Azure ASM Compute Driver Documentation

Azure driver allows you to integrate with Microsoft Azure Virtual Machines service using the Azure Service Management (ASM) API. This is the “Classic” API, please note that it is incompatible with the newer Azure Resource Management (ARM) API, which is provideb by the azure_arm driver.


Azure Virtual Machine service allows you to launch Windows and Linux virtual servers in many datacenters across the world.

Connecting to Azure

To connect to Azure you need your subscription ID and certificate file.

Generating and uploading a certificate file and obtaining subscription ID

To be able to connect to the Azure, you need to generate a X.509 certificate which is used to authenticate yourself and upload it to the Azure Management Portal.

On Linux, you can generate the certificate file using the commands shown below:

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout azure_cert.pem -out azure_cert.pem
openssl x509 -inform pem -in azure_cert.pem -outform der -out azure_cert.cer

For information on how to generate certificate on Windows, see Create and Upload a Management Certificate for Azure page.

Once you have generated the certificate, go to the Azure Management Portal and click Settings -> Management Certificate -> Upload as shown on the screenshot below.


In the upload Windows, select the generated .cer file (azure_cert.cer).

Instantiating a driver

Once you have generated the certificate file and obtained your subscription ID you can instantiate the driver as shown below.

from libcloud.compute.types import Provider
from libcloud.compute.providers import get_driver

cls = get_driver(Provider.AZURE)
driver = cls(subscription_id="subscription-id", key_file="/path/to/azure_cert.pem")

API Docs

class, key_file=None, **kwargs)[source]

subscription_id contains the Azure subscription id in the form of GUID key_file contains the Azure X509 certificate in .pem form


Attaches volume to node.

  • node (Node) – Node to attach volume to.

  • volume (StorageVolume) – Volume to attach.

  • device (str) – Where the device is exposed, e.g. ‘/dev/sdb’




alias of AzureServiceManagementConnection

copy_image(source_region, node_image, name, description=None)

Copies an image from a source region to the current region.

  • source_region (str) – Region to copy the node from.

  • node_image (NodeImage:) – NodeImage to copy.

  • name (str) – name for new image.

  • description – description for new image.

Return type



NodeImage instance on success.

create_image(node, name, description=None)

Creates an image from a node object.

  • node (Node) – Node to run the task on.

  • name (description) – name for new image.

  • description – description for new image.

Return type



NodeImage instance on success.


Create a new key pair object.


name (str) – Key pair name.

Return type

KeyPair object

create_node(name, size, image, ex_cloud_service_name, ex_storage_service_name=None, ex_new_deployment=False, ex_deployment_slot='Production', ex_deployment_name=None, ex_admin_user_id='azureuser', ex_custom_data=None, ex_virtual_network_name=None, ex_network_config=None, auth=None, **kwargs)[source]

Create Azure Virtual Machine

Reference: []

We default to:

  • 3389/TCP - RDP - 1st Microsoft instance.

  • RANDOM/TCP - RDP - All succeeding Microsoft instances.

  • 22/TCP - SSH - 1st Linux instance

  • RANDOM/TCP - SSH - All succeeding Linux instances.

The above replicates the standard behavior of the Azure UI. You can retrieve the assigned ports to each instance by using the following private function:

_get_endpoint_ports(service_name) Returns public,private port key pair.

@inherits: NodeDriver.create_node

  • image (NodeImage) – The image to use when creating this node

  • size (NodeSize) – The size of the instance to create

  • ex_cloud_service_name (str) – Required. Name of the Azure Cloud Service.

  • ex_storage_service_name (str) – Optional: Name of the Azure Storage Service.

  • ex_new_deployment (boolean) – Optional. Tells azure to create a new deployment rather than add to an existing one.

  • ex_deployment_slot (str) – Optional: Valid values: production| staging. Defaults to production.

  • ex_deployment_name (str) – Optional. The name of the deployment. If this is not passed in we default to using the Cloud Service name.

  • ex_custom_data (str) – Optional script or other data which is injected into the VM when it’s beginning provisioned.

  • ex_admin_user_id (str) – Optional. Defaults to ‘azureuser’.

  • ex_virtual_network_name (str) – Optional. If this is not passed in no virtual network is used.

  • ex_network_config (ConfigurationSet) – Optional. The ConfigurationSet to use for network configuration


Create a new volume.

  • size (int) – Size of volume in gigabytes (required)

  • name (str) – Name of the volume to be created

  • location (NodeLocation) – Which data center to create a volume in. If empty, undefined behavior will be selected. (optional)

  • snapshot (VolumeSnapshot) – Snapshot from which to create the new volume. (optional)


The newly created volume.

