If you are only providing the VMs a public ssh key there is no reason to put

If you are only providing the vms a public ssh key

This preview shows page 119 - 163 out of 163 pages.

the certificate from existing VMs, you must write a custom script extension that removes the certificates from your certificate store manually.If you are only providing the VMs a public ssh key, there is no reason to put the public keys in the key vault because public keys are not secret.You can provide SSH public keys in plain text when you create a Linux VM. An example can be found here:Specifically:
Image of page 119
LINUXCONFIGURATION ELEMENT NAME REQUIRED TYPE DESCRIPTION Update-AzureRmVmss -VirtualMachineScaleSet $vmss -ResourceGroup $rg -Name $vmssName What happens to certificates if you reimage a VM? What happens if you delete a certificate from the key vault? Update-AzureRmVmss: List secrets contains repeated instances of /subscriptions//resourceGroups/internal-rg- dev/providers/Microsoft.KeyVault/vaults/internal-keyvault-dev, which is disallowed. Why can’t I add two certificates from the same KeyVault? This behavior can happen if you're trying to add the same vault twice instead of a new vaultCertificate for the existing sourceVault. The Add- AzureRmVmssSecret does not work correctly for adding additional secrets. If you want to add more secrets from the same key vault, you should update the list $vmss.properties.osProfile.secrets[0].vaultCertificates You can see the expected input structure here: You need to find the secret in the scale set object that has the same containing key vault. Then you must add your certificate reference (the URL along with the secret store name) into the list associated with the vault. Note: removing certificates from VMs through the scale set APIs is not currently supported. New VMs will not have the old cert, but ones that had the cert already deployed will still have the old certificate. You do not need to hardcode passwords in scripts; you can dynamically retrieve them with whatever permissions the deployment script you have runs with. If you have a script that is moving a cert from secret store the key vault, the secret store get certificate command also outputs the password of the pfx file. A Win RM certificate reference must be present in the secrets property of the OS profile. The purpose of indicating the source vault is to be able to enforce ACL policies that exist in CSM. Without specifying the source vault, users who do not have permissions to deploy/access secrets to a key vault would be able to through CRP. The ACLs exist even for resources that do not exist. If you provided an incorrect sourceVault id but a valid key vault URL, we would report an error when you poll the operation Certificates get added to all the VMs, even pre-existing ones. If your scale set upgradePolicy property is set to “Manual”, the certificate is added to the VM when you perform a manual update on the VM. See If you want to add a vault certificate to existing secret, which should be the only one secret object, you can do it as in the following powershell example: If you reimage a VM, the certificates disappear because reimaging deletes the OS disk in its entirety. If the secret is deleted in the key vault, and you stop deallocate all your VMs then start them again, you will encounter a failure. This failure is due to CRP needing to retrieve the secrets from Key Vault but not being able to. In this scenario, you can delete the certificates from the scale set model. The CRP component does not persist any customer secrets. If you stop deallocate all VMs in the scale set, then the cache is deleted. In this scenario, secrets are retrieved from key vault.
