POWERSHELL Archives - icodebroker

[CLOUD/AZURE/POWERSHELL] Set-AzVirtualNetworkSubnetConfig 명령 : 서브넷에 네트워크 보안 그룹 추가하기

■ Set-AzVirtualNetworkSubnetConfig 명령을 사용해 서브넷에 네트워크 보안 그룹을 추가하는 방법을 보여준다. ▶ 실행 명령


$vnet = Get-AzVirtualNetwork -ResourceGroupName TestResourceGroup -Name TestVNet

$subnet = $vnet.Subnets[0]

$nsgRule = New-AzNetworkSecurityRuleConfig `
    -Name TestNSGRule `
    -Protocol Tcp `
    -Direction Inbound `
    -Priority 200 `
    -SourceAddressPrefix * `
    -SourcePortRange * `
    -DestinationAddressPrefix * `
    -DestinationPortRange 80 `
    -Access Allow

$nsg = New-AzNetworkSecurityGroup `
    -ResourceGroupName TestResourceGroup `
    -Location EastUS `
    -Name TestNSG `
    -SecurityRules $nsgRule

Set-AzVirtualNetworkSubnetConfig `
    -VirtualNetwork $vnet `
    -Name TestSubnet `
    -AddressPrefix $subnet.AddressPrefix `
    -NetworkSecurityGroup $nsg

Set-AzVirtualNetwork -VirtualNetwork $vnet

※ TestResourceGroup : 리소스 그룹명
   TestVNet          : 가상 네트워크명
   TestNSGRule       : 네트워크 보안 그룹 규칙명
   EastUS            : 지역명
   TestNSG           : 네트워크 보안 그룹명
   TestSubnet        : 서브넷명

$vnet = Get-AzVirtualNetwork -ResourceGroupName TestResourceGroup -Name TestVNet

$subnet = $vnet.Subnets[0]

$nsgRule = New-AzNetworkSecurityRuleConfig `

-Name TestNSGRule `

-Protocol Tcp `

-Direction Inbound `

-Priority 200 `

-SourceAddressPrefix * `

-SourcePortRange * `

-DestinationAddressPrefix * `

-DestinationPortRange 80 `

-Access Allow

$nsg = New-AzNetworkSecurityGroup `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-Name TestNSG `

-SecurityRules $nsgRule

Set-AzVirtualNetworkSubnetConfig `

-VirtualNetwork $vnet `

-Name TestSubnet `

-AddressPrefix $subnet.AddressPrefix `

-NetworkSecurityGroup $nsg

Set-AzVirtualNetwork -VirtualNetwork $vnet

※ TestResourceGroup : 리소스 그룹명

TestVNet : 가상 네트워크명

TestNSGRule : 네트워크 보안 그룹 규칙명

EastUS : 지역명

TestNSG : 네트워크 보안 그룹명

TestSubnet : 서브넷명

[CLOUD/AZURE/POWERSHELL] New-AzNetworkInterface 명령 : 네트워크 인터페이스 생성하기

■ New-AzNetworkInterface 명령을 사용해 네트워크 인터페이스를 생성하는 방법을 보여준다. ▶ 실행 명령


$subnet = New-AzVirtualNetworkSubnetConfig -Name TestSubnet -AddressPrefix 10.0.0.0/24

$vnet = New-AzVirtualNetwork `
    -ResourceGroupName TestResourceGroup `
    -Location EastUS `
    -Name TestVNet `
    -AddressPrefix 10.0.0.0/16 `
    -Subnet $subnet

$publicIPAddress = New-AzPublicIpAddress `
    -ResourceGroupName TestResourceGroup `
    -Location EastUS `
    -AllocationMethod Dynamic `
    -Name TestPublicIPAddress

New-AzNetworkInterface `
    -ResourceGroupName TestResourceGroup `
    -Location EastUS `
    -Name TestVM `
    -SubnetId $vnet.Subnets[0].Id `
    -PublicIpAddressId $publicIPAddress.Id

※ TestSubnet          : 서브넷명
   TestResourceGroup   : 리소스 그룹명
   EastUS              : 지역명
   TestVNet            : 가상 네트워크명
   TestPublicIPAddress : 공인 IP 주소명
   TestVM              : 가상 머신명

$subnet = New-AzVirtualNetworkSubnetConfig -Name TestSubnet -AddressPrefix 10.0.0.0/24

$vnet = New-AzVirtualNetwork `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-Name TestVNet `

-AddressPrefix 10.0.0.0/16 `

-Subnet $subnet

$publicIPAddress = New-AzPublicIpAddress `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-AllocationMethod Dynamic `

-Name TestPublicIPAddress

New-AzNetworkInterface `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-Name TestVM `

-SubnetId $vnet.Subnets[0].Id `

-PublicIpAddressId $publicIPAddress.Id

※ TestSubnet : 서브넷명

TestResourceGroup : 리소스 그룹명

EastUS : 지역명

TestVNet : 가상 네트워크명

TestPublicIPAddress : 공인 IP 주소명

TestVM : 가상 머신명

[CLOUD/AZURE/POWERSHELL] 가상 머신의 가상 네트워크 만들기

■ 가상 머신의 가상 네트워크를 만드는 방법을 보여준다. ▶ 실행 명령


##################################################
# 가상 머신의 관리자 계정에 필요한 사용자명과 패스워드를 설정한다.
##################################################

