Azure Scale Set vs Availability Set

Posted on February 27, 2019 by John Humphreys

Why Was I Worried?

I have been habitually using scale sets for all of my needs as long as my requirements only involved needing multiple copies of a VM image running safely. Then I started to worry about the difference between a scale set and an availability set… were my scale set VMs not safe?

TLDR; I actually read Azure and Azure CLI documentation and made a simple but cool command below that put my mind at ease for scale sets, so feel free to skip to that if you like.

Research

There is a good stack overflow right here which I added to just now. It has quite a few good answers about availability sets vs scale sets, including some info about a scale set by default having 5 fault domains. So, I recommend starting there if you’re interested in digging in.

A good summary of what I found is that:

Availability sets by default will spread your resources over fault domains to ensure that outage of one due to a power or network issue, etc does not affect another.
Availability sets also allow mixing of resources; e.g. 2 VMs with different configuration.
Scale sets only allow you to have an identical image deployed and they provide the ability to scale it out linearly.
Scale sets implicitly have one “placement group”. If you want to go over 100 VMs, you have to remove that restriction.
A placement group has 5 fault domains and is similar (or maybe the same as) an availability set.

Validation

As I’m responsible for highly available infrastructure, I wasn’t keen on just accepting this. So, I fiddled around with the Azure CLI for scale sets and made this simple command which indeed shows my 10 instance scale set is indeed spread across multiple fault domains – I hope you find it useful too.

az vmss get-instance-view --subscription "your-subscription-id" \ 
--resource-group "your-rg" --name "your-scale-set-name" \
--instance-id "*" | grep platformFaultDomain

    "platformFaultDomain": 0,
    "platformFaultDomain": 1,
    "platformFaultDomain": 2,
    "platformFaultDomain": 4,
    "platformFaultDomain": 0,
    "platformFaultDomain": 1,
    "platformFaultDomain": 3,
    "platformFaultDomain": 4,
    "platformFaultDomain": 2,
    "platformFaultDomain": 3

Here are some additional good resources:

Azure CLI – List Only Storage Accounts with Blob Containers Present

Posted on February 23, 2019 by John Humphreys

I just had to write a script to find all storage accounts with blobs present in a specific subscription in a specific region.

This proved to be non-trivial as the storage account function doesn’t have a region filter, and you have to manually crawl the accounts to see if they’re using blobs.

Here is the fully-working script I came up with, I hope it helps you out!

rm -f accounts_with_blobs.csv

tenant="your-tenant-id"
subscription="your-subscription-name"
region="your-region"

az login --tenant "${tenant}" --subscription "${subscription}"

# Get all subscription + region filtered storage account names.
accounts=$(az storage account list --output table --subscription "${subscription}" | grep "${region}" | awk '{print $5}')

# Filter out accounts with no blob containers.
for account in $accounts
do
    char_count=$(az storage container list --account-name $account | wc -c)
    if [[ $char_count -lt 4 ]];
    then
       echo "$account has no blobs."
    else
       echo "$account has blobs."
       echo "$account" >> accounts_with_blobs.csv
    fi
done

MRemoteNG – SSH – Connect to Azure VM

Posted on February 1, 2019 by John Humphreys

What is MRemoteNG?

MRemoteNG is a nice Windows OS tool for managing multiple SSH sessions (and session configurations) in one window – so you can log onto 10 servers and hop around trivially. It is built on top of Putty.

How Do You Use It With Azure VMs?

When you create a VM in Azure, you give it a public key (assuming you didn’t use password authentication, which you should generally avoid).
You can generate a key pair with PuTTYGen if you don’t have one (but then I’m assuming that you do have one if you already created the VM).
Take the private key corresponding to that public key and save it into a file (it may already be in an “id_rsa” file in your .ssh directory in your user directory; e.g. C:\users\your-name\.ssh\id_rsa).
Open PuTTYgen (it should come with MRemoteNG or Putty, otherwise you can get it yourself.
Load the private key file.
Click “Save private key” with Type = RSA selected (2048 bits is fine). It will save as a “PPK” file.
Save it to your .ssh folder for consistency, or anywhere else – it really doesn’t matter much.
Open MRemoteNG -> Tools -> Options -> Advanced -> Launch Putty -> Expand “SSH” -> Click Auth (Don’t expand) -> Put your PPK file path in “Private key file for authentication”.
Click Session in putty and give the session a name in the “Saved Sessions” text box and then click Save. It should appear in the box below that.
Now you have a saved session that can use this private key via a PPK file.
Close Putty, make a new connection in MRemoteNG and select “Putty Session” = the new session you saved. It should be listed as an option.
Celebrate!

Ansible – Refer to Host in Group by Index

Posted on December 30, 2018 by John Humphreys

Occasionally it is very useful to refer to a host in a group by an index. For example, if you are setting up Apache or HAProxy, you may need to push a configuration file out to each host that can redirect to all other hosts.

It is actually quite easy to refer to the hosts in a group by index, but its not necessarily easy to google it unfortunately. Here is the syntax for the first 3 hosts in a group:

{{groups['coordinators'][0]}}
{{groups['coordinators'][1]}}
{{groups['coordinators'][2]}}

Azure – Linux VM Image Creation – Powershell – With Service Principal/Account

Posted on December 21, 2018 by John Humphreys

Overview

I was working on creating generalized VM images for use with scale sets and auto-scaling and I found it rather painful to get the complete set of examples for:

De-provision user/etc from VM.
Use Azure Powershell with a Service principal.
Generalize the VM and create an image.

So, here’s a short mostly-code post on how to do that.

Specific Steps

Fair warning… as far as I know, you can’t use the VM after doing this… but you can create a new copy of it from the image, so that doesn’t matter much.

Before getting to Powershell, run this in your VM to de-provision the most recently set up user account (e.g. I’ll install everything on user “john” created with the Azure VM). This will remove that user.

sudo waagent -deprovision+user

Now, just run the below command after setting your own values for the 5 variables up top. This will log in to the RM with the credentials you provide in the pop-up, and then it will stop and generalize the VM, adn tehn create an image from it and store that image in the same resource group as the VM.

$vmName = "YOUR_VM_NAME"
$rgName = "YOUR_RG_NAME"
$location = "YOUR_REGION"
$imageName = "YOUR_IMAGE_NAME"
$tenant = "YOUR_TENANT_ID"

$c = Get-Credential # Input your service principal client-id/secret.
Connect-AzureRmAccount -Credential $c -ServicePrincipal -Tenant $tenant

Stop-AzureRmVM -ResourceGroupName $rgName -Name $vmName -Force
Set-AzureRmVm -ResourceGroupName $rgName -Name $vmName -Generalized
$vm = Get-AzureRmVM -Name $vmName -ResourceGroupName $rgName
$image = New-AzureRmImageConfig -Location $location -SourceVirtualMachineId $vm.Id
New-AzureRmImage -Image $image -ImageName $imageName -ResourceGroupName $rgName

Configuration Trouble?

If you’re not sure what a service account / principal is or how to create one, the process is quite involved and I highly recommend following one of the many Microsoft-provided tutorials.
You can find your tenant ID by clicking the directory + subscription button at the top of the portal OR by hovering over your name/info at the top right corner.
The region strings can be tricky; but just Google the Microsoft site if you’re not sure. A US East 2 example is “EastUS2”.

What’s Next?

Your VM image can now be found in that resource group – go to the portal and see. You can go into the image in the portal and create a new VM from it, or you can use it to boot up a scale set, etc.

Coding Stream of Consciousness

by John Humphreys – Random code from my life.

Category Archives: general