Azure PowerShell and CLI

  • Install PowerShell on Ubuntu 16:
  • Powershell Basic cmdlets:
    • pwsh                                                  (Start the PowerShell console)
    • verb-noun -param Arg1, Arg2  (General syntax)
    • Alias:
      • Get-Alias | gal
      • Get-Alias -Definition Get-Process   (Get alias for Get-Process cmdlet)
      • gal ls
      • gal sa*                                                  (List alias starting with sa)
      • pwd: Get-Location
      • cls: Clear-Host
      • dir: Get-ChildItem
      • ps: Get-Process
      • copy: Copy-Item
    • Help:
      • Update-Help -force
      • help  g*process                                    (Get-Help)
      • Get-Help  Get-Process  [-Detailed | -full | -Online | -ShowWindow ]
      • Get-Verb | measure
      • Get-Noun | measure
      • Get-Command                        (List all available commands)
    • Get-Process:
      • Get-Process | Sort-Object cpu [pm|handles, ProcessName]
      • Get-Process | Where-Object -EQ ProcessName notepad | Stop-Process
      • Get-Process -Name notepad | Out-File  process.txt  (cat process.txt)
    • Get-Module:
      • Get-Module –List-Available | Where name -Like “*Azure*” `
        foreach  {Get-Command  -Module $_}
      • (Get-Module AzureRm).version
    • Get-Command:
      • Get-Command -Noun process
      • Get-Command -Verb new
    • Invoke-Command  -ComputerName host1,localhost -ScriptBlock `
      {Get-EventLog  -LogName Security -News 10} | Sort-Object TimeGenerated
    • Set-Location (sl) /tmp
    • $psversiontable                    (Show version)
    • Get-WindowsFeature where installed -eq $true
    • Get-WindowsFeature web-server | Install-WindowsFeature
    • Install-WindowsFeature -Name Web-Server  -IncludeManagementTools `
      -ComputerName vm1 -Credential admin\password
  • PowerShell Azure cmdlets:
    • Install Azure PowerShell on Windows:
      • Run Windows PowerShell ‘Run as administrator’
      • Install-Module AzureRm
      • Update-Module AzureRm
      • Get-Module -ListAvailable AzureRM | (Get-Module AzureRm).version
      • Get-Command *rmstorage*
      • Get-Help New-AzureStorageAccount -full
      • Note: running scripts on your computer has been disabled:
        • Set-ExecutionPolicy Unrestricted
        • Import-Module AzureRM
        • Set-ExecutionPolicy Restricted
    • Basic cmdlets:
      • Get-AzureRmLocation
      • Get-AzureRmVMSize -Location “East US”
      • Get-AzureRmVM  -ResourceGroupName “rg1
      • Get-AzureRmStorageAccount -ResourceGroupName “rg1
    • Login
      • Login-AzureRmAccount
      • Get-AzureRmContext
      • Get-AzureRmSubscription | sort SubscriptionName | Select SubscriptionName
      • Select-AzureRmSubscription -SubscriptionName “Free Trial”
    • RBAC:
      • Get-AzureRmRoleDefinition | Select-Object Name  (List built-in roles)
      • (Get-AzureRmRoleDefinition -Name Reader).Actions
      • Get-AzureRmProviderOperation Microsoft.Compute/*/action | `
        Select-Object Operation, OperationName
      • New-AzureRmRoleAssignment -ObjectId $adGroups[0].Id.Guid `
        -RoleDefinitionName ‘Role1’ -Scope “/subscriptions/$subscriptionID”
    • Users and Groups:
      • Get-AzureRmADGroup [-SearchString ‘VM Operators’]
    • Policies:
      • New-AzureRmPolicyDefinition -Name policy1 -Policy C:\policy1.json
      • Get-AzureRmPolicyDefinition -Name policy1
      • New-AzureRmPolicyAssignment -Name pa1 -PolicyDefinition policy1
        -Scope $rg1.ResourceId -Verbose
      • Get-AzureRmPolicyAssignment -Name pa1 -PolicyDefinition policy1
        -Scope $rg1.ResourceId -Verbose
    • Tags:
      • Get-AzureRmResource Where-Object {$_.Name -like “vm-*” -and $_.ResourceType -eq ‘Microsoft.Compute/virtualMachines‘}
    • Resource Groups:
      • New-AzureRmResourceGroup  -Name ‘rg1‘ -Location ‘East US
      • Get-AzureRmResourceGroup [-Name rg1]
      • Remove-AzureRmResourceGroup -Name ‘rg1
    • Basic Azure Cmdlets:
      • Get-AzureRmVM  [-ResourceGroupName rg1  -VMName vm1]
        • (Get-AzureRmVM vm1).StorageProfile.OsDisk
      • Get-AzureRmVMSize -ResourceGroupName rg1  -VMName vm1
      • Update-AzureRmVM -ResourceGroupName rg1  -VM $vm
      • Stop-AzureRmVM -ResourceGroupName rg1  -Name vm1
      • Start-AzureRmVM -ResourceGroupName rg1  -Name vm1
      • Get-AzureRmResource | Select-Object Name, ResourceType
      • Get-AzureRmResourceProvider | `
        Select-Object  ProviderNamespace, ResourceTypes | `
        Sort-Object ProviderNamespace
      • Enter-PSSession -ComputerName <Public-IP> -Credential (Get-Credential) -UseSSL -SessionOption (New-PSSsessionOption -SkipCACheck -SkipCNCheck)
      • ConvertTo-AzureRmManagedDisk -ResourceGroupName rg1  -VMName vm1
      • Add-AzureRmVhd -ResourceGroupName disks -Desitination “https://vmstorecjh.blob.core.windows.net/vhd/mydata.vhd&#8221; -LocalFilePath D:\mydata.vhd -Verbose
