it professionals 03 | managing windows azure virtual machines from powershell david tesar |...

IT Professionals

03 | Managing Windows Azure Virtual Machines from PowerShell

David Tesar | Microsoft Technical Evangelist

David Aiken | Microsoft Group Technical Product Manager

1

PowerShell for Automation and Advanced Management

Automation

Query, manage and configure at scale:

Virtual Machines

Storage across multiple subscriptions and storage accounts

Tiered deployment workflows

Virtual Machines

Configure storage and networking

Domain join to AD on-premises

Bring your own machine images or disks

Use remote PowerShell

Virtual Network

Configure Virtual Network

Manage configuration and gateway

Connect to on-premises networks

Storage

Upload & download VHDs from storage accounts to on-premises

Copy VHDs between storage accounts and subscriptions

For many customers and partners, scripting and automation is the key to efficient operations. Fear not! Microsofts popular task automation framework PowerShell is available for use with Windows Azure as well. Whether you want to automate provisioning of lots and lots of Virtual Machines or configure your Virtual Network settings through scripts, PowerShell cmdlets are ready for you. You can download PowerShell cmdlets from http://www.windowsazure.com/en-us/downloads/ to get started.

You can configure and manage all 3 elements of infrastructure services (IaaS) with PowerShell: Virtual Machines, Virtual Network and Storage. When you want to upload custom VHDs into Windows Azure or bring your images back to on-premises, at scale, use PowerShell. When you are working across many Windows Azure subscriptions and need to copy VHDs in between, use PowerShell. Or when you want to convert images virtualized with VMware (VMDK format) into VHD to run in Virtual Machines, use the Microsoft Virtual Machine Converter (MVMC Toolkit) first and then upload the converted images using PowerShell cmdlets.

PowerShell is here to help increase your productivity, and to give you advanced management options.

Build 2012

2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5/16/2013

2

Demo

Initial PowerShell setup and configuration

Create Virtual Machine using PowerShell

Remote PS into Virtual Machine

http://aka.ms/GithubHOL-ProvisioningAWindowsAzureVMPS

Agenda

Getting Started

Virtual Machine Management

Disk and Image Repository

Configuring Virtual Networks

4

What can you do with PowerShell?

Automation

Query, Manage and Configure Virtual Machines across multiple subscriptions, cloud services and storage accounts.

Virtual Networking

Completely Configure VNETs from a Script

Provision Fully Configured Virtual Machines

Domain Joined

Storage and Networking Configured

5

Setting up your Subscription

Use: Get-AzurePublishSettingsFile and Import-AzurePublishSettingsFile

To Import Downloaded Publish Profile (.publishsettings)

http://windows.azure.com/download/publishprofile.aspx

Automatically configures Subscription ID, Certificate, Service Endpoint and Subscription Name.

Slide Objectives:

Explain how to setup a subscription

Notes:

The .publishsettings file contains your subscription information, the service endpoint, subscription name and certificate. Once downloaded the Import-AzurePublishSettingsFile cmdlet will install the certificate and configure your PowerShell environment.

6

Manual Configuration of Subscription

Associate Certificate and Subscription ID

$cert = Get-Item cert:\CurrentUser\My\CERTTHUMBPRINT

Set-AzureSubscription 'mysub' -Certificate $cert -SubscriptionID $id

Slide Objectives:

Use this method if you want to specify a certificate that you have created on your own.

7

Subscription Management

Subscription Settings Persisted

C:\Users\user\AppData\Roaming\Windows Azure Powershell

Subscription Example

13d83b03-6d06-4770-943c-3d46766c3a35

2AC8112B34CC840A30B9C2716AE840D5DC107510

https://management.core.windows.net/

Slide Objectives:

Explain where subscription settings are persisted

Notes:

The subscription XML file supports multiple subscriptions. You can use a single PowerShell session to administer VMs and services across all of your configured subscriptions.

8

Switching Between Subscription Settings

Multiple Subscription Support

Get-AzureSubscription | foreach {

Select-AzureSubscription $_.SubscriptionName

# Perform Management Operation Against Each Subscription

}

Slide Objectives:

Explain how to switch contexts when scripting against multiple subscriptions

Notes:

Get-AzureSubscription returns all configured subscriptions and Select-AzureSubscription sets the current subscription

9

Setting the current storage account

Returns Storage Account

Get-AzureStorageAccount | Select StorageAccountName

Cmdlets like New-AzureQuickVM will use this Account

Sets the Current Storage Account

Set-AzureSubscription 'somesub1' -CurrentStorageAccount 'mystorage

Slide Objectives:

Explain how to set the current storage account that the cmdlets will use.

Notes:

Certain cmdlets like New-AzureVM or New-AzureQuickVM require the user to specify the storage account to use. Since each subscription can contain multiple storage accounts the property name to set is CurrentStorageAccount. This allows you to easily change the storage account for the next operation.

10

Information Needed to create a VM

Image Name

Get-AzureVMImage | select ImageName

Disk Name

Get-AzureDisk | select DiskName

Data Center Location

Get-AzureLocation

Slide Objectives:

To create a VM you either need to start with an Image or Disk and specify the location where to place the VM.

11


Quick VM Provisioning Mode

Supports VM Creation in a Single Cmdlet

Create Multiple Pre-Defined VMs in a Batch

New-AzureVM -VMs $vm1, $vm2, $vm3

Advanced Provisioning Configuration Mode

Provision With: Endpoints, Data Disks

Configure: Cache Settings for OS/Data Disks and Subnet Names

12

Simple VM Creation

First Virtual Machine in a NEW Cloud Service (-Location specified)

New-AzureQuickVM -Windows -ServiceName $svc -Name $vm1 -ImageName $wimg -Location $location -Password $pwd

New Virtual Machine in an Existing Cloud Service (no Location)

New-AzureQuickVM -Windows -ServiceName $svc -Name $vm2 -ImageName $wimg -Password $pwd

Creating a Linux Virtual Machine in an Existing Cloud Service

New-AzureQuickVM -Linux -ServiceName $svc -Name $vm3 -ImageName $limg -LinuxUser $lu -Password $pwd

Slide Objectives:

Show three examples that show a key component of using the cmdlets.

Notes:When you specify -Location or -AffinityGroup the cmdlets will attempt to create a new cloud service to deploy the VM to.

If you do not specify either the cmdlets assume the cloud service exists in the current subscription.

13

Configuring VM at Provisioning

Create Configuration Object with New-AzureVMConfig

Modify with Add-* cmdlets

Add with New-AzureVM

New-AzureVMConfig -Name $vm1 -InstanceSize Medium -ImageName $img |

Add-AzureProvisioningConfig -Windows -Password $pwd |

Add-AzureDataDisk -CreateNew -DiskLabel 'data' -DiskSizeInGB 10 -LUN 0 |

Add-AzureEndpoint -Name 'web' -PublicPort 80 -LocalPort 80 -Protocol tcp |

New-AzureVM -ServiceName $newSvc -Location $location

Slide Objectives:

With PowerShell you can configure various settings in a batch

Notes:

New New-AzureVMConfig and New-AzureVM to allow a batched creation of a VM.

New-AzureVMConfig returns a configuration object that is then passed to other cmdlets to modify via the PowerShell pipeline.

Finally, it is passed to New-AzureVM where the VM is created with all of the configuration specified.

14

VM Batch Creation

Create Multiple Configured VMs and Pass to New-AzureVM

$vm1 = New-AzureVMConfig -Name 'myvm1' -InstanceSize 'Small' -ImageName $img | Add-AzureProvisioningConfig -Windows -Password $pwd



New-AzureVM -CreateService -ServiceName $cloudSvcName -VMs $vm1,$vm2,$vm3

-Location $dc

Slide Objectives:

It is also possible to create multiple configuration objects for multiple VMs and pass them to the New-AzureVM cmdlet as an array.

15

VM Batch Creation (using an array)

Create Multiple Configured VMs and Pass to New-AzureVM

$vmcount = 5

$vms = @()

for($i = 0; $i -lt 5; $i++)

{

$vmn = 'myvm' + $i

$vms += New-AzureVMConfig -Name $vmn -InstanceSize 'Small' -ImageName $img |


Add-AzureDataDisk -CreateNew -DiskLabel 'data' -DiskSizeInGB 10 -LUN 0 |

Add-AzureDataDisk -CreateNew -DiskLabel 'logs' -DiskSizeInGB 10 -LUN 1

}

New-AzureVM -ServiceName $cloudSvcName -VMs $vms -Location $dc

Slide Objectives:

Another example of batch VM creation: using an array/loop to create multiple VMs

16

Common Settings

Name

The name of the Virtual Machine

InstanceSize

ExtraSmall, Small, Medium, Large, ExtraLarge

AvailabilitySetName

The availability set (used for high availability)

Slide Objectives:

Explain other common settings used to provision a VM

17

Windows Provisioning Options

Add-AzureProvisioningConfig Options

-Windows -Password $pwd

-WindowsDomain -Password $pwd

-Domain $dom, -JoinDomain $fqdn, -DomainUser $domUser

-DomainPassword $domPwd -MachineObjectOU $ou

-DisableAutomaticUpdates

-NoRDPEndpoint, -TimeZone, Certificates

Slide Objectives:

The Add-AzureProvisioningConfig cmdlet supports two parameter sets for Windows.

Notes:

-Windows allows just setting the password of the VM on boot.

-WindowsDomain allows you to specify all of the settings necessary to have the VM join the domain on boot. This scenario only works in a VNET environment where the DNS specified knows how to have the VM find the domain controller.

-DisableAutomaticUpdates allows for disabling automatic updates by default. Available to both parameter sets.

-NoRDPEndpoint does not create the RDP endpoint on creation. Of course you can add this later through PS or the Portal.

-TimeZone allows you to specify the VMs timezone on provisioning.

-Certificates allows you to automatically install certificates on the VM on provisioning. Note: the certificates must already be installed in the cloud service. For an example: http://michaelwasham.com/2012/08/23/deploying-certificates-with-windows-azure-virtual-machines-and-powershell/

18

Linux Provisioning Options

Add-AzureProvisioningConfig Options

Linux

-LinuxUser $user -Password $pwd

-DisableSSH , -NoSSHEndpoint

-SSHKeyPairs, -SSHPublicKeys

installed from certificates deployed in cloud service

Slide Objectives:

The Add-AzureProvisioningConfig cmdlet supports one parameter set for Linux

Notes:

The Linux parameter set requires specifying the user name and also allows for disabling SSH on the Linux VM or just not adding the SSH endpoint.

Additionally, you can deploy SSH certificates as long as they are already in the cloud service.

19

Deploying into a Virtual Network

Virtual Machine Settings

Set Subnet on VM with Set-AzureSubnet

Deployment Settings

Set Virtual Network -VNetName

Set DNS Servers - New-AzureDns and -DNSSettings

Slide Objectives:

Deploying into a Virtual Network requires multiple settings.

Notes:

When configuring the VM you must specify the subnet using the Set-AzureSubnet cmdlet.

You can only specify the VNET and DNS settings for a cloud service on the creation of the first VM. If you add a second VM to the cloud service it will inherit the networking settings.

20

Provisioning into a VNET and Active Directory

$dom = 'contoso'

$jdom = 'contoso.com'

$onPremDNS = New-AzureDns -IPAddress '192.168.1.4' -Name 'OnPremDNS'

$cloudDNS = New-AzureDns -IPAddress '10.1.1.4' -Name 'CloudDNS'

$computerOU = $advmou = 'OU=AzureVMs,DC=contoso,DC=com

New-AzureVMConfig -Name 'myvm1' -InstanceSize 'Small' -ImageName $img |

Add-AzureProvisioningConfig -WindowsDomain -Password $pwd -Domain $dom `

-DomainUserName $domUser -DomainPassword $dpwd -JoinDomain $jdom `

-MachineObjectOU 'AzureVMs' |

Set-AzureSubnet -SubnetNames 'AppSubnet' |

New-AzureVM ServiceName $svc -AffinityGroup 'adag' `

-VNetName 'ADVNet' -DnsSettings $onPremDNS, $cloudDNS

Slide Objectives:

In this example were specifying two AD/DNS servers one that lives on our on-premises environment and the other is a DC that lives in the cloud.

Notes:

You can pass the DNS names when calling New-AzureVM. Also required is the VNET that establishes the hybrid connectivity.

21

Virtual Machine Discovery

Retrieve Cloud Services

Get-AzureService

Retrieve Virtual Machines for Service

Get-AzureVM -ServiceName $cloudSvcName

Retrieve Status for All VMs in Subsription

Get-AzureService | foreach {

$_ | Get-AzureVM | ft ServiceName, Name, InstanceStatus

}

Slide Objectives:

Show different methods of discovering virtual machines

22

Virtual Machine Storage

Data Disks

Add/Remove data disks at boot or while running

Create blank or attach existing disks

Modify Cache Settings of OS Disk or Data Disk

Modifying OS Disk while running requires reboot

Slide Objectives:

Explain storage options

23

Data Disk Creation

New Virtual Machine Creation with Data Disk



Add-AzureDataDisk -CreateNew -DiskSizeInGB 10 -DiskLabel 'myddisk' -LUN 0 |

New-AzureVM -ServiceName $cloudSvcName

Add new Data Disk to existing Virtual Machine

Get-AzureVM -ServiceName 'myvm1' |

Add-AzureDataDisk -CreateNew -DiskSizeInGB 10 -DiskLabel 'myddisk' -LUN 1 |

Update-AzureVM

Slide Objectives:

Show examples of configuring storage

Notes:

The first example creates a new VM with a 10GB disk attached.

The second example gets an existing VM, adds a 10GB disk to it and updates it live.

24

Modifying Cache Settings

Set Host Caching on OS Disk During Provisioning



Set-AzureOSDisk -HostCaching 'ReadOnly' |

New-AzureVM -ServiceDescription $cloudSvcName

Set Host Caching on Existing Data Disk in running VM

Get-AzureVM -ServiceName $cloudSvcName -Name 'myvm1' |

Set-AzureDataDisk -HostCaching 'ReadWrite' -LUN 0 |

Update-AzureVM

Slide Objectives:

Explain disk caching defaults and how to modify it

Notes:

By default OS disks have read / write caching enabled and data disks have no caching.

You can use Set-AzureOSDisk or Set-AzureDataDisk to modify these settings at run time. Set-AzureOSDisk requires a reboot.

25

Configuring Endpoints

Add Endpoints at Creation



Add-AzureEndpoint -LocalPort 80 -PublicPort 80 -Name http -Protocol tcp |

Add-AzureEndpoint -LocalPort 443 -PublicPort 443 -Name https -Protocol tcp |


Modify Endpoints at Runtime

Get-AzureVM -ServiceName $cloudSvcName -Name 'myvm1'


Add-AzureEndpoint -LocalPort 53 -PublicPort 53 -Name dns -Protocol udp |

Remove-AzureEndpoint -Name https |


Slide Objectives:

Demonstrate how to configure network endpoints on a VM

26


OS Images

Get-AzureVMImage # Return all

Get-AzureVMImage | Where { $_.Category -eq 'Microsoft' } # Return Microsoft

Get-AzureVMImage | Where { $_.Category -eq 'User' } # Return Custom

Get-AzureVMImage | Where { $_.Category -eq 'Partner' } # Return Partner Images

Get-AzureVMImage | Where { $_.OS -eq 'Windows' } # Return only Windows OS images

Remove-AzureVMImage -ImageName 'myimg' -DeleteVHD # Delete image and storage

Add-AzureVMImage -OS 'Windows' -ImageName 'MyWinImage' -MediaLocation 'http://storageaccount/vhds/winimage.vhd' # Add Existing VM Image from Storage

Disks

Get-AzureDisk # Return all

Get-AzureDisk | Where { $_.AttachedTo -eq $null } # Return all not attached to a VM

Get-AzureDisk | Where { $_.OS -eq $null } # Return only data disks

Get-AzureDisk | Where { $_.OS -eq 'Windows' } # Return only Windows OS disks

Remove-AzureDisk -DiskName 'mydisk' -DeleteVHD # Delete disk and storage

Add-AzureDisk -OS 'Windows' -DiskName 'MyWinDisk' -MediaLocation 'http://storageaccount/vhds/winosdisk.vhd # Add Existing OS Disk from Storage

Add-AzureDisk -DiskName 'MyDataDisk' -MediaLocation 'http://storageaccount/vhds/datadisk.vhd

# Add Existing Data Disk from Storage

Microsoft, Partner and User

OS Disks or Data Disks

Slide Objectives:

Numerous examples that show how to filer output from the disk and image repository.

27

Batch Updates to Running VMs

Remove RDP and Add New Storage Across all Web Front Ends

Get-AzureVM -ServiceName $svc | Where { $_.Name -match 'wfe' } | foreach {

$_ |

Remove-AzureEndpoint -Name 'rdp' |

Add-AzureDataDisk -CreateNew -DiskSizeInGB 10 -LUN 1 -DiskLabel 'newstorage' |

Update-AzureVM

}

Slide Objectives:

Show how you can iterate through a list of VMs (like all VMs that have a name starting with wfe and perform an update such as adding a new disk and removing an endpoint.

28

Capturing a Virtual Machine as a new Image

Capture Sys-Prepped VM into a new Image (Deletes the Source VM)

Save-AzureVMImage -ServiceName $cloudSvcName -Name 'myvm1'

-NewImageName 'Image Name'

Slide Objectives:

Show how to capture a VM

29

Virtual Network Operations

View and Set Virtual Network Configuration

Get-AzureVNetConfig | Select -Expand XMLConfiguration

Set-AzureVNetConfig -ConfigurationPath 'c:\Network\MyNetCFG.xml'

Start and Stop Virtual Network Gateway

Set-AzureVNetGateway -Disconnect -VNetName 'MyVNet'

-LocalNetworkSiteName 'MySite'

Set-AzureVNetGateway -Connect -VNetName 'MyVNet'

-LocalNetworkSiteName 'MySite'

View Virtual Network Status

Get-AzureVNetConnection -VNetName 'MyVNet'

Slide Objectives:

Operations allowed from PowerShell for updating an modifying VNET Settings.

30

Summary



Configuring Virtual Networks

Slide Objectives:

Summarize presentation

31

it professionals 03 | managing windows azure virtual machines from powershell david tesar |...

Documents

virtual machinehttp

virtual networkingcompletely

virtual machinesstorage

windows azure virtual

powershell cmdlets

virtual machine managementdisk

virtual network settings

demoinitial powershell