In today’s lab we are able to look into how to manage virtual machines in Azure. Azure is a cloud platform provided by Microsoft. It is also thanks to Microsoft and CyberShujaa that I have been able to attempt this lab. You can also claim a free $100 Azure credit using your student account by following this link.
In this lab, we have been tasked with identifying different options for deploying and configuring Azure Virtual Machines. In order to do this, we must first understand the different compute, storage, resiliency and scalability options that work with Azure VMs. Since we will be trying to achieve resiliency and scalability, we will make use of Azure Virtual Machine Scale Sets. This resource allows the same image of a specific VM of our choice run multiple instances in different availability zones within a region. They will all have a front-end facing load balancer that can be configured. We will also explore the option of automatically configuring VMs and VM Scale Sets using the Azure VM Custom Script Extensions.
These lab files and instructions are all available at this link. This article covers Lab08 under AZ-104 labs. I will not be giving you the full list of instructions for this lab since it will make the article lengthy, but I will compensate for that using screenshots and explanations of the process.
Task 1: Deploying a Virtual machine on Azure
A virtual machine is a normal machine but running on top of existing hardware. A virtual machine relies on a hypervisor, which is a component on the host’s hardware that provides virtualization capabilities. There are two types of hypervisors: Type 1 runs on the bare metal hardware and acts as a lightweight operating system, Type 2 or hosted hypervisor runs as a software on the host’s operating system. Most of us will be familiar with Type 2 hypervisors. Examples of type 2 hypervisors are VirtualBox and VMWare.
When deploying a virtual machine on Azure, we configure its parameters first then pass it on to an orchestrator which then assigns the resources we require. The compute (CPUs) and disk storage are usually in separate networks due to the large volumes they deal with. The orchestrator is able to allocate us with a position in these network, tie them together and deploy ensure deployment of the virtual machine in the cloud provider’s datacenter. The inner workings of the cloud however is not within the scope of this article.
We will need to sign into the Azure portal and search for virtual machines. On the virtual machines page, click on create > Virtual machine. After which you will be greeted with the screen below.
On the Basics tab, specify the following parameters and leave the rest with default values. It helps to have a naming methodology when deploying VMs since it can help you keep track of the instances. Also ensure that you select the correct subscription and resource group. For this lab, we will be using the DS1_v2 storage since it is less costly, when deploying resources in a real-world scenario, we will need to take into consideration the loads our VMs will be handling despite there being an element of automated scaling in Azure.
Click Next : Disks > and specify these setting leaving the rest as default
Next we will need to create a virtual network as shown in the topology. This virtual network will be 10.80.0.0/20 and will require a subnet 10.80.0.0/24. Go to the networking tab and specify these settings under Create Virtual network
Specify the following settings in the networking tab
Click Next: Management > and, on the Management tab, set the Patch orchestration options to manual Updates and leave the rest as default.
Click Next: Monitoring > and, on the Monitoring tab specify these setting and leave the rest as default.
This is what is used to configure our boot storage. The default value picked for Diagnostics storage account might cause an issue since it is an autogenerated value and could be taken by another user running a similar lab. This error will usually show up when Azure performs a validation check on the configuration. If this error occurs, go to the Monitoring pane and change the name of the Diagnostics storage account by a few letters or numbers.
Note: If necessary, select an existing storage account in the dropdown list or create a new storage account. Record the name of the storage account. You will use it in the next task.
Click Next: Advanced >, on the Advanced tab of the Create a virtual machine blade, review the available settings without modifying any of them, and click Review + Create. Then click on Create and wait for the deployment to complete.
On the deployment page, you will see an option on the sidebar reading Templates. Templates are JSON files that are a representation of the settings of the VM we just deployed on Azure. A template is an easier way to perfrom multiple deplyoments of the same type.
Review the template and click on Deploy. This should take you to a custom deplyoment pane. In this pane edit the following settings and leave the rest unchanged.
Note: Ensure you take note of the passwords you set for these virtual machines. It is best practice to set complex password for these machines since they are public facing, i.e. they are visible on the internet as we will see as we progress through this lab.
Review and Create this configuration then Create the VM. Wait for the deployment to complete. Once complete, you will be able to see the VMS listed under virtual machines in the Azure Portal > Virtual Machines pane.
Task 2: Configure Virtual machines using VM Extensions
Imagine a scenario where you have to deploy an application on a VM and have to log into that VM via Remote Desktop and perform the installation of say IIS web server role. This seems tedious. Azure allows us to run custom scripts on the virtual machine by installing an extension. This script can run a shell that can be used to configure the device.
Search for Storage Accounts in azure and then select the storage account created in the previous step for the virtual machine diagnostics account. Then click on Containers under Data Storage from the left pane. Add a container with these settings.
Note: Be careful when allowing access to cloud resources. You might allow access to resources to attackers without your knowledge.
In the scripts container we just created, upload a file found in the downloaded resources for this lab. The link was provided at the beginning of this article. Upload the file: \Allfiles\Labs\08\az104–08-install_IIS.ps1.
Go back to your virtual machines pane and click on az104–08-vm0. Under the settings section in the left pane, click on extensions and add an extension. Search for Custom Script Extension and click next after selecting it. Configure the VM using this extension by clicking browse in the next window and navigate to the scripts folder we created and and select the file we uploaded. After this click on Create.
We can also use a template to Deploy a custom IIS webserver role on a virtual machine. We will do this on the other VM that we have created. Navigate to this VM and go to the automation section. Here click on Export template then Deploy. On the deployment page, click Edit Template. Paste the below code below line 20 of the visible code.
{
“type”: “Microsoft.Compute/virtualMachines/extensions”,
“name”: “az104–08-vm1/customScriptExtension”,
“apiVersion”: “2018–06–01”,
“location”: “[resourceGroup().location]”,
“dependsOn”: [
“az104–08-vm1”
],
“properties”: {
“publisher”: “Microsoft.Compute”,
“type”: “CustomScriptExtension”,
“typeHandlerVersion”: “1.7”,
“autoUpgradeMinorVersion”: true,
“settings”: {
“commandToExecute”: “powershell.exe Install-WindowsFeature -name Web-Server -IncludeManagementTools && powershell.exe remove-item ‘C:\\inetpub\\wwwroot\\iisstart.htm’ && powershell.exe Add-Content -Path ‘C:\\inetpub\\wwwroot\\iisstart.htm’ -Value $(‘Hello World from ‘ + $env:computername)”
}
}
},
There is a high chance that copying this code from this article will cause errors. I advise using the lab document published by Microsoft.
Click on Save. Then click on Review + create on the custom deployment page. Then click on create to deploy the role within the VM.
Since we are able to run custom scripts on our VM, we can send a web request from the command line from one server to another. Navigate to the Virtual Machines pane and click on the vm0. Go to the Operation pane of the VM from the left side nav-list and click Run Command > RunPowerShellScript. Run the script below which sends a web request to the IIS server on vm1. The IP addresses of the VMs can be found on the overview pane of the VM.
Invoke-WebRequest -URI http://10.80.0.4 -UseBasicParsing
Task 3: Scaling Compute and Storage for VMs
Once a VM has been deployed, there is no guarantee that the demand or load on it will remain constant. We might need to make changes to it in order to support the load. This is done by increasing compute and storage for the device, i.e., CPU and disk storage. This is what is referred to as vertical scaling.
In the Azure portal, search for and select Virtual machines and, on the Virtual machines blade, click az104–08-vm0. Click Size and set the virtual machine size to Standard DS1_v2 and click Resize.
Note: The VMs we deployed were configured to use Standard DS1_v2. We can however, see the different available configurations. We will not be picking from any of these.
