install something within an empty vm

# Here is what you will learn 🎯

How to automate the further configuration / setup of an 'empty' VM after it has been deployed.
Use a Custom Script Extension for a Windows VM.
Upload automation code into a storage account for anonymous download (so that the CSE agent can download)
Modify an ARM Template to enable 'zero touch VM deployments'

# Table Of Contents

Do you need a VM?
Attach a simple HelloWorld Custom Script Extension (CSE) to a VM using the Portal
See what has happened inside the VM
Attaching a CSE to a VM in an ARM Template (optional)
Cleanup

# Do you need a VM?

For this lab you need an Azure virtual machine that runs Windows Server and some storage accessible to hold your automation code.
Just click to spin up a new VM for this lab.

Name	Value
Resource group	e.g. rg-www-test-001
Location	e.g. North Europe
Admin user	demoadmin
Admin password	%complex enough%
Vm Size	e.g. Standard_F2s_v2
Disk Sku	StandardSSD_LRS

# Attach a simple HelloWorld Custom Script Extension (CSE) to a VM using the Portal

Take the following code and copy & paste it into a file named e.g. 'HelloWorld.ps1':

##############################################
#   HelloWorld Custom Script Extension (CSE)
##############################################

$filePath = "c:\temp\CSEwasRunAt.txt"

#create dir if it doesn't exist
if (!(Test-Path -Path (Split-Path $filePath -Parent))) {mkdir (Split-Path $filePath -Parent)}

#write current time to file.
Get-Date | Out-File $filePath -Append

#This is really simple but imagine what else you can do to customize a vm ...

Upload this file to a storage account

[Azure Portal] 
-> Resource Group 
-> rg-www-test... 
-> sawww... (_your storage account_)  
-> containers 
-> 'csescripts' 
-> Upload  
->File "HelloWorld.ps1" 
-> Upload

Upload CSE script to storage account

Make this file being executed by the Custom Script Extension within the the VM:
```
[Azure Portal] 
-> Home 
-> Search 'virtual machines' 
-> 'vmblue'  
-> Extensions 
-> Add 
-> 'Custom Script Extension' 
-> Create
```
Parameter Action

Script file (Required) Browse to your 'HelloWorld.ps1' -> it is in your storage account 'sawww...' -> csescripts

Arguments (Optional) none
Wait some seconds then do a refresh of your browser - it'll show the progress:
Final result should show a success:

Parameter	Action
Script file (Required)	Browse to your 'HelloWorld.ps1' -> it is in your storage account 'sawww...' -> csescripts
Arguments (Optional)	none

# See what has happened inside the VM

Now we RDP into the VM and see what has happened and where to find logs in case something breaks.

[Azure Portal] 
-> Resource Groups 
-> 'rg-www...' 
-> 'vmblue' 
-> Connect 
-> Download RDP file 
-> Open 
-> Connect

Parameter	Value
User	demouser
Password	%Your Password%

Within the VM:

Navigate to C:\temp. The result should look similar to this:

CSE Result

Navigate to C:\Packages\Plugins\Microsoft.Compute.CustomScriptExtension\ _%version%_\Downloads. The CSE is software that runs within the VM. The script that will be executed is downloaded first to this location. If you don't see your script file CSE might have trouble to download the resource.

CSE Download Folder

Navigate to C:\WindowsAzure\Logs\Plugins\Microsoft.Compute.CustomScriptExtension\ _%version%_ This is the place where the CSE logs its actions locally - a good place to start troubleshooting.

CSE Logs Folder

Remove the CSE from the VM

[Azure Portal] 
-> Home 
-> Search 'virtual machines' 
-> 'vmblue' 
-> 'Custom Script Extension' 
-> 'Uninstall'

TIP

📝You can only have one Custom Script Extension attached to a VM at a time. If you want to process multiple CSE scripts you need to: Install CSE ('Script1') -> deinstall CSE -> Install CSE ('Script2') -> deinstall ->...

# Attaching a CSE to a VM in an ARM Template (optional)

The goal of this action is to learn how to avoid the portal, i.e. so that the CSE can be attached to a VM during deployment time e.g. using an ARM template. With the whole setup Azure + VM Settings can be done in a '0 touch way'.

In the next CSE we want to install Internet Information Services (IIS) in the VM. Take a look at the code file first ("CSE_Install-IIS.ps1 (opens new window)"). The relevant parts starts at #region install IIS features.
When automating CSE e.g. through ARM deployment - the CSE needs a valid download location for the code file (CSE_Install-IIS.ps1). This could be e.g. a public github repo or another https-reachable location. In this lab we use a storage account for this. Upload ("CSE_Install-IIS.ps1 (opens new window)") file to a storage account.

[Azure Portal] -> Resource Group -> rg-www -> sawww... (%your storage account%)  -> containers -> 'csescripts' -> Upload ->File "CSE_Install-IIS.ps1" -> Upload

Edit the CSE ARM template to use the correct scripts location. Once uploaded you can copy the blobs URL from the Azure portal

Copy the URL of the IIS install script

❔ Question Can you download the file in your browser using the URL? If not have you set the correct access level at the container?

Edit this: CSE ARM template (opens new window) template to use the scripts location:

Edit following ARM section

with your value

...
"fileUris": [
  "https://sawww....blob.core.windows.net/cse/CSE_Install-IIS.ps1"
],
...

Copy the template into the clipboard.

Deploy the ARM Template.

[Azure Portal] 
-> Resource Groups 
-> 'rg-www' -> '+' 
-> Template deployment 
-> "Build your own template in the editor" 
-> Paste the clipboard

Select the right resource group and VM and deploy:

Name	Value
Resource group	e.g. rg-www-test-001
Region	e.g. North Europe
VM name	vmblue

Deployment will take some minutes: A role is installed and an IIS feature is downloaded and installed.

At the end the result should look like this:

CSE deployment

Now you have a web server in your VM - you should test by browsing to the public IP address:

Running IIS

# Cleanup

Cleanup by deleting the resource group.

[Azure Portal] 
-> Resource Groups 
-> 'rg-www' 
-> 'Delete resource group'

◀ Previous challenge | 🔼 Day 1 | Next challenge ▶