How to Create a Linux (Ubuntu) Virtual Machine in Azure: A Step by Step Guide
Written by Vivian Paul on November 25, 2024
Virtual machines are computer systems created using software on one physical computer in order to emulate the functionality of another separate physical computer; in other words, they are digitized version of a physical computer.
In this article, we will be showing steps on how to create a Linux virtual machine using an Ubuntu server. The Secure Shell or Secure Socket Shell (SSH) which gives users or system administrators a secure access to computers (in this case, virtual machines) over unsecured network, often relies on public key authentication for enhanced security by default but authentication can also be password-based.
For the purpose of this article, we will use both the default public key authentication for SSH access and the password authentication.
In order to prevent unexpected SSH disconnections due to idle sessions, this write up will explain how to extend the idle timeout for your IP address to prevent unexpected logouts.
This article will demonstrate how to delete your resource group that houses your virtual machine and its associated resources when it is not needed anymore or created for a demo purpose such as this.
You can also dissociate your IP address from the virtual machine when not in use, to ensure cost optimization but that will be discussed in another article.
This process will require you to have an Azure account and also a PowerShell application downloaded to your computer system. You can click on this link to check how to download PowerShell app on your system.
NB: The public IP addresses and usernames on this article may vary because various virtual machines were created for the purpose of using both SSH public key pair and password authentication for this demonstration, however, the steps remain the same.
Let us proceed!
SIGN IN TO AZURE PORTAL
Since we are using the Azure portal for the virtual machine creation, it is imperative that you have an Azure account. You can sign-up for the account via the Azure portal with an email (preferably, Microsoft). Then, login to your account with your email and password to get started with creating a Linux virtual machine.
CREATING YOUR VIRTUAL MACHINE
At the top left of the page (under Azure services), click on “Virtual machines”
When the page opens up, click on “Create”
Click on the virtual machine highlighted.
You will be directed to the “Basics” page where you will have to customize some of the “Project details” and “Instance details”
Project Details
In this project details category, we have the subscription and resource group.
A. Subscription
Azure subscription gives you access to use Microsoft Azure; which can be free (trial before upgrading to a paid subscription), Pay-As-You-Go or Enterprise agreement. With an Azure subscription, individuals or organizations can use and benefit from the various services and resources provided by Azure at a cost depending on your type of subscription.
In this demonstration, we will leave the default subscription, “Azure subscription 1” as it is.
B. Resource Group
Azure Resource Group is a logical container or folder that helps you to organize and manage your azure resources such as virtual machines, web apps, databases and storage accounts.
Just like in the library where books are grouped or categorized, organized according to topics, courses, authors etc; that is the same with a resource group.
Click on "Create new" to create a new resource group or click on the drop down menu to select one (usually pre-existing).
Instance Details
a. Name your virtual machine
b. Region: Click on the drop down menu to select the region where you want your virtual machine to be located.
A region refers to a specific geographical location with data centers that host infrastructure and services. Each region operates independently and is designed to be self-contained, with its own set of resources and infrastructure. Your choice of a region will largely depend on factors like; the location of your users and organization, data residency, compliance requirements and service capabilities.
c. Click on the drop-down arrows to select “Availability options” and “Availability Zone”.
Azure region usually consists of three availability zones if the availability zone section is enabled- Zone 1, Zone 2, Zone 3. Each zone has one or more data centers that are kilometers apart from each other and you can choose more than one zone.
Data centers are equipped with their own power, networking, and cooling systems to minimize the impact of failures and disruptions. These data centers are linked or connected by Fibre-Optic Cables and this technology ensures reliable and fast data transfer over long distances while maintaining low latency and high bandwidth capabilities.
d. Select your security type from the drop-down menu. For this demo, we will use the preset or default security, “Trusted launch Virtual Machines”.
e. At the image section, click on the drop down menu or see all images and select any Ubuntu Server.
An image can be referred to as an Operating system, and Ubuntu is a type of Linux Operating System. An image is a template for creating virtual machines or computer systems. It contains data and configurations such as bootloader, root file system and operating system used needed to set up a computer.
f. Click on “See all sizes” or click on the drop down menu to select the size of your virtual machine. Leave all other pre-filled information in their default states.
Administrator Account (Using Public Key)
SSH public key authentication relies on key pairs and cryptographic algorithms for secure remote access. Public key authentication offers stronger and better security and protection against various attacks, making it a preferred choice for secure remote connections.
Select the “SSH Public Key” authentication type.
Administrator Account (Using Password)
Password-based authentication involves using a username and secret password to access a system as shown below.
Select the “Password” authentication type
Type in your username and password
Confirm password
Inbound Port Rule
a. “Allow selected ports” for the Public inbound ports is a default setting, if it is not same for you, select it.
b. SSH (22) is also set as a default for the inbound port to connect to the Linux server; if not, select it. You can also select the HTTP (80) in addition to the SSH (22).
c. Click "Next: Disk>" to direct you to the next page which has information about the disks.
Disks
a. On this page, click on the dropdown menu for the OS disk type and select Premium SSD or any other disk type of your choice as shown below. Leave the other columns as default.
b. Click on “Next: Networking>” for the next page; but leave the networking and subsequent (management, monitoring and advanced) pages as default and skip to the Tag page.
