“In a chronically leaking boat, energy devoted to changing vessels is more productive than energy devoted to patching leaks.” -Warren Buffett
Using the Azure Command Line Tools
Getting familiar with Azure CLI
Connecting to your Azure subscription
Once you press the enter key, instructions will be displayed on the command line to authenticate the machine.
Because the Azure Resource Manager mode is not enabled by default, use the following command to enable Azure CLI Resource Manager commands.
azure config mode arm
Select the subscription under context, you can do this by listing the subscriptions and selecting the one that is needed:
azure account list
Enumerating Resource Groups and resources in a Resource Group
By executing azure group list, you get the listing of all resource groups in the subscription.
azure group list
Update the properties of the resource group (adding a tag):
azure group set labrg –tags ‘Department=LAB’
azure group show labrg
Enumerate Virtual Machines
azure vm list
Start/Stop a Virtual machine
azure vm stop ARMHackathonScaleSet armsql
azure vm deallocate ARMHackathonScaleSet armsql
azure vm start ARMHackathonScaleSet armsql
Connecting to your Azure subscription

Login-AzureRmAccount
Provide authentication details in the pop-up window to associate the PowerShell instance with the Azure subscription.
Select-AzureRmSubscription –SubscriptionId <Subscription ID>
At this point, all commands that you execute will be against this one particular selected subscription id.
Enumerating Resource Groups and resources in a Resource Group
Get-AzureRmResourceGroup
Get-AzureRmResource
Enumerate Virtual Machines
Get-AzureRmVM
Start/Stop a Virtual machine
Stop-AzureRmVM–ResourceGroup ARMHackathonScaleSet -Name ARMSQL
Start-AzureRmVM–ResourceGroup ARMHackathonScaleSet -Name ARMSQL
Delete the ARMHackathonScaleSet resource group
Click Resource groups
Click the ARMHackathonScaleSet resource group (or whatever you named your deployment)
Click Delete, and then confirm by typing in the name of the resource group.
Leverage resource group template and create the scenario
Launch a browser and navigate to the following URL:
https://github.com/Azure/azure-quickstart-templates/tree/master/201-userdefined-routes-appliance
Click the Deploy to Azure button on the bottom of the page:
|
|
|
|
At the end of deployment, you will have the following resources created:
Understand the deployment

If you look at the resource template file that we used- https://github.com/Azure/azure-quickstart-templates/blob/master/201-userdefined-routes-appliance/azuredeploy.json, IP forwarding is enabled at the Dynamic1 VM.
Configure Routing and Remote Access for the appliance VM
Next we want to meet this objective