Image of page 120
Why do we have to specify the exact location for the Certificate URL, as referenced here: per , METHOD URL GET {secret-name}/{secret-version}?api- version={api-version} Why does certificate version have to be specified when using key vault? My team works with several certificates that are distributed to us as .cer public keys. What is the recommended approach is for deployment of these certs to a scale set? I do not see an option for users to pass in certificates as base64 strings that most other resource providers provide. "certificateUrl": "[reference(resourceId(parameters('vaultResourceGroup'), 'Microsoft.KeyVault/vaults/secrets', parameters('vaultName'), parameters('secretName')), '2015-06-01').secretUriWithVersion]" Do we have to wrap certs in JSON objects in keyvaults? Extensions How do you delete a scale set extension? $vmss = Get-AzureRmVmss -ResourceGroupName "resource_group_name" -VMScaleSetName "vmssName" $vmss=Remove-AzureRmVmssExtension -VirtualMachineScaleSet $vmss -Name "extensionName" Update-AzureRmVmss -ResourceGroupName "resource_group_name" -VMScaleSetName "vmssName" -VirtualMacineScaleSet $vmss IS there a scale set template example that integrates with OMS? Extensions seem to run in parallel on scale sets, causing my Custom Script extension to fail. What can I do to fix this behavior? How do I reset the password for scale set VMs? This issue is not hit on scale-out because there is a cached copy of the secret in fabric (at least in the single fabric tenant model). Per KeyVault documentation, the get-secret REST API should return the latest version of the secret if version is not specified: Replace {secret-name} with the name and {secret-version} with the version of the secret you want to retrieve. Secret version may be excluded in which case the current version is retrieved. The reason for this requirement is to make it clear to the user what certificate is deployed on their VMs. If you create a VM then update your secret in the key vault, that new certificate will not be downloaded to your VMs. But your VMs will appear to reference it, and new VMs will get the new secret. To avoid this confusion, it is required that you reference an explicit secret version. You can generate a pfx file that only contains .cer files, with X509ContentType = Pfx. For example, load the .cer file as an x509Certificate2 object in C# or PowerShell and calling this method: (v=vs.110).aspx You can extract the latest versioned URL within a Resource Manager template to emulate the behavior you describe. You can include the following JSON property in your Resource Manager template: This is a scale set/VM requirement. We do also support the content type application/x-pkcs12. Instructions found here: We currently do not support .cer files, you must export your .cer files into pfx containers. Here is an example using PowerShell: The extensionName can be found in $vmss . Look at the second example here: See Use VM Access Extensions Here is an example using PowerShell:
Image of page 121
$vmssName = "myvmss" $vmssResourceGroup = "myvmssrg" $publicConfig = @{"UserName" = "newuser"} $privateConfig = @{"Password" = "********"} $extName = "VMAccessAgent" $publisher = "Microsoft.Compute" $vmss = Get-AzureRmVmss -ResourceGroupName $vmssResourceGroup -VMScaleSetName $vmssName $vmss = Add-AzureRmVmssExtension -VirtualMachineScaleSet $vmss -Name $extName -Publisher $publisher -Setting $publicConfig -ProtectedSetting $privateConfig -Type $extName -TypeHandlerVersion "2.0" -AutoUpgradeMinorVersion $true Update-AzureRmVmss -ResourceGroupName $vmssResourceGroup -Name $vmssName VirtualMachineScaleSet $vmss How do I add an extension to all VMs in my scale set? If the extensions associated with an existing scale set are updated, would they affect already existing VMs? (that is, would the VMs show up as not matching the scale set model)? Or would they be ignored? When an existing machine is service-healed / reimaged / etc. would the scripts that are currently configured on the scale set be executed or would the ones that were configured when the machine was first created be used? How do I get a scale set to join an AD Domain? "extensionProfile": { "extensions": [ { "name": "joindomain", "properties": { "publisher": "Microsoft.Compute", "type": "JsonADDomainExtension", "typeHandlerVersion": "1.0", "settings": { "Name": "[parameters('domainName')]", "OUPath": "[variables('ouPath')]", "User": "[variables('domainAndUsername')]", "Restart": "true", "Options": "[variables('domainJoinOptions')]" }, "protectedsettings": { "Password": "[parameters('domainJoinPassword')]" } } } ] } My scale set extension is trying to install something that requires a reboot, for instance: "commandToExecute": "powershell.exe - ExecutionPolicy Unrestricted Install-WindowsFeature –Name FS-Resource-Manager –IncludeManagementTools" How can I enable Antimalware on my scale set? $rgname = 'autolap' $vmssname = 'autolapbr' $location = 'eastus' # retrieve the most recent version number of the extension $allVersions= (Get-AzureRmVMExtensionImage -Location $location -PublisherName "Microsoft.Azure.Security" -Type "IaaSAntimalware").Version $versionString = $allVersions[($allVersions.count)-1].Split(".")