This blog post is now obsolete. Please refer to the TP5 version here: http://blogs.technet.com/b/nanoserver/archive/2016/04/27/nano-server-tp5-iaas-image-in-the-azure-gallery.aspx
Update: November 25, 2015:
- Added steps to export the certificate to another machine for secure connection to the same VM
Update: November 24, 2015:
Added support for secure strings
Fixed a bug in the script when using uppercase VM names
Now you can create Nano Server VMs directly in Azure, using the Nano Server image in the Azure Gallery.
Please use an elevated PowerShell console (classic or ISE) and use the instructions in the following blog to install the Azure Resource Manager cmdlets: https://msdn.microsoft.com/en-us/library/mt125356.aspx
Download the zip file attached to this blog and unzip its contents to a local folder on your machine.
Log in to your Azure account:
Run the following commands to create a resource group and a key vault, if you haven’t already:
New-AzureRmResourceGroup -Name "MyResourceGroupName" -Location 'West US'
New-AzureRmKeyVault -VaultName "MyKeyVaultName" -ResourceGroupName "MyResourceGroupName" -Location 'West US' -EnabledForDeployment
Make sure you use the same Resource Group Name in both cmdlets. Select the Azure location that is best for you. I chose ‘West US’ because I’m on the West coast.
Now, it’s time to import the module that was part of the package you unzipped to a local folder:
Import-Module .\NanoServerAzureHelper.psm1 -Verbose
You’re now ready to create a Nano Server VM (you will be prompted for the admin password):
New-NanoServerAzureVM -Location 'West US' –VMName "MyVMName" -AdminUsername "MyAdminName" -VaultName "MyKeyVaultName" -ResourceGroupName "MyResourceGroupName" -Verbose
Let’s establish a secure PowerShell remote session to our new VM:
Get-AzureRmPublicIpAddress -ResourceGroupName "MyResourceGroupName"
Observe the output of this cmdlet and copy the FQDN string, under DnsSettings. It will look something like: "MyVMName.westus.cloudapp.com". Use it for the secure connection as follows:
Enter-PSSession -ConnectionUri "https://MyVMName.westus.cloudapp.com:5986/WSMAN" -Credential MyAdminName
That’s it! You’ll notice that there is a “Packages” folder on the root of your Nano Server VM. This folder contains the .cab files you can use to enable various roles & features in your Nano Server Azure image. For more information, please see the “Nano Server Getting Started Guide”.
To access the VM securely from another machine
If you want to access the VM you created securely from another machine, you need to export the certificate from your original client to another machine. Here’s how:
- Run certlm.msc
- Select “Trusted Root Certification Authorities”
- Select “Certificates”
- Look for the certificate that is named after your VM name
- Right-click this certificate and select “All Tasks” -> “Export” and save it to a USB drive or a shared folder.
- On the target machine, double-click this exported certificate and click “Install Certificate”
- Select “Current User” -> Next
- Select “Place all certificates in the following store”, click “Browse” and select “Trusted Root Certification Authorities” -> Next -> Finish
For information on Nano Server containers, please see the following blogs: