快速入門:使用 PowerShell 在 Azure 中建立 Linux 虛擬機器Quickstart: Create a Linux virtual machine in Azure with PowerShell

Azure PowerShell 模組用於從 PowerShell 命令列或在指令碼中建立和管理 Azure 資源。The Azure PowerShell module is used to create and manage Azure resources from the PowerShell command line or in scripts. 本快速入門說明如何使用 Azure PowerShell 模組,在 Azure 中部署 Linux 虛擬機器 (VM)。This quickstart shows you how to use the Azure PowerShell module to deploy a Linux virtual machine (VM) in Azure. 本快速入門會從 Canonical 使用 Ubuntu 16.04 LTS 市集映像。This quickstart uses the Ubuntu 16.04 LTS marketplace image from Canonical. 為了查看作用中的 VM,您還會以 SSH 連線至 VM,並安裝 NGINX 網頁伺服器。To see your VM in action, you'll also SSH to the VM and install the NGINX web server.

如果您沒有 Azure 訂用帳戶,請在開始前建立免費帳戶If you don't have an Azure subscription, create a free account before you begin.

啟動 Azure Cloud ShellLaunch Azure Cloud Shell

Azure Cloud Shell 是免費的互動式 Shell,可讓您用來執行本文中的步驟。The Azure Cloud Shell is a free interactive shell that you can use to run the steps in this article. 它具有預先安裝和設定的共用 Azure 工具,可與您的帳戶搭配使用。It has common Azure tools preinstalled and configured to use with your account.

若要開啟 Cloud Shell,只要選取程式碼區塊右上角的 [試試看] 即可。To open the Cloud Shell, just select Try it from the upper right corner of a code block. 選取 [複製] 即可複製程式碼區塊,將它貼到 Cloud Shell 中,然後按 enter 鍵加以執行。Select Copy to copy the blocks of code, paste it into the Cloud Shell, and press enter to run it.

建立 SSH 金鑰組Create SSH key pair

您必須要有 SSH 金鑰組,才能完成本快速入門的操作。You need an SSH key pair to complete this quickstart. 如果您已經擁有 SSH 金鑰組,則可略過此步驟。If you already have an SSH key pair, you can skip this step.

開啟 Bash 殼層,然後使用 ssh-keygen 來建立 SSH 金鑰組。Open a bash shell and use ssh-keygen to create an SSH key pair. 如果本機電腦上沒有 Bash 殼層,則可以使用 Azure Cloud ShellIf you don't have a bash shell on your local computer, you can use the Azure Cloud Shell.

ssh-keygen -t rsa -b 2048

如需如何建立 SSH 金鑰的詳細資訊 (包括 PuTTy 的用法),請參閱對 Windows 使用 SSH 金鑰For more detailed information on how to create SSH key pairs, including the use of PuTTy, see How to use SSH keys with Windows.

如果您使用 Cloud Shell 建立 SSH 金鑰組,該金鑰組會儲存在容器映像中,而這映像會位在 Cloud Shell 所自動建立的儲存體帳戶內。If you create your SSH key pair using the Cloud Shell, it will be stored in a container image in a storage account that is automatically created by Cloud Shell. 在擷取到金鑰前請勿刪除儲存體帳戶或其中的檔案共用,否則會無法存取 VM。Don't delete the storage account, or the files share within it, until after you have retrieved your keys or you will lose access to the VM.

建立資源群組Create a resource group

使用 New-AzResourceGroup 來建立 Azure 資源群組。Create an Azure resource group with New-AzResourceGroup. 資源群組是在其中部署與管理 Azure 資源的邏輯容器:A resource group is a logical container into which Azure resources are deployed and managed:

New-AzResourceGroup -Name "myResourceGroup" -Location "EastUS"

建立虛擬網路資源Create virtual network resources

建立虛擬網路、子網路和公用 IP 位址。Create a virtual network, subnet, and a public IP address. 這些資源可用來提供 VM 的網路連線能力,並可將它連線到網際網路:These resources are used to provide network connectivity to the VM and connect it to the internet:

# Create a subnet configuration
$subnetConfig = New-AzVirtualNetworkSubnetConfig `
  -Name "mySubnet" `
  -AddressPrefix 192.168.1.0/24

# Create a virtual network
$vnet = New-AzVirtualNetwork `
  -ResourceGroupName "myResourceGroup" `
  -Location "EastUS" `
  -Name "myVNET" `
  -AddressPrefix 192.168.0.0/16 `
  -Subnet $subnetConfig

# Create a public IP address and specify a DNS name
$pip = New-AzPublicIpAddress `
  -ResourceGroupName "myResourceGroup" `
  -Location "EastUS" `
  -AllocationMethod Static `
  -IdleTimeoutInMinutes 4 `
  -Name "mypublicdns$(Get-Random)"

建立 Azure 網路安全性群組及流量規則。Create an Azure Network Security Group and traffic rule. 網路安全性群組可使用輸入和輸出規則來保護 VM。The Network Security Group secures the VM with inbound and outbound rules. 下列範例會針對允許 SSH 連線的 TCP 通訊埠 22 建立輸入規則。In the following example, an inbound rule is created for TCP port 22 that allows SSH connections. 為了允許傳入的網路流量,還會針對 TCP 通訊埠 80 建立輸入規則。To allow incoming web traffic, an inbound rule for TCP port 80 is also created.

# Create an inbound network security group rule for port 22
$nsgRuleSSH = New-AzNetworkSecurityRuleConfig `
  -Name "myNetworkSecurityGroupRuleSSH"  `
  -Protocol "Tcp" `
  -Direction "Inbound" `
  -Priority 1000 `
  -SourceAddressPrefix * `
  -SourcePortRange * `
  -DestinationAddressPrefix * `
  -DestinationPortRange 22 `
  -Access "Allow"

# Create an inbound network security group rule for port 80
$nsgRuleWeb = New-AzNetworkSecurityRuleConfig `
  -Name "myNetworkSecurityGroupRuleWWW"  `
  -Protocol "Tcp" `
  -Direction "Inbound" `
  -Priority 1001 `
  -SourceAddressPrefix * `
  -SourcePortRange * `
  -DestinationAddressPrefix * `
  -DestinationPortRange 80 `
  -Access "Allow"

# Create a network security group
$nsg = New-AzNetworkSecurityGroup `
  -ResourceGroupName "myResourceGroup" `
  -Location "EastUS" `
  -Name "myNetworkSecurityGroup" `
  -SecurityRules $nsgRuleSSH,$nsgRuleWeb

使用 New-AzNetworkInterface 建立虛擬網路介面卡 (NIC)。Create a virtual network interface card (NIC) with New-AzNetworkInterface. 虛擬 NIC 會將 VM 連線至子網路、網路安全性群組和公用 IP 位址。The virtual NIC connects the VM to a subnet, Network Security Group, and public IP address.

# Create a virtual network card and associate with public IP address and NSG
$nic = New-AzNetworkInterface `
  -Name "myNic" `
  -ResourceGroupName "myResourceGroup" `
  -Location "EastUS" `
  -SubnetId $vnet.Subnets[0].Id `
  -PublicIpAddressId $pip.Id `
  -NetworkSecurityGroupId $nsg.Id

建立虛擬機器Create a virtual machine

若要在 PowerShell 中建立 VM,您可以建立具有以下設定的組態:要使用的映像、大小和驗證選項等。To create a VM in PowerShell, you create a configuration that has settings like the image to use, size, and authentication options. 然後使用此組態來建置 VM。Then the configuration is used to build the VM.

定義 SSH 認證、OS 資訊與 VM 大小。Define the SSH credentials, OS information, and VM size. 在此範例中,SSH 金鑰會儲存在 ~/.ssh/id_rsa.pubIn this example, the SSH key is stored in ~/.ssh/id_rsa.pub.

