Showing posts with label Chocolatey and Powershell.. this will handfree full VM deployment including IISl WebServer. Show all posts
Showing posts with label Chocolatey and Powershell.. this will handfree full VM deployment including IISl WebServer. Show all posts

Saturday, September 6, 2014

Azure, Chocolatey and Powershell.. this provision a full VM including IISl WebServer, NET-Framework-Features, chocolatley, google chrome, 7zip, notepad ++.. Hands free/no user interaction

<#

.SYNOPSIS

Chocolatey, Azure and Powershell

.Description

Azure SandBoxing

.NOTES

File Name : DeployFun.PS1

Author : Drew the horrid

 

 

This Script will do the following

- Pull Virtual Network Name and Append the name to the Deployment

- Parse the VM library for Windows Server 2012 R2 Datacenter and select the latest patched version

- Attach a 15GB data disk

- Install Azure Microsoft Antimalware Service

- Download the VM Certificate and install the certificate in your machine\root ca (hence you have to run as admin)

- Remote execute and install WebServer, NET-Framework-Features, chocolatley, google chrome, 7zip, notepad ++

a small VM and install Azure the Microsoft Antimaleware Extension as well as chocolatey, Chrome, 7Zip)

 

.Pending things

- Create logic to list storage accounts and let the user pick

- Create list of services and let the user pick (have to figure out region/vnet thing)

- Get-AzureVNET if not there .. don't bind Vnet in AzureVM build

- Prompt for DC name and CA name

- need a delay check that vm is up before invoke-command

 

 

#>

 

 

 

 

 

# Subscription Block

Get-AzureSubscription | Remove-AzureSubscription

 

Import-AzurePublishSettingsFile .\filenameHERE

 

# Bind Variable for storage account (must have a storage account provisioned for PS Azure VM deployments)

$Sub=Get-AzureSubscription

Set-AzureSubscription -SubscriptionName $sub.SubscriptionName -CurrentStorageAccountName NAMEHERE

 

# Get-Vnet name '#' this block if you don't have a vnet

[xml]$Vnet=(Get-AzureVNetConfig).XMLConfiguration

$Vnetname= $vnet.GetElementsByTagName('VirtualNetworkSites').Virtualnetworksite.name

 

# Get-VM Images and filter Windows Server 2012 R2

$VMImages=Get-AzureVMImage |Where-Object {($_.PublisherName -ilike "Microsoft*" -and $_.ImageFamily -ilike 'Windows Server 2012 R2 Datacenter') }

 

# Variables for Deployment

$ServiceName="Drew"

$VMName="DC1"

 

# Get Credentials

$Cred=Get-Credential -Message "Username and Password for this deployment"

 

# Deployment Engine **IMPORTANT: Remove -vnetname and $VnetName if you do not have VNET configured

New-AzureVMConfig -Name $VMName -InstanceSize "Small" -ImageName $vmimages[1].ImageName |Add-AzureProvisioningConfig -Windows -AdminUsername $cred.UserName -Password

 

$Cred.GetNetworkCredential().password -TimeZone "Central Standard Time" -Verbose |Add-AzureDataDisk -CreateNew -DiskSizeInGB 15 -DiskLabel "disk 1" -LUN 0 |New-AzureVM -

 

servicename $ServiceName -VNetName $Vnetname -Verbose

 

 

# Get the VM

$vm = Get-AzureVM ServiceName $ServiceName -Name $VMName

 

# Add Microsoft Antimalware Agent to the Virtual Machine

Set-AzureVMExtension -Publisher Microsoft.Azure.Security -ExtensionName IaaSAntimalware -Version 1.* -VM $vm.VM

Update-AzureVM -Name $VMName -ServiceName $Servicename -VM $vm.VM

 

# Get the VM Certificate and add it our machine's trusted root ca so we can remote into it

 

$winRMCert =(Get-AzureVM -ServiceName $ServiceName -name $VMname| select -ExpandProperty vm).DefaultWinRMCertificateThumbprint

$AzureX509cert = Get-AzureCertificate -ServiceName $Servicename -Thumbprint $winRMCert -ThumbprintAlgorithm sha1

$certTempFile = [IO.Path]::GetTempFileName()

$AzureX509cert.Data | Out-File $certTempFile

$CertToImport = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $certTempFile

$store = New-Object System.Security.Cryptography.X509Certificates.X509Store "Root", "LocalMachine"

$store.Certificates.Count

$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)

$store.Add($CertToImport)

$store.Close()

write-Host ("Cleanup cert file- "+[System.DateTime]::Now.ToString("hh:mm:ss"))

Remove-Item $certTempFile

 

# Get DNS and PORT for remoting

# Get DNS name and remove http formatting

$VMDNSNAME=(($vm.dnsname).Remove(0,7)).replace("/","")

# Get PS endpoint

$endpoints=$VM |Get-AzureEndpoint

 

### Code to Enter Remote Session on the VM

# Enter-PSSession -ComputerName $VMDNSNAME -Port $endpoints[1].port -Credential $cred -UseSSL

 

## Code to wait until PSRemote Port starts

for($retry = 0; $retry -le 5; $retry++)

{

try

{

$session = New-PSSession -ComputerName $VMDNSNAME -Credential $cred -Port $endpoints[1].port -UseSSL

if ($session -ne $null)

{

break

}

Write-Output "Unable to create a PowerShell session . . . sleeping and trying again in 30 seconds."

Start-Sleep -Seconds 30

}

catch

{

Write-Output "Unable to create a PowerShell session . . . sleeping and trying again in 30 seconds."

Start-Sleep -Seconds 30

}

}

 

# Install IIS, .NET, Choc, Google Chrome, 7Zip, Notepad++

 

 

Invoke-Command -ComputerName $VMDNSNAME -Port $endpoints[1].port -Credential $cred -UseSSL -ScriptBlock {install-WindowsFeature -Name Web-Server -

 

IncludeManagementTools;install-windowsfeature -name NET-Framework-Features;iex ((new-object net.webclient).DownloadString("http://chocolatey.org/install.ps1"));cinst

 

googlechrome;cinst 7zip;cinst notepadplusplus}

 

 

 

 

 

Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)