Thursday, July 2, 2015

PowerShell : Create a Cloud-Only Virtual Network in Azure

VM’s and services in Azure infrastructure by default are not connected to any virtual network and operate in an isolated mode. This makes the VMs in Azure not accessible to other VMs by default .If you want the VMs in Azure to access each other, then you have to create a virtual network and join the VM’s to the network. This way you can achieve a network overlay that allows the VMs to communicate to each other but still remain inaccessible to the outside network. The topic which I’m covering here is to create a Cloud-Only virtual network, that allows the VMs and services in the Azure Infrastructure to become accessible to each other.

Cloud-Only virtual network configurations are VNets that don’t use a virtual network gateway to connect back to your on-premises network or directly to other Azure VNets. They aren’t really a different type of VNet, but rather, they are a way to configure a VNet without configuring cross-premises connectivity. You connect to the VMs and cloud services from the endpoints, rather than through a VPN connection.

Cloud-Only configurations are very easy to create. This is because you don’t need to coordinate your IP address ranges with the ranges on your local network or with the ranges of other VNets. You also don’t need to configure a VPN device. If you create a VNet and find later that you want to add cross-premises connectivity, it can be somewhat more complicated than to simply add a gateway to your VNet. This is because the IP address ranges that you select can’t overlap with the ranges that are on your local on-premises network or with other VNets that you may want to connect to. In that case, it may make sense to create a new VNet with the required settings for a cross-premises connection, and then redeploy your cloud services and VMs to the new VNet.

Cloud-only virtual networks can be created directly from the management portal by creating a Virtual Network under the Network Services option, which brings up a configuration wizard to help you with the process. If you need more details on how this can be done follow the article here.

https://azure.microsoft.com/en-us/documentation/articles/create-virtual-network/

In this post, I’ll walk through the steps required to create a VNet using the Azure PowerShell cmdlets, rather than using the management portal. Once the VNet is created, we can verify this using the management portal or using the PowerShell cmdlets and add virtual machines to join this network.

To configure a virtual network, you can either create a new network configuration file and use this configuration to create a VNet or you can export the configuration file from an existing virtual network configuration, modify the file to contain the settings to configure a new VNet and use the new configuration file to create a VNet. A sample Network configuration schema file looks like the e.g. given below.

<NetworkConfiguration xmlns="http://schemas.microsoft.com/ServiceHosting/2011/07/NetworkConfiguration">
  <VirtualNetworkConfiguration>
    <Dns>
      <DnsServers>
        <DnsServer name="" IPAddress=""/>
      </DnsServers>
    </Dns>
    <LocalNetworkSites>
      
        <VPNGatewayAddress>gateway-address</VPNGatewayAddress>
        <AddressSpace>
          <AddressPrefix>address-prefix</AddressPrefix>
        </AddressSpace>
      </LocalNetworkSite>
    </LocalNetworkSites>
    <VirtualNetworkSites>
      <VirtualNetworkSite name="" AffinityGroup="" Location="">
        
          <VPNClientAddressPool>
            <AddressPrefix>address-prefix</AddressPrefix>
          </VPNClientAddressPool>
          <ConnectionsToLocalNetwork>
            
              
            </LocalNetworkSiteRef>
          </ConnectionsToLocalNetwork>
        </Gateway>
        <DnsServersRef>
          
        </DnsServersRef>
        <Subnets>
          
            <AddressPrefix>address-prefix</AddressPrefix>
          </Subnet>
        </Subnets>
        <AddressSpace>
          <AddressPrefix>address-prefix</AddressPrefix>
        </AddressSpace>
      </VirtualNetworkSite>
    </VirtualNetworkSites>
  </VirtualNetworkConfiguration>
</NetworkConfiguration>

The VirutalNetworkSite settings is a required element. In the virtual network site definition, if you have specified a DNS server name for the VNet, you need to mention the name value for the DnsServerRef element. Otherwise Azure will be set as the default DNS service for the VNet. The AddressPrefix element is used to specify the address space that is used for the subnets and virtual network sites.

If you want to specify a DNS server for the virtual network the name and the IPS address of the DNS server can be defined in the DnsServer element as given below. Note that the default Azure DNS server will be assigned if no DNS servers are mentioned which will allow the VMs and services in the network to access internet resources.

<DnsServers>
     <DnsServer name="DNSDemo1" IPAddress="10.0.0.0"/>
</DnsServers>
For more details on the Network Configuration schema file refer the article here.

https://msdn.microsoft.com/library/azure/jj157100

For the e.g in this post, I’ve created a Network configuration like the one given below.
<NetworkConfiguration xmlns="http://schemas.microsoft.com/ServiceHosting/2011/07/NetworkConfiguration">
  <VirtualNetworkConfiguration>
    <VirtualNetworkSites>
      <VirtualNetworkSite name="VNetDemo1" Location="West Europe">                
        <Subnets>
          
            <AddressPrefix>10.0.1.0/24</AddressPrefix>
          </Subnet>
        </Subnets>
        <AddressSpace>
          <AddressPrefix>10.0.0.0/16</AddressPrefix>
        </AddressSpace>
      </VirtualNetworkSite>
    </VirtualNetworkSites>
  </VirtualNetworkConfiguration>
</NetworkConfiguration>

The configuration creates a new VNet with name VNetDemo1 with the default Azure DNS server 10.0.0.0/16 s the address and a subnet with 10.10.2.32/27 as the address space.

The next step is to use the Set-AzureVNetConfig cmdlets to update the virtual network settings for the Azure cloud service. The cmdlets updates the configuration for the current Azure subscription by specifying a path to the network configuration file. I’ve added the XML content in the e.g. that is mentioned above to the file AzureVNet.netcfg and will use this file as a parameter for the cmdlet.

Set-AzureVNetConfig –ConfigurationPath E:\AzureDemo\AzureVNet.netcfg

To verify the VNet is created properly, use the Get-AzureVNetSite cmdlet or check in the management portal.

Using this VNet, you can create new Virtual machines or services in the network. For e.g. the New-AzureVM cmdlets accepts a –VNetName parameter to pass the VNet name.

$vmName = “[YOUR_VM_NAME]”
$image = “[YOUR_VM_IMAGE_NAME]”
New-AzureVMConfig -Name $vmName `
                -InstanceSize ExtraSmall `
                -ImageName $image | `
                Add-AzureProvisioningConfig -Windows `
                -AdminUsername $admin `
                -Password $password | `
                Add-AzureDataDisk -CreateNew `
                -DiskSizeInGB 200 `
                -DiskLabel "datadisk1" `
                -LUN 0 | `
                Add-AzureEndpoint -Name "HTTP" `
                -Protocol TCP `
                -LocalPort 80 `
                -PublicPort 80 -LBSetName "HttpLoadbalancedSet" `
                –DefaultProbe | `
                New-AzureVM -ServiceName [YOUR_CLOUD_SERVICE_NAME] `
                -AffinityGroup "AzureGrp1" `
                -VNetName "VNetDemo1"

Or

New-AzureQuickVM –VNetName "VNetDemo1" –Windows –ServiceName $serviceName `
                 –Name $vmName –Location "West Europe" `
                 –AdminUsername $admin –Password $password `

                 –InstanceSize ExtraSmall –ImageName $image 
Posted by
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)