$credential = Get-Credential

##################################################
# 리소스 그룹을 생성한다.
##################################################

New-AzResourceGroup -ResourceGroupName TestResourceGroup -Location EastUS

##################################################
# 프론트엔드 서브넷을 생성한다.
##################################################

$frontendSubnet = New-AzVirtualNetworkSubnetConfig -Name TestFrontendSubnet -AddressPrefix 10.0.0.0/24

##################################################
# 백엔드 서브넷을 생성한다.
##################################################

$backendSubnet = New-AzVirtualNetworkSubnetConfig -Name TestBackendSubnet -AddressPrefix 10.0.1.0/24

##################################################
# 가상 네트워크를 생성한다.
##################################################

$vnet = New-AzVirtualNetwork `
    -ResourceGroupName TestResourceGroup `
    -Location EastUS `
    -Name TestVNet `
    -AddressPrefix 10.0.0.0/16 `
    -Subnet $frontendSubnet, $backendSubnet

##################################################
# 공개 IP 주소를 생성한다.
##################################################

$publicIPAddress = New-AzPublicIpAddress `
    -ResourceGroupName TestResourceGroup `
    -Location EastUS `
    -AllocationMethod Dynamic `
    -Name TestPublicIPAddress

##################################################
# 프론트엔드 네트워크 인터페이스를 생성한다.
##################################################

New-AzNetworkInterface `
    -ResourceGroupName TestResourceGroup `
    -Location EastUS `
    -Name TestFrontendVM `
    -SubnetId $vnet.Subnets[0].Id `
    -PublicIpAddressId $publicIPAddress.Id

##################################################
# 프론트엔드 가상 머신을 생성한다.
##################################################

New-AzVM `
    -Credential $credential `
    -Name TestFrontendVM `
    -PublicIpAddressName TestPublicIPAddress `
    -ResourceGroupName TestResourceGroup `
    -Location EastUS `
    -Size Standard_D1 `
    -SubnetName TestFrontendSubnet `
    -VirtualNetworkName TestVNet

##################################################
# 프론트엔드 네트워크 보안 그룹 규칙을 생성한다.
##################################################

$frontendNSGRule = New-AzNetworkSecurityRuleConfig `
    -Name TestFrontendNSGRule `
    -Protocol Tcp `
    -Direction Inbound `
    -Priority 200 `
    -SourceAddressPrefix * `
    -SourcePortRange * `
    -DestinationAddressPrefix * `
    -DestinationPortRange 80 `
    -Access Allow

##################################################
# 백엔드 네트워크 보안 그룹 규칙을 생성한다.
##################################################

$backendNSGRule = New-AzNetworkSecurityRuleConfig `
    -Name TestBackendNSGRule `
    -Protocol Tcp `
    -Direction Inbound `
    -Priority 100 `
    -SourceAddressPrefix 10.0.0.0/24 `
    -SourcePortRange * `
    -DestinationAddressPrefix * `
    -DestinationPortRange 1433 `
    -Access Allow

##################################################
# 프론트엔드 네트워크 보안 그룹을 생성한다.
##################################################

$frontendNSG = New-AzNetworkSecurityGroup `
    -ResourceGroupName TestResourceGroup `
    -Location EastUS `
    -Name TestFrontendNSG `
    -SecurityRules $frontendNSGRule

##################################################
# 백엔드 네트워크 보안 그룹을 생성한다.
##################################################

$backendNSG = New-AzNetworkSecurityGroup `
    -ResourceGroupName TestResourceGroup `
    -Location EastUS `
    -Name TestBackendNSG `
    -SecurityRules $backendNSGRule

##################################################
# 서브넷에 네트워크 보안 그룹을 추가한다.
##################################################

$vnet = Get-AzVirtualNetwork -ResourceGroupName TestResourceGroup -Name TestVNet

$frontendSubnet = $vnet.Subnets[0]
$backendSubnet  = $vnet.Subnets[1]

Set-AzVirtualNetworkSubnetConfig `
    -VirtualNetwork $vnet `
    -Name TestFrontendSubnet `
    -AddressPrefix $frontendSubnet.AddressPrefix `
    -NetworkSecurityGroup $frontendNSG

Set-AzVirtualNetworkSubnetConfig `
    -VirtualNetwork $vnet `
    -Name TestBackendSubnet `
    -AddressPrefix $backendSubnet.AddressPrefix `
    -NetworkSecurityGroup $backendNSG

Set-AzVirtualNetwork -VirtualNetwork $vnet

##################################################
# 백엔드 네트워크 인터페이스를 생성한다.
##################################################

New-AzNetworkInterface `
    -ResourceGroupName TestResourceGroup `
    -Location EastUS `
    -Name TestBackendVM `
    -SubnetId $vnet.Subnets[1].Id

##################################################
# 백엔드 가상 머신을 생성한다.
##################################################

New-AzVM `
    -Credential $credential `
    -Name TestBackendVM `
    -ImageName "MicrosoftSQLServer:SQL2016SP1-WS2016:Enterprise:latest" `
    -ResourceGroupName TestResourceGroup `
    -Location EastUS `
    -SubnetName TestBackendSubnet `
    -VirtualNetworkName TestVNet