Tag, Review and Create
a. Give a name to your tag
Just like the generic meaning, “Tags” are used to label, identify and organize resources. The purpose of a virtual machine tag is to provide additional information that helps in managing, organizing, and tracking resources within a cloud infrastructure.
b. Click on “Review + create” (either of the two, highlighted below).
c. You will notice a green tick by the top left hand side of the page that says “Validation passed”. if an error message appeared instead, go back to the highlighted page(s) to make the necessary corrections and click on “Review + create” again.
d. Review the summary of your virtual machine configurations.
e. Click on the "Create" button to begin the deployment process
NB: For the Password authentication users, once you click on create, the deployment process begins immediately until there is a pop-up message with a green tick that says “Your deployment is complete”.
Key Pair (for SSH Public Key)
However, for anyone using the SSH Public key authentication type, the prompt message below will pop-up on the screen when you click on create.
Click on “Download private key and create resource”.
Deployment Complete
Once the deployment process has been completed, click on “Go to resource” at the bottom of the page.
CONNECT TO YOUR VIRTUAL MACHINE
For this demonstration, we will be using the connect and not “via Bastion”. Click on the connect drop down menu and then click on “Connect”.
For authentication via Public key, follow the steps below to open and view the downloaded private key pair or the C-drive path.
How to Open your Private Key Pair
Take the following steps to copy and view the C-drive path.
a. Click on your downloads and right click on the downloaded private key.
b. Choose “Copy as path”.
c. Open “Note pad” and paste, to see the C-Drive path
NB: You can also open the keypair using a web browser like Google Chrome. However, it can be very long and make your work clumsy, so it is better to “Copy as Path”.
For both Password and Public Key Authentication Users
a. Go back to Azure portal and click “Select” on Native SSH at the bottom of the screen.
b. A box will open at the right side of your screen with the configuration prerequisites for Native SSH.
c. Open PowerShell (already downloaded) on your computer system as instructed in number two (purple highlight).
A. For SSH Public Key Authentication Users
i. Go back to Azure portal, copy and paste your Private key pair or path in the column highlighted in red.
ii. Column highlighted in green automatically changes to a command to input in PowerShell.
In PowerShell
On the PowerShell app, do the following:
a. Type in the command: ssh -i PrivateKeypath adminusername@publicIPaddress and press enter key or copy and paste the command highlighted in blue directly above.
NB: Remember to remove the quotation marks on the private key path when copying and pasting.
b. You would be asked if you want to continue connecting, type "yes" and press the enter key.
c. Run a command as administrator using the “sudo <command>”
d. Type in the command as below; hostname and enter key; the result V-Linux, which is the name of my virtual machine confirms that my virtual machine is running.
e. Type in the command below, sudo su - and enter; the result root@V-Linux identifies me/my account as the administrator of the virtual machine.
B. For Password Authentication Users
i. On Azure portal, delete the contents of the red box below, and copy the remaining contents of the green box.
ii. You will have ssh adminusername@PublicIPaddress left to copy.
Go back to PowerShell
a. In PowerShell, type in the command ssh Username@PublicIPaddress and press enter key or Copy and paste the command highlighted in green directly above.
b. You would be asked if you want to continue connecting, type "yes" and press the enter key.
c. You will be asked for your password as highlighted below. However, as you type your password, nothing will be seen on the screen (because passwords are protected), but make sure you type it in correctly and press enter.
d. To run a command as an administrator, we will run the sudo command.
- The command sudo su - and enter key; the result root@V-Linux identifies me/my account as the administrator of the virtual machine.
e. As packages and applications are being updated regularly, we will run an update command.
- To run an update command, type in sudo apt update
The result showed that 42 packages can be upgraded.
f. Another command was run (as recommended) to see the list: apt list —upgradable
This showed the list of the 42 packages that can be upgraded; three were highlighted with arrows to the right.
EXTENDING TIMEOUT
To avoid your connection being closed if it took you a while to run a command in PowerShell, you could extend your idle time out up to 30minutes on Azure with the following steps.
a. Return to the Azure portal
b. Identify your virtual machine
c. On the “Overview” page of your virtual machine, click on your “Public IP address”
d. Click on “Configuration” which is under settings
e. Click and drag the white button on the line from left to the end of the line on the right to increase your idle timeout to 30minutes, and click on save.
NB: If your connection was closed and you extend your idle timeout, go back to PowerShell and start again to input the commands; ssh -i PrivateKeypath adminusername@publicIPaddress OR ssh adminusername@PublicIPaddress like before, and follow the prompts.
How to Delete a Virtual Machine
To save cost while running your virtual machine, you can dissociate your IP address from your virtual machine. Although, for the purpose of this demo, we will delete the virtual machine instead.
a. On the “Overview” page of your virtual machine, click on “Delete” at the top, towards the right as highlighted below.
On the right side of your screen, you will see a box that shows the resource to be deleted and the resource type, including the associated resource type.
b. Click on “Apply force delete” to ensure that all of its associated resources are being deleted with it and nothing remains.
c. Check all the boxes for the associated resources to be deleted with the virtual machine.
d. Check the box at the bottom of the page to say that you understand that the VM and all its associated resources will be deleted.
e. Click on delete
f. On the notification icon, you will see a message that says that you have successfully deleted your virtual machine.
NB: For every step you complete, you get a notification as regards to it.
Hope this helps!