Using the edge Azure CLI in a Centos VM

2019, Feb 06    

If you’re wanting to use the Edge (developer, nightly build) of the Azure CLI tools I can definitely recommend using an Azure VM.
Firstly, the advantages are

  • Using a developer AZ CLI build in isolation from your main work machine
  • VM’s in Azure can using Managed Service Identity to easily authenticate with the control plane
  • You can run it on a really cheap B series VM ($9/$18 a month!)

See here for the GitHub repo: https://github.com/Azure/azure-cli#edge-builds

VM Spec

I’m running a CentOS Standard_B1ms VM which gives me 1 core 2GB RAM, 800 IOPS with a 32GB standard managed disk which offers a capped IOPS of 500. This costs approx. $18/month for 24×7 compute and approximately $2/month for my disk.

NSG

I have two IP’s opened up on port 22 so I can SSH on. Everything else is locked down.

VM Updates

The VM is enrolled for update management, as I’ve gone for the B-series the VM will be kept up 24×7 so I don’t need to worry about turning it on to get patched.

Managed Identity

The VM has a system managed identity in Azure Active Directory and I have given it limited Contributor access to one resource group and reader access to a few other resource groups.

Setup script

On a fresh CentOS VM here’s what I run to install the CLI and login to Azure.

sudo yum update
sudo yum install epel-release
sudo yum -y install python-pip
sudo pip install --upgrade pip
sudo pip install venv
pip install --upgrade --pre azure-cli --extra-index-url https://azurecliprod.blob.core.windows.net/edge --no-cache-dir --user
az login --identity

Whenever I log into the VM I run this command to update to the latest build

sudo yum update
sudo pip install --upgrade --pre azure-cli --extra-index-url https://azurecliprod.blob.core.windows.net/edge --no-cache-dir

Next steps

I kinda like having a VM running all the time, i’m putting myself through a very basic IaaS experience using fundamental Azure components. I could make use of the Docker build of the AZ CLI and run it up on a Azure Container Instance on-demand…. Maybe next week, eh 🙂