Microsoft Azure Virtual Machine Images
In a past article, “Creating and Managing a Virtual Machine in Microsoft Azure”, I explained how to use the Quick Create and From Gallery options provided in Azure to create a new virtual machine. Depending on your Azure subscription, you are offered a gallery of images to use to create a new VM, including the most recent versions of Windows Server, Windows Client, and a subset of supported Linux server operating systems. In addition to these images, other available images include applications such as SharePoint, SQL Server, BizTalk, and Visual Studio. If you happen to also have certain MSDN subscriptions, you have access to even more images.
This multitude of images makes it easy for you to hit the ground running when you start creating new VMs in Azure. But what if you have an on-premise virtual machine image that you want to use instead? It is certain that you will run into this scenario at some point once you have taken the plunge into Azure. Well, this is not a problem as long as you have a VM installed with a supported Windows operating system. Azure provides you with the ability to upload VM images that have been generalized using Sysprep, and save them in an Azure storage account to supplement your VM image store.
Preparing the On-Premise Virtual Machine Image
The first step in the process of preparing a VM image to upload to Azure is to configure the image so that it can be used to clone more VMs. A VM image is stored in one or more VHD files. A VM for which the VHD that contains the operating system has been prepared for cloning is referred to as an image. In order to do this, you use the Sysprep utility that is included with the Windows operating system to generalize the installation and configure the VM to execute a Mini-Setup after the new VM restarts for the first time. During the Mini-Setup, a unique security identifier (SID) will be assigned to the VM and user-specific information can be provided such as acceptance of the End-User License Agreement (EULA), Product Key, and user name. The Sysprep utility is included with Windows in the %windir%\system32\sysprep directory.
On your local system, log in the virtual machine as an administrator, and follow this procedure to run the Sysprep utility on your target VM:
- Open a Command Prompt window using Run as administrator.
- Change the directory to %windir%\system32\sysprep.
- Run sysprep.exe as shown in Figure 1.
Figure 1: Locating and Running Sysprep
- In the System Preparation Tool dialog box, select the Enter System Out-of-Box Experience (OOBE) option, check the Generalize option, and then select the Shutdown option as shown in Figure 2.
Figure 2: Configuring the Sysprep Options
- After you configure these options, click OK.
- Sysprep will generalize the VM, as shown in Figure 3.
Figure 3: Sysprep Generalize Phase
- When Sysprep completes, the VM is shutdown as shown in Figure 4.
Figure 4: Sysprep Completion with VM Shutdown
Configuring an Azure Storage Account
In Azure, you need to configure a storage account to receive and store your VM image data. If you already created at least one virtual machine in Azure, a storage account was created automatically in the location you selected during the VM configuration. The storage account name is based on the virtual machine name that you provided during the VM creation process.
The following procedure assumes that you create a new storage account to upload and store the VM image:
- Sign in to the Microsoft Azure Management Portal.
- From the command bar at the bottom of the Portal screen, select the New option as shown in Figure 5.
Figure 5: Selecting the New Option
- Under the Data Services option, select Storage, and then select the Quick Create option as shown in Figure 6.
Figure 6: Selecting the Storage Account Quick Create Method
- Enter the following storage account configuration options as shown in Figure 6.
- URL – This is the name that is used in the URL to access resources in the storage account.
- Location/Affinity Group – This is the selection of the region where you want to deploy your storage account. There are currently ten regions including 5 in the United States, 2 in Europe, and 3 in Asia.
- Replication – This defines the type of replication that you need for the storage account data. Locally redundant replication will replicate the storage account data three times in the same data center location. Geo-redundant replication (default option) replicates the storage account data to a secondary geographic location to ensure that it is still available as a failover option in the case that the primary location is no longer accessible. Read access geo-redundant replication has the added benefit of allowing access from either the primary or secondary location to ensure high availability in a non-failover scenario.
- After you enter the storage account configuration details, click on Create Storage Account.
- You can view the new storage account on the Storage page as shown in Figure 7.
Figure 7: Viewing the New Storage Account in the Management Portal
- Create a new container in the storage account to store the VM image by clicking on the storage account name, selecting containers, and then selecting create a container as shown in Figure 8.
Figure 8: Creating a new Storage Account Container
- In the Container dialog box, enter a container name and the access option as shown in Figure 9. Select the Private access option to restrict access to the data in the container to only the account owner. Select the Public Blob option to allow public read access to the data stored in the container, but not to the container properties or metadata. Select the Public Container option to allow full public read access to the container data, properties, and metadata.
Figure 9: Creating a New Storage Account Container
Click on the check mark to create the new container.
You can view the new container after it is created as shown in Figure 10.