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

##################################################

# 가상 머신의 관리자 계정에 필요한 사용자명과 패스워드를 설정한다.

##################################################

$credential = Get-Credential

##################################################

# 리소스 그룹을 생성한다.

##################################################

New-AzResourceGroup -ResourceGroupName TestResourceGroup -Location EastUS

##################################################

# 프론트엔드 서브넷을 생성한다.

##################################################

$frontendSubnet = New-AzVirtualNetworkSubnetConfig -Name TestFrontendSubnet -AddressPrefix 10.0.0.0/24

##################################################

# 백엔드 서브넷을 생성한다.

##################################################

$backendSubnet = New-AzVirtualNetworkSubnetConfig -Name TestBackendSubnet -AddressPrefix 10.0.1.0/24

##################################################

# 가상 네트워크를 생성한다.

##################################################

$vnet = New-AzVirtualNetwork `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-Name TestVNet `

-AddressPrefix 10.0.0.0/16 `

-Subnet $frontendSubnet, $backendSubnet

##################################################

# 공개 IP 주소를 생성한다.

##################################################

$publicIPAddress = New-AzPublicIpAddress `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-AllocationMethod Dynamic `

-Name TestPublicIPAddress

##################################################

# 프론트엔드 네트워크 인터페이스를 생성한다.

##################################################

New-AzNetworkInterface `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-Name TestFrontendVM `

-SubnetId $vnet.Subnets[0].Id `

-PublicIpAddressId $publicIPAddress.Id

##################################################

# 프론트엔드 가상 머신을 생성한다.

##################################################

New-AzVM `

-Credential $credential `

-Name TestFrontendVM `

-PublicIpAddressName TestPublicIPAddress `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-Size Standard_D1 `

-SubnetName TestFrontendSubnet `

-VirtualNetworkName TestVNet

##################################################

# 프론트엔드 네트워크 보안 그룹 규칙을 생성한다.

##################################################

$frontendNSGRule = New-AzNetworkSecurityRuleConfig `

-Name TestFrontendNSGRule `

-Protocol Tcp `

-Direction Inbound `

-Priority 200 `

-SourceAddressPrefix * `

-SourcePortRange * `

-DestinationAddressPrefix * `

-DestinationPortRange 80 `

-Access Allow

##################################################

# 백엔드 네트워크 보안 그룹 규칙을 생성한다.

##################################################

$backendNSGRule = New-AzNetworkSecurityRuleConfig `

-Name TestBackendNSGRule `

-Protocol Tcp `

-Direction Inbound `

-Priority 100 `

-SourceAddressPrefix 10.0.0.0/24 `

-SourcePortRange * `

-DestinationAddressPrefix * `

-DestinationPortRange 1433 `

-Access Allow

##################################################

# 프론트엔드 네트워크 보안 그룹을 생성한다.

##################################################

$frontendNSG = New-AzNetworkSecurityGroup `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-Name TestFrontendNSG `

-SecurityRules $frontendNSGRule

##################################################

# 백엔드 네트워크 보안 그룹을 생성한다.

##################################################

$backendNSG = New-AzNetworkSecurityGroup `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-Name TestBackendNSG `

-SecurityRules $backendNSGRule

##################################################

# 서브넷에 네트워크 보안 그룹을 추가한다.

##################################################

$vnet = Get-AzVirtualNetwork -ResourceGroupName TestResourceGroup -Name TestVNet

$frontendSubnet = $vnet.Subnets[0]

$backendSubnet = $vnet.Subnets[1]

Set-AzVirtualNetworkSubnetConfig `

-VirtualNetwork $vnet `

-Name TestFrontendSubnet `

-AddressPrefix $frontendSubnet.AddressPrefix `

-NetworkSecurityGroup $frontendNSG

Set-AzVirtualNetworkSubnetConfig `

-VirtualNetwork $vnet `

-Name TestBackendSubnet `

-AddressPrefix $backendSubnet.AddressPrefix `

-NetworkSecurityGroup $backendNSG

Set-AzVirtualNetwork -VirtualNetwork $vnet

##################################################

# 백엔드 네트워크 인터페이스를 생성한다.

##################################################

New-AzNetworkInterface `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-Name TestBackendVM `

-SubnetId $vnet.Subnets[1].Id

##################################################

# 백엔드 가상 머신을 생성한다.

##################################################

New-AzVM `

-Credential $credential `

-Name TestBackendVM `

-ImageName "MicrosoftSQLServer:SQL2016SP1-WS2016:Enterprise:latest" `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-SubnetName TestBackendSubnet `

-VirtualNetworkName TestVNet

[CLOUD/AZURE/POWERSHELL] New-AzLoadBalancer 명령 : 부하 분산 장치 만들기

■ New-AzLoadBalancer 명령을 사용해 부하 분산 장치를 만드는 방법을 보여준다. ▶ 실행 명령


##################################################
# 리소스 그룹을 만든다.
##################################################

New-AzResourceGroup -ResourceGroupName TestResourceGroup -Location EastUS

##################################################
# 공용 IP 주소를 만든다.
##################################################

$publicIPAddress = New-AzPublicIpAddress `
  -ResourceGroupName TestResourceGroup `
  -Location EastUS `
  -AllocationMethod Static `
  -Name TestPublicIPAddress

