Skip to content

Instantly share code, notes, and snippets.

@baude

baude/azure.md Secret

Created October 20, 2017 13:10
Show Gist options
  • Save baude/03ddc7198a43fe1a007b10a1fecd268f to your computer and use it in GitHub Desktop.
Save baude/03ddc7198a43fe1a007b10a1fecd268f to your computer and use it in GitHub Desktop.
Fedora 27 Azure

Audience Assumption: We need to assume the audience has some familiarity with Azure and its configuration options.

Running Fedora images on Microsoft Azure

Microsoft's Azure Cloud Computing Platform is capable of running Windows and Linux instances. It offers their pre-ordained Linux and Windows images for quick deployment of server instances. At the time of this writing, no Fedora images are available in their catalog. But you can upload a customized image to Azure and run that too.

About the Azure Cloud environment

We recently did some cleanup work to make sure the Fedora Atomic and Cloud-based images provision correctly in Azure. Up until recently, most Linux images used the opensource WALinuxAgent to provision their instances. The WALinuxAgent, also often referred to as the WALA agent, is capable of provisioning an instance on Azure. It also provides advanced functions like diagnostics, VM extensions, and more. When provisioning, the agent can create users, setup SSH keys, set the hostname, and setup devices and storage. However, the key action the agent does during its provisioning process is set up the correct networking information and report back to the Azure fabric that it has successfully booted.

However, there is a trend now on Azure to provision Linux instances with cloud-init. Cloud-init has frankly assumed the defacto utility for provisioning on all kinds of platforms. It can perform many of the same provisioning functions that the WALinuxAgent can including the ability to report readiness to the Azure fabric. This use of cloud-init allows us to now take a stock Fedora Atomic or Cloud image and deploy it unchanged on Azure. Those changes are now part of the Fedora 27 release.

Obtain a Fedora 27 image

Both the Fedora 27 Atomic and Cloud images will provision and run nicely on Azure. As noted earlier, they both use cloud-init to provision by default. Begin by downloading the RAW image.

Convert the RAW to VHD

Azure requires its user-provide images to be in the VHD format. Additionally, the image image size must be aligned on a one MB boundary. Conversion between formats can be trivially done on almost any Linux distribution with standard utilities--specifically qemu-img.

The conversion process is roughly as follows:

  1. Round the RAW image size to a one MB boundary.
  2. Convert the RAW image to the VHD format.

The following bash script can be used for conversion from QCOW2 to VHD.

MB=$((1024*1024))
# Obtain the size of the RAW image
size=$(qemu-img info -f raw --output json "Fedora-27-Cloud.raw" | gawk 'match($0, /"virtual-size": ([0-9]+),/, val) {print val[1]}')

# Calculate the 1MB rounded size for the VHD image
rounded_size=$((($size/$MB + 1)*$MB))

# Resize the RAW Image
qemu-img resize -f raw Fedora-27-Cloud.raw $rounded_size

# Convert the RAW image to VHD
qemu-img convert -f raw -o subformat=fixed,force_size -O vpc Fedora-27-Cloud.raw Fedora-27-Cloud.vhd

Once the the VHD image is created, you can delete the RAW image as it takes up a fair amount of disk space. The VHD image is the image you will upload to Azure.

Upload the VHD image to Azure

There are several different ways to upload an image to Azure. You can use Azure's web-based UI or any one of the several Azure CLI utilities. I use the Azure CLI based on NodeJS and provided by NPM which is available on most modern Linux distributions.

# azure storage blob upload --blobtype page --account-name baudecitests4068 --account-key <redacted> --container baude-atomic-4 Fedora-27-Cloud.vhd

Create a VM based on your uploaded VHD

You can also create a VM with the same CLI utilities. The following example creates a VM based on the uploaded image.

# azure vm create baude-atomic-2 -l "CentralUS" --resource-group baude-ci-tests --storage-account-name baudecitests4068 -I /subscriptions/2586c64b-38b4-4527-a140-012d49dfc02c/resourceGroups/baude-ci-tests/providers/Microsoft.Network/networkInterfaces/baude-nic2  -M ~/azure/id_rsa.pub -y Linux -u bbaude --image-urn https://baudecitests4068.blob.core.windows.net/baude-atomic-4/Fedora-27-Cloud.vhd

Notice the use of -M and -u. The -M option allows me to inject my SSH keys into the image and the -u allows me to define the user I want to use.

WALinuxAgent and cloud-init

After your VM is provisioned, you can install the WALinuxAgent if you have a need for some its advanced functions which are specific to the Azure environment. The agent is simply installed like so:

# dnf install WALinuxAgent

However, if you install the WALinuxAgent, you should disable its ability to provision. This can be done by editing /etc/waagent.conf and flipping the Provisioning.Enabled option from y to n.

# Enable instance creation
Provisioning.Enabled=n
@dustymabe
Copy link

I would make the last section titled Installing WALinuxAgent (Optional). Then add a little more text in there about how cloud-init is good enough and this is optional but if you want some advanced features you can install WALinuxAgent.

Also can we include the commands to install the agent on Atomic Host.

@baude
Copy link
Author

baude commented Nov 7, 2017

there is no agreement on how to do that on AH. technically it should be containerized but that isnt available.

@jberkus
Copy link

jberkus commented Nov 7, 2017

Then we use package layering. That's what it's there for.

Where are we looking at publishing this article?

@rkage
Copy link

rkage commented Nov 9, 2017

I followed this guide using the Azure CLI 2.0 binaries, here are my notes;

Upload the Image

az storage blob upload \
  --account-name baudecitests4068 \
  --account-key <redacted> \
  --container-name baude-atomic-4 \
  --type page \
  --file Fedora-27-Cloud.vhd \
  --name Fedora-27-Cloud.vhd

Create the VM

az vm create \
  --resource-group baude-ci-tests \
  --name baude-atomic-2 \
  --storage-account baudecitests4068 \
  --use-unmanaged-disk \
  --os-type linux \
  --admin-username bbaude \
  --ssh-key-value ~/azure/id_rsa.pub \
  --image https://baudecitests4068.blob.core.windows.net/baude-atomic-4/Fedora-27-Cloud.vhd

Once the VM is create and booted - it's possible to convert the osDisk to a managed disk by using az vm convert. Like so;
Deallocate the VM

az vm deallocate \
  --resource-group baude-ci-tests \
  --name baude-atomic-2

Convert the osDisk to managed disk

az vm convert \
  --resource-group baude-ci-tests \
  --name baude-atomic-2

Why direct provisioning to a managed disk is not possible? I'm not entirely clear yet as to why it doesn't work, while it is possible to pass cloud-init using --custom-data, the boot process never loads it.

@dustymabe
Copy link

@jberkus

Then we use package layering. That's what it's there for.

Yeah I started to say this as well, but I think this is kind of a special case where they would have to package layer and then execute the 2nd step to edit /etc/waagent.conf inside of the pending deployment's because we don't want them to reboot without having set that option in the config. @cgwalters may have input on this one.

Where are we looking at publishing this article?

Fedora magazine mostly because this is about atomic host AND cloud base image.

@cgwalters
Copy link

Right, though if we went this route we'd presumably upload the image with the packages already layered.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment