Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

Chapter 1. Deploying a Red Hat Enterprise Linux 7 image as a virtual machine on Microsoft Azure

You have a number of options for deploying a Red Hat Enterprise Linux (RHEL) 7 image on Azure. This chapter discusses your options for choosing an image and lists or refers to system requirements for your host system and virtual machine (VM). This chapter also provides procedures for creating a custom VM from an ISO image, uploading it to Azure, and launching an Azure VM instance.

Important

While you can create a custom VM from an ISO image, Red Hat recommends that you use the Red Hat Image Builder product to create customized images for use on specific cloud providers. See the Image Builder Guide for more information.

This chapter refers to the Azure documentation in a number of places. For many procedures, see the referenced Azure documentation for additional detail.

Note

For a list of Red Hat products that you can use securely on Azure, see Red Hat on Microsoft Azure.

Prerequisites

  • Sign up for a Red Hat Customer Portal account.
  • Sign up for a Microsoft Azure account.
  • Enable your subscriptions in the Red Hat Cloud Access program. The Red Hat Cloud Access program allows you to move your Red Hat subscriptions from physical or on-premise systems to Azure with full support from Red Hat.

Additional resources

The following table lists image choices and notes the differences in the image options.

Expand
Table 1.1. Image options
Image optionSubscriptionsSample scenarioConsiderations

Choose to deploy a Red Hat Gold Image.

Leverage your existing Red Hat subscriptions.

Enable subscriptions through the Red Hat Cloud Access program, and then choose a Red Hat Gold Image on Azure. See the Red Hat Cloud Access Reference Guide for details on Gold Images and how to access them on Azure.

The subscription includes the Red Hat product cost; you pay Microsoft for all other instance costs.

Red Hat Gold Images are called "Cloud Access" images because you leverage your existing Red Hat subscriptions. Red Hat provides support directly for Cloud Access images.

Choose to deploy a custom image that you move to Azure.

Leverage your existing Red Hat subscriptions.

Enable subscriptions through the Red Hat Cloud Access program, upload your custom image, and attach your subscriptions.

The subscription includes the Red Hat product cost; you pay Microsoft for all other instance costs.

Custom images that you move to Azure are "Cloud Access" images because you leverage your existing Red Hat subscriptions. Red Hat provides support directly for Cloud Access images.

Choose to deploy an existing Azure image that includes RHEL.

The Azure images include a Red Hat product.

Choose a RHEL image when you create a VM using the Azure console, or choose a VM from the Azure Marketplace.

You pay Microsoft hourly on a pay-as-you-go model. Such images are called "on-demand." Azure provides support for on-demand images through a support agreement.

Red Hat provides updates to the images. Azure makes the updates available through the Red Hat Update Infrastructure (RHUI).

Note

You can create a custom image for Azure using Red Hat Image Builder. See the Image Builder Guide for more information.

The remainder of this chapter includes information and procedures pertaining to Red Hat Enterprise Linux custom images.

Additional resources

1.2. Understanding base images
Copy link

This section includes information on using preconfigured base images and their configuration settings.

1.2.1. Using a custom base image
Copy link

To manually configure a VM, you start with a base (starter) VM image. Once you have created the base VM image, you can modify configuration settings and add the packages the VM requires to operate on the cloud. You can make additional configuration changes for your specific application after you upload the image.

To prepare a Hyper-V cloud image of RHEL, see Prepare a RHEL 7 virtual machine from Hyper-V manager.

Additional resources

Red Hat Enterprise Linux

1.2.2. Required system packages
Copy link

The procedures in this chapter assume you are using a host system running Red Hat Enterprise Linux. To successfully complete the procedures, your host system must have the following packages installed.

Expand
Table 1.2. System packages
PackageDescriptionCommand

qemu-kvm

This package provides the user-level KVM emulator and facilitates communication between hosts and guest VMs.

# yum install qemu-kvm libvirt

qemu-img

This package provides disk management for guest VMs. The qemu-img package is installed as a dependency of the qemu-kvm package.

libvirt

This package provides the server and host-side libraries for interacting with hypervisors and host systems and the libvirtd daemon that handles the library calls, manages VMs, and controls the hypervisor.

Expand
Table 1.3. Additional Virtualization Packages
PackageDescriptionCommand

virt-install

This package provides the virt-install command for creating VMs from the command line.

