Tool: ARM Template Checker for Microsoft Azure Stack
UPDATE 11/21/2016: This tool has now been superseded by the ARM Template Validator available here :
https://github.com/Azure/AzureStack-Tools/tree/master/TemplateValidator
Hello Readers,
Currently in preview, one of benefits of Microsoft Azure Stack is how it brings consistency between templates you can deploy in the public cloud (Microsoft Azure) and on-premises (Microsoft Azure Stack, in your datacenter or a service provider datacenter).
For a template to seamlessly deploy on both environments, the main item to be careful about is that the template should be leveraging a Microsoft Azure service that is already available or in preview in Azure Stack, as per the first roadmap currently published in this whitepaper. You may also need to update a template so that the APIs used for a specific resource are supported by the local Azure Stack instance, and that you are targeting a valid location (“local” in Azure Stack Technical Preview (TP) 1, vs the “East US” or “South India” in Azure).
Finally, there are a few items that are only applicable in a point in time, like with the current preview:
- Small differences in Azure Resource Manager (ARM) syntax based on the version currently used in TP1. Those differences are generally caught by the Test-AzureRmResourceGroupDeployment cmdlets, and also documented here (special thanks to MVP Marc van Eijk for his updates in this location)
- Specific values not yet supported in the Preview, like only a specific list of VM sizes at this stage.
We already provide sanitized templates for Azure Stack in this GitHub repository, as a way for you to easily get started without having to go through these small changes during your first tests. But we also believe that many of you will very quickly want to leverage the large community of Azure templates and try them out or adapt them on Azure Stack. For this, it is important to have an understanding of the changes that may be needed and why they may be needed.
To help you with this, this blog post introduces a tool called the “ARM Template Checker”.
Capabilities
For a given ARM template, the script does the following:
1. Logs into Azure Stack if you’re not already logged in (you will need to provide the default Azure Active Directory domain name *.onmicrosoft.com, and the Tenant ID should automatically be retrieved). When running in a TP1 environment (azurestack.local), this is the only mandatory parameter – and is not even needed if the script discovers that the user is already logged into the Azure Stack environment
2. Provides a picker to select the JSON template to analyze – the template path can also be specified with the command line
3. Checks if the following are supported by the local Azure Stack TP1 instance
- Resource types
- API versions (this leverage the Azure PowerShell cmdlets from this page)
- Locations
- Specifics URIs - For example, it will check if blob.core.windows.net is being used in the template and will give the context of the potential occurrence, to be able to determine if that’s acceptable or not. An example of an acceptable use would be if this URI is listed in the “allowed values”, in an effort to parameterize a template that could be used in Azure Stack and in Azure
- VM sizes
- VM Extensions – including specific logic when autoUpgradeMinorVersion is being set or not, and also situations where you may have multiple versions of an extension
- Platform Images SKUs – these last two options rely on parsing the Compute Resource Provider (CRP) folders in the \\SOFS share in Azure Stack TP1, as of today
4. Has different levels of warning, for example crawling its way into the variables/parameters/default values – in other words, if the deployment location is parameterized, it will try to find the corresponding variable to confirm that it maps to one of the acceptable values in the local Azure Stack instance.
5. Executes the Test-AzureRmResourceGroupDeployment cmdlet to look at small ARM differences in TP1 - like minlength, uniquestring, etc – that can be seen when trying to run Azure templates. The scripts automatically chooses a resource group for testing the template. This can be manually or automatically skipped if no parameters file has been provided – to avoid having to enter parameters.
6. Also links to aka.ms/AzureStackGitHub – as the preferred way to find ready-to-use templates
The script in action
Analyzing a working template for a VM using a BGINFO VM extension:
Analyzing a template taken directly from Microsoft Azure in the public cloud:
Download Location
UPDATE 11/21/2016: This tool has now been superseded by the ARM Template Validator available here :
https://github.com/Azure/AzureStack-Tools/tree/master/TemplateValidator
Caveats, limitations or known issues
There are some advanced template syntaxes not currently taken into account by the script, such as more advanced variable syntaxes (as seen in this example).
Disclaimers or additional notes
Note: Providing this as a script is not representative of any release vehicle for such capability. Initial goal is really to get your feedback on the capabilities and how they may be useful in your Azure Stack efforts.
Last but not least, this is a read-only operation on a given template, so you should not be afraid of any modifications happening to the templates, or in your environment, when running the script.
We hope you will find this script useful, and look forward to hearing your feedback!