I need to launch an IPv6 DNS query from my Azure VM. I need to control all the parameters of this query. I can do it via network calls or via the dig command. Can I do this with Azure? This probably: can the load balancer support an outbound IPv6 DNS query?
We needed to confirm that our DNS servers handled queries coming in over IPv6, and Azure was one of the cloud providers we could use. It wasn't easy, but I eventually got it to work.
In order to get outgoing IPv6 service from an Azure VM, the VM needs to be created in an availability set with a load balancer that has public dynamic IPv6 addresses, inbound NAT rules for both IPv4 and IPv6, and load balancing rules for same. Existing VMs can't be reconfigured to support this. Azure seems to create some some of tunnel between the configured load balancer and the VMs you put in the same availability set. This isn't obvious from the VM's perspective, except in that you can only communicate over IPv6 with the outside Internet and not with the other VMs in your Azure submit.
IPv6 support isn't currently possible to configure through the Azure portal. I made heavy use of the following two links to get this working:
https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-ipv6-overview
https://learn.microsoft.com/en-us/azure/load-balancer/load-balancer-ipv6-internet-ps
You'll need a Windows VM to run much of the above; PowerShell for Linux and AzureRM.NetCore.Preview does not have feature parity with PowerShell in Windows.
I had to hack at the above example for some time before coming up with the following ... you may need to hack it some more to work in your environment.
Note that I ran this script from within Powershell ISE so I could pre-configure the environment with $mySecureCredentials and Login-AzureRMAccount as necessary.
The below will create a Centos 7.3 VM that can initiate IPv6 DNS queries against the Internet. Note that you'll have to enable your IPv6 interfaces in the guest after rebooting. Unfortunately my rep is too low to post more than 2 links, so search for 'azure linux dhcp ipv6' to see how enable DHCPv6 client configuration on your VM.
$resgroupName = 'YourResourceGroup'
$location = 'east US' # of course, select your preferred location
# you will need some secure credentials. run something like:
# $mySecureCredentials = Get-Credential -Message "Type the username and password of the local administrator account."
# you will also need to log into azure (Login-AzureRMAccount)
# IP addresses, load balancer config
$publicIPv4= New-AzureRmPublicIpAddress -name 'lb-pub-ipv4' -ResourceGroupName $resgroupName -location $location `
-Allocationmethod Static -IpAddressVersion IPv4 -domainnamelabel my-lbnrpipv4
$publicIPv6 = New-AzureRmPublicIpAddress -name 'lb-pub-ipv6' -ResourceGroupName $resgroupName -location $location `
-AllocationMethod Dynamic -IpAddressVersion IPv6 -DomainNameLabel my-lbnrpipv6
$FEIPConfigv4 = New-AzureRmLoadBalancerFrontendIpConfig -name "LB-Frontendv4" -PublicIpAddress $publicIPv4
$FEIPConfigv6 = New-AzureRmLoadBalancerFrontendIpConfig -name "LB-Frontendv6" -PublicIpAddress $publicIPv6
$backendpoolipv4 = New-AzureRmLoadBalancerBackendAddressPoolConfig -name "BackendPoolIPv4"
$backendpoolipv6 = New-AzureRmLoadBalancerBackendAddressPoolConfig -name "BackendPoolIPv6"
# This script assumes you already have a virtual network defined - replace myRG-vnet with the name of the virtual network you want to use.
$vnet = Get-AzureRmVirtualNetwork -name myRG-vnet -ResourceGroupName $resgroupName
# I assume you want to use the default subnet.
$backendSubnet = Get-AzureRmVirtualNetworkSubnetConfig -name default -virtualnetwork $vnet
