Getting Started with Azure Image Builder

Azure Image Builder is a great tool for creating customized images for your Azure Virtual Machines. It allows you to create images from scratch or from existing images, and customize them with your own settings and configurations.

To get started with Azure Image Builder, you'll first need to create a resource group in your Azure subscription. This will serve as the container for your image builder resources.

You can create a resource group using the Azure portal, Azure CLI, or Azure PowerShell. Azure Image Builder supports both Windows and Linux images, and you can choose the image type that best suits your needs.

Once you have a resource group set up, you can create an image builder configuration that defines the settings for your image. This includes specifying the source image, the image name, and the configuration for your image.

To prepare for Azure Image Builder, you'll need to install the Stable DevOps task from the Visual Studio Marketplace. This is a crucial step that will enable you to use DevOps with VM Image Builder.

You'll also need to have an Azure DevOps Services account and a Build Pipeline created. This will provide the foundation for your Azure Image Builder setup.

To use DevOps with VM Image Builder, you'll need to nest the template within an Azure Resource Manager task, and use Azure CLI or PowerShell tasks.

Here are the specific requirements you'll need to meet:

To create the storage account, you can use Azure PowerShell or the Azure CLI. Here's an example of how to create a storage account using Azure PowerShell:

```powershell

$timeInt=$(get-date -UFormat "%s")

$storageAccName="aibstorage"+$timeInt

$location=westus

New-AzStorageAccount -ResourceGroupName $strResourceGroup -Name $storageAccName -Location $location -SkuName Standard_LRS

```

To set up Azure Image Builder, you need to log in to Azure using the CLI. This step is crucial for accessing the Azure Image Builder service.

First, you need to enable the Azure Image Builder provider, which allows you to use the service to build custom images.

Next, create a resource group that will hold your image. This resource group will store all the resources used during the Azure Image Builder process.

To use the Azure Image Builder service, you need to assign it access to your image resource group. This ensures that the service can perform the necessary actions to build your custom image.

Here's a summary of the steps to set up Azure Image Builder:

The Azure Image Builder process involves generating a unique version number, which is a major.minor.revision combination required for Azure Compute Galleries.

This version number is used to submit the Azure Image Builder template with a unique name to the Azure Image Builder service.

The template is uploaded to Azure storage blob container, along with the baseline configuration file(s), and a SAS URL is generated for use during deployment.

The Azure Image Builder template is submitted with the unique version number, which is then used to create the image version in Azure Compute Galleries.

Here's a summary of the build-wvd-aib-multi-image process:

After the process is completed, you'll see the image version in your image definitions within Azure Compute Galleries.

Templates are a crucial part of the Azure Image Builder process, allowing you to define the configuration of your new VM image.

An Image Template is essentially a file that answers three major questions: what's the source of your new VM image, what customizations do you want to perform, and where do you want to store or distribute your new VM image.

You can create an Image Template directly in the Azure Portal, or use Infrastructure as Code (IaC) tools like Bicep, ARM Templates, or Terraform.

The three questions an Image Template answers are:

To create a template, you'll need to define the customize section, which is where you'll specify the commands to execute on the image.

You can use a template like baseKubernetes.json, which defines the type, api version, location, and tags of your image.

The customize section is where you'll break down complex tasks into smaller, more manageable steps, making it easier to modify the template in the future.

In the customize section, you can use placeholder values and replace them with environment variables, as shown in the snippet.

The Provisioner is a crucial part of the image building process, allowing you to customize your images with ease.

Initially, there are two customizers supported: Shell and PowerShell. Only inline scripts are supported, so you can't download scripts from an external source. If you need to download scripts, you can pass inline commands to do so.

You can use inline scripts to customize your images, but keep in mind that only Shell and PowerShell customizers are supported. This means you'll need to write your scripts using one of these two languages.

Here are the supported customizers:

Remember, if you want to download scripts, you can pass inline commands to do so, even though only inline scripts are supported. This will allow you to customize your images with the scripts you need.

To use the Azure Image Builder service, you'll need to create a User-Assigned Managed Identity. This Identity is required at the Image Template scope and is used for tasks like reading source Images and accessing Azure Storage Accounts.

You can only assign one Identity for this purpose, but you can use the same Managed Identity for other tasks as well. For example, you can use it to access KeyVault or other Azure resources if needed.

Here are the permissions needed for the Managed Identity to create Managed Images and/or Image Versions:

You can also assign one or more Identities to be attached to the temporary VM that is used to build your image, which is useful if your Customizer scripts need to access KeyVault or other Azure resources.

You can configure the created VM to be in a specific virtual network by providing the resource ID of a pre-existing subnet in the VNet Configuration (Optional) input field. This allows for more control over the network setup of your VM.

Azure VM Image Builder service supports connecting to your existing virtual networks, enabling you to connect your configuration servers, file shares, or other routable servers or services for quicker image building pipeline deployment on Azure.

You can distribute images and scale globally with the Azure Shared Image Gallery, and apply your images across your deployments worldwide. This is especially useful for organizations with a large presence across different regions.

When choosing a location for your VM Image Builder, it's essential to select a region where the source images are present.

The location is the region where VM Image Builder will run, and only a set number of regions are supported.

This means that if you're using Azure Compute Gallery, a replica must exist in that region, so make sure to check the availability of your source images in the desired location.

You can choose a region based on factors such as proximity to your users, data residency requirements, or cost considerations.

To create a storage account, select the one you created during the prerequisites. If it's not visible, VM Image Builder may not have the necessary permissions.

Storage accounts are crucial for storing build artifacts from the repo. You can create a container called imagebuilder-vststask, where these artifacts will be stored.

The build process relies on this storage account to function correctly. Make sure you have the correct permissions to access it.

VM Image Builder creates a container for storing build artifacts, which is a key part of the build process.

Virtual Network Support is a crucial aspect of Azure VM Image Builder service. You can configure the created VM to be in a specific virtual network.

To do this, you need to provide the resource ID of a pre-existing subnet in the VNet Configuration (Optional) input field. If no specific virtual network needs to be used, simply omit the resource ID.

This feature allows you to connect your existing configuration servers, file shares, or any other routable servers or services for quicker image building pipeline deployment on Azure.

The total length of an image build is a fixed value of 240 minutes in the DevOps pipeline task.

You can't change this default value directly in the task, but there's a workaround.

If you need to increase the build time, consider using an Azure CLI task in the release pipeline.

This task can be configured to copy a template and submit it, as shown in the example solution "Use environment variables and parameters with VM Image Builder".

For a more detailed approach, you can also use Azure PowerShell.

You can override the default VM size setting to reduce total customization time. This is especially useful if you need to create images that depend on specific VM sizes.

The default VM size is Standard_D1_v2, but you can choose from other options like GPU or HPC for certain use cases.

You might want to create images that depend on GPU for graphics processing unit tasks, or HPC for high-performance computing.