Configure private IP addresses for a virtual machine using the Azure CLI 2.0

CLI versions to complete the task

You can complete the task using one of the following CLI versions:

  • Azure CLI 1.0 – our CLI for the classic and resource management deployment models
  • Azure CLI 2.0 - our next generation CLI for the resource management deployment model (this article)

Your IaaS virtual machines (VMs) and PaaS role instances in a virtual network automatically receive a private IP address from a range that you specify, based on the subnet they are connected to. That address is retained by the VMs and role instances, until they are decommissioned. You decommission a VM or role instance by stopping it from PowerShell, the Azure CLI, or the Azure portal. In those cases, once the VM or role instance starts again, it will receive an available IP address from the Azure infrastructure, which might not be the same it previously had. If you shut down the VM or role instance from the guest operating system, it retains the IP address it had.

In certain cases, you want a VM or role instance to have a static IP address, for example, if your VM is going to run DNS or will be a domain controller. You can do so by setting a static private IP address.

Important

Before you work with Azure resources, it's important to understand that Azure currently has two deployment models: Azure Resource Manager and classic. Make sure you understand deployment models and tools before you work with any Azure resource. You can view the documentation for different tools by clicking the tabs at the top of this article.

This article covers the Resource Manager deployment model. You can also manage static private IP address in the classic deployment model.

Scenario

To better illustrate how to configure a static IP address for a VM, this document will use the scenario below.

VNet scenario

In this scenario you will create a VM named DNS01 in the FrontEnd subnet, and set it to use a static IP address of 192.168.1.101.

Note

The sample Azure CLI 2.0 commands below expect a simple environment already created. If you want to run the commands as they are displayed in this document, first build the test environment described in create a vnet.

Specify a static private IP address when creating a VM

To create a VM named DNS01 in the FrontEnd subnet of a VNet named TestVNet with a static private IP of 192.168.1.101, follow the steps below:

  1. If you haven't yet, install and configure the latest Azure CLI 2.0 and log in to an Azure account using az login.

  2. Create a public IP for the VM with the az network public-ip create command. The list shown after the output explains the parameters used.

    Note

    You may want or need to use different values for your arguments in this and subsequent steps, depending upon your environment.

    az network public-ip create \
    --name TestPIP \
    --resource-group TestRG \
    --location centralus \
    --allocation-method Static
    

    Expected output:

    {
         "publicIp": {
             "idleTimeoutInMinutes": 4,
             "ipAddress": "52.176.43.167",
             "provisioningState": "Succeeded",
             "publicIPAllocationMethod": "Static",
             "resourceGuid": "79e8baa3-33ce-466a-846c-37af3c721ce1"
         }
     }
    
    • --resource-group: Name of the resource group in which to create the public IP.
    • --name: Name of the public IP.
    • --location: Azure region in which to create the public IP.
  3. Run the az network nic create command to create a NIC with a static private IP. The list shown after the output explains the parameters used.

    az network nic create \
    --resource-group TestRG \
    --name TestNIC \
    --location centralus \
    --subnet FrontEnd \
    --private-ip-address 192.168.1.101 \
    --vnet-name TestVNet
    

    Expected output:

    {
        "newNIC": {
            "dnsSettings": {
            "appliedDnsServers": [],
            "dnsServers": []
            },
            "enableIPForwarding": false,
            "ipConfigurations": [
            {
                "etag": "W/\"<guid>\"",
                "id": "/subscriptions/<guid>/resourceGroups/TestRG/providers/Microsoft.Network/networkInterfaces/TestNIC/ipConfigurations/ipconfig1",
                "name": "ipconfig1",
                "properties": {
                "primary": true,
                "privateIPAddress": "192.168.1.101",
                "privateIPAllocationMethod": "Static",
                "provisioningState": "Succeeded",
                "subnet": {
                    "id": "/subscriptions/<guid>/resourceGroups/TestRG/providers/Microsoft.Network/virtualNetworks/TestVNet/subnets/FrontEnd",
                    "resourceGroup": "TestRG"
                }
                },
                "resourceGroup": "TestRG"
            }
            ],
            "provisioningState": "Succeeded",
            "resourceGuid": "<guid>"
        }
    }
    

    Parameters:

