Microsoft is putting a lot of work into their graphical user interfaces (GUI) for many of their workloads in Office 365. From the new Exchange Admin Center, to improvements in the Security and Compliance Center, the main Office 365 Admin page and more. In addition to this, Microsoft has also improved several wizards in their cloud service. One of these wizards involves the creation of a brand new Azure VM. This wizard key as a better, cleaner more informative the experience is, the more virtual machines that will be created, the more benefit Microsoft also receives in turns of service consumption.
Azure Virtual Machine Wizard
First, we need to log into our Azure portal at https://azure.portal.com:
Once logged in we can go to Virtual Machines in the tenant:
Click Add and we are taken to this config screen:
BASICS
As we can see there are a lot of options available for adding a new Virtual Machine in Azure. What you will find helpful are all of the informational pop-ups that are available. Each one tried to assist in guiding you to understand what each option is good for:
Select the correct Azure Subscription for the VM:
|
Pick a valid Resource Group in the subscription. If you do not have any, you will need to create one first:
|
Self-explanatory:
|
Choose a region to place the VM. Make sure that the region you choose makes sense for it’s usage as well as any data governance policies:
|
Pick from any ‘Availability options’ that you have already configured. If you have not created one and this VM needs that feature, then you need to create those options before creating the VM. Learn More link has two destinations, once for Windows and one for Linux. What is interesting is because the default Image is a Ubuntu one, the default Learn More points to a Linux resource: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/availability Now, if you have a Windows Image selected, then the link will take you to a Windows resource: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/availability |
Next, pick your OS:
|
This feature allows a VM to take advantage of cheap resources when they are available. The VM can be removed from service at will if those resources are needed. This works well for an org that needs cheaper resources but also has a process/app that can tolerate interruptions. Learn more about Azure Spot Instances Link |
Choose the size of your VM. There are a lot of options to choose from. Learn more about Virtual Machines sizes |
Decide if you are going to use a password or SSH keys to log in.
|
Enter a user name for a local server admin account: There are restrictions to keep in mind:  Names that are not allows are documented here: Frequently asked question about Windows Virtual Machines |
If you choose SSH key, you can enter it here for your login:
|
|
(Learn more about creating and using SSH keys in Azure) – |
Here we can select either no inbound ports or we can choose some well known ports. First we would choose ‘Allow selected ports.’:
|
Then we can chose ports with this dro pbox: List of available ports: 
|
Select this if you have the proper licenses.
|
Agree to the Terms and Conditions for this licensing option:
|
DISKS
After all of the Basic tab information is filled out, click on the Disks tab:
Learn more link – http://go.microsoft.com/fwlink/?LinkId=2061668
Select the disk type your server needs Standard HDD, Standard SDD or premium SDD. Remember that you are limited on the number of disks you can add by the number of disks that the selected VM Size you selected on the previous screen. Also, some VMs do not support using Premium SDD’s. Learn more about managed disk types link – http://go.microsoft.com/fwlink/?LinkId=2077396 |
For additional performance, you can choose the below option. However, it needs to be supported in your region as well as on your particular VM size chosen. Lean more about Ultra Disks – http://go.microsoft.com/fwlink/?LinkId=2048867 |
In some cases, depending on your VM Size, a Premium disk is not allowed. You will be provided a visual indicator if that is the case:
|
Under Advanced settings for our disks, we also have the option to choose managed or unmanaged disks for our new VM. Using managed disks is the default and recommended selection:
|
One specialize OS disk option is Ephemeral OS disks. These disks are stored in local VM storage and not in any remote Azure Storage. Keep this in mind. Whatever application or process that runs on the VM must be tolerant of loss or failure. Advantages are quicker re-imaging time. Take a look at the link below for more information: Learn more about ephemeral OS disks – http://go.microsoft.com/fwlink/?LinkId=2102508 |
NETWORKING
Once we complete our disk setup, we can click on the Networking Tab of the VM to begin configuring our VM’s networking.
