In November 2015, Microsoft has released for everyone the new Azure portal based on Resource Manager (ARM). Resource Manager is a new way to deploy and manage resources in Azure. Deployed resources will be arranged in resource groups to ease the lifecycle of the application and the resources in the same resource group. Thanks to ARM, we can deploy applications, and update them by using declarative model as JSON. To finish, ARM brings RBAC (Role-Based Access Control) in native mode.
In this topic, I’ll talk about Azure IaaS and how to deploy a first virtual machine in ARM from scratch. I’ll show you how to deploy resources by using GUI or PowerShell. Covered features will be:
- Resource group
- Storage account
- Virtual Network
- Azure VMs
Install Azure RM PowerShell module
To install the PowerShell module and to manage resource by using ARM, you have to download and install the module. By using PowerShell v5, you can run the below commands:
# Install the Azure Resource Manager modules from the PowerShell Gallery Install-Module AzureRM Install-AzureRM # Import AzureRM modules for the given version manifest in the AzureRM module Import-AzureRM
Logon to Azure Portal and select the subscription
To logon to the Azure Portal by using the web browser, you can browse to https://portal.azure.com. By using PowerShell, you can run the below command:
Add-AzureRMAccount
If like me, you have multiple subscriptions associated to your tenant, you have to select the right one. If you use the web browser, you can select the subscription by clicking on your name on top right.
In PowerShell, you have to use this cmdlet:
Select-AzureRMSubscription
But before running this command you need to get the subscription id by using Get-AzureRMSubscription:
Once you have the subscription ID you can use the Select-AzureRMSubscription as below:
Create the resource group
All resources that I will create will belong to the same resource group. This resource group will contain the storage account, the virtual network and the Azure VMs (and its NICs).
To create the resource group by using the GUI, click on resource groups and select add. Then give a name to your resource group and chose the location.
By using PowerShell, you have just to run the below command:
New-AzureRmResourceGroup -Name MyRG -Location "West Europe"
Now I have my resource group which is ready.
Create the storage account
To have more information about how works storage account, you can read this topic.
To create a Storage Account by using the GUI, just select new Data + Storage and select Storage account.
Then give a name (lower case, no special char) to your storage account and choose the storage account type. Then select the resource group that you have previously created.
To create the same storage account by using PowerShell, you can run the below command:
New-AzureRmStorageAccount -ResourceGroupName MyRG ` -Name stoaccountlab ` -Type Standard_LRS ` -Location "West Europe"
Then your storage account is created:
Create the virtual network
The virtual network is required to connect Azure VM to the network. The virtual network is an address space (as 10.0.0.0/8) that have to be split in the subnet. Then Azure VM will belong to a subnet.
To create the virtual network, just click on New, Networking, Virtual Network and create.
Then give a name to the virtual network, specify the address space, the subnet name and its address range. Select the resource group that you have previously created and select the location.
New-AzureRmVirtualNetwork -Name MyNetwork -ResourceGroupName MyRG -Location "West Europe" -AddressPrefix 192.168.0.0/16 $VirtualNetwork = Get-AzureRmVirtualNetwork -Name MyNetwork -ResourceGroupName MyRG Add-AzureRmVirtualNetworkSubnetConfig -Name Internal -VirtualNetwork $VirtualNetwork -AddressPrefix 192.168.0.0/24 Set-AzureRmVirtualNetwork -VirtualNetwork $VirtualNetwork
You can see the subnets in the virtual network, you can click on settings and select subnets. You can add more subnets by clicking on Add.
Create the Azure VM in Resource Manager
In this example I will create a Windows Server 2012R2 Azure VM. Its virtual disk will be stored in the storage account that we have created and connected in the above subnet. To create the VM, just click on New, Compute and select the Windows Server 2012 R2 Datacenter image.
Then specify the basic settings of the VM as its name, a username and password. Specify also the resource group that we have created previously.
Next chose the size of the VM and click ok.
To finish, specify the storage account, the virtual network and the subnet. The public IP is required if you need to access to your VM from an IP address. The network security group enable you to deploy filter as a firewall.
Once you have finished to set your VM, you can jump to summary section and click on OK to launch the VM creation.
You can do the same thing by using PowerShell but it is a little bit more complex than previous PowerShell operations.
# Set values for existing resource group and storage account names $rgName="MyRG" $locName="West Europe" $saName="stoaccountlab" # Ask for VM credential $cred=Get-Credential -Message "Type the name and password of the local administrator account." # Set the existing virtual network and subnet index $vnetName="MyNetwork" $subnetIndex=0 $vnet=Get-AzureRMVirtualNetwork -Name $vnetName -ResourceGroupName $rgName # Create the NIC. $nicName="VM01-NIC" $pip=New-AzureRmPublicIpAddress -Name $nicName -ResourceGroupName $rgName -Location $locName -AllocationMethod Dynamic $nic=New-AzureRmNetworkInterface -Name $nicName -ResourceGroupName $rgName -Location $locName -SubnetId $vnet.Subnets[$subnetIndex].Id -PublicIpAddressId $pip.Id # Specify the name, size, and existing availability set $vmName="VM01" $vmSize="Basic_A1" $vm=New-AzureRmVMConfig -VMName $vmName -VMSize $vmSize # Specify the image and local administrator account, and then add the NIC $pubName="MicrosoftWindowsServer" $offerName="WindowsServer" $skuName="2012-R2-Datacenter" $vm=Set-AzureRmVMOperatingSystem -VM $vm -Windows -ComputerName $vmName -Credential $cred -ProvisionVMAgent -EnableAutoUpdate $vm=Set-AzureRmVMSourceImage -VM $vm -PublisherName $pubName -Offer $offerName -Skus $skuName -Version "latest" $vm=Add-AzureRmVMNetworkInterface -VM $vm -Id $nic.Id # Specify the OS disk name and create the VM $diskName="OSDisk" $storageAcc=Get-AzureRmStorageAccount -ResourceGroupName $rgName -Name $saName $osDiskUri=$storageAcc.PrimaryEndpoints.Blob.ToString() + "vhds/" + $vmName + $diskName + ".vhd" $vm=Set-AzureRmVMOSDisk -VM $vm -Name $diskName -VhdUri $osDiskUri -CreateOption fromImage New-AzureRmVM -ResourceGroupName $rgName -Location $locName -VM $vm
Once the script has run, the VM is created with a public IP and a private IP. This VM belongs to MyRG resource group.
And as you can see, all resources that I have created previously are in MyRG resource group.
Conclusion
I think the new Azure deployment model is more flexible than the old. First, Cloud Services are not required anymore for IaaS and it is a great thing. Secondly the resource group are great to manage the lifecycle of an application because you can update resources without impact on other application in others resource groups. Thirdly you can use a JSON to deploy consistently on AzureStack and Microsoft Azure. To finish, cmdlets are the same than the old deployment model except that the commands contain RM (ex: Get-AzureRMVM). So why not move to the new deployment model? J