Open shayshahak-zz opened 5 years ago
jluk
commented
5 years ago @shayshahak is what you shared the exact error kicked back in cloud shell? It looks like your original input is using a deprecated command, what version of AZ CLI is on your local machine that worked?
shayshahak-zz
commented
5 years ago hi, yes, this is the exact error. don't know about the deprecated. you can ask Azure Networking PM for that, this feature is relatively new.
as for my local CLI version: azure-cli (2.0.37)
jluk
commented
5 years ago @tjprescott can you confirm if this is simply due to latest CLI deprecating the original command? Sounds like a CLI versioning issue and not specific to cloud shell.
tjprescott
commented
5 years ago The deprecation is not why this command isn't working. The non-deprecated form of --remote-vnet-id is simply --remote-vnet. The source doc needs to be updated.
@shayshahak you are using a very old version of the CLI. If you try your scenario again on the latest version of the CLI (2.0.52) can you confirm whether or not the scenario work locally but not on Cloud Shell, or does it not work on either?
shayshahak-zz
commented
5 years ago hi @tjprescott , I upgraded my local CLI to the latest (2.0.52), ran it locally and it passed:
C:\Users\shays>az network vnet peering create --name myVnetA2ToMyVnetB --resource-group test --vnet-name vnet-home2 --remote-vnet-id /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/MC_cloud-shell-storage-westeurope_thecluster_westeurope/providers/Microsoft.Network/virtualNetworks/aks-vnet-94615314 --allow-vnet-access Option '--remote-vnet-id' has been deprecated and will be removed in version '2.1.0'. { "allowForwardedTraffic": false, "allowGatewayTransit": false, "allowVirtualNetworkAccess": true, "etag": "W/\"f39efd80-b8a8-470f-8961-b12c25cec6a6\"", "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/test/providers/Microsoft.Network/virtualNetworks/vnet-home2/virtualNetworkPeerings/myVnetA2ToMyVnetB", "name": "myVnetA2ToMyVnetB", "peeringState": "Initiated", "provisioningState": "Succeeded", "remoteAddressSpace": { "addressPrefixes": [ "10.0.0.0/8" ] }, "remoteVirtualNetwork": { "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/MC_cloud-shell-storage-westeurope_thecluster_westeurope/providers/Microsoft.Network/virtualNetworks/aks-vnet-94615314", "resourceGroup": "MC_cloud-shell-storage-westeurope_thecluster_westeurope" }, "resourceGroup": "test", "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings", "useRemoteGateways": false }
C:\Users\shays>
then I ran it again from Cloud Shell CLI and it failed:
az network vnet peering create --name myVnetA3ToMyVnetB --resource-group test --vnet-name vnet-home3 --remote-vnet-id /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/MC_cloud-shell-storage-westeurope_thecluster_westeurope/providers/Microsoft.Network/virtualNetworks/aks-vnet-94615314 --allow-vnet-access Option '--remote-vnet-id' has been deprecated and will be removed in version '2.1.0'. Subscription 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' not found. Check the spelling and casing and try again. shay@Azure:~$
so it seems scenario work locally but not on Cloud Shell
tjprescott
commented
5 years ago @shayshahak thank you for the confirmation. @jluk @yugangw-msft my best guess would be this has something to do with how auth is handled in Cloud Shell such that the user doesn't need to log in. @shayshahak can you share a--debug trace from Cloud Shell for the failing instance?
shayshahak-zz
commented
5 years ago @tjprescott here is the debug output from using the Cloud Shell:
az network vnet peering create --name myVnetA3ToMyVnetB --resource-group test --vnet-name vnet-home3 --remote-vnet-id /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/MC_cloud-shell-storage-westeurope_thecluster_westeurope/providers/Microsoft.Network/virtualNetworks/aks-vnet-94615314 --allow-vnet-access --debug
Command arguments: ['network', 'vnet', 'peering', 'create', '--name', 'myVnetA3ToMyVnetB', '--resource-group', 'test', '--vnet-name', 'vnet-home3', '--remote-vnet-id', '/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/MC_cloud-shell-storage-westeurope_thecluster_westeurope/providers/Microsoft.Network/virtualNetworks/aks-vnet-94615314', '--allow-vnet-access', '--debug']
Event: Cli.PreExecute []
Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x7f56f5292a60>, <function OutputProducer.on_global_arguments at 0x7f56f502f158>, <function CLIQuery.on_global_arguments at 0x7f56f4ddbbf8>]
Event: CommandInvoker.OnPreCommandTableCreate []
Installed command modules ['acr', 'acs', 'advisor', 'ams', 'appservice', 'backup', 'batch', 'batchai', 'billing', 'botservice', 'cdn', 'cloud', 'cognitiveservices', 'configure', 'consumption', 'container', 'cosmosdb', 'dla', 'dls', 'dms', 'eventgrid', 'eventhubs', 'extension', 'feedback', 'find', 'hdinsight', 'interactive', 'iot', 'iotcentral', 'keyvault', 'lab', 'maps', 'monitor', 'network', 'policyinsights', 'profile', 'rdbms', 'redis', 'relay', 'reservations', 'resource', 'role', 'search', 'servicebus', 'servicefabric', 'signalr', 'sql', 'storage', 'vm']
Loaded module 'acr' in 0.018 seconds.
