As the example with Chef shows, not all virtual machine extensions have their own speciic Azure PowerShell cmdlet. To view the extensions that are available, use the Get-AzureVMAvailableExtension cmdlet. Piping the results to the Out-GridView cmdlet makes it easy to read.
Get-AzureVMAvailableExtension | Out-GridView
Virtual machine extensions can be enabled directly using the Set-AzureVMExtension cmdlet.
This cmdlet accepts the extension name, the publisher name, the version of the extension, and the public and private coniguration to be set. Extensions like the Chef extension, and the Linux custom script extension are both examples of extensions that currently can only be enabled through this technique. An example of how to implement the custom script extension for Linux can be found in the Azure blog at
http://azure.microsoft.com/blog/2014/08/20/automate-linux-vm-customization-tasks-using-customscript-extension/.
112 CHAPTER 2 Implement virtual machines EXAM TIP
To use virtual machine extensions like DSC, Puppet, and Chef on Windows, the Azure virtual machine agent must be installed on the virtual machine. By default, the agent is installed on virtual machines created after February 2014 (when the feature was added). But, it’s also possible to not install the agent by using the management portal, or by using the DisableGuestAgent parameter of the Add-AzureProvisioningConig and New-AzureQuickVM cmdlets. If the agent is not installed at provisioning time, or if you have migrated a virtual hard disk from on-premises, you can manually install the agent on these virtual machines by downloading and installing the agent from Microsoft at http://go.microsoft.com/fwlink/?LinkID=394789&clcid=0x409.
Thought experiment
Implementing coniguration management
In this thought experiment, apply what you’ve learned about this objective. You can ind answers to these questions in the “Answers” section at the end of this chapter.
You are the network administrator of Contoso. You are responsible for deploying applications through several environments, including the production environment.
You’re using Azure virtual machines as your deployment environment.
Management has given you the requirements that the coniguration management solution you implement should avoid manual coniguration of individual servers, which can cause coniguration drift. In addition, the solution should provide the ability to track changes when modifying the coniguration. The majority of your team is either familiar with, or has expertise with Windows PowerShell.
1. You have to come up with a coniguration management solution to support your management’s requirements. What is the best solution?
2. What additional component should be involved with your solution to help track changes?
Objective summary
■ The Management portal or the Get-AzureVMAvailableExtension cmdlet can enumerate the available extensions for Azure virtual machines.
■ Azure Windows-based virtual machines support executing standard or DSC-based Windows PowerShell scripts using the Management portal or the Azure PowerShell cmdlets.
■ To apply a DSC script to a virtual machine using Windows PowerShell, publish it to an Azure Storage account using the Publish-AzureVMDscConiguration cmdlet. The Azure Storage account can be speciied using the CurrentStorageAccount setting of the sub-scription, or the cmdlet accepts a storage context object.
Objective 2.3: Perform coniguration management CHAPTER 2 113
■ To apply the published coniguration to an individual virtual machine, use the Set-AzureVMDscExtension cmdlet, or the Management portal. This coniguration can be applied at provisioning time or later.
■ The Set-AzureVMAccessExtension cmdlet is used to execute the VM Access Extension.
This extension can enable Remote Desktop access on a virtual machine, change the local administrator password, and rename the local administrator account user name. This ex-tension does not work against Active Directory domain accounts or on domain controllers.
■ Windows-based Azure virtual machines natively support the Puppet extension by enabling it through the Management portal, or using the Set-AzureVMPuppetExtension cmdlet. You can enable the Chef extension on both platforms using the Management portal.
Objective review
Answer the following questions to test your knowledge of the information in this objective.
You can ind the answers to these questions and explanations of why each answer choice is correct or incorrect in the “Answers” section at the end of this chapter.
1. Which Azure PowerShell cmdlet can be used to enable Remote Desktop on an Azure virtual machine?
A. Set-AzureServiceRemoteDesktopExtension B. Set-AzureVMAccessExtension
C. Set-AzureServiceADDomainExtension D. Add-AzureEndpoint
2. When publishing a PowerShell DSC coniguration using Windows PowerShell, how do you specify a Windows PowerShell data ile (.psd1) that contains parameters for the coniguration?
A. Specify the ConigurationName parameter of the Set-AzureVMDscExtension cmdlet.
B. Specify the ConigurationArchivePath of the parameter of the Publish-AzureVMDscConiguration cmdlet.
C. Specify the ConigurationDataPath parameter of the Set-AzureVMDscExtension cmdlet.
D. This is only possible through the Management portal.
3. How do you identify all of the available virtual machine extensions using Windows PowerShell?
A. Get-AzureVMExtension B. Get-AzureServiceExtension C. Get-AzureVMAvailableExtension D. Get-AzureVM
114 CHAPTER 2 Implement virtual machines
Objective 2.4: Conigure VM networking
Coniguring the network for Azure virtual machines is a broad topic. This objective covers network-related topics that do not require a virtual network, such as coniguring the load balancer on the external VIP, access control lists, and reserved and instance level (public) IP address. It touches on coniguring the guest operating system network settings for Azure.
This objective covers how to:
■ Understand cloud services
■ Conigure endpoints
■ Conigure access control lists
■ Conigure reserved IP addresses
■ Conigure public IP addresses
■ Conigure the guest operating system network