azure windows

Azure – Provision Azure Virtual Machine with UnManaged disks

Microsoft has introduced a new type of disk called “Managed” disk wherein Azure manages the disk and the underlying storage account overhead for you. And, Microsoft recommends you create Azure virtual machines with “managed” disks, which is straightforward.

However, you might come across scenarios where your organization/client may require creating an Azure virtual machine with “unmanaged” disks. Use the below code to create an Azure virtual machine with “unmanaged” disks.

$location = "EastUS2"
$rgname = "manjuResourceGroup"
New-AzureRmResourceGroup -Name manjuResourceGroup -Location $location

# Create a subnet configuration
$subnetConfig = New-AzureRmVirtualNetworkSubnetConfig -Name mySubnet -AddressPrefix 192.168.1.0/24

# Create a virtual network
$vnet = New-AzureRmVirtualNetwork -ResourceGroupName manjuResourceGroup -Location $location `
    -Name MYvNET -AddressPrefix 192.168.0.0/16 -Subnet $subnetConfig

# Create a public IP address and specify a DNS name
$pip = New-AzureRmPublicIpAddress -ResourceGroupName manjuResourceGroup -Location $location `

    -AllocationMethod Static -IdleTimeoutInMinutes 4 -Name "mypublicdns$(Get-Random)"

# Create an inbound network security group rule for port 3389
$nsgRuleRDP = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleRDP  -Protocol Tcp `
    -Direction Inbound -Priority 1000 -SourceAddressPrefix '125.16.236.160' -SourcePortRange * -DestinationAddressPrefix * `
    -DestinationPortRange 3389 -Access Allow

# Create an inbound network security group rule for port 80
$nsgRuleWeb = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleWWW  -Protocol Tcp `
    -Direction Inbound -Priority 1001 -SourceAddressPrefix '125.16.236.160' -SourcePortRange * -DestinationAddressPrefix * `
    -DestinationPortRange 80 -Access Allow

# Create a network security group
$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName manjuResourceGroup -Location $location `
    -Name myNetworkSecurityGroup -SecurityRules $nsgRuleRDP,$nsgRuleWeb

# Create a virtual network card and associate with public IP address and NSG
$nic = New-AzureRmNetworkInterface -Name myNic -ResourceGroupName manjuResourceGroup -Location $location `
    -SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -NetworkSecurityGroupId $nsg.Id

# Define a credential object
$cred = Get-Credential

#VM config
$vmsize = "Standard_DS2"
$vmName="myVM"
$vm = New-AzureRmVMConfig -VMName $vmName -VMSize $vmSize
$pubName = ”MicrosoftWindowsServer”
$offerName = ”WindowsServer”
$skuName = ”2016-Datacenter”
$vm = Set-AzureRmVMOperatingSystem -VM $vm -Windows -ComputerName $vmName -Credential $cred
$vm = Set-AzureRmVMSourceImage -VM $vm -PublisherName $pubName -Offer $offerName -Skus $skuName -Version "latest"
$vm = Add-AzureRmVMNetworkInterface -VM $vm -Id $NIC.Id

# Create a new storage account
New-AzureRmStorageAccount -ResourceGroupName "manjuResourceGroup" -AccountName "manjustorageaccount" -Location $location -SkuName "Standard_LRS"

# Disk setup
$diskName = ”manju-disk”
$storageaccount = "manjustorageaccount"
$STA = Get-AzureRmStorageAccount -ResourceGroupName $rgName -Name $storageAccount
$OSDiskUri = $STA.PrimaryEndpoints.Blob.ToString() + "vhds/" + $diskName? + ".vhd"
$vm = Set-AzureRmVMOSDisk -VM $vm -Name $diskName -VhdUri $OSDiskUri -CreateOption fromImage

# Create the virtual machine
New-AzureRmVM -ResourceGroupName manjuResourceGroup -Location $location -VM $vm

 

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Advertisements

Azure – Attach and Initialize Data disk to Azure Virtual Machine

When you create an Azure windows virtual machine, it comes a default OS drive (C:\) and a temporary drive (D:\). An azure virtual machine allows you to attach a data disk to it to expand the storage. The number of data disks that can be attached to the VM depends on the Size and Family of the VM.

You can automate the process of attaching the data disk and initializing it using two scripts:

Script 1: initializePartition.ps1

This script contains the code to initialize the RAW partition.

Script 2: attachAndInstallCSE.ps1

This script will attach the data disk to the Azure windows virtual machine. It also installs the Custom Script Extension to the virtual machine.

