使用ADF管道创建Azure批处理服务池

huangapple go评论72阅读模式
英文:

Creating an Azure Batch Service Pool using an ADF pipeline

问题

我想在运行 ADF 管道时自动创建 Azure Batch 服务池。

我在管道内创建了一个 Web 活动,并在设置下传递了以下参数:

URL: https://management.azure.com/subscriptions/{订阅 ID}/resourceGroups/{资源组名称}/providers/Microsoft.Batch/batchAccounts/{Azure Batch 帐户名称}/pools?api-version=2023-05-01
Method: POST
Body:

{
  "id": "pool2",
  "vmSize": "standard_a1",
  "virtualMachineConfiguration": {
    "imageReference": {
      "publisher": "Canonical",
      "offer": "0001-com-ubuntu-server-focal",
      "sku": "20_04-lts",
      "version": "latest"
    },
    "nodeAgentSKUId": "batch.node.ubuntu 20.04"
  },
  "resizeTimeout": "PT15M",
  "targetDedicatedNodes": 5,
  "targetLowPriorityNodes": 0,
  "taskSlotsPerNode": 3,
  "taskSchedulingPolicy": {
    "nodeFillType": "spread"
  },
  "enableAutoScale": false,
  "enableInterNodeCommunication": true,
  "metadata": [
    {
      "name": "myproperty",
      "value": "myvalue"
    }
  ]
}

根据以下官方文档 (https://learn.microsoft.com/en-us/rest/api/batchservice/pool/add?tabs=HTTP)
Authentication: None
Resource: https://learn.microsoft.com/en-us/rest/api/batchservice/pool/add?
Headers: Content-Type --> application/json, Authorization --> Basic @{base64(concat('{Batch 帐户名称}', ':', '{Batch 帐户主要密钥}'))}

但我一直收到以下错误:

这是当前在设置下显示的身份验证类型:

我还尝试删除 Authorization 标头,但我收到以下错误:

我甚至尝试将身份验证更改为 'System Assigned Managed Identity'。然而,ADF 表示该资源不存在,这很奇怪,因为对于 GET 和 DELETE 方法分别起作用。

因此,不确定如何以正确格式提供授权标头,或者如何为 Azure Batch 帐户生成刷新令牌。非常感谢任何帮助。如果有什么不清楚的地方,请告诉我。

英文:

I want to automatically create an Azure Batch Service pool when an ADF pipeline is run.

I created a web activity inside the pipeline and passed the parameters under settings as follows:

URL: https://management.azure.com/subscriptions/{Subscription ID}/resourceGroups/{Resource Group Name}/providers/Microsoft.Batch/batchAccounts/{Azure Batch Account Name}/pools?api-version=2023-05-01
Method: POST
Body: {
"id": "pool2",
"vmSize": "standard_a1",
"virtualMachineConfiguration": {
"imageReference": {
"publisher": "Canonical",
"offer": "0001-com-ubuntu-server-focal",
"sku": "20_04-lts",
"version": "latest"
},
"nodeAgentSKUId": "batch.node.ubuntu 20.04"
},
"resizeTimeout": "PT15M",
"targetDedicatedNodes": 5,
"targetLowPriorityNodes": 0,
"taskSlotsPerNode": 3,
"taskSchedulingPolicy": {
"nodeFillType": "spread"
},
"enableAutoScale": false,
"enableInterNodeCommunication": true,
"metadata": [
{
"name": "myproperty",
"value": "myvalue"
}
]
} as per the following official documentation (https://learn.microsoft.com/en-us/rest/api/batchservice/pool/add?tabs=HTTP)
Authentication: None
Resource: https://learn.microsoft.com/en-us/rest/api/batchservice/pool/add?
Headers: Content-Type --> application/json, Authorization --> Basic @{base64(concat('{Batch Account Name}', ':', '{Batch Account Primary Key}'))}

使用ADF管道创建Azure批处理服务池

But I keep getting the following error:

使用ADF管道创建Azure批处理服务池

These are the following Authentication types that are currently being displayed under settings:

使用ADF管道创建Azure批处理服务池

I also tried removing the Authorization header, but I am getting the following error:

使用ADF管道创建Azure批处理服务池

I even tried changing the Authentication to 'System Assigned Managed Identity'. However, ADF says that resource doesn't exist which is weird because the same works for GET and DELETE methods respectively.

使用ADF管道创建Azure批处理服务池

So not exactly sure how to provide the authorization header in the correct format or how to generate a refresh token for Azure Batch Account. Any help would be greatly appreciated. Please let me know if something is not clear.

答案1

得分: 1

已解决此问题,通过创建另一个用于生成令牌的网络活动,其设置如下:

URL: https://login.microsoftonline.com/{tenant-id}/oauth2/token

方法: POST

正文: grant_type=client_credentials&client_id={client-id}@{tenant-id}&client_secret={client-secret}&resource={domain-name}/@{tenant-id}

标头: Concent-Type --> application/x-www-form-urlencoded

访问令牌然后作为输入传递给下一个网络活动,其设置如下:

URL: https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/Microsoft.Batch/batchAccounts/{batch-account-name}/pools/{give the name of the test pool that you are trying to create}?api-version=2023-05-01