Loaded module 'acs' in 0.003 seconds.
Loaded module 'advisor' in 0.001 seconds.
Event: CommandLoader.OnLoadCommandTable []
Loaded module 'ams' in 0.005 seconds.
Loaded module 'appservice' in 0.006 seconds.
Loaded module 'backup' in 0.003 seconds.
Event: CommandLoader.OnLoadCommandTable []
Loaded module 'batch' in 0.009 seconds.
Loaded module 'batchai' in 0.003 seconds.
Loaded module 'billing' in 0.001 seconds.
Loaded module 'botservice' in 0.003 seconds.
Event: CommandLoader.OnLoadCommandTable []
Loaded module 'cdn' in 0.002 seconds.
Loaded module 'cloud' in 0.001 seconds.
Loaded module 'cognitiveservices' in 0.001 seconds.
Loaded module 'configure' in 0.001 seconds.
Loaded module 'consumption' in 0.002 seconds.
Loaded module 'container' in 0.002 seconds.
Loaded module 'cosmosdb' in 0.003 seconds.
Loaded module 'dla' in 0.004 seconds.
Loaded module 'dls' in 0.004 seconds.
Loaded module 'dms' in 0.002 seconds.
Loaded module 'eventgrid' in 0.002 seconds.
Loaded module 'eventhubs' in 0.003 seconds.
Loaded module 'extension' in 0.001 seconds.
Loaded module 'feedback' in 0.001 seconds.
Loaded module 'find' in 0.001 seconds.
Loaded module 'hdinsight' in 0.001 seconds.
Loaded module 'interactive' in 0.000 seconds.
Loaded module 'iot' in 0.004 seconds.
Loaded module 'iotcentral' in 0.001 seconds.
Loaded module 'keyvault' in 0.005 seconds.
Loaded module 'lab' in 0.003 seconds.
Loaded module 'maps' in 0.001 seconds.
Loaded module 'monitor' in 0.006 seconds.
Loaded module 'network' in 0.025 seconds.
Loaded module 'policyinsights' in 0.001 seconds.
Loaded module 'profile' in 0.001 seconds.
Loaded module 'rdbms' in 0.005 seconds.
Loaded module 'redis' in 0.002 seconds.
Loaded module 'relay' in 0.003 seconds.
Loaded module 'reservations' in 0.002 seconds.
Loaded module 'resource' in 0.006 seconds.
Loaded module 'role' in 0.004 seconds.
Loaded module 'search' in 0.002 seconds.
Loaded module 'servicebus' in 0.004 seconds.
Loaded module 'servicefabric' in 0.002 seconds.
Loaded module 'signalr' in 0.001 seconds.
Loaded module 'sql' in 0.006 seconds.
Event: CommandLoader.OnLoadCommandTable []
Loaded module 'storage' in 0.031 seconds.
Loaded module 'vm' in 0.013 seconds.
Loaded all modules in 0.210 seconds. (note: there's always an overhead with the first module loaded)
Extensions directory: '/home/shay/.azure/cliextensions'
Event: CommandInvoker.OnPreCommandTableTruncate []
Event: CommandInvoker.OnPostCommandTableCreate [<function register_global_subscription_argument.
jluk
commented
5 years ago @tjprescott could you reassign this to @maertendMSFT who is the new service owner?
Hi there, getting an error when using Cloud shell for vnet peering across tenants: https://docs.microsoft.com/en-us/azure/virtual-network/create-peering-different-subscriptions#cli Using desktop native CLI works just fine.
Cloud shell:
az network vnet peering create \
native CLI:
C:\Users\shays>az network vnet peering create --name myVnetAToMyVnetB --resource-group test --vnet-name vnet-home --remote-vnet-id /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/MC_cloud-shell-storage-westeurope_thecluster_westeurope/providers/Microsoft.Network/virtualNetworks/aks-vnet-94615314 --allow-vnet-access
{ "allowForwardedTraffic": false, "allowGatewayTransit": false, "allowVirtualNetworkAccess": true, "etag": "W/\"xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx\"", "id": "/subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/test/providers/Microsoft.Network/virtualNetworks/vnet-home/virtualNetworkPeerings/myVnetAToMyVnetB", "name": "myVnetAToMyVnetB", "peeringState": "Initiated", "provisioningState": "Succeeded", "remoteAddressSpace": { "addressPrefixes": [ "10.0.0.0/8" ] }, "remoteVirtualNetwork": { "id": "/subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/MC_cloud-shell-storage-westeurope_thecluster_westeurope/providers/Microsoft.Network/virtualNetworks/aks-vnet-94615314", "resourceGroup": "MC_cloud-shell-storage-westeurope_thecluster_westeurope" }, "resourceGroup": "test", "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings", "useRemoteGateways": false }