      • $publicIP = New-AzureRmPublicIpAddress -Name pubIp -ResourceGroupName rg1 -Location “east us” –AllocationMethod Static -DomainNameLabel loadbalancernrp
      • New-AzureRmVirtualNetwork
      • New-AzureRmResourceGroupDeployment -Name $depName `
        ResourceGroupName $rg1.ResourceGroupName `
        -TemplateFile template.json   -TemplateParameterFile params.json `
        @additionalParameters -Verbose -Force
      • Images:
        • Get-AzureRmVmImagePublisher -Location “East US”
        • Get-AzureRmVmImageOffer -Location “East US” -PublisherName “MicrosoftWindowsServer”
        • Get-AzureRmVmImageSku -Location “East US” -PublisherName “MicrosoftWindowsServer” -Offer “WindowsServer”
        • Get-AzureRmVmImage -Location “East US” -PublisherName “MicrosoftWindowsServer” -Offer “WindowsServer” -Skus “2016-Datacenter-Server-Core”
        • $AzureImageSku = Get-AzureRmVmImage -Location “East US” -PublisherName “MicrosoftWindowsServer” -Offer “WindowsServer” -Skus “2016-Datacenter-Server-Core” | `
          Sort-Object Version -Descending
        • $latestImage = $AzureImageSku[0]
      • Azure DNS:
        • PS> $zone = Get-AzureRmDnsZone -Name abc.com -ResourceGroupName rg1
        • Get-AzureRmDnsRecordSet -Name “@” -RecordType NS -Zone $zone
        • New-AzureRmDnsRecordSet  -Name abc  -ZoneName abc.com -ResourceGroupName rg1  –RecordType A -DnsRecords (New-AzureRmDnsRecordConfig -Ipv4Address “1.2.3.4“)
        • Resolve-DnsName -Server ns1-07.azure-dns.com -Name abc.com 
    • Create a VM using PowerShell:
      • Create a basic VM (latest Windows Server 2016):
        # Login to Azure
        Login-AzureRmAccount
        # Variables for common values
        $rg = “rg1”
        $loc = “EastUS”
        $vmName = “vm1”
        # Create user object
        $cred = Get-Credential -UserName “vmadmin” -Message “VM Administrator Password”
        # Create a resource group
        New-AzureRmResourceGroup -Name $rg -Location $loc
        # Create a virtual machine
        New-AzureRmVM `
        -ResourceGroupName $rg `
        -Location $loc `
        -Name $vmName `
        -Image “Win2016Datacenter” `
        -Size “Standard_B1s” `
        -Credential $cred `
        -VirtualNetworkName “vnet1” `
        -SubnetName “subnet1” `
        -SecurityGroupName “nsg1” `
        -PublicIpAddressName “ip1” `
        -OpenPorts 80,3389
        # Install IIS into VM
        $set = ‘{“commandToExecute”:”powershell Add-WindowsFeature Web-Server”}’
        Set-AzureRmVMExtension -ResourceGroupName $rg -Location $loc
        -VMName $vmName -ExtensionName “IIS” -Publisher “Microsoft.Compute” -ExtensionType “CustomScriptExtension” -TypeHandlerVersion 1.4 -SettingString $set
        #Connect to VM
        Get-AzureRmPublicIpAddress
        -ResourceGroupName “rg1” | Select IpAddress
        mstsc  /v:<publicIpAddress>
      • Create a detailed VM (Windows Server 2016 Core):
        $locName = “eastus”
        $rgName = “rg1”
        $nsgName = “nsg1”
        $ruleName = “AllowRDP”
        $port = “3389”
        $vnetName = “vnet1”
        $vnetAddress = “10.0.0.0/16”
        $subnetName = “vnet1-subnet”
        $subnetAddress = “10.0.1.0/24”
        $ipName = “vm1-ip”
        $nicName = “vm1-nic”
        $vmName = “vm1”
        $vmAdmin = “vmadmin”
        $password = “Pa55word5”
        $vmSize = “Standard_B1s”
        $vmSkus = “2016-Datacenter-Server-Core-smalldisk”
        $vmOffer = “WindowsServer”
        $vmPublisher = “MicrosoftWindowsServer”
        $vmVersion = “latest”#Login to Azure
        Login-AzureRmAccount#Create Resource group
        New-AzureRmResourceGroup -Name $rgName -Location $locName#Create Network Security Group and rule
        $rule = New-AzureRmNetworkSecurityRuleConfig -Name $ruleName -Priority 600 `
        -Access Allow -Protocol * -Direction Inbound `
        -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange $port
        $nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName $rgName -Location $locName -Name $nsgName -SecurityRules $rule#Create Virtual network
        $subnet = New-AzureRmVirtualNetworkSubnetConfig -AddressPrefix $subnetAddress -Name $subnetName -NetworkSecurityGroup $nsg
        $vnet = New-AzureRmVirtualNetwork -ResourceGroupName $rgName -Location $locName -Name $vnetName -AddressPrefix $vnetAddress -Subnet $subnet# Create Public IP and Network Interface Card
        $ip = New-AzureRmPublicIpAddress -ResourceGroupName $rgName -Location $locName -Name $ipName -AllocationMethod Dynamic
        $nic = New-AzureRmNetworkInterface -ResourceGroupName $rgName -Location $locName -Name $nicName -SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $ip.Id#Get Windows Administrator credentials
        #$cred = Get-Credential -UserName $vmAdmin -Message “Password?”
        $secPassword = ConvertTo-SecureString $password -AsPlainText -Force
        $credentials = New-Object System.Management.Automation.PSCredential ($vmAdmin $secPassword)