# Define a credential object
$securePassword = ConvertTo-SecureString ' ' -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential ("azureuser", $securePassword)

# Create a virtual machine configuration
$vmConfig = New-AzVMConfig `
  -VMName "myVM" `
  -VMSize "Standard_D1" | `
Set-AzVMOperatingSystem `
  -Linux `
  -ComputerName "myVM" `
  -Credential $cred `
  -DisablePasswordAuthentication | `
Set-AzVMSourceImage `
  -PublisherName "Canonical" `
  -Offer "UbuntuServer" `
  -Skus "16.04-LTS" `
  -Version "latest" | `
Add-AzVMNetworkInterface `
  -Id $nic.Id

# Configure the SSH key
$sshPublicKey = cat ~/.ssh/id_rsa.pub
Add-AzVMSshPublicKey `
  -VM $vmconfig `
  -KeyData $sshPublicKey `
  -Path "/home/azureuser/.ssh/authorized_keys"

現在,使用 New-AzVM 合併上述要建立的組態定義:Now, combine the previous configuration definitions to create with New-AzVM:

New-AzVM `
  -ResourceGroupName "myResourceGroup" `
  -Location eastus -VM $vmConfig

可能需要幾分鐘的時間才能部署好 VM。It will take a few minutes for your VM to be deployed. 部署完成時,請前往下一節。When the deployment is finished, move on to the next section.

連接至 VMConnect to the VM

使用公用 IP 位址對 VM 建立 SSH 連線。Create an SSH connection with the VM using the public IP address. 若要查看 VM 的公用 IP 位址,請使用 Get-AzPublicIpAddress Cmdlet:To see the public IP address of the VM, use the Get-AzPublicIpAddress cmdlet:

Get-AzPublicIpAddress -ResourceGroupName "myResourceGroup" | Select "IpAddress"

使用和您建立 SSH 金鑰組時所用的同一個 Bash 殼層 (例如 Azure Cloud Shell 或本機 Bash 殼層),將 SSH 連線命令貼到殼層中,以建立 SSH 工作階段。Using the same bash shell you used to create your SSH key pair (like the Azure Cloud Shell or your local bash shell) paste the SSH connection command into the shell to create an SSH session.

ssh azureuser@10.111.12.123

出現提示時,登入使用者名稱為 azureuser 。When prompted, the login user name is azureuser. 如果 SSH 金鑰搭配使用複雜密碼,則需要在提示時輸入該複雜密碼。If a passphrase is used with your SSH keys, you need to enter that when prompted.

安裝 NGINXInstall NGINX

若要查看作用中的 VM,請安裝 NGINX 網頁伺服器。To see your VM in action, install the NGINX web server. 從 SSH 工作階段更新套件來源,然後安裝最新的 NGINX 套件。From your SSH session, update your package sources and then install the latest NGINX package.

sudo apt-get -y update
sudo apt-get -y install nginx

完成時,輸入 exit 來離開 SSH 工作階段。When done, type exit to leave the SSH session.

檢視作用中的網頁伺服器View the web server in action

使用所選的網頁瀏覽器來查看預設 NGINX 歡迎使用頁面。Use a web browser of your choice to view the default NGINX welcome page. 輸入 VM 的公用 IP 位址作為網址。Enter the public IP address of the VM as the web address. 您可以在 VM 的 [概觀] 頁面找到公用 IP 位址,也可以在您稍早使用的 SSH 連接字串中找到。The public IP address can be found on the VM overview page or as part of the SSH connection string you used earlier.

NGINX 預設的歡迎頁面

清除資源Clean up resources

當不再需要時,您可以使用 Remove-AzResourceGroup 命令來移除資源群組、VM 及所有相關資源:When no longer needed, you can use the Remove-AzResourceGroup cmdlet to remove the resource group, VM, and all related resources:

Remove-AzResourceGroup -Name "myResourceGroup"

後續步驟Next steps

在此快速入門中,您已部署簡單的虛擬機器、建立網路安全性群組和規則,並已安裝基本的 Web 伺服器。In this quickstart, you deployed a simple virtual machine, created a Network Security Group and rule, and installed a basic web server. 若要深入了解 Azure 虛擬機器,請繼續 Linux VM 的教學課程。To learn more about Azure virtual machines, continue to the tutorial for Linux VMs.