# yum install virt-install libvirt-python virt-manager virt-install libvirt-client

libvirt-python

This package contains a module that permits applications written in the Python programming language to use the interface supplied by the libvirt API.

virt-manager

This package provides the virt-manager tool, also known as Virtual Machine Manager (VMM). VMM is a graphical tool for administering VMs. It uses the libvirt-client library as the management API.

libvirt-client

This package provides the client-side APIs and libraries for accessing libvirt servers. The libvirt-client package includes the virsh command line tool to manage and control VMs and hypervisors from the command line or a special virtualization shell.

Additional resources

1.2.3. Azure VM configuration settings
Copy link

Azure VMs must have the following configuration settings. Some of these settings are enabled during the initial VM creation. Other settings are set when provisioning the VM image for Azure. Keep these settings in mind as you move through the procedures; refer to them if you experience any errors.

Expand
Table 1.4. VM configuration settings
SettingRecommendation

ssh

ssh must be enabled to provide remote access to your Azure VMs.

dhcp

The primary virtual adapter should be configured for dhcp (IPv4 only).

Swap Space

Do not create a dedicated swap file or swap partition. You can configure swap space with the Windows Azure Linux Agent (WALinuxAgent).

NIC

Choose virtio for the primary virtual network adapter.

encryption

For custom images, running RHEL 7.5 and later, use Network Bound Disk Encryption (NBDE) for full disk encryption on Azure. NBDE is supported only on RHEL 7.5 and later.

1.2.4. Creating a base image from an ISO image
Copy link

The following procedure lists the steps and initial configuration requirements for creating a custom ISO image. Once you have configured the image, you can use the image as a template for creating additional VM instances.

Procedure

  1. Download the latest Red Hat Enterprise Linux 7 Binary DVD ISO image from the Red Hat Customer Portal.
  2. Ensure that you have enabled your host machine for virtualization. See the Virtualization Getting Started Guide for information and procedures.

  3. Create and start a basic Red Hat Enterprise Linux VM. See the Getting Started with Virtualization Command-line Interface for instructions.

    1. If you use the command line to create your VM, ensure that you set the default memory and CPUs to the capacity you want for the VM. Set your virtual network interface to virtio.

      A basic command line sample follows. 

      virt-install --name isotest --memory 2048 --vcpus 2 --disk size=8,bus=virtio --location rhel-7.0-x86_64-dvd.iso --os-variant=rhel7.0
      Copy to Clipboard Toggle word wrap

    2. If you use the VMM application to create your VM, follow the procedure in Getting Started with Virtual Machine Manager, with these caveats:

      • Do not check Immediately Start VM.
      • Change your Memory and Storage Size to your preferred settings.
      • Before you start the installation, ensure that you have changed Model under Virtual Network Interface Settings to virtio and change your vCPUs to the capacity settings you want for the VM.

  4. Review the following additional installation selection and modifications.

    • Select Minimal Install with the standard RHEL option.

    • For Installation Destination, select Custom Storage Configuration. Use the following configuration information to make your selections.

      • Verify at least 500 MB for /boot.
      • For the file system, use xfs, ext4, or ext3 for both boot and root partitions.
      • Remove swap space. Swap space is configured on the physical blade server in Azure by the WALinuxAgent.
    • On the Installation Summary screen, select Network and Host Name. Switch Ethernet to On.

  5. When the install starts:

    • Create a root password.
    • Create an administrative user account.
  6. When installation is complete, reboot the VM and log in to the root account.
  7. Once you are logged in as root, you can configure the image.

The base image requires configuration changes to serve as your RHEL 7 VM image in Azure. The following sections provide the additional configuration changes that Azure requires.

1.3.1. Installing Hyper-V device drivers
Copy link

Microsoft provides network and storage device drivers as part of their Linux Integration Services (LIS) for the Hyper-V package. You may need to install Hyper-V device drivers on the VM image prior to provisioning it as an Azure VM. Use the lsinitrd | grep hv command to verify that the drivers are installed.

Procedure

  1. Enter the following grep command to determine if the required Hyper-V device drivers are installed. 

    # lsinitrd | grep hv
    Copy to Clipboard Toggle word wrap

    In the example below, all required drivers are installed. 

