Building a provisioning script

This article describes how you'd create your own PowerShell-based provisioning script. In the given example, we'll provision a pre-configured virtual machine which can be used for e.g. coding interviews.

The script utilizes an ARM template that has been exported from Azure's Create a virtual machine wizard, where reasonable default values have been set up, e.g. which machine size and which OS to use. Once you've gone through the wizard, it lets you Download a template for automation. Extract those files into the folder where you intend to author your script. Speaking of ...

First we ensure that we have the az client tools installed, as we are dependent on them:

if ($null -eq (Get-Command az -ErrorAction Ignore)) {
    $installer = .\Download-File.ps1 `
        -DownloadUri 'https://aka.ms/installazurecliwindows' `
        -OutputFileName 'az-cli.msi'
    Start-Process "msiexec.exe" '/i',$installer
    Write-Host "-
    Please re-run this script IN A NEW TERMINAL
    after installation completes"
    exit
}

The Download File script is defined as:

[CmdletBinding()]
param (
    # Download URI
    [Parameter(Mandatory)]
    [string]
    $DownloadUri,

    # The desired file name (e.g. 'installer.msi')
    [Parameter(Mandatory)]
    [string]
    $OutputFileName,

    # Whether or not to download a new copy, even if the file already exists
    [switch]
    $ForceDownload
)    
$ResultingFileName = (Join-Path $env:TEMP $OutputFileName)
$ResultingFileExists = $null -ne (Get-Item $ResultingFileName -ErrorAction Ignore)
if ($ForceDownload -or -not $ResultingFileExists) {
    Invoke-WebRequest `
        -Uri $DownloadUri `
        -OutFile $ResultingFileName
}
return $ResultingFileName

To keep track of multiple actions as a single logical operation, we create a Correlation Id which we then include in all generated identifiers:

$CorrelationId = (New-Guid).ToString("n")
$DeploymentName = "interview-vm-$CorrelationId"
$ResourceGroupName = "rg-$DeploymentName"
$ProvisioningCleanUp = "CleanUp-$CorrelationId.ps1"

We also define some configuration settings which will be reused throughout our various provisioning commands:

$DesiredLocation = 'uksouth'
$Subscription = 'My fictional subscription name'


Alright! That's enough set-up. Let's actually start making things happen!

Log into Azure and fetch details about the subscription whose name we've configured:

$LoginInfo = ((az login) -join "" |
    ConvertFrom-Json |
    Where-Object -Property "name" -EQ $Subscription)

Set our context: We're intending to work with this specific subscription:

az account set --name "$Subscription"

Create a resource group to hold all of our resources:

$ResourceGroupInfo = (az group create `
    --name "$ResourceGroupName" `
    --location "$DesiredLocation") |
    ConvertFrom-Json
Add-Content $ProvisioningCleanUp "Write-Host '
    Cleaning up your resources.
    This will take approximately 5 minutes.'"
Add-Content $ProvisioningCleanUp "az`
    deployment group delete `
    --resource-group '$($ResourceGroupInfo.name)' `
    --name '$DeploymentName'"

There are a couple of things going on above. First, we're creating a resource group in our desired location, saving information about the operation as ResourceGroupInfo. Then we add information about de-provisioning into our cleanup script, followed about removal of a Deployment Group we haven't defined yet.

Let's fix that. As we've now provisioned a container for our virtual machine, let's provision the machine itself:

Write-Host "Provisioning your resources. This will take approximately 5 minutes."
Measure-Command {
$DeploymentInfo = (az deployment group create `
    --name "$DeploymentName" `
    --resource-group "$ResourceGroupName" `
    --template-file 'template.json' `
    --parameters '@parameters.json' `
    --parameters location="$DesiredLocation" `
    networkInterfaceName="networkInterface-$CorrelationId" `
    networkSecurityGroupName="networkSecurityGroup-$CorrelationId" `
    publicIpAddressName="publicIpAddress-$CorrelationId" `
    autoShutdownNotificationEmail="$InterviewerEmail")

    $DeploymentInfoFile = "Deployment info $CorrelationId.txt"
    Set-Content -Path $DeploymentInfoFile -Value $DeploymentInfo
    Add-Content $ProvisioningCleanUp "Remove-Item -Path '$DeploymentInfoFile' -Force"
}

As in the clean-up script, we're first setting some expectations for our user - this should take approximately 5 minutes. We've also wrapped our deployment into as an expression block of Measure-Command so that we - each time the script is run - get a new baseline, which we then can choose to update the expectation with.

