by Estevão França Mar 28, 2022 Azure

Azure Compute Gallery Automation

A few days ago, I shared a case about an Azure Compute Gallery image version, but I didn’t say much about how it works or why we should use it.

Cloud Computing has become a huge topic! Everyone is speaking about it! But, What is the first thing that comes up to your mind when this is the subject? If your answer is Virtual Machines, I think that we’re in the same line. 

I’ve been working with cloud computing for the past few years, managing different workloads (From small to large companies), and I can tell you that Virtual Machines is the most popular resource in those environments, but why? Well… It’s because of several facts, for example, software requirements, application design or even a legacy application.

When we talk about Virtual Machines, it is important to think, does the cloud provider offer an image that fits my business? The answer to this question is: on Azure, we have a huge option of images that are maintained by Microsoft and their partners (Cisco, RedHat, Ubuntu, etc).

But, what if none of those images applies to my company? For example, Microsoft gallery does not have a specific Linux distro that you need.

In this scenario, one of our options is to import a VHD with the desired O.S version and publish it as a Managed Image or Shared Image.

Once you have those images in your environment, you’re responsible for keeping them up to date (O.S and business applications). These tasks will lead us to create several Virtual Machines over the months and manage all of these images and VMs … It’s a hard job.

A solution that helps to control images in Azure is the “Azure Compute Gallery”, it allows us to share images across subscriptions, tenants, control images by creating versions.

The process of creating an image is simple, you just need some clicks in the Portal once the customization is done.

The doc below shows more details about this process:

Create an Image Definition and Version | Microsoft Docs

Well… Creating an image takes a few clicks … What about a script to do this service for us?

A while ago, I was responsible for maintaining a large number of images up to date … This was a tough task! Creating VM’s, updating OS, SYSPREP, etc… This was before the Azure image builder (I’ll write about it in the future

Once the O.S was done, I was publishing the images manually via Azure Portal … Then, I decided to create a script to do this for me =D.

Note: This script uses Azure CLI over PowerShell so, please be sure that you have the Azure CLI installed on your computer.

Install Azure CLI | Microsoft Docs

To keep it simple, I decided to execute the script using the parameters below:

SubscriptionId: Subscription where the VM and Shared Image Gallery is.

TenantId: Tenant Id.

VmResourceGroupName: Resource Group where the VM is.

SigResourceGroupName: Resource Group where the Azure Compute Gallery is.

vmName: Name of the VM that you want to create an image version.

sigName: Azure Compute Gallery Name.

imageDefinition: Image Definition name.

imageVersion: Image version, Example 20.30.141

The script execution is simple and the whole process can take at least 15min,

Code explanation:

As this process is irreversible, I put the interaction below:

Write-Output "Do you want to proceed? (y/n)"

$option = Read-Host
if ($option -eq "n"){
Write-Error -Message "Closing the Script"
exit
}else{
Write-Host"Moving forward with the image deployment..." -ForegroundColor Green
}

If you insert “n”, the script will close, otherwise, it will move forward.

As the VM will be deleted after the image creation, I used the command az vm show to get the vm details.

$vmDetails = az vm show -g $vmResourceGroupName -n $vmName -o json | ConvertFrom-json

In the line below, the command az vm get-instance-view will provide the VM state and if it’s not equal to “VM deallocated”, it will run the command az vm deallocate.

$powerStatus = az vm get-instance-view --resource-group $vmResourceGroupName --name $vmDetails.name --query instanceView.statuses[1] -o json | ConvertFrom-Json

if ($powerStatus.displayStatus -eq "VM deallocated"){
Write-Host"The VM $vmName already deallocated" -ForegroundColor Green
}else{
Write-Host"The VM $vmName is running and will be deallocated" -ForegroundColor Red
az vm deallocate -g $vmResourceGroupName -n $vmName
}

Once the VM is deallocated, the script will run the command az vm generalize.

az vm generalize -g $VmResourceGroupName -n $vmName

Once the VM is generalized, the script will list all the versions inside the $imageDefinition and set the value publishingProfile.excludeFromLatest as $true.

$allImages = az sig image-version list --resource-group $SigResourceGroupName --gallery-name $sigName --gallery-image-definition $imageDefinition -o json | ConvertFrom-Json

foreach ($image in $allImages){
$oldVersion = $image.name
if ($image.publishingProfile.excludeFromLatest -eq "True"){
Write-Host"Version $oldVersion excluded from latest" -ForegroundColor Green
}else{
Write-Host"Setting the $oldVersion as exclude from latest..." -ForegroundColor Green
az sig image-version update -g $SigResourceGroupName --gallery-name $sigName --gallery-image-definition $imageDefinition --gallery-image-version $oldVersion --set publishingProfile.excludeFromLatest=true --no-wait
}
}

The command below will create the new image version.

az sig image-version create -g $SigResourceGroupName --gallery-name $sigName --gallery-image-definition $imageDefinition --gallery-image-version $imageVersion --managed-image $vmDetails.id

Once it’s done, it will check the image provisioningState and if it’s equal to “Succeeded” the VM and dependencies will be deleted. Otherwise, the script will display an error message.

$imageDetails = az sig image-version show --gallery-name $sigName --resource-group $SigResourceGroupName --gallery-image-definition $imageDefinition --gallery-image-version $imageVersion | ConvertFrom-Json

if ($imageDetails.provisioningState -eq "Succeeded"){
Write-Host"Process finished with Success!!!" -ForegroundColor Green
Write-Host"The VM and dependencies will be deleted" -ForegroundColor Gray

# Delete VM
Write-Host"Deleting VM..." -ForegroundColor Gray
az vm delete -n $vmName -g $VmResourceGroupName --yes

# Delete O.S Disk
Write-Host"Deleting O.S Disk..." -ForegroundColor Gray
az disk delete -n $vmDetails.storageProfile.osDisk.name -g $VmResourceGroupName --yes

# Delete VM Nic
Write-Host"Deleting Nic..." -ForegroundColor Gray
az network nic delete -n $vmDetails.networkProfile.networkInterfaces.id.Split('/')[8] -g $VmResourceGroupName
Write-Host"Resources deleted with success" -ForegroundColor Green

}else{
Write-Error -Message "Something goes Wrong, check the image Gallery"
}

You can download the script here:

New-AzSigImageVersion

Demo:



1 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.