Tag: Instance

Azure Arc enabled Server AWS Linux machine with automatic tags

Azure Arc enabled Server – Store AWS instance metadata as Azure tag

If you want to onboard an AWS EC2 instance (virtual machine) to Azure using Azure Arc for multicloud management, you might want to store some of the AWS instances metadata as Azure tags for your Azure Arc enabled server. One of the easiest ways is to set these tags during the onboarding process of an Azure Arc-enabled server from AWS. AWS instances offer a service to retrieve instance metadata directly from the running instance, so you do not need to use the Amazon EC2 console or the AWS CLI (This is similar to the Azure Instance Metadata Service on Azure VMs).

On AWS EC2 instances running Windows you can run the following PowerShell command to see the metadata available:

Invoke-RestMethod -Headers @{"Metadata"="true"} -Method GET -Uri http://169.254.169.254/latest/meta-data/

Now in my example, I want to store the AWS region as well as the AWS instance Id as an Azure tag for my Azure Arc enabled server. For onboarding the AWS instance, I use the Azure arc onboarding method by using a service principal. This is the simple script you can use, don’t forget to replace the variables for subscription ID, tenant ID, resource group, and more.

# Get AWS Instance data
$AWSRegion = Invoke-RestMethod -Headers @{"Metadata"="true"} -Method GET -Uri http://169.254.169.254/latest/meta-data/placement/region
$AWSInstanceId = Invoke-RestMethod -Headers @{"Metadata"="true"} -Method GET -Uri http://169.254.169.254/latest/meta-data/instance-id

# Create Tags
$tags = "Datacenter=AWS,CountryOrRegion=Germany,AWSRegion=$AWSRegion,AWSInstanceID=$AWSIsntanceId"

# Add the service principal application ID and secret here
$servicePrincipalClientId="<service principal id>"
$servicePrincipalSecret="<service principal secret>"

# Download the installation package
Invoke-WebRequest -Uri "https://aka.ms/azcmagent-windows" -TimeoutSec 30 -OutFile install_windows_azcmagent.ps1

# Install the hybrid agent
& "$PSScriptRoot\install_windows_azcmagent.ps1"
if($LASTEXITCODE -ne 0) {
    throw "Failed to install the hybrid agent"
}

# Run connect command
& "$env:ProgramW6432\AzureConnectedMachineAgent\azcmagent.exe" connect --service-principal-id "$servicePrincipalClientId" --service-principal-secret "$servicePrincipalSecret" --resource-group "<resourcegroup>" --tenant-id "<tenantid>" --location "<azureregion>" --subscription-id "<subscriptionid>" --cloud "AzureCloud" --tags "$tags" --correlation-id "<correlationid>"

if($LastExitCode -eq 0){Write-Host -ForegroundColor yellow "To view your onboarded server(s), navigate to https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.HybridCompute%2Fmachines"}
Azure Arc enabled Server AWS Windows Server machine with automatic tags
Azure Arc enabled Server AWS Windows Server machine with automatic tags

If you are onboarding an AWS EC2 instance running Linux to Azure Arc, you can use the following command to automatically add tags during the onboarding process.

# Get AWS Instance data
awsregion="$(curl -H "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/meta-data/placement/region)"
awsinstanceid="$(curl -H "X-aws-ec2-metadata-token: $TOKEN" -v http://169.254.169.254/latest/meta-data/instance-id)"

# Create Tags
tags="Datacenter=AWS,CountryOrRegion=Germany,AWSRegion=$awsregion,AWSInstanceID=$awsinstanceid"

# Add the service principal application ID and secret here
$servicePrincipalClientId="<service principal id>"
$servicePrincipalSecret="<service principal secret>"

# Download the installation package
wget https://aka.ms/azcmagent -O ~/install_linux_azcmagent.sh

# Install the hybrid agent
bash ~/install_linux_azcmagent.sh

# Run connect command
azcmagent connect --service-principal-id "$servicePrincipalClientId" --service-principal-secret "$servicePrincipalSecret" --resource-group "<resourcegroup>" --tenant-id "<tenantid>" --location "<azureregion>" --subscription-id "<subscriptionid>" --cloud "AzureCloud" --tags "$tags" --correlation-id "<correlationid>"


if [ $? = 0 ]; then echo "\033[33mTo view your onboarded server(s), navigate to https://portal.azure.com/#blade/HubsExtension/BrowseResource/resourceType/Microsoft.HybridCompute%2Fmachines\033[m"; fi
Azure Arc enabled Server AWS Linux machine with automatic tags
Azure Arc enabled Server AWS Linux machine with automatic tags

Of course, there is way more metadata you can get from the machine itself. Maybe not everything you need, but at least you have access to some of the data.

AWS EC2 instance metadata
AWS EC2 instance metadata

I hope this article was helpful and showed you how you can store some of the AWS instances metadata as Azure tags for your Azure Arc enabled server. If you have any questions feel free to leave a comment.

How to add a server to Azure using Azure Arc



Run Azure Container Instances from the Docker CLI

Run Azure Container Instances from the Docker CLI

Earlier Docker announced the partnership with Microsoft to bring support to run Azure Container Instances (ACI) from the Docker CLI. Yesterday, Docker announced and released the first Docker Desktop Edge version (2.3.2), which allows you to try out that new feature. Azure Container Instances (ACI) allow you to run Docker containers on-demand in a managed, serverless Azure environment. Azure Container Instances is a solution for any scenario that can operate in isolated containers, without orchestration.

Run Azure Container Instances from the Docker CLI

To be able to run ACI containers using the Docker CLI, Docker expanded the existing docker context command to support ACI as a new backend. To start using this new feature you will need to run Docker Desktop Edge version 2.3.2 and an Azure subscription. You can create a free Azure account with 12 months of free services, $200 credit, and over 25 services which are always free.

Docker Desktop Azure ACI Integration

Docker Desktop Azure ACI Integration

Now you can start your Docker CLI and login to Azure:

docker login azure

After you are logged in, you will need to create a new ACI context. You can simply use “docker context create aci” command and add your Azure subscription and Resource Group, or the CLI will provide you with an Interactive experience.

docker context create aci myazure

With “docker context ls” you can see the added ACI context.

docker context ls

Docker Desktop CLI create Azure Container Instance ACI Context Integration

Docker Desktop CLI create Azure Container Instance ACI Context Integration

Now you can switch to the newly added ACI context.

docker context use myazure

Now you can start running containers directly on Azure Container Instance using the Docker CLI.

docker run -d -p 80:80 mycontainer

You can also see the running containers using docker ps.

docker ps

Run Azure Container Instances from the Docker CLI

Run Azure Container Instances from the Docker CLI

This will also show you the public IP address of your running container to access it. In my example I used a demo container, however, you can also use your own container which you pushed to a container registry like Docker Hub.

You can also run multi-container applications using Docker Compose. You can find an example for that here.

Try Azure Container Instances from the Docker CLI

This new experience is now available as part of Docker Desktop Edge 2.3.2 . To get started, simply download the latest Edge release or update if you are already on Desktop Edge and create a free Azure account with 12 months of free services, $200 credit, and over 25 services which are always free.

Conclusion

I hope this gives you a short overview of how you can use the Docker CLI to directly run Docker containers in Azure Container Instances (ACI). If you have any questions, feel free to leave a comment.

There are also many other great examples like running Docker Linux containers on Windows, using the Windows Subsystem for Linux 2 (WSL 2).