# Create NAT rules for load balancer
# Even if you don't actually need any inbound rules, some rules appear to be necessary to make outbound IPv6 work.
# Inbound SSH
$inboundNATRule1v4 = New-AzureRmLoadBalancerInboundNatRuleConfig -name "NicNatRulev4" -FrontendIpConfiguration $FEIPConfigv4 -Protocol TCP -FrontendPort 22 -BackendPort 22
$inboundNATRule1v6 = New-AzureRmLoadBalancerInboundNatRuleConfig -name "NicNatRulev6" -FrontendIpConfiguration $FEIPConfigv6 -Protocol TCP -FrontendPort 22 -BackendPort 22
$lbrule1v4 = New-AzureRmLoadBalancerRuleConfig -name "HTTPv4" -FrontendIpConfiguration $FEIPConfigv4 -BackendAddressPool $backendpoolipv4 -Protocol TCP -FrontendPort 80 -BackendPort 80
$lbrule1v6 = New-AzureRmLoadBalancerRuleConfig -name "HTTPv6" -FrontendIpConfiguration $FEIPConfigv6 -BackendAddressPool $backendpoolipv6 -Protocol TCP -FrontendPort 80 -BackendPort 80
$NRPLB = New-AzureRmLoadBalancer -ResourceGroupName $resgroupName -name 'myNrpIPv6LB' -location $location `
-FrontendIpConfiguration $FEIPConfigv4,$FEIPConfigv6 -BackendAddressPool $backendpoolipv4,$backendpoolipv6 `
-LoadBalancingRule $lbrule1v4,$lbrule1v6 -inboundNatRule $inboundNATRule1v4,$inboundNATRule1v6
$nic1IPv4 = New-AzureRmNetworkInterfaceIpConfig -name "IPv4IPConfig" -PrivateIpAddressVersion "IPv4" -subnet $backendSubnet -LoadBalancerBackendAddressPool $backendpoolipv4 -LoadBalancerInboundNatRule $inboundNATRule1v4
$nic1IPv6 = New-AzureRmNetworkInterfaceIpConfig -name "IPv6IPConfig" -PrivateIpAddressVersion "IPv6" -LoadBalancerBackendAddressPool $backendpoolipv6 -LoadBalancerInboundNatRule $inboundNATRule1v6
$nic1 = New-AzureRmNetworkInterface -Name 'myNrpIPv6Nic0' -IpConfiguration $nic1IPv4,$nic1IPv6 `
-resourceGroupName $resgroupName -location $location
New-AzureRmAvailabilitySet -name "myNrpIPv6AvSet" -resourcegroupname $resgroupName -location $location
$avset1 = Get-AzureRmAvailabilitySet -resourcegroupname $resgroupName -name 'myNrpIPv6AvSet'
try {
New-AzureRmStorageAccount -ResourceGroupName $resgroupName -name 'mynrpipv6stacct' -location $location -skuname `
"Standard_LRS" -erroraction stop
} catch {
echo "new storage account failed, let's just hope it was a dup and gets found anyway"
}
# find my existing storage account
$storAcct = Get-AzureRmStorageAccount -resourcegroupname $resgroupName -name 'mynrpipv6stacct'
if ($storAcct -eq $null) {
throw "I could not find a storage accoount"
}
$nic1 = Get-AzureRmNetworkInterface -ResourceGroupName $resgroupName -name 'myNrpIPv6Nic0'
$vm1 = New-AzureRmVMConfig -vmName 'myNrpLinuxIPv6VM1' -vmSize 'Standard_d1' -AvailabilitySetId $avset1.Id
$vm1 = Set-AzureRmVMOperatingSystem -vm $vm1 -Linux -ComputerName 'myNrpLinuxIPv6VM1' -Credential $mySecureCredentials
$vm1 = Set-AzureRmVMSourceImage -VM $vm1 -PublisherName OpenLogic -Offer CentOS -Skus '7.3' -Version "latest"
$vm1 = Add-AzureRmVMNetworkInterface -VM $vm1 -Id $nic1.Id -Primary
$osDisk1Uri = $storAcct.PrimaryEndpoints.Blob.ToString() + "vhds/myNrpLinuxIPv6VM1osdisk.vhd"
$vm1 = Set-AzureRmVMOSDisk -VM $vm1 -Name 'myNrpLinuxIPv6VM1osdisk' -VhdUri $osDisk1Uri -CreateOption FromImage
echo now creating...
new-azurermvm -ResourceGroupName $resgroupName -location $location -VM $vm1
echo done
I don't understand what you mean by launch an IPv6 query. Do you mean query for an AAAA record or do you mean IPv6 network traffic? If you meant he query type then tools like nslookup and dig allow you to control the query but when looking up a hostname in things like browsers they let the OS decide how to resolve the name, that's not Azure specific. If you're talking about IP level traffic, the Azure DNS recursive resolvers are only contactable using IPv4 at present.
