Provisioning Azure ExpressRoute Private Peering [Snippet]
With Azure CLI 2.0 out for Linux, macOS, and Windows, it's easy set up Private Peering with a few commands. This snippet covers some command commands to use.
Join the DZone community and get the full member experience.
Join For FreeThe new Azure CLI 2.0 was recently released for general availability on Linux, macOS, and Windows (see this article for the announcement). In this post, I’m providing a step-by-step walk-through of using the Azure CLI 2.0 to provision ExpressRoute Private Peering with the new UltraPerformance VNET Gateway that provides up to 10Gbps throughput.
Note that you can also clone or fork this sample script snippet via my GitHub repo.
For more details on Azure ExpressRoute, see our official documentation site.
# Sample step-by-step Azure CLI 2.0 commands for configuring ExpressRoute Private Peering with UltraPerformance VNET Gateways
# Install Azure CLI 2.0
curl -L https://aka.ms/InstallAzureCli | bash
# Restart shell after initial installation of CLI 2.0
exec -l $SHELL
# Authenticate to Azure via Azure AD credentials
az login
# Select Azure Subscription
az account set --subscription "subscription-name-or-id"
# Create new Resource Group for ExpressRoute circuit
az group create --name "expressroute-rg" --location "azure-region"
# List the ExpressRoute providers to determine provider name, peering location and circuit bandwidth
az network express-route list-service-providers
# Provision ExpressRoute circuit
az network express-route create --name "expressroute-circuit" --resource-group "expressroute-rg" --location "azure-region" --provider "expressroute-provider" --peering-location "peering-location" --bandwidth <bandwidth-in-mbps> --sku-family "MeteredData" --sku-tier "Standard"
# Get properties of the new ExpressRoute circuit
# Share "serviceKey" value with provider for provisioning circuit
# When "serviceProviderProvisioningState" equals "Provisioned" move forward with next step
az network express-route show --name "expressroute-circuit" --resource-group "expressroute-rg"
# Configure Azure Private Peering for ExpressRoute circuit
az network express-route peering create --name "private-peering" --type "AzurePrivatePeering" --circuit-name "expressroute-circuit" --resource-group "expressroute-rg" --peer-asn <peer-asn-number> --primary-peer-subnet "x.x.x.x/30" --secondary-peer-subnet "x.x.x.x/30" --vlan-id <vlan_id> --shared-key "optional-key-for-generating-MD5-hash"
# Get properties of Azure Private Peering
az network express-route peering show --name "private-peering" --circuit-name "expressroute-circuit" --resource-group "expressroute-rg"
# Provision UltraPerformance ExpressRoute VNET Gateway
az network public-ip create --name "vnet-gateway-1-ip" --resource-group "vnet-resource-group" --location "azure-region"
az network vnet-gateway create --name "vnet-gateway-1" --resource-group "vnet-resource-group" --location "azure-region" --public-ip-address "vnet-gateway-1-ip" --vnet "vnet-name" --gateway-type "ExpressRoute" --sku "UltraPerformance"
# Link ExpressRoute circuit to VNET Gateway in same subscription
az network vpn-connection create --name "vpn-connection-1" --resource-group "vnet-resource-group" --location "azure-region" --vnet-gateway1 "vnet-gateway" --express-route-circuit2 "expressroute-circuit-resource-id"
# Link ExpressRoute circuit to VNET Gateway in different subscription
az network express-route auth create --name "expressroute-auth-1" --circuit-name "expressroute-circuit" --resource-group "expressroute-rg"
az network express-route auth show --name "expressroute-auth-1" --resource-group "expressroute-rg" --circuit-name "expressroute-circuit"
az network vpn-connection create --name "vpn-connection-1" --resource-group "vnet-resource-group" --location "azure-region" --vnet-gateway1 "vnet-gateway" --express-route-circuit2 "expressroute-circuit-resource-id" --authorization-key "authorization-key"
Published at DZone with permission of Keith Mayer, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.
Trending
-
Is Podman a Drop-in Replacement for Docker?
-
The SPACE Framework for Developer Productivity
-
Unlocking the Power of AIOps: Enhancing DevOps With Intelligent Automation for Optimized IT Operations
-
File Upload Security and Malware Protection
Comments