I am performing the tutorial learn bosh and got a question concerning step Set Deployment Manifest.
Why do I have to set the director_uuid manually in the deployment manifest (which I then upload to the very same director)? Is this a security feature?
According to the document, director_uuid is for CLI to operate target Director.
Deployment Identification
name [String, required]: The name of the deployment. A single Director
can manage multiple deployments and distinguishes them by name.
director_uuid [String, required]: This string must match the UUID of
the currently targeted Director for the CLI to allow any operations on
the deployment. Use bosh status to display the UUID of the currently
targeted Director.
Refer to: BOSH documentation
Cloud Foundry can provide Cloud Service like PaaS. If you deploy a manifest to the wrong environment that means your customer's environment could break down.
That complicated parameter helps you to avoid miss operation in your operational environment.
Related
Is it possible to have environment variables on organization level for GitHub Actions? So something like organization secrets but just with environment variables.
Since we have a lot of repositories in our organization I would like to keep the runner version in a global environment variable and so when we decide to update the runner version we can simply change it in the environment settings instead of every workflow file.
EDIT
Variables are now supported on organization level. Here the docs
https://docs.github.com/en/actions/learn-github-actions/variables
You can put the value into the GitHub organization secret. Check the following link to get further details:
https://docs.github.com/en/codespaces/managing-codespaces-for-your-organization/managing-encrypted-secrets-for-your-repository-and-organization-for-codespaces#adding-secrets-for-an-organization
for an azure WVD deployment, I’d like to automate via az cli the creation of the following elements:
1 Host pool using a w10 image from gallery, automate the join to a domain and configure settings for remote desktop.
1 Workspace
1 Application pool, add some app to the list and authorize one or more AD user to it.
The only available documentation I have found is in https://learn.microsoft.com/en-us/cli/azure/desktopvirtualization?view=azure-cli-latest where there is just a list of available parameters without a detailed how to guide and some E2E sample.
Any advice?
You can refer to this documentation which explains how to do it using PowerShell. It's a pain it's just for one resource but still gives you an idea.
I'd also recommend your first step be to create what you need using the Azure Portal. This article explains how do to it from the portal.
Make sure to note down every field you're filling in, including the fields with default values.
Once you have created all the resources, you can now export an ARM template of the resources you have created, all customisation included. Look under the Automation menu of the resource, and click on Export template. You can use this template to automate your deployment.
Secondly, if you want to consider a different approach using another Infrastructure as Code tool, Terraform supports creating WVD objects. If you are familiar with Terraform, you can check this article which explains how to do it.
Let's assume you still want to proceed with Az Cli. I had a look at the az desktopvirtualization hostpool create help command in my CloudShell, I can see a disclaimer as follows:
Command group 'desktopvirtualization hostpool' is experimental and under development. Reference and support levels: https://aka.ms/CLI_refstatus
Here's a picture for root commands:
You have to bear in mind you will get limited functionality and limited support from Microsoft support/Azure team and possibly other members of the community, until the product at least in Preview. I gave it a try on my end and providing you the code here just to get you going.
Considering your requirements, I've tried to create some commands you can use. Some parameters (the IDs) were a bit vague and I had to look at the ARM template to find out what value I should put. The steps to deploy should be in this sequence.
Create a host pool of virtual machines.
az desktopvirtualization hostpool create --resource-group "myrg"
--host-pool-type "Pooled"
--load-balancer-type "BreadthFirst"
--location westus //only available in certain regions
--name "myhostpool"
--personal-desktop-assignment-type "automatic"
Create application groups.
az desktopvirtualization applicationgroup create --application-group-type "Desktop"
--resource-group "myrg"
--host-pool-arm-path "/subscriptions/<provide_subscriptionID_here>/resourceGroups/myrg/providers/Microsoft.DesktopVirtualization/hostpools/myhostpool"
--location westus
--name "appgroup"
Create workspaces.
az desktopvirtualization workspace create --location westus
--name "myworkspace"
--resource-group "myrg"
--application-group-references "/subscriptions/<provide_subscriptionID_here>/resourcegroups/myrg/providers/Microsoft.DesktopVirtualization/applicationgroups/appgroup"
To conclude, I've probably not spent enough time to really look into how much more it can be automated but I feel like, with the exception of ARM templates, other options will still require a fair bit of manual work.