##################################################
# 프런트 엔드 IP 구성을 만든다.
##################################################

$testFrontendIPConfig = New-AzLoadBalancerFrontendIpConfig -Name TestFrontendIPConfig -PublicIpAddress $publicIPAddress

##################################################
# 백 엔드 주소 풀 구성을 만든다.
##################################################

$testBackendAddressPoolConfig = New-AzLoadBalancerBackendAddressPoolConfig -Name TestBackendAddressPoolConfig

##################################################
# 부하 분산 장치를 만든다.
##################################################

$loadBalancer = New-AzLoadBalancer `
  -ResourceGroupName TestResourceGroup `
  -Name TestLoadBalancer `
  -Location EastUS `
  -FrontendIpConfiguration $testFrontendIPConfig `
  -BackendAddressPool $testBackendAddressPoolConfig

※ TestResourceGroup            : 리소스 그룹명
   EastUS                       : 지역명
   TestPublicIPAddress          : 공인 IP 주소명
   TestFrontendIPConfig         : 부하 분산 장치의 프런트 엔드 IP 구성명
   TestBackendAddressPoolConfig : 부하 분산 장치의 백 엔드 주소 풀 구성명
   TestLoadBalancer             : 부하 분산 장치명

##################################################

# 리소스 그룹을 만든다.

##################################################

New-AzResourceGroup -ResourceGroupName TestResourceGroup -Location EastUS

##################################################

# 공용 IP 주소를 만든다.

##################################################

$publicIPAddress = New-AzPublicIpAddress `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-AllocationMethod Static `

-Name TestPublicIPAddress

##################################################

# 프런트 엔드 IP 구성을 만든다.

##################################################

$testFrontendIPConfig = New-AzLoadBalancerFrontendIpConfig -Name TestFrontendIPConfig -PublicIpAddress $publicIPAddress

##################################################

# 백 엔드 주소 풀 구성을 만든다.

##################################################

$testBackendAddressPoolConfig = New-AzLoadBalancerBackendAddressPoolConfig -Name TestBackendAddressPoolConfig

##################################################

# 부하 분산 장치를 만든다.

##################################################

$loadBalancer = New-AzLoadBalancer `

-ResourceGroupName TestResourceGroup `

-Name TestLoadBalancer `

-Location EastUS `

-FrontendIpConfiguration $testFrontendIPConfig `

-BackendAddressPool $testBackendAddressPoolConfig

※ TestResourceGroup : 리소스 그룹명

EastUS : 지역명

TestPublicIPAddress : 공인 IP 주소명

TestFrontendIPConfig : 부하 분산 장치의 프런트 엔드 IP 구성명

TestBackendAddressPoolConfig : 부하 분산 장치의 백 엔드 주소 풀 구성명

TestLoadBalancer : 부하 분산 장치명

[CLOUD/AZURE/POWERSHELL] 부하 분산 장치에 가상 머신 추가하기

■ 부하 분산 장치에 가상 머신을 추가하는 방법을 보여준다. ▶ 실행 명령


$nic = Get-AzNetworkInterface -ResourceGroupName TestResourceGroup -Name TestVM2
                                                 -----------------       -------
                                                 리소스 그룹명           가상 머신명

$loadBalancer = Get-AzLoadBalancer -ResourceGroupName TestResourceGroup -Name TestLoadBalancer
                                                      -----------------       ----------------
                                                      리소스 그룹명           부하 분산 장치명

$nic.IpConfigurations[0].LoadBalancerBackendAddressPools = $loadBalancer.BackendAddressPools[0]

Set-AzNetworkInterface -NetworkInterface $nic

$nic = Get-AzNetworkInterface -ResourceGroupName TestResourceGroup -Name TestVM2

----------------- -------

리소스 그룹명 가상 머신명

$loadBalancer = Get-AzLoadBalancer -ResourceGroupName TestResourceGroup -Name TestLoadBalancer

----------------- ----------------

리소스 그룹명 부하 분산 장치명

$nic.IpConfigurations[0].LoadBalancerBackendAddressPools = $loadBalancer.BackendAddressPools[0]

Set-AzNetworkInterface -NetworkInterface $nic

[CLOUD/AZURE/POWERSHELL] 가상 머신의 부하 분산을 통해 고가용성 애플리케이션 만들기

■ 가상 머신의 부하 분산을 통해 고가용성 애플리케이션을 만드는 방법을 보여준다. ▶ 실행 명령


##################################################
# 리소스 그룹을 만든다.
##################################################

New-AzResourceGroup -ResourceGroupName TestResourceGroup -Location EastUS

##################################################
# 공용 IP 주소를 만든다.
##################################################

$publicIPAddress = New-AzPublicIpAddress `
  -ResourceGroupName TestResourceGroup `
  -Location EastUS `
  -AllocationMethod Static `
  -Name TestPublicIPAddress

##################################################
# 프런트 엔드 IP 구성을 만든다.
##################################################

$testFrontendIPConfig = New-AzLoadBalancerFrontendIpConfig -Name TestFrontendIPConfig -PublicIpAddress $publicIPAddress

##################################################
# 백 엔드 주소 풀 구성을 만든다.
##################################################

