Create a Linux Virtual Machine Web Server in Azure

In this lab I learned how to create a Linux virtual machine in Azure. Prior to creating my Linux VM, I needed to decide an authentication method for SSH. I decided on creating an SSH keypair. Having a username and password for a VM leaves my machine vulnerable for brute-force attacks. The SSH key pair allows a more secure method of connection between myself and virtual machines.

1. First thing I did in Azure Cloud Shell was create an SSH-2 (SSH protocol 2) RSA public-private key pair.

a. ssh-keygen -t rsa -b 4096

2. Selected the Enter key to accept the default location. If the file had already existed, it would have been overwritten

3. You can view the contents of your RSA with the following command:

a. cat ~/.ssh/id_rsa.pub

4. If I had a Virtual machine already created. I would need to apply the SSH key while creating the new Linux VM, I would need to copy the contents of my public key to the Azure portal, OR supply the key using Azure CLI or Azure PowerShell.

a. ssh-copy-id -i ~/.ssh/id_rsa.pub azureuser@myserver

5. Next I created my Linux Virtual Using default lab settings

Subscription: Concierge

Resource Group: learn-70350999–2ab9–4c12–83d5–3d8b4169dea7

Server Name: test-web-eus-vm1

Location: West US 2

Availability options: No infrastructure redundancy required

Size: D2s v3

Administrator account: SSH public key

6. Next I navigated within Azure portal to Virtual machine> VM Name > Connect

7. Next I needed to connect to my Linux VM using the SSH key I created

a. ssh AzureUser@104.210.x.x

8. Now that I’m connected to my VM via SSH. I wanted to install Apache Web server

a. sudo apt-get update (updates local package index)

b. sudo apt-get install apache2 -y (Installs Apache)

c. sudo systemctl status apache2 — no-pager (checks service to see if Apache is running)

9.By default VM’s are locked down. In the VM Overview Port 80 is allowed within the Network Security Group but port 80 is block within the network Interface. I will need to open port 80 on the NIC to connect to the website

10. I went to Add inbound port rule > Basic

11.Entered the following in the required field and selected Add

12. Lastly, Type in the IP address of your web server in a browser. You should see this Apache splash page to ensure functionality.

Systems/Network Administrator | DevOps Enthusiast