How can you easily list all the untagged resources in a tenant? I tried the built in search capability, but looks like you can only search for specific tags and values.
Using the oci cli with the built in search capability I found the right command I need. In this example I used the owner tag withing the Monitoring namespace I created for tag defaults:
oci search resource structured-search --profile <ProfileName> --region <RegionName> --query-text "QUERY instance resources" --query "data.items[?!(\"defined-tags\".Monitoring.owner)].{\"Instance Name\":\"display-name\", OCID:\"identifier\"}" --output table
This will only list those compute resources, that do not have an owner tag (as it was created before tag defaults was introduced) or the owner tag is not set for any reason. This will help to find those resources, that need to be cleaned up in order to know the owner of each resource. Similar command has to be executed for other resource types though.
can you try without -c ocid? I'm suggesting since you could get the list for specific compartment.
OCI search does not officially support this use case
Search service do not list all resources : some services/resources are not intergrated with it.
If you really want to list all untagged resources in your tenant, I think you have no other choice to :
list all resources using each service command,
capture the API output,
filter for resources without tag.
I have installed a standalone instance of wso2 API Manager 1.10.0 with the CARBON-PATCH-4.4.0-0084 installed. I am walking through the PhoneVerification tutorial and have published the API as instructed. I created a new user for the store and am trying to subscribe to the PhoneVerification-2.0.0 API but cannot because there is no DefaultApplication in the Applications dropdown list. It is missing from the list. I tried to add and application and get an error dialog saying Missing Parameters. I am stuck and cannot go any further. One additional piece of information, I am using mysql instead of the h2 default. I followed all the instructions to setup mysql and had no problems. Also I changed the admin password as well.
I have tried API Manager 1.10 with security patch CARBON-PATCH-4.4.0-0084 with no issues. I can create APIs and subscribe using the DefaultApplication. I tried with default database and a new user who is assigned to 'Internal/subscriber' role.
Please check if you have any other changes for Store Web app at 'wso2am-1.10.0/repository/deployment/server/jaggeryapps/store'. You have to replace 'store' and 'publisher' apps as instructed in the Readme of patch.
(iii) Merge and Replace resource/store to /repository/deployment/server/jaggeryapps/store
(iv) Merge and Replace resource/publisher to /repository/deployment/server/jaggeryapps/publisher
To check if the Mysql configuration worked properly, please check if there are any errors in Carbon log, at 'repository/logs/wso2carbon.log' file related to that. And double check if userstore and api-manager database tables are created properly and configured in 'repository/conf/datasources/master-datasources.xml' properly.
I need to get all configuration settings (current role or all roles not matter) from Azure cscfg file. I want to do this because i dont want to get all values one by one via RoleEnvironment.GetConfigurationSettingValue(key) method.
Is there any way to do this?
Regards
The short answer is 'no' the RoleEnvironment does not support getting all the configuration setting values.
A slightly longer answer is that getting configuration settings from the role environment in the current implementation is done through a call to native code. The separation of Windows Azure Application from Windows Azure Configuration and the ability to swap settings on a running application is at the root of this somehow. This is done inside of msshrtmi.dll (which should mean something like Microsoft Shared Runtime Managed Interop). This is the only reference Microsoft.WindowsAzure.ServiceRuntime.dll has apart from standard references to .NET.
Here is the method call to native code (I have not gone further than this):
[MethodImpl(MethodImplOptions.Unmanaged, MethodCodeType=MethodCodeType.Native), SuppressUnmanagedCodeSecurity, DllImport("", EntryPoint="", CallingConvention=CallingConvention.StdCall, SetLastError=true)]
internal static extern unsafe int modopt(IsLong) modopt(CallConvStdcall) RdGetApplicationConfigurationSetting(ushort modopt(IsConst), ushort*);
It might seem like a slightly round-about way of doing it, but if you want to get the configurations for all the roles in a deployment you can use the management api.
Kudu has an API for this.
You get to Kudu like via App Services > Advanced Details > Go
https://{app-service-name}.scm.azurewebsites.net/
or
https://{app-service-name}-{slot-name}.scm.azurewebsites.net/
The Url for the settings API is:
https://{app-service-name}.azurewebsites.net/api/settings or https://{app-service-name}-{slot-name}.scm.azurewebsites.net/