Related
The following script runs okay, I can see it doing the designed task (deploying 500 virtual machines) but I get a warning from New-AzVM that tells me that it's using the most sane storage account that it can reach. I've been having a lot of problems with the virtual machines that it spins up, and they are spinning up very slowly (at a speed of about 10 per hour) and I was wondering if the problem might be that I'm unable to designate a storage account as part of the configuration.
I've done quite a few google searches, looking through the microsoft documentation on these scripts, and haven't found a way to specify the configuration I want.
The script I'm using is this:
$rgn = "VolumetricTest"
$passwd = ConvertTo-SecureString "password" -AsPlainText -Force
$logincred = New-Object System.Management.Automation.PSCredential("xadminx",$passwd)
$vnet = Get-AzVirtualNetwork -Name volumetric-vnet -ResourceGroupName VolumetricTest
$loc = "East US"
$nsg_rdp_in = New-AzNetworkSecurityRuleConfig -name "RDP_in" -Protocol Tcp -Direction Inbound -Priority 300 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 3389 -Access Allow
$nsg_rdp_out = New-AzNetworkSecurityRuleConfig -name "RDP_out" -Protocol Tcp -Direction Outbound -Priority 301 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 3389 -Access Allow
$suffixes = #()
1..500 | ForEach-Object { $nm = $_.ToString("000"); $suffixes += #("$nm") }
Foreach ( $suffix in $suffixes) {
Write-Host $suffix
$vmname = "SCLD-VT-W$suffix"
Write-Host $vmname
$nsg = New-AzNetworkSecurityGroup -Name "nsgW$suffix" -ResourceGroupName VolumetricTest -Location 'East US' -SecurityRules $nsg_rdp_in
Write-Host $nsg.Id
$net = New-AzNetworkInterfaceIpConfig -name "WNetAddr$suffix" -Subnet $( Get-AzVirtualNetworkSubnetConfig -Name default -VirtualNetwork $vnet ) -Primary
$nic = New-AzNetworkInterface -Name "WNetif$suffix" -ResourceGroupName VolumetricTest -Location 'East US' -IpConfiguration $net -NetworkSecurityGroupId $nsg.Id
Write-Host $nic.Id
$vmconfig = New-AzVMConfig -VMName $vmname -VMSize "Standard_B2s" | Set-AzVMOperatingSystem -Windows -ComputerName $vmname -Credential $logincred | Set-AzVMSourceImage -PublisherName "microsoftwindowsdesktop" -Offer "Windows-10" -skus 'rs1-enterprise' -Version latest | Add-AzVMNetworkInterface -Id $nic.Id
New-AzVM -ResourceGroupName $rgn -Location "East US" -VM $vmconfig
}
(details replaced with filler of course)
results like:
014
SCLD-VT-W014
/subscriptions/00000000-0000-0000-0000-00000000/resourceGroups/VolumetricTest/providers/Microsoft.Network/networkSecurityGroups/nsgW014
/subscriptions/00000000-0000-0000-0000-00000000/resourceGroups/VolumetricTest/providers/Microsoft.Network/networkInterfaces/WNetif014
WARNING: Since the VM is created using premium storage or managed disk, existing standard storage account, volumetrictestbootdiag, is used for boot diagnostics.
This machine was created in about 2 minutes.
Some machines seem to take less than a minute to spin up, while others take upwards of 10.
It selects the proper storage account I want to use, at least.
When you create a VM if you enable diagnostics you have to specify a storage account. In this case if you doesn't specify a SA it will create a storage account for you or select any existing storage account.
You could use Set-AzureRmVMBootDiagnostics to modifies boot diagnostics properties of a virtual machine to specify the storage configuration.
