Questions tagged as ['azure']
I have around 5 VMs in Azure, which were originally provisioned as Ubuntu 18 and since then I've been dist-upgrading them several times. A few months ago I noticed that similar VMs on different subscriptions fail to boot, being stuck on "cloud-init" step. 
Some of those VMs do have "Raise network interfaces" failure, some don't.
So far the workaround has been to detach the drive, edit it in a different VM ...
we have a devops git repo connected to our static webapp, which auto deploys when the repo changes.
However, the dev-ops git repo is now somehow empty (like it was never created). Is there any way to view or export all the files on the static web app? We cant see any options in azure portal
Question
What is the correct way to configure an Azure Application Gateway to be able to handle requests which use a host header with only a hostname (i.e. not a fully qualified domain name) due to clients relying on their DNS search suffix list to handle this.
Detail
We have an Azure Application Gateway which is configured with a Private IP to act as a load balancer for a variety of internal websi ...
I am having quite a few problems with setting up an Azure VM that is linked to an Azure Managed Instance SQL Server. The aim of this is to be able to setup a linked server in SSMS that can connect to a whitelisted MySQL server so I believe I need the VM to install the drivers and setup the ODBC and DSN links for the linked server to use. This MySQL connection also uses a KEY, CERT and PA-CERT
Key ...
How do I reconfigure Azure AD sync, used for making single-sign-on possible for Office365 from inside the domain, so that the domain name part of a user's UPN can change when synchronized?
E.g. assume the local domain is ad.contosolocal.com, and the external domain is contoso.com. Currently, only exact copying works, by matching its ID, e.g. by using MSonline;
$username="bob"
$UPN = (-join($username, " ...
While creating the Virtual network gateway and selecting the vnet, it says the VNet is "in use".
VNET address space is 10.0.0.0/16
Any idea why I'm getting this error?
I created a new subnet and it has no devices connected to it.
The connected devices are not on GatewaySubnet.
I've got an Azure FrontDoor (preveiw) Premium endpoint setup and I'm trying to add a custom wildcard domain (*.example.com) so that I can use the Rule Set to direct traffic between server environments setup as origin groups.
I am using Azure DNS, and Azure KeyValut to hold the secret.
The problem I'm facing is that when adding the *.example.com custom domain, it will not let me select the wildcard c ...
As you can see in the screenshots, the region I need does not show up in the dropdown and I cannot select the us south central region (in Texas). The resource group is in Texas tho, and I have some VMs running there.
According to Azure Products by Region | Microsoft Azure cosmos db IS available in south central us.
IDK if this is a bug in the portal.
We have our database either in aws rds or azure postgres or even on a different online server based on customer.
But our product will be running in azure kubernetes as a pod and service with database details in configmap.
Before we launch our app, it is mandatory that an sql file should be running in the database as preconfiguration.
What is the best approach we can set it so that we can automate this? ...
I have setup a private cluster in azure kubernetes.
Due to which, the helm charts are failing to install.
error details:
Error: INSTALLATION FAILED: Kubernetes cluster unreachable: Get "https://testingcluster-dns-827dc1c4.10357f00-62ec-4f3f-a2b0-6d86ccd26901.privatelink.centralindia.azmk8s.io:443/version?timeout=32s": dial tcp: lookup testingcluster-dns-827dc1c4.10357f00-62ec-4f3f-a2b0-6d86ccd26901.priv ...
Will Azure sentinel produce its own alerts ? or it just collect data from various products like security center or AWS guard duty?
I know azure security center has its own mechanisms to detect threats in cloud environment but just want to clarify if azure sentinel has the same capabilities.
Microsoft announced Azure Container Apps, a new service for running serverless containers in the cloud. This appears to be similar to the Container Instances service, which is also for deploying fully-managed containers.
What are the key differences between these two services?
I'm trying to create an AKS service with static pre-defined public IP. For that I'm using terraform.
The important parts
resource "azurerm_public_ip" "public_ip" {
allocation_method = "Static"
location = azurerm_resource_group.rg.location
name = "${local.resource_name_prefix}-PublicIp1"
resource_group_name = azurerm_resource_group.rg.name
sku = "Standard"
tags ...
I've created a private cluster on AKS and deployed some workloads to it, but I'm not sure how to connect to the services. They are all NodePort services, both TCP & UDP.
Initially, I thought that the endpoint AKS provides could be used to interact with the cluster as a whole, but this isn't the case -- this only exposes the Kubernetes API (probably why they call it the API endpoint)
I also tried ...
I currently have runbooks that stop/start VMs on a schedule but recently the runbook to start vms is stopped because it takes too long to complete. The following message is thrown -
"The job has been stopped because it reached the fair share limit of job execution more than 3 hours. For long-running jobs, it's recommended to use a Hybrid Runbook Worker. Hybrid Runbook Workers don't have a limitation on ho ...
