Tutorial: Connect to Virtual Machine Scale Set instances using the Azure CLI
A Virtual Machine Scale Set allows you to deploy and manage a set of virtual machines. Throughout the lifecycle of a Virtual Machine Scale Set, you may need to run one or more management tasks. In this tutorial you learn how to:
- List connection information
- Connect to individual instances using SSH
If you don't have an Azure subscription, create a trial account before you begin.
Prerequisites
If you prefer to run CLI reference commands locally, install the Azure CLI. If you're running on Windows or macOS, consider running Azure CLI in a Docker container. For more information, see How to run the Azure CLI in a Docker container.
If you're using a local installation, sign in to the Azure CLI by using the az login command. To finish the authentication process, follow the steps displayed in your terminal. For other sign-in options, see Sign in with the Azure CLI.
When you're prompted, install the Azure CLI extension on first use. For more information about extensions, see Use extensions with the Azure CLI.
Run az version to find the version and dependent libraries that are installed. To upgrade to the latest version, run az upgrade.
This article requires version 2.0.29 or later of the Azure CLI.
List instances in a scale set
If you do not have a scale set already created, see Tutorial: Create and manage a Virtual Machine Scale Set with the Azure CLI
List all the instances in your Virtual Machine Scale Set.
az vmss list-instances \
--resource-group myResourceGroup \
--name myScaleSet \
--output table
Location Name ResourceGroup
---------- ------------------- ---------------
chinanorth2 myScaleSet_0e7d4d21 myResourceGroup
chinanorth2 myScaleSet_39379fc3 myResourceGroup
Get NIC information
Use az vm nic list and the name of the individual VM instance to find the NIC name.
az vm nic list \
--resource-group myResourceGroup
--vm-name myScaleSet_0e7d4d21
[
{
"deleteOption": "Delete",
"id": "/subscriptions/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/mysca2215Nic-828c525a",
"primary": true,
"resourceGroup": "myResourceGroup"
}
]
Using the VM name and NIC name, get the private IP address of the NIC, the Inbound NAT rule name and load balancer name using az vm nic show.
az vm nic show --resource-group myResourceGroup --vm-name myScaleSet_0e7d4d21 --nic mysca2215Nic-828c525a
{
"enableAcceleratedNetworking": false,
"id": "/subscriptions/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/mysca2215Nic-828c525a",
"ipConfigurations": [
{
"id": "/subscriptions/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/mysca2215Nic-828c525a/ipConfigurations/mysca2215IPConfig",
"loadBalancerBackendAddressPools": [
{
"id": "/subscriptions/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/myScaleSetLB/backendAddressPools/myScaleSetLBBEPool",
}
],
"name": "mysca2215IPConfig",
"primary": true,
"privateIpAddress": "10.0.0.5",
"privateIpAddressVersion": "IPv4",
"privateIpAllocationMethod": "Dynamic",
"provisioningState": "Succeeded",
"resourceGroup": "myResourceGroup",
"subnet": {
"id": "/subscriptions/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/myScaleSetVNET/subnets/myScaleSetSubnet",
"resourceGroup": "myResourceGroup",
},
"type": "Microsoft.Network/networkInterfaces/ipConfigurations",
}
],
"location": "chinanorth2",
"name": "mysca2215Nic-828c525a",
"networkSecurityGroup": {
"id": "/subscriptions/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkSecurityGroups/myScaleSetNSG",
"resourceGroup": "myResourceGroup",
},
"nicType": "Standard",
"primary": true,
"provisioningState": "Succeeded",
"resourceGroup": "myResourceGroup",
"tapConfigurations": [],
"type": "Microsoft.Network/networkInterfaces",
"virtualMachine": {
"id": "/subscriptions/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myScaleSet_0e7d4d21",
"resourceGroup": "myResourceGroup"
},
}
Get backend pool details
Using the backend pool name and load balancer name, get the port for the private IP address of the instance you want to connect to with az network lb list-mapping.
az network lb list-mapping --backend-pool-name myScaleSetLBBEPool --resource-group myResourceGroup --name myScaleSetLB --request ip=10.0.0.5
{
"inboundNatRulePortMappings": [
{
"backendPort": 22,
"frontendPort": 50001,
"inboundNatRuleName": "NatRule",
"protocol": "Tcp"
}
]
}
Get public IP of load balancer
Get the public IP of the load balancer using az network public-ip list.
az network public-ip list --resource-group myResourceGroup
[
{
"id": "/subscriptions/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/myScaleSetLBPublicIP",
"idleTimeoutInMinutes": 4,
"ipAddress": "20.172.211.239",
"ipConfiguration": {
"id": "/subscriptions/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/myScaleSetLB/frontendIPConfigurations/loadBalancerFrontEnd",
"resourceGroup": "myResourceGroup"
},
"ipTags": [],
"location": "chinanorth2",
"name": "myScaleSetLBPublicIP",
"provisioningState": "Succeeded",
"publicIPAddressVersion": "IPv4",
"publicIPAllocationMethod": "Static",
"resourceGroup": "myResourceGroup",
"sku": {
"name": "Standard",
"tier": "Regional"
},
"tags": {},
"type": "Microsoft.Network/publicIPAddresses"
}
]
Connect to your instance
SSH to the machine using the load balancer IP and the port of the machine you want to connect to.
ssh azureuser@20.172.211.239 -p 50000
Next steps
In this tutorial, you learned how to list the instances in your scale set and connect via SSH to an individual instance.
- List and view instances in a scale set
- Gather networking information for individual instances in a scale set
- Connect to individual VM instances inside a scale set