Azure PaaS Blog articles

Azure PaaS Blog articles

https://techcommunity.microsoft.com/t5/azure-paas-blog/bg-p/AzurePaaSBlog

Azure PaaS Blog articles

How to manage the VIP swap in cloud service extended support via Powershell

Published

How to manage the VIP swap in cloud service extended support via Powershell

You can swap between two independent cloud service deployments in Azure Cloud Services (extended support). Unlike in Azure Cloud Services (classic), the Azure Resource Manager model in Azure Cloud Services (extended support) doesn't use deployment slots. In Azure Cloud Services (extended support), when you deploy a new release of a cloud service, you can make the cloud service "swappable" with an existing cloud service in Azure Cloud Services (extended support). In this blog, we can see how to have a version update via Powershell and REST API. It will cover the following sections:

 

  • PowerShell command to create a CSES.
  • Using staging and production static public ip to manage version update.
  • PowerShell to send out REST API request and swap public of load balancer’s frontend configuration.  
  • Remove the cloud service with staging public ip.

Frank_Pan_0-1670741147201.png

 

Preparation:

  • For the cloud service, we initially create two static public ips and a virtual network for the test environment like below. The public ips are static ip and one for production environment and another for staging environment.

Frank_Pan_1-1670741205047.png

 

  • For the package, we used the sample package in storage account for reference. Copying the configuration file and package file for deployment.

     

    $cscfg=https://<storageaccount>.blob.core.windows.net/<containername>/<configurationfile>?sp=r&st=xxx&se=xxx&spr=https&sv=xxx&sr=b&sig=xxx

    $cspkg=https://<storageaccount>.blob.core.windows.net/<containername>/<packagefile>?sp=r&st=xxx&se=xxx&spr=https&sv=xxx&sr=b&sig=xxx

Frank_Pan_2-1670741403587.png

 

  • Only prepare two version of the configuration files. One for production public ip and another for staging public ip.

Production’s configuration file:

<ServiceConfiguration serviceName="Test_cloudservice" xmlns=http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceConfiguration osFamily="6" osVersion="*" schemaVersion="2015-04.2.6">

  <Role name="TestWebRole">

    <Instances count="1" />

  </Role>

  <Role name="TestWorkerRole">

    <Instances count="1" />

  </Role>

  <NetworkConfiguration>

    <VirtualNetworkSite name="test001VNet" />

    <AddressAssignments>

      <InstanceAddress roleName="TestWebRole">

        <Subnets>

          <Subnet name="default" />

        </Subnets>

      </InstanceAddress>

      <InstanceAddress roleName="TestWorkerRole">

        <Subnets>

          <Subnet name="default" />

        </Subnets>

      </InstanceAddress>

      <ReservedIPs>

        <ReservedIP name="cses-stag" />

      </ReservedIPs>

    </AddressAssignments>

  </NetworkConfiguration>

</ServiceConfiguration>

 

Staging configuration file:

<ServiceConfiguration serviceName="Test_cloudservice" xmlns=http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceConfiguration osFamily="6" osVersion="*" schemaVersion="2015-04.2.6">

  <Role name="TestWebRole">

    <Instances count="1" />

  </Role>

  <Role name="TestWorkerRole">

    <Instances count="1" />

  </Role>

  <NetworkConfiguration>

    <VirtualNetworkSite name="test001VNet" />

    <AddressAssignments>

      <InstanceAddress roleName="TestWebRole">

        <Subnets>

          <Subnet name="default" />

        </Subnets>

      </InstanceAddress>

      <InstanceAddress roleName="TestWorkerRole">

        <Subnets>

          <Subnet name="default" />

        </Subnets>

      </InstanceAddress>

      <ReservedIPs>

        <ReservedIP name="cses-prod" />

      </ReservedIPs>

    </AddressAssignments>

  </NetworkConfiguration>

</ServiceConfiguration>

 

Workflow:

  1. Create a production cloud service testcsesv1 and map production static public ip cses-prod to cloud service.
  2. When you have a new code version 2, you can create the cloud service testcsesv2 with staging public ip cses-stag.
  3. Then, you can trigger a VIP swap operation to promote the staging cloud service to the production public ip cses-prod.
  4. After the promotion, the old version code will be removed.
  5. When you have a new code version 3, you can create the cloud service testcsesv3 with staging public ip cses-stag.
  6. Then, you can trigger another VIP swap operation to promote the new version to the production public ip cses-prod.

