VM scale Sets (VMSS) - az vmss

Create highly available, auto-scalable Linux or Windows virtual machines.

Commands

az vmss assign-identity Enable managed service identity on a VMSS.
az vmss create Create an Azure Virtual Machine Scale Set.
az vmss deallocate Deallocate virtual machines in a scale set.
az vmss delete Deletes a VM scale set.
az vmss delete-instances Delete virtual machines in a scale set.
az vmss diagnostics Configure the Azure Virtual Machine Scale Set diagnostics extension.
az vmss diagnostics get-default-config Show the default config file which defines data to be collected.
az vmss diagnostics set Enable diagnostics on a virtual machine scale set.
az vmss disk Manage the managed data disks associated with a virtual machine scale set.
az vmss disk attach
az vmss disk detach
az vmss extension Extend the functionality of your VM scale set with extensions.
az vmss extension delete
az vmss extension image Find VM scale set extension available for your subscription and region.
az vmss extension image list Vm extension image list.
az vmss extension image list-names Gets a list of virtual machine extension image types.
az vmss extension image list-versions Gets a list of virtual machine extension image versions.
az vmss extension image show Gets a virtual machine extension image.
az vmss extension list
az vmss extension set Create/update extensions for a VMSS in a resource group.
az vmss extension show
az vmss get-instance-view Get instance view for a scale set or its VM instances.
az vmss list List scale sets.
az vmss list-instance-connection-info Get the IP address and port number used to connect to individual instances.
az vmss list-instance-public-ips List public IP addresses of VM instances.
az vmss list-instances Gets a list of all virtual machines in a VM scale sets.
az vmss list-skus Gets a list of SKUs available for your VM scale set, including the minimum and maximum VM instances allowed for each SKU.
az vmss nic Manage the network interfaces associated with a virtual machine scale set.
az vmss nic list Gets all network interfaces in a virtual machine scale set.
az vmss nic list-vm-nics Gets information about all network interfaces in a virtual machine in a virtual machine scale set.
az vmss nic show Get the specified network interface in a virtual machine scale set.
az vmss reimage Reimage virtual machines in a virtual machine scale set.
az vmss restart Restart virtual machines in a scale set.
az vmss scale Change the number of VMs in an virtual machine scale set.
az vmss show Show scale set or its VM instance.
az vmss start Start virtual machines in a virtual machine scale set.
az vmss stop Power off (stop) virtual machines in a virtual machine scale set.
az vmss update Update a virtual machine scale set.
az vmss update-instances Upgrade virtual machines in a virtual machine scale set.
az vmss wait Place the CLI in a waiting state until a condition of the scale set is met.

az vmss assign-identity

Required to authenticate and interact with other Azure services using bearer tokens.

az vmss assign-identity --name
--resource-group
[--port]
[--role]
[--scope]

Examples

Enable identity on a VMSS. It will have a role of 'Owner' to the VMSS's resource group.

az vmss assign-identity -g MyResourceGroup -n MyVmss --role Owner

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--port

The port to fetch AAD token. Default: 50342.

--role

Role name or id the managed identity will be assigned.

default value: Contributor
--scope

The scope the managed identity has access to, or specify for None. Default: VM/VMSS's resource group.

az vmss create

For an end-to-end tutorial, see https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-linux-create-cli.

az vmss create --image
--name
--resource-group
[--admin-password]
[--admin-username]
[--app-gateway]
[--app-gateway-capacity]
[--app-gateway-sku]
[--app-gateway-subnet-address-prefix]
[--assign-identity]
[--authentication-type {password, ssh}]
[--backend-pool-name]
[--backend-port]
[--custom-data]
[--data-disk-caching {None, ReadOnly, ReadWrite}]
[--data-disk-sizes-gb]
[--disable-overprovision]
[--dns-servers]
[--generate-ssh-keys]
[--instance-count]
[--lb]
[--lb-nat-pool-name]
[--location]
[--no-wait]
[--nsg]
[--os-disk-caching {ReadOnly, ReadWrite}]
[--os-disk-name]
[--os-type {linux, windows}]
[--public-ip-address]
[--public-ip-address-allocation {dynamic, static}]
[--public-ip-address-dns-name]
[--public-ip-per-vm]
[--role]
[--scope]
[--secrets]
[--single-placement-group {false, true}]
[--ssh-dest-key-path]
[--ssh-key-value]
[--storage-container-name]
[--storage-sku {Premium_LRS, Standard_GRS, Standard_LRS, Standard_RAGRS, Standard_ZRS}]
[--subnet]
[--subnet-address-prefix]
[--tags]
[--upgrade-policy-mode {Automatic, Manual}]
[--use-unmanaged-disk]
[--validate]
[--vm-domain-name]
[--vm-sku]
[--vnet-address-prefix]
[--vnet-name]