$testBackendAddressPoolConfig = New-AzLoadBalancerBackendAddressPoolConfig -Name TestBackendAddressPoolConfig

##################################################
# 부하 분산 장치를 만든다.
##################################################

$loadBalancer = New-AzLoadBalancer `
  -ResourceGroupName TestResourceGroup `
  -Name TestLoadBalancer `
  -Location EastUS `
  -FrontendIpConfiguration $testFrontendIPConfig `
  -BackendAddressPool $testBackendAddressPoolConfig

##################################################
# 상태 프로브를 만든다.
##################################################

Add-AzLoadBalancerProbeConfig `
  -Name TestHealthProbe `
  -LoadBalancer $loadBalancer `
  -Protocol tcp `
  -Port 80 `
  -IntervalInSeconds 15 `
  -ProbeCount 2

Set-AzLoadBalancer -LoadBalancer $loadBalancer

##################################################
# 부하 분산 장치 규칙을 만든다.
##################################################

$probeConfig = Get-AzLoadBalancerProbeConfig -LoadBalancer $loadBalancer -Name TestHealthProbe

Add-AzLoadBalancerRuleConfig `
  -Name TestLoadBalancerRule `
  -LoadBalancer $loadBalancer `
  -FrontendIpConfiguration $loadBalancer.FrontendIpConfigurations[0] `
  -BackendAddressPool $loadBalancer.BackendAddressPools[0] `
  -Protocol Tcp `
  -FrontendPort 80 `
  -BackendPort 80 `
  -Probe $probeConfig

Set-AzLoadBalancer -LoadBalancer $loadBalancer

##################################################
# 서브넷 구성을 생성한다.
##################################################

$subnetConfig = New-AzVirtualNetworkSubnetConfig -Name TestSubnet -AddressPrefix 192.168.1.0/24

##################################################
# 가상 네트워크를 생성한다.
##################################################

$vnet = New-AzVirtualNetwork `
  -ResourceGroupName TestResourceGroup `
  -Location EastUS `
  -Name TestVNet `
  -AddressPrefix 192.168.0.0/16 `
  -Subnet $subnetConfig

##################################################
# 네트워크 인터페이스를 생성한다.
##################################################

for($i = 1; $i -le 3; $i++)
{
    New-AzNetworkInterface `
        -ResourceGroupName TestResourceGroup `
        -Name TestVM$i `
        -Location EastUS `
        -Subnet $vnet.Subnets[0] `
        -LoadBalancerBackendAddressPool $loadBalancer.BackendAddressPools[0]
}

##################################################
# 가용성 집합을 만든다.
##################################################

$availabilitySet = New-AzAvailabilitySet `
    -ResourceGroupName TestResourceGroup `
    -Name TestAvailabilitySet `
    -Location EastUS `
    -Sku aligned `
    -PlatformFaultDomainCount 2 `
    -PlatformUpdateDomainCount 2

##################################################
# 가상 머신의 관리자 계정명과 암호를 설정한다.
##################################################

$credential = Get-Credential

##################################################
# 가상 머신을 만든다.
##################################################
for($i = 1; $i -le 3; $i++)
{
    New-AzVm `
        -ResourceGroupName TestResourceGroup `
        -Name TestVM$i `
        -Location EastUS `
        -VirtualNetworkName TestVNet `
        -SubnetName TestSubnet `
        -SecurityGroupName TestNetworkSecurityGroup `
        -OpenPorts 80 `
        -AvailabilitySetName TestAvailabilitySet `
        -Credential $credential `
        -AsJob
}

##################################################
# 가상 머신에 IIS를 설치한다.
##################################################

for($i = 1; $i -le 3; $i++)
{
    Set-AzVMExtension `
        -ResourceGroupName TestResourceGroup `
        -ExtensionName IIS `
        -VMName TestVM$i `
        -Publisher Microsoft.Compute `
        -ExtensionType CustomScriptExtension `
        -TypeHandlerVersion 1.8 `
        -SettingString '{"commandToExecute":"powershell Add-WindowsFeature Web-Server; powershell Add-Content -Path \"C:\\inetpub\\wwwroot\\Default.htm\" -Value $($env:computername)"}' `
        -Location EastUS
}

##################################################
# 공인 IP 주소를 구한다.
##################################################

Get-AzPublicIPAddress -ResourceGroupName TestResourceGroup -Name TestPublicIPAddress | select IpAddress

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

##################################################

# 리소스 그룹을 만든다.

##################################################

New-AzResourceGroup -ResourceGroupName TestResourceGroup -Location EastUS

##################################################

# 공용 IP 주소를 만든다.

##################################################

$publicIPAddress = New-AzPublicIpAddress `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-AllocationMethod Static `

-Name TestPublicIPAddress

##################################################

# 프런트 엔드 IP 구성을 만든다.

##################################################

$testFrontendIPConfig = New-AzLoadBalancerFrontendIpConfig -Name TestFrontendIPConfig -PublicIpAddress $publicIPAddress

##################################################

# 백 엔드 주소 풀 구성을 만든다.

##################################################

$testBackendAddressPoolConfig = New-AzLoadBalancerBackendAddressPoolConfig -Name TestBackendAddressPoolConfig