[0] + "." + $allVersions[($allVersions.count)-1].Split(".")[1] $VMSS = Get-AzureRmVmss -ResourceGroupName $rgname -VMScaleSetName $vmssname echo $VMSS Add-AzureRmVmssExtension -VirtualMachineScaleSet $VMSS -Name "IaaSAntimalware" -Publisher "Microsoft.Azure.Security" -Type "IaaSAntimalware" -TypeHandlerVersion $versionString Update-AzureRmVmss -ResourceGroupName $rgname -Name $vmssname -VirtualMachineScaleSet $VMSS I need to execute a custom script hosted on a private storage account. I have no problems when the storage is public but when I try to use a Shared Access Signature(SAS) it fails with the error: “Missing mandatory parameters for valid Shared Access Signature”. I know that link+SAS works fine from my local browser. If update policy is set to automatic, redeploying the template with the new extension properties updates every VM. If update policy is set to manual, you must update the extension, then do a manualUpdate on all instances. If the extension definition in the scale set model is updated, it would update the VMs if upgradePolicy was set to automatic, and they would be flagged as not matching the model if upgradePolicy is set to manual. If an existing VM is service healed, it would appear like a reboot and the extensions would not rerun. If it is reimaged it would be like replacing the OS drive with the source image and any specialization from the latest model, such as extensions would run. You could define an extension like this using the JsonADDomainExtension for example: You could use the DSC extension. If the OS is 2012 R2, then Azure pulls in the WMF5.0 setup, reboots, and continues with the configuration. Here's a PowerShell example:
Image of page 122
Networking How do I do VIP swap for scale sets in the same subscription and same region? What is the resourceGuid property on a NIC for? It’s not documented here. How do I specify a range of private IP addresses, for static private IP address allocation? How do I deploy a scale set into an existing VNET? Troubleshooting How do I enable boot diagnostics? "diagnosticsProfile": { "bootDiagnostics": { "enabled": true, "storageUri": "" } } "bootDiagnostics": { "consoleScreenshotBlobUri": "- b616a99bc8bd/swarm-agent-9574AE92vmss-0_2.4157d838-8335-4f78-bf0e-b616a99bc8bd.screenshot.bmp", "serialConsoleLogBlobUri": "- b616a99bc8bd/swarm-agent-9574AE92vmss-0_2.4157d838-8335-4f78-bf0e-b616a99bc8bd.serialconsole.log" } You must set up protected settings with the storage account key and name for this scenario to work. See - with-protected-settings See: It’s a unique ID. Lower layers will be logging this ID at some point in the future. IPs are selected from a subnet that you specify. The allocation method of scale set IPs is always “Dynamic”. It does not mean though that these IPs can change. It only means that you do not specify IP in PUT request. In other words, you specify the static set using the subnet. See Create a storage account and put this JSON block in your scale set virtualMachineProfile and update the scale set: Then when a new VM is created the InstanceView of the VM shows the details for the screenshot etc. For instance:
Image of page 123
Azure CLI commands in Resource Manager mode 2/27/2017 • 44 min to read • Edit on GitHub NOTE Setting the Resource Manager mode azure config mode arm NOTE azure account: Manage your account information account list [options] This article provides syntax and options for Azure command-line interface (CLI) commands you'd commonly use to create and manage Azure resources in the Azure Resource Manager deployment model. You access these commands by running the CLI in Resource Manager (arm) mode. This is not a complete reference, and your CLI version may show slightly different commands or parameters. For a general overview of Azure resources and resource groups, see Azure Resource Manager Overview . This article shows Resource Manager mode commands in the Azure CLI, sometimes called Azure CLI 1.0. To work in the Resource Manager model, you can also try the Azure CLI 2.0 , our next generation multi-platform CLI. Find out more about the old and new Azure CLIs . To get started, first install the Azure CLI and connect to your Azure subscription . For current command syntax and options at the command line in Resource Manager mode, type azure help or, to display help for a specific command, azure help [command] . Also find CLI examples in the documentation for creating and managing specific Azure services. Optional parameters are shown in square brackets (for example, [parameter] ). All other parameters are required. In addition to command-specific optional parameters documented here, there are three optional parameters that can be used to display detailed output such as request options and status codes. The -v parameter provides verbose output, and the -vv parameter provides even more detailed verbose output. The --json option outputs the result in raw json format. Use the following command to enable Azure CLI Resource Manager mode commands. The CLI's Azure Resource Manager mode and Azure Service Management mode are mutually exclusive. That is, resources created in one mode cannot be managed from the other mode. Your Azure subscription information is used by the tool to connect to your account. List the imported subscriptions Show details about a subscription