Examples

Create a Windows VM scale set with 5 instances, a load balancer, a public IP address, and a 2GB data disk.

az vmss create -n MyVmss -g MyResourceGroup --instance-count 5 --image Win2012R2Datacenter --data-disk-sizes-gb 2

Create a Linux VM scale set with an auto-generated ssh key pair under ~/.ssh, a public IP address, a DNS entry, an existing load balancer, and an existing virtual network.

az vmss create -n MyVmss -g MyResourceGroup --dns-name-for-public-ip MyGloballyUniqueDnsName --load-balancer MyLoadBalancer --vnet-name MyVnet --subnet MySubnet --image UbuntuLTS --generate-ssh-keys

Create a Linux VM scale set from a custom image using an existing ssh public key of ~/.ssh/id_rsa.pub.

az vmss create -n MyVmss -g MyResourceGroup --image MyImage

Create a Linux VM scale set, a load balancer, each VM has a public-ip address, a custom domain name, own dns servers

az vmss create -n MyVmss -g MyResourceGroup --image centos --public-ip-per-vm --vm-domain-name myvmss --dns-servers 10.0.0.6 10.0.0.5

Create a Linux VM scale set with a cloud-init script (https://docs.microsoft.com/azure/virtual-machines/virtual-machines-linux-using-cloud-init).

az vmss create -g MyResourceGroup -n MyVmss --image debian --custom_data MyCloudInitScript.yml

Create an Debian VM scaleset and with Key Vault secrets. The secrets are placed in /var/lib/waagent and each certificate file is named with the hex thumbprint.

az keyvault certificate create --vault-name vaultname -n cert1   -p "$(az keyvault certificate get-default-policy)"
                        
                        secrets=$(az keyvault secret list-versions --vault-name vaultname   -n cert1 --query "[?attributes.enabled].id" -o tsv)
                        
                        vm_secrets=$(az vm format-secret -s "$secrets") 
                        
                        az vmss create -g group-name -n vm-name --admin-username deploy    --image debian --secrets "$vm_secrets"

Required Parameters

--image

The name of the operating system image (URN alias, URN, or URI).

URN aliases: CentOS, CoreOS, Debian, openSUSE, RHEL, SLES, UbuntuLTS, Win2008R2SP1, Win2012Datacenter, Win2012R2Datacenter. Example URN: MicrosoftWindowsServer:WindowsServer:2012-R2-Datacenter:latest Example Custom Image Resource ID or Name: /subscriptions/subscription-id/resourceGroups/MyResourceGroup/providers/Microsoft.Compute/images/MyImage Example URI: http://.blob.core.windows.net/vhds/osdiskimage.vhd.

--name -n

Name of the virtual machine scale set.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--admin-password

Password for the VM if authentication type is 'Password'.

--admin-username

Username for the VM.

default value: appveyor
--app-gateway

Name to use when creating a new application gateway (default) or referencing an existing one. Can also reference an existing application gateway by ID or specify "" for none.

--app-gateway-capacity

The number of instances to use when creating a new application gateway.

default value: 10
--app-gateway-sku

SKU when creating a new application gateway.

default value: Standard_Large
--app-gateway-subnet-address-prefix

The subnet IP address prefix to use when creating a new application gateway in CIDR format.

--assign-identity

Enables the VM/VMSS to autonomously, using its own managed identity, to directly authenticate and interact with other Azure services using bearer tokens.

--authentication-type

Type of authentication to use with the VM. Defaults to password for Windows and SSH public key for Linux.

accepted values: password, ssh
--backend-pool-name

Name to use for the backend pool when creating a new load balancer or application gateway.

--backend-port

When creating a new load balancer, backend port to open with NAT rules (Defaults to 22 on Linux and 3389 on Windows). When creating an application gateway, the backend port to use for the backend HTTP settings.

--custom-data

Custom init script file or text (cloud-init, cloud-config, etc..).

--data-disk-caching

Storage caching type for the VM data disk(s).

accepted values: None, ReadOnly, ReadWrite
--data-disk-sizes-gb

Space separated empty managed data disk sizes in GB to create.

