", - "name": "rule1", - "properties": { - "backendAddressPool": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - }, - "backendHttpSettings": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendHttpSettingsCollection/appGatewayBackendHttpSettings", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - }, - "httpListener": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - }, - "priority": 1001, - "provisioningState": "Succeeded", - "ruleType": "Basic" - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/requestRoutingRules" - } - ], - "resourceGuid": "d6da1e9a-9d53-4292-bda5-3883963034ff", - "rewriteRuleSets": [], - "routingRules": [], - "sku": { - "capacity": 2, - "family": "Generation_1", - "name": "Standard_v2", - "tier": "Standard_v2" - }, - "sslCertificates": [], - "sslProfiles": [], - "trustedClientCertificates": [], - "trustedRootCertificates": [], - "urlPathMaps": [] - } -} - ``` - - -# Create Virtual Machine Scale Set - -The below command creates a zone redundant Virtual Machine Scale Set (VMSS) within your resource group $MY_RESOURCE_GROUP_NAME. We integrate the Application Gateway that we created previous step. This command creates 2 Standard_DS2_v2 SKU Virtual Machines in subnet $MY_VM_SN_NAME. - -```bash - az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --assign-identity --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON - ``` - -Results: - - -```json -{ - "vmss": { - "doNotRunExtensionsOnOverprovisionedVMs": false, - "identity": { - "systemAssignedIdentity": "f94ce139-a0b1-4844-a836-1396b6572826", - "userAssignedIdentities": {} - }, - "orchestrationMode": "Uniform", - "overprovision": true, - "platformFaultDomainCount": 1, - "provisioningState": "Succeeded", - "singlePlacementGroup": false, - "timeCreated": "2023-12-14T10:50:58.8584886+00:00", - "uniqueId": "ca55e9a8-4c6f-4491-b217-4420a312f993", - "upgradePolicy": { - "mode": "Automatic", - "rollingUpgradePolicy": { - "maxBatchInstancePercent": 20, - "maxSurge": false, - "maxUnhealthyInstancePercent": 20, - "maxUnhealthyUpgradedInstancePercent": 20, - "pauseTimeBetweenBatches": "PT0S", - "rollbackFailedInstancesOnPolicyBreach": false - } - }, - "virtualMachineProfile": { - "networkProfile": { - "networkInterfaceConfigurations": [ - { - "name": "myvms5aa3Nic", - "properties": { - "disableTcpStateTracking": false, - "dnsSettings": { - "dnsServers": [] - }, - "enableAcceleratedNetworking": false, - "enableIPForwarding": false, - "ipConfigurations": [ - { - "name": "myvms5aa3IPConfig", - "properties": { - "applicationGatewayBackendAddressPools": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/applicationGateways/myAPPGWaf9072/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroupaf9072" - } - ], - "privateIPAddressVersion": "IPv4", - "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/virtualNetworks/myVNetaf9072/subnets/myVMSNaf9072", - "resourceGroup": "myVMSSResourceGroupaf9072" - } - } - } - ], - "primary": true - } - } - ] - }, - "osProfile": { - "adminUsername": "azureuser", - "allowExtensionOperations": true, - "computerNamePrefix": "myvms5aa3", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "enableVMAgentPlatformUpdates": false, - "provisionVMAgent": true, - "ssh": { - "publicKeys": [ - { - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDChUiONFSUdk5nk00XeujLNIfdijKwBR/cqAqAw8xa57BlI22Azntp625scK9Gpze9wFNj/bPDS29+PZXOaEjVljYHU/tgcbcvHR0sNUNoAvMPHRfSN2WebDUCDHK1hBQxPwiI4OWTbpYRm/E2deGe5gUpBoaA1AwOZVs1+6Z6unHOkhslqLJmNW+Rb8YUtRnbL3XZLUOwyPSkNMgARiMb+QWq0W2V6TtD+rM2pMVIf/D21PdHLsTBQ+DC0DeUyBlgGiueqijGcD0zmE6N6nAu2ps7sO+zxmnP37zbIRbwEHfdpQkPwnx42REgZ7ep/K9gnwWzSk1uIrxrSGypPqUV", - "path": "/home/azureuser/.ssh/authorized_keys" - } - ] - } - }, - "requireGuestProvisionSignal": true, - "secrets": [] - }, - "storageProfile": { - "diskControllerType": "SCSI", - "imageReference": { - "offer": "0001-com-ubuntu-server-jammy", - "publisher": "Canonical", - "sku": "22_04-lts-gen2", - "version": "latest" - }, - "osDisk": { - "caching": "ReadWrite", - "createOption": "FromImage", - "diskSizeGB": 30, - "managedDisk": { - "storageAccountType": "Premium_LRS" - }, - "osType": "Linux" - } - }, - "timeCreated": "2023-12-14T10:50:58.8584886+00:00" - }, - "zoneBalance": false - } -} -``` - -### Install ngnix with VMSS extensions - -The below command uses VMSS extension to run custom script. For testing purposes, here we install ngnix and publish a page that shows the hostname of the Virtual Machine that your HTTP requests hits. We use this custom script for this pusposes : https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh - - -```bash -az vmss extension set --publisher Microsoft.Azure.Extensions --version 2.0 --name CustomScript --resource-group $MY_RESOURCE_GROUP_NAME --vmss-name $MY_VMSS_NAME --settings '{ "fileUris": ["https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh"], "commandToExecute": "./automate_nginx.sh" }' -o JSON -``` - -Results: - - -```json -{ - "additionalCapabilities": null, - "automaticRepairsPolicy": null, - "constrainedMaximumCapacity": null, - "doNotRunExtensionsOnOverprovisionedVMs": false, - "extendedLocation": null, - "hostGroup": null, - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSS3a43e4", - "identity": null, - "location": "eastus", - "name": "myVMSS3a43e4", - "orchestrationMode": "Uniform", - "overprovision": true, - "plan": null, - "platformFaultDomainCount": null, - "priorityMixPolicy": null, - "provisioningState": "Succeeded", - "proximityPlacementGroup": null, - "resourceGroup": "myVMSSResourceGroup3a43e4", - "scaleInPolicy": null, - "singlePlacementGroup": true, - "sku": { - "capacity": 2, - "name": "Standard_DS2_v2", - "tier": "Standard" - }, - "spotRestorePolicy": null, - "tags": {}, - "timeCreated": "2023-12-04T16:10:30.554674+00:00", - "type": "Microsoft.Compute/virtualMachineScaleSets", - "uniqueId": "ae68f82c-54f3-4263-8252-7f25f1b276bb", - "upgradePolicy": { - "automaticOsUpgradePolicy": null, - "mode": "Automatic", - "rollingUpgradePolicy": { - "enableCrossZoneUpgrade": null, - "maxBatchInstancePercent": 20, - "maxSurge": false, - "maxUnhealthyInstancePercent": 20, - "maxUnhealthyUpgradedInstancePercent": 20, - "pauseTimeBetweenBatches": "PT0S", - "prioritizeUnhealthyInstances": null, - "rollbackFailedInstancesOnPolicyBreach": false - } - }, - "virtualMachineProfile": { - "applicationProfile": null, - "billingProfile": null, - "capacityReservation": null, - "diagnosticsProfile": null, - "evictionPolicy": null, - "extensionProfile": { - "extensions": [ - { - "autoUpgradeMinorVersion": true, - "enableAutomaticUpgrade": null, - "forceUpdateTag": null, - "id": null, - "name": "CustomScript", - "protectedSettings": null, - "protectedSettingsFromKeyVault": null, - "provisionAfterExtensions": null, - "provisioningState": null, - "publisher": "Microsoft.Azure.Extensions", - "settings": { - "commandToExecute": "./automate_nginx.sh", - "fileUris": [ - "https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh" - ] - }, - "suppressFailures": null, - "type": null, - "typeHandlerVersion": "2.0", - "typePropertiesType": "CustomScript" - } - ], - "extensionsTimeBudget": null - }, - "hardwareProfile": null, - "licenseType": null, - "networkProfile": { - "healthProbe": null, - "networkApiVersion": null, - "networkInterfaceConfigurations": [ - { - "deleteOption": null, - "disableTcpStateTracking": false, - "dnsSettings": { - "dnsServers": [] - }, - "enableAcceleratedNetworking": false, - "enableFpga": null, - "enableIpForwarding": false, - "ipConfigurations": [ - { - "applicationGatewayBackendAddressPools": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroup3a43e4" - } - ], - "applicationSecurityGroups": null, - "loadBalancerBackendAddressPools": null, - "loadBalancerInboundNatPools": null, - "name": "myvms0ce7IPConfig", - "primary": null, - "privateIpAddressVersion": "IPv4", - "publicIpAddressConfiguration": null, - "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", - "resourceGroup": "myVMSSResourceGroup3a43e4" - } - } - ], - "name": "myvms0ce7Nic", - "networkSecurityGroup": null, - "primary": true - } - ] - }, - "osProfile": { - "adminPassword": null, - "adminUsername": "azureuser", - "allowExtensionOperations": true, - "computerNamePrefix": "myvms0ce7", - "customData": null, - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "enableVmAgentPlatformUpdates": false, - "patchSettings": null, - "provisionVmAgent": true, - "ssh": { - "publicKeys": [ - { - "keyData": "ssh-rsa xxxxxxx", - "path": "/home/azureuser/.ssh/authorized_keys" - } - ] - } - }, - "requireGuestProvisionSignal": true, - "secrets": [], - "windowsConfiguration": null - }, - "priority": null, - "scheduledEventsProfile": null, - "securityPostureReference": null, - "securityProfile": null, - "serviceArtifactReference": null, - "storageProfile": { - "dataDisks": null, - "diskControllerType": "SCSI", - "imageReference": { - "communityGalleryImageId": null, - "exactVersion": null, - "id": null, - "offer": "0001-com-ubuntu-minimal-jammy", - "publisher": "Canonical", - "sharedGalleryImageId": null, - "sku": "minimal-22_04-lts-gen2", - "version": "latest" - }, - "osDisk": { - "caching": "ReadWrite", - "createOption": "FromImage", - "deleteOption": null, - "diffDiskSettings": null, - "diskSizeGb": 30, - "image": null, - "managedDisk": { - "diskEncryptionSet": null, - "securityProfile": null, - "storageAccountType": "Premium_LRS" - }, - "name": null, - "osType": "Linux", - "vhdContainers": null, - "writeAcceleratorEnabled": null - } - }, - "userData": null - }, - "zoneBalance": null, - "zones": null -} -``` - -### Enable Azure AD login for a Linux Virtual Machine -The following command installs the extension to enable Azure AD login for a Linux VM. - -```bash - az vmss extension set --publisher Microsoft.Azure.ActiveDirectory --name AADSSHLoginForLinux --resource-group $MY_RESOURCE_GROUP_NAME --vmss-name $MY_VMSS_NAME -``` -Results: - - -```json -{ - "additionalCapabilities": null, - "automaticRepairsPolicy": null, - "constrainedMaximumCapacity": null, - "doNotRunExtensionsOnOverprovisionedVMs": false, - "extendedLocation": null, - "hostGroup": null, - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", - "identity": { - "principalId": "f94ce139-a0b1-4844-a836-1396b6572826", - "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47", - "type": "SystemAssigned", - "userAssignedIdentities": null - }, - "location": "eastus", - "name": "myVMSSaf9072", - "orchestrationMode": "Uniform", - "overprovision": true, - "plan": null, - "platformFaultDomainCount": 1, - "priorityMixPolicy": null, - "provisioningState": "Succeeded", - "proximityPlacementGroup": null, - "resourceGroup": "myVMSSResourceGroupaf9072", - "scaleInPolicy": null, - "singlePlacementGroup": false, - "sku": { - "capacity": 2, - "name": "Standard_DS2_v2", - "tier": "Standard" - }, - "spotRestorePolicy": null, - "tags": {}, - "timeCreated": "2023-12-14T10:50:58.858488+00:00", - "type": "Microsoft.Compute/virtualMachineScaleSets", - "uniqueId": "ca55e9a8-4c6f-4491-b217-4420a312f993", - "upgradePolicy": { - "automaticOsUpgradePolicy": null, - "mode": "Automatic", - "rollingUpgradePolicy": { - "enableCrossZoneUpgrade": null, - "maxBatchInstancePercent": 20, - "maxSurge": false, - "maxUnhealthyInstancePercent": 20, - "maxUnhealthyUpgradedInstancePercent": 20, - "pauseTimeBetweenBatches": "PT0S", - "prioritizeUnhealthyInstances": null, - "rollbackFailedInstancesOnPolicyBreach": false - } - }, - "virtualMachineProfile": { - "applicationProfile": null, - "billingProfile": null, - "capacityReservation": null, - "diagnosticsProfile": null, - "evictionPolicy": null, - "extensionProfile": { - "extensions": [ - { - "autoUpgradeMinorVersion": true, - "enableAutomaticUpgrade": null, - "forceUpdateTag": null, - "id": null, - "name": "AADSSHLoginForLinux", - "protectedSettings": null, - "protectedSettingsFromKeyVault": null, - "provisionAfterExtensions": null, - "provisioningState": null, - "publisher": "Microsoft.Azure.ActiveDirectory", - "settings": null, - "suppressFailures": null, - "type": null, - "typeHandlerVersion": "1.0", - "typePropertiesType": "AADSSHLoginForLinux" - } - ], - "extensionsTimeBudget": null - }, - "hardwareProfile": null, - "licenseType": null, - "networkProfile": { - "healthProbe": null, - "networkApiVersion": null, - "networkInterfaceConfigurations": [ - { - "deleteOption": null, - "disableTcpStateTracking": false, - "dnsSettings": { - "dnsServers": [] - }, - "enableAcceleratedNetworking": false, - "enableFpga": null, - "enableIpForwarding": false, - "ipConfigurations": [ - { - "applicationGatewayBackendAddressPools": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/applicationGateways/myAPPGWaf9072/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroupaf9072" - } - ], - "applicationSecurityGroups": null, - "loadBalancerBackendAddressPools": null, - "loadBalancerInboundNatPools": null, - "name": "myvms5aa3IPConfig", - "primary": null, - "privateIpAddressVersion": "IPv4", - "publicIpAddressConfiguration": null, - "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Network/virtualNetworks/myVNetaf9072/subnets/myVMSNaf9072", - "resourceGroup": "myVMSSResourceGroupaf9072" - } - } - ], - "name": "myvms5aa3Nic", - "networkSecurityGroup": null, - "primary": true - } - ] - }, - "osProfile": { - "adminPassword": null, - "adminUsername": "azureuser", - "allowExtensionOperations": true, - "computerNamePrefix": "myvms5aa3", - "customData": null, - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "enableVmAgentPlatformUpdates": false, - "patchSettings": null, - "provisionVmAgent": true, - "ssh": { - "publicKeys": [ - { - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDChUiONFSUdk5nk00XeujLNIfdijKwBR/cqAqAw8xa57BlI22Azntp625scK9Gpze9wFNj/bPDS29+PZXOaEjVljYHU/tgcbcvHR0sNUNoAvMPHRfSN2WebDUCDHK1hBQxPwiI4OWTbpYRm/E2deGe5gUpBoaA1AwOZVs1+6Z6unHOkhslqLJmNW+Rb8YUtRnbL3XZLUOwyPSkNMgARiMb+QWq0W2V6TtD+rM2pMVIf/D21PdHLsTBQ+DC0DeUyBlgGiueqijGcD0zmE6N6nAu2ps7sO+zxmnP37zbIRbwEHfdpQkPwnx42REgZ7ep/K9gnwWzSk1uIrxrSGypPqUV", - "path": "/home/azureuser/.ssh/authorized_keys" - } - ] - } - }, - "requireGuestProvisionSignal": true, - "secrets": [], - "windowsConfiguration": null - }, - "priority": null, - "scheduledEventsProfile": null, - "securityPostureReference": null, - "securityProfile": null, - "serviceArtifactReference": null, - "storageProfile": { - "dataDisks": null, - "diskControllerType": "SCSI", - "imageReference": { - "communityGalleryImageId": null, - "exactVersion": null, - "id": null, - "offer": "0001-com-ubuntu-server-jammy", - "publisher": "Canonical", - "sharedGalleryImageId": null, - "sku": "22_04-lts-gen2", - "version": "latest" - }, - "osDisk": { - "caching": "ReadWrite", - "createOption": "FromImage", - "deleteOption": null, - "diffDiskSettings": null, - "diskSizeGb": 30, - "image": null, - "managedDisk": { - "diskEncryptionSet": null, - "securityProfile": null, - "storageAccountType": "Premium_LRS" - }, - "name": null, - "osType": "Linux", - "vhdContainers": null, - "writeAcceleratorEnabled": null - } - }, - "userData": null - }, - "zoneBalance": false, - "zones": [ - "1", - "2", - "3" - ] -} - -``` - -# Define an autoscale profile - -To enable autoscale on a scale set, you first define an autoscale profile. This profile defines the default, minimum, and maximum scale set capacity. These limits let you control cost by not continually creating VM instances, and balance acceptable performance with a minimum number of instances that remain in a scale-in event. -The following example sets the default, and minimum, capacity of 2 VM instances, and a maximum of 10: - -```bash -az monitor autoscale create --resource-group $MY_RESOURCE_GROUP_NAME --resource $MY_VMSS_NAME --resource-type Microsoft.Compute/virtualMachineScaleSets --name autoscale --min-count 2 --max-count 10 --count 2 -``` - - -Results: - - -```json -{ - "enabled": true, - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/microsoft.insights/autoscalesettings/autoscale", - "location": "eastus", - "name": "autoscale", - "namePropertiesName": "autoscale", - "notifications": [ - { - "email": { - "customEmails": [], - "sendToSubscriptionAdministrator": false, - "sendToSubscriptionCoAdministrators": false - }, - "webhooks": [] - } - ], - "predictiveAutoscalePolicy": { - "scaleLookAheadTime": null, - "scaleMode": "Disabled" - }, - "profiles": [ - { - "capacity": { - "default": "2", - "maximum": "10", - "minimum": "2" - }, - "fixedDate": null, - "name": "default", - "recurrence": null, - "rules": [] - } - ], - "resourceGroup": "myVMSSResourceGroupaf9072", - "systemData": null, - "tags": {}, - "targetResourceLocation": null, - "targetResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", - "type": "Microsoft.Insights/autoscaleSettings" -} -``` - -# Create a rule to autoscale out - -The Following command creates a rule that increases the number of VM instances in a scale set when the average CPU load is greater than 70% over a 5-minute period. When the rule triggers, the number of VM instances is increased by three. - -```bash -az monitor autoscale rule create --resource-group $MY_RESOURCE_GROUP_NAME --autoscale-name autoscale --condition "Percentage CPU > 70 avg 5m" --scale out 3 -``` - -Results: - - -```json -{ - "metricTrigger": { - "dimensions": [], - "dividePerInstance": null, - "metricName": "Percentage CPU", - "metricNamespace": null, - "metricResourceLocation": null, - "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", - "operator": "GreaterThan", - "statistic": "Average", - "threshold": "70", - "timeAggregation": "Average", - "timeGrain": "PT1M", - "timeWindow": "PT5M" - }, - "scaleAction": { - "cooldown": "PT5M", - "direction": "Increase", - "type": "ChangeCount", - "value": "3" - } -} -``` - -# Create a rule to autoscale in - -Create another rule with az monitor autoscale rule create that decreases the number of VM instances in a scale set when the average CPU load then drops below 30% over a 5-minute period. The following example defines the rule to scale in the number of VM instances by one. - -```bash -az monitor autoscale rule create --resource-group $MY_RESOURCE_GROUP_NAME --autoscale-name autoscale --condition "Percentage CPU < 30 avg 5m" --scale in 1 -``` - -Results: - - -```json -{ - "metricTrigger": { - "dimensions": [], - "dividePerInstance": null, - "metricName": "Percentage CPU", - "metricNamespace": null, - "metricResourceLocation": null, - "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", - "operator": "LessThan", - "statistic": "Average", - "threshold": "30", - "timeAggregation": "Average", - "timeGrain": "PT1M", - "timeWindow": "PT5M" - }, - "scaleAction": { - "cooldown": "PT5M", - "direction": "Decrease", - "type": "ChangeCount", - "value": "1" - } -} -``` - - -### Test the page - -The below command shows you the public IP of your Application Gateway. You can cpaste the IP adress to a browser page for testing. - -```bash -az network public-ip show --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --query [ipAddress] --output tsv -``` - - - - - -# Next Steps - -* [VMSS Documentation](https://learn.microsoft.com/en-us/azure/virtual-machine-scale-sets/overview) diff --git a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md deleted file mode 100644 index 398fbf79..00000000 --- a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md +++ /dev/null @@ -1,695 +0,0 @@ -# Create a Virtual Machine Scale Set with Application Gateway with Linux image - -## Define Environment Variables - -The First step in this tutorial is to define environment variables. - -```bash - -export RANDOM_ID="$(openssl rand -hex 3)" -export MY_RESOURCE_GROUP_NAME="myVMSSResourceGroup$RANDOM_ID" -export REGION=EastUS -export MY_VMSS_NAME="myVMSS$RANDOM_ID" -export MY_USERNAME=azureuser -export MY_VM_IMAGE="Ubuntu2204" -export MY_VNET_NAME="myVNet$RANDOM_ID" -export NETWORK_PREFIX="$(($RANDOM % 254 + 1))" -export MY_VNET_PREFIX="10.$NETWORK_PREFIX.0.0/16" -export MY_VM_SN_NAME="myVMSN$RANDOM_ID" -export MY_VM_SN_PREFIX="10.$NETWORK_PREFIX.0.0/24" -export MY_APPGW_SN_NAME="myAPPGWSN$RANDOM_ID" -export MY_APPGW_SN_PREFIX="10.