Return type



Creates a snapshot of the storage volume.

  • volume (StorageVolume) – The StorageVolume to create a VolumeSnapshot from

  • name (str) – Name of created snapshot (optional)

Return type



Deletes a node image from a provider.


node_image (NodeImage) – Node image object.


True if delete_image was successful, False otherwise.

Return type



Delete an existing key pair.


key_pair (KeyPair) – Key pair object.

Return type


deploy_node(deploy, ssh_username='root', ssh_alternate_usernames=None, ssh_port=22, ssh_timeout=10, ssh_key=None, ssh_key_password=None, auth=None, timeout=300, max_tries=3, ssh_interface='public_ips', at_exit_func=None, wait_period=5, **create_node_kwargs)

Create a new node, and start deployment.

In order to be able to SSH into a created node access credentials are required.

A user can pass either a NodeAuthPassword or NodeAuthSSHKey to the auth argument. If the create_node implementation supports that kind if credential (as declared in self.features['create_node']) then it is passed on to create_node. Otherwise it is not passed on to create_node and it is only used for authentication.

If the auth parameter is not supplied but the driver declares it supports generates_password then the password returned by create_node will be used to SSH into the server.

Finally, if the ssh_key_file is supplied that key will be used to SSH into the server.

This function may raise a DeploymentException, if a create_node call was successful, but there is a later error (like SSH failing or timing out). This exception includes a Node object which you may want to destroy if incomplete deployments are not desirable.

>>> from libcloud.compute.drivers.dummy import DummyNodeDriver
>>> from libcloud.compute.deployment import ScriptDeployment
>>> from libcloud.compute.deployment import MultiStepDeployment
>>> from libcloud.compute.base import NodeAuthSSHKey
>>> driver = DummyNodeDriver(0)
>>> key = NodeAuthSSHKey('...') # read from file
>>> script = ScriptDeployment("yum -y install emacs strace tcpdump")
>>> msd = MultiStepDeployment([key, script])
>>> def d():
...     try:
...         driver.deploy_node(deploy=msd)
...     except NotImplementedError:
...         print ("not implemented for dummy driver")
>>> d()
not implemented for dummy driver

Deploy node is typically not overridden in subclasses. The existing implementation should be able to handle most such.

  • deploy (Deployment) – Deployment to run once machine is online and available to SSH.

  • ssh_username (str) – Optional name of the account which is used when connecting to SSH server (default is root)

  • ssh_alternate_usernames (list) – Optional list of ssh usernames to try to connect with if using the default one fails

  • ssh_port (int) – Optional SSH server port (default is 22)

  • ssh_timeout (float) – Optional SSH connection timeout in seconds (default is 10)

  • auth (NodeAuthSSHKey or NodeAuthPassword) – Initial authentication information for the node (optional)

  • ssh_key (str or list of str) – A path (or paths) to an SSH private key with which to attempt to authenticate. (optional)

  • ssh_key_password (str) – Optional password used for encrypted keys.

  • timeout (int) – How many seconds to wait before timing out. (default is 600)

  • max_tries (int) – How many times to retry if a deployment fails before giving up (default is 3)

  • ssh_interface (str) – The interface to wait for. Default is ‘public_ips’, other option is ‘private_ips’.

  • at_exit_func (func) –

    Optional atexit handler function which will be registered and called with created node if user cancels the deploy process (e.g. CTRL+C), after the node has been created, but before the deploy process has finished.

    This method gets passed in two keyword arguments:

    • driver -> node driver in question

    • node -> created Node object

    Keep in mind that this function will only be called in such scenario. In case the method finishes (this includes throwing an exception), at exit handler function won’t be called.

  • wait_period (int) – How many seconds to wait between each iteration while waiting for node to transition into running state and have IP assigned. (default is 5)

destroy_node(node, ex_cloud_service_name=None, ex_deployment_slot='Production')[source]

Remove Azure Virtual Machine

This removes the instance, but does not remove the disk. You will need to use destroy_volume. Azure sometimes has an issue where it will hold onto a blob lease for an extended amount of time.

  • ex_cloud_service_name (str) – Required. Name of the Azure Cloud Service.

  • ex_deployment_slot (str) – Optional: The name of the deployment slot. If this is not passed in we default to production.


Destroys a storage volume.


volume (StorageVolume) – Volume to be destroyed

Return type



Destroys a snapshot.


snapshot (VolumeSnapshot) – The snapshot to delete

Return type



Detaches a volume from a node.


volume (StorageVolume) – Volume to be detached

Return type


ex_create_cloud_service(name, location, description=None, extended_properties=None)[source]

Create an azure cloud service.

