I have been working a lot with Azure Image Builder service recently. In this post I’ll go over what installing software with Azure Image Builder. Its a really neat service, still in public preview, that allows you to select Azure Market place images and build a gold image from it. There is value of course in building a standard image, however the true value comes with being able to run a PowerShell script during build time. In particular this customize phase in blue.
This means we can do pretty much anything we want, but in particular installing software. You can do this by adding a script to a github repo and linking to the raw script file as seen here in the WVD template I shared in my other post, on setting up Azure Image Builder service.
"ScriptUri": {
"type": "string",
"defaultValue": "https://raw.githubusercontent.com/<yourscripthere>",
"metadata": {
"description": "Location of powershell script to customize your image"
}
},
Downloading Software
In your script however you will need to download software. For common sources like Teams and Chrome you can simply invoke-webrequest to the URI. However, if the image requires custom or specialized software to only your company, you’ll need to upload the files needed to a location you can grab. Github has a 100mb file limit, so its useful for small files. But for larger files I ended up using an blob storage account on Azure. You could use Invoke-Webrequest, but you’ll find it to be extremely slow, especially for large files like 5GB zip files.
Enter Az Copy. I had heard of Az Copy but never used it before. For some reason I just through it was another PowerShell command in the Azure Module. However its a separate downloadable executable.
To download and extract Az Copy you can use this PowerShell.
invoke-webrequest -uri 'https://aka.ms/downloadazcopy-v10-windows' -OutFile c:\temp\azcopy.zip Expand-Archive 'c:\temp\azcopy.zip' c:\temp copy-item "C:\temp\azcopy_windows_amd64_10.4.3\azcopy.exe" -Destination c:\temp
In your Azure Blog storage you setup for your files, you’ll need to create a read only link to the file that has the shared access key in the URL.
Then you can use Az Copy to download your files.
c:\temp\azcopy.exe copy 'Azure Blog Storage URL here' c:\temp\someApplication.zip
Installing Software during Azure Image Builder Process
The first thing I found during software install is that with MSI files, is the -Wait command will stall the whole process. You’re probably thinking well duh. But that is how the command was sent to me to install it. And the Wait command is supposed to run the MSI process while forcing the PowerShell script to wait until its done. In My testing live it only stalled the script for about 30 seconds and then continued on. But something about trying to run it during the Azure Image Builder process caused the whole thing to satll.
So with that said install MSI files like so.
Start-Process -FilePath msiexec.exe -ArgumentList '/i',$path, '/q' -PassThru -Verb "RunAs"
Troubleshooting
Invariably your task will fail. As of right now the error messages aren’t the greatest. My recommendation would be to try to lock down your install so it installs silently with PowerShell before you ever try it in Azure Image Builder.
But if you are having issues, check the Azure Activity log for you Resource Group, the Azure Image Builder service does create entries there. And as I mentioned in my setup post, it allowed me to find that the Key Vault provider was not registered in the clients environment.
Additionally you can see the last error message by running this command.
(Get-AzResource -ResourceGroupName MVP_ImageBuilder -ResourceType Microsoft.VirtualMachineImages/imageTemplates -Name $build).Properties.lastRunStatus.message
where $build is from your invocation of the run action.
There will also be a XML outfile you can go to that will contain errors as well.