How To Get Started Automating Azure Infrastructure As A Service with PowerShell Step-By-Step
Getting Started with PowerShell for Azure
Install PowerShell Azure Module: The first thing we have to do is download the Azure PowerShell Module. You can get to it from http://azure.microsoft.com/en-us/downloads/ (uses Web Platform Installer) Click on install and follow the prompts.
Run Azure Powershell: that you have installed the module, you should be able to click the Start button and start typing “PowerShell”. You should new see an option for “Microsoft Azure PowerShell” click on it. This window will have the Azure Module already installed.
Authenticate PowerShell to Azure: This is kind-of like telling PowerShell how to login to Azure. There are two was to authenticate azure to PowerShell.
- Username and Password: to authenticate type the command:
Add-AzureAccount
this will pop open a web browser and ask for you to login. Enter your azure login information. Once complete you PowerShell session will be connected to your Azure account. - Computer Certificate Authentication: I am a fan of using certificates, to authenticate. To do this you have to download the certificate from Azure then import it. The Following commands are needed:
- Get-AzurePublishSettingsFile
This will open a browser, connect to Azure and prompt you to save the certificate. Once complete, run the next command. - import-AzurePublishSettingsFile –PublishSettingsFile “<FileLocationPath\FileName.publishsettings>”
Replace the value in quotes above with your actual filename and path.
- Get-AzurePublishSettingsFile
- If you previously ran Add-AzureAccount and now want to use the certificate, go ahead and import the certificate, then run
Remove-AzureAccount
PowerShell is smart enough to know when you run Remove-AzureAccount and you have an authentication certificate and a token (from add-AzureAccount) that you want to remove the token.
If you need more help with authentication, see How To Remove Azure Accounts (Cached Credentials) From PowerShell Remove-AzureAccount for ALL Accounts Step-By-Step
- Username and Password: to authenticate type the command:
Select the default subscription:
Get-AzureSubscription
the above will list available subscriptions. Use the Subscription Name in the next line
Set-AzureSubscription “Subscription Name”Confirm Connection: To confirm all authentication is working simply list a service. VMs will do
Get-AzureVM
If the above line does not throw an error, you are all set
Basic Azure Services – Infrastructure
#Cloud Service
A cloud service is a wrapper around a service or group of services in Azure. It is the wrapper that provides some isolation as well as a public IP address for the services contained within. To create a service:
New-AzureService -Location “East US 2” -ServiceName “UniqueServiceName”
Update the variables with the Names you want to use. For the location, it must be Exactly the way it is listed in the drop-down for location in Azure. The ServiceName is used for the Public DNS name so it must be unique for ALL OF AZURE, not just your account.
#Network
The network is much more work. There are new network commands you can import into PowerShell to make working with networks much easier. Azure Networking PowerShell Module can be download at https://gallery.technet.microsoft.com/Azure-Networking-e52cbf92. You can also use this module to configure the same network being used by PaaS Services.
In my case, I want to just do it with the basic commands that are standard with Azure PowerShell. What I need to do is create a configuration file, then create the network using that configuration file. This is what that might look like
#region Create Network
# let’s set some default values
Cd “C:\_ITCamp” # This is the path I want to use
$ITCPath = ((Get-Item -Path “.\”).FullName + “\”) #Set the default value for path (Current Folder)
$ITCNetConfig = “ITC-VNET.config” # This is the name of the file we will be creating
$ITCLocation = “East US 2″ # What Region do you want to use for your infrastructure?
$ITCNetworkName = “ITC-VNet” # What do you want the name of your network to be?#region Create network Configuration File
$WritePath = $ITCPath + $ITCNetConfig #Concatinate the path and filename for the config file
Write-Host “Creating Network Configuration File” $WritePath -ForegroundColor Green
#Notice below that the $ITCLocation and the $ITCNetworkName variables are embedded and we are doing it in a multi-line string.
$NetConfig = ‘<?xml version=”1.0″ encoding=”utf-8″?>
<NetworkConfiguration xmlns:xsd=”https://www.w3.org/2001/XMLSchema” xmlns:xsi=”https://www.w3.org/2001/XMLSchema-instance” xmlns=”https://schemas.microsoft.com/ServiceHosting/2011/07/NetworkConfiguration”>
<VirtualNetworkConfiguration>
<VirtualNetworkSites>
<VirtualNetworkSite name=”‘+ $ITCNetworkName+'” Location=”‘+ $ITCLocation+'”>
<AddressSpace>
<AddressPrefix>192.168.0.0/16</AddressPrefix>
</AddressSpace>
<Subnets>
<Subnet name=”AD-Production”>
<AddressPrefix>192.168.0.0/24</AddressPrefix>
</Subnet>
<Subnet name=”AD-Production-Static”>
<AddressPrefix>192.168.11.0/24</AddressPrefix>
</Subnet>
</Subnets>
</VirtualNetworkSite>
</VirtualNetworkSites>
</VirtualNetworkConfiguration>
</NetworkConfiguration>’
$NetConfig # display the contents of our file
$SaveFile = $NetConfig # Not needed, just copying to a new variable name to make it easier to understand
$fso = new-object -comobject scripting.filesystemobject
$file = $fso.CreateTextFile($WritePath,$true) # Create file; will overwrite any existing file
$file.write($SaveFile) # Write the contents of the file & commit
$file.close() # Close the file
#endregion Create Network Configuration FileWrite-Host (Get-Date) -ForegroundColor Green
Write-Host “Create Network …” $ITCNetworkName -ForegroundColor Green
Set-AzureVNetConfig -ConfigurationPath $WritePath
#endregion Create Network
#Storage Account
# Create Storage Account
New-AzureStorageAccount -Location “<Location/Region>” -StorageAccountName “UniqueLowerCaseAlphaNumeric” -Type “Standard_LRS”
-Location = Region and must match Azure Region List
-Type “Standard_LRS” is Local Redundant Storage
-Type <String>
Specifies the type of the storage account. Valid values are
Standard_LRS
Standard_ZRS
Standard_GRS
Standard_RAGRS
If this parameter is not specified, a default value of Standard_GRS is used
Note:
Standard_ZRS accounts cannot be changed to other account types, and vice versa.# Set Default Storage:
In order to use a storage account, you have to set it as the default. You do that with the Set-AzureSubscription command
Set-AzureSubscription –SubscriptionName “<Subscription Name>” -CurrentStorageAccount “<StorageAccountName>”
# Virtual Machine Images
Creating a virtual machine with powershell requires you to select a in image. If you want to use an image from the gallery you can browse the list but it is a very long list. You can determine the list of images with the Get-AzureImage command. However, it is so long that it is hard to read. A better Approach might be to write it out like below.
$i = 0 ;
foreach ($element in Get-AzureVMImage) {
Write-Host ($i.ToString() + “::” +$element.label + ” <” + $element.ImageName.ToString()+”>”)
$i ++
}If you want to display all information for all images, you could simply run
Get-AzureVmImage
Howevever, you might be better off dumping it into a text file and then opening the text file with notepad. This way you could easily search for what you are looking for.
That might look something like thisGet-AzureVMImage > AzureVMImage.txt
Notepad.exe AzureVMImage.txtIf you prefer to just cheat and use a standard Windows Server 2012 R2 image the ImageName would be: “a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-R2-201412.01-en.us-127GB.vhd”
You can also call ##
(Get-AzureVMImage)[163].ImageName
Where 163 is the image number (which you have from the list above) CAUTION: the numbers change as new images are added so you will have to check the number regularly if you use this method.
# Create Virtual Machine
•New-AzureVMConfig – Creates a new virtual machine configuration object. This object can then be used to perform a new deployment, as well as to add a new virtual machine to an existing deployment.
•Add-AzureProvisioningConfig Adds the provisioning configuration to a Microsoft Azure virtual machine
•Set-AzureSubnet sets the subnet list for a virtual machine configuration
•New-AzureVM cmdlet adds a new virtual machine to an existing Microsoft Azure service, or creates a new virtual machine and service in the current subscription if either the -Location or -AffinityGroup is specified
•Example:
New-AzureVMConfig -Name <VmName> -InstanceSize Small –ImageName <ImageNameVHDString> `
| Add-AzureProvisioningConfig –Windows –Password <adminPassword> -AdminUsername <adminusername> `
| Set-AzureSubnet ‘AD-Production’ `
| New-AzureVM –ServiceName <MyServiceName> -VNetName <MyNetworkName>
Let’s put it all together and build a machine!
# note: assuming network was already created above
New-AzureService -Location “East US 2” -ServiceName “DanTestBlog0327”
New-AzureStorageAccount -Location “East US 2” -StorageAccountName “danteststore0327” -Type “Standard_LRS”
Set-AzureSubscription –SubscriptionName “Internal Consumption” -CurrentStorageAccount “danteststore0327″$MyTestVM1Name = “MyTestServer1″
$ImageName = “a699494373c04fc0bc8f2bb1389d6106__Windows-Server-2012-R2-201412.01-en.us-127GB.vhd”
$adminusername = “sysadmin”
$adminPassword = “Passw0rd!”
$ITCServiceName = “DanTestBlog0327″
$ITCNetworkName = “ITC-VNET”Write-Host “Creating … ” $MyTestVM1Name “using” ($ImageName) -ForegroundColor Green
New-AzureVMConfig -Name $MyTestVM1Name -InstanceSize Small -ImageName $ImageName `
| Add-AzureProvisioningConfig –Windows –Password $adminPassword -AdminUsername $adminusername `
| Set-AzureSubnet “AD-Production” `
| New-AzureVM –ServiceName $ITCServiceName -VNetName $ITCNetworkName