Image of page 124
account show [options] [subscriptionNameOrId] account set [options] <subscriptionNameOrId> account clear [options] account env list [options] account env show [options] [environment] account env add [options] [environment] account env set [options] [environment] account env delete [options] [environment] azure ad: Commands to display Active Directory objects ad app create [options] ad app delete [options] <object-id> ad group list [options] ad group show [options] ad group member list [options] [objectId] ad sp list [options] ad sp show [options] ad sp create [options] <application-id> ad sp delete [options] <object-id> ad user list [options] ad user show [options] azure availset: commands to manage your availability sets Set the current subscription Remove a subscription or environment, or clear all of the stored account and environment info Commands to manage your account environment Commands to display active directory applications Commands to display active directory groups Commands to provide an active directory sub group or member info Commands to display active directory service principals Commands to display active directory users Creates an availability set within a resource group
Image of page 125
availset create [options] <resource-group> <name> <location> [tags] availset list [options] <resource-group> availset show [options] <resource-group> <name> availset delete [options] <resource-group> <name> azure config: commands to manage your local settings config list [options] config delete [options] <name> config set <name> <value> config mode [options] <modename> azure feature: commands to manage account features feature list [options] feature show [options] <providerName> <featureName> feature register [options] <providerName> <featureName> Lists the availability sets within a resource group Gets one availability set within a resource group Deletes one availability set within a resource group List Azure CLI configuration settings Delete a config setting Update a config setting Sets the Azure CLI working mode to either arm or asm List all features available for your subscription Shows a feature Registers a previewed feature of a resource provider
Image of page 126
azure group: Commands to manage your resource groups group create [options] <name> <location> group set [options] <name> <tags> group delete [options] <name> group list [options] group show [options] <name> group log show [options] [name] group deployment create [options] [resource-group] [name] group deployment list [options] <resource-group> [state] group deployment show [options] <resource-group> [deployment-name] group deployment stop [options] <resource-group> [deployment-name] group template list [options] group template show [options] <name> group template download [options] [name] [file] group template validate [options] <resource-group> azure hdinsight: Commands to manage your HDInsight clusters hdinsight config create [options] <configFilePath> <overwrite> hdinsight config add-config-values [options] <configFilePath> hdinsight config add-script-action [options] <configFilePath> Creates a resource group Set tags to a resource group Deletes a resource group Lists the resource groups for your subscription Shows a resource group for your subscription Commands to manage resource group logs Commands to manage your deployment in a resource group Commands to manage your local or gallery resource group template Commands to create or add to a cluster configuration file Example: Create a configuration file that contains a script action to run when creating a cluster.
Image of page 127
hdinsight config create "C:\myFiles\configFile.config" hdinsight config add-script-action --configFilePath "C:\myFiles\configFile.config" --nodeType HeadNode --uri <scriptActionURI> --name myScriptAction --parameters "-param value" hdinsight cluster create [options] <clusterName> azure hdinsight cluster create -g myarmgroup -l westus -y Linux --clusterType Storm --version 3.2 -- defaultStorageAccountName mystorageaccount --defaultStorageAccountKey <defaultStorageAccountKey> -- defaultStorageContainer mycontainer --userName admin --password <clusterPassword> --sshUserName sshuser -- sshPassword <sshPassword> --workerNodeCount 1 myNewCluster01 info: Executing command hdinsight cluster create + Submitting the request to create cluster... info: hdinsight cluster create command OK azure hdinsight cluster create -g myarmgroup -l westus -y Linux --clusterType Hadoop --version 3.2 -- defaultStorageAccountName mystorageaccount --defaultStorageAccountKey <defaultStorageAccountKey> -- defaultStorageContainer mycontainer --userName admin --password <clusterPassword> --sshUserName sshuser -- sshPassword <sshPassword> --workerNodeCount 1 –configurationPath "C:\myFiles\configFile.config" myNewCluster01 info: Executing command hdinsight cluster create + Submitting the request to create cluster... info: hdinsight cluster create command OK Command to create a cluster in a resource group Example: Create a Storm on Linux cluster Example: Create a cluster with a script action Parameter options:
Image of page 128
-h, --help output usage information -v, --verbose use verbose output -vv more verbose with debug output --json use json output -g --resource-group <resource-group> The name of the resource group -c, --clusterName <clusterName> HDInsight cluster name -l, --location <location> Data center location for the cluster -y, --osType <osType> HDInsight cluster operating system 'Windows' or 'Linux' --version <version> HDInsight cluster version --clusterType <clusterType> HDInsight cluster type. Hadoop | HBase | Spark | Storm --defaultStorageAccountName <storageAccountName> Storage account url to use for default HDInsight storage --defaultStorageAccountKey <storageAccountKey> Key to the storage account to use for default HDInsight storage --defaultStorageContainer <storageContainer> Container in the storage account to use for HDInsight default storage --headNodeSize <headNodeSize> (Optional) Head node size for the cluster --workerNodeCount <workerNodeCount> Number of worker nodes to use for the cluster --workerNodeSize <workerNodeSize> (Optional) Worker node size for the cluster) --zookeeperNodeSize <zookeeperNodeSize> (Optional) Zookeeper node size for the cluster --userName <userName> Cluster username --password <password> Cluster password --sshUserName <sshUserName> SSH username (only for Linux clusters) --sshPassword <sshPassword> SSH password (only for Linux clusters) --sshPublicKey <sshPublicKey> SSH public key (only for Linux clusters) --rdpUserName <rdpUserName> RDP username (only for Windows clusters) --rdpPassword <rdpPassword> RDP password (only for Windows clusters) --rdpAccessExpiry <rdpAccessExpiry> RDP access expiry. For example 12/12/2015 (only for Windows clusters) --virtualNetworkId <virtualNetworkId> (Optional) Virtual network ID for the cluster. Value is a GUID for Windows cluster and ARM resource ID for Linux cluster) --subnetName <subnetName> (Optional) Subnet for the cluster --additionalStorageAccounts <additionalStorageAccounts> (Optional) Additional storage accounts. Can be multiple. In the format of 'accountName#accountKey'. For example, --additionalStorageAccounts "acc1#key1;acc2#key2" --hiveMetastoreServerName <hiveMetastoreServerName> (Optional) SQL Server name for the external metastore for Hive --hiveMetastoreDatabaseName <hiveMetastoreDatabaseName> (Optional) Database name for the external metastore for Hive --hiveMetastoreUserName <hiveMetastoreUserName> (Optional) Database username for the external metastore for Hive --hiveMetastorePassword <hiveMetastorePassword> (Optional) Database password for the external metastore for Hive --oozieMetastoreServerName <oozieMetastoreServerName> (Optional) SQL Server name for the external metastore for Oozie --oozieMetastoreDatabaseName <oozieMetastoreDatabaseName> (Optional) Database name for the external metastore for Oozie --oozieMetastoreUserName <oozieMetastoreUserName> (Optional) Database username for the external metastore for Oozie --oozieMetastorePassword <oozieMetastorePassword> (Optional) Database password for the external metastore for Oozie --configurationPath <configurationPath> (Optional) HDInsight cluster configuration file path -s, --subscription <id> The subscription id --tags <tags> Tags to set to the cluster. Can be multiple. In the format of 'name=value'. Name is required and value is optional. For example, --tags tag1=value1;tag2 Command to delete a cluster
Image of page 129
hdinsight cluster delete [options] <clusterName> hdinsight cluster show [options] <clusterName> hdinsight cluster list [options] hdinsight cluster resize [options] <clusterName> <targetInstanceCount> hdinsight cluster enable-http-access [options] <clusterName> <userName> <password> hdinsight cluster disable-http-access [options] <clusterName> hdinsight cluster enable-rdp-access [options] <clusterName> <rdpUserName> <rdpPassword> <rdpExpiryDate> hdinsight cluster disable-rdp-access [options] <clusterName> azure insights: Commands related to monitoring Insights ( events, alert rules, autoscale settings, metrics ) insights logs list [options] azure location: Commands to get the available locations for all resource types location list [options] Command to show cluster details Command to list all clusters (in a specific resource group, if provided) Command to resize a cluster Command to enable HTTP access for a cluster Command to disable HTTP access for a cluster Command to enable RDP access for a cluster Command to disable HTTP access for a cluster Retrieve operation logs for a subscription, a correlationId, a resource group, resource, or resource provider List the available locations
Image of page 130