##################################################

# 부하 분산 장치를 만든다.

##################################################

$loadBalancer = New-AzLoadBalancer `

-ResourceGroupName TestResourceGroup `

-Name TestLoadBalancer `

-Location EastUS `

-FrontendIpConfiguration $testFrontendIPConfig `

-BackendAddressPool $testBackendAddressPoolConfig

##################################################

# 상태 프로브를 만든다.

##################################################

Add-AzLoadBalancerProbeConfig `

-Name TestHealthProbe `

-LoadBalancer $loadBalancer `

-Protocol tcp `

-Port 80 `

-IntervalInSeconds 15 `

-ProbeCount 2

Set-AzLoadBalancer -LoadBalancer $loadBalancer

##################################################

# 부하 분산 장치 규칙을 만든다.

##################################################

$probeConfig = Get-AzLoadBalancerProbeConfig -LoadBalancer $loadBalancer -Name TestHealthProbe

Add-AzLoadBalancerRuleConfig `

-Name TestLoadBalancerRule `

-LoadBalancer $loadBalancer `

-FrontendIpConfiguration $loadBalancer.FrontendIpConfigurations[0] `

-BackendAddressPool $loadBalancer.BackendAddressPools[0] `

-Protocol Tcp `

-FrontendPort 80 `

-BackendPort 80 `

-Probe $probeConfig

Set-AzLoadBalancer -LoadBalancer $loadBalancer

##################################################

# 서브넷 구성을 생성한다.

##################################################

$subnetConfig = New-AzVirtualNetworkSubnetConfig -Name TestSubnet -AddressPrefix 192.168.1.0/24

##################################################

# 가상 네트워크를 생성한다.

##################################################

$vnet = New-AzVirtualNetwork `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-Name TestVNet `

-AddressPrefix 192.168.0.0/16 `

-Subnet $subnetConfig

##################################################

# 네트워크 인터페이스를 생성한다.

##################################################

for($i = 1; $i -le 3; $i++)

{

New-AzNetworkInterface `

-ResourceGroupName TestResourceGroup `

-Name TestVM$i `

-Location EastUS `

-Subnet $vnet.Subnets[0] `

-LoadBalancerBackendAddressPool $loadBalancer.BackendAddressPools[0]

}

##################################################

# 가용성 집합을 만든다.

##################################################

$availabilitySet = New-AzAvailabilitySet `

-ResourceGroupName TestResourceGroup `

-Name TestAvailabilitySet `

-Location EastUS `

-Sku aligned `

-PlatformFaultDomainCount 2 `

-PlatformUpdateDomainCount 2

##################################################

# 가상 머신의 관리자 계정명과 암호를 설정한다.

##################################################

$credential = Get-Credential

##################################################

# 가상 머신을 만든다.

##################################################

for($i = 1; $i -le 3; $i++)

{

New-AzVm `

-ResourceGroupName TestResourceGroup `

-Name TestVM$i `

-Location EastUS `

-VirtualNetworkName TestVNet `

-SubnetName TestSubnet `

-SecurityGroupName TestNetworkSecurityGroup `

-OpenPorts 80 `

-AvailabilitySetName TestAvailabilitySet `

-Credential $credential `

-AsJob

}

##################################################

# 가상 머신에 IIS를 설치한다.

##################################################

for($i = 1; $i -le 3; $i++)

{

Set-AzVMExtension `

-ResourceGroupName TestResourceGroup `

-ExtensionName IIS `

-VMName TestVM$i `

-Publisher Microsoft.Compute `

-ExtensionType CustomScriptExtension `

-TypeHandlerVersion 1.8 `

-SettingString '{"commandToExecute":"powershell Add-WindowsFeature Web-Server; powershell Add-Content -Path \"C:\\inetpub\\wwwroot\\Default.htm\" -Value $($env:computername)"}' `

-Location EastUS

}

##################################################

# 공인 IP 주소를 구한다.

##################################################

Get-AzPublicIPAddress -ResourceGroupName TestResourceGroup -Name TestPublicIPAddress | select IpAddress

[CLOUD/AZURE/POWERSHELL] 가상 머신 확장 집합에 자동 크기 조정 규칙 설정하기

■ 가상 머신 확장 집합에 자동 크기 조정 규칙을 설정하는 방법을 보여준다. ▶ 실행 명령


##################################################
# 가상 머신 확장 집합 정보를 정의한다.
##################################################

$testSubscriptionID = (Get-AzSubscription)[0].Id
$testResourceGroup  = "TestResourceGroup"
$testScaleSet       = "TestScaleSet"
$testLocation       = "East US"
$testScaleSetID     = (Get-AzVmss -ResourceGroupName $testResourceGroup -VMScaleSetName $testScaleSet).Id

##################################################
# 5분 동안 CPU 평균 사용률이 60%를 초과하는 경우 인스턴스 수를 증가시키는 스케일 확장 규칙을 생성한다.
##################################################

$testRuleScaleUp = New-AzAutoscaleRule `
  -MetricName "Percentage CPU" `
  -MetricResourceId $testScaleSetID `
  -Operator GreaterThan `
  -MetricStatistic Average `
  -Threshold 60 `
  -TimeGrain 00:01:00 `
  -TimeWindow 00:05:00 `
  -ScaleActionCooldown 00:05:00 `
  -ScaleActionDirection Increase `
  -ScaleActionValue 1