    • --private-ip-address: Static private IP address for the NIC.
    • --vnet-name: Name of the VNet in wihch to create the NIC.
    • --subnet: Name of the subnet in which to create the NIC.
  4. Run the azure vm create command to create the VM using the public IP and NIC created above. The list shown after the output explains the parameters used.

    az vm create \
    --resource-group TestRG \
    --name DNS01 \
    --location centralus \
    --image Debian \
    --admin-username adminuser \
    --ssh-key-value ~/.ssh/id_rsa.pub \
    --nics TestNIC
    

    Expected output:

    {
        "fqdns": "",
        "id": "/subscriptions/<guid>/resourceGroups/TestRG/providers/Microsoft.Compute/virtualMachines/DNS01",
        "location": "centralus",
        "macAddress": "00-0D-3A-92-C1-66",
        "powerState": "VM running",
        "privateIpAddress": "192.168.1.101",
        "publicIpAddress": "",
        "resourceGroup": "TestRG"
    }
    

    Parameters other than the basic az vm create parameters.

    • --nics: Name of the NIC to which the VM is attached.

Retrieve static private IP address information for a VM

To view the static private IP address that you created, run the following Azure CLI command and observe the values for Private IP alloc-method and Private IP address:

az vm show -g TestRG -n DNS01 --show-details --query 'privateIps'

Expected output:

"192.168.1.101"

To display the specific IP information of the NIC for that VM, query the NIC specifically:

az network nic show \
-g testrg \
-n testnic \
--query 'ipConfigurations[0].{PrivateAddress:privateIpAddress,IPVer:privateIpAddressVersion,IpAllocMethod:p
rivateIpAllocationMethod,PublicAddress:publicIpAddress}'

The output is something like:

{
    "IPVer": "IPv4",
    "IpAllocMethod": "Static",
    "PrivateAddress": "192.168.1.101",
    "PublicAddress": null
}

Remove a static private IP address from a VM

You cannot remove a static private IP address from a NIC in Azure CLI for resource manager deployments. You must:

  • Create a new NIC that uses a dynamic IP
  • Set the NIC on the VM do the newly created NIC.

To change the NIC for the VM used in the commands above, follow the steps below.

  1. Run the azure network nic create command to create a new NIC using dynamic IP allocation with a new IP address. Note that because no IP address is specified, the allocation method is Dynamic.

    az network nic create     \
    --resource-group TestRG     \
    --name TestNIC2     \
    --location centralus     \
    --subnet FrontEnd    \
    --vnet-name TestVNet
    

    Expected output:

    {
        "newNIC": {
            "dnsSettings": {
            "appliedDnsServers": [],
            "dnsServers": []
            },
            "enableIPForwarding": false,
            "ipConfigurations": [
            {
                "etag": "W/\"<guid>\"",
                "id": "/subscriptions/<guid>/resourceGroups/TestRG/providers/Microsoft.Network/networkInterfaces/TestNIC2/ipConfigurations/ipconfig1",
                "name": "ipconfig1",
                "properties": {
                "primary": true,
                "privateIPAddress": "192.168.1.4",
                "privateIPAllocationMethod": "Dynamic",
                "provisioningState": "Succeeded",
                "subnet": {
                    "id": "/subscriptions/<guid>/resourceGroups/TestRG/providers/Microsoft.Network/virtualNetworks/TestVNet/subnets/FrontEnd",
                    "resourceGroup": "TestRG"
                }
                },
                "resourceGroup": "TestRG"
            }
            ],
            "provisioningState": "Succeeded",
            "resourceGuid": "0808a61c-476f-4d08-98ee-0fa83671b010"
        }
    }
    
  2. Run the azure vm set command to change the NIC used by the VM.

    azure vm set -g TestRG -n DNS01 -N TestNIC2
    

    Expected output:

    [
        {
            "id": "/subscriptions/0e220bf6-5caa-4e9f-8383-51f16b6c109f/resourceGroups/TestRG/providers/Microsoft.Network/networkInterfaces/TestNIC3",
            "primary": true,
            "resourceGroup": "TestRG"
        }
    ]
    
    Note

    If the VM is large enough to have more than one NIC, run the azure network nic delete command to delete the old NIC.

Next steps