Set-AzureRmVMBootDiagnostics -VM $VM -Enable -ResourceGroupName "ResourceGroup11" -StorageAccountName "DiagnosticStorage"
In an azure RM load-balancer I can create a nat rule FTP using powershell, but would also like to set the target virtual machine using powershell. The only way I know how to set the target is in the portal.
I have two VMs in the load balancer. I tried using Add-AzLoadBalancerInboundNatRuleConfig, but don't see a parameter for target VM.
My script:
$lb | Add-AzLoadBalancerInboundNatRuleConfig -Name $EndpointName -FrontendIPConfiguration $feip -Protocol "Tcp" -FrontendPort $i -BackendPort $i
If it's not possible to set the target in powershell, what alternatives are there besides the portal?
I found the answer. The key is to add the LoadBalancerInboundNatRuleId to the Ip Configuration.
Here's a function to get the LoadBalancerInboundNatRuleId that I created for this purpose:
Function natRuleID ($sourcePortName) {
return "/subscriptions/$subscriptionID/resourceGroups/$rgName/providers/Microsoft.Network/loadBalancers/$lbName/InboundNatRules/$sourcePortName"
}
And here is my sample script that adds two load balancer nat rules and then sets the target network interface for a virtual machine:
# Add Load Balancer Nat Rules:
$lb = Get-AzLoadBalancer -Name $lbName -ResourceGroupName $rgName
$feip = Get-AzLoadBalancerFrontendIpConfig -Name $feipName -LoadBalancer $lb
$lb | Add-AzLoadBalancerInboundNatRuleConfig -Name $natRuleRdpName-FrontendIpConfiguration $feip -Protocol tcp -FrontendPort $rdpPortNumber -BackendPort 3389
$lb | Add-AzLoadBalancerInboundNatRuleConfig -Name $natRuleFtpName -FrontendIPConfiguration $feip -Protocol "Tcp" -FrontendPort $ftpPublicPortForImplicit990 -BackendPort 990
$lb | Set-AzLoadBalancer #save the new LB rules
# Set nat rule targets:
Function natRuleID ($sourcePortName) {
return "/subscriptions/$subscriptionID/resourceGroups/$rgName/providers/Microsoft.Network/loadBalancers/$lbName/InboundNatRules/$sourcePortName"
}
$rules = #()
$rules = $rules += natRuleID($natRuleFtpName)
$rules = $rules += natRuleID($natRuleRdpName)
$nic = Get-AzNetworkInterface -Name $nicName -ResourceGroupName $rgName
$nic | Set-AzNetworkInterfaceIpConfig -Name $ipConfigName -LoadBalancerInboundNatRuleId $rules
$nic | Set-AzNetworkInterface #save the new ipConfig rules
For the Load Balancer Nat rules, it describes like this:
Standard Load Balancer backend pools expand to any virtual machine
resource in a virtual network. It can contain up to 1000 backend
instances. A backend instance is an IP configuration, which is a
property of a NIC resource.
So there are two steps to create for the VM:
create the nat rule in the load balancer, the PowerShell command is Add-AzLoadBalancerInboundNatRuleConfig, Azure CLI command is az network lb inbound-nat-rule create.
associate the nat rule to the VM nic, the PowerShell command is Add-AzNetworkInterfaceIpConfig, Azure CLI command is az network nic ip-config inbound-nat-rule add.
You can add the Nat rule in one step in the portal, but you need to do two steps through command. And you also need to pay attention to that the NSG rule is also necessary to allow the traffic to the port.
Gary, I understand the issue you are facing, I am also trying to configure Target VM and Network IP Configuration (incase VM is associated with two NICs) through PS.
However I am not able to do so, since the commandlet "Add-AzLoadBalancerInboundNatRuleConfig" doesn't come with Target VM Parameter.
I was able to get the FrontendIPs and Inbound NAT Rules. However to set the Target VM and NIC associated to those inbound nat rules is a challenge.
"Add-AzLoadBalancerInboundNatRuleConfig" doesn't show the inbound nat rule in the LB Settings section though.
Below Script will help you get existing Target VM Name and NIC.
$lb = Get-AzLoadBalancer -ResourceGroupName $rgname -Name $lbname
$lbinboudnatrule = Get-AzLoadBalancerInboundNatRuleConfig -LoadBalancer $lb
foreach($lbrule in $lbinboudnatrule)
{
$bip = $lbrule.BackendIPConfiguration.Id -split '/subscriptions/---------------/Microsoft.Network/networkInterfaces/'
$info = $bip -split '-----------/ipConfigurations/'
$wrapper = New-Object PSObject -Property #{ NATRuleName = $lbrule.Name; TargetVirtualMachine = $info[1]; NetworkIPConfiguration = $info[2]}
$wrapper | Export-csv -Path C:/Temp/lb.csv -Append -NoTypeInformation
}
You need to set it up on the NSG, below is a snippet sample from a script i created to do similar for RDP port.
Add-AzureRmNetworkSecurityRuleConfig -Name $ruleName -NetworkSecurityGroup $nsg -Access Allow -Description "Allowing RDP connection from current location" -DestinationAddressPrefix * -DestinationPortRange $port -Direction Inbound -Priority $priorityNew -Protocol * -SourceAddressPrefix $current_IP -SourcePortRange *
$hout = Set-AzureRmNetworkSecurityGroup -NetworkSecurityGroup $nsg
I am having problem deploying vmss using custom images via powershell. The following is my code for the powershell deployment:
#New-AzureRmResourceGroup -Location southeastasia -Name arkgenegroup1
# Resource group name from above
$rg = "myvmss"
$location = "southeastasia"
# Create a config object
$vmssConfig = New-AzureRmVmssConfig -Location $location -SkuCapacity 2 -SkuName Standard_A0 -UpgradePolicyMode Automatic
# Reference a virtual machine image from the gallery
Set-AzureRmVmssStorageProfile -VirtualMachineScaleSet $vmssConfig -OsDiskCreateOption FromImage -ManagedDisk StandardLRS -OsDiskCaching "None" -OsDiskOsType Linux -ImageReferenceId (Get-AzureRmImage -ImageName image200817 -ResourceGroupName $rg).id
# Set up information for authenticating with the virtual machine
Set-AzureRmVmssOsProfile $vmssConfig -AdminUsername admin -AdminPassword adminpass -ComputerNamePrefix myvmss
# Create the virtual network resources
## Basics
$subnet = New-AzureRmVirtualNetworkSubnetConfig -Name "my-subnet" -AddressPrefix 10.0.0.0/24
$vnet = New-AzureRmVirtualNetwork -Name "my-network" -ResourceGroupName $rg -Location $location -AddressPrefix 10.0.0.0/16 -Subnet $subnet
## Load balancer
$publicIP = New-AzureRmPublicIpAddress -Name "PublicIP" -ResourceGroupName $rg -Location $location -AllocationMethod Static -DomainNameLabel "myuniquedomain"
$frontendIP = New-AzureRmLoadBalancerFrontendIpConfig -Name "LB-Frontend" -PublicIpAddress $publicIP
$backendPool = New-AzureRmLoadBalancerBackendAddressPoolConfig -Name "LB-backend"
$probe = New-AzureRmLoadBalancerProbeConfig -Name "HealthProbe" -Protocol Tcp -Port 80 -IntervalInSeconds 15 -ProbeCount 2
$inboundNATRule1= New-AzureRmLoadBalancerRuleConfig -Name "webserver" -FrontendIpConfiguration $frontendIP -Protocol Tcp -FrontendPort 80 -BackendPort 80 -IdleTimeoutInMinutes 15 -Probe $probe -BackendAddressPool $backendPool
$inboundNATPool1 = New-AzureRmLoadBalancerInboundNatPoolConfig -Name "RDP" -FrontendIpConfigurationId $frontendIP.Id -Protocol TCP -FrontendPortRangeStart 53380 -FrontendPortRangeEnd 53390 -BackendPort 3389
New-AzureRmLoadBalancer -ResourceGroupName $rg -Name "myLB" -Location $location -FrontendIpConfiguration $frontendIP -LoadBalancingRule $inboundNATRule1 -InboundNatPool $inboundNATPool1 -BackendAddressPool $backendPool -Probe $probe
## IP address config
$ipConfig = New-AzureRmVmssIpConfig -Name "my-ipaddress" -LoadBalancerBackendAddressPoolsId $backendPool.Id -SubnetId $vnet.Subnets[0].Id -LoadBalancerInboundNatPoolsId $inboundNATPool1.Id
# Attach the virtual network to the IP object
Add-AzureRmVmssNetworkInterfaceConfiguration -VirtualMachineScaleSet $vmssConfig -Name "network-config" -Primary $true -IPConfiguration $ipConfig
# Create the scale set with the config object (this step might take a few minutes)
New-AzureRmVmss -ResourceGroupName $rg -Name "myvmss" -VirtualMachineScaleSet $vmssConfig
Error Code
New-AzureRmVmss : Long running operation failed with status 'Failed'.
