by ezs | Apr 24, 2023 | evilzenscientist
Four re-certifications in the last few days.
I really like the Microsoft model – free to re-certify, keep up to date on the latest areas of technology.
AZ-104, AZ-700, AZ-400, AZ-500 all current again.
If you’re about to re-sit these my top tips: read the exam subject matter, see what changed since you took the last test. Microsoft Learn has training, documentation and guidance – https://learn.microsoft.com – and you can also revisit learning resources such as John Savills Technical Training.
Open book test, 45 minutes. Bing is your friend.
by ezs | Sep 19, 2022 | evilzenscientist
This blog (and several others) have been Azure hosted, on a monolithic SLES 15 virtual machine for a good few years.
I seem to have done the rounds on various flavours of Azure hosting. App Service with Project Nami, straight IaaS (like today), App Service with WordPress as a Microsoft provided service.
This last weekend I pulled the database out from the various blog VMs and moved that to a PaaS MySQL environment. It’s cheap, burstable, and seems more than performant for what I need. The other cool feature is VNET isolation – so the database engine is only accessible from my infrastructure running in Azure.
by ezs | Mar 17, 2021 | evilzenscientist
You can tell where I’ve been working by the Kusto queries against Azure Resource Graph that I leave behind.
All Azure VNets and subnets, with subnet details:
// get all Azure VNETS and SUBNETS with associated subnets
resources
| join kind=leftouter (ResourceContainers | where type==’microsoft.resources/subscriptions’ | project SubName=name, subscriptionId) on subscriptionId
| where type == “microsoft.network/virtualnetworks”
| mv-expand subs=properties.subnets
| extend subnetname = subs.name
| extend subnetprefix= subs.properties.addressPrefix
| extend vnetprefix = substring(tostring(properties.addressSpace.addressPrefixes),2,strlen(tostring(properties.addressSpace.addressPrefixes))-4)
| project SubName, resourceGroup, name, vnetprefix, subnetname, subnetprefix
| sort by SubName, resourceGroup asc, name
This one for pulling back network security groups and metadata (this was originally at Thomas Balkeståhl’s blog) – tidied up:
Resources
| where type =~ “microsoft.network/networksecuritygroups”
| join kind=leftouter (ResourceContainers | where type==’microsoft.resources/subscriptions’ | project SubName=name, subscriptionId) on subscriptionId
| mv-expand rules=properties.securityRules
| extend direction = tostring(rules.properties.direction)
| extend priority = toint(rules.properties.priority)
| extend description = rules.properties.description
| extend destprefix = rules.properties.destinationAddressPrefix
| extend destport = rules.properties.destinationPortRange
| extend sourceprefix = rules.properties.sourceAddressPrefix
| extend sourceport = rules.properties.sourcePortRange
| extend subnet_name = split((split(tostring(properties.subnets), ‘/’))[10], ‘”‘)[0]
| project SubName, resourceGroup, subnet_name, name, direction, priority, destprefix, destport, sourceprefix, sourceport, description
| sort by SubName, resourceGroup asc, name, direction asc, priority asc
by ezs | Mar 1, 2021 | evilzenscientist
“The get everything about virtual machines” script.
This brings back pretty much everything – sub second queries. Far, far easier than the old methods using PowerShell.
Resources
| where type =~ ‘microsoft.compute/virtualmachines’
| extend nics=array_length(properties.networkProfile.networkInterfaces)
| mv-expand nic=properties.networkProfile.networkInterfaces
| where nics == 1 or nic.properties.primary =~ ‘true’ or isempty(nic)
| project subscriptionId, resourceGroup, vmId = id, vmName = name, vmSize=tostring(properties.hardwareProfile.vmSize), nicId = tostring(nic.id),location, tags.itowner, tags.businessowner, tags.application, tags.costcenter, tags.supportgroup, tags.[‘project’], powerstate=properties.extended.instanceView.powerState.displayStatus, os=properties.storageProfile.osDisk.osType, sku=properties.storageProfile.imageReference.sku
| join kind=leftouter (ResourceContainers | where type==’microsoft.resources/subscriptions’ | project SubName=name, subscriptionId) on subscriptionId
| join kind=leftouter (
Resources
| where type =~ ‘microsoft.network/networkinterfaces’
| extend ipConfigsCount=array_length(properties.ipConfigurations)
| mv-expand ipconfig=properties.ipConfigurations
| where ipConfigsCount == 1 or ipconfig.properties.primary =~ ‘true’
| project nicId = id, privIP = tostring(ipconfig.properties.privateIPAddress)) on nicId
| project-away subscriptionId, subscriptionId1, vmId, nicId, nicId1
by ezs | Feb 20, 2021 | evilzenscientist
Sigh.
Tag taxonomy cleanup.
Another great example of “hands off keyboards” and needing to deliver via automation. Avoid errors, enforce validation of metadata.
Azure Resource Graph explorer – find the scope and scale of the problem. I’ll add the usual gripe around tags being case sensitive in some places (API, PowerShell) and not in others (Azure Portal!).
Resources
| where tags.businesowner != ”
| project name, subscriptionId, resourceGroup, tags.businessowner, tags.businesowner
Recent Comments