As we can see from the below pop-up we need to choose a Virtual Network where the VM will connect to. Make sure to have this pre-created as well:
|
Just like any other modern computer on the network, we also need to specify a subnet. The subnet allows us to create groups of machines or isolate machines to ranges of IP addresses in Azure.
|
Assign a Public IP address to your virtual machine if you want the server to be publicly accessible:
|
We can also select Security Group settings for you virtual machine’s network connection. Network Security Groups – https://docs.microsoft.com/en-us/azure/virtual-network/security-overview If we chose to use the ‘Advanced’ setting instead of ‘None’ or ‘Basic’ we see that have the option to select an existing NIC Network Security Group or even create a new one. If we want to create a new one, we can select that option and then we are presented with the default NIC Network Security Group configuration on the upper right of our screen:  From here we can create new Inbound rules:  Or create new Outbound rules:  Once the rules are created we can apply them to this new VM. |
In addition to those rules, we can also decide what is accessible publicly as well. We can block all by setting the value to ‘None’ or we can pick ports to expose. The choices depend on what the purpose of the VM is. Careful what you chose here as you are exposing the server to the Internet.
|
Additionally, if we need a network link with some additional performance, we can turn on the Accelerated Network option: Accelerated Networking Link – http://go.microsoft.com/fwlink/?LinkId=2048446 |
There is also an option to set up load balancing for your VM as well: Load Balancing – https://go.microsoft.com/fwlink/?linkid=2033967&clcid=0x409 |
MANAGEMENT
Now that we’ve configured out VM for the size (CPU/RAM), Disk and Networking, we need to add the next layer, which is Management. Just like an on-prem server, we can configure backups and monitoring of our servers in Azure:
First option is the ability to turn on diagnostics for a server. The diagnostic mode may be useful for historical information or troubleshooting a new / existing issue:
|
If we decided to use the metrics of the previous option, we will need to store them somewhere in Azure:
|
Cannot change with this if using the Azure AD credentials option. Learn More – http://go.microsoft.com/fwlink/?LinkId=854449 |
Allow the use of your Azure AD credentials for logins, MFA and RBAC: Learn More – http://go.microsoft.com/fwlink/?LinkId=2113610 |
By default, the Auto Shutdown feature is turned off, and for good reason. Typically this feature is not required, but may be useful for fixed processes, or for tasks that do not require the server to be up 24×7: If we want to use this feature we want to enable we will need to chose the time zone, time to shutdown and if and who to notify: 
|
First we can configure our server backups. This is not a requirement and we can skip this configuration and set it later if we wish. If we turn on the backup feature we will have some items to configure before this will process:  Backup – Link – http://go.microsoft.com/fwlink/?LinkId=859157 |
ADVANCED
After management we have some advanced options that we can chose for our new VM’s.
First we have extensions. Extensions are used to add some additional functionality to a VM: If we click on ‘Select an Extension to install’, we will see a screen like this:  We can use this to further enhance and customize our new VM. |
If we were installing a Linux VM we would be able to chose installing some packages over the web: Cloud Init – Learn More – http://go.microsoft.com/fwlink/?LinkId=2012657 |
Choosing a Host Group allows for configuration control down to the level of the server that hosts your virtual machines. More on Host Groups – https://docs.microsoft.com/en-us/azure/virtual-machines/windows/dedicated-hosts |
If you have a server that requires low latency or if you want to try to keep your servers/resources close, choose this option: Proximity Groups – https://azure.microsoft.com/en-us/updates/proximity-placement-groups-are-now-available/ PowerShell – https://docs.microsoft.com/en-us/azure/virtual-machines/windows/proximity-placement-groups |
|
TAGS
Tags are labels that can be applied to help with queries and reporting.
Learn more about Tags – https://go.microsoft.com/fwlink/?linkid=873112
Add a name for the tag, noting the limitations:
|
Create the tag, noting the limitations:
|
REVIEW & CREATE
After we’ve entered all of our options for the new Virtual machine we are presented with a very long and detailed list of our configuration. The configuration should like this:
Not that there is one informational box that we can review before committing the change: It simply explains what our costs will be for this VM. |
CONCLUSION
As we can see from the above walk-through, there are a lot of options and a lot of information to process. However, there are a lot of guides and informational articles along the way.
Short list of things to gather before building one or more virtual machines: (not necessarily comprehensive):
- Naming Convention
- Region in Azure
- VM Size
- Image to use – Linux / Windows OS
- Login and password for administration
- Azure Hybrid Benefit – https://docs.microsoft.com/azure/virtual-machines/windows/hybrid-use-benefit-licensing
- Subcription to assign
- Defined Resource Group
- Disk type and encryption
- Networking – IP Address, Subnet, Public IP
- Network load balaanicng
- Availability Options
• No redundancy required
• Availability Zone
• Availability Set - Azure Spot Instance
- Access – Inbound and outbound ports as well as public ports / IP
- Additional apps (extensions) as well
- … etc …
The moral with Azure VMs is the same as your on-premises VMs, plan ahead for the greatest success. Understand all of your options to get the most out of your experience. Good luck!
