Saturday, January 25, 2020

Cheat Sheet for ARM Templates in Azure


Cheat Sheet for ARM Templates in Azure

In the recent time I’ve been working on ARM templates and each time I need to automate some stuff or provision some resources. So decided to create a cheat sheet for such purpose rather than jumping each time for Microsoft document.
 This blog post serves as a little cheat sheet for common ARM deployment stuff.
ARM Templates Parameters
Parameters are passed as an input to your ARM template. In general we take an inputs from customer or user as well.
This is most frequent technique we use while create arm template.

"parameters":{
       "actionGroupName":{
          "type":"string",
           "defaultValue":"hm-incident-create",
          "metadata":{
             "description":"Unique name (within the Resource Group) for the Action group."
          }
       },      
       "logicAppName":{
          "type":"string",
          "defaultValue":"hm-alert-splunk",
          "metadata":{
             "description":"Logic app name."
          }
      
       }
    }
Variables
There are various name of resource that  are often used more than once in the ARM template. For that purpose we should create variables . Variables can be used in scope of entire template.  Some examples:
"variables": {
"pingTestName": "[concat('Test-','toLower(parameters('appServiceName')))]"

 "WorkspaceId": "[concat('workspaceId-', toLower(parameters('appName')))]"
 "storageAccountName": "[concat('dotnet', parameters('storageName'), 'storage')]"

Complex objects with parameters
Many times we are not only dependent string , int and bool parameters .Though we have an option to create a complex object and can be use with simple syntax. I’ll be mentioning how to write that with in arm templates
To achieve this, I use nested variables that declare that in such way.
{
   "dotnetpiperspoke":{
      "type":"object",
      "defaultValue":{
         "vnet":{
            "name":"Spoke",
            "addressPrefixes":[
               "10.0.0.0/16"
            ]
         }
      },
      "metadata":{
         "description":"This is an example of using object type in ARM templates"
      }
   }
}

How to access these within template is show here:

{
   "resources":[
      {
         "name":"[parameters('spoke').vnet.name]",
         "type":"Microsoft.Network/virtualNetworks",
         "apiVersion":"2017-10-01",
         "location":"[resourceGroup().location]",
         "properties":{
            "addressSpace":{
               "addressPrefixes":"[parameters(dotnetpiperspoke).vnet.addressPrefixes]"
            }
         }
      }
   ]
}
ARM Template Resource Functions
There are many ARM template functions available, of which the resource functions are quite powerful and often required.  Here you can find some functions I often use.  They can serve as a starting point to be used in other scenarios.

·        Get the location of the resource group you’re deploying to
[resourceGroup().location]

·        Get the subscription id
[subscription().subscriptionId] or "[subscription().id]"

NOTE: Many times while deploying templates I use "[subscription().id]" and it works as anticipated
·        Get the tenant id
[subscription().tenantId]

·        Get the vault URI of a just created KeyVault instance
[reference(resourceId('Microsoft.KeyVault/vaults/', variables('keyVaultName'))).vaultUri]
ResourceId  function

"resourceId":"[resourceId('Microsoft.Logic/workflows', parameters('logicAppName'))]",                 
"callbackUrl": [listCallbackUrl(resourceId(parameters('logicAppRG'),'Microsoft.Logic/workflows/triggers',  parameters('logicAppName'), 'manual'), '2016-06-01').value]"

  • Get the access key of a just created Storage account
[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName')), providers('Microsoft.Storage', 'storageAccounts').apiVersions[0]).keys[0].value]
Conditional deployments
Another requirement is having conditions within your deployment.  For example, you only want to validate array length must be greater than 0 Or you want to add resource locks on certain condition like bool is true or not.
One way to achieve this, is by adding a condition to your Azure resource.  These conditions can use a comparison function.  This is demonstrated in the next sample:

{
   "resources":[
      {
        "name":"[concat(variables('storageAccountName'), ‘Microsoft.Authorization/CriticalStorageLock')]",
         "type":"Microsoft.Storage/storageAccounts/providers/locks",
         "apiVersion":"2015-01-01",
    "condition": "[greater(length(variables('productsJArray')), 0)]",
         "dependsOn":[
            "[concat('Microsoft.Storage/storageAccounts/', variables('storageAccountName'))]"
         ],
         "properties":{
            "level":"CannotDelete",
            "notes":"Prevent accidental deletion of the storage account."
         }
      }
   ]
}

I believe an above shared cheat sheet concepts would help you while deploying  ARM templates.