    # lsinitrd | grep hv
drwxr-xr-x   2 root     root            0 Aug 12 14:21 usr/lib/modules/3.10.0-932.el7.x86_64/kernel/drivers/hv
-rw-r--r--   1 root     root        31272 Aug 11 08:45 usr/lib/modules/3.10.0-932.el7.x86_64/kernel/drivers/hv/hv_vmbus.ko.xz
-rw-r--r--   1 root     root        25132 Aug 11 08:46 usr/lib/modules/3.10.0-932.el7.x86_64/kernel/drivers/net/hyperv/hv_netvsc.ko.xz
-rw-r--r--   1 root     root         9796 Aug 11 08:45 usr/lib/modules/3.10.0-932.el7.x86_64/kernel/drivers/scsi/hv_storvsc.ko.xz
    Copy to Clipboard Toggle word wrap

    If all the drivers are not installed, complete the remaining steps.

    Note

    An hv_vmbus driver may exist in the environment. Even if this driver is present, complete the following steps on your VM.

  2. Create a file named hv.conf in /etc/hv.conf.d.

  3. Add the following driver parameters to the hv.conf file. 

    add_drivers+=" hv_vmbus "
add_drivers+=" hv_netvsc "
add_drivers+=" hv_storvsc "
    Copy to Clipboard Toggle word wrap
    Note

    Note the spaces before and after the quotes, for example, add_drivers+=" hv_vmbus ". This ensures that unique drivers are loaded in the event that other Hyper-V drivers exist in the environment.

  4. Regenerate the initramfs image. 

    # dracut -f -v --regenerate-all
    Copy to Clipboard Toggle word wrap

Verification steps

  1. Reboot the machine.
  2. Run the lsinitrd | grep hv command to verify that the drivers are installed.

1.3.2. Making additional configuration changes
Copy link

The VM requires further configuration changes to operate in Azure. Perform the following procedure to make the additional changes.

Procedure

  1. If necessary, power on the VM.

  2. Register the VM and enable the Red Hat Enterprise Linux 7 repository. 

    # subscription-manager register --auto-attach
    Copy to Clipboard Toggle word wrap

Stopping and removing cloud-init (if present)

  1. Stop the cloud-init service. 

    # systemctl stop cloud-init
    Copy to Clipboard Toggle word wrap

  2. Remove the cloud-init software. 

    # yum remove cloud-init
    Copy to Clipboard Toggle word wrap

Completing other VM changes

  1. Edit the /etc/ssh/sshd_config file and enable password authentication. 

    PasswordAuthentication yes
    Copy to Clipboard Toggle word wrap

  2. Set a generic host name. 

    # hostnamectl set-hostname localhost.localdomain
    Copy to Clipboard Toggle word wrap

  3. Edit (or create) the /etc/sysconfig/network-scripts/ifcfg-eth0 file. Use only the parameters listed below.

    Note

    The ifcfg-eth0 file does not exist on the RHEL 7 DVD ISO image and must be created. 

    DEVICE="eth0"
ONBOOT="yes"
BOOTPROTO="dhcp"
TYPE="Ethernet"
USERCTL="yes"
PEERDNS="yes"
IPV6INIT="no"
    Copy to Clipboard Toggle word wrap

  4. Remove all persistent network device rules (if present). 

    # rm -f /etc/udev/rules.d/70-persistent-net.rules
# rm -f /etc/udev/rules.d/75-persistent-net-generator.rules
# rm -f /etc/udev/rules.d/80-net-name-slot-rules
    Copy to Clipboard Toggle word wrap

  5. Set ssh to start automatically. 

    # systemctl enable sshd
# systemctl is-enabled sshd
    Copy to Clipboard Toggle word wrap

  6. Modify the kernel boot parameters.

    1. Add crashkernel=256M to the start of the GRUB_CMDLINE_LINUX line in the /etc/default/grub file. If crashkernel=auto is present, change it to crashkernel=256M.

