How To Install Azure Cli On Linux
How tin can we connect to Azure using Ansible?
Ansible is a versatile configuration management tool that has truly taken the earth by storm offering potent integrations with cloud providers giving provisioning tools like terraform a definite run for their money. We could very easily connect to our resource in the Azure cloud using Ansible. But this involves creating a service principal for ansible in Azure Active Directory.
I recently came across a task wherein I needed to fetch configuration details about a virtual machine in the Azure cloud just due to security restrictions I could not get a service principal created for ansible. So, I choose a different route. Instead of using the Azure specific modules that Ansible has congenital in, I relied on embedding Azure CLI commands in the shell module in my ansible playbook, used a variable for the hostname and went about writing the required azure cli commands I needed to fetch the information from the virtual machine.
Nosotros could even use this methodology for creating and deleting virtual machines in the Azure cloud. Just a major shortcoming of this arroyo is that the commands being executed would non be idempotent which is one of the cornerstones that configuration management software are built on. As a pre-requisite we need the azure cli installed on the organization we'd like to run our ansible playbook from and the az login control should as well be already executed to ensure that we've logged in to our Azure business relationship.
In this article, we'll install the pre-requisite azure cli on a Linux arrangement which already has ansible installed on it and and so execute the az login command to authenticate to the Azure portal.
Installing Azure CLI on Linux
Step i: Import the Microsoft repository central
Execute the following command to import the microsoft repository key which we will utilize in side by side footstep:
[root@ansible-demo ~]# rpm --import https://packages.microsoft.com/keys/microsoft.asc
Footstep 2: Create local azure-cli repository data
The below command creates the azure-cli.repo file and populates information technology with the required Azure CLI repository location.
[root@ansible-demo ~]# repeat -e "[azure-cli] > name=Azure CLI > baseurl=https://packages.microsoft.com/yumrepos/azure-cli > enabled=1 > gpgcheck=1 > gpgkey=https://packages.microsoft.com/keys/microsoft.asc" | sudo tee /etc/yum.repos.d/azure-cli.repo [azure-cli] name=Azure CLI baseurl=https://packages.microsoft.com/yumrepos/azure-cli enabled=one gpgcheck=i gpgkey=https://packages.microsoft.com/keys/microsoft.asc
Stride 3: Install azure-cli bundle
The Azure cli repository should at present appear when nosotros run the yum repolist command.
[root@ansible-demo ~]# yum repolist Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: download.cf.centos.org * epel: d2lzkl7pfhq30w.cloudfront.net * extras: download.cf.centos.org * nux-dextop: li.nux.ro * updates: download.cf.centos.org azure-cli | iii.0 kB 00:00:00 azure-cli/primary_db | 64 kB 00:00:00 repo id repo name status azure-cli Azure CLI 108 base/7/x86_64 CentOS-7 - Base of operations 10,072 epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,674 extras/7/x86_64 CentOS-7 - Extras 500 nux-dextop/x86_64 Nux.Ro RPMs for full general desktop utilize two,724 updates/7/x86_64 CentOS-7 - Updates 2,751 xrdp xrdp 2,724 repolist: 32,553 [root@ansible-demo ~]#
Now that we are certain that the repository is bachelor, let's install the azure cli binary using yum.
[root@ansible-demo ~]# yum install azure-cli -y Loaded plugins: fastestmirror Loading mirror speeds from buried hostfile * base: download.cf.centos.org * epel: d2lzkl7pfhq30w.cloudfront.cyberspace * extras: download.cf.centos.org * nux-dextop: li.nux.ro * updates: download.cf.centos.org Resolving Dependencies --> Running transaction bank check ---> Package azure-cli.x86_64 0:two.28.0-1.el7 volition be installed --> Finished Dependency Resolution Dependencies Resolved ==================================================================== Package Arch Version Repository Size ==================================================================== Installing: azure-cli x86_64 ii.28.0-1.el7 azure-cli 45 M Transaction Summary ==================================================================== Install i Package Full download size: 45 One thousand Installed size: 595 M Downloading packages: azure-cli-2.28.0-i.el7.x86_64.rpm | 45 MB 00:00:00 Running transaction bank check Running transaction test Transaction test succeeded Running transaction Installing : azure-cli-2.28.0-ane.el7.x86_64 i/one Verifying : azure-cli-ii.28.0-1.el7.x86_64 1/1 Installed: azure-cli.x86_64 0:two.28.0-ane.el7 Complete! Run the Azure CLI with the az command. To sign in, apply az login command.
