Mark Richardson

Mark Richardson

I am a Profesional Services Engineer specializing in backup, storage, and automation

Azure ARM Templates

2 minute read

In a previous post I talked about using PowerShell to create Azure resources in preparation for Commvault. However, a simpler method is to utilize ARM Templates.

When I need to test Commvault, a useful tool is Microsoft Azure. The cloud allows me to easily test various scenarios. After testing I will then delete everything to control costs.  I was continually repeating the process of building the infrastructure in Azure and then deleting it all but this is repetitive and not necessary because ARM Templates can automate the process. ARM Templates are JSON that define a resource build.

The ARM Template will build a Standard_D4s_v3 VM with Windows 2019. The specs are 4 cpu, 16GB ram, and 127 GB premium SSD. It is configured for a public IP to access remotely. Since this is for lab testing it is a Spot Instance which saves considerable money but has no SLA. In addition, a Storage Account with unique name, virtual network, and a NSG to allow Commvault traffic is created. Last, it runs a PowerShell script to disable IESC, UAC, Windows Defender, and open ports for Commvault and web traffic in the Windows Firewall. 

Open PowerShell and login to your Azure subscription. The Az Module is required. If you don’t already have a Resource Group create one prior to running. Run the following. It will prompt for a username and password which is what you will use to login to the VM. Make sure to not use admin for the username and that the password meets complexity/length requirements. If the password fails just re-enter and the build will complete as it is non-destructive.

Write-Host "The user name, admin, cannot be used!" -BackgroundColor "Red" -ForegroundColor "Black"
$templateLink = "https://raw.githubusercontent.com/ProServicesStorage/pubAzureARM/master/cv_env_cs.json"
$resourceGroup = "YourResourceGroupName"
New-AzResourceGroupDeployment `
  -Name CVDeployment `
  -ResourceGroupName $resourceGroup `
  -TemplateUri  $templateLink
$x = Get-AzPublicIpAddress -name cs01-ip -ResourceGroupName $resourceGroup
Write-Host "The Public IP for your new VM is"
Write-Host $x.IpAddress -BackgroundColor "Green" -ForegroundColor "Black"‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

The build takes ~ 5 minutes to complete so go get a coffee or a candy!

Extra:

You can remove the requirement to enter a user name and password as well! For a lab build this is helpful but not good for production . In Azure create a Key Vault and new Secret. Create an ARM template parameter file (filename.parameter.json) and include the following specifying both the Key Vault and Secret. In addition, copy the ARM Template referenced above locally and hardcode the username. Replace everything in JSON below with CAPS with your values. When the build runs it will pull the password from the vault. This is how I build my labs.

{
    "$schema":  "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
    "contentVersion":  "1.0.0.0",
    "parameters":  {
       "adminPassword":  {
         "reference":  {
            "keyVault":  {
              "id":  "/subscriptions/YOURSUBSCRIPTION/resourceGroups/YOURRESOURCEGROUPNAME/providers/Microsoft.KeyVault/vaults/YOURKEYVAULTNAME"
              },
            "secretName":  "YOURSECRETNAME"
         }
       }
    }
}‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Then to run utilize the following PowerShell:

Write-Host "The user name, admin, cannot be used!" -BackgroundColor "Red" -ForegroundColor "Black"

$templateFile = "/YourLocalPath/yourfilename.json"
$templateParameterFile = "/YourLocalPath/yourfilename.parameters.json"
$resourceGroup = "YourResourceGroup"

New-AzResourceGroupDeployment `
  -Name CVDeployment `
  -ResourceGroupName $resourceGroup `
  -TemplateFile $templateFile `
  -TemplateParameterFile $templateParameterFile

$x = Get-AzPublicIpAddress -name cs01-ip -ResourceGroupName $resourceGroup
Write-Host "The Public IP for your new VM is"
Write-Host $x.IpAddress -BackgroundColor "Green" -ForegroundColor "Black"‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Lastly, if you want the VM to be production ready just remove the Spot Instance specification in the Microsoft.Compute/VirtualMachines resource section in the ARM template. Copy the JSON locally and remove the following section.

"priority": "Spot",
"evictionPolicy": "Deallocate",
"billingProfile": {
    "maxPrice" : -1‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

You may also enjoy