Create a Linux virtual machine with PowerShell
The Azure PowerShell module is used to create and manage Azure resources from the PowerShell command line or in scripts. This quickstart details using the Azure PowerShell module to deploy a virtual machine running Ubuntu server. Once the server is deployed, an SSH connection is created, and an NGINX webserver is installed.
If you don't have an Azure subscription, create a free account before you begin.
This quick start requires the Azure PowerShell module version 3.6 or later. Run
Get-Module -ListAvailable AzureRM to find the version. If you need to install or upgrade, see Install Azure PowerShell module.
Finally, a public SSH key with the name id_rsa.pub needs to be stored in the .ssh directory of your Windows user profile. For detailed information on creating SSH keys for Azure, see Create SSH keys for Azure.
Log in to Azure
Log in to your Azure subscription with the
Login-AzureRmAccount command and follow the on-screen directions.
Create resource group
Create an Azure resource group with New-AzureRmResourceGroup. A resource group is a logical container into which Azure resources are deployed and managed.
New-AzureRmResourceGroup -Name myResourceGroup -Location eastus
Create networking resources
Create a virtual network, subnet, and a public IP address. These resources are used to provide network connectivity to the virtual machine and connect it to the internet.
# Create a subnet configuration $subnetConfig = New-AzureRmVirtualNetworkSubnetConfig -Name mySubnet -AddressPrefix 192.168.1.0/24 # Create a virtual network $vnet = New-AzureRmVirtualNetwork -ResourceGroupName myResourceGroup -Location eastus ` -Name MYvNET -AddressPrefix 192.168.0.0/16 -Subnet $subnetConfig # Create a public IP address and specify a DNS name $pip = New-AzureRmPublicIpAddress -ResourceGroupName myResourceGroup -Location eastus ` -AllocationMethod Static -IdleTimeoutInMinutes 4 -Name "mypublicdns$(Get-Random)"
Create a network security group and a network security group rule. The network security group secures the virtual machine using inbound and outbound rules. In this case, an inbound rule is created for port 22, which allows incoming SSH connections. We also want to create an inbound rule for port 80, which allows incoming web traffic.
# Create an inbound network security group rule for port 22 $nsgRuleSSH = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleSSH -Protocol Tcp ` -Direction Inbound -Priority 1000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * ` -DestinationPortRange 22 -Access Allow # Create an inbound network security group rule for port 80 $nsgRuleWeb = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleWWW -Protocol Tcp ` -Direction Inbound -Priority 1001 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * ` -DestinationPortRange 80 -Access Allow # Create a network security group $nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName myResourceGroup -Location eastus ` -Name myNetworkSecurityGroup -SecurityRules $nsgRuleSSH,$nsgRuleWeb
Create a network card with New-AzureRmNetworkInterface for the virtual machine. The network card connects the virtual machine to a subnet, network security group, and public IP address.
# Create a virtual network card and associate with public IP address and NSG $nic = New-AzureRmNetworkInterface -Name myNic -ResourceGroupName myResourceGroup -Location eastus ` -SubnetId $vnet.Subnets.Id -PublicIpAddressId $pip.Id -NetworkSecurityGroupId $nsg.Id
Create virtual machine
Create a virtual machine configuration. This configuration includes the settings that are used when deploying the virtual machine such as a virtual machine image, size, and authentication configuration.
# Define a credential object $securePassword = ConvertTo-SecureString ' ' -AsPlainText -Force $cred = New-Object System.Management.Automation.PSCredential ("azureuser", $securePassword) # Create a virtual machine configuration $vmConfig = New-AzureRmVMConfig -VMName myVM -VMSize Standard_D1 | ` Set-AzureRmVMOperatingSystem -Linux -ComputerName myVM -Credential $cred -DisablePasswordAuthentication | ` Set-AzureRmVMSourceImage -PublisherName Canonical -Offer UbuntuServer -Skus 16.04-LTS -Version latest | ` Add-AzureRmVMNetworkInterface -Id $nic.Id # Configure SSH Keys $sshPublicKey = Get-Content "$env:USERPROFILE\.ssh\id_rsa.pub" Add-AzureRmVMSshPublicKey -VM $vmconfig -KeyData $sshPublicKey -Path "/home/azureuser/.ssh/authorized_keys"
Create the virtual machine with New-AzureRmVM.
New-AzureRmVM -ResourceGroupName myResourceGroup -Location eastus -VM $vmConfig
Connect to virtual machine
After the deployment has completed, create an SSH connection with the virtual machine.
Use the Get-AzureRmPublicIpAddress command to return the public IP address of the virtual machine.
Get-AzureRmPublicIpAddress -ResourceGroupName myResourceGroup | Select IpAddress
From a system with SSH installed, used the following command to connect to the virtual machine. If working on Windows, Putty can be used to create the connection.
ssh <Public IP Address>
When prompted, the login user name is azureuser. If a passphrase was entered when creating SSH keys, you need to enter this as well.
Use the following commands to update package sources and install the latest NGINX package.
# update package source sudo apt-get -y update # install NGINX sudo apt-get -y install nginx
View the NGINX welcome page
With NGINX installed and port 80 now open on your VM from the Internet - you can use a web browser of your choice to view the default NGINX welcome page. Be sure to use the public IP address you documented above to visit the default page.
Clean up resources
When no longer needed, you can use the Remove-AzureRmResourceGroup command to remove the resource group, VM, and all related resources.
Remove-AzureRmResourceGroup -Name myResourceGroup
In this quick start, you’ve deployed a simple virtual machine, a network security group rule, and installed a web server. To learn more about Azure virtual machines, continue to the tutorial for Linux VMs.