azure network: Commands to manage network resources network vnet create [options] <resource-group> <name> <location> azure network vnet create myresourcegroup newvnet "west us" info: Executing command network vnet create + Looking up virtual network "newvnet" + Creating virtual network "newvnet" Loading virtual network state data: Id: /subscriptions/###############################/resourceGroups/myresourcegroup/providers/Microsoft.Network/virtu alNetworks/newvnet data: Name: newvnet data: Type: Microsoft.Network/virtualNetworks data: Location: westus data: Tags: data: Provisioning state: Succeeded data: Address prefixes: data: 10.0.0.0/8 data: DNS servers: data: Subnets: data: info: network vnet create command OK -h, --help output usage information -v, --verbose use verbose output --json use json output -g, --resource-group <resource-group> the name of the resource group -n, --name <name> the name of the virtual network -l, --location <location> the location -a, --address-prefixes <address-prefixes> the comma separated list of address prefixes for this virtual network For example -a 10.0.0.0/24,10.0.1.0/24. Default value is 10.0.0.0/8 -d, --dns-servers <dns-servers> the comma separated list of DNS servers IP addresses -t, --tags <tags> the tags set on this virtual network. Can be multiple. In the format of "name=value". Name is required and value is optional. For example, -t tag1=value1;tag2 -s, --subscription <subscription> the subscription identifier network vnet set [options] <resource-group> <name> Commands to manage virtual networks Creates a virtual network. In the following example we create a virtual network named newvnet for resource group myresourcegroup in the West US region. Parameter options: Updates a virtual network configuration within a resource group.
Image of page 131
azure network vnet set myresourcegroup newvnet info: Executing command network vnet set + Looking up virtual network "newvnet" + Updating virtual network "newvnet" + Loading virtual network state data: Id: /subscriptions/###############################/resourceGroups/myresourcegroup/providers/Microsoft.Network/virtu alNetworks/newvnet data: Name: newvnet data: Type: Microsoft.Network/virtualNetworks data: Location: westus data: Tags: data: Provisioning state: Succeeded data: Address prefixes: data: 10.0.0.0/8 data: DNS servers: data: Subnets: data: info: network vnet set command OK -h, --help output usage information -v, --verbose use verbose output --json use json output -g, --resource-group <resource-group> the name of the resource group -n, --name <name> the name of the virtual network -a, --address-prefixes <address-prefixes> the comma separated list of address prefixes for this virtual network. For example -a 10.0.0.0/24,10.0.1.0/24. This list will be appended to the current list of address prefixes. The address prefixes in this list should not overlap between them. The address prefixes in this list should not overlap with existing address prefixes in the vnet. -d, --dns-servers [dns-servers] the comma separated list of DNS servers IP addresses. This list will be appended to the current list of DNS server IP addresses. -t, --tags <tags> the tags set on this virtual network. Can be multiple. In the format of "name=value". Name is required and value is optional. For example, -t tag1=value1;tag2. This list will be appended to the current list of tags --no-tags remove all existing tags -s, --subscription <subscription> the subscription identifier network vnet list [options] <resource-group> Parameter options: The command lists all virtual networks in a resource group.
Image of page 132
C:\>azure network vnet list myresourcegroup info: Executing command network vnet list + Listing virtual networks data: ID Name Location Address prefixes DNS servers data: ------------------------------------------------------------------- ------ -------- -------- ---------------- ----------- data: /subscriptions/###############################/resourceGroups/ wvnet newvnet westus 10.0.0.0/8 info: network vnet list command OK -h, --help output usage information -v, --verbose use verbose output --json use json output -g, --resource-group <resource-group> the name of the resource group -s, --subscription <subscription> the subscription identifier network vnet show [options] <resource-group> <name> azure network vnet show -g myresourcegroup -n newvnet info: Executing command network vnet show + Looking up virtual network "newvnet" data: Id: /subscriptions/###############################/resourceGroups/myresourcegroup/providers/Microsoft.Network/virtu alNetworks/newvnet data: Name: newvnet data: Type: Microsoft.Network/virtualNetworks data: Location: westus data: Tags: data: Provisioning state: Succeeded data: Address prefixes: data: 10.0.0.0/8 data: DNS servers: data: Subnets: data: info: network vnet show command OK network vnet delete [options] <resource-group> <name> azure network vnet delete myresourcegroup newvnetX info: Executing command network vnet delete + Looking up virtual network "newvnetX" Delete virtual network newvnetX? [y/n] y + Deleting virtual network "newvnetX" info: network vnet delete command OK Parameter options: The command shows the virtual network properties in a resource group. The command removes a virtual network.