Figure 10: Viewing the New Storage Account Container
Establishing a Secure Connection to Microsoft Azure
In order to upload the VM image to Azure, a secure connection is established between the computer that will perform the upload and the Azure subscription. This requires the installation and use of Azure PowerShell which in turn has a dependency on Microsoft .NET Framework 4.5. Azure PowerShell can be downloaded and installed by running the Microsoft Web Platform Installer.
The following procedure provides the steps to install the Azure PowerShell and creating the connection to the Azure subscription:
- Run the Microsoft Web Platform Installer as shown in Figure 11.
Figure 11: Running the Microsoft Web Platform Installer.
- On the Windows Azure PowerShell page, click Install as shown in Figure 12.
Figure 12: Installing Azure PowerShell
- On the Prerequisites page, click on I Accept as shown in Figure 13.
Figure 13: Azure PowerShell Installation Prerequisites Page
- Click Finish when the installation completes, as shown in Figure 14.
Figure 14: Azure PowerShell Installation Completion
- Click Exit in the next screen.
- On the local system, use the built-in Search and type power. From the list, click on Azure PowerShell to open the console, as shown in Figure 15.
Figure 15: Azure PowerShell Console
- In the Azure PowerShell console, type Add-AzureAccount to open an Azure Sign In window, as shown in Figure 16.
Figure 16: Signing in to Microsoft Azure
- After you enter your credentials, the Sign In window closes, and the status is reported in the Azure PowerShell console, as shown in Figure 17.
Figure 17: Subscription Account Configuration Completion
To use Azure PowerShell cmdlets, your Azure subscription information must be available to your local system. There are two ways to provide the subscription information. The first method requires that you sign in to Azure using your Microsoft account or an organizational ID. When you sign in, Azure Active Directory (Azure AD) authenticates the credentials and returns an access token that lets Azure PowerShell manage your account. The second method requires that you use a management certificate that contains the subscription information.
If you use the Azure AD method, the credentials are available to Azure PowerShell for 12 hours and then you need to log in again. Using this method makes sense when you have only a few tasks to perform with minimal automation.
If you use the certificate method, the subscription information is available as long as the subscription and the certificate are valid. This method is more compatible with automation of tasks that run for extended periods of time.
In the following procedure, the certificate method is used to provide the Azure subscription information:
- On your local system, open the Azure PowerShell console.
- In the Azure PowerShell console, type Get-AzurePublishSettingsFile.
- When the browser window open, sign in to Azure.
- When prompted, select Save to download the .publishsettings file, as shown in Figure 18.
Figure 18: Saving the .publishsettings File
- After saving the file, type Import-AzurePublishSettingsFile in the Azure PowerShell console, as shown in Figure 19. You may have to include the path where you saved the .publishsettings file if it is not in the local directory.
Figure 19: Importing the .publishsettings File
Uploading the VM Image to Azure
Finally, you are ready to upload the local VM image to Azure. However, you must ensure that the VM image file is in VHD format, not VHDX format. In the following procedure, Windows and Azure PowerShell cmdlets control the VHDX to VHD conversion, and the upload of the VM image to Azure:
- On your local system, open a Windows PowerShell console.
- In the Windows PowerShell console, type Convert-VHD <VHDXFileName> <VHDFileName>, as shown in Figure 20.
Figure 20: Using Windows PowerShell Cmdlet for VHDX to VHD Conversion
- Open an Azure PowerShell console and type Add-AzureVhd -Destination "<StorageURL>/<Container>/<VHDName>.vhd" -LocalFilePath <PathToVHDFile> substituting appropriate values, as shown in Figure 21.
Figure 21: Uploading the VM Image to Azure
- After the successful upload of the VM image, shown in Figure 22, you can add it to the list of images available to your Azure subscription.
Figure 22: New VM Image after Successful Upload to Azure
- In the Microsoft Azure Management Portal, under All Items, click Virtual Machines, and then click Images, as shown in Figure 23.
Figure 23: Virtual Machine Images Screen
- Click Create an Image, and then type in values for the Name, Description, and VHD URL. Select the Windows Operating System Family, and select the “I have run Sysprep on the virtual machine” checkbox, as shown in Figure 24.
Figure 24: Creating an Image from a Sysprep VHD in Azure
- Click on the check mark to create the new virtual machine image.
- Once the image is created, you can view it in the list of VM images as shown in Figure 25.
Figure 25: New Virtual Machine Image in Microsoft Azure Management Portal
- The new VM image now appears in the list of available images when you create a new virtual machine in Azure, as shown in Figure 26.
Figure 26: New VM Image in My Images list
Microsoft Azure provides a large number of supported images to create new VMs. However, you can expand the catalog of available images in your Azure subscription by using sysprep and uploading images based on your own in-house virtual machines. The process is simple with only two major requirements which are the use of the VHD format for the image files, and support only for supported Windows-based VMs because of the need to use the Sysprep utility to generalize the VM for cloning.