I often need to run a simple task or retrieve information from an Azure VM. Most of the time I want to do so without creating an RDP or SSH session, exposing a WinRM or SSH port, and in some cases need to do so on a VM that is isolated from the internet.
In the past I have relied on the Azure Virtual Machine Custom Script Extension for these types of operations. The Custom Script extension uses the Azure VM Agent to download and run scripts on a virtual machine. It is useful when needing to perform a VM operation or configuration, however is somewhat heavy weight and has one in particular trait that I have found cumbersome. Once the Custom Script Extension has been added to a VM, it needs to then be removed before another instance can be run. This is not a difficult operation but when running multiple scripts against a VM is less than desirable.
Recently an alternate and more lightweight method for running scripts against Azure VMs has been released; the Azure Virtual Machine Run Command. Using a Run Command, PowerShell or Bash scripts can be run against virtual machines with many of the same benefits as the custom script extension, however multiple instances can be run without the need of any type of clean-up action.
In this document I walk through some steps for using the Azure Virtual Machine Run Command action and also provide some troubleshooting information.
For detailed information, see the Run Command documentation on docs.microsoft.com.
Azure portal
Scripts can be run directly from a virtual machine in the Azure portal. To do so, select the VM and Run command. From here select a pre-created operation or RunPowerShellScript / RunShellScript.
Enter the command / script that you would like to run on the VM and click run.
Azure PowerShell (Core)
A run command can be triggered using PowerShell like this:
Invoke-AzVMRunCommand -ResourceGroupName runcmd -VMName win-runcmd -CommandId RunPowerShellScript -ScriptPath ./run-command.ps1
The output will look similar to:
Value[0]        :
  Code          : ComponentStatus/StdOut/succeeded
  Level         : Info
  DisplayStatus : Provisioning succeeded
  Message       :     Directory: C:\
Mode                LastWriteTime         Length Name
----                -------------         ------ ----
-a----       11/28/2018   9:48 PM              0 test.txt
Value[1]        :
  Code          : ComponentStatus/StdErr/succeeded
  Level         : Info
  DisplayStatus : Provisioning succeeded
  Message       :
Status          : Succeeded
Capacity        : 0
Count           : 0
Azure CLI
A run command can also be triggered using the Azure CLI like this:
az vm run-command invoke --resource-group runcmd --name linux-runcmd --scripts "sudo touch /test.txt" --command-id RunShellScript
The output will look similar to:
{
  "value": [
    {
      "code": "ProvisioningState/succeeded",
      "displayStatus": "Provisioning succeeded",
      "level": "Info",
      "message": "Enable succeeded: \n[stdout]\n\n[stderr]\n",
      "time": null
    }
  ]
}
Troubleshooting
If you do run into a situation in which client-side troubleshooting is required, here are a few spots to check out.
Windows
On Windows the downloaded script can be located in the following directory:
C:\Packages\Plugins\Microsoft.CPlat.Core.RunCommandWindows\1.1.0\Downloads
With the script execution output here:
C:\Packages\Plugins\Microsoft.CPlat.Core.RunCommandWindows\1.1.0\Status
The run command handler logs can be found here:
C:\WindowsAzure\Logs\Plugins\Microsoft.CPlat.Core.RunCommandWindows
Linux
The script, stderr, and stdout output are located here:
/var/lib/waagent/run-command/download/
The run command handler logs can be found here:
/var/log/azure/run-command