 

initializePartition.ps1

$disks = Get-Disk | Where partitionstyle -eq 'raw' | sort number
    $letters = 70..89 | ForEach-Object { [char]$_ }
    $count = 0
    $labels = "data1","data2"

    foreach ($disk in $disks) {
        $driveLetter = $letters[$count].ToString()
        $disk |
        Initialize-Disk -PartitionStyle MBR -PassThru |
        New-Partition -UseMaximumSize -DriveLetter $driveLetter |
        Format-Volume -FileSystem NTFS -NewFileSystemLabel $labels[$count] -Confirm:$false -Force
    $count++
    }

 

attachAndInstallCSE.ps1

 

# Declaringvariables
$resourceGroupName = 'resourceGroupName'
$virtualMachineName = 'virtualMachineName'
$location = 'East US'
$storageType = 'Premium_LRS'
$dataDiskName = $virtualMachineName + '_datadisk1'

# Create a new managed data disk
$diskConfig = New-AzureRmDiskConfig -SkuName $storageType -Location $location -CreateOption Empty -DiskSizeGB 128
$dataDisk1 = New-AzureRmDisk -DiskName $dataDiskName -Disk $diskConfig -ResourceGroupName $resourceGroupName

# Get the virtual machine reference
$vm = Get-AzureRmVM -Name $virtualMachineName -ResourceGroupName $resourceGroupName

# Update the VM reference by adding the data disk
$vm = Add-AzureRmVMDataDisk -VM $vm -Name $dataDiskName -CreateOption Attach -ManagedDiskId $dataDisk1.Id -Lun 1

# Update the virtual machine
Update-AzureRmVM -VM $vm -ResourceGroupName $resourceGroupName

## Install the Custom Script Extension that inturn calls the initializePartition.ps1
$location = "East US 2"

# The name you want to give for the CSE
$extensionName = "extensionName"

$fileName = "initializePartition.ps1"

# Storage Account where the initializePartition.ps1 is present
$storageAccountName = "<INSERT_STORAGE_ACCOUNT_NAME>"

# Primary Access Key of Storage Account where the initializePartition.ps1 is present
$storageAccountAccessPrimaryKey = "<INSERT_STORAGE_PRIMARY_ACCESS_KEY>"

# Storage Account container where the initializePartition.ps1 is present
$storageAccountContainerName = "<INSERT_STORAGE_ACCOUNT_CONTAINER_NAME>"

Set-AzureRmVMCustomScriptExtension -ResourceGroupName $resourceGroupName -Location $location -VMName $virtualMachineName -Name $extensionName -TypeHandlerVersion "1.4" -StorageAccountName $storageAccountName -StorageAccountKey $storageAccountAccessPrimaryKey -FileName $fileName -ContainerName $storageAccountContainerName

 

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

 

 

Azure – Understand your Azure resource utilization using Azure Metrics

Understanding resource utilization is very crucial in determining how your resources are performing. Using this data, you can them make decisions on cost optimization. From my experience, clients are very keen on having a scheduled Resource Utilization Report.

If you are working in an infrastructure team, then your report for a virtual machine may include, CPU utilization, memory, disk usage, network in/Out etc.,

You can use Azure PowerShell to download Azure Insight Metric Data.

As an example, below code shows you how to retrieve CPU Utilization data for an Azure virtual machine.

 

# Get the virtual machine object
$vm = get-azurermvm -ResourceGroupName "automationResourceGroup" -Name "hybridworker"

# Get the resource ID for the virtual machine
$resourceID = $vm.Id

# Retrieve Azure Insight metric definitions for virtual machines
Get-AzureRmMetricDefinition –ResourceId $resourceID -DetailedOutput

 

Output of the above cmdlet will fetch a lot of metrics. I have selected the “Percentage CPU”.

sourceId             : /subscriptions/aaaaaaa-bbbb-cccc-dddd-eeeeeeeee/resourceGroups/automation/providers/Microsoft.Compute/virtualMachines/hybridworker

Name                   :

                             LocalizedValue : Percentage CPU

                             Value          : Percentage CPU

                        

Unit                   : Percent

PrimaryAggregationType : Average

Id                     : /subscriptions/aaaaaaa-bbbb-cccc-dddd-eeeeeeeee/resourceGroups/automation/providers/Microsoft.Compute/virtualMachines/hybridworker/providers/microsoft.insights/metricdefinitions/Percentage CPU

 

The “Value” will give you the correct Metric Name.

 

Below code will pull the CPU utilization of the virtual machine for the last 40 minutes.

