Azure Architect Demo Series 3b – Deploy a Virtual Machine Scale Set (VMSS) with PowerShell Desired State Configuration (DSC)

Share This Post

Pre-Requisites
- N/A
Lab Instructions
- https://github.com/MicrosoftLearning/20535-ArchitectingMicrosoftAzureSolutions/blob/master/Instructions/Labs/Mod03/20535A_LAB_AK_03.md

Exercise 2: Deploy a Virtual Machine Scale Set (VMSS) using PowerShell Desired State Configuration (DSC)

Task 1: View ARM Template

GOAL: To review an ARM template that is located on our lab VM (F:\Mod03\Labfiles\Starter\vmss.json)
Lab VM → This PC → F:\Mod03\Labfiles\Starter\vmss.json → Open with Code

Task 2: Deploy a Windows VMSS using ARM

GOAL: To deploy a VM scale set into a new resource group called “MOD03VMSS“ with a minimum of two “instance count” and “overprovisioning” allowed
Azure Portal → Create a resource → Template deployment → Create → Build your own template in the editor → Load file → F:\Mod03\Labfiles\Starter\vmss.json → Save
Complete the following:
- Resource group: Create new → “MOD03VMSS”
- Location: East US
- Instance Count: 2
- Overprovision: true
- Configuration Module Url: URL of the blob that we uploaded our DSC configuration script to
- Agree to the terms → Purchase

The following resources are created
- vNet for the VMSS
- External load balancer (Basic SKU)
- Public IP for the external load balancer
- VMSS with the DSC extension that installs IIS

Overprovision
- https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-design-overview
- With overprovisioning turned on, the scale set actually spins up more VMs than you asked for, then deletes the extra VMs once the requested number of VMs are successfully provisioned. Overprovisioning improves provisioning success rates and reduces deployment time. You are not billed for the extra VMs, and they do not count toward your quota limits.

Task 3: Validate VMSS Instances are Serving Web Content

GOAL: To obtain the public IP address of the VMSS and verify that it is now serving web content

Exercise 3: Cleanup Subscription

GOAL: To delete the two resource groups (“MOD03VDSC“ and “MOD03VMSS“) that were created in this module
Browse to “shell.azure.com” → Bash

[code language=”bash”]
az group delete –help
# shows the arguments that we can use when deleting a resource group

az group delete –name MOD03VDSC –no-wait –yes
az group delete –name MOD03VMSS –no-wait –yes
[/code]

Subscribe To Our Newsletter

Get updates and learn from the best

More To Explore

Uncategorized

New Azure Container Instance Vulnerability — What to do?

Just yesterday, Microsoft disclosed a new (and yet to be clarified) Azure Container Instance vulnerability — https://msrc-blog.microsoft.com/2021/09/08/coordinated-disclosure-of-vulnerability-in-azure-container-instances-service/. From the information shared in the disclosure, it seems

David Okeyode September 9, 2021

Protecting against #ChaosDB

Cloud security researchers @sagitz and @nirohfeld who both work at Wiz recently discovered what I think is a major vulnerability that exploits the recent CosmosDB Jupyter notebook feature to

David Okeyode August 27, 2021