If you need to change the disk size, on the az104–08-vm0 virtual machine blade, click Disks, Under Data disks click + Create and attach a new disk. Create a managed disk with the following settings:
Back on the az104–08-vm0 — Disks blade, Under Data disks click + Create and attach a new disk. Create a managed disk with the following settings (leave others with their default values) and Save changes:
Run the following command from Virtual machine > Operations > Run command > RunPowerShellScript:
a. New-StoragePool -FriendlyName storagepool1 -StorageSubsystemFriendlyName “Windows Storage*” -PhysicalDisks (Get-PhysicalDisk -CanPool $true)
b. New-VirtualDisk -StoragePoolFriendlyName storagepool1 -FriendlyName virtualdisk1 -Size 2046GB -ResiliencySettingName Simple -ProvisioningType Fixed
c. Initialize-Disk -VirtualDisk (Get-VirtualDisk -FriendlyName virtualdisk1)
d. New-Partition -DiskNumber 4 -UseMaximumSize -DriveLetter Z
These commands will attach the two newly created disks to a drive Z on vm0. You can also add storage to a VM using a template. This is shown in the Microsoft Lab 08 instructions.
Task 4: Register the Microsoft.Insights and Microsoft.Alertmanagement resource providers
Open the Cloud Shell using the icon to the right of the search bar in Azure. When prompted select PowerShell and set up a storage account under the subscription used for this lab. Run the following commands:
a. Register-AzResourceProvider -ProviderNamespace Microsoft.Insights
b. Register-AzResourceProvider -ProviderNamespace Microsoft.AlertsManagement
Task 5: Deploy zone-resilient Azure Virtual machine scale sets
A virtual machine scale set is a service provided by Azure that allows for the number of instances of a VM to increase based on the amount of traffic. This is horizontal scaling and it helps when an organization is experiencing a spike in usage. Azure will auto-provision new VMs to a certain set limit when traffic goes above a certain set limit.
Search for and select Virtual machine scale sets and, on the Virtual machine scale sets blade, click + Add (or + Create). On the Basics tab of the Create a virtual machine scale set blade, specify the following settings (leave others with their default values) and click Next : Disks >:
Click Next: networking from the Disks tab. On the Networking tab of the Create a virtual machine scale set blade, click the Create virtual network link below the Virtual network textbox and create a new virtual network with the following settings (leave others with their default values):
Back on the Networking tab of the Create a virtual machine scale set blade, click the Edit network interface icon to the right of the network interface entry. On the Edit network interface blade, in the NIC network security group section, click Advanced and click Create new under the Configure network security group drop-down list. On the Create network security group blade, specify the following settings (leave others with their default values): Name: az10408vmss0-nsg
Add an inbound rule and add an inbound security rule with the following settings (leave others with their default values). This limits the connections that can access the machines. Then click add and then ok.
On the Edit network interface blade, in the Public IP address section, click Enabled and click OK. Back on the Networking tab of the Create a virtual machine scale set blade, under the Load balancing section, ensure that the Use a load balancer entry is selected and specify the following Load balancing settings (leave others with their default values) and click Next: Scaling >:
On the Scaling tab of the Create a virtual machine scale set blade, specify the following settings (leave others with their default values) and click Next : Management >: On the Management tab of the Create a virtual machine scale set blade, specify the following settings (leave others with their default values):
Skip the Health tab. Click Advanced. On the Advanced tab of the Create a virtual machine scale set blade, specify the following settings (leave others with their default values) and click Review + create.
Spreading algorithm: Fixed spreading
On the Review + create tab of the Create a virtual machine scale set blade, ensure that the validation passed and click Create. Wait for the deployment to complete. This should take about 5 minutes.