Listing --parameters starting from the parameters.json file we downloaded from Azure lets us use the parameters file as a template, only overwriting a few select variables. We save information about the deployment in a text file and add a remove command for that text file in our clean-up script.

At this point (after approximately 5 minutes 😉), we should have a fully functional VM in the Cloud. 

Let's do some final bits of housekeeping and then make it super easy for our user to get a hold of this VM:

Add-Content $ProvisioningCleanUp
    "az group delete --name '$($ResourceGroupInfo.name)' --yes"
Add-Content $ProvisioningCleanUp
    "Remove-Item -Path '$ProvisioningCleanUp' -Force"

The above ensures that we remove the resource group (which in theory should remove everything else) and then remove the cleanup script itself, as it is no longer needed.

Finally, let's just open the Azure Portal to the connection pane of our new VM, so that we can easily download its .rdp file:

Start-Process @(
    'https://portal.azure.com/'
    $TenantName
    '/resource/subscriptions/'
    $($LoginInfo.id)
    '/resourceGroups/'
    $ResourceGroupName
    '/providers/Microsoft.Compute/virtualMachines/'
    $VirtualMachineName
    '/connect'
) -join ''

Using an array and then joining it into a full string lets us write easier-to-understand code that is logically segmented.

That's it! You're now ready to spin up virtual machines left and right! Just don't forget to run those clean up scripts 😉


Comments

Post a Comment

Popular posts from this blog

Auto Mapper and Record Types - will they blend?

Image
TL;DR: Yes, they will. Thank you for your time. 😄 Background At Redgate, engineers enjoy a great benefit in that we get are expected to spend 10% of our time to improve on our craft.  Having suffered this week with manually having to copy a bunch of properties from a domain object to its HTTP representation, I decided to spend this week's 10% time to see if I could answer the following questions: Can use AutoMapper to simplify mapping between two types?  Does it also allow me to map between a regular type and a record type? What about the other way around? Can I use this to reduce the maintenance burden in my product? Mapping between two types [automapper fundamentals] To started and get a basic mapping done, created a .NET 5 ASP.NET Web API project, added the below package references and configured automapper : < PackageReference Include ="AutoMapper" Version ="10.1.1" /> < PackageReference Include ="AutoMapper.Extensions.Microsoft.DependencyInj
Read more

Unit testing your Azure functions - part 2: Queues and Blobs

In our last installment , we discovered how to start unit testing our Azure Functions, looking at the HTTP Trigger (and evaulating the function's HTTP response). This time, we'll take a look at using the QueueTrigger, getting supporting data from table storage and outputting Blobs. Yup, I'm tossing you into the deep end! What are we trying to accomplish? This time, we will test a function that performs some arbitrary business logic on bank accounts. The function responds to a storage queue request, logs each command and ensures that each received command is executed exactly once. Almost like a real-world function, huh? ;-) In the function above, we are introduced to three types that we need to deal with in our unit tests - the IQueryable interface, IAsyncCollector and the CloudBlockBlob concrete type. IQueryable is easy enough to work with: Introducing the Testable Async Collector When I first started exploring this topic, I figured I could just use my favourit
Read more

Testing WCF services with user credentials and binary endpoints

Image
This article discusses the following error messages that you might receive from a WCF service An error occurred when verifying security for the message HTTP/1.1 415 Cannot process the message because the content type 'application/soap+xml;charset=UTF-8;action="..."' was not the expected type 'application/soap+msbin1' When doing analysis work on existing services, invoking them in a safe test environment is a handy way of getting an understanding of their operations, especially if the documentation has gone missing (or was never written). SoapUI is a tool that can be used to test WCF Services, but did you know that Visual Studio also comes with its own set of tools? Let's start with SoapUI, which is available from  http://www.soapui.org/ . Its operations are quite straight-forward; however, you might run into issues when trying to access services that are protected by user credentials, or when accessing services with binary endpoints. I
Read more