Virtualization is a great way to get the most out of your hardware. A virtual machine (VM) can be stood up and configured faster and more flexibly than a traditional machine can, but a VM still requires you to administer the host operating system and manage virtual hard disk (VHD) images. Windows Azure’s Infrastructure as a Service makes it even easier to run a VM by handling these requirements for you.
When you create a VM, you can choose from Azure’s gallery of Windows and Linux platform images as seen below, but the capability to use your own image is not immediately obvious. Microsoft offers a guide for doing so, but it’s a little outdated and doesn’t fully explain the process.
In order to upload your own image VHD, you must have a certificate on your local machine and on Azure, and then use the Windows Azure Command Prompt to start the upload. Begin by downloading and installing the Azure SDK, which contains the Windows Azure Command Prompt that you will need later. You also need an Azure storage account with a container inside of it to give you somewhere to upload the image to. You will use the URL of the container as part of the command that uploads the image, so be sure to get that from the container’s page on the Azure Management portal.
Certificate Creation and Installation
Self-Signed Certificate Creation
If you don’t already have a certificate in Azure that’s also on your local machine, you can create your own using the IIS Manager. This can be added to your system from the Programs Control Panel, if it’s not already installed.
Open up IIS Manager from the Administrative Tools in the Start Menu or Control Panel, double- click “Server Certificates,” and click “Create Self-Signed Certificate…” on the right. Type in any name for the certificate and click “OK.” It doesn’t really matter what you name it since it will only be seen locally.
Now, we need to export the certificate. Right-click on the new certificate and click “Export.” Choose a location to export the certificate, type in a password for the certificate twice, and click “OK.” This exports a .pfx file, which contains both the public key and the private key.
Even though the certificate is in IIS, it still needs to be installed in the local certificate storage. Find the .pfx file you just created and double-click on it. Click “Next” twice and enter the password you used earlier. If you would like to export the certificate with the private key, mark the second checkbox. You will be able to export the certificate with the public key regardless. Click “Next.”
Unless you want to customize which certificate store your certificate goes into, leave the first option selected and click “Next.”
Verify the settings and click “Finish.”
Public Certificate Creation
Now, we need to create a .cer file with just the public key for uploading. Open the Run dialog and type “certmgr.msc.” Find the certificate you just imported, which should be under Personal Certificates if you selected the automatic option for certificate store earlier. Right-click on it and choose “All Tasks,” “Export,” click “Next,” and select “No, do not export the private key,” if it’s not already selected.
Click “Next” and leave the default option for DER encoded binary X.509 (.CER) selected.
Click “Next” and choose a location to export the .cer file to. Finally, click “Next,” verify the options, and click “Finish.”
Uploading the Certificate to Windows Azure
Log in to https://manage.windowsazure.com and choose “Settings” in the left navigation in order to upload the certificate to Azure. Click “Upload” at the bottom and browse to the .cer file you created. Pick an Azure subscription to associate the certificate with and click the checkmark.
Once the certificate is uploaded, find it in the list. Copy the Subscription Identifier and Thumbprint, and save them for later. You might need to resize the columns to be able to see both of these values. Azure’s columns can be a little buggy, but you should be able to resize the column or your browser window in order to see them.
Upload the VHD
Now, it’s time for the actual upload. Make sure your VHD is sysprep generalized, and open the Windows Azure Command Prompt. Execute the following commands, replacing the brackets with your information:
csupload Set-Connection "SubscriptionID=[SubscriptionIdentifier];CertificateThumbprint=[Thumbprint];ServiceManagementEndpoint=https://management.core.windows.net"
Note that the SubscriptionIdentifier is a hex value, not the subscription name.
csupload Add-PersistentVMImage -Destination "http://[StorageAccount].blob.core.windows.net/[Container]/[DestinationFilename]" -Label "[Friendly Label]" -LiteralPath "[Local Path]" -OS Windows
The friendly label didn’t seem to show up when I uploaded a VHD. Under the container, it just listed the VHD as its file name, but hopefully displaying the label will be added soon. Also, if appropriate for your VHD, you can change the OS flag from Windows to Linux.
When I left my laptop out overnight to upload the VHD, a well-meaning friend closed the lid, putting it to sleep, but that showed me one of the really nice things about uploads is that they will resume if the connection is interrupted, even hours later.
Enjoy running your own virtual machines in the Cloud!