Login to your Azure subscription in two PowerShell Sessions
Execute this in both PowerShell sessions.
Login-AzureRmAccount
This command will prompt a sign-in window, please provide the necessary credentials to sign-in to your Azure account. This will take several seconds to associate the context with PowerShell window.
Get-AzureRmSubscription
This will display list of subscriptions. Copy the name of the subscription you are interested in.
Execute this in both PowerShell sessions.
Select-AzureRmSubscription –SubscriptionID<Subscription ID>
At this point, all commands that you execute will be against this one particular selected subscription.
Create virtual network 1 with gateway configuration
Values for VNet1:
-
Virtual Network Name = VNet1
-
Resource Group = RGFORVNET1
-
Address Space = 10.1.0.0/16
-
Region = Choose a region close to you
-
GatewaySubnet = 10.1.0.0/28
-
Subnet1 = 10.1.1.0/28
((Get-AzureRmResourceProvider -ProviderNamespace Microsoft.Compute).ResourceTypes | Where-Object ResourceTypeName -eq virtualmachines).Locations
$region1 = ‘[location name]’
$region2 = ‘[location name]’
New-AzureRmResourceGroup-NameRGFORVNET1 –Location$region1
Execute the rest of the commands in this exercise in the in the first console.
$subnet = New-AzureRmVirtualNetworkSubnetConfig -Name ‘GatewaySubnet’ -AddressPrefix 10.1.0.0/28
$subnet1 = New-AzureRmVirtualNetworkSubnetConfig -Name ‘Subnet1’ -AddressPrefix ‘10.1.1.0/28’
New-AzureRmVirtualNetwork -Name VNet1 -ResourceGroupName RGFORVNET1 -Location $region1 -AddressPrefix 10.1.0.0/16 -Subnet $subnet, $subnet1
$gwpip= New–AzureRmPublicIpAddress –Name gwpip1 –ResourceGroupNameRGFORVNET1–Location$region1 –AllocationMethodDynamic
$vnet = Get–AzureRmVirtualNetwork –NameVNet1 –ResourceGroupNameRGFORVNET1
$subnet = Get–AzureRmVirtualNetworkSubnetConfig –Name‘GatewaySubnet’ –VirtualNetwork $vnet
$gwipconfig = New–AzureRmVirtualNetworkGatewayIpConfig –Name gwipconfig1 –SubnetId $subnet.Id –PublicIpAddressId $gwpip.Id
New–AzureRmVirtualNetworkGateway –Name vnetgw1 –ResourceGroupNameRGFORVNET1 –Location$region1 –IpConfigurations $gwipconfig –GatewayTypeVpn –VpnTypeRouteBased
At this point we have a virtual network with one two subnets, one for VM provisioning in the private network and other as gateway subnet with public IP configuration.
Note: Please continue to the next exercise while the first gateway provisions.
Create virtual network 2 with gateway configuration
Values for VNet2:
-
Virtual Network Name = VNet2
-
Resource Group = RGFORVNET2
-
Address Space = 10.2.0.0/16
-
Region = a remote virtual network
-
GatewaySubnet = 10.2.0.0/28
-
Subnet1 = 10.2.1.0/28
Execute the rest of the commands in this exercise in the in the second console.
New-AzureRmResourceGroup-NameRGFORVNET2 –Location$region2
$subnet = New–AzureRmVirtualNetworkSubnetConfig –Name‘GatewaySubnet’ –AddressPrefix10.2.0.0/28
$subnet1 = New–AzureRmVirtualNetworkSubnetConfig –Name‘Subnet1’ –AddressPrefix‘10.2.1.0/28’
New–AzureRmVirtualNetwork –NameVnet2 –ResourceGroupNameRGFORVNET2 –Location$region2 –AddressPrefix10.2.0.0/16 –Subnet $subnet, $subnet1
$gwpipRG2= New–AzureRmPublicIpAddress –Name gwpip1RG2 –ResourceGroupNameRGFORVNET2–Location$region2 –AllocationMethodDynamic
$vnet = Get–AzureRmVirtualNetwork –NameVnet2 –ResourceGroupNameRGFORVNET2
$subnet = Get–AzureRmVirtualNetworkSubnetConfig –Name‘GatewaySubnet’ –VirtualNetwork $vnet
$gwipconfigRG2 = New–AzureRmVirtualNetworkGatewayIpConfig –Name gwipconfig1RG2 –SubnetId $subnet.Id –PublicIpAddressId $gwpipRG2.Id
New–AzureRmVirtualNetworkGateway –Name vnetgw2 –ResourceGroupNameRGFORVNET2 –Location$region2 –IpConfigurations $gwipconfigRG2 –GatewayTypeVpn –VpnTypeRouteBased
You must wait until both gateways have been created before proceeding to Exercise 4.
Connect the gateways
$vnetgw1 = Get–AzureRmVirtualNetworkGateway –Name vnetgw1 –ResourceGroupNameRGFORVNET1
$vnetgw2 = Get–AzureRmVirtualNetworkGateway –Name vnetgw2 –ResourceGroupNameRGFORVNET2
New–AzureRmVirtualNetworkGatewayConnection –Name conn1 –ResourceGroupNameRGFORVNET1 –VirtualNetworkGateway1 $vnetgw1 –VirtualNetworkGateway2 $vnetgw2 –Location$region1 –ConnectionTypeVnet2Vnet –SharedKey‘abc123’
$vnetgw1 = Get–AzureRmVirtualNetworkGateway –Name vnetgw2 –ResourceGroupNameRGFORVNET2
$vnetgw2 = Get–AzureRmVirtualNetworkGateway –Name vnetgw1 –ResourceGroupNameRGFORVNET1
New–AzureRmVirtualNetworkGatewayConnection –Name conn2 –ResourceGroupNameRGFORVNET2 –VirtualNetworkGateway1 $vnetgw1 –VirtualNetworkGateway2 $vnetgw2 –Location$region2 –ConnectionTypeVnet2Vnet –SharedKey‘abc123’
Verify the connections
Name of the VM: rvavnet2vm
User name: demouser
Password: demo@pass1
Subscription: Select the relevant subscription
Resource group: select RGFORVNET2
Location: Specify the region of the second virtual network
.
Deploying a Geo-Redundant Solution with Traffic Manager
Provision web servers in two regions.


Click all OK buttons and create the virtual machine.
Add IIS role to the Windows Servers.
Add-WindowsFeature -Name“Web-Server”
Configure DNS Labs on the Web Server Public IPs
Configure Traffic Manager
|
Name: A unique name for the Traffic Manager profile Routing method: Priority (this is formerly failover) Resource Group: ARMTMRG Location: Choose the region closest to you
|
|
Name: WebApp1 Priority 1: Resource Group: WebApp1RG Target resource type: Public IP Address Target Resource WebApp1
|
|
Name: WebApp2 Priority 2: Resource Group: WebApp2RG Target resource type: Public IP Address Target Resource WebApp2 |
Test the failover.

Protecting a Virtual Machine with Azure Backup
Create VMs to backup
Provide the virtual machine details as follows:
DNS Name: winvmbkp
IMAGE: Windows Server 2012 (default one)
SIZE: A1 (we won’t be logging into this machine so minimum size is just fine)
USER NAME: demouser
NEW PASSWORD: demo@pass1
CONFIRM: demo@pass1
REGION: East US
Click on “CREATE A VIRTUAL MACHINE”.
Provide the virtual machine details as follows:
DNS Name: linuxvmbkp
IMAGE: Ubuntu Server 15.10
SIZE: A1 (we won’t be logging into this machine so minimum size is just fine)
USER NAME: azureuser (default, you cannot change this here)
NEW PASSWORD: demo@pass1
CONFIRM: demo@pass1
REGION: East US
Click on “CREATE A VIRTUAL MACHINE”.
In the steps that follow, we will configure Azure VM backup vault to backup these two VMs. Please note that machines created using ‘resource manager’ will not be visible from within this portal as Azure Backup does not support ARM yet.
Create a backup Vault
Note: The Backup vault needs to be in the same region as the virtual machines you want to protect. If you have virtual machines in different regions create a vault in each one.
Register Virtual Machines
Note: The registration process deploys the Recovery Services extension on the virtual machine and enables backup. This extension enables Backup to take an application-consistent backup with the Volume Shadow Copy Service (VSS), without needing to shut down the virtual machine.
On the configuration page, select the options as shown below-
On the Retention Range page, select the retention periods as required. Azure supports daily, weekly, monthly and yearly retention policies. Customers can now retain their data for up to 99 years in Azure!
It will appear with the ‘Protected (initial backup pending)’ status until the initial backup finishes and then with a ‘Protected’ status.
Until next year….