--disable-overprovision
--dns-servers

Space separated IP addresses of DNS servers, e.g. 10.0.0.5 10.0.0.6.

--generate-ssh-keys

Generate SSH public and private key files if missing.

--instance-count

Number of VMs in the scale set.

default value: 2
--lb --load-balancer

Name to use when creating a new load balancer (default) or referencing an existing one. Can also reference an existing load balancer by ID or specify "" for none.

--lb-nat-pool-name --nat-pool-name

Name to use for the NAT pool when creating a new load balancer.

--location -l

Location in which to create VM and related resources. If default location is not configured, will default to the resource group's location.

--no-wait

Do not wait for the long running operation to finish.

--nsg

Reference to an existing Network Security Group by ID, or name if in the same resource group.

--os-disk-caching --storage-caching

Storage caching type for the VM OS disk.

accepted values: ReadOnly, ReadWrite
default value: ReadWrite
--os-disk-name

The name of the new VM OS disk.

--os-type

Type of OS installed on a custom VHD. Do not use when specifying an URN or URN alias.

accepted values: linux, windows
--public-ip-address

Name of the public IP address when creating one (default) or referencing an existing one. Can also reference an existing public IP by ID or specify "" for None.

--public-ip-address-allocation
accepted values: dynamic, static
default value: dynamic
--public-ip-address-dns-name

Globally unique DNS name for a newly created Public IP.

--public-ip-per-vm

Each VM instance will have a public ip. For security, you can use '--nsg' to apply appropriate rules.

--role

Role name or id the managed identity will be assigned.

default value: Contributor
--scope

The scope the managed identity has access to, or specify for None. Default: VM/VMSS's resource group.

--secrets

One or many Key Vault secrets as JSON strings or files via @ containing [{ "sourceVault": { "id": "value" }, "vaultCertificates": [{ "certificateUrl": "value", "certificateStore": "cert store name (only on windows)"}] }].

--single-placement-group

Enable single placement group. This flag will default to True if instance count <=100, and default to False for instance count >100.

accepted values: false, true
--ssh-dest-key-path

Destination file path on the VM for the SSH key.

--ssh-key-value

SSH public key or public key file path.

--storage-container-name

Only applicable when use with '--use-unmanaged-disk'. Name of the storage container for the VM OS disk. Default: vhds.

default value: vhds
--storage-sku

The sku of storage account to persist VM. By default, only Standard_LRS and Premium_LRS are allowed. Using with --use-unmanaged-disk, all are available.

accepted values: Premium_LRS, Standard_GRS, Standard_LRS, Standard_RAGRS, Standard_ZRS
--subnet

The name of the subnet when creating a new VNet or referencing an existing one. Can also reference an existing subnet by ID. If omitted, an appropriate VNet and subnet will be selected automatically, or a new one will be created.

--subnet-address-prefix

The subnet IP address prefix to use when creating a new VNet in CIDR format.

--tags

Space separated tags in 'key[=value]' format. Use "" to clear existing tags.

--upgrade-policy-mode
accepted values: Automatic, Manual
default value: manual
--use-unmanaged-disk

Do not use managed disk to persist VM.

--validate

Generate and validate the ARM template without creating any resources.

--vm-domain-name

Domain name of VM instances, once configured, the FQDN is 'vm..<..rest..>'.

--vm-sku

Size of VMs in the scale set. See https://azure.microsoft.com/en-us/pricing/details/virtual-machines/ for size info.

default value: Standard_D1_v2
--vnet-address-prefix

The IP address prefix to use when creating a new VNet in CIDR format.

default value: 10.0.0.0/16
--vnet-name

Name of the virtual network when creating a new one or referencing an existing one.

az vmss deallocate

Deallocate virtual machines in a scale set.

az vmss deallocate --name
--resource-group
[--instance-ids]
[--no-wait]

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--instance-ids

Space separated list of IDs (ex: 1 2 3 ...) or * for all instances. If not provided, the action will be applied on the scaleset itself.

--no-wait

Do not wait for the long running operation to finish.

az vmss delete

Deletes a VM scale set.

az vmss delete --name
--resource-group
[--no-wait]

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--no-wait

Do not wait for the long running operation to finish.

az vmss delete-instances

Delete virtual machines in a scale set.

az vmss delete-instances --instance-ids
--name
--resource-group
[--no-wait]

Required Parameters

--instance-ids

Space separated list of IDs (ex: 1 2 3 ...) or * for all instances.

