azure hdinsight create cluster with additional storage account - powershell

I am trying to automate an HDINSIGHT cluster using azure powershell.
I am using this template from offical doc https://github.com/Azure/azure-content/blob/master/articles/hdinsight/hdinsight-hadoop-create-linux-clusters-azure-powershell.md
How can I setup an additoinal storage account for my cluster? Do you have any idea?
Documentation mentions parameter -AdditionalStorageAccounts without examples
$resourceGroupName = "<ResourceGroupName>" # Provide the Resource Group name
$storageAccountName = "<StorageAcccountName>" # Provide the Storage account name
$containerName = "<ContainerName>" # Provide the container name
$storageAccountKey = Get-AzureStorageAccountKey -Name $storageAccountName -ResourceGroupName $resourceGroupName | %{ $_.Key1 }
# Set these variables
$clusterName = $containerName # As a best practice, have the same name for the cluster and container
$clusterNodes = <ClusterSizeInNodes> # The number of nodes in the HDInsight cluster
$credentials = Get-Credential -Message "Enter Cluster user credentials" -UserName "admin"
$sshCredentials = Get-Credential -Message "Enter SSH user credentials"
# The location of the HDInsight cluster. It must be in the same data center as the Storage account.
$location = Get-AzureRmStorageAccount -ResourceGroupName $resourceGroupName -StorageAccountName $storageAccountName | %{$_.Location}
# Create a new HDInsight cluster
New-AzureRmHDInsightCluster -ClusterName $clusterName -ResourceGroupName $resourceGroupName -HttpCredential $credentials -Location $location -DefaultStorageAccountName "$storageAccountName.blob.core.windows.net" -DefaultStorageAccountKey $storageAccountKey -DefaultStorageContainer $containerName -ClusterSizeInNodes $clusterNodes -ClusterType Hadoop -OSType Linux -Version "3.2" -SshCredential $sshCredentials


Here is an example from the C# library, I have not used this code in about 2 year so the api might have changed, but used to work, hope it helps.
// PROVIDE THE CERTIFICATE THUMBPRINT TO RETRIEVE THE CERTIFICATE FROM THE CERTIFICATE STORE
var store = new X509Store(StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
var cert = store.Certificates.Cast<X509Certificate2>().First(item => item.Thumbprint == thumbprint);
// CREATE AN HDINSIGHT CLIENT OBJECT
var creds = new HDInsightCertificateCredential(Guid.Parse(subscriptionid), cert);
var client = HDInsightClient.Connect(creds);
client.IgnoreSslErrors = true;
// the location of additional-libs that will get pulled into the the env on create
string hiveAddtionalLibContainer = "additional-hive-lib";
var hiveAdditionalLibStorage = new WabStorageAccountConfiguration(storageaccountname, storageaccountkey, hiveAddtionalLibContainer);
// PROVIDE THE CLUSTER INFORMATION
var clusterInfo = new ClusterCreateParametersV2()
{
Name = clusterName,
Location = location,
DefaultStorageAccountName = storageaccountname,
DefaultStorageAccountKey = storageaccountkey,
DefaultStorageContainer = clusterName,
UserName = username,
Password = password,
ClusterSizeInNodes = clustersize,
Version = "3.2",
ClusterType = Microsoft.WindowsAzure.Management.HDInsight.ClusterProvisioning.Data.ClusterType.Hadoop,
};
// add more storage
clusterInfo.AdditionalStorageAccounts.Add(new WabStorageAccountConfiguration(storageaccountnameAdd1, storageaccountkeyAdd1));
client.CreateCluster(clusterInfo);


It seems we should specify the same name for cluster and default container in order to create correctly your HDInsight Cluster.
Roberto


The following lines create a storage account, and add it as an additional storage account
# create a storage account
$additionalStorageAccountName = $token + "store2"
New-AzureRmStorageAccount -ResourceGroupName $resourceGroupName -StorageAccountName $additionalStorageAccountName -Location $location -Type Standard_LRS
$additionalStorageAccountKey = (Get-AzureRmStorageAccountKey -Name $additionalStorageAccountName -ResourceGroupName $resourceGroupName)[0].Value
# Specify the additional storage account
$config = New-AzureRmHDInsightClusterConfig
Add-AzureRmHDInsightStorage -Config $config -StorageAccountName "$additionalStorageAccountName.blob.core.windows.net" -StorageAccountKey $additionalStorageAccountKey
# Create a new HDInsight cluster with an additional storage account
New-AzureRmHDInsightCluster `
-ClusterName $clusterName `
-ResourceGroupName $resourceGroupName `
-HttpCredential $credentials `
-Location $location `
-DefaultStorageAccountName "$defaultStorageAccountName.blob.core.windows.net" `
-DefaultStorageAccountKey $defaultStorageAccountKey `
-DefaultStorageContainer $defaultStorageContainerName `
-ClusterSizeInNodes $clusterNodes `
-ClusterType Hadoop `
-OSType Linux `
-Version "3.4" `
-SshCredential $sshCredentials `
-Config $config