    2. Add the following lines to the end of the GRUB_CMDLINE_LINUX line (if not present). 

      earlyprintk=ttyS0
console=ttyS0
rootdelay=300
      Copy to Clipboard Toggle word wrap

    3. Remove the following options (if present). 

      rhgb
quiet
      Copy to Clipboard Toggle word wrap

  7. Regenerate the grub.cfg file. 

    # grub2-mkconfig -o /boot/grub2/grub.cfg
    Copy to Clipboard Toggle word wrap

  8. Install and enable the Windows Azure Linux Agent (WALinuxAgent). 

    # yum install WALinuxAgent -y
# systemctl enable waagent
    Copy to Clipboard Toggle word wrap
    Note

    If you get the error message No package WALinuxAgent available, install the rhel-7-server-extras-rpms repository. Run the # subscription-manager repos --enable=rhel-7-server-extras-rpms command before trying the installation again.

  9. Edit the following lines in the /etc/waagent.conf file to configure swap space for provisioned VMs. Set swap space for whatever is appropriate for your provisioned VMs. 

    Provisioning.DeleteRootPassword=n
ResourceDisk.Filesystem=ext4
ResourceDisk.EnableSwap=y
ResourceDisk.SwapSizeMB=2048
    Copy to Clipboard Toggle word wrap

Preparing to provision

  1. Unregister the VM from Red Hat Subscription Manager. 

    # subscription-manager unregister
    Copy to Clipboard Toggle word wrap

  2. Prepare the VM for Azure provisioning by cleaning up the existing provisioning details. Azure reprovisions the VM in Azure. This command generates data loss warnings, which are expected. 

    # waagent -force -deprovision
    Copy to Clipboard Toggle word wrap

  3. Clean the shell history and shut down the VM. 

    # export HISTSIZE=0
# poweroff
    Copy to Clipboard Toggle word wrap

1.4. Converting the image to a fixed VHD format
Copy link

All Microsoft Azure VM images must be in a fixed VHD format. The image must be aligned on a 1 MB boundary before it is converted to VHD. This section describes how to convert the image from qcow2 to a fixed VHD format and align the image, if necessary. Once you have converted the image, you can upload it to Azure.

Procedure

  1. Convert the image from qcow2 to raw format. 

    $ qemu-img convert -f qcow2 -O raw <image-name>.qcow2 <image-name>.raw
    Copy to Clipboard Toggle word wrap

  2. Create a shell script using the contents below. 

    #!/bin/bash
MB=$((1024 * 1024))
size=$(qemu-img info -f raw --output json "$1" | gawk 'match($0, /"virtual-size": ([0-9]+),/, val) {print val[1]}')
rounded_size=$((($size/$MB + 1) * $MB))
if [ $(($size % $MB)) -eq  0 ]
then
 echo "Your image is already aligned. You do not need to resize."
 exit 1
fi
echo "rounded size = $rounded_size"
export rounded_size
    Copy to Clipboard Toggle word wrap

  3. Run the script. This example uses the name align.sh. 

    $ sh align.sh <image-xxx>.raw
    Copy to Clipboard Toggle word wrap
    • If the message "Your image is already aligned. You do not need to resize." displays, proceed to the following step.
    • If a value displays, your image is not aligned. Resize the image using the procedures in the Aligning the image section before proceeding to the next step.

  4. Use the following command to convert the file to a fixed VHD format.

    The sample uses qemu-img version 2.12.0. 

    $ qemu-img convert -f raw -o subformat=fixed,force_size -O vpc <image-xxx>.raw <image.xxx>.vhd
    Copy to Clipboard Toggle word wrap

    Once converted, the VHD file is ready to upload to Azure.

Aligning the image

Complete the following steps only if the raw file is not aligned.

  1. Resize the raw file using the rounded value displayed when you ran the verification script. 

    $ qemu-img resize -f raw <image-xxx>.raw <rounded-value>
    Copy to Clipboard Toggle word wrap

  2. Convert the raw image file to a VHD format.

    The sample uses qemu-img version 2.12.0. 

    $ qemu-img convert -f raw -o subformat=fixed,force_size -O vpc <image-xxx>.raw <image.xxx>.vhd
    Copy to Clipboard Toggle word wrap

    Once converted, the VHD file is ready to upload to Azure.

1.5. Installing the Azure CLI
Copy link

Complete the following steps to install the Azure command line interface (Azure CLI 2.1) on your host machine. Azure CLI 2.1 is a Python-based utility that creates and manages VMs in Azure.

Prerequisites

  • You need to have an account with Microsoft Azure before you can use the Azure CLI.
  • The Azure CLI installation requires Python 3.x.

