Virtual machine extensions Configuration Guide


In this article you will learn how to use virtual machine extensions to automate virtual machine deployments.

Consider this scenario: Your organization has developed a number of scripts and procedures to ensure that virtual machines are kept up to date. Various configuration tasks are also carried out by these programs. The procedure must then be automated. You can avoid configuration drift by using virtual machine extensions.

Implement virtual machines extensions

Virtual machine creation and maintenance can be time-consuming, and much of it is repetitive, needing the same processes each time. There are various techniques to automate the chores of building, maintaining, and uninstalling virtual computers, fortunately. A virtual machine extension is one option.

Small programs that perform post-deployment setup and automation activities on Azure VMs are known as Azure virtual machine extensions. A VM extension can be used, for example, if a virtual machine requires software installation, anti-virus protection, or a configuration script. The purpose of extensions is to help you manage your virtual machines.

Azure VM extensions can be:

  • Azure CLI, PowerShell, Azure Resource Manager templates, and the Azure portal are all used to manage the environment.
  • Run against any existing system or included with a fresh VM deployment. They can, for example, be part of a broader deployment, setting apps on VM provision, or execute against any supported extension-operated systems after the deployment is complete.

There are a number of extensions available for Windows and Linux PCs, as well as a large selection of first- and third-party extensions.

Implement custom script extensions

The Custom Script Extension (CSE) can be used to launch and execute virtual machine customization tasks automatically after they have been configured. Simple activities like pausing the virtual machine or installing a software component might be performed by your script extension. The script, on the other hand, may be more complicated and execute a sequence of tasks.

By going to the virtual machines Extensions blade in the Azure portal, you can install the CSE. You will submit a PowerShell script file after the CSE resource has been generated. The PowerShell commands you wish to run on the virtual machine will be in your script file. You can optionally pass in parameters like param1 and param2. The file is instantly executed when it is uploaded. Scripts can be downloaded from Azure storage or GitHub, or submitted to the Azure portal at the time of extension execution.


  • Timeout. Custom Script extensions must run for 90 minutes. If your deployment lasts longer than this, it will be logged as a timeout. When writing your script, keep this in mind. To complete the tasks, your virtual machine must be up and running.
  • Dependencies. Make sure that content is available if your extension requires networking or storage access.
  • occurrences of failure When executing your script, make careful to account for any mistakes that may occur. Running out of disk space, for example, or security and access constraints. What happens if the script encounters an error?
  • Sensitive information. Your extension may require sensitive data such as passwords, storage account names, and access keys for storage accounts. How will you safeguard and encrypt this data?

Implement desired state configuration

DSC (Desired State Configuration) is a Windows PowerShell management platform. DSC provides the deployment and management of software service configuration data, as well as the management of the environment in which these services execute. DSC provides a set of Windows PowerShell language extensions, cmdlets, and resources that you can use to declare how your software environment should be configured declaratively. DSC also allows you to keep track of and manage your existing setups.

The creation of configurations is fundamental to DSC. A configuration is a simple script that specifies an environment made up of computers (nodes) that each have their own set of attributes. These characteristics might range from as simple as ensuring that a certain Windows feature is turned on to as sophisticated as SharePoint deployment. When the CSE won’t work for your application, try DSC.

Let’s take an example. In here we are installing IIS on the localhost. The configuration is saved as a PS1 file.


A Configuration block, a Node block, and one or more resource blocks make up the DSC script.

  • This is the Configuration section. This is the script block on the very edge. You give it a name and use the Configuration keyword to specify it. IISInstall is the name of the setup in this case.
  • There may be one or more Node blocks. The computers or virtual machines that you are configuring are defined by node blocks. There is one Node block in the sample that targets a machine named “localhost.”
  • There may be one or more resource blocks. The resource attributes are configured using resource blocks. There is one resource block in the sample that utilizes WindowsFeature. The name (Web-Server) of the role or feature you wish to guarantee is added or deleted is indicated by WindowsFeature. Ensure specifies whether or not the job or feature has been introduced. Present and Absent are your options.

In this article we learned that Azure virtual machine (VM) extensions are simple programs that allow you to configure and automate Azure VMs once they’ve been deployed. A VM extension can be used, for example, if a virtual machine requires software installation, anti-virus protection, or the execution of a script.




Please enter your comment!
Please enter your name here