我正在尝试使用自定义映像创建池,该自定义映像是使用Azureure SDK从VM创建的。位置和资源组匹配。
这是我的代码:
import azure.batch as batch
from azure.batch import BatchServiceClient
from azure.batch.batch_auth import SharedKeyCredentials
from azure.batch import models
account = 'mybatch'
key = 'Adgfdj1hhsdfqATc/K2fgxdfg/asYgKRP2pUdfglBce7mgmSBdfgdhC7f3Zdfgrcgkdgh/dfglA=='
batch_url = 'https://mybatch.westeurope.batch.azure.com'
creds = SharedKeyCredentials(account, key)
batch_client = BatchServiceClient(creds, base_url = batch_url)
pool_id_base = 'mypool'
idx = 1
pool_id = pool_id_base + str( idx )
while batch_client.pool.exists( pool_id ):
idx += 1
pool_id = pool_id_base + str( idx )
print( 'pool_id ' + pool_id )
sku_to_use = 'batch.node.ubuntu 18.04'
#
# image_ref_to_use = models.ImageReference(
# offer = 'UbuntuServer',
# publisher = 'Canonical',
# sku = '18.04-LTS',
# version = 'latest'
# )
image_ref_to_use = models.ImageReference(
virtual_machine_image_id = '/subscriptions/1834572sd-34sd409a-sdfb-sc345csdfesourceGroups/resource-group-1/providers/Microsoft.Compute/images/my-image-1'
)
vm_size = 'Standard_D3_v2'
vmc = models.VirtualMachineConfiguration(
image_reference = image_ref_to_use,
node_agent_sku_id = sku_to_use
)
new_pool = models.PoolAddParameter(
id = pool_id,
vm_size = vm_size,
virtual_machine_configuration = vmc,
target_dedicated_nodes = 1
)
batch_client.pool.add(new_pool)
According to the docs我应该能够使用virtual_machine_image_id或其他提供市场图像的参数。 我可以创建标准市场图片池,但是在尝试使用自定义图片ID时出现错误。
Traceback (most recent call last): File "create_pool.py", line 60, in <module>
batch_client.pool.add(new_pool) File "/root/miniconda/lib/python3.6/site-packages/azure/batch/operations/pool_operations.py", line 312, in add
raise models.BatchErrorException(self._deserialize, response) azure.batch.models.batch_error.BatchErrorException: {'additional_properties': {}, 'lang': 'en-US', 'value': 'Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.\nRequestId:0dfdf9c1-edad-4b72-8e8f-f8dbcfd0abbdf\nTime:2018-12-06T10:51:21.9417222Z'}
如何解决此问题?
更新
我尝试将ServicePrincipalCredentials用于以下内容:
CLIENT_ID :我在Defaut Directiry中创建了一个新应用程序->添加注册并获得了它的应用程序ID。
秘密:A为新应用创建了密钥并使用了其值。
TENANT_ID :az account show在云外壳中。
资源:使用了'https://batch.core.windows.net/'。
这样更新了我的代码:
from azure.common.credentials import ServicePrincipalCredentials
creds = ServicePrincipalCredentials(
client_id=CLIENT_ID,
secret=SECRET,
tenant=TENANT_ID,
resource=RESOURCE
)
我得到另一个错误:
Keyring cache token has failed: No recommended backend was available. Install the keyrings.alt package if you want to use the non-recommended backends. See README.rst for details.
Traceback (most recent call last):
File "create_pool.py", line 41, in <module>
while batch_client.pool.exists( pool_id ):
File "/root/miniconda/lib/python3.6/site-packages/azure/batch/operations/pool_operations.py", line 624, in exists
raise models.BatchErrorException(self._deserialize, response)
azure.batch.models.batch_error.BatchErrorException: Operation returned an invalid status code 'Server failed to authorize the request.'
答案 0 :(得分:2)
尝试使用服务主体凭据而不是共享密钥凭据
credentials = ServicePrincipalCredentials(
client_id=CLIENT_ID,
secret=SECRET,
tenant=TENANT_ID,
resource=RESOURCE
)
“共享密钥凭据”似乎有错误。
文档链接:https://docs.microsoft.com/en-us/azure/batch/batch-aad-auth
问题链接:https://github.com/Azure/azure-sdk-for-python/issues/1668
注意:请删除您的帐户详细信息,因为任何人都可以访问。将帐户名和密钥替换为****。
更新 如果服务主体凭据不起作用,请尝试使用用户凭据,看看是否有效。
from azure.common.credentials import UserPassCredentials
import azure.batch.batch_service_client as batch
credentials = UserPassCredentials(
azure_user,
azure_pass
)
batch_client = batch.BatchServiceClient(credentials, base_url = batch_url)