Microsoft Azure

From Colettapedia
Jump to: navigation, search

Day1, afternoon

  • Deploy solution directly from github list
    • lots of templates "Resource management templates"
  • Infrastructure as a service
  • account.windowsazure.com

Portal

  • portal.azure.com
  • can't put v1 and v2 on same service network

Resource manager ("ARM")

  • New model for administration
  • portal.azure.com
  • "v2"
  • Used for: VMs VNets ("Virtual networks") and storage

Service Manager ("ASM")

  • classic portal
  • manage.windowsazure.com
  • "v1", or "classic"

Business/resource groups

  • Applications
  • Environments
  • Nested

Resource manager templates

  • declaration using JSON
  • define/deploy infrastructure through declaritive syntax
  • run imperative commands to manage resources, e.g.,
    • set azure VM network

Azure Iaas v2 implementation guidelines

  • Naming conventions
  • Storage
  • virtual networks
  • virtual machines

Operations Management

  • OMS workspace
  • organization wide
  • collect logs
  • consolidated view
  • interest for public cloud vs. on premises

Azure access management

  • role-based access groups (RBAC)

Module 3

  • Subscription
    • Virtual network - governing IP range, e.g. 10.0.0.0/16
      • Subnets - hav IP range that fits into lerger 10.0.0.0/24, 10.0.0.1/24
  • Network interface object (NIC) - obtain an ip address form the subnet, then connect to a virtual machine.
    • All it does is hold an ip address
    • VNet -> subnet -> NIC -> VM
  • If you use a custom domain name like chriscoletta.com, To connect DNS, have a DNS server on a VM which would provice resolution to whatever name zones, needs to be able to resolve dns naming on its own
  • Attach to network security groups that acts as port and ip firewalls for that group
    • e.g., Allow TCPIP
    • Apply to individual components, or on a VNet level
  • Cross-premises network connectivity
  • VPN always attaches to a VNet on the Azure side
  • VNet features
    • Private addresses to a NIC
    • Public IP to a NIC or a load balancer
  • IP addressing in VNet
    • Azure will take away the first 3 and the last
    • 10.0.0.1 -> 10.0.0.254
      • Azure range goes from
  • CIDR notation
    • slash defines howmany bits represent the network
    • 4 binary octets that make up the address
    • tells where the divider is network or clients
    • bigger number after slash leaves
    • how big is the subnet, and how many individual clients/servers
    • if it's outside my subnet then I need a route to it or I just don't worry about it.
    • e.g. 255.255.255.0, is another way of saying /24. Anything with ze is client addressable.

NIC

  • NIC not VM is the ip configurable, can detach VM from NIC which keeps DNS name and IP configuration, and attach another one. Allows to trat independently.
    • Could have a VM that has multiple NICs, can treat security of different security groups differently.
    • Number of NIC you can have is based in the VM skew, D1-4, adding "multiple network cards"
    • e.g., eight NICs at as a load balancer, network failover or bandwidth aggregation.

Private IP address allocation

  • dynamic & statis
  • "Rm" in commandlets stands for "Resource Manager", i.e., v2 stuff

Load Balancer

  • internal load balancer
  • internet-facing load balancer
  • Application Gateway - layer7 "they go right to HTTP1" SSL1
    • Primary design to handle web traffic
    • redirecting traffic to a webserver based on cookie information
  • traffic manager
    • allows to direct traffic internally and externally,
  • primarily used to redirect based on network affinity, endpoints in india, eas asia, will diret to appropriate endpoint for tha tapplication
  • Configure load balancer
    • Configure front-end IP
    • configure backend address pool, which consists of one or more subnets
    • configure laod balancing rules
  • * create health probe, don't redirect traffic to a node that's down/not present

Azure DNS

  • Create Azure DNS zone
  1. Select subscription
  2. Create new resource group
  3. Create a DNS Zone
  4. Retrieve SOa and NS rcords for the Zone
  5. Create a resource record
  • have your own-domain based, e.g., extend ActiveDomain
  • Use this server to do DNS rather than the native DNS, most universal application

Planning for Azure virtual networks

  • Choose both private and public non-overlapping address space
    • Important if you have on-premises address space
  • Choose subnets
  • If we want to be sure we don't have overalpping, use statis private IP addresses (optional)