Recently Microsoft announced that they were bringing Public IPs to Microsoft Azure. Previously you only had the option of having a Virtual IP address that was attached to the cloud service in which your VM belonged. That was great if you wanted to deploy multiple VMs under one cloud service and then use load balancing. However, for those that don’t want to do that and are fed up with having to configure end-points whenever you realise that you need to access your server via yet another port then you’ll be glad to hear that with PIPs, all you need to do is configure the firewall on your VM to allow access via the port(s) you need and then you’ll be good to go.
In this tutorial I’ll lay out what you need to do to assign a PIP to a virtual machine.
Create a Wide Virtual Network (VNet)
You can only deploy a PIP to a VM inside a wide VNet. That means if you have an older virtual network that’s in an affinity group then you won’t be able to deploy a PIP to any VMs in that VNet.
If you’ve already got a Wide VNet (they just list a region under ‘Location’ rather than saying “affinity group name (region)”), you can skip this step and move on to the next step or step 3 if you’ve also already made a VM.
Any new virtual networks that you make will automatically be a wide VNet, follow the screenshots below to create your new virtual network.
1) Navigate to the Networks section and click “Create a Virtual Network”.
2) Pick a name and a location for your virtual network. Once you’re done click the ‘next’ arrow near the bottom right of the page.
3) Configure DNS servers (this is optional because Microsoft will automatically provide you with some if you don’t pick any yourself). Once you’re done click the ‘next’ arrow near the bottom right of the page.
4) Decide on what subnet(s) you wish to use. The defaults should do for most people, though. Once you’re done click on the ‘tick’ to finish creating your VNet.
5) That’s it. Just wait for the VNet to be created and once it displays Created below ‘Status’ then you can move on to create your VM.
Create your Virtual Machine
You’ll need to create a VM to apply your PIP to. If you’ve already made a VM and it’s in a Wide VNet then you can move on to the next step. Otherwise, follow the instructions below.
1) Navigate to the Virtual Machines section and click “Create a Virtual Machine”.
2) Select From Gallery rather than using Quick Create. This allows you to configure more options.
3) Pick the operating system you want to use for your VM and click the ‘next’ arrow (Azure supports recent versions of Windows and a whole bunch of Linux distributions including Cent OS and Ubuntu so you’ve got lots to choose from).
4) Fill in all of the details it asks you for and pick the VM size you wish to use and click the ‘next’ arrow when you’re done.
5) This is the important part where you put your VM in the virtual network you created earlier. Under Region/Affinity Group/Virtual Network you need to select the virtual network you made earlier and click the ‘next’ arrow when you’re done. You won’t need to define any endpoints because your PIP will allow you to gain direct access to your server.
6) Decide on whether or not you want to install any extra extensions and then click the ‘tick’ near the bottom right.
7) Just wait for the VNet to be created and once it displays Running below ‘Status’ then you can move on to assign your PIP.
Assigning a PIP to your VM
Now you’ll need to open an Azure PowerShell console window. Sadly at the time of writing you can’t assign a PIP through the web management portal so you’ll have to use PowerShell for now. If you’ve not got PowerShell installed click here to follow instructions on how to install and connect Azure PowerShell to your Azure account.
1) Once the VM has started, go to the Dashboard page for your VM and take note of the external VIP.
2) Open up an Azure PowerShell console and input the following command (with the quote marks, they’re important):
Get-AzureVM -ServiceName "yourservice" -Name "yourvmname" | Set-AzurePublicIP -PublicIPName "yourpipname" | Update-AzureVM
For “yourservice” you’ll need to put the bit at the beginning of DNS name of your VM (for example, mine is ‘pipvm.cloudapp.net’ so I put ‘pipvm’). For “yourvmname” you’ll need to put your VM name (for ease of use I picked the same for DNS name and VM name, so once again I put “pipvm”).
3) Press your Enter key and wait a minute or two until the following appears in your PowerShell console. If you get an error make sure you followed the above step correctly and that your VM is in a Wide VNet.
4) If the previous step was completed successfully, type the following command in order to see what your new PIP is.
Get-AzureRole -ServiceName "yourservice" -InstanceDetails
4) It’s important that you make note of the PublicIPAddress entry because this won’t appear on the web portal and you’ll need to do the above command again to find out what the PIP is.
In order to check that the PIP was created successfully you should RDP into the Virtual Machine using the PIP you just created. If you don’t know how to use RDP follow the instructions below.
1) Launch mstsc.exe (start key + R and then type mstsc and press enter)
2) Put in the PIP you just created in the Computer: box and then click Connect.
3) If it connects, you’ve successfully created a PIP for your Azure VM. If it doesn’t connect, make sure you’ve followed the steps above properly.
Currently, Azure doesn’t ‘remember’ your PIP. If you shut down the VM using PowerShell or the portal (and thereby deallocating its resources), Azure will remember that you HAD a PIP but won’t assign you the same PIP from beforehand. You can test this out for yourself by following the instructions below.
1) Shut Down the VM using the Shut Down button on the bar near the bottom of the Virtual Machines page (you’ll need to click on your VM name first).
2) Start the VM up again by clicking the Start button.
3) Wait for the VM’s status to be set to Running and then move on to the next step.
4) Re-open your Azure PowerShell window and re-run the command and notice that the PIP has changed.
Get-AzureRole -ServiceName "yourservice" -InstanceDetails