ErrorCode: DiskProcessingError
ErrorMessage: One or more errors occurred while preparing VM disks. See disk instance view for details.
StartTime: 8/21/2017 4:59:40 PM
EndTime: 8/21/2017 5:00:02 PM
OperationID: xxxxxxx-fda7-4f37-acbb-xxxxxxxx
Status: Failed
At line:1 char:1
+ New-AzureRmVmss -ResourceGroupName $rg -Name "myvmss" -VirtualMa ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzureRmVmss], ComputeCloudException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Compute.Common.ComputeCloudException,Microsoft.Azure.Commands.Compute.Automation.NewAzureRmVmss
I can't seems to figure out what exactly causing the problem, the same image was able to be used to create standalone VM.
I have test it in my lab, your script works for me, here is my result:
Get-AzureRmImage -ImageName image200817 -ResourceGroupName $rg
Does this image create by Azure VM?
If yes, we should use waagent command to delete machine specific files and data. SSH to your VM then type the following command:
sudo waagent -deprovision+user
Note:
Only run this command on a VM that you intend to capture as an image.
It does not guarantee that the image is cleared of all sensitive
information or is suitable for redistribution. The +user parameter
also removes the last provisioned user account. If you want to keep
account credentials in the VM, just use -deprovision to leave the user
account in place.
After run this command completed, we can use CLI to create VM image, we can follow those steps:
1.Deallocate the VM
az vm deallocate \
--resource-group myResourceGroup \
--name myVM
2.Mark the VM as generalized
az vm generalize \
--resource-group myResourceGroup \
--name myVM
3.create an image of the VM
az image create \
--resource-group myResourceGroup \
--name myImage --source myVM
After those script run completed, we can use your powershell script to deploy VMSS with that image.
More information about create an image of a virtual machine or VHD, please refer to this article.
Is it true, that even for Virtual Machine's created in the latest platform (ARM), that if you initially created the machine with 1 NIC, that there is no way to add additional NICs to the VM?
I found a few random (non-Microsoft) articles that seem to indicate this is the case, which if so... is kind of retarded.
So I wanted to make sure that I'm understanding this correctly.
If I have to start all over and build a new machine just to add a NIC, I might consider just using Amazon AWS as I can't imagine this being a limitation over there.