$endTime = Get-Date
$startTime = $endTime.AddMinutes(-40)
$timeGrain = '00:01:00'
$metricName = 'Percentage CPU'
$metricData = Get-AzureRmMetric -ResourceId $resourceID -TimeGrain $timeGrain -StartTime $startTime -EndTime $endTime -MetricNames $metricName
$metricData.Data

 

I have shown you how to fetch one such metric for an Azure resource (Azure virtual machine in this case). Similarly, you can fetch metrics for any Azure resource by obtaining the relevant “resourceID” and fetching the appropriate Azure Metric Definition.

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

 

Azure -Forgot Azure Virtual machine password?

While troubleshooting RDP issues, one of the approaches is to connect to the Azure windows machine using its local admin credentials. What if you forgot the credentials? Use the below code to reset them using VMAccess extension and PowerShell:

 

$resourceGroupName = "<ENTER_RESOURCE_GROUP_NAME>"
$virtualMachineName = "<ENTER_VIRTUAL_MACHINE_NAME>"
$location = "<ENTER_VM_LOCATION>"
Set-AzureRmVMAccessExtension -ResourceGroupName $resourceGroupName -location $location -virtualMachineName $virtualMachineName -Credential (get-credential) -typeHandlerVersion "2.0" -Name VMAccessAgent

 

Post troubleshooting, you conclude that by resetting the RDP configuration, the RDP issue will get resolved. How do you reset the RDP configuration, when you are not able to RDP? You may cause service disruption if you decide to restart or redeploy the VM to reset the RDP configuration.

Azure allows you to reset the RDP configuration without logging into the Azure windows virtual machine.

Use the below code to reset the Remote Desktop Services Configuration:

The code resets the access extension named “myVMAccess” on the VM named “myVM” in the “myResourceGroup” resource group:

Set-AzureRmVMAccessExtension -ResourceGroupName "myResoureGroup" -VMName "myVM" -Name "myVMAccess" -Location WestUS -typeHandlerVersion "2.0" -ForceRerun

 

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure – Generate report for unattached Azure disks (managed and un-managed)

When you delete a virtual machine (VM) in Azure, by default, any disks that are attached to the VM aren’t deleted. This feature helps to prevent data loss due to the unintentional deletion of VMs. After a VM is deleted, you will continue to pay for unattached disks.

Unattached MANAGED disks:

When a managed disk is attached to a VM, the ManagedBy property contains the resource ID of the VM. When a managed disk is unattached, the ManagedBy property is null. The script examines all the managed disks in an Azure subscription. When the script locates a managed disk with the ManagedBy property set to null, the script determines that the disk is unattached.

Unattached UN-MANAGED disks:

When an unmanaged disk is attached to a VM, the LeaseStatus property is set to Locked. When an unmanaged disk is unattached, the LeaseStatus property is set to Unlocked. The script examines all the unmanaged disks in all the Azure storage accounts in an Azure subscription. When the script locates an unmanaged disk with a LeaseStatus property set to Unlocked, the script determines that the disk is unattached.

SCRIPT:

Download the script here

PowerShell script to generate a report of unattached VHD disks. This script will create two files – unattached_managed_disks.csv, unattached_un_managed_disks.csv

These two files will contain details about VHD files that are not attached to an Azure virtual machine.

NOTE: You have to login into your account before running the script. “login-azurermaccount” to log in to your account.

You can use the generated CSV to better manage your Azure infrastructure. Understand why the disks are not in use and take an informed decision on whether you want to delete or re-use them. Thus helping you to identify resources that are not being utilized and to reduce cost.

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure – Who de-allocated my virtual machine?

Many a time we might want to know details about certain operations performed on our Azure resources.

Once such case study would be to track how many virtual machines are being de-allocated by users, so we can make a decision on not to monitor them.

I have written a simple script that would make the tracking easy.

Download the script

 

This script will fetch information of certain Azure operation against Azure resources and create a CSV file. Specifically, this script will create a CSV file that contains a list of Azure operations that de-allocates an Azure virtual machine.

You may alter the IF condition statement to produce desired results.

Example, fetch operational logs for Azure Storage only. Or fetch operational logs for re-start VM or any operation on any Azure resource.

The CSV file will be saved in the same folder from where you run the script and will be saved as “Azure_activity_logs.csv”

 

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!

Azure – Install exe files (BigFix) on Azure windows virtual machine using Azure Custom Script Extension (CSE)

What is custom script extension?

