Take Control of the CloudWindows Azure PowerShellMichael WashamPrincipal Cloud ArchitectAditi

WAD-B305

Microsoft Confidential

What can you do with Windows Azure from PowerShell?

NetworkingConfigure and Manage Virtual Network configuration and VPN gateway management.

Provision Fully Composed Virtual Machines

AutomationQuery, Manage and Configure Windows Azure resources (VMs, Cloud Services, Websites, Storage, Queues, Databases etc…) across multiple subscriptions and data centers.

StorageUpload and Download VHDs from Your Windows Azure Storage Accounts to your on-premises servers. Copy VHDs between Storage Accounts and Subscriptions.

Microsoft Confidential

Getting Started with the PowerShell Cmdlets• http://www.windowsazure.com/en-us/downloads/

• Import-Module Azure• Get-AzurePublishSettingsFile # Once • Import-AzurePublishSettingsFile # Once • Set-AzureSubscription –CurrentStorageAccount • Select-AzureSubscription SubscriptionName• Some-Windows-Azure-Cmdlet

Getting Started with Windows Azure PowerShellDEMO

Updating Existing Virtual Machines

$config = Get-AzureVM ... # Return the VM ConfigAdd-AzureDataDisk -VM $config.VM ... # Modify the returned VMAdd-AzureEndpoint -VM $config.VM ... # Modify the returned VMUpdate-AzureVM -VM $config.VM # Call Update

Get-AzureVM … | # Return the VM Config Add-AzureDataDisk … | # Modify the returned VM Add-AzureEndpoint … | # Modify the returned VM Update-AzureVM # Call Update

Updating a Virtual Machine

DEMO

Remote Management with PowerShell

Client

CloudEnabled by Default

Https Cert Generated or Specify your Own

Http Optional for VM to VM PowerShell

Use for in Guest Customization or Monitoring

Remote PowerShell Details

-WaitForBootNew-AzureVM and New-AzureQuickVM support optionally waiting until the VM is ready.

Setting up the Connection$uri = (Get-AzureWinRMUri -ServiceName $svc -Name $vmname).ToString()

Download and Install Generated Certificate (helper function)InstallWinRMCert -ServiceName $svc -Name $vmname

Execute a Script BlockInvoke-Command -ConnectionUri $uri -Credential $creds -ScriptBlock $block

Enter into a remote PowerShell SessionEnter-PSSession -ConnectionUri $uri -Credential $creds

Remote PowerShell

DEMO

Image and Disk Mobility

On-Premises Cloud

Blob Storag

eMyApp.vhd

Add-AzureVHD

Save-AzureVHD

Microsoft Confidential

Migrating Existing Virtual MachinesAdd-AzureVhd … # Upload VHD FilesAdd-AzureDisk … # Register Uploaded VHDs as Disks

New-AzureVMConfig –DiskName … | # Config based on disk Add-AzureDataDisk … | # Add additional data disks New-AzureVM … # Deploy Virtual Machine

VHD Mobility

DEMO

Asynchronous Blob Copy

Client

Storage Service

Source

Blob Source

Destination

BlobStorage

Start-AzureStorageBlobCopy

MyApp.vhd

Copy from Source to Destination

Copying VHDs between Data Centers

DEMO

Any IP

Access Control Listsmysqlserver1.cloudapp.netIP: 137.135.67.39

Rules (up to 50)• Permit: Allow

• RemoteSubnet: 168.62.20.14/32

• Description: Only Website

• Order 1

Virtual MachineRole Name: sqlvm1Subnet: BackEndSubnetIP Address: 10.3.3.4

WA Website

Fabrikam.comIP: 168.62.20.14

Some bot

“owned” machineIP: 150.48.12.5

Endpoint for port 1433 with ACL

Configuring Access Control Lists

$acl = New-AzureAclConfig

Set-AzureAclConfig -AddRule Permit -RemoteSubnet "209.116.0.0/16" `

-Order 1 -ACL $acl -Description "Restrict SSH"

Get-AzureVM -ServiceName mwlinuxsvc1 -Name mwlinux | Set-AzureEndpoint -Name ssh -Protocol tcp -PublicPort 22 `

-LocalPort 22 -ACL $acl | Update-AzureVM

Locking down an Endpoint

DEMO

Designing for Scale and Availability

Availability and Load Balanced Sets Availability Sets• Distributes your VMs on separate physical

hardware• Tells the fabric controller in what order to

update virtual machines (rolling upgrades)• 99.95% SLA

Load Balanced Endpoint Sets• Distribute traffic in round robin based on

port and protocol• Health Probes allow your application to

report health to the LB

End to End Highly Available Solution• Redundancy at every level

LB

Internet

SQL-AVSET

IIS-AVSETWeb

Server

Web Server

Database

Database

TCP Load Balancer Custom Probes

Default when creating with PowerShell

Load Balancer Polls Every 15 seconds

Looks for ACK on socket connect

Traffic stops until ACK received

Continues Polling

HTTP 500

HTTP Load Balancer Custom Probes

Load Balancer Polls Every 15 seconds

Receives other than 200 OK (HTTP)

Traffic stops until 200 Received

Continues Polling

Configuring Load Balanced EndpointsDemo

Microsoft Confidential

Windows Azure Cloud Services ManagementDeploy .cspkg and .cscfg Files for Cloud Services• Deploy to Windows Azure Virtual Networks• Restart, Reimage and Change Role

Instance Count• Enable/Disable RDP and Diagnostics• Change Configuration • Upgrade (Automatic, Manual and

Simultaneous)• Scaffold Existing or New Applications in

Node.js, PHP, Python and .NET

Deploying and Managing Cloud Services

Demo

Wrapping Up

You just saw…TONS of Powerful Cloud Automation with PowerShellQuestions?

For More Information: Follow me on Twitter @MWashamMSPowerShell Examples: michaelwasham.com

Microsoft Confidential

Track Resources & Calls To ActionGet Started with Windows Azure

Develop and Test in VMs, Build Websites, Extend on-premises applicationshttp://www.windowsazure.com

*No purchase necessary. Open to eligible Visual Studio Professional, Premium or Ultimate with MSDN subscribers as of June 1, 2013. Ends 11:59 p.m. PT on September 30, 2013. For full official rules including odds, eligibility and prize restrictions see website. Sponsor: Microsoft Corporation. Aston Martin is a trademark owned and licensed by Aston Martin Lagonda Limited. Image copyright Evox Images. All rights reserved.

Drop by the Windows Azure booth to participate in the Windows Azure Challenge for even more prizes!

MSDN Subscribers: you’ve got it, now use itActivate your MSDN Benefit & try it by 9/30You could win* an Aston Martin V8 Vantage!Go to: http://aka.ms/AzureContest

msdn

Resources for Developers

http://microsoft.com/msdn

Learning

Microsoft Certification & Training Resources

www.microsoft.com/learning

TechNet

Resources

Sessions on Demand

http://channel9.msdn.com/Events/TechEd

Resources for IT Professionals

http://microsoft.com/technet

Complete an evaluation on CommNet and enter to win!

Evaluate this session

Scan this QR code to evaluate this session and be automatically entered in a drawing to win a prize

© 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.