Procedure

  1. Import the Microsoft repository key. 

    $ sudo rpm --import https://packages.microsoft.com/keys/microsoft.asc
    Copy to Clipboard Toggle word wrap

  2. Create a local Azure CLI repository entry. 

    $ sudo sh -c 'echo -e "[azure-cli]\nname=Azure CLI\nbaseurl=https://packages.microsoft.com/yumrepos/azure-cli\nenabled=1\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc" > /etc/yum.repos.d/azure-cli.repo'
    Copy to Clipboard Toggle word wrap

  3. Update the yum package index. 

    $ yum check-update
    Copy to Clipboard Toggle word wrap

  4. Check your Python version (python --version) and install Python 3.x, if necessary. 

    $ sudo yum install python3
    Copy to Clipboard Toggle word wrap

  5. Install the Azure CLI. 

    $ sudo yum install -y azure-cli
    Copy to Clipboard Toggle word wrap

  6. Run the Azure CLI. 

    $ az
    Copy to Clipboard Toggle word wrap

Additional resources

1.6. Creating resources in Azure
Copy link

Complete the following procedure to create the Azure resources that you need before you can upload the VHD file and create the Azure image.

Procedure

  1. Enter the following command to authenticate your system with Azure and log in. 

    $ az login
    Copy to Clipboard Toggle word wrap
    Note

    If a browser is available in your environment, the CLI opens your browser to the Azure sign-in page. See Sign in with Azure CLI for more information and options.

  2. Create a resource group in an Azure region. 

    $ az group create --name <resource-group> --location <azure-region>
    Copy to Clipboard Toggle word wrap

    Example: 

    $ az group create --name azrhelclirsgrp --location southcentralus
{
  "id": "/subscriptions//resourceGroups/azrhelclirsgrp",
  "location": "southcentralus",
  "managedBy": null,
  "name": "azrhelclirsgrp",
  "properties": {
    "provisioningState": "Succeeded"
  },
  "tags": null
}
    Copy to Clipboard Toggle word wrap

  3. Create a storage account. See SKU Types for more information about valid SKU values. 

    $ az storage account create -l <azure-region> -n <storage-account-name> -g <resource-group> --sku <sku_type>
    Copy to Clipboard Toggle word wrap

    Example: 

    $ az storage account create -l southcentralus -n azrhelclistact -g azrhelclirsgrp --sku Standard_LRS
{
  "accessTier": null,
  "creationTime": "2017-04-05T19:10:29.855470+00:00",
  "customDomain": null,
  "encryption": null,
  "id": "/subscriptions//resourceGroups/azrhelclirsgrp/providers/Microsoft.Storage/storageAccounts/azrhelclistact",
  "kind": "StorageV2",
  "lastGeoFailoverTime": null,
  "location": "southcentralus",
  "name": "azrhelclistact",
  "primaryEndpoints": {
    "blob": "https://azrhelclistact.blob.core.windows.net/",
    "file": "https://azrhelclistact.file.core.windows.net/",
    "queue": "https://azrhelclistact.queue.core.windows.net/",
    "table": "https://azrhelclistact.table.core.windows.net/"
},
"primaryLocation": "southcentralus",
"provisioningState": "Succeeded",
"resourceGroup": "azrhelclirsgrp",
"secondaryEndpoints": null,
"secondaryLocation": null,
"sku": {
  "name": "Standard_LRS",
  "tier": "Standard"
},
"statusOfPrimary": "available",
"statusOfSecondary": null,
"tags": {},
  "type": "Microsoft.Storage/storageAccounts"
}
    Copy to Clipboard Toggle word wrap

  4. Get the storage account connection string. 

    $ az storage account show-connection-string -n <storage-account-name> -g <resource-group>
    Copy to Clipboard Toggle word wrap

    Example: 

    [clouduser@localhost]$ az storage account show-connection-string -n azrhelclistact -g azrhelclirsgrp
{
  "connectionString": "DefaultEndpointsProtocol=https;EndpointSuffix=core.windows.net;AccountName=azrhelclistact;AccountKey=NreGk...=="
}
    Copy to Clipboard Toggle word wrap

  5. Export the connection string by copying the connection string and pasting it into the following command. This string connects your system to the storage account. 