Thursday, January 23, 2020


Restore Virtual Machines using Recovery Service Vault (AZ-103)

Azure Recovery Service Vault



After taking backup of virtual machine its time to restore this from existing restore point.

Restore point : Restore point  backup means a recovery point has all required data to restore the backup copy. Azure Backup has a limit of 9999 recovery points per protected instance.
Restore point states about the various backup point taken in past so that virtual machine or file recovery could be done.
Go to Recovery Service vault - > backup Items -> choose the virtual machine from there to restore -> click on the Restore VM
Kindly follow the below screenshot for reference mutil-step.jpg



Restore VM 🔺









 Click on the backup , it open a following window with the following information.
1.       Choose backup policy : Backup policy specifies frequency and time at which vm  will be backed up   and for how long it will be retained .You can create new policy or use default policy. In my case I     have opted default policy
2.       Backup Frequency: Daily at  11:00 PM UTC.
3.       Instant restore : Retain instant recovery snapshot for 2 days.
4.       Retention Range: Retain backup taken every day at 11:00 PM for 30 Day(s).

You can also refer an image backup-policy.jpg  shown below and click on ok .

Backup Policy


Once you click on Ok with default policy it takes you to next level to take items to backup. You should be able to see the list of Virtual  machines which exist in same region as service vault to take backup further. 

As soon as you click on ok, it starts taking backup generally it takes few mins to take backup of virtual machine and after successful deployment it updates the table in backup items in Service recovery vault as shown in image backup-items.jpg

Backup management type
Backup Items


Click on Azure virtual machine , It opens a new screen and shows a last backup status  with pending You have to click again on the Virtual machine record to take backup right now.



Image : backup-now.jpg
An given below image is self explanatory like backup pre-check as passed however  with initial status pending. Click on backup and provide the date till you want to keep backup

Backup Now


After successful backup  of virtual machine it shows and update last backup status as successful. It also states you about consistency level while taking backup
In general these are described as follows

Application Consistency : This is one of the potential and consistent if you have Microsoft workload and it also ensures following parameters

1 . No data loss
2. No Corruption
3. Ensure VM boots
4. The data is consistent to the application that uses the data, by involving the application at the time of backup--using VSS.

Crash consistency: This  snapshots generally occurs when VM shuts down while taking backup  and only keeps the data that already exists on the disk at the time of backup is captured and backup.

For more details you can take a look of these links



 Refer following screenshot for reference last-backup-status.jpg
 
last-backup-status.jpg

Yes, You are done. Virtual machine should have restored.
#Azure #AzureBackup #AzureRecoveryServiceVaulr












Saturday, January 18, 2020

             Alert scope is invalid in WebTests under Azure AppService availability  



Hi Folks,

While  working on Azure ARM for WebTests in AppInsights i confronted an error states "Alert scope is invalid"

Use Case: I created ARM template to deploy WebTests for verify an availability of a AppService.
Special thing is ARM also contains inner template for Alert .
When i push through Deployment centre in Azure portal or through powershell i received below error.

New-AzureRmResourceGroupDeployment : 13:26:47 - Resource microsoft.insights/metricalerts 'xxx' failed with message '{
  "Code": "BadRequest",
  "Message": "Alert scope is invalid."
}'

After struggling a lot i found a solution here ,You just require add  componentId,failedLocationCount and webTestId.


 "criteria":{
                     "odata.type":"Microsoft.Azure.Monitor.WebtestLocationAvailabilityCriteria",
                     "componentId":"[resourceId('microsoft.insights/components'variables('applicationInsightName'))]",
                     "failedLocationCount":2,
                     "webTestId":"[resourceId('microsoft.insights/webtests'variables('appAvailability'))]"
                  }

As soon as you add an above content you should be able to resolve an error.