The Custom Script Extension downloads and executes scripts on Azure virtual machines. This extension is useful for post-deployment configuration, software installation, or any other configuration/management task. Scripts can be downloaded from Azure storage or GitHub, or provided to the Azure portal at extension runtime. The Custom Script extension integrates with Azure Resource Manager templates, and can also be run using the Azure CLI, PowerShell, Azure portal, or the Azure Virtual Machine REST API.

This document details on how to use Custom Script Extension using the Azure PowerShell Module against an already provisioned Azure Windows virtual machine to install BigFix client.

Pre-requisites:

Operating System

The Custom Script Extension for Windows can be run on Windows 10 Client, Windows Server 2008 R2, 2012, 2012 R2, and 2016 releases.

Script Location

The script needs to be stored in Azure Blob storage, or any other location accessible through a valid URL.

Internet Connectivity

The Custom Script Extension for Windows requires that the target virtual machine is connected to the internet.

The BigFix client files are stored in the storage account:

1

We shall be naming the extension as “bigfixinstallextension.” Make sure that an extension with the same name already does not exist.

Step 1: Get the Azure virtual machine config object

$vm = get-azurermvm -ResourceGroupName “datadog-test” -Name “dg-private-1”

Step 2: Query the Virtual Machine object for existing extensions:

$vm.Extensions

You should see an output similar to below if it does not have any custom extensions.

2

Note: any azure virtual machine will have one default extension – “MicrosoftMonitoringAgent.” This is because Azure installs “Microsoft Monitoring Agent” on every virtual machine. Make sure, the virtual machine does not have another extension with the name “ bigfixinstallextension.” If it does have, we have to remove that extension.

Below link provides an Azure Powershell cmdlet to remove the extension:

https://docs.microsoft.com/en-us/powershell/module/azurerm.compute/remove-azurermvmextension?view=azurermps-5.5.0

Once, we have confirmed that a custom extension with name “ bigfixinstallextension” does not exists, we can proceed in adding one. Below is the powershell code:

# Resource group of virtual machine

$resource_group = “datadog-test”

# location of virtual machine

$location = “East US 2”

# azure virtual machine name

$vm_name = “dg-private-1”

# storage account name where the custom script is stored

$storage_account_name = “xxxx”

# storage account key of where the custom script is stored

$storage_account_key = “xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx”

# custom script file name

$file_name = “azure_custom_script_execution_install_bigfix.ps1”

# container name where the custom script is stored

$container_name = “msifiles”

# extension name for the custom script extension

$extension_name = “bigfixinstallextension”

# azure powershell cmdlet to execute add the custom script extension and to execute the powershell file

Set-AzureRmVMCustomScriptExtension -ResourceGroupName $resource_group -Location $location -VMName $vm_name -Name $extension_name -TypeHandlerVersion “1.1” -StorageAccountName $storage_account_name -StorageAccountKey $storage_account_key -FileName $file_name -ContainerName $container_name

Output:

4

Now login to the Azure windows virtual machine to confirm if the BigFix client is installed and running:

5

The downloaded file can be found inside the virtual machine at the below file path:

C:\Packages\Plugins\Microsoft.Compute.CustomScriptExtension\1.9\Downloads\1

Extension execution output is logged to files found under the following directory on the target virtual machine. For troubleshooting.

C:\WindowsAzure\Logs\Plugins\Microsoft.Compute.CustomScriptExtension

 

Explaining the PowerShell scriptazure_custom_script_execution_install_bigfix.ps1

This script gets executed as part of the Custom Script Execution. And it is responsible for installing the BigFix agent.

Below is the code:

# Create a directory to hold BigFix files

new-item ‘c:\bigfix’ -ItemType directory

# Copy BigFix files from Azure storage to local directory

Invoke-WebRequest -Uri https://customsc.blob.core.windows.net/msifiles/clientsettings.cfg -outfile ‘c:\bigfix\clientsettings.cfg’

Invoke-WebRequest -Uri https://customsc.blob.core.windows.net/msifiles/masthead.afxm -outfile ‘c:\bigfix\masthead.afxm’

Invoke-WebRequest -Uri https://customsc.blob.core.windows.net/msifiles/setup.exe -outfile ‘c:\bigfix\setup.exe’

# Execute the setup file

$arguments = “/S /v/qn”

$filepath = “c:\bigfix\setup.exe”

Start-Process $filepath $arguments -wait

Execution Flow:

1. Create a directory to hold big fix files.

2. Copy the three files associated with BigFix installation to the directory created in Step 1.

3. Execute the setup file in silent mode.

Click here to download my PowerShell scripts for Free !!

Click here for Azure tutorial videos !!