Image of page 133
-h, --help output usage information -v, --verbose use verbose output --json use json output -g, --resource-group <resource-group> the name of the resource group -n, --name <name> the name of the virtual network -q, --quiet quiet mode, do not ask for delete confirmation -s, --subscription <subscription> the subscription identifier network vnet subnet create [options] <resource-group> <vnet-name> <name> azure network vnet subnet create -g myresourcegroup --vnet-name newvnet -n subnet --address-prefix 10.0.1.0/24 info: Executing command network vnet subnet create + Looking up the subnet "subnet" + Creating subnet "subnet" + Looking up the subnet "subnet" data: Id: /subscriptions/###############################/resourceGroups/myresourcegroup/providers/Microsoft.Network/virtu alNetworks/newvnet/subnets/subnet data: Name: subnet data: Type: Microsoft.Network/virtualNetworks/subnets data: Provisioning state: Succeeded data: Address prefix: 10.0.1.0/24 info: network vnet subnet create command OK -h, --help output usage information -v, --verbose use verbose output --json use json output -g, --resource-group <resource-group> the name of the resource group -e, --vnet-name <vnet-name> the name of the virtual network -n, --name <name> the name of the subnet -a, --address-prefix <address-prefix> the address prefix -w, --network-security-group-id <network-security-group-id> the network security group identifier. e.g. /subscriptions/<subscription-id>/resourceGroups/<resource-group- name>/providers/Microsoft.Network/networkSecurityGroups/<nsg-name> -o, --network-security-group-name <network-security-group-name> the network security group name -s, --subscription <subscription> the subscription identifier network vnet subnet set [options] <resource-group> <vnet-name> <name> Parameter options: Commands to manage virtual network subnets Adds another subnet to an existing virtual network. Parameter options: Sets a specific virtual network subnet within a resource group.
Image of page 134
C:\>azure network vnet subnet set -g myresourcegroup --vnet-name newvnet -n subnet1 info: Executing command network vnet subnet set + Looking up the subnet "subnet1" + Setting subnet "subnet1" + Looking up the subnet "subnet1" data: Id: /subscriptions/###############################/resourceGroups/myresourcegroup/providers/Microsoft.Network/virtu alNetworks/newvnet/subnets/subnet1 data: Name: subnet1 data: Type: Microsoft.Network/virtualNetworks/subnets data: Provisioning state: Succeeded data: Address prefix: 10.0.1.0/24 info: network vnet subnet set command OK network vnet subnet list [options] <resource-group> <vnet-name> azure network vnet subnet set -g myresourcegroup --vnet-name newvnet -n subnet1 info: Executing command network vnet subnet set + Looking up the subnet "subnet1" + Setting subnet "subnet1" + Looking up the subnet "subnet1" data: Id: /subscriptions/###############################/resourceGroups/myresourcegroup/providers/Microsoft.Network/virtu alNetworks/newvnet/subnets/subnet1 data: Name: subnet1 data: Type: Microsoft.Network/virtualNetworks/subnets data: Provisioning state: Succeeded data: Address prefix: 10.0.1.0/24 info: network vnet subnet set command OK network vnet subnet show [options] <resource-group> <vnet-name> <name> azure network vnet subnet show -g myresourcegroup --vnet-name newvnet -n subnet1 info: Executing command network vnet subnet show + Looking up the subnet "subnet1" data: Id: /subscriptions/###############################/resourceGroups/myresourcegroup/providers/Microsoft .Network/virtualNetworks/newvnet/subnets/subnet1 data: Name: subnet1 data: Type: Microsoft.Network/virtualNetworks/subnets data: Provisioning state: Succeeded data: Address prefix: 10.0.1.0/24 info: network vnet subnet show command OK Lists all the virtual network subnets for a specific virtual network within a resource group. Displays virtual network subnet properties Parameter options:
Image of page 135