Happy Coding,

#Azure #ARMTemplate #AzureAlerts



Friday, January 17, 2020



How to Take backup of Virtual Machines using Recovery Service Vault in Azure - AZ-103


What is Azure Backup Recovery Services in Azure - AZ-103


Wednesday, January 1, 2020

Virtual Machine Scale Set

Understand Virtual Machine Scale Set

There are some key points which should remember while you work on VM Scale Set. Few of them are listed below and i believe that will be essential to remember of consider AZ-103 certification in mind.

1.All the virtual machine behind the VM Scale Set loadbalancer doesn't have network interface card
attached to them so this is the reason they don't have Public  IP address.
2. IN case of virtual machine you have to decide which virtual machine you want to provision and delete though in case of VMSS it manages by its own.
It means it creates automatically and deleted automatically.

NOTE: Each time when you provision a new VM under VM scale set it allocates a new instanceId to each virtual machine. for e.g.
There are 3 virtual machines VM1 ,VM2 and VM 3 than it may have instanceId like ID1,ID2 and
ID3 respectively. Now if any virtual machine deletes in VMSS than the last provisioned instance will be deleted first , in our example its VM3.

Thursday, November 14, 2019

Install Terraform Extension in VS Code for Azure


Install Terraform Extension in VS Code for Azure

Image
MicrosoftLovesTerraform
In the previous article we have gone through with how to install and configure Terraform for azure. 
Refer : INSTALL TERRAFORM FOR AZURE PROVIDER OR WINDOWS 10
Now within this article I’ll be focusing how can we increase productivity after installing certain terraform extension in VSCode.
Step1. Install VSCode from the provided link
Step2: After installing VSCode , open that and search for extension option exist on the left side of screen as depicted below  refer image extension.jpg
VSCode Extension


















Once you click on that in search bar type “Terraform”, you will get enough extensions and few of them which I used for my purpose are mentioned below:
Step3: Azure Terraform: The VSCode Azure Terraform extension is designed to increase developer productivity authoring, testing and using Terraform with Azure. The extension provides terraform command support, resource graph visualization and CloudShell integration inside VSCode.
Which allows you to execute following command from VSCode terminal as shown below in screenshot : Refer azure-terraform.jpg
Azure Terraform
Step4:Terraform: Syntax highlighting, linting, formatting, and validation for Hashicorp's Terraform.

Step5:Terraform: its by Anton Kulikov ,This is visual studio code extension ,adds syntax support for the terraform configuration language.











Once you have installed all of them and see the structure of your files it will have pretty impressive icon on the left side and intellisense will start working as shown below in screen shots.
Refer an images  icon.jpg and intellisense.jpg respectively.










I believe an article will help you to start with terraform with VSCode.
In the upcoming article we’ll learn how can we create Service Principal in Azure to start with Terraform authentication.



Monday, November 11, 2019


Install Terraform for Azure Provider or on Windows 10



Terraform has been well known open-source infrastructure as code software tool created by HashiCorp , which enables users to define and provision a datacenter infrastructure using a high-level configuration language known as Hashicorp Configuration Language, or optionally JSON.
To install Terraform on windows 10 machine there are some simple steps you have to proceed with to get it done.

In the following article we will be focused around that.
Kindly open the following link in you browser and go to bottom to download it for windows https://www.terraform.io/downloads.html
Though there will be various option available , but you choose an option to go with Windows 64 bit for windows 10.

 





















Once you have download that (in my case: terraform_0.12.13_windows_amd64)
Just extract that and place in your desired drive like I have put it in C drive as shown below:





Windows 10 and Windows 8
1.     Go to Control Panel
2.     Click the Advanced system settings link or Search Advanced system settings in search. Refer advance-settings.jpg
3.     Click on Environment Variables  In the section System Variables, find the PATH environment variable and select it. After that click on Edit and enter the value as shown in image env_varibale.jpg
4.     In the Edit System Variable (or New System Variable) window, specify the value of the PATH environment variable. Click OK. Close all remaining windows by clicking OK.

img-advance-settings.jpg

 img env_varibale.jpg






















Now you are done with the environment path setup, now open PowerShell command window to verify about the terraform version.
Kindly type the following command to verify that: terraform -version
Refer an image below powershell_terraform.jpg







We are done with an installation, now in upcoming articles we will understand how Terraform works with Azure provider and how can we authenticate azure resource provide to create azure resources.