问题
It was brought to my attention that, if you create a new VM and then delete it (and its associated resources), you do not in fact delete the corresponding VHD file -- that file is left in blob storage, blocking the provisioning of a new machine with the same hostname, and also costing real money for wasted and unused storage. I wish to delete the VHD's along with the VM's.
Where can I find a good write-up of the current wisdom on how to deal with this? All I can find is references from before 2013 which evidently target the "classic" version.
I have written up the following code to try to remedy this situation. I have two use cases, first of all I have to get rid of all the accumulated junk, and after that I "just" need to make sure to clean up after each future machine when it is deleted.
write-output("Removing orphaned disks for hostname ""$hostname"" ...")
$storageContext = (Get-AzureRmStorageAccount | Where-Object{$_.StorageAccountName -match $azureStorage}).Context
$storageBlob = Get-AzureStorageBlob -Context $storageContext -Container "vhds"
$vhdList = $storageBlob | Where-Object{$_.Name -match "$hostname"}
foreach($disk in $vhdList) {
$diskname = $disk.Name
write-output("Removing VHD ""$diskname"" ...")
Remove-AzureDisk -Diskname "$diskname" -DeleteVHD
write-output("Removed VHD ""$diskname"" ... [OK]")
}
write-output("Removed orphaned disks ... [OK]")
Now, when I run that, I get nice listings of the VHD files I expect to see (and also some corresponding "*.status" files). However, the Remove-AzureDisk command yields the error Remove-AzureDisk : ResourceNotFound: The disk with the specified name does not exist so it's not really working.
You'll notice that I switch from the new "ARM" commands to the "classic" version half-way through -- this is likely part of my problem, but I've had no luck in coming up with better commands.
Update:
This seems to do the trick:
# Verify that the OS VHD does not already exist
write-output("Checking for blocking VHD's ...")
$storageContext = (Get-AzureRmStorageAccount | Where-Object{$_.StorageAccountName -match $azureStorage}).Context
$storageBlob = Get-AzureStorageBlob -Context $storageContext -Container "vhds"
$vhdList = $storageBlob | Where-Object{$_.Name -match "$hostname"}
if ($vhdList) {
write-output("There is an existing VHD blocking host ""$hostname"" in storage container ""$($storageContext.BlobEndPoint)vhds""):")
foreach($vhdName in $vhdList.Name) {
write-output("- $vhdName")
}
[System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") | out-null
$answer = [System.Windows.Forms.MessageBox]::Show("There is an existing VHD blocking host ""$hostname"" in storage container ""$($storageContext.BlobEndPoint)vhds"").`nDo you wish to remove the existing VHD file?" , "Create New VM" , $MB_YESNO)
if ($answer -eq "YES" ) {
# Remove VHD files
foreach($diskName in $vhdList.Name) {
write-output("- Removing VHD ""$diskName""")
Remove-AzureStorageBlob -Blob $diskName -Container "vhds" -Context $storageContext
}
write-output("Checked for blocking VHD's ... [OK]")
} else {
exit(331)
}
}
回答1:
The general wisdom of Azure Resource Management is that you stop thinking about resources in atomic units, like VMs, storage, networks, and instead you start thinking of them as a group of resources. A resource group, as it were ;)
The theory is that you create a template that creates an entire deployment in a single go, either via Rest, Powershell, or template file.
then instead of deleting the VM and recreating it, you delete the entire Resource Group, and run the deployment again and you'll be back to exactly where you were.
It does make the whole thing much more manageable, and allows for much more complex builds.
Using that model, if you delete the entire resource group, then all of the underlying resources, blobs, storage accounts, networks will be deleted.
So, on to your problem.
Azure doesn't create disks in the same way that classic manager did. Basically you point the machine to a blob vhd and that's it. So the problem with your command is that there isn't any disk to delete.
So the command you would want
Remove-AzureStorageBlob -Blob $diskname -Container vhds -Context $context
回答2:
Check server clock and client clock
The storage services ensure that a request is no older than 15 minutes by the time it reaches the service. This guards against certain security attacks, including replay attacks. When this check fails, the server returns response code 403 (Forbidden).
来源:https://stackoverflow.com/questions/35204554/removing-vhds-from-azure-resource-manager-after-removing-vm