Create a mesh network topology with Azure Virtual Network Manager - Azure PowerShell
In this article, you'll learn how to create a mesh network topology with Azure Virtual Network Manager using Azure PowerShell. With this configuration, all the virtual networks of the same region in the same network group can communicate with one another. You can enable cross region connectivity by enabling the global mesh setting in the connectivity configuration.
Important
Azure Virtual Network Manager is generally available for hub-and-spoke connectivity configurations and security configurations with security admin rules. Mesh connectivity configurations remain in public preview.
This preview version is provided without a service level agreement, and it's not recommended for production workloads. Certain features might not be supported or might have constrained capabilities. For more information, see Supplemental Terms of Use for Microsoft Azure Previews.
Prerequisites
- Read about mesh network topology.
- Created a Azure Virtual Network Manager instance.
- Identify virtual networks you want to use in the mesh configuration or create new virtual networks.
- Version
5.3.0ofAz.Networkis required to access the required cmdlets for Azure Virtual Network Manager. - If you're running PowerShell locally, you need to run
Connect-AzAccountto create a connection with Azure.
Create a network group and add members
This section will help you create a network group containing the virtual networks you'll be using for the hub-and-spoke network topology.
Create a network group for virtual networks with New-AzNetworkManagerGroup.
$ng = @{ Name = 'myNetworkGroup' ResourceGroupName = 'myAVNMResourceGroup' NetworkManagerName = 'myAVNM' } $networkgroup = New-AzNetworkManagerGroup @ngAdd the static member to the static membership group with New-AzNetworkManagerStaticMember:
$vnet = get-AZVirtualNetwork -ResourceGroupName 'myAVNMResourceGroup' -Name 'VNetA' $sm = @{ NetworkGroupName = $networkgroup.name ResourceGroupName = 'myAVNMResourceGroup' NetworkManagerName = 'myAVNM' Name = 'statiMember' ResourceId = $vnet.id } $staticmember = New-AzNetworkManagerStaticMember @sm
Create a mesh connectivity configuration
This section will guide you through how to create a mesh configuration with the network group you created in the previous section.
Create a connectivity group item to add a network group to with New-AzNetworkManagerConnectivityGroupItem.
$gi = @{ NetworkGroupId = $networkgroup.Id } $groupItem = New-AzNetworkManagerConnectivityGroupItem @giCreate a configuration group and add the group item from the previous step.
[System.Collections.Generic.List[Microsoft.Azure.Commands.Network.Models.PSNetworkManagerConnectivityGroupItem]]$configGroup = @() $configGroup.Add($groupItem)Create the connectivity configuration with New-AzNetworkManagerConnectivityConfiguration.
$config = @{ Name = 'connectivityconfig' ResourceGroupName = 'myAVNMResourceGroup' NetworkManagerName = 'myAVNM' ConnectivityTopology = 'Mesh' AppliesToGroup = $configGroup } $connectivityconfig = New-AzNetworkManagerConnectivityConfiguration @config
Deploy the mesh configuration
Commit the configuration to the target regions with Deploy-AzNetworkManagerCommit.
[System.Collections.Generic.List[string]]$configIds = @()
$configIds.add($connectivityconfig.id)
[System.Collections.Generic.List[string]]$target = @()
$target.Add("westus")
$deployment = @{
Name = 'myAVNM'
ResourceGroupName = 'myAVNMResourceGroup'
ConfigurationId = $configIds
TargetLocation = $target
CommitType = 'Connectivity'
}
Deploy-AzNetworkManagerCommit @deployment
Confirm deployment
Go to one of the virtual networks in the portal and select Network Manager under Settings. You should see the configuration listed on that page.
To test connectivity between virtual networks, deploy a test virtual machine into each virtual network and start an ICMP request between them.
Next steps
- Learn about Security admin rules
- Learn how to block network traffic with a SecurityAdmin configuration.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for