方法: PUT

正文: {
"id": "/subscriptions/{subscription-id}/resourceGroups/resource-group-name/providers/Microsoft.Batch/batchAccounts/{batch-account-name}/pools/{name of the pool that is about to be created}",
"name": "testpool",
"type": "Microsoft.Batch/batchAccounts/pools",
"etag": "W/"0x8D4EDFEBFADF4AB"",
"properties": {
"lastModified": "2017-08-28T10:22:55.9407275Z",
"creationTime": "2017-08-28T10:22:55.9407275Z",
"provisioningState": "Succeeded",
"provisioningStateTransitionTime": "2017-08-28T10:22:55.9407275Z",
"allocationState": "Resizing",
"allocationStateTransitionTime": "2017-08-28T10:22:55.9407275Z",
"vmSize": "STANDARD_A2",
"interNodeCommunication": "Disabled",
"taskSlotsPerNode": 1,
"taskSchedulingPolicy": {
"nodeFillType": "Spread"
},
"deploymentConfiguration": {
"virtualMachineConfiguration": {
"imageReference": {
"publisher": "Canonical",
"offer": "UbuntuServer",
"sku": "18.04-LTS",
"version": "latest"
},
"nodeAgentSkuId": "batch.node.ubuntu 18.04"
}
},
"scaleSettings": {
"autoScale": {
"formula": "$TargetDedicatedNodes=1",
"evaluationInterval": "PT5M"
}
},
"currentDedicatedNodes": 0,
"currentLowPriorityNodes": 0
}
}

此JSON脚本提取自https://learn.microsoft.com/en-us/rest/api/batchmanagement/pool/create?tabs=HTTP

身份验证:

标头: Content-Type --> application/json; Authorization --> @{concat('Bearer ',activity('Generate bearer token').output.access_token)}

可以通过在Azure门户中注册新应用程序并将其链接到批处理帐户来生成client-id和client-secret。有关此操作的Microsoft官方文档可以在以下链接找到:https://learn.microsoft.com/en-us/azure/batch/batch-aad-auth。只需按照所有步骤进行操作,直到"将Azure RBAC分配给您的应用程序",然后您就可以开始使用了。

一旦成功实施了所有步骤,您可以在Azure批处理帐户下找到新的池。

请注意,如果您可以创建池,但无法使用它,那么您必须通过以下方式联系Microsoft支持团队以请求增加配额:

使用ADF管道创建Azure批处理服务池

使用ADF管道创建Azure批处理服务池

使用ADF管道创建Azure批处理服务池

英文:

Solved the issue by creating another web activity for generating the bearer token whose settings are as follows:

URL: https://login.microsoftonline.com/{tenant-id}/oauth2/token

Method: POST

Body: grant_type=client_credentials&client_id={client-id}@{tenant-id}&client_secret={client-secret}&resource={domain-name}/@{tenant-id}

Headers: Concent-Type --> application/x-www-form-urlencoded

使用ADF管道创建Azure批处理服务池

The access token is then passed as input to the next web activity whose settings are as follows:

URL: https://management.azure.com/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/Microsoft.Batch/batchAccounts/{batch-account-name}/pools/{give the name of the test pool that you are trying to create}?api-version=2023-05-01

Method: PUT

Body: {
"id": "/subscriptions/{subscription-id}/resourceGroups/resource-group-name/providers/Microsoft.Batch/batchAccounts/{batch-account-name}/pools/{name of the pool that is about to be created}",
"name": "testpool",
"type": "Microsoft.Batch/batchAccounts/pools",
"etag": "W/"0x8D4EDFEBFADF4AB"",
"properties": {
"lastModified": "2017-08-28T10:22:55.9407275Z",
"creationTime": "2017-08-28T10:22:55.9407275Z",
"provisioningState": "Succeeded",
"provisioningStateTransitionTime": "2017-08-28T10:22:55.9407275Z",
"allocationState": "Resizing",
"allocationStateTransitionTime": "2017-08-28T10:22:55.9407275Z",
"vmSize": "STANDARD_A2",
"interNodeCommunication": "Disabled",
"taskSlotsPerNode": 1,
"taskSchedulingPolicy": {
"nodeFillType": "Spread"
},
"deploymentConfiguration": {
"virtualMachineConfiguration": {
"imageReference": {
"publisher": "Canonical",
"offer": "UbuntuServer",
"sku": "18.04-LTS",
"version": "latest"
},
"nodeAgentSkuId": "batch.node.ubuntu 18.04"
}
},
"scaleSettings": {
"autoScale": {
"formula": "$TargetDedicatedNodes=1",
"evaluationInterval": "PT5M"
}
},
"currentDedicatedNodes": 0,
"currentLowPriorityNodes": 0
}
}

This JSON script was extracted from https://learn.microsoft.com/en-us/rest/api/batchmanagement/pool/create?tabs=HTTP

Authentication: None

Headers: Content-Type --> application/json; Authorization --> @{concat('Bearer ',activity('Generate bearer token').output.access_token)}

The client-id and client-secret can be generated by registering a new app in the Azure portal and linking it to the Batch Account. The microsoft official documentation for doing this can be found at: https://learn.microsoft.com/en-us/azure/batch/batch-aad-auth. Just follow all the steps until "Assign Azure RBAC to your application" and you are good to go.

Once all the steps are implemented successfully, you can find the new pool under the Azure batch account.

使用ADF管道创建Azure批处理服务池

Please note that if you can create a pool, but cannot use it, then you have to reach out to the Microsoft support team by requesting a quota increase as follows:

使用ADF管道创建Azure批处理服务池

使用ADF管道创建Azure批处理服务池

使用ADF管道创建Azure批处理服务池

huangapple
  • 本文由 发表于 2023年7月17日 15:27:26
  • 转载请务必保留本文链接:https://go.coder-hub.com/76702301.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定