Octopus Deployment - Remove server from load balancer step - error

Legacy Uncategorised
1

Hello Support Team,

We are using below powershell script for removing web-server from the load balancer in Microsoft Azure portal(https://portal.azure.com).

Powershell Script -

[System.Net.WebRequest]::DefaultWebProxy.Credentials = [System.Net.CredentialCache]::DefaultCredentials
$nic = Get-AzureRmNetworkInterface -ResourceGroupName #{RsrGroupName} -Name #{NICName}
if($nic.IpConfigurations[0].LoadBalancerBackendAddressPools.Count -eq 1)
{
$nic.IpConfigurations[0].LoadBalancerBackendAddressPools.RemoveAt(0)
Set-AzureRmNetworkInterface -NetworkInterface $nic
}

However we are getting error in executing deployment process steps. May we ask you to provide solution or suggest how to fix ?

Please refer attached screenshots and let me know if you need additional information.

Capture1.PNG
Capture1.PNG877×274 15.6 KB

Capture2.PNG
Capture2.PNG1056×665 47.7 KB

Capture3.PNG
Capture3.PNG1130×736 70.2 KB

2

Hi,

Thanks for getting in touch. From your script it looks like you need to load proxy settings to access Azure, is that correct? When we bootstrap an Azure PowerShell script, we first call Login-AzureRmAccount as you can see in your logs, it looks like that call is failing, possibly due to proxy issues. The PowerShell context we use should automatically load the proxy settings that were configured in the Octopus Manager application when Octopus Server was installed. See the Configuring a Web Request Proxy section of the Proxy Support page in our docs here: http://docs.octopusdeploy.com/display/OD/Proxy+Support#ProxySupport-WebRequest. Can you check those settings and see if they are configured correctly for your proxy? You will need to run the Octopus Manager application on the machine Octopus Server is installed on.

If that doesn’t seem to be the issue can you send me through the complete raw logs of the deployment that is failing? You can edit out sensitive information or mark this discussion Private with the MAKE PRIVATE button on the right.

I hope that helps.

Mark

3

Hi Mark,

Thanks for your response, however we have checked in our environment there are no proxy configured.

Also just to highlight, this script was running earlier successfully, we have not made any changes.
We have also uninstall PowerShell module from octopus server and reinstalled it.

So can you please suggest next step to check.

Best Regards,
Sanket

4

Hi Sanket,

When you say you have not made any changes, you haven’t upgraded Octopus or anything? Because if nothing has changed with your Octopus version and this used to work this may be a network issue. You’re getting a HttpException when we try to authenticate with Azure.

The script we run to authenticate looks like:

Import-Module AzureRM
$securePassword = ConvertTo-SecureString YOUR-AZURE-AD-PASSWORD -AsPlainText -Force
$creds = New-Object System.Management.Automation.PSCredential (YOUR-AZURE-AD-CLIENTID, $securePassword)
Login-AzureRmAccount -Credential $creds -TenantId YOUR-AZURE-AD-TENANTID -SubscriptionId YOUR-AZURE-SUBSCRIPTIONID -ServicePrincipal

Does that work on the machine just in a PowerShell console? You’ll will need to fill in the various Ids and password, they should be as they are entered in the Azure Accounts section of Octopus.

Mark

5

Hi Mark,

I have created new AD partition in Azure and assigned new credential to account as well, still we are getting this issue. I have tried deleting that account it says

[cid:image001.jpg@01D2404B.549BD7B0]

I have tried below script from server and it seems working from server.

Regards

Kiran Patel

image001.jpg

6

Hi Mark,

Just to update, we have two account as Service Principle Name as below.

[cid:image002.png@01D244BF.4D6B0FB0]

· I have created new “AzureRM” when “Azure RM Account Old” started giving an error message

· Now we have changed all task with “AzureRM” account , still getting same error

· When I am trying to delete “Azure RM Account old” I am getting error message as it is in use, snapshot in mail trail

· I have cheeked each and every process with process URL http://build.snfems.com/api/deploymentprocesses/deploymentprocess-processID and also with GUI I dint find “Azure RM Account Old” configured any of task.

· Script which you have shared I have used that one on server and seems working fine.

Please let us know what else we can check.

Regards

Kiran Patel

From: D Patel, Kiran
Sent: Wednesday, November 16, 2016 8:52 PM
To: ‘Mark Rydstrom’ tender2+dfe6aeaf47@tenderapp.com
Cc: Phating, Sanket sanket.phating@accenture.com; Aalam Gir, Mohammad mohammad.aalam.gir@accenture.com; Shaikh, R. r.shaikh@accenture.com
Subject: RE: Octopus Deployment - Remove server from load balancer step - error [Problems #48842]

Hi Mark,

I have created new AD partition in Azure and assigned new credential to account as well, still we are getting this issue. I have tried deleting that account it says

[cid:image003.jpg@01D244BF.4D6B0FB0]

I have tried below script from server and it seems working from server.