$NETWORK_PREFIX.1.0/24" -export MY_APPGW_NAME="myAPPGW$RANDOM_ID" -export MY_APPGW_PUBLIC_IP_NAME="myAPPGWPublicIP$RANDOM_ID" - -``` -# Login to Azure using the CLI - -In order to run commands against Azure using the CLI you need to login. This is done, very simply, though the `az login` command: - -# Create a resource group - -A resource group is a container for related resources. All resources must be placed in a resource group. We will create one for this tutorial. The following command creates a resource group with the previously defined $MY_RESOURCE_GROUP_NAME and $REGION parameters. - -```bash -az group create --name $MY_RESOURCE_GROUP_NAME --location $REGION -o JSON -``` - -Results: - - -```json -{ - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx", - "location": "eastus", - "managedBy": null, - "name": "myVMSSResourceGroupxxxxxx", - "properties": { - "provisioningState": "Succeeded" - }, - "tags": null, - "type": "Microsoft.Resources/resourceGroups" -} -``` - -# Create Network Resources - -You need to create network resources before you proceed the VMSS steps. In this step you're going to create a VNET, 2 subnets 1 for Application Gateway and 1 for VMs. You also need to have a public IP to attach your Application Gateway to be able to reach your web application from internet. - - -#### Create Virtual Network (VNET) and VM Subnet - -```bash -az network vnet create --name $MY_VNET_NAME --resource-group $MY_RESOURCE_GROUP_NAME --location $REGION --address-prefix $MY_VNET_PREFIX --subnet-name $MY_VM_SN_NAME --subnet-prefix $MY_VM_SN_PREFIX -o JSON -``` - -Results: - - -```json -{ - "newVNet": { - "addressSpace": { - "addressPrefixes": [ - "10.X.0.0/16" - ] - }, - "enableDdosProtection": false, - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx", - "location": "eastus", - "name": "myVNetxxxxxx", - "provisioningState": "Succeeded", - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "resourceGuid": "f00034be-612e-4462-a711-93d0bb263e46", - "subnets": [ - { - "addressPrefix": "10.X.0.0/24", - "delegations": [], - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myVMSNxxxxxx", - "name": "myVMSNxxxxxx", - "privateEndpointNetworkPolicies": "Disabled", - "privateLinkServiceNetworkPolicies": "Enabled", - "provisioningState": "Succeeded", - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/virtualNetworks/subnets" - } - ], - "type": "Microsoft.Network/virtualNetworks", - "virtualNetworkPeerings": [] - } -} -``` - -### Create Application Gateway Resources - -Azure Application Gateway requires a dedicated subnet within your virtual network. The below command creates a subnet named $MY_APPGW_SN_NAME with specified address prefix named $MY_APPGW_SN_PREFIX in your VNET $MY_VNET_NAME - - -```bash -az network vnet subnet create --name $MY_APPGW_SN_NAME --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --address-prefix $MY_APPGW_SN_PREFIX -o JSON -``` - -Results: - - -```json -{ - "addressPrefix": "10.66.1.0/24", - "delegations": [], - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myAPPGWSNxxxxxx", - "name": "myAPPGWSNxxxxxx", - "privateEndpointNetworkPolicies": "Disabled", - "privateLinkServiceNetworkPolicies": "Enabled", - "provisioningState": "Succeeded", - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/virtualNetworks/subnets" -} -``` -The below command creates a standard, zone redundant, static, public IPv4 in your resource group. - -```bash -az network public-ip create --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --sku Standard --location $REGION --allocation-method static --version IPv4 --zone 1 2 3 -o JSON - ``` - -Results: - - -```json -{ - "publicIp": { - "ddosSettings": { - "protectionMode": "VirtualNetworkInherited" - }, - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/publicIPAddresses//myAPPGWPublicIPxxxxxx", - "idleTimeoutInMinutes": 4, - "ipAddress": "X.X.X.X", - "ipTags": [], - "location": "eastus", - "name": "/myAPPGWPublicIPxxxxxx", - "provisioningState": "Succeeded", - "publicIPAddressVersion": "IPv4", - "publicIPAllocationMethod": "Static", - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "resourceGuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", - "sku": { - "name": "Standard", - "tier": "Regional" - }, - "type": "Microsoft.Network/publicIPAddresses", - "zones": [ - "1", - "2", - "3" - ] - } -} -``` - -In this step you create an Application Gateway that you're going to integrate with your Virtual Machine Scale Set. In this example we create a zone redundant Application Gateway with Standard_v2 SKU and enable Http communication for the Application Gateway. The public IP $MY_APPGW_PUBLIC_IP_NAME that we created in previous step attached to the Application Gateway. - -```bash -az network application-gateway create --name $MY_APPGW_NAME --location $REGION --resource-group $MY_RESOURCE_GROUP_NAME --vnet-name $MY_VNET_NAME --subnet $MY_APPGW_SN_NAME --capacity 2 --zones 1 2 3 --sku Standard_v2 --http-settings-cookie-based-affinity Disabled --frontend-port 80 --http-settings-port 80 --http-settings-protocol Http --public-ip-address $MY_APPGW_PUBLIC_IP_NAME --priority 1001 -o JSON - ``` - - -```json -{ - "applicationGateway": { - "backendAddressPools": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendAddressPools/appGatewayBackendPool", - "name": "appGatewayBackendPool", - "properties": { - "backendAddresses": [], - "provisioningState": "Succeeded", - "requestRoutingRules": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - ] - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/backendAddressPools" - } - ], - "backendHttpSettingsCollection": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendHttpSettingsCollection/appGatewayBackendHttpSettings", - "name": "appGatewayBackendHttpSettings", - "properties": { - "connectionDraining": { - "drainTimeoutInSec": 1, - "enabled": false - }, - "cookieBasedAffinity": "Disabled", - "pickHostNameFromBackendAddress": false, - "port": 80, - "protocol": "Http", - "provisioningState": "Succeeded", - "requestRoutingRules": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - ], - "requestTimeout": 30 - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/backendHttpSettingsCollection" - } - ], - "backendSettingsCollection": [], - "frontendIPConfigurations": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendIPConfigurations/appGatewayFrontendIP", - "name": "appGatewayFrontendIP", - "properties": { - "httpListeners": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - ], - "privateIPAllocationMethod": "Dynamic", - "provisioningState": "Succeeded", - "publicIPAddress": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/publicIPAddresses/myAPPGWPublicIPxxxxxx", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/frontendIPConfigurations" - } - ], - "frontendPorts": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendPorts/appGatewayFrontendPort", - "name": "appGatewayFrontendPort", - "properties": { - "httpListeners": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - ], - "port": 80, - "provisioningState": "Succeeded" - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/frontendPorts" - } - ], - "gatewayIPConfigurations": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/gatewayIPConfigurations/appGatewayFrontendIP", - "name": "appGatewayFrontendIP", - "properties": { - "provisioningState": "Succeeded", - "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxxx/subnets/myAPPGWSNxxxxxx", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/gatewayIPConfigurations" - } - ], - "httpListeners": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", - "name": "appGatewayHttpListener", - "properties": { - "frontendIPConfiguration": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendIPConfigurations/appGatewayFrontendIP", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - }, - "frontendPort": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/frontendPorts/appGatewayFrontendPort", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - }, - "hostNames": [], - "protocol": "Http", - "provisioningState": "Succeeded", - "requestRoutingRules": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - } - ], - "requireServerNameIndication": false - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/httpListeners" - } - ], - "listeners": [], - "loadDistributionPolicies": [], - "operationalState": "Running", - "privateEndpointConnections": [], - "privateLinkConfigurations": [], - "probes": [], - "provisioningState": "Succeeded", - "redirectConfigurations": [], - "requestRoutingRules": [ - { - "etag": "W/\"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/requestRoutingRules/rule1", - "name": "rule1", - "properties": { - "backendAddressPool": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - }, - "backendHttpSettings": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/backendHttpSettingsCollection/appGatewayBackendHttpSettings", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - }, - "httpListener": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxxxx/httpListeners/appGatewayHttpListener", - "resourceGroup": "myVMSSResourceGroupxxxxxx" - }, - "priority": 1001, - "provisioningState": "Succeeded", - "ruleType": "Basic" - }, - "resourceGroup": "myVMSSResourceGroupxxxxxx", - "type": "Microsoft.Network/applicationGateways/requestRoutingRules" - } - ], - "resourceGuid": "d6da1e9a-9d53-4292-bda5-3883963034ff", - "rewriteRuleSets": [], - "routingRules": [], - "sku": { - "capacity": 2, - "family": "Generation_1", - "name": "Standard_v2", - "tier": "Standard_v2" - }, - "sslCertificates": [], - "sslProfiles": [], - "trustedClientCertificates": [], - "trustedRootCertificates": [], - "urlPathMaps": [] - } -} - ``` - - -# Create Virtual Machine Scale Set - -The below command creates a zone redundant Virtual Machine Scale Set (VMSS) within your resource group $MY_RESOURCE_GROUP_NAME. We integrate the Application Gateway that we created previous step. This command creates 2 Standard_DS2_v2 SKU Virtual Machines in subnet $MY_VM_SN_NAME. - -```bash - az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON - ``` - -Results: - - -```json -{ - "vmss": { - "doNotRunExtensionsOnOverprovisionedVMs": false, - "orchestrationMode": "Uniform", - "overprovision": true, - "provisioningState": "Succeeded", - "singlePlacementGroup": true, - "timeCreated": "2023-12-04T16:10:30.5546744+00:00", - "uniqueId": "ae68f82c-54f3-4263-8252-7f25f1b276bb", - "upgradePolicy": { - "mode": "Automatic", - "rollingUpgradePolicy": { - "maxBatchInstancePercent": 20, - "maxSurge": false, - "maxUnhealthyInstancePercent": 20, - "maxUnhealthyUpgradedInstancePercent": 20, - "pauseTimeBetweenBatches": "PT0S", - "rollbackFailedInstancesOnPolicyBreach": false - } - }, - "virtualMachineProfile": { - "networkProfile": { - "networkInterfaceConfigurations": [ - { - "name": "myvms0ce7Nic", - "properties": { - "disableTcpStateTracking": false, - "dnsSettings": { - "dnsServers": [] - }, - "enableAcceleratedNetworking": false, - "enableIPForwarding": false, - "ipConfigurations": [ - { - "name": "myvms0ce7IPConfig", - "properties": { - "applicationGatewayBackendAddressPools": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroup3a43e4" - } - ], - "privateIPAddressVersion": "IPv4", - "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", - "resourceGroup": "myVMSSResourceGroup3a43e4" - } - } - } - ], - "primary": true - } - } - ] - }, - "osProfile": { - "adminUsername": "azureuser", - "allowExtensionOperations": true, - "computerNamePrefix": "myvms0ce7", - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "enableVMAgentPlatformUpdates": false, - "provisionVMAgent": true, - "ssh": { - "publicKeys": [ - { - "keyData": "ssh-rsa xxxxxxx", - "path": "/home/azureuser/.ssh/authorized_keys" - } - ] - } - }, - "requireGuestProvisionSignal": true, - "secrets": [] - }, - "storageProfile": { - "diskControllerType": "SCSI", - "imageReference": { - "offer": "0001-com-ubuntu-minimal-jammy", - "publisher": "Canonical", - "sku": "minimal-22_04-lts-gen2", - "version": "latest" - }, - "osDisk": { - "caching": "ReadWrite", - "createOption": "FromImage", - "diskSizeGB": 30, - "managedDisk": { - "storageAccountType": "Premium_LRS" - }, - "osType": "Linux" - } - }, - "timeCreated": "2023-12-04T16:10:30.5546744+00:00" - } - } -} -``` - -### Install ngnix with VMSS extensions - -The below command uses VMSS extension to run custom script. For testing purposes, here we install ngnix and publish a page that shows the hostname of the Virtual Machine that your HTTP requests hits. We use this custom script for this pusposes : https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh - - -```bash -az vmss extension set --publisher Microsoft.Azure.Extensions --version 2.0 --name CustomScript --resource-group $MY_RESOURCE_GROUP_NAME --vmss-name $MY_VMSS_NAME --settings '{ "fileUris": ["https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh"], "commandToExecute": "./automate_nginx.sh" }' -o JSON -``` - -Results: - - -```json -{ - "additionalCapabilities": null, - "automaticRepairsPolicy": null, - "constrainedMaximumCapacity": null, - "doNotRunExtensionsOnOverprovisionedVMs": false, - "extendedLocation": null, - "hostGroup": null, - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSS3a43e4", - "identity": null, - "location": "eastus", - "name": "myVMSS3a43e4", - "orchestrationMode": "Uniform", - "overprovision": true, - "plan": null, - "platformFaultDomainCount": null, - "priorityMixPolicy": null, - "provisioningState": "Succeeded", - "proximityPlacementGroup": null, - "resourceGroup": "myVMSSResourceGroup3a43e4", - "scaleInPolicy": null, - "singlePlacementGroup": true, - "sku": { - "capacity": 2, - "name": "Standard_DS2_v2", - "tier": "Standard" - }, - "spotRestorePolicy": null, - "tags": {}, - "timeCreated": "2023-12-04T16:10:30.554674+00:00", - "type": "Microsoft.Compute/virtualMachineScaleSets", - "uniqueId": "ae68f82c-54f3-4263-8252-7f25f1b276bb", - "upgradePolicy": { - "automaticOsUpgradePolicy": null, - "mode": "Automatic", - "rollingUpgradePolicy": { - "enableCrossZoneUpgrade": null, - "maxBatchInstancePercent": 20, - "maxSurge": false, - "maxUnhealthyInstancePercent": 20, - "maxUnhealthyUpgradedInstancePercent": 20, - "pauseTimeBetweenBatches": "PT0S", - "prioritizeUnhealthyInstances": null, - "rollbackFailedInstancesOnPolicyBreach": false - } - }, - "virtualMachineProfile": { - "applicationProfile": null, - "billingProfile": null, - "capacityReservation": null, - "diagnosticsProfile": null, - "evictionPolicy": null, - "extensionProfile": { - "extensions": [ - { - "autoUpgradeMinorVersion": true, - "enableAutomaticUpgrade": null, - "forceUpdateTag": null, - "id": null, - "name": "CustomScript", - "protectedSettings": null, - "protectedSettingsFromKeyVault": null, - "provisionAfterExtensions": null, - "provisioningState": null, - "publisher": "Microsoft.Azure.Extensions", - "settings": { - "commandToExecute": "./automate_nginx.sh", - "fileUris": [ - "https://raw.githubusercontent.com/Azure-Samples/compute-automation-configurations/master/automate_nginx.sh" - ] - }, - "suppressFailures": null, - "type": null, - "typeHandlerVersion": "2.0", - "typePropertiesType": "CustomScript" - } - ], - "extensionsTimeBudget": null - }, - "hardwareProfile": null, - "licenseType": null, - "networkProfile": { - "healthProbe": null, - "networkApiVersion": null, - "networkInterfaceConfigurations": [ - { - "deleteOption": null, - "disableTcpStateTracking": false, - "dnsSettings": { - "dnsServers": [] - }, - "enableAcceleratedNetworking": false, - "enableFpga": null, - "enableIpForwarding": false, - "ipConfigurations": [ - { - "applicationGatewayBackendAddressPools": [ - { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/applicationGateways/myAPPGW3a43e4/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroup3a43e4" - } - ], - "applicationSecurityGroups": null, - "loadBalancerBackendAddressPools": null, - "loadBalancerInboundNatPools": null, - "name": "myvms0ce7IPConfig", - "primary": null, - "privateIpAddressVersion": "IPv4", - "publicIpAddressConfiguration": null, - "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup3a43e4/providers/Microsoft.Network/virtualNetworks/myVNet3a43e4/subnets/myVMSN3a43e4", - "resourceGroup": "myVMSSResourceGroup3a43e4" - } - } - ], - "name": "myvms0ce7Nic", - "networkSecurityGroup": null, - "primary": true - } - ] - }, - "osProfile": { - "adminPassword": null, - "adminUsername": "azureuser", - "allowExtensionOperations": true, - "computerNamePrefix": "myvms0ce7", - "customData": null, - "linuxConfiguration": { - "disablePasswordAuthentication": true, - "enableVmAgentPlatformUpdates": false, - "patchSettings": null, - "provisionVmAgent": true, - "ssh": { - "publicKeys": [ - { - "keyData": "ssh-rsa xxxxxxx", - "path": "/home/azureuser/.ssh/authorized_keys" - } - ] - } - }, - "requireGuestProvisionSignal": true, - "secrets": [], - "windowsConfiguration": null - }, - "priority": null, - "scheduledEventsProfile": null, - "securityPostureReference": null, - "securityProfile": null, - "serviceArtifactReference": null, - "storageProfile": { - "dataDisks": null, - "diskControllerType": "SCSI", - "imageReference": { - "communityGalleryImageId": null, - "exactVersion": null, - "id": null, - "offer": "0001-com-ubuntu-minimal-jammy", - "publisher": "Canonical", - "sharedGalleryImageId": null, - "sku": "minimal-22_04-lts-gen2", - "version": "latest" - }, - "osDisk": { - "caching": "ReadWrite", - "createOption": "FromImage", - "deleteOption": null, - "diffDiskSettings": null, - "diskSizeGb": 30, - "image": null, - "managedDisk": { - "diskEncryptionSet": null, - "securityProfile": null, - "storageAccountType": "Premium_LRS" - }, - "name": null, - "osType": "Linux", - "vhdContainers": null, - "writeAcceleratorEnabled": null - } - }, - "userData": null - }, - "zoneBalance": null, - "zones": null -} -``` - -### Test the page - -The below command shows you the public IP of your Application Gateway. You can cpaste the IP adress to a browser page for testing. - -```bash -az network public-ip show --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --query [ipAddress] --output tsv -``` - - - -# Next Steps - -* [VM Documentation](https://learn.microsoft.com/en-us/azure/virtual-machines/) -* [Use Cloud-Init to initialize a Linux VM on first boot](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-automate-vm-deployment) -* [Create custom VM images](https://learn.microsoft.com/en-us/azure/virtual-machines/linux/tutorial-custom-images) -* [Load Balance VMs](https://learn.microsoft.com/en-us/azure/load-balancer/quickstart-load-balancer-standard-public-cli) \ No newline at end of file From bea8c3a6f3941da11897722379a6124369302811 Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Tue, 19 Dec 2023 11:45:51 +0000 Subject: [PATCH 23/46] VMSS updates --- .../ocd/{CreateVMSSupdated => CreateVMSSwithAppGWLinux}/README.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename scenarios/ocd/{CreateVMSSupdated => CreateVMSSwithAppGWLinux}/README.md (100%) diff --git a/scenarios/ocd/CreateVMSSupdated/README.md b/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md similarity index 100% rename from scenarios/ocd/CreateVMSSupdated/README.md rename to scenarios/ocd/CreateVMSSwithAppGWLinux/README.md From 5ae25369471fbe2c5ae082fcefe6e4ce1b916429 Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Tue, 19 Dec 2023 11:47:49 +0000 Subject: [PATCH 24/46] VMSS updates --- .../README.