that if you initially created the machine with 1 NIC, that there is no
way to add additional NICs to the VM
It is true, there is no way to add a NIC to an existing VM, and we can't via portal to create a VM with multiple NICs. But we can create/recreate the VM via powershell and add another NIC to it. Here is the powershell script:
$rg = "jason-newgroup"
$loc = "japan east"
$nic01 = "nic01"
$nic02 = "nic02"
$vnet = Get-AzureRmVirtualNetwork -Name ‘jason-newgroup-vnet’ -ResourceGroupName ‘jason-newgroup’
$sub01id = (Get-AzureRmVirtualNetworkSubnetConfig -Name ‘sub01’ -VirtualNetwork $vnet).Id
$sub02id = (Get-AzureRmVirtualNetworkSubnetConfig -Name ‘sub02’ -VirtualNetwork $vnet).Id
$ip1 = '10.1.0.5'
$ip2 = '10.1.1.5'
$nic1 = New-AzureRmNetworkInterface -Name $nic01 -ResourceGroupName $rg -Location $loc -SubnetId $sub01id -PrivateIpAddress $ip1
$nic2 = New-AzureRmNetworkInterface -Name $nic02 -ResourceGroupName $rg -Location $loc -SubnetId $sub02id -PrivateIpAddress $ip2
$vmsize = "Standard_DS4_v2"
$vmname = "jason-windows"
$vm = New-AzureRmVMConfig -VMName $vmname -VMSize $vmsize
$VM = Add-AzureRmVMNetworkInterface -VM $VM -Id $nic1.Id -Primary
$VM = Add-AzureRmVMNetworkInterface -VM $VM -Id $nic2.Id
$osDiskName = "jason-newtest"
$osDiskVhdUri = "https://jasonnewgroupdisks717.blob.core.windows.net/vhds/jason-windows2016920165635.vhd"
$vm = Set-AzureRmVMOSDisk -VM $vm -VhdUri $osDiskVhdUri -name $osDiskName -CreateOption attach -windows
New-AzureRmVM -ResourceGroupName $rg -Location $loc -VM $vm
Notice:
The VM size determines the number of NICS that you can create for a VM. More information about how many NICS each VM size supports, please refer to the link below:
https://azure.microsoft.com/en-us/documentation/articles/virtual-machines-windows-sizes/
There is an update to this. You can now add nics to existing Azure VMs. See the documentation here for tutorial - https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-network-interface-vm
I’m have an Azure PowerShell challenge.
I am trying to create a VM with a static IP based on an existing disk.
I have run the following and can see my disk in the list of VM disks
Add-AzureDisk -DiskName $diskname -MediaLocation $medialocation -Label "bootdisk" -OS "Linux"
However when I run the following script:
Set-AzureSubscription -SubscriptionName "my subscrption" -CurrentStorageAccountName "my storage account"
$vmImg = New-AzureVMConfig -Name $vmname -InstanceSize Large -DiskName $diskname -Verbose |
Set-AzureSubnet -SubnetNames "my subnet" |
Set-AzureStaticVNetIP -IPAddress "192.168.58.101"
New-AzureVM -ServiceName $cloudservicename -VMs $vmImg
I get this error
New-AzureVM : CurrentStorageAccountName is not accessible. Ensure the
current storage account is accessible and in the same location or
affinity group as your cloud service
I did some research and found that is an issue when the cloud service already exits. However, I have tried all the workarounds suggested including allowing the New-AzureVM to create the cloud service and to create it manually.
Have you come across this? The reason I need the static IP is that everything in the VM breaks if I allow dynamic IP.
Any suggestions would be greatly appreciated.
Try the following and see if it resolves your issue.
Clean up :-
Clean out %appdata%\Windows Azure Powershell.
Close out all powershell instances
add-azureaccount
Step 1:
Set-AzureSubscription -SubscriptionName "Visual Studio Ultimate with MSDN" -CurrentStorageAccount $storageAccountName
Step 2:
Check if the IPAddress is available.
Test-AzureStaticVNetIP –VNetName $vnetName –IPAddress 10.0.0.9
Step 3:
New-AzureVMConfig -Name "testvmkv21" -InstanceSize Basic_A2 -Label "testvmkv1" -ImageName (Get-AzureVMImage)[88].ImageName | Set-AzureSubnet "subnet-1" | Set-AzureStaticVNetIP -IPAddress 10.0.0.9 | add-azureprovisioningconfig -adminusername "myuser" -windows -password "!!abc039"| Add-AzureEndpoint -LocalPort 80 -Name 'HTTP' -Protocol tcp -PublicPort 80 | Add-AzureEndpoint -LocalPort 443 -Name 'HTTPS' -Protocol tcp -PublicPort 443| New-AzureVM -ServiceName "testvmkv21" -Location "East US" -VNetName "eastusvnet"