-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathaz-cli-commands.txt
206 lines (86 loc) · 5.16 KB
/
az-cli-commands.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
# List ARO Cluster :
az aro list -o table
az aro list -g $ARORG -o table
# List Resources inside ARO Cluster Nodes Resource Group :
az resource list -g $ARONodeRG -o table
# List Virtual Machines (Master and Worker) :
az resource list -g $ARONodeRG --resource-type "Microsoft.Compute/virtualMachines" -o table
# List Load Balancers :
az resource list -g $ARONodeRG --resource-type "Microsoft.Network/loadBalancers" -o table
# List Network Security Group NSG :
az resource list -g $ARONodeRG --resource-type "Microsoft.Network/networkSecurityGroups" -o table
# List Storage Accounts :
az resource list -g $ARONodeRG --resource-type "Microsoft.Storage/storageAccounts" -o table
# List Public IP's :
az resource list -g $ARONodeRG --resource-type "Microsoft.Network/publicIPAddresses" -o table
# List disks (OS and Data) :
az resource list -g $ARONodeRG --resource-type "Microsoft.Compute/disks" -o table
# Delete ARO Cluster :
az aro delete -n $AROCluster -g $ARORG --debug
# Get Admin kubeconfig file of the cluster :
export SUBSCRIPTION_ID=$AROSubID
export RESOURCE_GROUP=$ARORG
export CLUSTER=$AROCluster
az rest --method post --url "/subscriptions/$SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER/listAdminCredentials?api-version=2022-09-04" | jq -r '.kubeconfig' | base64 -d > kubeconfig
# Get kubeadmin credentials Username/Password :
az aro list-credentials -n $AROCluster -g $ARORG
# Show ARO Cluster :
az aro show -n $AROCluster -g $ARORG
az resource show --ids ValueARORSID
# Show ARO Cluster URI :
RSURI=`az aro show -n $AROCluster -g $ARORG --query id -o tsv`
# Show ARO APIServer Information ( IP , URL , Visibility )
AROAPISrvIP=`az aro show -n $AROCluster -g $ARORG --query apiserverProfile.ip -o tsv`
AROAPISrvURL=`az aro show -n $AROCluster -g $ARORG --query apiserverProfile.url -o tsv`
AROAPISrvType=`az aro show -n $AROCluster -g $ARORG --query apiserverProfile.visibility -o tsv`
# Show ARO Console URL
AROConsoleURL=`az aro show -n $AROCluster -g $ARORG --query consoleProfile.url -o tsv`
# Show ARO Service Principle ID
AROSPID=`az aro show -n $AROCluster -g $ARORG --query servicePrincipalProfile.clientId -o tsv`
# Show ARO Cluster Version
AROVersion=`az aro show -n $AROCluster -g $ARORG --query clusterProfile.version -o tsv`
# Show ARO Cluster Nodes Resource Group ID
ARONodeRGID=`az aro show -n $AROCluster -g $ARORG --query clusterProfile.resourceGroupId -o tsv`
ARONodeRG=`echo $ARONodeRGID | cut -d"/" -f5`
# Show ARO ingressProfile IP
AROIngressIP=`az aro show -n $AROCluster -g $ARORG --query ingressProfiles[].ip -o tsv`
# Manually Update Cluster Certificates : ( Default Domains not custome one )
az aro update -n $AROCluster -g ARORG --refresh-credentials
# Create Private Cluster without Public IP : (Preview Feature) : https://learn.microsoft.com/en-us/azure/openshift/howto-create-private-cluster-4x#create-a-private-cluster-without-a-public-ip-address-preview
az feature register --namespace Microsoft.RedHatOpenShift --name UserDefinedRouting
# Get Resource Providers for a subscription :
az provider list -o table
# Get ARO Supported Versions for Cluster Region :
az aro get-versions -l $AROLocation -o table
# Login Script :
########################################
#!/bin/bash
LOCATION=$AROLocation # Location of your ARO cluster
CLUSTER=$AROCluster # Name of your ARO cluster
RESOURCEGROUP=$ARORG # Name of Resource Group where you want to create your ARO Cluster
az account set --subscription ValueAROSubID
az aro list -o table
az aro list-credentials --name $CLUSTER --resource-group $RESOURCEGROUP
kubeadminPassword=$(az aro list-credentials --name $CLUSTER --resource-group $RESOURCEGROUP --query=kubeadminPassword -o tsv)
kubeadminUsername=$(az aro list-credentials --name $CLUSTER --resource-group $RESOURCEGROUP --query=kubeadminUsername -o tsv)
AROAPISrvURL=$(az aro show -g $RESOURCEGROUP -n $CLUSTER --query apiserverProfile.url -o tsv)
oc login $AROAPISrvURL -u $kubeadminUsername -p $kubeadminPassword
AROConsoleURL=`az aro show -n $CLUSTER -g $RESOURCEGROUP --query consoleProfile.url -o tsv` ; echo $AROConsoleURL
########################################
Recover AAD Login Issue :
########################################
# Create Case Directory :
mkdir caseValueCaseID
cd caseValueCaseID
# Download Cluster kubeconfig file :
export SUBSCRIPTION_ID=$AROSubID
export RESOURCE_GROUP=$ARORG
export CLUSTER=$AROCluster
az rest --method post --url "/subscriptions/$SUBSCRIPTION_ID/resourceGroups/$RESOURCE_GROUP/providers/Microsoft.RedHatOpenShift/openShiftClusters/$CLUSTER/listAdminCredentials?api-version=2022-09-04" | jq -r '.kubeconfig' | base64 -d > kubeconfig
# Check if kubeconfig file is downloaded
ls -lrt kubeconfig
# Create New OpenShift Secret :
oc --kubeconfig=kubeconfig create secret generic openid-client-secret-azuread02 --namespace openshift-config --from-literal=clientSecret="XXXXXX"
# Edit OAuth with new secret (openid-client-secret-azuread02) :
oc --kubeconfig=kubeconfig edit OAuth
########################################