Azure Virtual Machines Extensions

Enhance your Azure VMs with specialized functionalities.

Introduction to VM Extensions

Azure Virtual Machine (VM) extensions are small applications that provide post-deployment configuration and task automation capabilities for Azure virtual machines. They can be used for tasks such as:

  • Installing and configuring software
  • Running scripts
  • Monitoring and diagnostics
  • Security enforcement
  • Data configuration

VM extensions are agent-based and run directly on the virtual machine. They are managed through the Azure portal, Azure CLI, Azure PowerShell, or Azure Resource Manager templates.

How VM Extensions Work

When you deploy a VM extension, the Azure fabric controller sends the extension package and any required configuration to the VM agent. The VM agent then installs and executes the extension.

The VM agent communicates with the Azure control plane to report the status of the extension, including:

  • Initialization: The agent is setting up the extension.
  • Installation: The extension is being installed.
  • Running: The extension is executing its task.
  • Success: The extension completed successfully.
  • Error: The extension failed to complete.

Extensions can be installed during VM creation or added to an existing VM. They are essential for automating complex configurations and maintaining the operational state of your VMs.

Tip: Ensure your VM has internet connectivity or access to Azure Storage to download and execute extensions. For private networks, consider using Azure Private Link for extensions.

Common VM Extensions

Azure provides a rich catalog of extensions. Here are some of the most commonly used ones:

1. Custom Script Extension

The Custom Script Extension allows you to download and execute scripts on Azure virtual machines. This is extremely useful for post-deployment configuration, software installation, or any task that can be automated with a script.

Usage:

az vm extension set \
    --resource-group MyResourceGroup \
    --vm-name MyVM \
    --name CustomScript \
    --publisher Microsoft.Azure.Extensions \
    --settings '{"fileUris": ["https://your-storage-account.blob.core.windows.net/scripts/myscript.ps1"], "commandToExecute": "powershell -ExecutionPolicy Unrestricted -File myscript.ps1"}'

2. Desired State Configuration (DSC) Extension

This extension allows you to use Azure Desired State Configuration to manage the configuration of your VMs. It ensures that your VMs are configured according to a defined state.

3. Azure Monitor Agent Extension

Collects logs and performance metrics from your VMs and sends them to Azure Monitor. Essential for monitoring the health and performance of your compute resources.

4. Antimalware Extension

Helps protect your VMs from malware and other threats by installing and configuring antimalware solutions.

5. JSON VM Extension

A generic extension that allows you to deploy extensions defined in a JSON configuration.

Extension Name Publisher Description
CustomScriptExtension Microsoft.Azure.Extensions Executes custom scripts on VMs.
DSC Extension Microsoft.Powershell.DSC Applies Desired State Configuration to VMs.
AzureMonitorLinuxAgent Microsoft.Azure.Monitor Collects telemetry for Azure Monitor on Linux.
Microsoft.Compute.CustomScriptExtension Microsoft.Compute Another version of custom script execution.

Managing VM Extensions

You can manage VM extensions using various Azure tools:

Azure Portal

Navigate to your Virtual Machine resource in the Azure portal, then select "Extensions" from the left-hand menu. Here you can view installed extensions, add new ones, or uninstall existing ones.

Azure CLI

Use the az vm extension command group to manage extensions. Key commands include:

  • az vm extension set: Install or update an extension.
  • az vm extension show: Get details about an extension.
  • az vm extension list: List all extensions on a VM.
  • az vm extension delete: Uninstall an extension.

Example: Listing extensions on a VM

az vm extension list --resource-group MyResourceGroup --vm-name MyVM -o table

Azure PowerShell

Use the Set-AzVMExtension, Get-AzVMExtension, and Remove-AzVMExtension cmdlets.

Azure Resource Manager (ARM) Templates

Extensions can be declared as resources within your ARM templates, allowing for declarative and repeatable deployments.

{
    "type": "Microsoft.Compute/virtualMachines/extensions",
    "apiVersion": "2021-07-01",
    "name": "myExtensionName",
    "location": "[resourceGroup().location]",
    "properties": {
        "publisher": "Microsoft.Azure.Extensions",
        "type": "CustomScript",
        "typeHandlerVersion": "2.1",
        "autoUpgradeMinorVersion": true,
        "settings": {
            "fileUris": ["http://example.com/scripts/setup.sh"],
            "commandToExecute": "./setup.sh"
        }
    }
}
Important: Always ensure you are using the correct publisher, extension type, and version for your operating system. Refer to the official Azure documentation for the latest details.

Creating Custom VM Extensions

While Azure provides many pre-built extensions, you can also create your own custom VM extensions to meet unique deployment or management needs.

A custom VM extension typically consists of:

  • Extension handler: Code that runs on the VM to perform the extension's tasks.
  • Package: The code and any necessary files bundled together.
  • Configuration: Settings provided by the user to control the extension's behavior.

You can package your custom extension and make it available for deployment via Azure CLI, PowerShell, or ARM templates.

For detailed guidance on creating custom extensions, please refer to the official Azure documentation on building custom VM extensions.