I have done plenty of digging, but it looks like this may be a shortcoming in Azure. I cannot find a native solution in the Azure portal to tell me when VMs are running low on disk space. What if I want to simply run inventory on my VMs to see how much space is being used on any attached drives? Nope.
For now I am piggy-backing on my 3rd party server monitoring agent for this, but in my situatio ...
I am trying to connect to cluster and create a namespace using github actions. And then doing the deployment using the yaml files saved in repository. Also, the acr container registry is being used here and creating a tag everytime using the short-ID of github commit. How to update the deployment to use the new tag once the push is completed.
The below run task is using static yaml files only.
name: D ...I am trying to connect to cluster and create a namespace using github actions. For that, I tried these steps.
In the link shared above, I first retrieved the azure service principal for connecting aks.
az ad sp create-for-rbac --name "myApp" --role contributor --scopes /subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP> --sdk-auth
And then, proceeded with the steps. But, d ...
I would like to know the difference between timeTaken_d and clientResponseTime_d
please find the query below
AzureDiagnostics | where Category == 'ApplicationGatewayAccessLog' | project timeStamp_t, timeTaken_d, clientResponseTime_d, serverResponseLatency_s, httpStatus_d, requestUri_s, instanceId_s
Our team has inherited an old project with tons of Azure resources (roughly 1600 in 30+ subscriptions). We were tasked to determined, whether they are still used or can be removed. We were able to identify a vast majority of these services via ARM templates, PowerShell scripts, etc. However, there remains ~250 resources which we are not sure about.
Is there any simple way (Kusto query, API endpoi ...
I am unable to see the dynamic rules getting created in Azure Network Security Group (NSG). My template looks ok from validation checks. However, when i run the terraform apply the NSG creates without the custom rules i put under dynamic rules section. Since this is part of a module i have to use some logic for iteration.
Below is my code from module.tf file
resource "azurerm_network_security_group" " ...mysql -h foobar.mysql.database.azure.com -u me@foobar -p
From 18.04 and Windows 11, connection is successful. From 20.04, connection seems to hang, or never complete. I enter the password and get a prompt in 18.04, but not in 20.04.
18.04 client is 5.7. 20.04 is 8.0. Windows is 8.0.
I've tried several VMs in various locations and have been unable to get mysql client on 20.04 to connect. I've tried:
Is there a way to use azure MFA (using the Authenticator App) for Windows 10 Desktop logins? The goal is that users, who login on a Domain PC, need to authenticate via the Microsoft Authenticator App for every login on the PC. I know there is a similar question that is two years old. It says that it was not possible at that time. Otherwise there are articles that say it is posible using azure hybrid joi ...
We are hosting a REST API written in Python on Azure Functions, and using logging to monitor it.
Sometimes, not all of the expected output is displayed in Application Insights.
Here is an example of what it should look like:
2021-10-26T18:44:13Z [Verbose] Sending invocation id:64be8d30-a3ff-41d0-a653-de20c48db85a
2021-10-26T18:44:13Z [Verbose] Posting invocation id:64be8d30-a3ff-41d0-a653-de20 ...
Sometimes (but not every time - roughly 3 attempts of every 10 work) when I try to connect to a VM hosted on Azure, my SSH connection hangs before giving me a shell; the last message in the verbose debug log is:
debug2: channel 0: request shell confirm 1
debug3: send packet: type 98
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 0 rmax 3276 ...
I'm trying to get my Azure Windows Server VM to connect to my local AD.
I've already created a Site to Site VPN Gateway and connected both the DC (172.16.1.5) and VM (172.16.1.4) and I've confirmed that both can ping each other.
DNS of the VM is set to 172.16.1.5 via Azure Control Panel > Virtual networks > vnet group > vm v-nic > DNS servers
I tried a tracert on the VM but it couldn't reso ...
I have created a storage account and set in private but kept accessible to all networks. I am able to upload files there from azure portal with my account and created a container also there and uploaded a tar.gz file. tar file
But when I am trying to access this in a azure pipeline task with my account.I am getting this error when selecting the container, even after authorization of storage account and s ...
Background: Apparently Packer has major issues configuring WinRM on Azure VMs created from the Microsoft Windows Server publisher. This is only one of the several issues and threads I've found on this and it dates back several years. Because of this I'm unable to connect to an instance with Packer in order to provision and prepare our own Windows images for use within our company. I've tried alterin ...
Suppose I have an Azure SQL Database Elastic Pool and I am accessing it from an Azure Web App via Firewall rules and everything is working fine.
Now suppose I want to add a new Private Endpoint to the Azure SQL Database Elastic Pool. This would NOT block access via the existing Firewall rules / access outside of the newly created Private Endpoint - is that right?
In other words, adding a Private En ...
I have tried the steps mentioned in the link.
Here, instead of local MDT deployment share, configured IIS to access it through HTTP/HTTPS. But it is not still linked to unc path, which can't be accessible over the internet.
After configuring the IIS as per the steps you mentioned.
The deployment share in the Listtouch iso is still trying to access the UNC path.
Because of this, the internet deploymen ...