Skip to main content

How to Copy Azure Images to Other Subscriptions or Regions


The Azure image was introduced in 2014 by Microsoft. It's a more comprehensive image for Microsoft Azure Virtual Machines. Azure is a highly available cloud. Solution design needs to always take failover and tolerance into account. Therefore, copy Azure images to other subscriptions or regions is something we need to consider.





There are three methods to copy Azure images to other subscriptions or regions:





Option 1





Firstly, the easiest way to achieve that is to use the Image Gallery. It's introduced in the middle of 2019. As Microsoft states: "Shared Image Gallery provides a simple way to share your applications with others in your organization, within or across Azure Active Directory (AD) tenants and regions. This enables you to expedite regional expansion or DevOps processes and simplify your cross-region HA/DR setup."





The high-level procedure is to create a new Image Gallery, create image definition and version, and then add replica regions in the version. If you want to use the image gallery in other subscriptions. You need to grant proper access permission of other subscriptions accounts to the image gallery through RBCA.





Option 2





The first solution above is GUI based. I'm a super fan of scripting. In other words, I prefer to use Azure CLI to achieve it. The official Azure CLI doesn't contain the image copy command. However, there is an Azure CLI Image Copy Extension you can use. Basically, it copies the source image's virtual disk file to destination subscriptions or regions.





You need to install Azure CLI, and then install the extension use the command below.





az extension add --name image-copy-extension




Option 3





The last option is actually the manual process of the secondary solution. Basically, you need to create a new VM from the source image, and then move the VM to the other subscriptions or regions. Finally, capture an image by the moved VM. This is not my recommendation.


Popular posts from this blog

Connect-NsxtServer shows "Unable to connect to the remote server"

When you run Connect-NsxtServer in the PowerCLI, it may show "Unable to connect to the remote server".  Because the error message is a little bit confusing with other login issues. It's not easy to troubleshoot. The actual reason is the NSX-T uses a self-signed certificate, and the PowerCLI cannot accept the certificate automatically. The fix is super easy. You need to set the PowerCLI to ignore the invalid certificate with the following command: Set-PowerCLIConfiguration -Scope User -InvalidCertificateAction:Ignore -Confirm:$false

Setup Terraform and Ansible for Windows provisionon CentOS

Provisioning Windows machines with Terraform is easy. Configuring Windows machines with Ansible is also not complex. However, it's a little bit challenging to combine them. The following steps are some ideas about handling a Windows machine from provisioning to post configuration without modifying the winrm configuration on the guest operating system. Install required repos for yum. yum -y install https://repo.ius.io/ius-release-el7.rpm yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm yum -y install https://packages.endpointdev.com/rhel/7/os/x86_64/endpoint-repo.x86_64.rpm yum -y install epel-release yum -y install yum-utils yum-config-manager --add-repo https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo Install  Terraform . sudo yum -y install terraform Install  Ansible . sudo yum -y install ansible Install  Kerberos . yum -y install gcc python-devel krb5-devel krb5-libs krb5-workstation

How to List All Users in Terraform Cloud

Terraform has a rich API. However, the API documentation does not mention how to list all users. We can leverage the organization membership API and the PowerShell command  Invoke-RestMethod  to get a user list. 1. Create an organization token in Terraform Cloud. 2. Create the token variable ( $Token ) in PowerShell. $Token = "abcde" 3. Create the API parameters variable in PowerShell. $params = @{ Uri = "https://app.terraform.io/api/v2/organizations/ZHENGWU/organization-memberships?page%5Bsize%5D=100" Authentication = "Bearer" Token = $Token ContentType = "application/vnd.api+json" } Note: You need to replace ZHENGWU with your own organization name. And I used 100 at the end of the URI to retrieve the first 100 users. It can be any number.  4. Retrieve the API return and list the user's email address. $Test = Invoke-RestMethod @params $Test.data.attributes.email