    $ export AZURE_STORAGE_CONNECTION_STRING="<storage-connection-string>"
    Copy to Clipboard Toggle word wrap

    Example: 

    [clouduser@localhost]$ export AZURE_STORAGE_CONNECTION_STRING="DefaultEndpointsProtocol=https;EndpointSuffix=core.windows.net;AccountName=azrhelclistact;AccountKey=NreGk...=="
    Copy to Clipboard Toggle word wrap

  6. Create the storage container. 

    $ az storage container create -n <container-name>
    Copy to Clipboard Toggle word wrap

    Example: 

    [clouduser@localhost]$ az storage container create -n azrhelclistcont
{
  "created": true
}
    Copy to Clipboard Toggle word wrap

  7. Create a virtual network. 

    $ az network vnet create -g <resource group> --name <vnet-name> --subnet-name <subnet-name>
    Copy to Clipboard Toggle word wrap

    Example: 

    [clouduser@localhost]$ az network vnet create --resource-group azrhelclirsgrp --name azrhelclivnet1 --subnet-name azrhelclisubnet1
{
  "newVNet": {
    "addressSpace": {
      "addressPrefixes": [
      "10.0.0.0/16"
      ]
  },
  "dhcpOptions": {
    "dnsServers": []
  },
  "etag": "W/\"\"",
  "id": "/subscriptions//resourceGroups/azrhelclirsgrp/providers/Microsoft.Network/virtualNetworks/azrhelclivnet1",
  "location": "southcentralus",
  "name": "azrhelclivnet1",
  "provisioningState": "Succeeded",
  "resourceGroup": "azrhelclirsgrp",
  "resourceGuid": "0f25efee-e2a6-4abe-a4e9-817061ee1e79",
  "subnets": [
    {
      "addressPrefix": "10.0.0.0/24",
      "etag": "W/\"\"",
      "id": "/subscriptions//resourceGroups/azrhelclirsgrp/providers/Microsoft.Network/virtualNetworks/azrhelclivnet1/subnets/azrhelclisubnet1",
      "ipConfigurations": null,
      "name": "azrhelclisubnet1",
      "networkSecurityGroup": null,
      "provisioningState": "Succeeded",
      "resourceGroup": "azrhelclirsgrp",
      "resourceNavigationLinks": null,
      "routeTable": null
    }
  ],
  "tags": {},
  "type": "Microsoft.Network/virtualNetworks",
  "virtualNetworkPeerings": null
  }
}
    Copy to Clipboard Toggle word wrap

Additional resources

1.7. Uploading and creating an Azure image
Copy link

Complete the following steps to upload the VHD file to your container and create an Azure custom image.

Note

The exported storage connection string does not persist after a system reboot. If any of commands in the following steps fail, export the connection string again.

Procedure

  1. Upload the VHD file to the storage container; it may take several minutes. To get a list of storage containers, enter the az storage container list command. 

    $ az storage blob upload --account-name <storage-account-name> --container-name <container-name> --type page --file <path-to-vhd> --name <image-name>.vhd
    Copy to Clipboard Toggle word wrap

    Example: 

    $ az storage blob upload --account-name azrhelclistact --container-name azrhelclistcont --type page --file rhel-image-7.vhd --name rhel-image-7.vhd
Percent complete: %100.0
    Copy to Clipboard Toggle word wrap

  2. Get the URL for the uploaded VHD file to use in the following step. 

    $ az storage blob url -c <container-name> -n <image-name>.vhd
    Copy to Clipboard Toggle word wrap

    Example: 

    $ az storage blob url -c azrhelclistcont -n rhel-image-7.vhd
"https://azrhelclistact.blob.core.windows.net/azrhelclistcont/rhel-image-7.vhd"
    Copy to Clipboard Toggle word wrap

  3. Create the Azure custom image. 

    $ az image create -n <image-name> -g <resource-group> -l <azure-region> --source <URL> --os-type linux
    Copy to Clipboard Toggle word wrap
    Note

    The default hypervisor generation of the VM is V1. You can optionally specify a V2 hypervisor generation by including the option --hyper-v-generation V2. Generation 2 VMs use a UEFI-based boot architecture. See Support for generation 2 VMs on Azure for information on generation 2 VMs.

    The command may return the error "Only blobs formatted as VHDs can be imported." This error may mean that the image was not aligned to the nearest 1 MB boundary before it was converted to VHD.