-h, --help output usage information -v, --verbose use verbose output --json use json output -g, --resource-group <resource-group> the name of the resource group -e, --vnet-name <vnet-name> the name of the virtual network -n, --name <name> the name of the subnet -s, --subscription <subscription> the subscription identifier network vnet subnet delete [options] <resource-group> <vnet-name> <subnet-name> azure network vnet subnet delete -g myresourcegroup --vnet-name newvnet -n subnet1 info: Executing command network vnet subnet delete + Looking up the subnet "subnet1" Delete subnet "subnet1"? [y/n] y + Deleting subnet "subnet1" info: network vnet subnet delete command OK -h, --help output usage information -v, --verbose use verbose output --json use json output -g, --resource-group <resource-group> the name of the resource group -e, --vnet-name <vnet-name> the name of the virtual network -n, --name <name> the subnet name -s, --subscription <subscription> the subscription identifier -q, --quiet quiet mode, do not ask for delete confirmation network lb create [options] <resource-group> <name> <location> azure network lb create -g myresourcegroup -n mylb -l westus info: Executing command network lb create + Looking up the load balancer "mylb" + Creating load balancer "mylb" + Looking up the load balancer "mylb" data: Id: /subscriptions/###############################/resourceGroups/myresourcegroup/providers/Microsoft.Network/loadB alancers/mylb data: Name: mylb data: Type: Microsoft.Network/loadBalancers data: Location: westus data: Provisioning state: Succeeded info: network lb create command OK Removes a subnet from an existing virtual network. Parameter options: Commands to manage load balancers Creates a load balancer set. Parameter options:
Image of page 136
-h, --help output usage information -v, --verbose use verbose output --json use json output -g, --resource-group <resource-group> the name of the resource group -n, --name <name> the name of the load balancer -l, --location <location> the location -t, --tags <tags> the list of tags. Can be multiple. In the format of "name=value". Name is required and value is optional. For example, -t tag1=value1;tag2 -s, --subscription <subscription> the subscription identifier network lb list [options] <resource-group> azure network lb list myresourcegroup info: Executing command network lb list + Getting the load balancers data: Name Location data: ---- -------- data: mylb westus info: network lb list command OK -h, --help output usage information -v, --verbose use verbose output --json use json output -g, --resource-group <resource-group> the name of the resource group -s, --subscription <subscription> the subscription identifier network lb show [options] <resource-group> <name> azure network lb show myresourcegroup mylb -v info: Executing command network lb show verbose: Looking up the load balancer "mylb" data: Id: /subscriptions/###############################/resourceGroups/myresourcegroup/providers/Microsoft.Network/loadB alancers/mylb data: Name: mylb data: Type: Microsoft.Network/loadBalancers data: Location: westus data: Provisioning state: Succeeded info: network lb show command OK Lists Load balancer resources within a resource group. Parameter options: Displays load balancer information of a specific load balancer within a resource group Parameter options:
Image of page 137
-h, --help output usage information -v, --verbose use verbose output --json use json output -g, --resource-group <resource-group> the name of the resource group -n, --name <name> the name of the load balancer -s, --subscription <subscription> the subscription identifier network lb delete [options] <resource-group> <name> azure network lb delete myresourcegroup mylb info: Executing command network lb delete + Looking up the load balancer "mylb" Delete load balancer "mylb"? [y/n] y + Deleting load balancer "mylb" info: network lb delete command OK -h, --help output usage information -v, --verbose use verbose output --json use json output -g, --resource-group <resource-group> the name of the resource group -n, --name <name> the name of the load balancer -q, --quiet quiet mode, do not ask for delete confirmation -s, --subscription <subscription> the subscription identifier network lb probe create [options] <resource-group> <lb-name> <name> azure network lb probe create -g myresourcegroup --lb-name mylb -n mylbprobe --protocol tcp --port 80 -i 300 info: Executing command network lb probe create + Looking up the load balancer "mylb" + Updating load balancer "mylb" info: network lb probe create command OK Delete load balancer resources. Parameter options: Commands to manage probes of a load balancer Create the probe configuration for health status in the load balancer. Keep in mind to run this command, your load balancer requires a frontend-ip resource (Check out command "azure network frontend-ip" to assign an ip address to load balancer). Parameter options:
Image of page 138
Image of page 164

You've reached the end of your free preview.

Want to read all 163 pages?

  • Fall '13
  • Vm

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask You can ask (will expire )
Answers in as fast as 15 minutes