Regards

Kiran Patel

image002.png

image001.jpg

7

Hi mark,

Any update on below.

Regards

Kiran Patel

From: D Patel, Kiran
Sent: Tuesday, November 22, 2016 12:55 PM
To: ‘Mark Rydstrom’ tender2+dfe6aeaf47@tenderapp.com
Cc: Phating, Sanket sanket.phating@accenture.com; Aalam Gir, Mohammad mohammad.aalam.gir@accenture.com; Shaikh, R. r.shaikh@accenture.com; Radhakrishnan, A. R. a.r.radhakrishnan@accenture.com; Mohan, Mala mala.mohan@accenture.com
Subject: RE: Octopus Deployment - Remove server from load balancer step - error [Problems #48842]

Hi Mark,

Just to update, we have two account as Service Principle Name as below.

[cid:image001.png@01D2474A.A214F480]

· I have created new “AzureRM” when “Azure RM Account Old” started giving an error message

· Now we have changed all task with “AzureRM” account , still getting same error

· When I am trying to delete “Azure RM Account old” I am getting error message as it is in use, snapshot in mail trail

· I have cheeked each and every process with process URL http://build.snfems.com/api/deploymentprocesses/deploymentprocess-processID and also with GUI I dint find “Azure RM Account Old” configured any of task.

· Script which you have shared I have used that one on server and seems working fine.

Please let us know what else we can check.
Regards

Kiran Patel

From: D Patel, Kiran
Sent: Wednesday, November 16, 2016 8:52 PM
To: ‘Mark Rydstrom’ <tender2+dfe6aeaf47@tenderapp.commailto:tender2+dfe6aeaf47@tenderapp.com>
Cc: Phating, Sanket <sanket.phating@accenture.commailto:sanket.phating@accenture.com>; Aalam Gir, Mohammad <mohammad.aalam.gir@accenture.commailto:mohammad.aalam.gir@accenture.com>; Shaikh, R. <r.shaikh@accenture.commailto:r.shaikh@accenture.com>
Subject: RE: Octopus Deployment - Remove server from load balancer step - error [Problems #48842]

Hi Mark,

I have created new AD partition in Azure and assigned new credential to account as well, still we are getting this issue. I have tried deleting that account it says

[cid:image002.jpg@01D2474A.A214F480]

I have tried below script from server and it seems working from server.

Regards

Kiran Patel

image002.png

image001.jpg

8

Hi,

  1. In the second message to this thread Sanket said “Also just to highlight, this script was running earlier successfully, we have not made any changes.” Can you please confirm that this did work, then stopped working without any changes being made? No settings changes and Octopus wasn’t upgraded?

  2. Can you send me the raw log of a failed deployment, not just a screen shot. Guidance on getting a raw log is here: http://docs.octopusdeploy.com/display/OD/Get+the+raw+output+from+a+task

  3. Can you please take a screenshot of your Octopus Server proxy settings? You will need to run the Octopus Manager application, then select “Change proxy server settings”, then take a screen shot showing the settings like this: https://i.imgur.com/8dD9UQQ.png

Regards,
Mark

9

Hi,

As a fourth item, can you run the previous login script:

Import-Module AzureRM
$securePassword = ConvertTo-SecureString YOUR-AZURE-AD-PASSWORD -AsPlainText -Force
$creds = New-Object System.Management.Automation.PSCredential (YOUR-AZURE-AD-CLIENTID, $securePassword)
Login-AzureRmAccount -Credential $creds -TenantId YOUR-AZURE-AD-TENANTID -SubscriptionId YOUR-AZURE-SUBSCRIPTIONID -ServicePrincipal

and make sure you are running the PowerShell session as the same user that the Octopus Server runs as?

Mark

10

Hi Mark,

This is what I was looking for long time, how do we know which user octopus is using while running script from web portal i.e. octopusserer.com/app . we have active directory authentication enable , it will be helpful to know how user generates session or is there any way I can find it out.

Regards

Kiran Patel

11

HI Kiran,

When scripts are run on the Octopus Server (such as for Azure scripts) they are run as the user the Octopus Server service runs as. For scripts run on a Tentacle they are run as the user the Tentacle service is running as. The default is the Local System account but it can be changed during Octopus Server or Tentacle installation.

Mark

12

Hi Mark,

Thanks a lot for below information , I have open powershell with system account, and I have ran script and found same behavior as on octopus application , first two time it didn’t work and third time it worked, same thing happens when we run deployment, first attempt gets failed and we run manually couple of time and it works.

Can you please suggest something , and for proxy I have changed earlier as “Do Not Use Proxy”.

I have also attached raw logs for failed deployments.

Regards

Kiran patel

System_account.JPG
System_account.JPG1418×427 101 KB

ServerTasks-18288.log.txt (43 KB)

proxy_Settings.JPG
proxy_Settings.JPG999×669 45.9 KB