Step 4: Run the login command.
Now that nosotros take successfully installed the Azure CLI package, we'll authenticate to our Azure account with information technology so that nosotros may interact with our resource inside the Azure cloud via the Azure CLI.
When nosotros run the az login control it volition brandish a code to authenticate to the Azure portal. We need to open the URL https://microsoft.com/devicelogin and provide the code.
Once the lawmaking is accepted nosotros are prompted for our credentials. Subsequently successfully authentication, the portal will display the post-obit bulletin.
On the command line, the az login command would display some information virtually our account like the subscription and logged in user as shown beneath.
[root@ansible-demo ~]# az login To sign in, utilise a web browser to open the page https://microsoft.com/devicelogin and enter the code HTTE53Q4C to cosign. [ { "cloudName": "AzureCloud", "homeTenantId": "3617ef9b-98b4-40d9-ba43-e1ed6709cf0d", "id": "964df7ca-3ba4-48b6-a695-1ed9db5723f8", "isDefault": true, "managedByTenants": [], "name": "cloud-demo ", "state": "Enabled", "tenantId": "3617ef9b-98b4-40d9-ba43-e1ed6709cf0d", "user": { "name": "demouser@example.com", "type": "user" } } ] We tin can now run azure cli commands to interact with our resources in the azure portal.
Ansible playbook setup to query VM data in Azure
Given below is a glimpse of my playbook folder structure.
[root@ansible-demo Ansible_to_Azure]# pwd /root/Ansible_to_Azure [root@ansible-demo Ansible_to_Azure]# ls -ltrR .: full 20 -rw-r--r--. 1 root root 1447 Oct nineteen 17:01 info.json -rw-r--r--. ane root root 4374 Oct 19 17:01 get_info.yml drwxr-xr-10. 2 root root 20 Oct xix 17:01 templates -rw-r--r--. i root root 10 October 19 17:01 inventory ./templates: total 4 -rw-r--r--. 1 root root 1293 October 19 17:01 info.j2
Hither,
- Inventory file : This is where we will add the hostname of the VM that we wish to query. Notation we are not using dynamic inventories at this time.
- Get_info.yml: This is the actual ansible playbook that nosotros are going to execute.
- Templates: This directory contains a jinja2 template file that volition be used to store and format the data retrieved by the playbook. The name of the template file is info.j2.
- Info.json: This is the output file generated from the jinja2 template file that we house in the templates directory. The output from the jinja2 template is in json format and hence the name info.json.
The get_info.yml playbook
Azure VMs accept a plethora of information that can be retrieved using the Azure CLI. In this playbook, we've retrieved the following information:
- CPU
- Memory allocated
- Region/AZ
- Public IP
- Individual IP
- Network Interface Card proper noun
- Number of disks
- Disk type
- Size of each disk
- Disk IOPS
- Caching on disk
- Network security grouping rules
Here is the content of the get_info.yml playbook.
[root@ansible-demo Ansible_to_Azure]# true cat get_info.yml --- - name: Query information about Azure hosts: all gather_facts: no vars: rg: 1-7b72c7b6-playground-sandbox-2 region: eastus2 tasks: - name: Become VM Size beat out: "az vm show -yard {{ rg }} -due north {{ansible_hostname}} --query 'hardwareProfile.vmSize'" annals: vm_size delegate_to: localhost - name: Store vm size as a fact set_fact: VM_Size: "{{ vm_size.stdout_lines[0] }}" - name: Get cpu and retentivity information of VM beat out: "az vm list-sizes --location {{ region }} | grep -A1 -B1 {{ VM_Size }}| awk '{impress $two}'" annals: out delegate_to: localhost - name: Get Public IP address of VM vanquish: "az vm show -d -1000 {{ rg }} -n {{ansible_hostname}} --query publicIps -o tsv" register: publicip delegate_to: localhost - name: Get Private IP address of VM shell: "az vm prove -d -g {{ rg }} -n {{ansible_hostname}} --query privateIps -o tsv" annals: privateip delegate_to: localhost - name: Get allocated disk count trounce: "az vm show -d -thou {{ rg }} -n {{ansible_hostname}} | grep -c Microsoft.Compute/disks" register: diskcount delegate_to: localhost - proper name: Get disk names and stroage account types shell: az vm testify --resource-grouping {{ rg }} --proper noun {{ansible_hostname}} --query "storageProfile.dataDisks[][{Name:name,StorageAccountType:managedDisk}]" register: disk_info delegate_to: localhost - name: Prepare deejay info as a fact set_fact: disk_list: "{{disk_info.stdout}}" - proper name: Get size of each deejay shell: az vm evidence -thou {{ rg }} -n {{ansible_hostname}} --query "storageProfile.dataDisks[][{Proper noun:name,DiskSizeGB:diskSizeGb}]" -o table | awk -F, 'NR > 2 {print $ii, $4}' | tr -d ')])' register: disk_size_list delegate_to: localhost - name: Set fact for disk sizes set_fact: disk_size_lists="{{disk_size_list.stdout_lines}}" - name: Get VM deejay caching information beat out: az vm testify -g {{rg}} -n {{ansible_hostname}} --query "storageProfile.dataDisks[][{Name:proper name,Caching:caching}]" -o table | awk -F, 'NR>2 {print $2, $four}' | tr -d ")])'" register: disk_caching delegate_to: localhost - proper noun: Set Disk caching information as a fact set_fact: disk_cache="{{disk_caching.stdout_lines}}" - name: Get VM region and Availability zone beat out: az vm show -thou {{rg}} -n {{ansible_hostname}} --query "[location, zones]" -o tsv | tr '\n' ' ' annals: az_info delegate_to: localhost - name: set fact for region and AZ set_fact: az_region_info="{{az_info.stdout}}" - name: Get Default NSG details shell: az network nsg list --resource-group {{rg}} --query "[].defaultSecurityRules[].{Proper name:name, Accecc:admission, Management:direction, DestAddr:destinationAddressPrefix, SourceAddr:sourceAddressPrefix,DestPort:destinationPortRange, SourcePort:sourcePortRange }" -o tsv register: def_nsg_out delegate_to: localhost - name: Fix fact for default NSG rules set_fact: def_nsg_out_fact="{{def_nsg_out.stdout}}" - name: Get User divers NSG dominion details shell: az network nsg listing --resource-group {{rg}} --query "[].securityRules[].{Proper noun:name, Accecc:access, Direction:direction, DestAddr:destinationAddressPrefix, SourceAddr:sourceAddressPrefix,DestPort:destinationPortRange, SourcePort:sourcePortRange }" -o tsv register: ud_nsg_out delegate_to: localhost - name: Set up fact for User defined NSG rules set_fact: ud_nsg_out_fact="{{ud_nsg_out.stdout}}" - proper name: Get VM NIC proper noun shell: "az vm nic list -chiliad {{ rg }} --vm-name {{ansible_hostname}} --query [].id | grep subscriptions | awk -F/ '{print $NF}'" register: nicname delegate_to: localhost - proper name: Gear up fact for NIC name set_fact: nic_name="{{nicname.stdout}}" - proper name: Set fact for deejay count set_fact: disk_count="{{diskcount.stdout}}" - proper name: Set fact for Public IP set_fact: public_ip: "{{publicip.stdout_lines[0]}}" - proper noun: Prepare fact for Private IP set_fact: private_ip: "{{privateip.stdout_lines[0]}}" - name: Ready fact for CPU set_fact: num_cpu: "{{ out.stdout_lines[2] | regex_replace(',', '') }}" - proper name: Fix fact for Retentivity set_fact: mem_mb: "{{ out.stdout_lines[0] | regex_replace(',', '') }}" - name: Populate template file with info template: src: info.j2 dest: /root/ansible_azure/info.json delegate_to: localhost Nosotros will not be diving deep into the details of each task defined within the playbook (yous tin read our ansible tutorial to learn more) merely will instead elaborate on the general theme of the playbook.
The tasks using the shell module are running different Azure CLI commands on the virtual auto. We are using the "delegate_to: localhost" flag because these commands are being executed on the localhost. We accept used a lot of set_fact tasks because these permit us to apply variables to store the value of registered output variables in the tasks and so use them in the jinja2 template.
In the last task of the playbook, the variables used in the jinja2 template are populated with their actual values and stored in the file /root/ansible_azure/info.json.
The info.j2 template file
The template file contains a lot of information and uses loop and conditional constructs to filter out the desired information. We've also made heavy use of jinj2 filters replace and carve up in the template file to filter out the data. Given beneath content of the file.