Related

HDInsight cluster with metastore using powershell error

I am trying to create HDInsight cluster in Azure with Metastore using the Powershell script. But it is throwing BadRequest: RegionCapabilityNotAvailable,Region capability not available for region 'East US' error. But East US is a supported region for the HDInsight cluster. Please find my code below.
$storageAccountResourceGroupName = "hdi-rg"
$storageAccountName = "qwertyhdi"
#$storageAccountKey = (Get-AzStorageAccountKey -ResourceGroupName $storageAccountResourceGroupName -Name $storageAccountName)[0].value
$storageContainer = "qwertyiopasdf-2020-05-03t08-30-23-118z"
# Cluster configuration info
$location = "East US"
$clusterResourceGroupName = "hdi-rg"
$clusterName = "qwertyiopasdf"
$username = "admin"
$password = ConvertTo-SecureString "password" -AsPlainText -Force
$clusterCreds = New-Object System.Management.Automation.PSCredential -ArgumentList ($username, $password)
# Hive metastore info
$hiveSqlServer = "server"
$hiveDb = "db123"
$sqlusername = "qwerty"
$sqlpassword = ConvertTo-SecureString "password" -AsPlainText -Force
$hiveCreds = New-Object System.Management.Automation.PSCredential -ArgumentList ($sqlusername, $sqlpassword)
New-AzStorageAccount `
-ResourceGroupName $storageAccountResourceGroupName `
-Name $storageAccountName `
-Location $location `
-SkuName Standard_LRS `
-Kind StorageV2 `
-EnableHttpsTrafficOnly 1
# Note: Storage account kind BlobStorage cannot be used as primary storage.
$storageAccountKey = (Get-AzStorageAccountKey `
-ResourceGroupName $storageAccountResourceGroupName `
-Name $storageAccountName)[0].Value
$defaultStorageContext = New-AzStorageContext `
-StorageAccountName $storageAccountName `
-StorageAccountKey $storageAccountKey
New-AzStorageContainer `
-Name $storageContainer `
-Context $defaultStorageContext #use the cluster name as the container name
$metastore = New-AzHDInsightClusterConfig | Add-AzHDInsightMetastore -SqlAzureServerName "$hiveSqlServer.database.windows.net" -DatabaseName $hiveDb -Credential $hiveCreds -MetastoreType HiveMetastore
New-AzHDInsightCluster -Location $location -ResourceGroupName $clusterResourceGroupName -ClusterName $clusterName -ClusterType Hadoop -OSType Windows -ClusterSizeInNodes 1 -HttpCredential $clusterCreds -DefaultStorageAccountName "$storageAccountName.blob.core.windows.net" -DefaultStorageAccountKey $storageAccountKey -DefaultStorageContainer $storageContainer -Config $metastore

Is -OSType Windows still valid. I realize "Windows" is listed as an option from the PowerShell specs, but I think "linux" is the only value that will actually work.

You will receive this error message BadRequest: RegionCapabilityNotAvailable,Region capability not available for region 'East US', when underlying compute sku is not available for the selected region in that subscription.
I would request you to check if the resource are available from Azure Portal.
Azure Portal => Select your subscription => Usage + Quotas
Filter with => Microsoft.Compute and Region => East US
If you're unable to find a suitable SKU in that region/zone or an alternative region/zone that meets your business needs, submit a SKU request or Quota increase to Azure Support.

