Introduction
A strong CLI is useful to manage cloud resources easily. It helps automation, scripting and logging. It is handy in managing basic docker (Azure Container Services) stuff as well.
If you are new to Azure CLI it helps a lot took at the MS Docs – Getting Started documentation page. Documentation root is at MS Docs – Azure CLI 2.0
Here are few ways to access Azure Resources,
- Azure Portal
- Azure Powershell
- SDKs – fluent .net api, supports other languages,
- service principal (can be used to created using CLI)
- REST API {JSON}
Here is the work flow for azure-cli.
- First, we login to azure using CLI.
- Second, we create/delete/modify resources.
- Third, We perform actions on resource.
Additionally, I usually set the path manually in a command prompt,
C:> set PATH=%PATH%;C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\wbin
On a powershell, if you ever need to add this manually to path var,
$ $Env:Path += 'C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\wbin;'
Azure CLI is a cross-platform tool built using python, Wix. az commands in this article should work across all operating systems.
To check what version is installed,
$ az --version
azure-cli (2.0.43)
... .... ....
Python location 'C:\Program Files (x86)\Microsoft SDKs\Azure\CLI2\python.exe'
Extensions directory 'C:\Users\Neo\.azure\cliextensions'
Python (Windows) 3.6.5 (v3.6.5:f59c0932b4, Mar 28 2018, 16:07:46) [MSC v.1900 32 bit (Intel)]
Legal docs and information: aka.ms/AzureCliLegal
To access interactive version of Azure CLI, we enter an interactive session,
az interactive
Finally, here’s a brief overview of Azure CLI.
We can use Azure Cloud Shell as well to access Azure-CLI. It however requires a storage account. More info at MS Docs – Overview of Azure Cloud Shell
1. Azure login
login command looks like following,
$ az login
Note, we have launched a browser for you to login. For old experience with device code, use "az login --use-device-code"
You have logged in. Now let us find all the subscriptions to which you have access...
[
{
"cloudName": "AzureCloud",
"id": "c2eax898-6232-4834-8e65-5e2cbeac0919",
"isDefault": true,
"name": "My Pay As You Go",
"state": "Enabled",
"tenantId": "cde5d866-bf04-4fa4-8da1-b3282cdb843b",
"user": {
"name": "matrix@morphis-system.com",
"type": "user"
}
}
]
It automatically opens up a new browser Windows where we login to the account. Once we are logged into the azure portal, authentication token is automatically picked up the command prompt CLI instance.
In future az commands same authentication is continued to be used.
As we can see above, in command output, after logging in, it lists available subscriptions with the with Azure Cloud account. Following command also lists subscriptions,
$ az account list
This lists all subscriptions under the account. Commands we apply work on current subscription context. To show currently set subscription context,
$ az account show
If you have more than one subscription you might want to set the active subscription globally which can be done in following way ref,
$ az account set -s "My Pay As You Go"
which is equivalent to,
$ az account set --subscription "My Pay As You Go"
More info can be found at MS Docs – Manage multiple Azure subscriptions
For login we can use service principals as well, here’s an example of logging in with service principal,
az login --service-principal -u $servicePrincipalAppId --password $spPassword --tenat $tenantId
2. Managing Resource
We can do following managing of Azure Resources,
- Create
- Query
- Update
- Delete
Here are few examples below,
list examples
To list VMs we do,
$ az vm list
[]
Currently, I do not have any VM. Hence, the empty array shows up in output.
To list resource groups we do,
$ az group list
[
{
"id": "/subscriptions/c2eax898-6232-4834-8e65-5e2cbeac0919/resourceGroups/asynctest",
"location": "westus",
"managedBy": null,
"name": "asynctest",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null
},
{
"id": "/subscriptions/c2eax898-6232-4834-8e65-5e2cbeac0919/resourceGroups/blog",
"location": "centralus",
"managedBy": null,
"name": "blog",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null
},
{
"id": "/subscriptions/c2eax898-6232-4834-8e65-5e2cbeac0919/resourceGroups/ML",
"location": "westus2",
"managedBy": null,
"name": "ML",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null
},
{
"id": "/subscriptions/c2eax898-6232-4834-8e65-5e2cbeac0919/resourceGroups/Speech",
"location": "westus",
"managedBy": null,
"name": "Speech",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null
}
]
To show available azure function apps,
az functionapp list
Following screenshot from Azure CLI course by Mark Heath shows some more examples,
Using Query Language JMES
To select only field: state, to check whether the app is Running or not,
az functionapp show -n func -g myfuncs --query state
We can query multiple fields such as state and ftpPublishingUrl using array like syntax,
--query "[state, ftpPublishingUrl]"
Query language used in Azure CLI is called JMESPath.