Frank_Pan_0-1670742084751.jpeg

 

Powershell Script Snippet:

1. Initialize the production cloud service for step 1 above. Using the parameter -AllowModelOverride can help override the role profile setting in the definition file.Override SKU information over CSCFG/CSDEF for Azure Cloud Services (extended support) | Microsoft Learn

 

# Parameter $csName = "testcsesv1" $csRG = "testcses" $publicIPName = "cses-prod" $publicIPRG = "testcses" $location = "East US" $FEName = $csName+'_FEIP' $LBName = $csName+'_LB' # Network Profile $publicIP = Get-AzPublicIpAddress -ResourceGroupName $publicIPRG -Name $publicIPName $feIpConfig = New-AzCloudServiceLoadBalancerFrontendIPConfigurationObject -Name $FEName -PublicIPAddressId $publicIp.Id $loadBalancerConfig = New-AzCloudServiceLoadBalancerConfigurationObject -Name $LBName -FrontendIPConfiguration $feIpConfig $networkProfile = @{loadBalancerConfiguration = $loadBalancerConfig} # Role Profile $role1 = New-AzCloudServiceRoleProfilePropertiesObject -Name "TestWebRole" -SkuName 'Standard_A1_v2' -SkuTier 'Standard' -SkuCapacity 1 $role2 = New-AzCloudServiceRoleProfilePropertiesObject -Name "TestWorkerRole" -SkuName 'Standard_A1_v2' -SkuTier 'Standard' -SkuCapacity 1 $roleProfile = @{role = @($role1,$role2)} #Create Cloud Service New-AzCloudService -Name $csName -ResourceGroupName $csRG -Location $location -ConfigurationUrl $cscfg -PackageUrl $cspkg -NetworkProfile $networkProfile -RoleProfile $roleProfile -AllowModelOverride

 

 

After getting the result from the powershell, you should be able to see the cloud service well created.

Frank_Pan_0-1670742609301.png

Frank_Pan_1-1670742609308.png

 

2. When you have a new version code, you can create a staging cloud service for step 2. In this part, we will search for the cloud service with production public ip’s frontend setting.

 

Sample of get staging cloud service: 

 

#Get staging cloud service $prodPIPres=(Get-AzPublicIpAddress -ResourceGroupName $prodPIPRG -Name $prodPIPName).id $ProdCS =(Get-AzCloudService)| Where-Object{$_.networkProfile.LoadBalancerConfiguration.FrontendIPConfiguration.PublicIPAddressId -eq $prodPIPres} $csName_pair=$ProdCS.Name $csRG_pair=$ProdCS.ResourceGroupName #Set swappable cloud service. $networkProfile.SwappableCloudService.Id = (Get-AzCloudService -Name $csName_pair -ResourceGroup $csRG_pair).id

 

 

Full version: 

 

# Parameter $csName = "testcsesv2" $csRG = "testcses" $publicIPName = "cses-stag" $publicIPRG = "testcses" $location = "East US" $FEName = $csName+'_FEIP' $LBName = $csName+'_LB' #Pair with production public ip $prodPIPName= "cses-prod" $prodPIPRG = "testcses" $prodPIPres=(Get-AzPublicIpAddress -ResourceGroupName $prodPIPRG -Name $prodPIPName).id $ProdCS =(Get-AzCloudService)| Where-Object{$_.networkProfile.LoadBalancerConfiguration.FrontendIPConfiguration.PublicIPAddressId -eq $prodPIPres} $csName_pair=$ProdCS.Name $csRG_pair=$ProdCS.ResourceGroupName # Network Profile $publicIP = Get-AzPublicIpAddress -ResourceGroupName $publicIPRG -Name $publicIPName $feIpConfig = New-AzCloudServiceLoadBalancerFrontendIPConfigurationObject -Name $FEName -PublicIPAddressId $publicIp.Id $loadBalancerConfig = New-AzCloudServiceLoadBalancerConfigurationObject -Name $LBName -FrontendIPConfiguration $feIpConfig $networkProfile = new-object Microsoft.Azure.PowerShell.Cmdlets.CloudService.Models.Api20210301.CloudServiceNetworkProfile $networkProfile.LoadBalancerConfiguration = $loadBalancerConfig $networkProfile.SwappableCloudService.Id = (Get-AzCloudService -Name $csName_pair -ResourceGroup $csRG_pair).id # Role Profile $role1 = New-AzCloudServiceRoleProfilePropertiesObject -Name "TestWebRole" -SkuName 'Standard_A1_v2' -SkuTier 'Standard' -SkuCapacity 1 $role2 = New-AzCloudServiceRoleProfilePropertiesObject -Name "TestWorkerRole" -SkuName 'Standard_A1_v2' -SkuTier 'Standard' -SkuCapacity 1 $roleProfile = @{role = @($role1,$role2)} #Create Cloud Service New-AzCloudService -Name $csName -ResourceGroupName $csRG -Location $location -ConfigurationUrl $cscfg -PackageUrl $cspkg -NetworkProfile $networkProfile -RoleProfile $roleProfile -AllowModelOverride

 

 

After getting the result from the Powershell, you should be able to see the cloud service well created and paired with the cloud service with staging public ip.