SAS token error in Azure

I am generating SAS token from PowerShell but when I am trying to access that token from Azure Storage explorer, it is giving problem "Authentication Error. Signature fields not well formed."
here is the full Powershell command :-
Parameter required
$StorageAccountName = 'XXXXXX'
$ResourceGroup = 'remoteaccess'
$ContainerName = "vhds"
Powershell Cmd
$AzStrAct = Get-AzureRmStorageAccount -Name $StorageAccountName -ResourceGroupName $ResourceGroup
$AzStrKey = Get-AzureRmStorageAccountKey -Name $StorageAccountName -ResourceGroupName $ResourceGroup
$AzStrCtx = New-AzureStorageContext $StorageAccountName -StorageAccountKey $AzStrKey[0].Value
Get-AzureStorageContainer -Name $ContainerName -Context $AzStrCtx
$ContainerSASTokenURI = New-AzureStorageContainerSASToken -Name $ContainerName -Permission "rwdl" -StartTime "2017-04-12" -ExpiryTime "2017-04-16" -Context $AzStrCtx -FullUri
Write-Host "The SAS Token of container as below:"
$ContainerSASTokenURI
output
https://XXXXXXX.blob.core.windows.net/vhds?sv=2015-04-05&sr=c&sig=XXXXXXXXXXXXXXXXXXXXXXXX&st=2017-04-1
1T18%3A30%3A00Z&se=2017-04-15T18%3A30%3A00Z&sp=rwdl

I test with your script, and it works for me, my Azure storage explorer version is 0.8.12, I suggest you upgrade Azure storage explorer's version to 0.8.12.

How to create Azure HDInsight cluster with Hive metastore using Powershell?

I was trying to create HDInsight cluster with Hive metastore. Cluster was created successfully but without Hive metastore. Also any error was not returned. I used Powershell script below.
$resourceGroupName = "ResourceGroup"
$storageAccountName = "myStorage"
$containerName="myContainer"
$clusterName = "myCluster"
$location = "West Europe"
$clusterNodes = 2
$clusterType = "Hadoop"
$OSType = "Windows"
$hdVersion = "3.2"
$hadoopUserName = "user"
$hadoopUserPassword = "password"
$hadoopUserPW = ConvertTo-SecureString -String $hadoopUserPassword -AsPlainText -Force
$clusterCreds = New-Object System.Management.Automation.PSCredential($hadoopUserName,$hadoopUserPW)
$sqlDatabaseServerName = "mydbserver"
$metaStoreDBName = "HiveMetaStoreDB"
$sqlDatabaseLogin = "myDBLogin"
$sqlDatabasePassword = "myDBPassword"
$sqlDatabaseSecurePassword = ConvertTo-SecureString -String $sqlDatabasePassword -AsPlainText -Force
$sqlServerCred = New-Object System.Management.Automation.PSCredential ($sqlDatabaseLogin, $sqlDatabaseSecurePassword)
# Create a new HDInsight cluster
$config = New-AzureRmHDInsightClusterConfig -ClusterType Hadoop `
| Add-AzureRmHDInsightMetastore `
-SqlAzureServerName "$sqlDatabaseServerName.database.windows.net" `
-DatabaseName $metaStoreDBName `
-Credential $sqlServerCred `
-MetastoreType HiveMetastore
$config.DefaultStorageAccountName = "$storageAccountName.blob.core.windows.net"
$config.DefaultStorageAccountKey = $storageAccountKey
New-AzureRmHDInsightCluster `
-config $config `
-OSType $OSType `
-clustername $clusterName `
-HttpCredential $clusterCreds `
-DefaultStorageContainer $containerName `
-Location $location `
-ResourceGroupName $resourceGroupName `
-ClusterSizeInNodes $clusterNodes `
-Version $hdVersion
Could somebody tell me the reason why Hive metastore was not created? Or what should I do to create it?

The cluster creation process doesn't create the Azure Database for you. You must create the database before you can use it as the Hive metastore.

HDInsight Storage not found in multiple subscription

I am trying to run Azure HDInsight Cluster from PowerShell and getting error while getting storage key from my azure account :
Get-AzureSubscription -Default
$subid = (Get-AzureSubscription -Current).SubscriptionId
$clustername = "bigdatajs1"
$storagename = "bigdatajs1"
$containername = "bigdatajs1"
$creds = Get-Credential
#get storage for key
$key1 = (Get-AzureStorageKey $storagename).Primary
PS C:\Users\milind.chavan> $key1 = (Get-AzureStorageKey $storagename).Primary
Get-AzureStorageKey : ResourceNotFound: The storage account 'bigdatajs1' was not found.

