Create a VM in Azure IaaS with PowerShell

Posted on by

Hello,

Yesterday we say how to install and connect to Azure from PowerShell.Create a VM in Azure is not like create an Hyper-V VM. Indeed, you need to specify far more parameters, and use severals cmdlets to build a shiny new Azure VM.

First, you need to choose the operating system, today, we’ll use a image from the Azure gallery : (Windows Server 2012 R2 Datacenter in our case)

$Image = Get-AzureVMImage | Where-Object { $_.ImageFamily -eq 'Windows Server 2012 R2 Datacenter' } | Sort-Object PublishedDate -Descending | Select-Object -ExpandProperty ImageName -First 1

You can check all 144 family available with :

Get-AzureVMImage | Select-Object -ExpandProperty ImageFamily -Unique

You can see all the instance size available :

Get-Help New-AzureVMConfig -Parameter InstanceSize

Azure-IaaS-PowerShell-3

Then, we need to create a configuration for our Azure VM to be :

$VMConfig = New-AzureVMConfig -ImageName $image -InstanceSize Medium -Name Exchange02 -DiskLabel System -HostCaching ReadWrite

The config contains the image we want to use, the size of the instance, the name of the VM, the label of the OS disk in the guest OS, and caching informations of the disk.

One the VMConfig is created, you can create a provisioning for the guest OS out-of-box-experience :

$VMConfig | Add-AzureProvisioningConfig -Windows -AdminUsername ItForDummies -Password (Read-Host -Prompt 'Local Admin Password')

Then, you can optionally connect the VM to an existing VMNet :

$VMConfig | Set-AzureSubnet -SubnetNames 'Subnet-1'

Finally, you can create the VM :

$VMConfig | New-AzureVM -ServiceName ItForDummies -Location 'North Europe'

This may takes a few minutes to proceed.

If you want to specify a storage account, you need to select it before you run those lines :

Set-AzureSubscription -SubscriptionName 'MySubscription' -CurrentStorageAccountName 'itfordummies'

If you need to create a new storage account :

New-AzureStorageAccount –StorageAccountName 'itfordummies' –Location 'North Europe' -Type 'Standard_GRS'

If you need to add the Microsoft antimalware Azure extension :

#AntiMalware
$RegularServer = @'
{
    "AntimalwareEnabled": true,
    "RealtimeProtectionEnabled": true,
    "ScheduledScanSettings": {
        "isEnabled": false,
        "day": 1,
        "time": 180,
        "scanType": "Full"
    },
    "Exclusions": {
        "Extensions": "",
        "Paths": "%allusersprofile%NTUser.pol;%systemroot%system32GroupPolicyMachineregistry.pol;%windir%Securitydatabase*.chk;%windir%Securitydatabase*.edb;%windir%Securitydatabase*.jrs;%windir%Securitydatabase*.log;%windir%Securitydatabase*.sdb;%windir%SoftwareDistributionDatastoreDatastore.edb;%windir%SoftwareDistributionDatastoreLogsedb.chk;%windir%SoftwareDistributionDatastoreLogsedb*.log;%windir%SoftwareDistributionDatastoreLogsEdbres00001.jrs;%windir%SoftwareDistributionDatastoreLogsEdbres00002.jrs;%windir%SoftwareDistributionDatastoreLogsRes1.log;%windir%SoftwareDistributionDatastoreLogsRes2.log;%windir%SoftwareDistributionDatastoreLogstmp.edb",
        "Processes": ""
    }
}
'@
Get-AzureVM -ServiceName ItForDummies -Name Exchange02 | Set-AzureVMMicrosoftAntimalwareExtension -AntimalwareConfiguration $RegularServer | Update-AzureVM

The complete ‘script’ :

#Create Storage Account
New-AzureStorageAccount –StorageAccountName 'itfordummies' –Location 'North Europe' -Type 'Standard_GRS'
#Set subscription & storage account
Set-AzureSubscription -SubscriptionName 'MySubscription' -CurrentStorageAccountName 'itfordummies'
#Create VM
$Image = Get-AzureVMImage | Where-Object { $_.ImageFamily -eq 'Windows Server 2012 R2 Datacenter' } | Sort-Object PublishedDate -Descending | Select-Object -ExpandProperty ImageName -First 1
$VMConfig = New-AzureVMConfig -ImageName $image -InstanceSize Medium -Name Exchange02 -DiskLabel System -HostCaching ReadWrite
$VMConfig | Add-AzureProvisioningConfig -Windows -AdminUsername ItForDummies -Password (Read-Host -Prompt 'Local Admin Password')
$VMConfig | Set-AzureSubnet -SubnetNames 'Subnet-1'
$VMConfig | New-AzureVM -ServiceName ItForDummies -Location 'North Europe'
#AntiMalware
$RegularServer = @'
{
    "AntimalwareEnabled": true,
    "RealtimeProtectionEnabled": true,
    "ScheduledScanSettings": {
        "isEnabled": false,
        "day": 1,
        "time": 180,
        "scanType": "Full"
    },
    "Exclusions": {
        "Extensions": "",
        "Paths": "%allusersprofile%NTUser.pol;%systemroot%system32GroupPolicyMachineregistry.pol;%windir%Securitydatabase*.chk;%windir%Securitydatabase*.edb;%windir%Securitydatabase*.jrs;%windir%Securitydatabase*.log;%windir%Securitydatabase*.sdb;%windir%SoftwareDistributionDatastoreDatastore.edb;%windir%SoftwareDistributionDatastoreLogsedb.chk;%windir%SoftwareDistributionDatastoreLogsedb*.log;%windir%SoftwareDistributionDatastoreLogsEdbres00001.jrs;%windir%SoftwareDistributionDatastoreLogsEdbres00002.jrs;%windir%SoftwareDistributionDatastoreLogsRes1.log;%windir%SoftwareDistributionDatastoreLogsRes2.log;%windir%SoftwareDistributionDatastoreLogstmp.edb",
        "Processes": ""
    }
}
'@
Get-AzureVM -ServiceName ItForDummies -Name Exchange02 | Set-AzureVMMicrosoftAntimalwareExtension -AntimalwareConfiguration $RegularServer | Update-AzureVM

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.