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename scenarios/ocd/{CreateVMSSwithAppGWLinux => CreateLinuxVMSSwithAppGW}/README.md (100%) diff --git a/scenarios/ocd/CreateVMSSwithAppGWLinux/README.md b/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md similarity index 100% rename from scenarios/ocd/CreateVMSSwithAppGWLinux/README.md rename to scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md From f465e741145e0c7178dffb9e6911732753abdfe7 Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Tue, 19 Dec 2023 11:53:40 +0000 Subject: [PATCH 25/46] VMSS updates --- .../ocd/CreateLinuxVMSSwithAppGW/README.md | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md b/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md index 241b2ea1..18ddb24e 100644 --- a/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md +++ b/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md @@ -417,7 +417,7 @@ Results: "properties": { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup7e8bdd/providers/Microsoft.Network/applicationGateways/myAPPGW7e8bdd/backendAddressPools/appGatewayBackendPool", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup7e8bdd/providers/Microsoft.Network/applicationGateways/myAPPGW7e8bdd/backendAddressPools/appGatewayBackendPool", "resourceGroup": "myVMSSResourceGroup7e8bdd" } ], @@ -431,7 +431,7 @@ Results: } }, "subnet": { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroup7e8bdd/providers/Microsoft.Network/virtualNetworks/myVNet7e8bdd/subnets/myVMSN7e8bdd", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup7e8bdd/providers/Microsoft.Network/virtualNetworks/myVNet7e8bdd/subnets/myVMSN7e8bdd", "resourceGroup": "myVMSSResourceGroup7e8bdd" } } @@ -453,7 +453,7 @@ Results: "ssh": { "publicKeys": [ { - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDChUiONFSUdk5nk00XeujLNIfdijKwBR/cqAqAw8xa57BlI22Azntp625scK9Gpze9wFNj/bPDS29+PZXOaEjVljYHU/tgcbcvHR0sNUNoAvMPHRfSN2WebDUCDHK1hBQxPwiI4OWTbpYRm/E2deGe5gUpBoaA1AwOZVs1+6Z6unHOkhslqLJmNW+Rb8YUtRnbL3XZLUOwyPSkNMgARiMb+QWq0W2V6TtD+rM2pMVIf/D21PdHLsTBQ+DC0DeUyBlgGiueqijGcD0zmE6N6nAu2ps7sO+zxmnP37zbIRbwEHfdpQkPwnx42REgZ7ep/K9gnwWzSk1uIrxrSGypPqUV", + "keyData": "ssh-rsa xxxxxxxx", "path": "/home/azureuser/.ssh/authorized_keys" } ] @@ -507,7 +507,7 @@ Results: "doNotRunExtensionsOnOverprovisionedVMs": false, "extendedLocation": null, "hostGroup": null, - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSa653af", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSa653af", "identity": null, "location": "eastus", "name": "myVMSSa653af", @@ -597,7 +597,7 @@ Results: { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/applicationGateways/myAPPGWa653af/backendAddressPools/appGatewayBackendPool", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/applicationGateways/myAPPGWa653af/backendAddressPools/appGatewayBackendPool", "resourceGroup": "myVMSSResourceGroupa653af" } ], @@ -609,7 +609,7 @@ Results: "privateIpAddressVersion": "IPv4", "publicIpAddressConfiguration": null, "subnet": { - "id": "/subscriptions/5584d5a3-dd16-4928-81dd-f9f5641091ea/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/virtualNetworks/myVNeta653af/subnets/myVMSNa653af", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/virtualNetworks/myVNeta653af/subnets/myVMSNa653af", "resourceGroup": "myVMSSResourceGroupa653af" } } @@ -634,7 +634,7 @@ Results: "ssh": { "publicKeys": [ { - "keyData": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDChUiONFSUdk5nk00XeujLNIfdijKwBR/cqAqAw8xa57BlI22Azntp625scK9Gpze9wFNj/bPDS29+PZXOaEjVljYHU/tgcbcvHR0sNUNoAvMPHRfSN2WebDUCDHK1hBQxPwiI4OWTbpYRm/E2deGe5gUpBoaA1AwOZVs1+6Z6unHOkhslqLJmNW+Rb8YUtRnbL3XZLUOwyPSkNMgARiMb+QWq0W2V6TtD+rM2pMVIf/D21PdHLsTBQ+DC0DeUyBlgGiueqijGcD0zmE6N6nAu2ps7sO+zxmnP37zbIRbwEHfdpQkPwnx42REgZ7ep/K9gnwWzSk1uIrxrSGypPqUV", + "keyData": "ssh-rsa xxxxxxxx", "path": "/home/azureuser/.ssh/authorized_keys" } ] @@ -831,8 +831,8 @@ az network public-ip show --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_AP - - -# Next Steps +# References * [VMSS Documentation](https://learn.microsoft.com/en-us/azure/virtual-machine-scale-sets/overview) +* [VMSS AutoScale](https://learn.microsoft.com/en-us/azure/virtual-machine-scale-sets/tutorial-autoscale-cli?tabs=Ubuntu) + From f02ec22ec4ee9396f12ef4e53c70fdaf48d807f4 Mon Sep 17 00:00:00 2001 From: Belgin Ceran <110536035+belginceran@users.noreply.github.com> Date: Tue, 19 Dec 2023 13:35:14 +0000 Subject: [PATCH 26/46] VMSS updates --- scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md b/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md index 18ddb24e..7007c6c8 100644 --- a/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md +++ b/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md @@ -368,10 +368,10 @@ az network application-gateway create --name $MY_APPGW_NAME --location $REGION # Create Virtual Machine Scale Set -The below command creates a zone redundant Virtual Machine Scale Set (VMSS) within your resource group $MY_RESOURCE_GROUP_NAME. We integrate the Application Gateway that we created previous step. This command creates 2 Standard_DS2_v2 SKU Virtual Machines in subnet $MY_VM_SN_NAME. +The below command creates a zone redundant Virtual Machine Scale Set (VMSS) within your resource group $MY_RESOURCE_GROUP_NAME. We integrate the Application Gateway that we created previous step. This command creates 2 Standard_DS2_v2 SKU Virtual Machines with public IP in subnet $MY_VM_SN_NAME. A ssh key will be created during the below step you may want to save the key if you need to login your VMs via ssh. ```bash -az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --public-ip-per-vm --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON +az vmss create --name $MY_VMSS_NAME --resource-group $MY_RESOURCE_GROUP_NAME --image $MY_VM_IMAGE --admin-username $MY_USERNAME --generate-ssh-keys --public-ip-per-vm --orchestration-mode Uniform --instance-count 2 --zones 1 2 3 --vnet-name $MY_VNET_NAME --subnet $MY_VM_SN_NAME --vm-sku Standard_DS2_v2 --upgrade-policy-mode Automatic --app-gateway $MY_APPGW_NAME --backend-pool-name appGatewayBackendPool -o JSON ``` Results: @@ -823,7 +823,7 @@ Results: ### Test the page -The below command shows you the public IP of your Application Gateway. You can cpaste the IP adress to a browser page for testing. +The below command shows you the public IP of your Application Gateway. You can paste the IP adress to a browser page for testing. ```bash az network public-ip show --resource-group $MY_RESOURCE_GROUP_NAME --name $MY_APPGW_PUBLIC_IP_NAME --query [ipAddress] --output tsv From 4db8e038b0a828f3a8e983883a480d902f91b71c Mon Sep 17 00:00:00 2001 From: naman-msft <146123940+naman-msft@users.noreply.github.com> Date: Wed, 20 Dec 2023 17:22:58 -0800 Subject: [PATCH 27/46] Update README.md --- scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md b/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md index 7007c6c8..505f1e46 100644 --- a/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md +++ b/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md @@ -81,7 +81,7 @@ Results: "name": "myVNetxxxxxx", "provisioningState": "Succeeded", "resourceGroup": "myVMSSResourceGroupxxxxxx", - "resourceGuid": "f00034be-612e-4462-a711-93d0bb263e46", + "resourceGuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "subnets": [ { "addressPrefix": "10.X.0.0/24", @@ -347,7 +347,7 @@ az network application-gateway create --name $MY_APPGW_NAME --location $REGION "type": "Microsoft.Network/applicationGateways/requestRoutingRules" } ], - "resourceGuid": "d6da1e9a-9d53-4292-bda5-3883963034ff", + "resourceGuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", "rewriteRuleSets": [], "routingRules": [], "sku": { From 2f3787d9589a440fb648247ed02a202334ac52ff Mon Sep 17 00:00:00 2001 From: naman-msft <146123940+naman-msft@users.noreply.github.com> Date: Wed, 20 Dec 2023 17:30:51 -0800 Subject: [PATCH 28/46] Update README.md --- .../ocd/CreateLinuxVMSSwithAppGW/README.md | 34 +++++++++---------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md b/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md index 505f1e46..d536553e 100644 --- a/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md +++ b/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md @@ -387,7 +387,7 @@ Results: "provisioningState": "Succeeded", "singlePlacementGroup": false, "timeCreated": "2023-12-18T14:51:32.7740167+00:00", - "uniqueId": "b13f443e-ae79-46e9-8643-23d6177187ca", + "uniqueId": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx", "upgradePolicy": { "mode": "Automatic", "rollingUpgradePolicy": { @@ -417,8 +417,8 @@ Results: "properties": { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup7e8bdd/providers/Microsoft.Network/applicationGateways/myAPPGW7e8bdd/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroup7e8bdd" + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGW7e8bdd/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroupxxxxxx" } ], "privateIPAddressVersion": "IPv4", @@ -431,8 +431,8 @@ Results: } }, "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroup7e8bdd/providers/Microsoft.Network/virtualNetworks/myVNet7e8bdd/subnets/myVMSN7e8bdd", - "resourceGroup": "myVMSSResourceGroup7e8bdd" + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/virtualNetworks/myVNet7e8bdd/subnets/myVMSN7e8bdd", + "resourceGroup": "myVMSSResourceGroupxxxxxxx" } } } @@ -507,7 +507,7 @@ Results: "doNotRunExtensionsOnOverprovisionedVMs": false, "extendedLocation": null, "hostGroup": null, - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSa653af", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSa653af", "identity": null, "location": "eastus", "name": "myVMSSa653af", @@ -518,7 +518,7 @@ Results: "priorityMixPolicy": null, "provisioningState": "Succeeded", "proximityPlacementGroup": null, - "resourceGroup": "myVMSSResourceGroupa653af", + "resourceGroup": "myVMSSResourceGroupxxxxx", "scaleInPolicy": null, "singlePlacementGroup": false, "sku": { @@ -530,7 +530,7 @@ Results: "tags": {}, "timeCreated": "2023-12-18T11:47:36.530498+00:00", "type": "Microsoft.Compute/virtualMachineScaleSets", - "uniqueId": "79aa92f5-cf99-486b-9b9c-32d67edd80dc", + "uniqueId": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx", "upgradePolicy": { "automaticOsUpgradePolicy": null, "mode": "Automatic", @@ -597,8 +597,8 @@ Results: { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/applicationGateways/myAPPGWa653af/backendAddressPools/appGatewayBackendPool", - "resourceGroup": "myVMSSResourceGroupa653af" + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWa653af/backendAddressPools/appGatewayBackendPool", + "resourceGroup": "myVMSSResourceGroupxxxxxx" } ], "applicationSecurityGroups": null, @@ -609,8 +609,8 @@ Results: "privateIpAddressVersion": "IPv4", "publicIpAddressConfiguration": null, "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupa653af/providers/Microsoft.Network/virtualNetworks/myVNeta653af/subnets/myVMSNa653af", - "resourceGroup": "myVMSSResourceGroupa653af" + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/virtualNetworks/myVNeta653af/subnets/myVMSNa653af", + "resourceGroup": "myVMSSResourceGroupaxxxxx" } } ], @@ -708,7 +708,7 @@ Results: ```json { "enabled": true, - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/microsoft.insights/autoscalesettings/autoscale", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/microsoft.insights/autoscalesettings/autoscale", "location": "eastus", "name": "autoscale", "namePropertiesName": "autoscale", @@ -739,11 +739,11 @@ Results: "rules": [] } ], - "resourceGroup": "myVMSSResourceGroupaf9072", + "resourceGroup": "myVMSSResourceGroupxxxxx", "systemData": null, "tags": {}, "targetResourceLocation": null, - "targetResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "targetResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", "type": "Microsoft.Insights/autoscaleSettings" } ``` @@ -767,7 +767,7 @@ Results: "metricName": "Percentage CPU", "metricNamespace": null, "metricResourceLocation": null, - "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", "operator": "GreaterThan", "statistic": "Average", "threshold": "70", @@ -803,7 +803,7 @@ Results: "metricName": "Percentage CPU", "metricNamespace": null, "metricResourceLocation": null, - "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupaf9072/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", "operator": "LessThan", "statistic": "Average", "threshold": "30", From 3e82687a23582f42599569e572b879abc270e1dd Mon Sep 17 00:00:00 2001 From: naman-msft <146123940+naman-msft@users.noreply.github.com> Date: Wed, 20 Dec 2023 17:40:43 -0800 Subject: [PATCH 29/46] Update README.md --- .../ocd/CreateLinuxVMSSwithAppGW/README.md | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md b/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md index d536553e..ffd53df0 100644 --- a/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md +++ b/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md @@ -386,7 +386,7 @@ Results: "platformFaultDomainCount": 1, "provisioningState": "Succeeded", "singlePlacementGroup": false, - "timeCreated": "2023-12-18T14:51:32.7740167+00:00", + "timeCreated": "20xx-xx-xxTxx:xx:xx.xxxxxx+00:00", "uniqueId": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx", "upgradePolicy": { "mode": "Automatic", @@ -417,7 +417,7 @@ Results: "properties": { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGW7e8bdd/backendAddressPools/appGatewayBackendPool", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGW7xxxxx/backendAddressPools/appGatewayBackendPool", "resourceGroup": "myVMSSResourceGroupxxxxxx" } ], @@ -431,7 +431,7 @@ Results: } }, "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/virtualNetworks/myVNet7e8bdd/subnets/myVMSN7e8bdd", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxx/subnets/myVMSN7xxxxx", "resourceGroup": "myVMSSResourceGroupxxxxxxx" } } @@ -480,7 +480,7 @@ Results: "osType": "Linux" } }, - "timeCreated": "2023-12-18T14:51:32.7740167+00:00" + "timeCreated": "20xx-xx-xxTxx:xx:xx.xxxxxx+00:00" }, "zoneBalance": false } @@ -507,10 +507,10 @@ Results: "doNotRunExtensionsOnOverprovisionedVMs": false, "extendedLocation": null, "hostGroup": null, - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSa653af", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSxxxxx", "identity": null, "location": "eastus", - "name": "myVMSSa653af", + "name": "myVMSSxxxx", "orchestrationMode": "Uniform", "overprovision": true, "plan": null, @@ -528,7 +528,7 @@ Results: }, "spotRestorePolicy": null, "tags": {}, - "timeCreated": "2023-12-18T11:47:36.530498+00:00", + "timeCreated": "20xx-xx-xxTxx:xx:xx.xxxxxx+00:00", "type": "Microsoft.Compute/virtualMachineScaleSets", "uniqueId": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx", "upgradePolicy": { @@ -597,24 +597,24 @@ Results: { "applicationGatewayBackendAddressPools": [ { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWa653af/backendAddressPools/appGatewayBackendPool", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/applicationGateways/myAPPGWxxxx/backendAddressPools/appGatewayBackendPool", "resourceGroup": "myVMSSResourceGroupxxxxxx" } ], "applicationSecurityGroups": null, "loadBalancerBackendAddressPools": null, "loadBalancerInboundNatPools": null, - "name": "myvmsd8f0IPConfig", + "name": "myvmsdxxxIPConfig", "primary": null, "privateIpAddressVersion": "IPv4", "publicIpAddressConfiguration": null, "subnet": { - "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/virtualNetworks/myVNeta653af/subnets/myVMSNa653af", + "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxx/providers/Microsoft.Network/virtualNetworks/myVNetxxxxx/subnets/myVMSNxxxxx", "resourceGroup": "myVMSSResourceGroupaxxxxx" } } ], - "name": "myvmsd8f0Nic", + "name": "myvmsxxxxxx", "networkSecurityGroup": null, "primary": true } @@ -624,7 +624,7 @@ Results: "adminPassword": null, "adminUsername": "azureuser", "allowExtensionOperations": true, - "computerNamePrefix": "myvmsd8f0", + "computerNamePrefix": "myvmsdxxx", "customData": null, "linuxConfiguration": { "disablePasswordAuthentication": true, From 3db495f5c1f1a938daa7db5b6da81ec0a5ff96d9 Mon Sep 17 00:00:00 2001 From: naman-msft <146123940+naman-msft@users.noreply.github.com> Date: Wed, 20 Dec 2023 17:48:10 -0800 Subject: [PATCH 30/46] Update README.md --- scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md b/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md index ffd53df0..de17dce6 100644 --- a/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md +++ b/scenarios/ocd/CreateLinuxVMSSwithAppGW/README.md @@ -743,7 +743,7 @@ Results: "systemData": null, "tags": {}, "targetResourceLocation": null, - "targetResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "targetResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSxxxxxx", "type": "Microsoft.Insights/autoscaleSettings" } ``` @@ -767,7 +767,7 @@ Results: "metricName": "Percentage CPU", "metricNamespace": null, "metricResourceLocation": null, - "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSxxxxxx", "operator": "GreaterThan", "statistic": "Average", "threshold": "70", @@ -803,7 +803,7 @@ Results: "metricName": "Percentage CPU", "metricNamespace": null, "metricResourceLocation": null, - "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSaf9072", + "metricResourceUri": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myVMSSResourceGroupxxxxxx/providers/Microsoft.Compute/virtualMachineScaleSets/myVMSSxxxxxx", "operator": "LessThan", "statistic": "Average", "threshold": "30", From 82dbad0c96073a649bbdf082967c3cce90427af5 Mon Sep 17 00:00:00 2001 From: rguptar <69279773+rguptar@users.noreply.github.com> Date: Wed, 3 Jan 2024 11:40:20 -0800 Subject: [PATCH 31/46] [add] test upstream scenarios (#162) Test scenarios found in https://github.com/MicrosoftDocs/executable-docs --- .github/workflows/scenario-testing.yaml | 7 ++++--- .gitmodules | 3 +++ Makefile | 20 ++++++++++++++++++-- cmd/ie/commands/execute.go | 2 +- cmd/ie/commands/test.go | 20 ++++++++++++++------ upstream-scenarios | 1 + 6 files changed, 41 insertions(+), 12 deletions(-) create mode 100644 .gitmodules create mode 160000 upstream-scenarios diff --git a/.github/workflows/scenario-testing.yaml b/.github/workflows/scenario-testing.yaml index 14a24bc4..d2d095eb 100644 --- a/.github/workflows/scenario-testing.yaml +++ b/.github/workflows/scenario-testing.yaml @@ -34,10 +34,11 @@ jobs: uses: azure/CLI@v1 if: github.event_name != 'pull_request' with: + azcliversion: 2.53.0 inlineScript: | - apk add --no-cache make - make test-scenarios SUBSCRIPTION=${{ secrets.AZURE_SUBSCRIPTION }} + apk add --no-cache make git openssh openssl helm curl jq + make test-upstream-scenarios SUBSCRIPTION=${{ secrets.AZURE_SUBSCRIPTION }} - name: Display ie.log file - if: github.event_name != 'pull_request' + if: (success() || failure()) && github.event_name != 'pull_request' run: | cat ie.log diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 00000000..955d6436 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "upstream-scenarios"] + path = upstream-scenarios + url = https://github.com/MicrosoftDocs/executable-docs diff --git a/Makefile b/Makefile index 32e312bf..f0beeac8 100644 --- a/Makefile +++ b/Makefile @@ -35,14 +35,30 @@ test-all: SUBSCRIPTION ?= 00000000-0000-0000-0000-000000000000 SCENARIO ?= ./README.md +WORKING_DIRECTORY ?