Create a VM (Classic) with multiple NICs using the Azure classic CLI
You can create virtual machines (VMs) in Azure and attach multiple network interfaces (NICs) to each of your VMs. Multiple NICs enable separation of traffic types across NICs. For example, one NIC might communicate with the Internet, while another communicates only with internal resources not connected to the Internet. The ability to separate network traffic across multiple NICs is required for many network virtual appliances, such as application delivery and WAN optimization solutions.
Important
Azure has two different deployment models for creating and working with resources: Resource Manager and classic. This article covers using the classic deployment model. Microsoft recommends that most new deployments use the Resource Manager model. Learn how to perform these steps using the Resource Manager deployment model.
Scenario
This document walks through a deployment that uses multiple NICs in VMs in a specific scenario. In this scenario, you have a two-tiered IaaS workload hosted in Azure. Each tier is deployed in its own subnet in a virtual network (VNet). The front-end tier is composed of several web servers, grouped together in a load balancer set for high availability. The back-end tier is composed of several database servers. The database servers are deployed with two NICs each, one for database access, the other for management. The scenario also includes Network Security Groups (NSGs) to control what traffic is allowed to each subnet, and NIC in the deployment. The following picture shows the basic architecture of this scenario:
The following steps use a resource group named IaaSStory for the WEB servers and a resource group named IaaSStory-BackEnd for the DB servers.
Prerequisites
Before you can create the DB servers, you need to create the IaaSStory resource group with all the necessary resources for this scenario. To create these resources, complete the steps that follow. Create a virtual network by following the steps in the Create a virtual network article.
Prerequisite: Install the Azure CLI
To perform the steps in this article, install the Azure CLI and sign in to Azure.
Note
If you don't have an Azure account, you need one. Sign up for a free trial here. In addition, to follow along you need to have either jq or some other JSON parsing tool or library installed.
Deploy the back-end VMs
The back-end VMs depend on the creation of the following resources:
- Storage account for data disks. For better performance, the data disks on the database servers will use solid state drive (SSD) technology, which requires a premium storage account. Make sure the Azure location you deploy to support premium storage.
- NICs. Each VM will have two NICs, one for database access, and one for management.
- Availability set. All database servers will be added to a single availability set, to ensure at least one of the VMs is up and running during maintenance.
Step 1 - Start your script
You can download the full bash script used here. Complete the following steps to change the script to work in your environment:
Change the values of the variables below based on your existing resource group deployed above in Prerequisites.
location="useast2" vnetName="WTestVNet" backendSubnetName="BackEnd"Change the values of the variables below based on the values you want to use for your backend deployment.
backendCSName="IaaSStory-Backend" prmStorageAccountName="iaasstoryprmstorage" image="0b11de9248dd4d87b18621318e037d37__RightImage-Ubuntu-14.04-x64-v14.2.1" avSetName="ASDB" vmSize="Standard_DS3" diskSize=127 vmNamePrefix="DB" osDiskName="osdiskdb" dataDiskPrefix="db" dataDiskName="datadisk" ipAddressPrefix="192.168.2." username='adminuser' password='adminP@ssw0rd' numberOfVMs=2
Step 2 - Create necessary resources for your VMs
Create a new cloud service for all backend VMs. Notice the use of the
$backendCSNamevariable for the resource group name, and$locationfor the Azure region.azure service create --serviceName $backendCSName \ --location $locationCreate a premium storage account for the OS and data disks to be used by yours VMs.
azure storage account create $prmStorageAccountName \ --location $location \ --type PLRS
Step 3 - Create VMs with multiple NICs
Start a loop to create multiple VMs, based on the
numberOfVMsvariables.for ((suffixNumber=1;suffixNumber<=numberOfVMs;suffixNumber++)); doFor each VM, specify the name and IP address of each of the two NICs.
nic1Name=$vmNamePrefix$suffixNumber-DA x=$((suffixNumber+3)) ipAddress1=$ipAddressPrefix$x nic2Name=$vmNamePrefix$suffixNumber-RA x=$((suffixNumber+53)) ipAddress2=$ipAddressPrefix$xCreate the VM. Notice the usage of the
--nic-configparameter, containing a list of all NICs with name, subnet, and IP address.azure vm create $backendCSName $image $username $password \ --connect $backendCSName \ --vm-name $vmNamePrefix$suffixNumber \ --vm-size $vmSize \ --availability-set $avSetName \ --blob-url $prmStorageAccountName.blob.core.windows.net/vhds/$osDiskName$suffixNumber.vhd \ --virtual-network-name $vnetName \ --subnet-names $backendSubnetName \ --nic-config $nic1Name:$backendSubnetName:$ipAddress1::,$nic2Name:$backendSubnetName:$ipAddress2::For each VM, create two data disks.
azure vm disk attach-new $vmNamePrefix$suffixNumber \ $diskSize \ vhds/$dataDiskPrefix$suffixNumber$dataDiskName-1.vhd azure vm disk attach-new $vmNamePrefix$suffixNumber \ $diskSize \ vhds/$dataDiskPrefix$suffixNumber$dataDiskName-2.vhd done
Step 4 - Run the script
Now that you downloaded and changed the script based on your needs, run the script to create the back end database VMs with multiple NICs.
Save your script and run it from your Bash terminal. You will see the initial output, as shown below.
info: Executing command service create info: Creating cloud service data: Cloud service name IaaSStory-Backend info: service create command OK info: Executing command storage account create info: Creating storage account info: storage account create command OK info: Executing command vm create info: Looking up image 0b11de9248dd4d87b18621318e037d37__RightImage-Ubuntu-14.04-x64-v14.2.1 info: Looking up virtual network info: Looking up cloud service info: Getting cloud service properties info: Looking up deployment info: Creating VMAfter a few minutes, the execution will end and you will see the rest of the output as shown below.
info: OK info: vm create command OK info: Executing command vm disk attach-new info: Getting virtual machines info: Adding Data-Disk info: vm disk attach-new command OK info: Executing command vm disk attach-new info: Getting virtual machines info: Adding Data-Disk info: vm disk attach-new command OK info: Executing command vm create info: Looking up image 0b11de9248dd4d87b18621318e037d37__RightImage-Ubuntu-14.04-x64-v14.2.1 info: Looking up virtual network info: Looking up cloud service info: Getting cloud service properties info: Looking up deployment info: Creating VM info: OK info: vm create command OK info: Executing command vm disk attach-new info: Getting virtual machines info: Adding Data-Disk info: vm disk attach-new command OK info: Executing command vm disk attach-new info: Getting virtual machines info: Adding Data-Disk info: vm disk attach-new command OK
Step 5 - Configure routing within the VM's operating system
Azure DHCP assigns a default gateway to the first (primary) network interface attached to the virtual machine. Azure does not assign a default gateway to additional (secondary) network interfaces attached to a virtual machine. Therefore, you are unable to communicate with resources outside the subnet that a secondary network interface is in, by default. Secondary network interfaces can, however, communicate with resources outside their subnet. To configure routing for secondary network interfaces, see Routing within a virtual machine operating system with multiple network interfaces.