Microsoft Azure
Jump to navigation
Jump to search
Contents
Day1, afternoon
- Deploy solution directly from github list
- lots of templates "Resource management templates"
- Infrastructure as a service
- account.windowsazure.com
Portal
- portal.azure.com
- can't put v1 and v2 on same service network
Resource manager ("ARM")
- New model for administration
- portal.azure.com
- "v2"
- Used for: VMs VNets ("Virtual networks") and storage
Service Manager ("ASM")
- classic portal
- manage.windowsazure.com
- "v1", or "classic"
Business/resource groups
- Applications
- Environments
- Nested
Resource manager templates
- declaration using JSON
- define/deploy infrastructure through declaritive syntax
- run imperative commands to manage resources, e.g.,
- set azure VM network
Azure Iaas v2 implementation guidelines
- Naming conventions
- Storage
- virtual networks
- virtual machines
Operations Management
- OMS workspace
- organization wide
- collect logs
- consolidated view
- interest for public cloud vs. on premises
Azure access management
- role-based access groups (RBAC)
Module 3
- Subscription
- Virtual network - governing IP range, e.g. 10.0.0.0/16
- Subnets - hav IP range that fits into lerger 10.0.0.0/24, 10.0.0.1/24
- Virtual network - governing IP range, e.g. 10.0.0.0/16
- Network interface object (NIC) - obtain an ip address form the subnet, then connect to a virtual machine.
- All it does is hold an ip address
- VNet -> subnet -> NIC -> VM
- If you use a custom domain name like chriscoletta.com, To connect DNS, have a DNS server on a VM which would provice resolution to whatever name zones, needs to be able to resolve dns naming on its own
- Attach to network security groups that acts as port and ip firewalls for that group
- e.g., Allow TCPIP
- Apply to individual components, or on a VNet level
- Cross-premises network connectivity
- VPN always attaches to a VNet on the Azure side
- VNet features
- Private addresses to a NIC
- Public IP to a NIC or a load balancer
- IP addressing in VNet
- Azure will take away the first 3 and the last
- 10.0.0.1 -> 10.0.0.254
- Azure range goes from
- CIDR notation
- slash defines howmany bits represent the network
- 4 binary octets that make up the address
- tells where the divider is network or clients
- bigger number after slash leaves
- how big is the subnet, and how many individual clients/servers
- if it's outside my subnet then I need a route to it or I just don't worry about it.
- e.g. 255.255.255.0, is another way of saying /24. Anything with ze is client addressable.
NIC
- NIC not VM is the ip configurable, can detach VM from NIC which keeps DNS name and IP configuration, and attach another one. Allows to trat independently.
- Could have a VM that has multiple NICs, can treat security of different security groups differently.
- Number of NIC you can have is based in the VM skew, D1-4, adding "multiple network cards"
- e.g., eight NICs at as a load balancer, network failover or bandwidth aggregation.
Private IP address allocation
- dynamic & statis
- "Rm" in commandlets stands for "Resource Manager", i.e., v2 stuff
Load Balancer
- internal load balancer
- internet-facing load balancer
- Application Gateway - layer7 "they go right to HTTP1" SSL1
- Primary design to handle web traffic
- redirecting traffic to a webserver based on cookie information
- traffic manager
- allows to direct traffic internally and externally,
- primarily used to redirect based on network affinity, endpoints in india, eas asia, will diret to appropriate endpoint for tha tapplication
- Configure load balancer
- Configure front-end IP
- configure backend address pool, which consists of one or more subnets
- configure laod balancing rules
- * create health probe, don't redirect traffic to a node that's down/not present
Azure DNS
- Create Azure DNS zone
- Select subscription
- Create new resource group
- Create a DNS Zone
- Retrieve SOa and NS rcords for the Zone
- Create a resource record
- have your own-domain based, e.g., extend ActiveDomain
- Use this server to do DNS rather than the native DNS, most universal application
Planning for Azure virtual networks
- Choose both private and public non-overlapping address space
- Important if you have on-premises address space
- Choose subnets
- If we want to be sure we don't have overalpping, use statis private IP addresses (optional)