We can rename properties in output,
az funcapp list --query "[].{Name:name, Group:resourceGroup, State: state}"
It feels like similar to the C# Feature where we can dictionary like, name fields in output,
Create Examples
To create a new resource group we do,
$ az group create --name MyContainers --location westus
{
"id": "/subscriptions/c2eax898-6232-4834-8e65-5e2cbeac0919/resourceGroups/MyContainers",
"location": "westus",
"managedBy": null,
"name": "MyContainers",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null
}
Navigating help
To view top level help,
az -h
To view help on sub-topic webapp,
az webapp -h
To view help sub-topic of webapp: create,
az webapp create -h
To view help sub-topic of webapp: config,
az webapp config -h
-h
applies to all available sub-commands.
Managing Web App and Other Resources
Here’s a brief overview of things we can do,
Listing webapps,
az webapp list
To create new resource group,
az group create -n ResourceGroupName -l westus
To view help on App service plan create command,
az appservice plan create -h
Here’s an example, how we create an webapp under specified app service plan,
az webapp create -n AppName -g ResourceGroupName --plan AppServicePlanName
To show newly created app and query its host name,
az webapp show -n AppName -g ResourceGroupName --query "defaultHostName"
We can perform webapp deployment from source control,
az webapp deployment source config -n AppName -g ResourceGroupName --repo-url GIT_REPO_URL --branch master --manual-integration
For automatic integration with github we need to pass a git token.
In summary,
To trigger redeployment we do,
az webapp deployment source sync -n AppName -g ResourceGroupName
SQL Server Resources
To create new SQL Server,
az sql server create -n SqlServerName -g ResourceGroupName -l Location -u sqlServerUserName -p sqlServerPass
List what pricing tiers are availabe for SQL Database,
az sql db list-editions -l Location -o table
To show outboundIpAddresses
,
az webapp show -n AppName -g ResourceGroupName --query "outboundIpAddresses" -o tsv
Brief overview of SQL Server command examples below,
To create sql server firewall,
az sql server firewall-rule create -g ResourceGroupName -s SqlServerName -n AllowWebApp1 --start-ip-address 0.0.0.0 --end-ip-address 0.0.0.0
We can get the connection string using the CLI as well. Afterwards, we can set the connection string to the webapp,
az webapp config connection-string set -n AppName -g ResourceGroupName --settings \
"SnippetsContext=$connectionString" --connection-string-type SQL-Azure
Import/Export SQL Database
An export example,
az sql db export -s $sqlServerName -n $databaseName -g $ResourceGroupName \
-u $sqlServerUserName -p $sqlServerPass --storage-key-type StorageAccessKey \
--storage-key $storageKey --storage-uri "StorageBlobURL"
To restore database from backup, we use a new database. As we know, we cannot restore into current database.We can only restore into blank database.
So we create new database, get the connection-string, and use this new connection-string on the webapp.
Export procedure overview,
Deployment procedure overview,
Output Formatting
By default, output is displayed in JSON format. Using -o table
we can have tabular format output.
To display the output as a table we add --out table
. Here’s an example,
$ az container list --out table
Azure Container Instance Related Commands
Listing containers,
$ az container list
[
{
"containers": [
{
"command": null,
"environmentVariables": [],
"image": "microsoft/iis:nanoserver",
"instanceView": null,
"livenessProbe": null,
"name": "MyServerCoreCI",
"ports": [
{
"port": 80,
"protocol": "TCP"
}
],
"readinessProbe": null,
"resources": {
"limits": null,
"requests": {
"cpu": 1.0,
"memoryInGb": 1.5
}
},
"volumeMounts": null
}
],
"diagnostics": null,
"id": "/subscriptions/c2eax898-6232-4834-8e65-5e2cbeac0919/resourceGroups/dockers/providers/Microsoft.ContainerInstance/containerGroups/MyServerCoreCI",
"imageRegistryCredentials": null,
"instanceView": null,
"ipAddress": {
"dnsNameLabel": null,
"fqdn": null,
"ip": "40.78.17.202",
"ports": [
{
"port": 80,
"protocol": "TCP"
}
]
},
"location": "westus",
"name": "MyServerCoreCI",
"osType": "Windows",
"provisioningState": "Succeeded",
"resourceGroup": "dockers",
"restartPolicy": "Always",
"tags": {},
"type": "Microsoft.ContainerInstance/containerGroups",
"volumes": null
}
]
Azure Resource Manager (ARM)
Azure Resource Manager, in brief ARM helps deployment procedure automated and sophisticated.
We can perform group deployment using ARM.
Then check what the newly created resourceGroup contains,
az resource list -g ResourceGroupName -o table
Create deployment overview,
To get domain name property of first public ip,
az network public-ip list -g ResourceGroupName --query "[0].dnsSettings.fqdn" -o tsv
To generate template from existing from resource group we can utilize command similar to,
az group export
Sometimes, there are things in the resource group that cannot be represented in an ARM template.
Bug of current CLI turns this warning into an error.. Compared to github deployment json this is much more verbose and specific..
Another way to create ARM Template is using Visual Studio, ARM Tooling.
Recommended Courses
Misc.
Azure CLI Windows build script can be found at references section. Additionally, we can configure with Active directory,
Reference