Managing Azure with Linux

Microsoft has done a lot of work behind and Azure and particularly on the management part. I have previously written about how to manage Microsoft Azure via PowerShell in Windows,
this post is going to show how to manage it using Linux (In this case the latest release of Ubuntu) 


First, we need to install some prerequisites, open terminal and install node.js


sudo apt-get update

sudo apt-get install python-software-properties python g++ make
sudo add-apt-repository ppa:chris-lea/node.js
sudo apt-get update sudo apt-get install nodejs

After that is done, you can install the azure-cli


sudo npm install azure-cli –g


Now after that is done you can run the azure command from terminal.

Now the command prefix is «azure command» you can use azure help to get a list of commands available. Now in order to actually do something against our Azure account we need to download our publish settings.
Go get it we have to run the command

azure account download

This command will redirect you to a website and there you will need to login and it will generate a publish file.

Now we have to import the publish file. Run the command

azure account import filename

Now that we have that in place we are now free to play around. Let’s start by creating an VM from one of the images in the Azure store.
For instance 2008R2, we start by listing out the images.

azure vm image list (This will show all the images available from the Azure Store)

Next we should to have an affinity-group to bind the VM to, in my case I already had a group in place, if you need to create one just run the command

azure account affinity-group create

If not we can just specify a location during the creation. So lets create an VM with the 2008r2 image with the command

azure vm create «nameofvm» «imagename» «username» –location «West US» and then you need to specify a password during the creation.

We can now see that the VM is running in the management portal

if we use the command azure vm list we can see all the vm’s

Now I did create a endpoint for this computer in the management portal (but you can do so by using the command)
azure vm «vmname» endpoint create 3389 3389 (This will create an endpoint which is public accessible on 3389 (which is the RDP port)

Then I can fire up rdesktop to my Azure server.

Now that is great I’m all set. I have RDP available and I have CLI based management, so what about Linux VM’s?
Linux is mostly managed using SSH and in order to use this against Azure we need to create a digital certificate.
So by using the openssl tool we create a certificate file that we need to upload to Azure

Run the command

openssl –req –x509 –nodes –days 365 –newkey rsa:2048 –keyout myPrivateKey.key –out myCert.pem

(The Pem files needs to be uploaded to Azure and we use the Privatekey to authenticate.

Run chmod 600 to change the security of the key file (For safety reasons)
Now we can either create a linux vm with the management portal or using CLI

If we go with the CLI approach we using the same command as before but use the –e 22 (for enabling SSH on port 22) and –t and specify the cert file.

With the management portal we have a option to upload a certificate file.

After the VM is provisioned and running to can use any SSH client to authenticate against it, (Just remember to specify the key file)

ssh –l «username» –i mykeyfile –p portnr dnsname.

And there we go, SSH available as well.
A bit concerning that Azure supports rdesktop (Don’t get me wrong that good) by that means that NLA is not activated by default and the last year we had a lot of security holes with the RDP protocol where NLA was not enabled.