Deploy an Ubuntu Web Server Virtual Machine

Architecture Overview

This deployment provisions a complete Azure virtual machine environment, from the network foundation through the running VM. An Azure virtual network with a subnet provides the network isolation. A public IP address and network interface connect the VM to the internet. The VM itself runs Ubuntu Server and uses cloud-init to automatically configure a web server at boot time.

The virtual network defines a private address space, and the subnet carves out a portion for the VM. Azure’s default network security allows outbound internet access, and you add rules to allow inbound traffic on the ports your application needs (port 80 for HTTP in this case). The public IP address provides a stable internet-facing address that you can use to access the VM immediately after deployment.

Cloud-init runs at first boot and handles software installation and configuration. This means the VM is ready to serve traffic without any manual SSH sessions or post-deployment scripts. The web server starts automatically, and the page is accessible as soon as the VM finishes provisioning. This pattern extends naturally to more complex applications by expanding the cloud-init script.

Virtual Network and Subnet

The virtual network creates an isolated network space for your resources. The subnet within it defines the IP range that the VM will use. This structure lets you add more VMs, load balancers, or other network resources later without restructuring. Azure’s virtual networks also support peering for connecting to other networks and VPN gateways for hybrid connectivity.

Network Interface and Public IP

The network interface connects the VM to the subnet and associates it with a public IP address. The public IP provides internet accessibility, and its allocation method (static or dynamic) determines whether the address persists across VM restarts. For production workloads, a static IP is typically preferred, but dynamic allocation works well for development and testing.

Virtual Machine

The VM runs a current Ubuntu LTS image, which provides long-term security updates and broad software compatibility. The instance size determines the CPU and memory allocation. Cloud-init data executes at first boot to install the web server, create content files, and start the service. Authentication can be configured with either SSH keys (recommended for production) or a username and password.

Common Customizations

• Add a network security group: Attach an NSG to the subnet or network interface to restrict inbound and outbound traffic to only the ports your application needs.
• Use SSH key authentication: Replace password authentication with SSH keys for improved security, especially for production or internet-facing VMs.
• Attach data disks: Add managed disks for application data that should persist independently of the OS disk, enabling easier backups and VM replacements.
• Scale with availability sets: Deploy multiple VMs behind a load balancer using an availability set or scale set for high availability and automatic scaling.