= $(PWD) test-scenario: @echo "Running scenario $(SCENARIO)" - $(IE_BINARY) test $(SCENARIO) --subscription $(SUBSCRIPTION) + $(IE_BINARY) test $(SCENARIO) --subscription $(SUBSCRIPTION) --working-directory $(WORKING_DIRECTORY) test-scenarios: @echo "Testing out the scenarios" for dir in ./scenarios/ocd/*/; do \ - $(MAKE) test-scenario SCENARIO="$${dir}README.md" SUBCRIPTION="$(SUBSCRIPTION)"; \ + ($(MAKE) test-scenario SCENARIO="$${dir}README.md" SUBCRIPTION="$(SUBSCRIPTION)") || exit $$?; \ + done + +test-upstream-scenarios: + @echo "Pulling the upstream scenarios" + @git config --global --add safe.directory /home/runner/work/InnovationEngine/InnovationEngine + @git submodule update --init --recursive + @echo "Testing out the upstream scenarios" + for dir in ./upstream-scenarios/scenarios/*/; do \ + if ! [ -f $${dir}README.md ]; then \ + continue; \ + fi; \ + if echo "$${dir}" | grep -q "CreateContainerAppDeploymentFromSource"; then \ + continue; \ + fi; \ + ($(MAKE) test-scenario SCENARIO="$${dir}README.md" SUBCRIPTION="$(SUBSCRIPTION)" WORKING_DIRECTORY="$${dir}") || exit $$?; \ done # ------------------------------- Run targets ---------------------------------- diff --git a/cmd/ie/commands/execute.go b/cmd/ie/commands/execute.go index b6075928..d9890c9b 100644 --- a/cmd/ie/commands/execute.go +++ b/cmd/ie/commands/execute.go @@ -123,7 +123,7 @@ var executeCommand = &cobra.Command{ err = innovationEngine.ExecuteScenario(scenario) if err != nil { logging.GlobalLogger.Errorf("Error executing scenario: %s", err) - fmt.Printf("Error executing scenario: %s", err) + fmt.Printf("Error executing scenario: %s\n", err) os.Exit(1) } }, diff --git a/cmd/ie/commands/test.go b/cmd/ie/commands/test.go index f1ddcd8c..35259bb4 100644 --- a/cmd/ie/commands/test.go +++ b/cmd/ie/commands/test.go @@ -16,6 +16,8 @@ func init() { Bool("verbose", false, "Enable verbose logging & standard output.") testCommand.PersistentFlags(). String("subscription", "", "Sets the subscription ID used by a scenarios azure-cli commands. Will rely on the default subscription if not set.") + testCommand.PersistentFlags(). + String("working-directory", ".", "Sets the working directory for innovation engine to operate out of. Restores the current working directory when finished.") } var testCommand = &cobra.Command{ @@ -32,12 +34,14 @@ var testCommand = &cobra.Command{ verbose, _ := cmd.Flags().GetBool("verbose") subscription, _ := cmd.Flags().GetString("subscription") + workingDirectory, _ := cmd.Flags().GetString("working-directory") innovationEngine, err := engine.NewEngine(engine.EngineConfiguration{ - Verbose: verbose, - DoNotDelete: false, - Subscription: subscription, - CorrelationId: "", + Verbose: verbose, + DoNotDelete: false, + Subscription: subscription, + CorrelationId: "", + WorkingDirectory: workingDirectory, }) if err != nil { @@ -57,7 +61,11 @@ var testCommand = &cobra.Command{ os.Exit(1) } - innovationEngine.TestScenario(scenario) - + err = innovationEngine.TestScenario(scenario) + if err != nil { + logging.GlobalLogger.Errorf("Error testing scenario: %s", err) + fmt.Printf("Error testing scenario: %s\n", err) + os.Exit(1) + } }, } diff --git a/upstream-scenarios b/upstream-scenarios new file mode 160000 index 00000000..8c715328 --- /dev/null +++ b/upstream-scenarios @@ -0,0 +1 @@ +Subproject commit 8c7153283e160569577589d923449fd940ea0ef1 From a38bb66edbfa492841f78223ba8af314ff91e5fc Mon Sep 17 00:00:00 2001 From: Mitchell Bifeld Date: Fri, 22 Dec 2023 15:34:04 -0800 Subject: [PATCH 32/46] Update install_from_release.sh to account for localized files --- scripts/install_from_release.sh | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/scripts/install_from_release.sh b/scripts/install_from_release.sh index 3b8ac8ad..362adb12 100644 --- a/scripts/install_from_release.sh +++ b/scripts/install_from_release.sh @@ -1,9 +1,19 @@ set -e +# Define the language parameter (default is 'en') +lang=${1:-'en'} + +# Map the language parameter to the corresponding scenarios file +if [ "$lang" = "en" ]; then + scenarios='scenarios.zip' +else + scenarios="$lang-scenarios.zip" +fi + # Download the binary from the latest echo "Installing IE & scenarios from the latest release..." wget -q -O ie https://github.com/Azure/InnovationEngine/releases/download/latest/ie > /dev/null -wget -q -O scenarios.zip https://github.com/Azure/InnovationEngine/releases/download/latest/scenarios.zip > /dev/null +wget -q -O scenarios.zip https://github.com/Azure/InnovationEngine/releases/download/latest/$scenarios > /dev/null # Setup permissions & move to the local bin chmod +x ie > /dev/null From 21e8b4ac905f71e96ed0f720ae9cbaac268e43e3 Mon Sep 17 00:00:00 2001 From: Mitchell Bifeld Date: Fri, 22 Dec 2023 16:11:04 -0800 Subject: [PATCH 33/46] Update install_from_release.sh --- scripts/install_from_release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install_from_release.sh b/scripts/install_from_release.sh index 362adb12..1802320e 100644 --- a/scripts/install_from_release.sh +++ b/scripts/install_from_release.sh @@ -13,7 +13,7 @@ fi # Download the binary from the latest echo "Installing IE & scenarios from the latest release..." wget -q -O ie https://github.com/Azure/InnovationEngine/releases/download/latest/ie > /dev/null -wget -q -O scenarios.zip https://github.com/Azure/InnovationEngine/releases/download/latest/$scenarios > /dev/null +wget -q -O scenarios.zip https://github.com/MicrosoftDocs/executable-docs/releases/download/latest/$scenarios > /dev/null # Setup permissions & move to the local bin chmod +x ie > /dev/null From 8715d5ed58eebabe9056921ecb73269c7cd50e90 Mon Sep 17 00:00:00 2001 From: Mitchell Bifeld Date: Fri, 22 Dec 2023 16:17:45 -0800 Subject: [PATCH 34/46] Update install_from_release.sh --- scripts/install_from_release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install_from_release.sh b/scripts/install_from_release.sh index 1802320e..80865726 100644 --- a/scripts/install_from_release.sh +++ b/scripts/install_from_release.sh @@ -13,7 +13,7 @@ fi # Download the binary from the latest echo "Installing IE & scenarios from the latest release..." wget -q -O ie https://github.com/Azure/InnovationEngine/releases/download/latest/ie > /dev/null -wget -q -O scenarios.zip https://github.com/MicrosoftDocs/executable-docs/releases/download/latest/$scenarios > /dev/null +wget -q -O scenarios.zip "https://github.com/MicrosoftDocs/executable-docs/releases/download/latest/$scenarios?branch=your_branch_name" > /dev/null # Setup permissions & move to the local bin chmod +x ie > /dev/null From 7fac854ece84a1a38266c62202f09d8a76d5b9ec Mon Sep 17 00:00:00 2001 From: Mitchell Bifeld Date: Fri, 22 Dec 2023 16:17:57 -0800 Subject: [PATCH 35/46] Update install_from_release.sh --- scripts/install_from_release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install_from_release.sh b/scripts/install_from_release.sh index 80865726..50bb0825 100644 --- a/scripts/install_from_release.sh +++ b/scripts/install_from_release.sh @@ -13,7 +13,7 @@ fi # Download the binary from the latest echo "Installing IE & scenarios from the latest release..." wget -q -O ie https://github.com/Azure/InnovationEngine/releases/download/latest/ie > /dev/null -wget -q -O scenarios.zip "https://github.com/MicrosoftDocs/executable-docs/releases/download/latest/$scenarios?branch=your_branch_name" > /dev/null +wget -q -O scenarios.zip "https://github.com/MicrosoftDocs/executable-docs/releases/download/latest/$scenarios?branch=live" > /dev/null # Setup permissions & move to the local bin chmod +x ie > /dev/null From 7b52a853678921c15249600ea461a889af0b63f1 Mon Sep 17 00:00:00 2001 From: Mitchell Bifeld Date: Fri, 22 Dec 2023 16:26:24 -0800 Subject: [PATCH 36/46] Update install_from_release.sh --- scripts/install_from_release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install_from_release.sh b/scripts/install_from_release.sh index 50bb0825..1802320e 100644 --- a/scripts/install_from_release.sh +++ b/scripts/install_from_release.sh @@ -13,7 +13,7 @@ fi # Download the binary from the latest echo "Installing IE & scenarios from the latest release..." wget -q -O ie https://github.com/Azure/InnovationEngine/releases/download/latest/ie > /dev/null -wget -q -O scenarios.zip "https://github.com/MicrosoftDocs/executable-docs/releases/download/latest/$scenarios?branch=live" > /dev/null +wget -q -O scenarios.zip https://github.com/MicrosoftDocs/executable-docs/releases/download/latest/$scenarios > /dev/null # Setup permissions & move to the local bin chmod +x ie > /dev/null From 3b20d767dadf734b88160117521da3c730a05f4a Mon Sep 17 00:00:00 2001 From: Mitchell Bifeld Date: Fri, 22 Dec 2023 17:01:30 -0800 Subject: [PATCH 37/46] Update install_from_release.sh --- scripts/install_from_release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install_from_release.sh b/scripts/install_from_release.sh index 1802320e..298d6ef4 100644 --- a/scripts/install_from_release.sh +++ b/scripts/install_from_release.sh @@ -13,7 +13,7 @@ fi # Download the binary from the latest echo "Installing IE & scenarios from the latest release..." wget -q -O ie https://github.com/Azure/InnovationEngine/releases/download/latest/ie > /dev/null -wget -q -O scenarios.zip https://github.com/MicrosoftDocs/executable-docs/releases/download/latest/$scenarios > /dev/null +wget -q -O scenarios.zip https://github.com/MicrosoftDocs/executable-docs/releases/download/v.1.0.1/$scenarios > /dev/null # Setup permissions & move to the local bin chmod +x ie > /dev/null From ff98988f8b1076c7c94a522e57c688911af1ed23 Mon Sep 17 00:00:00 2001 From: Mitchell Bifeld Date: Fri, 22 Dec 2023 17:06:21 -0800 Subject: [PATCH 38/46] Update install_from_release.sh --- scripts/install_from_release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install_from_release.sh b/scripts/install_from_release.sh index 298d6ef4..813d705b 100644 --- a/scripts/install_from_release.sh +++ b/scripts/install_from_release.sh @@ -13,7 +13,7 @@ fi # Download the binary from the latest echo "Installing IE & scenarios from the latest release..." wget -q -O ie https://github.com/Azure/InnovationEngine/releases/download/latest/ie > /dev/null -wget -q -O scenarios.zip https://github.com/MicrosoftDocs/executable-docs/releases/download/v.1.0.1/$scenarios > /dev/null +wget -q -O scenarios.zip https://github.com/MicrosoftDocs/executable-docs/releases/download/v1.0.1/$scenarios > /dev/null # Setup permissions & move to the local bin chmod +x ie > /dev/null From 7a8387096a44370f81fbb63834516955d20455ee Mon Sep 17 00:00:00 2001 From: Mitchell Bifeld Date: Fri, 22 Dec 2023 17:08:40 -0800 Subject: [PATCH 39/46] Update install_from_release.sh --- scripts/install_from_release.