##################################################
# 5분 동안 CPU 평균 사용률이 30% 미만인 경우 인스턴스 수를 감소시키는 스케일 축소 규칙을 생성한다.
##################################################

$testRuleScaleDown = New-AzAutoscaleRule `
  -MetricName "Percentage CPU" `
  -MetricResourceId $testScaleSetID `
  -Operator LessThan `
  -MetricStatistic Average `
  -Threshold 30 `
  -TimeGrain 00:01:00 `
  -TimeWindow 00:05:00 `
  -ScaleActionCooldown 00:05:00 `
  -ScaleActionDirection Decrease `
  -ScaleActionValue 1

##################################################
# 스케일 확장/축소 규칙을 갖는 스케일 프로필을 생성한다.
##################################################

$testScaleProfile = New-AzAutoscaleProfile `
  -DefaultCapacity 2  `
  -MaximumCapacity 10 `
  -MinimumCapacity 2 `
  -Rule $testRuleScaleUp,$testRuleScaleDown `
  -Name TestAutoProfile

##################################################
# 자동 스케일 규칙을 적용한다.
##################################################

Add-AzAutoscaleSetting `
  -Location $testLocation `
  -Name TestAutoscaleSetting `
  -ResourceGroup $testResourceGroup `
  -TargetResourceId $testScaleSetID `
  -AutoscaleProfile $testScaleProfile

※ TestResourceGroup    : 리소스 그룹명
   TestScaleSet         : 가상 머신 확장 집합명
   East US              : 지역명
   TestAutoProfile      : 자동 스케일 프로필명
   TestAutoscaleSetting : 자동 스케일 설정명

##################################################

# 가상 머신 확장 집합 정보를 정의한다.

##################################################

$testSubscriptionID = (Get-AzSubscription)[0].Id

$testResourceGroup = "TestResourceGroup"

$testScaleSet = "TestScaleSet"

$testLocation = "East US"

$testScaleSetID = (Get-AzVmss -ResourceGroupName $testResourceGroup -VMScaleSetName $testScaleSet).Id

##################################################

# 5분 동안 CPU 평균 사용률이 60%를 초과하는 경우 인스턴스 수를 증가시키는 스케일 확장 규칙을 생성한다.

##################################################

$testRuleScaleUp = New-AzAutoscaleRule `

-MetricName "Percentage CPU" `

-MetricResourceId $testScaleSetID `

-Operator GreaterThan `

-MetricStatistic Average `

-Threshold 60 `

-TimeGrain 00:01:00 `

-TimeWindow 00:05:00 `

-ScaleActionCooldown 00:05:00 `

-ScaleActionDirection Increase `

-ScaleActionValue 1

##################################################

# 5분 동안 CPU 평균 사용률이 30% 미만인 경우 인스턴스 수를 감소시키는 스케일 축소 규칙을 생성한다.

##################################################

$testRuleScaleDown = New-AzAutoscaleRule `

-MetricName "Percentage CPU" `

-MetricResourceId $testScaleSetID `

-Operator LessThan `

-MetricStatistic Average `

-Threshold 30 `

-TimeGrain 00:01:00 `

-TimeWindow 00:05:00 `

-ScaleActionCooldown 00:05:00 `

-ScaleActionDirection Decrease `

-ScaleActionValue 1

##################################################

# 스케일 확장/축소 규칙을 갖는 스케일 프로필을 생성한다.

##################################################

$testScaleProfile = New-AzAutoscaleProfile `

-DefaultCapacity 2 `

-MaximumCapacity 10 `

-MinimumCapacity 2 `

-Rule $testRuleScaleUp,$testRuleScaleDown `

-Name TestAutoProfile

##################################################

# 자동 스케일 규칙을 적용한다.

##################################################

Add-AzAutoscaleSetting `

-Location $testLocation `

-Name TestAutoscaleSetting `

-ResourceGroup $testResourceGroup `

-TargetResourceId $testScaleSetID `

-AutoscaleProfile $testScaleProfile

※ TestResourceGroup : 리소스 그룹명

TestScaleSet : 가상 머신 확장 집합명

East US : 지역명

TestAutoProfile : 자동 스케일 프로필명

TestAutoscaleSetting : 자동 스케일 설정명

[CLOUD/AZURE/POWERSHELL] Update-AzVmss 명령 : 가상 머신 인스턴스 수 변경하기

■ Update-AzVmss 명령을 사용해 가상 머신 인스턴스 수를 변경하는 방법을 보여준다. ▶ 실행 명령


# 가상 머신 확장 집합을 구한다.
$scaleset = Get-AzVmss -ResourceGroupName TestResourceGroup -VMScaleSetName TestScaleSet
                                          -----------------                 ------------
                                          리소스 그룹명                     가상 머신 확장 집합명

# 가상 머신 확장 집합의 용량을 설정하고 업데이트 한다.
$scaleset.sku.capacity = 3

Update-AzVmss -ResourceGroupName TestResourceGroup  -Name TestScaleSet -VirtualMachineScaleSet $scaleset
                                 ------------------       ------------
                                 리소스 그룹명            가상 머신 확장 집합명

# 가상 머신 확장 집합을 구한다.

$scaleset = Get-AzVmss -ResourceGroupName TestResourceGroup -VMScaleSetName TestScaleSet