By changing the subscription I can manage to get ride of this issue

Azure Powershell - Check to see if resource exists

I'm using Powershell to automate setting up my Azure environment - to create storage account, database, website, etc.
In development, I want to provision and a tear down a lot. Very often, I want to run my provisioning script and create a azure asset if it doesn't already exist
However, I haven't found an elegant way of doing this. Some of the "Get" cmdlets throw exceptions if the item doesn't exist, and catching it is a bit of a hack:
try {
$storageAcct = Get-AzureStorageAccount -StorageAccountName $Name
Write-Verbose "Storage Account already exists"
} catch {
$storageAcct = New-AzureStorageAccount -StorageAccountName $Name -Location $Location
}
What's more, with some commands, I can't catch the exception at all and I don't know why:
try {
$cache = Get-AzureRedisCache -ResourceGroupName $resourceGroupName -Name $cacheName
} catch {
//Even with an exception, never arrives here.
}
Is there a better way to do this?

You should use Test-AzureName for this instead of Get-AzureStorageAccount.
if (!Test-AzureName -Storage $Name)
{
# create the storage account.
}
This will work for Cloud Services, Web Apps, and Service Bus namespaces too. For your database, you will have to resort back to your existing approach.
**
Added the following to address questions about v2 (ARM) resources:
**
For v2 resources (ARM), the story is mostly the same. For example, the DNS name for a v1 or v2 storage account will be the same, such as contoso.blob.core.windows.net. The same holds for Azure Web Apps (formerly Azure Web Sites), where you would have a DNS name such as contoso.azurewebsites.net. So, in other words, Test-AzureName would work just as well for these resources in ARM.
One notable difference is the DNS name for virtual machines. In v1, virtual machines are contained in a cloud service and get a DNS name such as contoso.cloudapp.net. For v2 virtual machines, the public DNS name is provided by the Public IP Address resource, for which the DNS name for a virtual machine in East US (for example) would be contoso.eastus.cloudapp.azure.com. To test for the availability of this DNS name, you should use the Test-AzureRmDnsAvailability cmdlet. For example,
if (Test-AzureRmDnsAvailability -DomainNameLabel "contos0" -Location "East US")
{
# Assign DNS name to Public IP Address resource here.
}

Try this:
if(!(Get-AzureRmStorageAccountNameAvailability -Name $storageName))
{
New-AzureRmStorageAccount -ResourceGroupName $resourceGroupName -Name $storageName -SkuName Standard_LRS
}

It is my solution with new Azure PowerShell Az module
$StorageAccountName = "Storage account name"
$ResourceGroupName = "Resource group name"
$StorageAccount = Get-AzStorageAccount -Name $StorageAccountName -ResourceGroupName $ResourceGroupName -ErrorAction SilentlyContinue
if($StorageAccount -eq $null){
$storage = New-AzStorageAccount -ResourceGroupName $ResourceGroupName -StorageAccountName $StorageAccountName -Location "westeurope" -SkuName Standard_LRS -Kind StorageV2
}
else{
Write-Host "$StorageAccountName already exist"
}

I usually go for the following (works for pretty much any resource in Azure, just replace the "Get" module and parameters):
function Test-AzureStorageAccountExists {
Param(
[string]$resourceGroupName,
[string]$storageAccountName
)
$SA = Get-AzureRmStorageAccount -Name $storageAccountName -ResourceGroupName $resourceGroupName -ErrorVariable notPresent -ErrorAction SilentlyContinue
if ($notPresent) {return $false}
}

something like this ?
if(
Get-AzureStorageAccount | Where {$_.Label -match $name} | measure |select -expand count -eq 0) {
$storageAcct = New-AzureStorageAccount -StorageAccountName $Name -Location $Location
}

Maybe you can use the cmdlet Get-AzureRmResource. If the resource exists, it returns the information about the specified resource including the resource type; If not, it return $null.
e.g.:
$MyRes=Get-AzureRmResource -ResourceName "MyResourceName" -ResourceGroupName
"MyResourceGroupName"
if ($null == $MyRes) {
# Not existing
}

I needed to check for the existing of a variable in the Azure Automation account using Get-AzureRmAutomaitonVariable before deciding if it needed to be created. user888734's solution of using a "catch" helped me get past this issue which I was blocked on for 2 days :-)
try {
$existingVariable = Get-AzureRMAutomationVariable -ResourceGroupName $resourceGroup -AutomationAccountName $automationAccountName -Name $variable
} catch {
New-AzureRmAutomationVariable -ResourceGroupName $resourceGroup -AutomationAccountName $automationAccountName -Name $variable -Value $value -Encrypted $False
}