Create a Linux virtual machine in Azure with PowerShell

Create a Linux virtual machine in Azure with PowerShell

Ali Bin Akhtar Ali Bin Akhtar

Ali Bin Akhtar

RedHat OpenShift Architect, RedHat ODF, RedHat OpenShift Virtualization, OpenShift ACM/ACS, DevOps, Cloud, Azure, AKS, VMware, Docker/Podman.

Published Nov 1, 2020
+ Follow

Create an SSH key pair

Use ssh-keygen to create an SSH key pair. If you already have an SSH key pair, you can skip this step.

>ssh-keygen -m PEM -t rsa -b 4096

Open PowerShell with administrative rights and type this command

>Connect-AzAccount

Give registered email and password for Azure authentication.

Create the resource group:

>New-AzResourceGroup -Name AliTest -Location  SouthCentralUS

No alt text provided for this image

A new resource group has been created.

Create virtual network resources:

Create a virtual network, subnet, and a public IP address. These resources are used to provide network connectivity to the VM and connect it to the internet:

# Create a subnet configuration

$subnetConfig = New-AzVirtualNetworkSubnetConfig `

 -Name "mySubnet" `

 -AddressPrefix 192.168.1.0/24

#Create a virtual network

$vnet = New-AzVirtualNetwork `

 -ResourceGroupName "AliTest" `

 -Location "SouthCentralUS" `

 -Name "myVNET" `

 -AddressPrefix 192.168.0.0/16 `

 -Subnet $subnetConfig

#Create a public IP address and specify a DNS name

$pip = New-AzPublicIpAddress `

 -ResourceGroupName "AliTest" `

 -Location "SouthCentralUS" `

 -AllocationMethod Static `

 -IdleTimeoutInMinutes 4 `

 -Name "mypublicdns$(Get-Random)"

Vnet and Subnet have been created.

No alt text provided for this image
No alt text provided for this image

Create network security group:

Create an Azure Network Security Group and traffic rule. The Network Security Group secures the VM with inbound and outbound rules. In the following example, an inbound rule is created for TCP port 22 that allows SSH connections. To allow incoming web traffic, an inbound rule for TCP port 80 is also created.

#Create an inbound network security group rule for port 22

$nsgRuleSSH = New-AzNetworkSecurityRuleConfig `

 -Name "myNetworkSecurityGroupRuleSSH" `

 -Protocol "Tcp" `

 -Direction "Inbound" `

 -Priority 1000 `

 -SourceAddressPrefix * `

 -SourcePortRange * `

 -DestinationAddressPrefix * `

 -DestinationPortRange 22 `

 -Access "Allow"

#Create an inbound network security group rule for port 80

$nsgRuleWeb = New-AzNetworkSecurityRuleConfig `

 -Name "myNetworkSecurityGroupRuleWWW" `

 -Protocol "Tcp" `

 -Direction "Inbound" `

 -Priority 1001 `

 -SourceAddressPrefix * `

 -SourcePortRange * `

 -DestinationAddressPrefix * `

 -DestinationPortRange 80 `

 -Access "Allow"

# Create a network security group

$nsg = New-AzNetworkSecurityGroup `

 -ResourceGroupName "AliTest" `

 -Location "SouthCentralUS" `

 -Name "myNetworkSecurityGroup" `

 -SecurityRules $nsgRuleSSH,$nsgRuleWeb

No alt text provided for this image

Create a virtual network card and associate with a public IP address and NSG:

$nic = New-AzNetworkInterface `

 -Name "myNic" `

 -ResourceGroupName "AliTest" `

 -Location "SouthCentralUS" `

 -SubnetId $vnet.Subnets[0].Id `

 -PublicIpAddressId $pip.Id `

 -NetworkSecurityGroupId $nsg.Id

No alt text provided for this image

Create a virtual machine:

To create a VM in PowerShell, you create a configuration that has settings like the image to use, size, and authentication options. Then the configuration is used to build the VM.

Define the SSH credentials, OS information, and VM size. In this example, the SSH key is stored in ~/.ssh/id_rsa.pub.

# Define a credential object

$securePassword = ConvertTo-SecureString ' ' -AsPlainText -Force

$cred = New-Object System.Management.Automation.PSCredential ("azureuser", $securePassword)

# Create a virtual machine configuration

$vmConfig = New-AzVMConfig `

 -VMName "myVM" `

 -VMSize "Standard_D1" | `

Set-AzVMOperatingSystem `

 -Linux `

 -ComputerName "myVM" `

 -Credential $cred `

 -DisablePasswordAuthentication | `

Set-AzVMSourceImage `

 -PublisherName "Canonical" `

 -Offer "UbuntuServer" `

 -Skus "18.04-LTS" `

 -Version "latest" | `

Add-AzVMNetworkInterface `

 -Id $nic.Id

# Configure the SSH key

$sshPublicKey = cat ~/.ssh/id_rsa.pub

Add-AzVMSshPublicKey `

 -VM $vmconfig `

 -KeyData $sshPublicKey `

 -Path "/home/azureuser/.ssh/authorized_keys"

No alt text provided for this image

Now, combine the previous configuration definitions to create with New-AzVM:

New-AzVM `

 -ResourceGroupName "AliTest" `

 -Location SouthCentralUS -VM $vmConfig

Connect to the VM:

Create an SSH connection with the VM using the public IP address. To see the public IP address of the VM, use the Get-AzPublicIpAddress cmdlet:

>Get-AzPublicIpAddress -ResourceGroupName "AliTest" | Select "IpAddress"

Using the same shell you used to create your SSH key pair, paste the following command into the shell to create an SSH session. Replace 10.111.12.123 with the IP address of your VM.

>ssh azureuser@10.111.12.123

No alt text provided for this image
No alt text provided for this image







Ali Bin Akhtar

RedHat OpenShift Architect, RedHat ODF, RedHat OpenShift Virtualization, OpenShift ACM/ACS, DevOps, Cloud, Azure, AKS, VMware, Docker/Podman.

4y

Babar Zahoor

Like
Reply

To view or add a comment, sign in

More articles by Ali Bin Akhtar

See all articles

Insights from the community

Others also viewed

Explore topics