[root@ansible-demo Ansible_to_Azure]# cat templates/info.j2 { "Number of CPUs": "{{ num_cpu }}", "Retentivity in MB": "{{mem_mb}}", "region/AZ":"{{az_region_info}}" "Public IP address": "{{public_ip}}", "Private IP address": "{{private_ip}}", "Number of disks": "{{disk_count}}", "VM NICname is": "{{nic_name}}", "Disk Storage type:" { {% for disk in disk_list -%} "{{ disk[0].Name}}":"{{ deejay[0].StorageAccountType.storageAccountType }}" {% endfor %} } "Disk IOPS" { {% for deejay in disk_list -%} {% if disk[0].StorageAccountType.storageAccountType == 'Premium_LRS' %} "{{ disk[0].Name}}":"120", {% elif disk[0].StorageAccountType.storageAccountType == 'StandardSSD_LRS' %} "{{ disk[0].Name}}":"500", {% else %} "{{ disk[0].Proper name}}":"500" {% endif %} {% endfor %} } "Deejay Size:" { {% for disk_s in disk_size_lists -%} "{{disk_s.split up(' ')[1]| replace("'",'') }}":"{{disk_s.split(' ')[-1]}}" {% endfor %} } "Disk Cache:" { {% for disk_c in disk_cache -%} "{{disk_c.split(' ')[ane]}}":"{{disk_c.separate(' ')[-ane]}}" {% endfor %} } "Default NSG details" { "Name Access Direction DestAddr SourceAddr DestPort SourcePort", "{{def_nsg_out_fact| replace("\t",' ')}}", } "User Defined NSG details" { "Name Access Management DestAddr SourceAddr DestPort SourcePort", "{{ud_nsg_out_fact| supplant("\t",' ')}}", } } To run the playbook type the following command:
ansible-playbook -i inventory info.yml
The resulting info.json file has the post-obit content.
[root@ansible-demo Ansible_to_Azure]# cat info.json { "Number of CPUs": "2", "Memory in MB": "8192", "region/AZ":"eastus2 two" "Public IP accost": "20.190.193.149", "Private IP address": "ten.0.0.four", "Number of disks": "5", "VM NICname is": "azuredemo851", "Disk Storage blazon:" { "azuredemo_DataDisk_0":"Premium_LRS" "azuredemo_DataDisk_1":"StandardSSD_LRS" "azuredemo_DataDisk_2":"Standard_LRS" "azuredemo_DataDisk_3":"Premium_LRS" } "Disk IOPS" { "azuredemo_DataDisk_0":"120", "azuredemo_DataDisk_1":"500", "azuredemo_DataDisk_2":"500" "azuredemo_DataDisk_3":"120", } "Disk Size:" { "azuredemo_DataDisk_0":"8" "azuredemo_DataDisk_1":"32" "azuredemo_DataDisk_2":"64" "azuredemo_DataDisk_3":"4" } "Disk Cache:" { "azuredemo_DataDisk_0":"ReadOnly" "azuredemo_DataDisk_1":"ReadWrite" "azuredemo_DataDisk_2":"ReadWrite" "azuredemo_DataDisk_3":"None" } "Default NSG details" { "Name Access Management DestAddr SourceAddr DestPort SourcePort", "AllowVnetInBound Allow Inbound VirtualNetwork VirtualNetwork * * AllowAzureLoadBalancerInBound Allow Inbound * AzureLoadBalancer * * DenyAllInBound Deny Inbound * * * * AllowVnetOutBound Allow Outbound VirtualNetwork VirtualNetwork * * AllowInternetOutBound Allow Outbound Internet * * * DenyAllOutBound Deny Outbound * * * *", } "User Divers NSG details" { "Name Access Management DestAddr SourceAddr DestPort SourcePort", "SSH Allow Inbound * * 22 * Port_8080 Allow Inbound * * 8080 *", } } Summary
In this article, nosotros shared a practically tested method of querying information nigh a virtual car in Azure using an Ansible playbook. The playbook itself contains multiple Azure CLI commands which we encourage you to check out individually. Also, the fashion the playbook and the jinja2 template have been written and formatted should help y'all in writing playbooks in future where there is a like requirement.
References
We referred to the official Microsoft documentation for installing Azure CLI on our VM and likewise for adding queries to our Azure CLI commands. Links to both have been shared below.
Install the Azure CLI on Linux
How to query Azure CLI command output using a JMESPath query
Source: https://www.golinuxcloud.com/ansible-azure-examples/
Posted by: geterintentookey1948.blogspot.com
0 Response to "How To Install Azure Cli On Linux"
Post a Comment