Create SSH key pair

You need an SSH key pair to complete this quick start. If you have an existing SSH key pair, this step can be skipped.

From a Bash shell, run this command and follow the on-screen directions. The command output includes the file name of the public key file. Copy the contents of the public key file to the clipboard.

ssh-keygen -t rsa -b 2048

Log in to Azure

Log in to the Azure portal at http://portal.azure.com.

Create virtual machine

1. Click the New button found on the upper left-hand corner of the Azure portal.
2. Select Compute, select Ubuntu Server 16.04 LTS or latest version, and ensure that Resource Manager is the selected deployment model. Click the Create button.
3. Enter the virtual machine information. For Authentication type, select SSH public key. When pasting in your SSH public key, take care to remove any leading or trailing white space. When complete, click OK.
   1. Click the Connect button on the virtual machine blade. The connect button displays an SSH connection string that can be used to connect to the virtual machine.

Run the following command to create an SSH session. Replace the connection string with the one you copied from the Azure portal.

1. Select a size for the VM. To see more sizes, select View all or change the Supported disk type filter.
2. On the settings blade, select Yes under Use managed disks, keep the defaults for the rest of the settings, and click OK.
3. On the summary page, click Ok to start the virtual machine deployment.
4. The VM will be pinned to the Azure portal dashboard. Once the deployment has completed, the VM summary blade automatically opens.

Connect to virtual machine

Create an SSH connection with the virtual machine.: ssh [email protected]

Install NGINX

Use the following bash script to update package sources and install the latest NGINX package.

#!/bin/bash

# update package source
sudo apt-get -y update

# install NGINX
sudo apt-get -y install nginx

When done, exit the SSH session and return the VM properties in the Azure portal.

Open port 80 for web traffic

A Network security group (NSG) secures inbound and outbound traffic. When a VM is created from the Azure portal, an inbound rule is created on port 22 for SSH connections. Because this VM hosts a webserver, an NSG rule needs to be created for port 80.

1. On the virtual machine, click the name of the Resource group.
2. Select the network security group. The NSG can be identified using the Type column.
3. On the left-hand menu, under settings, click Inbound security rules.
4. Click on Add.
5. In Name, type http. Make sure Port range is set to 80 and Action is set to Allow.
6. Click OK.

View the NGIX welcome page

With NGINX installed, and port 80 open to your VM, the webserver can now be accessed from the internet. Open a web browser, and enter the public IP address of the VM. the public IP address can be found on the VM blade in the Azure portal.

Delete virtual machine

When no longer needed, delete the resource group, virtual machine, and all related resources. To do so, select the resource group from the virtual machine blade and click Delete.

---

Create a Linux virtual machine with PowerShell

Log in to Azure

Login-AzureRmAccount

Create resource group

Create an Azure resource group with New-AzureRmResourceGroup. A resource group is a logical container into which Azure resources are deployed and managed.

New-AzureRmResourceGroup -Name myResourceGroup -Location eastus

Create networking resources

Create a virtual network, subnet, and a public IP address. These resources are used to provide network connectivity to the virtual machine and connect it to the internet.

# Create a subnet configuration
$subnetConfig = New-AzureRmVirtualNetworkSubnetConfig -Name mySubnet -AddressPrefix 192.168.1.0/24

# Create a virtual network
$vnet = New-AzureRmVirtualNetwork -ResourceGroupName myResourceGroup -Location eastus `
-Name MYvNET -AddressPrefix 192.168.0.0/16 -Subnet $subnetConfig

# Create a public IP address and specify a DNS name
$pip = New-AzureRmPublicIpAddress -ResourceGroupName myResourceGroup -Location eastus `
-AllocationMethod Static -IdleTimeoutInMinutes 4 -Name "mypublicdns$(Get-Random)"

Create a network security group and a network security group rule. The network security group secures the virtual machine using inbound and outbound rules. In this case, an inbound rule is created for port 22, which allows incoming SSH connections. We also want to create an inbound rule for port 80, which allows incoming web traffic.

# Create an inbound network security group rule for port 22
$nsgRuleSSH = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleSSH  -Protocol Tcp `
-Direction Inbound -Priority 1000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * `
-DestinationPortRange 22 -Access Allow

# Create an inbound network security group rule for port 80
$nsgRuleWeb = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleWWW  -Protocol Tcp `
-Direction Inbound -Priority 1001 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * `
-DestinationPortRange 80 -Access Allow

# Create a network security group
$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName myResourceGroup -Location eastus `
-Name myNetworkSecurityGroup -SecurityRules $nsgRuleSSH,$nsgRuleWeb

Create a network card with New-AzureRmNetworkInterface for the virtual machine. The network card connects the virtual machine to a subnet, network security group, and public IP address.

# Create a virtual network card and associate with public IP address and NSG
$nic = New-AzureRmNetworkInterface -Name myNic -ResourceGroupName myResourceGroup -Location eastus `
-SubnetId $vnet.Subnets[0].Id -PublicIpAddressId $pip.Id -NetworkSecurityGroupId $nsg.Id

Create virtual machine

Create a virtual machine configuration. This configuration includes the settings that are used when deploying the virtual machine such as a virtual machine image, size, and authentication configuration.

# Define a credential object
$securePassword = ConvertTo-SecureString ' ' -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential ("azureuser", $securePassword)

# Create a virtual machine configuration
$vmConfig = New-AzureRmVMConfig -VMName myVM -VMSize Standard_D1 | `
Set-AzureRmVMOperatingSystem -Linux -ComputerName myVM -Credential $cred -DisablePasswordAuthentication | `
Set-AzureRmVMSourceImage -PublisherName Canonical -Offer UbuntuServer -Skus 14.04.2-LTS -Version latest | `
Add-AzureRmVMNetworkInterface -Id $nic.Id

# Configure SSH Keys
$sshPublicKey = Get-Content "$env:USERPROFILE\.ssh\id_rsa.pub"
Add-AzureRmVMSshPublicKey -VM $vmconfig -KeyData $sshPublicKey -Path "/home/azureuser/.ssh/authorized_keys"

Create the virtual machine with New-AzureRmVM.

New-AzureRmVM -ResourceGroupName myResourceGroup -Location eastus -VM $vmConfig

Connect to virtual machine

After the deployment has completed, create an SSH connection with the virtual machine.

Use the Get-AzureRmPublicIpAddress command to return the public IP address of the virtual machine.

Get-AzureRmPublicIpAddress -ResourceGroupName myResourceGroup | Select IpAddress

From a system with SSH installed, used the following command to connect to the virtual machine. If working on Windows, Putty can be used to create the connection.

ssh <Public IP Address>

When prompted, the login user name is azureuser. If a passphrase was entered when creating SSH keys, you need to enter this as well.

Install NGINX, see above tutorial.