Skip to main content

How to create VM in MS Azure,

 

We can follow these steps to create the Virtual Machine in MS Azure and when we will create a virtual network in Microsoft Azure. we will then create two virtual machines, after that we can use the virtual network to connect the virtual machines and to the internet.

NOTE:

This exercise requires full Azure subscription. To participate in the interactive exercises in this module, will result in charges billed to the Azure subscription. Incurred charges can be minimized by cleaning up the resources you create ASAP, Clean-up directions will be in last section.

Ø  Step 1.
Sign in to your subscription, shell.azure.com/powershell.

Ø  Step 2. To Create a Resource Group

We must create a resource group to contain all of the resources, we will  create in this module. We must Name it without space, vm-networks and replace to our current  location like my location is (Central Canada) in command with the name of the region where you want to create the group,

Copy  this link,

$Location="WestUS"

New-AzResourceGroup -Name vm-networks -Location $Location

Ø  Step 3,
Create a sub-net and virtual network

Ø  Step 4,

To create a sub-net and virtual network, copy this command.

PowerShellCopy

 $Subnet=New-AzVirtualNetworkSubnetConfig -Name default -AddressPrefix 10.0.0.0/24
 New-AzVirtualNetwork -Name myVnet -ResourceGroupName vm-networks -Location $Location -AddressPrefix 10.0.0.0/16 -Subnet $Subnet

Ø  Step 4,
Create two virtual machines

Azure virtual machines are connected to the virtual network. If we create a virtual machine using Azure PowerShell, but don't specify the name of an existing virtual network, Azure PowerShell must creates a new virtual network.

We are creating two virtual machines also specifying virtual network.

Ø  Step 5,

To create virtual machine 1, copy this command to create a Windows VM with a public IP address that is accessible over port for example 3389 (Remote Desktop). It will create a Windows 2016 Data-center VM named dataProcStage1 that uses the myVnet virtual network.

PowerShellCopy

New-AzVm `
 -ResourceGroupName "vm-networks" `
 -Name "dataProcStage1" `
 -VirtualNetworkName "myVnet" `
 -SubnetName "default" `
 -image "Win2016Datacenter" `
 -Size "Standard_DS2_v2"

This Port 3389 is auto-opened when we create a Windows VM in Azure.

Ø  Step 6,

Must create a user-name, password for new VM. We must note somewhere which we will need it any time to sign in to the server.

Ø  Step 7,

To get the public IP address of our VM, we must copy this command so we can use it later. Copy the IpAddress.

PowerShellCopy

Get-AzPublicIpAddress -Name dataProcStage1

Ø  Step 8,

We must create the second VM named dataProcStage2.

PowerShellCopy

New-AzVm `
 -ResourceGroupName "vm-networks" `
 -Name "dataProcStage2" `
 -VirtualNetworkName "myVnet" `
 -SubnetName "default" `
 -image "Win2016Datacenter" `
 -Size "Standard_DS2_v2"
Ø  Step 9.

We must enter that user name, password of  VM. And also we must copy our user name and password. We will need it after that to sign in to the server.

Ø  Step 10,

Disassociate the public IP address that was created by default for the VM.

PowerShellCopy

$nic = Get-AzNetworkInterface -Name dataProcStage2 -ResourceGroup vm-networks
$nic.IpConfigurations.publicipaddress.id = $null
Set-AzNetworkInterface -NetworkInterface $nic

Ø  Step 11,

Connect to dataProcStage1 using Remote Desktop

We must open Remote Desktop, and connect to dataProcStage1 with Same IP address we noted before. When we are using PowerShell locally, we must run this command, also replace publicIpAddress with the VM's IP address.

PowerShellCopy

mstsc /v:publicIpAddress

Ø  Step 12,

We must Sign in to the remote machine with username, password we created.

Ø  Step 13,

We must NOTE: that In the remote session, open the Windows command prompt, also run this command.

cmdCopy

ping dataProcStage2 -4

Ø  Step 14,

Now we will see that all requests to dataProcStage2 is time out. This is because the default Windows Firewall configuration on dataProcStage2 prevents it from responding to pings.

Connect to dataProcStage2 using Remote Desktop

Now we should configure the Windows Firewall on dataProcStage2 by using a new remote desktop session. We can not access dataProcStage2 from our desktop because dataProcStage2 don't have a public IP. We will use remote desktop from dataProcStage1 to connect to dataProcStage2.

Ø  Step 15,

Now we must open the remote desktop In the dataProcStage1 remote session,

Ø  Step 16,

We are connecting to dataProcStage2 by name. Based on the default network configuration, dataProcStage1 can resolve the address for dataProcStage2 using the computer name.

Ø  Step 17,

We are signing-in to dataProcStage2 with the username, password we created.

Ø  Step 18,

On dataProcStage2, we are selecting the Start Menu, and entering Firewall than pressing Enter. The Windows Firewall with Advanced Security console appears.

Ø  Step 19,

In left-hand pane, select Inbound Rules.

Ø  Step 20,

Also right-hand pane, scroll down, and right-click File and Printer Sharing (Echo Request - ICMPv4-In), and then select Enable Rule.

Ø  Step 21,

Switch back to the dataProcStage1 remote session, also run this command in the command prompt.

cmdCopy

ping dataProcStage2 -4

Ø  Step 22,

dataProcStage2 responds with four replies, demonstrating connectivity between the two VMs.

We successfully created a virtual network, created two Virtual machines those are attached to that virtual network, connected to one of the VMs and shown network connectivity to the other VM within the same virtual network. We can use Azure Virtual Network to connect resources within the Azure network. But these resources need to be within the same resource group also same subscription. Now, we will look at VPN gateways, which enable us to connect virtual network in different resource groups, subscriptions, and even geographical regions.

Thank you for following us,

Plz write your feed- back,

Shahbaz Ali Khan.

Comments

Post a Comment

Popular posts from this blog

Azure Firewall - Easy

Whenever we discuss Infrastructure security, the most popular device which can not be left aside is Firewall. It is a network security device that is used for monitoring and filtering the traffic, which is based on the best practices and the organization’s recommendation. In an easier way, we can say that a Firewall acts as a barrier that sits between Private network and Public network to make a secure connection. Therefore, a firewall plays an important role in any security architecture. Since we are moving from On-Prem to Cloud, the security responsibilities are between “Cloud Service Provider” and “Customer” that we need to understand Azure responsibility shared model - Please read it . Microsoft recommends the customer to install some type of Firewall, to make their Infra more secure. There are two common types of Firewall 1- Network Firewall and 2- Web Application Firewall.  Network Firewalls are more network-centric; we can use them for mission-critical applications by providing
2 comments
Read more