----------------- ------------

리소스 그룹명 가상 머신 확장 집합명

# 가상 머신 확장 집합의 용량을 설정하고 업데이트 한다.

$scaleset.sku.capacity = 3

Update-AzVmss -ResourceGroupName TestResourceGroup -Name TestScaleSet -VirtualMachineScaleSet $scaleset

------------------ ------------

리소스 그룹명 가상 머신 확장 집합명

[CLOUD/AZURE/POWERSHELL] 가상 머신 확장 집합에서 애플리케이션 트래픽 허용하기

■ 가상 머신 확장 집합에서 애플리케이션 트래픽을 허용하는 방법을 보여준다. ▶ 실행 명령


##################################################
# 가상 머신 확장 집합을 구한다.
##################################################

$vmss = Get-AzVmss -ResourceGroupName TestResourceGroup -VMScaleSetName TestScaleSet

##################################################
# 80번 포트를 허용하는 규칙을 생성한다.
##################################################

$testNSRuleConfig = New-AzNetworkSecurityRuleConfig `
  -Name TestNSRuleConfig `
  -Protocol Tcp `
  -Direction Inbound `
  -Priority 200 `
  -SourceAddressPrefix * `
  -SourcePortRange * `
  -DestinationAddressPrefix * `
  -DestinationPortRange 80 `
  -Access Allow

##################################################
# 네트워크 보안 그룹을 생성한다.
##################################################

$testNSG = New-AzNetworkSecurityGroup `
  -ResourceGroupName TestResourceGroup `
  -Location EastUS `
  -Name TestNSG `
  -SecurityRules $testNSRuleConfig

##################################################
# 가상 네트워크를 구한다.
##################################################

$vnet = Get-AzVirtualNetwork -ResourceGroupName TestResourceGroup -Name TestVNet

##################################################
# 서브넷을 구한다.
##################################################

$testSubnet = $vnet.Subnets[0]

##################################################
# 가상 네트워크의 서브넷을 설정한다.
##################################################

$testSubnetConfig = Set-AzVirtualNetworkSubnetConfig `
  -VirtualNetwork $vnet `
  -Name TestSubnet `
  -AddressPrefix $testSubnet.AddressPrefix `
  -NetworkSecurityGroup $testNSG

##################################################
# 가상 네트워크를 설정한다.
##################################################

Set-AzVirtualNetwork -VirtualNetwork $vnet

##################################################
# 가상 머신 확장 집합을 업데이트 한다.
##################################################

Update-AzVmss `
  -ResourceGroupName TestResourceGroup `
  -Name TestScaleSet `
  -VirtualMachineScaleSet $vmss

※ TestResourceGroup : 리소스 그룹명
   TestScaleSet      : 가상 머신 확장 집합명
   TestNSRuleConfig  : 네트워크 보안 규칙 구성명
   EastUS            : 지역명
   TestNSG           : 네트워크 보안 그룹명
   TestVNet          : 가상 네트워크명
   TestSubnet        : 서브넷명

##################################################

# 가상 머신 확장 집합을 구한다.

##################################################

$vmss = Get-AzVmss -ResourceGroupName TestResourceGroup -VMScaleSetName TestScaleSet

##################################################

# 80번 포트를 허용하는 규칙을 생성한다.

##################################################

$testNSRuleConfig = New-AzNetworkSecurityRuleConfig `

-Name TestNSRuleConfig `

-Protocol Tcp `

-Direction Inbound `

-Priority 200 `

-SourceAddressPrefix * `

-SourcePortRange * `

-DestinationAddressPrefix * `

-DestinationPortRange 80 `

-Access Allow

##################################################

# 네트워크 보안 그룹을 생성한다.

##################################################

$testNSG = New-AzNetworkSecurityGroup `

-ResourceGroupName TestResourceGroup `

-Location EastUS `

-Name TestNSG `

-SecurityRules $testNSRuleConfig

##################################################

# 가상 네트워크를 구한다.

##################################################

$vnet = Get-AzVirtualNetwork -ResourceGroupName TestResourceGroup -Name TestVNet

##################################################

# 서브넷을 구한다.

##################################################

$testSubnet = $vnet.Subnets[0]

##################################################

# 가상 네트워크의 서브넷을 설정한다.

##################################################

$testSubnetConfig = Set-AzVirtualNetworkSubnetConfig `

-VirtualNetwork $vnet `

-Name TestSubnet `

-AddressPrefix $testSubnet.AddressPrefix `

-NetworkSecurityGroup $testNSG

##################################################

# 가상 네트워크를 설정한다.

##################################################

Set-AzVirtualNetwork -VirtualNetwork $vnet

##################################################

# 가상 머신 확장 집합을 업데이트 한다.

##################################################

Update-AzVmss `

-ResourceGroupName TestResourceGroup `

-Name TestScaleSet `

-VirtualMachineScaleSet $vmss

※ TestResourceGroup : 리소스 그룹명

TestScaleSet : 가상 머신 확장 집합명

TestNSRuleConfig : 네트워크 보안 규칙 구성명

EastUS : 지역명

TestNSG : 네트워크 보안 그룹명

TestVNet : 가상 네트워크명

TestSubnet : 서브넷명