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--no-wait

Do not wait for the long running operation to finish.

az vmss get-instance-view

Get instance view for a scale set or its VM instances.

az vmss get-instance-view --name
--resource-group
[--instance-id]

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--instance-id

An VM instance id, or use "*" to list instance view for all VMs in a scale set.

az vmss list

List scale sets.

az vmss list [--resource-group]

Optional Parameters

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

az vmss list-instance-connection-info

Get the IP address and port number used to connect to individual instances.

az vmss list-instance-connection-info --name
--resource-group

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

az vmss list-instance-public-ips

List public IP addresses of VM instances.

az vmss list-instance-public-ips --name
--resource-group

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

az vmss list-instances

Gets a list of all virtual machines in a VM scale sets.

az vmss list-instances --name
--resource-group
[--expand]
[--filter]
[--select]

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--expand

The expand expression to apply to the operation.

--filter

The filter to apply to the operation.

--select

The list parameters.

az vmss list-skus

Gets a list of SKUs available for your VM scale set, including the minimum and maximum VM instances allowed for each SKU.

az vmss list-skus --name
--resource-group

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

az vmss reimage

Reimage virtual machines in a virtual machine scale set.

az vmss reimage --name
--resource-group
[--instance-id]
[--no-wait]

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--instance-id

VM instance id. If missing, reimage all instances.

--no-wait

Do not wait for the long running operation to finish.

az vmss restart

Restart virtual machines in a scale set.

az vmss restart --name
--resource-group
[--instance-ids]
[--no-wait]

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--instance-ids

Space separated list of IDs (ex: 1 2 3 ...) or * for all instances. If not provided, the action will be applied on the scaleset itself.

--no-wait

Do not wait for the long running operation to finish.

az vmss scale

Change the number of VMs in an virtual machine scale set.

az vmss scale --name
--new-capacity
--resource-group
[--no-wait]

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--new-capacity

Number of virtual machines in a scale set.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--no-wait

Do not wait for the long running operation to finish.

az vmss show

Show scale set or its VM instance.

az vmss show --name
--resource-group
[--instance-id]

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--instance-id

VM instance id. If missing, show scale set.

az vmss start

Start virtual machines in a virtual machine scale set.

az vmss start --name
--resource-group
[--instance-ids]
[--no-wait]

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--instance-ids

Space separated list of IDs (ex: 1 2 3 ...) or * for all instances. If not provided, the action will be applied on the scaleset itself.

--no-wait

Do not wait for the long running operation to finish.

az vmss stop

Power off (stop) virtual machines in a virtual machine scale set.

az vmss stop --name
--resource-group
[--instance-ids]
[--no-wait]

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--instance-ids

Space separated list of IDs (ex: 1 2 3 ...) or * for all instances. If not provided, the action will be applied on the scaleset itself.

--no-wait

Do not wait for the long running operation to finish.

az vmss update

Update a virtual machine scale set.

az vmss update --name
--resource-group
[--add]
[--no-wait]
[--remove]
[--set]

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--add

Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty .

--no-wait

Do not wait for the long running operation to finish.

--remove

Remove a property or an element from a list. Example: --remove property.list OR --remove propertyToRemove.

--set

Update an object by specifying a property path and value to set. Example: --set property1.property2=.

az vmss update-instances

Upgrade virtual machines in a virtual machine scale set.

az vmss update-instances --instance-ids
--name
--resource-group
[--no-wait]

Required Parameters

--instance-ids

Space separated list of IDs (ex: 1 2 3 ...) or * for all instances.

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--no-wait

Do not wait for the long running operation to finish.

az vmss wait

Place the CLI in a waiting state until a condition of the scale set is met.

az vmss wait --name
--resource-group
[--created]
[--custom]
[--deleted]
[--exists]
[--interval]
[--timeout]
[--updated]

Required Parameters

--name -n

Scale set name. You can configure the default using az configure --defaults vmss=.

--resource-group -g

Name of resource group. You can configure the default group using az configure --defaults group=.

Optional Parameters

--created

Wait till created with 'provisioningState' at 'Succeeded'.

--custom

Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].

--deleted

Wait till deleted.

--exists

Wait till the resource exists.

--interval

Polling interval in seconds.

default value: 30
--timeout

Maximum wait in seconds.

default value: 3600
--updated

Wait till updated with provisioningState at 'Succeeded'.