  • name (str) – Name of the service to create

  • location (str) – Standard azure location string

  • description (str) – Optional description

  • extended_properties (dict) – Optional extended_properties

Return type


ex_create_storage_service(name, location, description=None, affinity_group=None, extended_properties=None)[source]

Create an azure storage service.

  • name (str) – Name of the service to create

  • location (str) – Standard azure location string

  • description (str) – (Optional) Description of storage service.

  • affinity_group (str) – (Optional) Azure affinity group.

  • extended_properties (dict) – (Optional) Additional configuration options support by Azure.

Return type



Delete an azure cloud service.


name (str) – Name of the cloud service to destroy.

Return type



Destroy storage service. Storage service must not have any active blobs. Sometimes Azure likes to hold onto volumes after they are deleted for an inordinate amount of time, so sleep before calling this method after volume deletion.


name (str) – Name of storage service.

Return type


ex_set_instance_endpoints(node, endpoints, ex_deployment_slot='Production')[source]

For example:

endpoint = ConfigurationSetInputEndpoint(
    'name': 'SSH',
    'protocol': 'tcp',
    'port': port,
    'local_port': '22'
features = {'create_node': ['password']}
List of available features for a driver.

Returns a single node image from a provider.


image_id (str) – Node to run the task on.

:rtype NodeImage: :return: NodeImage instance on success.


Retrieve a single key pair.


name (str) – Name of the key pair to retrieve.

Return type


import_key_pair_from_file(name, key_file_path)

Import a new public key from string.

  • name (str) – Key pair name.

  • key_file_path (str) – Path to the public key file.

Return type

KeyPair object

import_key_pair_from_string(name, key_material)

Import a new public key from string.

  • name (str) – Key pair name.

  • key_material (str) – Public key material.

Return type

KeyPair object


Lists all images

Return type

list of NodeImage


List all the available key pair objects.

Return type

list of KeyPair objects


Lists all locations

Return type

list of NodeLocation


List all nodes

ex_cloud_service_name parameter is used to scope the request to a specific Cloud Service. This is a required parameter as nodes cannot exist outside of a Cloud Service nor be shared between a Cloud Service within Azure.


ex_cloud_service_name (str) – Cloud Service name

Return type

list of Node


Lists all sizes

Return type

list of NodeSize


List snapshots for a storage volume.

Return type

list of VolumeSnapshot


Lists volumes of the disks in the image repository that are associated with the specified subscription.

Pass Node object to scope the list of volumes to a single instance.

Return type

list of StorageVolume

reboot_node(node, ex_cloud_service_name=None, ex_deployment_slot=None)[source]

Reboots a node.

ex_cloud_service_name parameter is used to scope the request to a specific Cloud Service. This is a required parameter as nodes cannot exist outside of a Cloud Service nor be shared between a Cloud Service within Azure.

  • ex_cloud_service_name (str) – Cloud Service name

  • ex_deployment_slot (str) – Options are “production” (default) or “Staging”. (Optional)

Return type


class service_location(is_affinity_group, service_location)

Create new instance of service_location(is_affinity_group, service_location)

count(value, /)

Return number of occurrences of value.

index(value, start=0, stop=9223372036854775807, /)

Return first index of value.

Raises ValueError if the value is not present.

property is_affinity_group

Alias for field number 0

property service_location

Alias for field number 1


Start a node.


node (Node) – The node to be started


True if the start was successful, otherwise False

Return type



Stop a node


node (Node) – The node to be stopped.


True if the stop was successful, otherwise False

Return type


wait_until_running(nodes, wait_period=5, timeout=600, ssh_interface='public_ips', force_ipv4=True, ex_list_nodes_kwargs=None)

Block until the provided nodes are considered running.

Node is considered running when it’s state is “running” and when it has at least one IP address assigned.

  • nodes (list of Node) – List of nodes to wait for.

  • wait_period (int) – How many seconds to wait between each loop iteration. (default is 3)

  • timeout (int) – How many seconds to wait before giving up. (default is 600)

  • ssh_interface (str) – Which attribute on the node to use to obtain an IP address. Valid options: public_ips, private_ips. Default is public_ips.

  • force_ipv4 (bool) – Ignore IPv6 addresses (default is True).

  • ex_list_nodes_kwargs (dict) – Optional driver-specific keyword arguments which are passed to the list_nodes method.


[(Node, ip_addresses)] list of tuple of Node instance and list of ip_address on success.

Return type

list of tuple