Frank_Pan_0-1670742921185.png

Frank_Pan_1-1670742921196.png

Frank_Pan_2-1670742921202.png

 

3. The rest api swap load balancer’s public ip on the frontend configuration can help us swap the ip of the cloud service. Load Balancers - Swap Public Ip Addresses - REST API (Azure Load balancer) | Microsoft Learn. You can use the url in response header to verify if the async operation complete or not.

 

The VIP swap operation utilize the Async request for ARM. For improvement on the swap operation, please reference to document. Status of asynchronous operations - Azure Resource Manager | Microsoft Learn

 

# get stag public ip $stagPIP= "cses-stag" $stagPIPRG = "testcses" $stagPIPres=Get-AzPublicIpAddress -ResourceGroupName $stagPIPRG -Name $stagPIP $stagPIPID = $stagPIPres.id $stagPIPFEID = $stagPIPres.IpConfiguration.id #get prod public ip $prodPIP = "cses-prod" $prodPIPRG = "testcses" $prodPIPres=Get-AzPublicIpAddress -ResourceGroupName $prodPIPRG -Name $prodPIP $prodPIPID = $prodPIPres.id $prodPIPFEID = $prodPIPres.IpConfiguration.id $Payload = '{"frontendIPConfigurations":[{"properties":{"publicIPAddress":{"id":"'+$prodPIPID+'"}},"id":"'+$stagPIPFEID+'"},{"properties":{"publicIPAddress":{"id":"'+$stagPIPID+'"}},"id":"'+$prodPIPFEID+'"}]}' $subID = (Get-AzContext).Subscription.id $location = $prodPIPres.Location $url="/subscriptions/"+$subID+"/providers/Microsoft.Network/locations/'+$location+'/setLoadBalancerFrontendPublicIpAddresses?api-version=2021-02-01" #start a swap operation $result = Invoke-AzRestMethod -Path $url -Method POST -Payload $Payload If($result.StatusCode -eq 202 ) { $async_url = ($result.Headers|Where-Object{$_.Key -eq "Azure-AsyncOperation"}).Value[0] $code = 0 do{ $code = (Invoke-AzRestMethod -Uri $async_url -Method Get).StatusCode If($code -eq 200){ Write-Host "Swap Completed!" } Else{ Write-Host “In Swapping… Retry after 5 seconds” Start-Sleep -Seconds 5 } } While(!($code -eq 200)) }

 

 

4. Remove the cloud service with staging public ip.

 

#parameter $prodPIPName= "cses-prod" $prodPIPRG = "testcses" $stagPIPName= "cses-stag" $stagPIPRG = "testcses" # get cloud service with prod public ip $prodPIPres=(Get-AzPublicIpAddress -ResourceGroupName $prodPIPRG -Name $prodPIPName).id $ProdCS =(Get-AzCloudService)| Where-Object{$_.networkProfile.LoadBalancerConfiguration.FrontendIPConfiguration.PublicIPAddressId -eq $prodPIPres} #get cloud service with stag public ip $stagPIPres=(Get-AzPublicIpAddress -ResourceGroupName $stagPIPRG -Name $stagPIPName).id $stagCS =(Get-AzCloudService)| Where-Object{$_.networkProfile.LoadBalancerConfiguration.FrontendIPConfiguration.PublicIPAddressId -eq $stagPIPres} #remove the cloud service the staging name Remove-AzCloudService -Name $stagCS.Name -ResourceGroupName $stagCS.ResourceGroupName

 

 

Now, you should be able to see the new version cloud service with product public ip and swappable cloud service will be removed as well.

Frank_Pan_0-1670743568849.png

 

5. After that, you can repeat point 2 to point 4 to create a new cloud service testcsesv3 with staging public ip.

 

As for the limitation of VIP swap operation, you can refer to the document Swap or switch deployments in Azure Cloud Services (extended support) | Microsoft Learn.

 

 

Continue to website...

More from Azure PaaS Blog articles

Related Posts