        #Create VM Config
        $vm = New-AzureRmVMConfig -VMName $vmName -VMSize $vmSize
        $vm = Set-AzureRmVMOperatingSystem -VM $vm -Windows -ComputerName $vmName -Credential $credentials
        $vm = Add-AzureRmVMNetworkInterface -VM $vm -Id $nic.Id
        $vm = Set-AzureRmVMOSDisk -VM $vm -Name “$vmName.vhd” -CreateOption FromImage
        $vm = Set-AzureRmVMBootDiagnostics -VM $vm -Disable
        $vm = Set-AzureRmVMSourceImage -VM $vm -Skus $vmSkus -PublisherName “MicrosoftWindowsServer” -Offer “WindowsServer” -Version “latest”

        #Deploy VM
        New-AzureRmVM -ResourceGroupName $rgName -Location $locName -VM $vm

        $secPassword = ConvertTo-SecureString $password -AsPlainText -Force
        $credentials = New-Object System.Management.Automation.PSCredential ($vmAdmin $secPassword)

  • Powershell Desired State Configuration (DSC): A declarative technology enabling the definition of what a system should be without having to detail how to make it that way.
    • Without DSC:
      Import-Module ServerManager
      If (-not (Get-WindowsFeature “Web-Server”).Installed) {
      try {
      Add-WindowsFeature Web-Server
      }
      catch {
      Write-Error $_
      }
      }
    • With DSC:
      Configuration WebConfig {
      param([string[]]$computerName=”localhost”)
      Node $comptuerName {
      WindowsFeature WebServer {
      Ensure = “Present”
      Name = “Web-Server”
      }
      }
      }
  • Azure CLI 2.0
    • az login
    • az account list
    • az vm list
    • az group create -n “rg1” -l “east us
    • az group list
    • az group export -n rg1
    • az vm reset-access  -g rg  -n vm1  –u LinuxAdmin  -p  NewPassw0rd2
    • az vm availability-set create
    • az network vnet create –resource-group “rg1″ –name “cliNet” -address-prefix “10.0.0.0/16” –subnet-name “subnet1″ –subnet-prefix “10.0.1.0/24”
    • az network dns record-set ns show –resource-group rg1 –zone-name abc.com –name @

Reference:

 

Advertisements

About Ishtiaque

I am IBM Certified Infrastructure Systems Architect, Linux Foundation Certified System Administrator, Oracle Certified Programmer in Java and Web Component Developer, and TOGAF 9 certified with over 10 years of support and development experience in IBM middleware software and Java. Additionally, have a sound grip in databases and OpenStack administration. I hold the following certifications: IBM Certified Infrastructure Systems Architect Linux Foundation Certified System Administrator (LFCS) TOGAF 9 Certified Oracle Certified Expert, Java EE6 Web Component Developer Oracle Certified Professional – Java 6 Programmer ITIL v3 Foundation Certified IBM Certified Solution Architect – Cloud Computing Infrastructure V1 IBM Certified System Administrator – WebSphere Portal V8, V7, V6.1, V6 IBM Certified System Administrator – WebSphere Application Server V7, V6.1 IBM Certified System Administrator – AIX V7 IBM Certified System Administrator – WebSphere MQ V7 IBM Certified Deployment Professional – Business Process Manager Advanced V7.5 IBM Certified Solution Advisor – Cloud Computing Architecture V3 IBM Certified Solution Developer – WebSphere Portal V5.1
This entry was posted in azure. Bookmark the permalink.