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/install_from_release.sh b/scripts/install_from_release.sh index 813d705b..cef8ee43 100644 --- a/scripts/install_from_release.sh +++ b/scripts/install_from_release.sh @@ -1,3 +1,4 @@ +# Script to install scenarios file. Pass in language code parameter for a particular language, such as it-it for Italian. set -e # Define the language parameter (default is 'en') From 819b787838fe3284ff22c6a973768f8656e79565 Mon Sep 17 00:00:00 2001 From: Mitchell Bifeld Date: Thu, 28 Dec 2023 13:55:31 -0800 Subject: [PATCH 40/46] Empty parameter grabs the scenarios from IE --- scripts/install_from_release.sh | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/scripts/install_from_release.sh b/scripts/install_from_release.sh index cef8ee43..dde4e144 100644 --- a/scripts/install_from_release.sh +++ b/scripts/install_from_release.sh @@ -1,20 +1,24 @@ # Script to install scenarios file. Pass in language code parameter for a particular language, such as it-it for Italian. set -e -# Define the language parameter (default is 'en') -lang=${1:-'en'} +# Define the language parameter +lang=${1:-''} # Map the language parameter to the corresponding scenarios file -if [ "$lang" = "en" ]; then - scenarios='scenarios.zip' +# If no parameter, download the scenarios from IE +if [ "$lang" = "" ]; then + scenarios='https://github.com/Azure/InnovationEngine/releases/download/latest/scenarios.zip' +# Otherwise, download the scenarios from Microsoft Docs in the appropriate langauge +else if [ "$lang" = "en-us" ]; then + scenarios='https://github.com/MicrosoftDocs/executable-docs/releases/download/v1.0.1/scenarios.zip' else - scenarios="$lang-scenarios.zip" + scenarios="https://github.com/MicrosoftDocs/executable-docs/releases/download/v1.0.1/$lang-scenarios.zip" fi # Download the binary from the latest echo "Installing IE & scenarios from the latest release..." wget -q -O ie https://github.com/Azure/InnovationEngine/releases/download/latest/ie > /dev/null -wget -q -O scenarios.zip https://github.com/MicrosoftDocs/executable-docs/releases/download/v1.0.1/$scenarios > /dev/null +wget -q -O scenarios.zip "$scenarios" > /dev/null # Setup permissions & move to the local bin chmod +x ie > /dev/null From 6fdaa210763778a4109ccec9e3a351fc74f217ce Mon Sep 17 00:00:00 2001 From: Mitchell Bifeld Date: Thu, 28 Dec 2023 14:04:02 -0800 Subject: [PATCH 41/46] Update install_from_release.sh --- scripts/install_from_release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install_from_release.sh b/scripts/install_from_release.sh index dde4e144..a099d282 100644 --- a/scripts/install_from_release.sh +++ b/scripts/install_from_release.sh @@ -9,7 +9,7 @@ lang=${1:-''} if [ "$lang" = "" ]; then scenarios='https://github.com/Azure/InnovationEngine/releases/download/latest/scenarios.zip' # Otherwise, download the scenarios from Microsoft Docs in the appropriate langauge -else if [ "$lang" = "en-us" ]; then +elif [ "$lang" = "en-us" ]; then scenarios='https://github.com/MicrosoftDocs/executable-docs/releases/download/v1.0.1/scenarios.zip' else scenarios="https://github.com/MicrosoftDocs/executable-docs/releases/download/v1.0.1/$lang-scenarios.zip" From ee7aaf4a8af3152cbbe1750548b65d61a366993b Mon Sep 17 00:00:00 2001 From: Mitchell Bifeld Date: Wed, 3 Jan 2024 13:22:01 -0800 Subject: [PATCH 42/46] Updated variable declariations --- scripts/install_from_release.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/scripts/install_from_release.sh b/scripts/install_from_release.sh index a099d282..990af160 100644 --- a/scripts/install_from_release.sh +++ b/scripts/install_from_release.sh @@ -2,23 +2,24 @@ set -e # Define the language parameter -lang=${1:-''} +LANG="${1:-''}" +SCENARIOS="" # Map the language parameter to the corresponding scenarios file # If no parameter, download the scenarios from IE if [ "$lang" = "" ]; then - scenarios='https://github.com/Azure/InnovationEngine/releases/download/latest/scenarios.zip' + SCENARIOS='https://github.com/Azure/InnovationEngine/releases/download/latest/scenarios.zip' # Otherwise, download the scenarios from Microsoft Docs in the appropriate langauge elif [ "$lang" = "en-us" ]; then - scenarios='https://github.com/MicrosoftDocs/executable-docs/releases/download/v1.0.1/scenarios.zip' + SCENARIOS='https://github.com/MicrosoftDocs/executable-docs/releases/download/v1.0.1/scenarios.zip' else - scenarios="https://github.com/MicrosoftDocs/executable-docs/releases/download/v1.0.1/$lang-scenarios.zip" + SCENARIOS="https://github.com/MicrosoftDocs/executable-docs/releases/download/v1.0.1/$lang-scenarios.zip" fi # Download the binary from the latest echo "Installing IE & scenarios from the latest release..." wget -q -O ie https://github.com/Azure/InnovationEngine/releases/download/latest/ie > /dev/null -wget -q -O scenarios.zip "$scenarios" > /dev/null +wget -q -O scenarios.zip "$SCENARIOS" > /dev/null # Setup permissions & move to the local bin chmod +x ie > /dev/null From 5f17eda1f60832a6cb1c8c0aadece07a21e4ea1b Mon Sep 17 00:00:00 2001 From: Mitchell Bifeld Date: Wed, 3 Jan 2024 13:24:34 -0800 Subject: [PATCH 43/46] Switched lang to LANG --- scripts/install_from_release.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/install_from_release.sh b/scripts/install_from_release.sh index 990af160..e6b77f60 100644 --- a/scripts/install_from_release.sh +++ b/scripts/install_from_release.sh @@ -7,13 +7,13 @@ SCENARIOS="" # Map the language parameter to the corresponding scenarios file # If no parameter, download the scenarios from IE -if [ "$lang" = "" ]; then +if [ "$LANG" = "" ]; then SCENARIOS='https://github.com/Azure/InnovationEngine/releases/download/latest/scenarios.zip' # Otherwise, download the scenarios from Microsoft Docs in the appropriate langauge -elif [ "$lang" = "en-us" ]; then +elif [ "$LANG" = "en-us" ]; then SCENARIOS='https://github.com/MicrosoftDocs/executable-docs/releases/download/v1.0.1/scenarios.zip' else - SCENARIOS="https://github.com/MicrosoftDocs/executable-docs/releases/download/v1.0.1/$lang-scenarios.zip" + SCENARIOS="https://github.com/MicrosoftDocs/executable-docs/releases/download/v1.0.1/$LANG-scenarios.zip" fi # Download the binary from the latest From 60caf59c8f237abf5d246db499d6c29bef2f7bb5 Mon Sep 17 00:00:00 2001 From: Vincenzo Marcella <6026326+vmarcella@users.noreply.github.com> Date: Thu, 25 Jan 2024 09:39:33 -0800 Subject: [PATCH 44/46] Update locale variable to not incorrectly set a default of ''. (#166) --- scripts/install_from_release.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install_from_release.sh b/scripts/install_from_release.sh index e6b77f60..cf261837 100644 --- a/scripts/install_from_release.sh +++ b/scripts/install_from_release.sh @@ -2,7 +2,7 @@ set -e # Define the language parameter -LANG="${1:-''}" +LANG="$1" SCENARIOS="" # Map the language parameter to the corresponding scenarios file From 4ea215b690a88c42980d684564f547642da99ef1 Mon Sep 17 00:00:00 2001 From: brmoreir Date: Tue, 30 Jan 2024 15:45:07 +0000 Subject: [PATCH 45/46] Adding AttachDataDiskLinuxVM scenario. --- .../ocd/AttachDataDiskLinuxVM/DataDisk_VM.md | 89 +++++++++++++++++++ 1 file changed, 89 insertions(+) create mode 100644 scenarios/ocd/AttachDataDiskLinuxVM/DataDisk_VM.md diff --git a/scenarios/ocd/AttachDataDiskLinuxVM/DataDisk_VM.md b/scenarios/ocd/AttachDataDiskLinuxVM/DataDisk_VM.md new file mode 100644 index 00000000..190009bd --- /dev/null +++ b/scenarios/ocd/AttachDataDiskLinuxVM/DataDisk_VM.md @@ -0,0 +1,89 @@ +az login +az account set --subscription "0bb78609-cc8b-4e7d-be30-eee8cf2dbea4" +az account show + +#VARIABLE DECLARATION +export NETWORK_PREFIX="$(($RANDOM % 254 + 1))" +export RANDOM_ID="$(openssl rand -hex 3)" +export MY_RESOURCE_GROUP_NAME="myResourceGroup$RANDOM_ID" +export REGION="eastus" +export MY_VM_NAME="myVMName$RANDOM_ID" +export MY_VM_IMAGE='Ubuntu2204' +export MY_VM_USERNAME="azureuser" +export MY_VM_SIZE='Standard_DS2_v5' +export MY_VNET_NAME="myVNet$RANDOM_ID" +export MY_VNET_PREFIX="10.$NETWORK_PREFIX.0.0/16" +export MY_VM_NIC_NAME="myVMNicName$RANDOM_ID" +export MY_SN_NAME="mySN$RANDOM_ID" +export MY_SN_PREFIX="10.$NETWORK_PREFIX.0.0/24" +export MY_PUBLIC_IP_NAME="myPublicIP$RANDOM_ID" +export MY_DNS_LABEL="mydnslabel$RANDOM_ID" +export MY_NSG_NAME="myNSGName$RANDOM_ID" + +#CREATE A RESOURCE GROUP +az group create \ + --name $MY_RESOURCE_GROUP_NAME \ + --location $REGION -o JSON + +#SET UP VM NETWORK +az network vnet create \ + --resource-group $MY_RESOURCE_GROUP_NAME \ + --name $MY_VNET_NAME \ + --location $REGION \ + --address-prefix $MY_VNET_PREFIX \ + --subnet-name $MY_SN_NAME \ + --subnet-prefix $MY_SN_PREFIX -o JSON + +#CREATE STATIC PUBLIC IP +az network public-ip create \ + --name $MY_PUBLIC_IP_NAME \ + --location $REGION \ + --resource-group $MY_RESOURCE_GROUP_NAME \ + --dns-name $MY_DNS_LABEL \ + --sku Standard \ + --allocation-method static \ + --version IPv4 \ + --zone 1 2 3 -o JSON + +#CREATE NSG +az network nsg create \ + --resource-group $MY_RESOURCE_GROUP_NAME \ + --name $MY_NSG_NAME \ + --location $REGION -o JSON + +#CREATE NSG RULES +az network nsg rule create \ + --resource-group $MY_RESOURCE_GROUP_NAME \ + --nsg-name $MY_NSG_NAME \ + --name $MY_NSG_SSH_RULE \ + --access Allow \ + --protocol Tcp \ + --direction Inbound \ + --priority 100 \ + --source-address-prefix '*' \ + --source-port-range '*' \ + --destination-address-prefix '*' \ + --destination-port-range 22 80 443 -o JSON + +#CREATE NIC +az network nic create \ + --resource-group $MY_RESOURCE_GROUP_NAME \ + --name $MY_VM_NIC_NAME \ + --location $REGION \ + --ip-forwarding false \ + --subnet $MY_SN_NAME \ + --vnet-name $MY_VNET_NAME \ + --network-security-group $MY_NSG_NAME \ + --public-ip-address $MY_PUBLIC_IP_NAME -o JSON + +#CREATE LINUX VM +az vm create \ + --resource-group $MY_RESOURCE_GROUP_NAME \ + --name $MY_VM_NAME \ + --image $MY_VM_IMAGE \ + --admin-username $MY_VM_USERNAME \ + --generate-ssh-keys \ + --assign-identity $MY_VM_ID \ + --size $MY_VM_SIZE \ + --custom-data cloud-init-nginx.txt \ + --nics $MY_VM_NIC_NAME \ No newline at end of file From 6c4feb0e20e187bb525ccb87518ed3bc77234efc Mon Sep 17 00:00:00 2001 From: brmoreir Date: Tue, 30 Jan 2024 16:21:52 +0000 Subject: [PATCH 46/46] Updating DataDisk_VM --- scenarios/ocd/AttachDataDiskLinuxVM/DataDisk_VM.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scenarios/ocd/AttachDataDiskLinuxVM/DataDisk_VM.md b/scenarios/ocd/AttachDataDiskLinuxVM/DataDisk_VM.md index 190009bd..76922f29 100644 --- a/scenarios/ocd/AttachDataDiskLinuxVM/DataDisk_VM.md +++ b/scenarios/ocd/AttachDataDiskLinuxVM/DataDisk_VM.md @@ -1,5 +1,5 @@ az login -az account set --subscription "0bb78609-cc8b-4e7d-be30-eee8cf2dbea4" +az account set --subscription "XXXXXXX" az account show #VARIABLE DECLARATION