Task 6: Configure Azure VM Scale Sets using VM Extensions
In the Azure portal, search for and select Storage accounts and, on the Storage accounts blade, click the entry representing the diagnostics storage account you created in the previous task. On the storage account blade, in the Data Storage section, click Containers and then click + Container. On the New container blade, specify the following settings (leave others with their default values) and click Create:
Back on the storage account blade displaying the list of containers, click scripts. On the scripts blade, click Upload. On the Upload blob blade, click the folder icon, in the Open dialog box, navigate to the \Allfiles\Labs\08 folder, select az104–08-install_IIS.ps1, click Open, and back on the Upload blob blade, click Upload. In the Azure portal, navigate back to the Virtual machine scale sets blade and click az10408vmss0. On the az10408vmss0 blade, in the Settings section, click Extensions, and the click + Add. On the New resource blade, click Custom Script Extension and then click Next.
From the Install extension blade, Browse to and Select the az104–08-install_IIS.ps1 script that was uploaded to the scripts container in the storage account earlier in this task, and then click Create.
Note: Wait for the installation of the extension to complete before proceeding.
In the Settings section of the az10408vmss0 blade, click Instances, select the checkboxes next to the two instances of the virtual machine scale set, click Upgrade, and then, when prompted for confirmation, click Yes.
In the Azure portal, search for and select Load balancers and, in the list of load balancers, click az10408vmss0-lb. On the az10408vmss0-lb blade, note the value of the Public IP address assigned to the frontend of the load balancer, open a new browser tab, and navigate to that IP address. Ensure that the updates on the instances of the VM scale set is complete before accessing the machines via the public IP. As I was saying earlier, your VMs are accessible via public IP on the internet. This is why it is extremely important to use secure passwords.
Task 7: Scale compute and storage for Azure VM Scale Sets
In the Azure portal, search for and select Virtual machine scale sets and select the az10408vmss0 scale set. Click Size. In the list of available sizes, select Standard DS1_v2 and click Resize. In the Settings section, click Instances, select the checkboxes next to the two instances of the virtual machine scale set, click Upgrade, and then, when prompted for confirmation, click Yes. In the list of instances, click the entry representing the first instance and, on the scale set instance blade, note its Location (it should be one of the zones in the target Azure region into which you deployed the Azure virtual machine scale set). Return to the az10408vmss0 — Instances blade, click the entry representing the second instance and, on the scale set instance blade, note its Location (it should be one of the other two zones in the target Azure region into which you deployed the Azure virtual machine scale set).Return to the az10408vmss0 — Instances blade, and in the Settings section, click Scaling.
On the az10408vmss0 — Scaling blade, select the Custom autoscale option and configure autoscale with the following settings (leave others with their default values):
Scale Mode: Scale based on a metric
Click the + Add a rule link and, on the Scale rule blade, specify the following settings (leave others with their default values):
Note: Obviously these values do not represent a realistic configuration, since their purpose is to trigger autoscaling as soon as possible, without extended wait period.
Click Add and, back on the az10408vmss0 — Scaling blade, specify the following settings (leave others with their default values):
Click Save.
In the Azure portal, open the Azure Cloud Shell by clicking on the icon in the top right of the Azure Portal. If prompted to select either Bash or PowerShell, select PowerShell. From the Cloud Shell pane, run the following to identify the public IP address of the load balancer in front of the Azure virtual machine scale set az10408vmss0.
a. $rgName = 'az104-08-rg02'
b. $lbpipName = 'az10408vmss0-ip'
c. $pip = (Get-AzPublicIpAddress -ResourceGroupName $rgName -Name $lbpipName).IpAddress
From the Cloud Shell pane, run the following to start an infinite loop that sends the HTTP requests to the web sites hosted on the instances of Azure virtual machine scale set az10408vmss0.
while ($true) { Invoke-WebRequest -Uri "http://$pip" }
Minimize the Cloud Shell pane but do not close it, switch back to the az10408vmss0 - Instances blade and monitor the number of instances. Wait a few moments and then click on Refresh. Once the third instance is provisioned, navigate to its blade to determine its Location (it should be different than the first two zones you identified earlier in this task. Close Cloud Shell pane.
In this lab we have learnt how to deploy Virtual machines on Azure using the GUI and custom templates, methods of running custom scripts to install services on VMs, scaling VMs manually and using Virtual machine Scale sets and automated scaling based on traffic.
