Create a new VM image from an existing image by using Azure VM Image Builder in Linux
Applies to: ✔️ Linux VMs ✔️ Flexible scale sets
In this article, you learn how to update an existing image version in an Azure Compute Gallery (formerly Shared Image Gallery) and publish it to the gallery as a new image version.
To configure the image, you use a sample JSON template, helloImageTemplateforSIGfromSIG.json.
Register the providers
To use VM Image Builder, you need to register the providers.
Check your provider registrations. Make sure that each one returns Registered.
az provider show -n Microsoft.VirtualMachineImages | grep registrationState az provider show -n Microsoft.KeyVault | grep registrationState az provider show -n Microsoft.Compute | grep registrationState az provider show -n Microsoft.Storage | grep registrationState az provider show -n Microsoft.Network | grep registrationState az provider show -n Microsoft.ContainerInstance | grep registrationState
If they don't return Registered, register the providers by running the following commands:
az provider register -n Microsoft.VirtualMachineImages az provider register -n Microsoft.Compute az provider register -n Microsoft.KeyVault az provider register -n Microsoft.Storage az provider register -n Microsoft.Network az provider register -n Microsoft.ContainerInstance
Set variables and permissions
If you've already created an Azure Compute Gallery by using Create an image and distribute it to an Azure Compute Gallery, you've already created some of the variables you need.
If you haven't already created the variables, run the following commands:
# Resource group name sigResourceGroup=ibLinuxGalleryRG # Gallery location location=chinanorth3 # Additional region to replicate the image version to additionalregion=chinanorth # Name of the Azure Compute Gallery sigName=myIbGallery # Name of the image definition to use imageDefName=myIbImageDef # image distribution metadata reference name runOutputName=aibSIGLinuxUpdate
Create a variable for your subscription ID:
subscriptionID=$(az account show --query id --output tsv)
Get the image version that you want to update:
sigDefImgVersionId=$(az sig image-version list \ -g $sigResourceGroup \ --gallery-name $sigName \ --gallery-image-definition $imageDefName \ --subscription $subscriptionID --query [].'id' -o tsv)
Create a user-assigned identity and set permissions on the resource group
You've set up the user identity in an earlier example, so now you need to get the resource ID, which will be appended to the template.
#get identity used previously
imgBuilderId=$(az identity list -g $sigResourceGroup --query "[?contains(name, 'aibBuiUserId')].id" -o tsv)
If you already have an Azure Compute Gallery but didn't set it up by following an earlier example, you need to assign permissions for VM Image Builder to access the resource group so that it can access the gallery. For more information, see Create an image and distribute it to an Azure Compute Gallery.
Modify the helloImage example
You can review the JSON example you're about to use at helloImageTemplateforSIGfromSIG.json. For information about the JSON file, see Create an Azure VM Image Builder template.
Download the JSON example, as shown in Create a Linux image and distribute it to an Azure Compute Gallery by using the Azure CLI.
Configure the JSON with your variables:
curl https://raw.githubusercontent.com/azure/azvmimagebuilder/master/quickquickstarts/8_Creating_a_Custom_Linux_Shared_Image_Gallery_Image_from_SIG/helloImageTemplateforSIGfromSIG.json -o helloImageTemplateforSIGfromSIG.json sed -i -e "s/<subscriptionID>/$subscriptionID/g" helloImageTemplateforSIGfromSIG.json sed -i -e "s/<rgName>/$sigResourceGroup/g" helloImageTemplateforSIGfromSIG.json sed -i -e "s/<imageDefName>/$imageDefName/g" helloImageTemplateforSIGfromSIG.json sed -i -e "s/<sharedImageGalName>/$sigName/g" helloImageTemplateforSIGfromSIG.json sed -i -e "s%<sigDefImgVersionId>%$sigDefImgVersionId%g" helloImageTemplateforSIGfromSIG.json sed -i -e "s/<region1>/$location/g" helloImageTemplateforSIGfromSIG.json sed -i -e "s/<region2>/$additionalregion/g" helloImageTemplateforSIGfromSIG.json sed -i -e "s/<runOutputName>/$runOutputName/g" helloImageTemplateforSIGfromSIG.json sed -i -e "s%<imgBuilderId>%$imgBuilderId%g" helloImageTemplateforSIGfromSIG.json
Create the image
Submit the image configuration to the VM Image Builder service:
az resource create \ --resource-group $sigResourceGroup \ --properties @helloImageTemplateforSIGfromSIG.json \ --is-full-object \ --resource-type Microsoft.VirtualMachineImages/imageTemplates \ -n helloImageTemplateforSIGfromSIG01
Start the image build:
az resource invoke-action \ --resource-group $sigResourceGroup \ --resource-type Microsoft.VirtualMachineImages/imageTemplates \ -n helloImageTemplateforSIGfromSIG01 \ --action Run
Wait for the image to be built and replicated before you move along to the next step.
Create the VM
Create the VM by doing the following:
az vm create \ --resource-group $sigResourceGroup \ --name aibImgVm001 \ --admin-username azureuser \ --location $location \ --image "/subscriptions/$subscriptionID/resourceGroups/$sigResourceGroup/providers/Microsoft.Compute/galleries/$sigName/images/$imageDefName/versions/latest" \ --generate-ssh-keys
Create a Secure Shell (SSH) connection to the VM by using the public IP address of the VM.
ssh azureuser@<pubIp>
After the SSH connection is established, you should receive a "Message of the Day" saying that the image was customized:
******************************************************* ** This VM was built from the: ** ** !! AZURE VM IMAGE BUILDER Custom Image !! ** ** You have just been Customized :-) ** *******************************************************
Type
exit
to close the SSH connection.To list the image versions that are now available in your gallery, run:
az sig image-version list -g $sigResourceGroup -r $sigName -i $imageDefName -o table
Next steps
To learn more about the components of the JSON file that you used in this article, see Create an Azure VM Image Builder template.