    Example: 

    $ az image create -n rhel7 -g azrhelclirsgrp2 -l southcentralus --source https://azrhelclistact.blob.core.windows.net/azrhelclistcont/rhel-image-7.vhd --os-type linux
    Copy to Clipboard Toggle word wrap

1.8. Creating and starting the VM in Azure
Copy link

The following steps provide the minimum command options to create a managed-disk Azure VM from the image. See az vm create for additional options.

Procedure

  1. Enter the following command to create the VM. 

    $ az vm create -g <resource-group> -l <azure-region> -n <vm-name> --vnet-name <vnet-name> --subnet <subnet-name> --size Standard_A2 --os-disk-name <simple-name> --admin-username <administrator-name> --generate-ssh-keys --image <path-to-image>
    Copy to Clipboard Toggle word wrap
    Note

    The option --generate-ssh-keys creates a private/public key pair. Private and public key files are created in ~/.ssh on your system. The public key is added to the authorized_keys file on the VM for the user specified by the --admin-username option. See Other authentication methods for additional information.

    Example: 

    [clouduser@localhost]$ az vm create -g azrhelclirsgrp2 -l southcentralus -n rhel-azure-vm-1 --vnet-name azrhelclivnet1 --subnet azrhelclisubnet1  --size Standard_A2 --os-disk-name vm-1-osdisk --admin-username clouduser --generate-ssh-keys --image rhel7
{
  "fqdns": "",
  "id": "/subscriptions//resourceGroups/azrhelclirsgrp/providers/Microsoft.Compute/virtualMachines/rhel-azure-vm-1",
  "location": "southcentralus",
  "macAddress": "",
  "powerState": "VM running",
  "privateIpAddress": "10.0.0.4",
  "publicIpAddress": "<public-IP-address>",
  "resourceGroup": "azrhelclirsgrp2"
    Copy to Clipboard Toggle word wrap

  2. Start an SSH session and log in to the VM. 

    [clouduser@localhost]$ ssh  -i /home/clouduser/.ssh/id_rsa clouduser@<public-IP-address>.
The authenticity of host,  '<public-IP-address>' can't be established.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '<public-IP-address>' (ECDSA) to the list of known hosts.
    Copy to Clipboard Toggle word wrap

If you see a user prompt, you have successfully deployed your Azure VM.

You can now go to the Azure Portal and check the audit logs and properties of your resources. You can manage your VMs directly in this portal. If you are managing multiple VMs, you should use the Azure CLI. The Azure CLI provides a powerful interface to your resources in Azure. Enter the az --help command in the CLI or see the Azure CLI command reference to learn more about the commands you use to manage your VMs in Microsoft Azure.

1.9. Other authentication methods
Copy link

While recommended for increased security, using the Azure-generated key pair is not required. The following examples show two methods for SSH authentication.

Example 1: These command options provision a new VM without generating a public key file. They allow SSH authentication using a password. 

$ az vm create -g <resource-group> -l <azure-region> -n <vm-name> --vnet-name <vnet-name> --subnet <subnet-name> --size Standard_A2 --os-disk-name <simple-name> --authentication-type password --admin-username <administrator-name> --admin-password <ssh-password> --image <path-to-image>
Copy to Clipboard Toggle word wrap 
$ ssh <admin-username>@<public-ip-address>
Copy to Clipboard Toggle word wrap

Example 2: These command options provision a new Azure VM and allow SSH authentication using an existing public key file. 

$ az vm create -g <resource-group> -l <azure-region> -n <vm-name> --vnet-name <vnet-name> --subnet <subnet-name> --size Standard_A2 --os-disk-name <simple-name> --admin-username <administrator-name> --ssh-key-value <path-to-existing-ssh-key> --image <path-to-image>
Copy to Clipboard Toggle word wrap 
$ ssh -i <path-to-existing-ssh-key> <admin-username>@<public-ip-address>
Copy to Clipboard Toggle word wrap

1.10. Attaching Red Hat subscriptions
Copy link

Complete the following steps to attach the subscriptions you previously enabled through the Red Hat Cloud Access program.

Prerequisites

You must have enabled your subscriptions.

Procedure

  1. Register your system. 

    subscription-manager register --auto-attach
    Copy to Clipboard Toggle word wrap

  2. Attach your subscriptions.

Additional resources

Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat