This topic provides an overview of some aspects of using Linux virtual machines in the Azure cloud. Deploying a Linux virtual machine is a straightforward process using an image from the gallery.
Authentication: Usernames, Passwords and SSH Keys
When creating a Linux virtual machine using the Azure portal, you are asked to provide a either username and password or an SSH public key. The choice of a username for deploying a Linux virtual machine on Azure is subject to the following constraint: names of system accounts (UID <100) already present in the virtual machine are not allowed, 'root' for example.
Obtaining Superuser Privileges Using
The user account that is specified during virtual machine instance deployment on Azure is a privileged account. This account is configured by the Azure Linux Agent to be able to elevate privileges to root (superuser account) using the
sudo utility. Once logged in using this user account, you will be able to run commands as root using the command syntax:
# sudo <COMMAND>
You can optionally obtain a root shell using sudo -s.
Azure provides an inbound packet filter that restricts connectivity to ports specified in the Azure portal. By default, the only allowed port is SSH. You may open up access to additional ports on your Linux virtual machine by configuring endpoints in the Azure portal:
The Linux images in the Azure Gallery do not enable the iptables firewall by default. If desired, the firewall may be configured to provide additional filtering.
When you initially deploy an instance of a Linux image, you are required to provide a host name for the virtual machine. Once the virtual machine is running, this hostname is published to the platform DNS servers so that multiple virtual machines connected to each other can perform IP address lookups using hostnames.
If hostname changes are desired after a virtual machine has been deployed, please use the command
# sudo hostname <newname>
The Azure Linux Agent includes functionality to automatically detect this name change and appropriately configure the virtual machine to persist this change and publish this change to the platform DNS servers.
Ubuntu and CoreOS images utilize cloud-init on Azure, which provides additional capabilities for bootstrapping a virtual machine.
- How to Inject Custom Data
- Custom Data and Cloud-Init on Microsoft Azure
- Create Azure Swap Partitions Using Cloud-Init
- How to Use CoreOS on Azure
Virtual Machine Image Capture
Azure provides the ability to capture the state of an existing virtual machine into an image that can subsequently be used to deploy additional virtual machine instances. The Azure Linux Agent may be used to rollback some of the customization that was performed during the provisioning process. You may follow the steps below to capture a virtual machine as an image:
- Run waagent -deprovision to undo provisioning customization. Or waagent -deprovision+user to optionally delete the user account specified during provisioning and all associated data.
- Shut down/power off the virtual machine.
Click Capture in the Azure portal or use the PowerShell or CLI tools to capture the virtual machine as an image.
Each virtual machine has a temporary, local resource disk attached. Because data on a resource disk may not be durable across reboots, it is often used by applications and processes running in the virtual machine for transient and temporary storage of data. It is also used to store the page or swap files for the operating system.
On Linux, the resource disk is typically managed by the Azure Linux Agent and automatically mounted to /mnt/resource (or /mnt on Ubuntu images).
Note that the resource disk is a temporary disk, and might be deleted and reformatted when the VM is rebooted.
On Linux the data disk might be named by the kernel as
/dev/sdc, and users will need to partition, format and mount that resource. This is covered step-by-step in the tutorial: How to Attach a Data Disk to a Virtual Machine.