CLOUD COMPUTING Advance Course
CONTENT Unit - 1: Getting Started With Azure.........................................................................................3 Unit - 2: Azure Storage ............................................................ Error! Bookmark not defined. Unit - 3: Azure Networking ..................................................... Error! Bookmark not defined. Unit - 4: Azure Active Directory ............................................. Error! Bookmark not defined. Unit 5: Azure Databases .......................................................... Error! Bookmark not defined. 2
UNIT - 1: GETTING STARTED WITH AZURE STRUCTURE 1.0 Learning Objectives 1.1 Introduction 1.2 Overview of Cloud Computing 1.3 Various Cloud Offerings 1.4 Azure Basics 1.5 Azure Services 1.6 Azure Portals 1.6.1 Preview Portal 1.6.2 Management Portal 1.7 Subscription Management 1.8 Billing 1.9 Pricing Calculator 1.10 Azure Virtual Machines 1.10.1 Virtual Machine(VM) Basics 1.10.2 Creating and Configuring Virtual Machines 1.10.3 Configuring VM disks 1.10.4 Virtual Machine Management 1.11 Summary 1.12 Keywords 1.13 Learning Activity 1.14 Unit End Questions 1.15 Reference 3
1.0 LEARNING OBJECTIVES After studying this unit, student will be able to: • Explain the fundamental concepts of cloud computing. • Determine whether Azure is the best solution for company's requirements. • Distinguish between the various methods for creating an Azure subscription. 1.1 INTRODUCTION Azure is a cloud computing platform that offers an ever-expanding set of services to assist you in developing solutions to meet your business objectives. Azure services range from simple web services for hosting your company's online presence to fully virtualized computers for running custom software solutions. This unit will provide you with an introductory, end-to-end look at Azure and its capabilities. You'll gain a solid foundation for completing the Azure fundamentals learning paths. Cloud computing applications and platforms are rapidly expanding across all industries today, acting as the IT infrastructure that powers new digital businesses. These platforms and applications have transformed the way businesses operate and made processes more efficient. Despite the fact that there are numerous cloud computing platforms available, two platforms dominate the cloud computing industry. Amazon Web Services (AWS) and Microsoft Azure are the two cloud computing giants. The Various Azure Services and work of Azure explained. Various Azure Portals, subscriptions managements are discussed. Azure Virtual Machines, along with Virtual Networks, are critical components of Azure's IaaS offerings. Azure Virtual Machines allows you to deploy virtual machines (VMs) that run Windows Server or Linux in a Microsoft Azure datacenter. The management of Azure services is done through a management interface, where users log in to control the resources. For programmatic resource management, Azure also provides rest- based APIs and PowerShell scripts. Popular programming tools such as Visual Studio.Net and Eclipse can be used to create Azure applications. Azure's services are available on a pay-per- use basis. Users receive a monthly statement that breaks down their usage into different categories. Accounts and subscriptions are used to handle Azure billing and usage. The management portal 4
can be used to create both business and personal accounts. Azure is a highly secure environment that employs security protections at every level. Certificates, user IDs and passwords, and access restrictions are used to safeguard Azure services. 1.2 OVERVIEW OF CLOUD COMPUTING You must handle and manage everything with an on-premises data centre, including acquiring and installing the hardware, virtualization, installing the operating system and any required software, setting up the network (including running wires), establishing the firewall, and data storage. After you've completed all of this, you'll be in charge of maintaining it for the rest of its life. This results in high capital costs for the hardware as well as hefty operating costs for its upkeep. You do have the option of selecting any gear and software you want, but you must pay for it whether or not you use it. Cloud computing is a cutting-edge replacement for traditional on-premises data centre. A public cloud provider is in charge of all hardware purchases and maintenance, and often offers a wide range of platform services to choose from. You lease whatever hardware and software services you need on an as-needed basis, changing a capital outlay for hardware into an operating expense. It also allows you to rent gear and software that would otherwise be too expensive to buy. Although you are restricted to the cloud vendor's hardware, you only have to pay for it when you use it. Users can manage compute, storage, network, and application resources more easily in cloud settings, which typically provide an online portal experience. A user can, for example, utilise the portal to establish a virtual machine (VM) configuration by selecting the compute node size (in terms of CPU, RAM, and local storage), the operating system, any pre-deployed software, and the network configuration. The user can then deploy the VM based on those settings and access the deployed compute node in a matter of minutes. This rapid deployment compares favorably to the prior method of launching a virtual machine, which may take weeks only to complete the procurement process. There are private and hybrid clouds in addition to the public cloud just explained. In a private cloud, you set up a cloud environment in your own datacenter and give your employees self- service access to compute resources. This gives your consumers the illusion of being in a public cloud, but you're still in charge of purchasing and maintaining the gear and software. 5
A hybrid cloud combines public and private clouds to allow you to host workloads where they are most appropriate. For example, you could use the public cloud to host a large-scale website and connect it to a highly secure database maintained in your private cloud (or on-premises datacenter). Microsoft offers public, private, and hybrid cloud support. The topic of this information is Microsoft Azure, a public cloud. The Windows Azure Pack is a free Microsoft System Center add-on that enables you to host many of the key Azure services in your own datacenter and provide self-service access to them. Provide your users with a gateway experience. You can use these to create a hybrid cloud by combining them. Comparison of on-premises versus Azure You have complete control over the hardware and software you deploy with an on-premises environment. Historically, this has resulted in hardware purchases centered on scaling up, or purchasing a server with extra cores to meet a performance requirement. With Azure, you can only use Microsoft-supplied hardware. This leads to a focus on scale-out, which involves adding more compute nodes to meet a performance need. Although this has implications for the design of suitable software architecture, there is already abundant evidence that scaling out on commodity hardware is far more cost effective than scaling up on pricey technology. From Melbourne to Amsterdam and Sao Paulo to Singapore, Microsoft has built Azure datacenters in 19 different locations around the world. Microsoft has also partnered with Via21Net to make Azure available in two Chinese locations. Only the largest global organisations can construct datacenters in this way, therefore Azure makes it simple for businesses of any size to deploy their services near to their consumers, wherever they are in the world. You can do all of this without ever leaving your desk. Azure allows entrepreneurs to start at a minimal cost and scale quickly as they attract consumers. Creating a new VM—or even multiple new VMs—would not require a huge upfront capital commitment. The utilisation of cloud computing is well-suited to the startup growth paradigm of scale fast, fail quickly. Azure gives you the freedom to easily build up development and test environments. These can be programmed, allowing you to set up a development or test environment, test it, and then shut it down. As a result, the cost is kept low, and maintenance is virtually non-existent. Another benefit of Azure is that you may try out new software versions without having to change your on-premises hardware. 6
You can establish a SQL Server 2014 instance and run a replica of your services against the new database without having to allocate hardware or run wires, for example, if you want to understand the implications of running your application against Microsoft SQL Server 2014 instead of Microsoft SQL Server 2012. You can also run Microsoft Windows Server 2012 R2 in a virtual machine instead of Microsoft Windows Server 2008 R2. 1.3 VARIOUS CLOUD OFFERINGS SaaS, PaaS, and IaaS are the three most common cloud computing categories. The line between these, though, is blurring as the cloud matures. SaaS: Software as a Service Software as a service (SaaS) is software that is centrally hosted and managed for the benefit of the end user. It's commonly based on a multi-tenant architecture, which means that all clients have access to the same version of the program. It can be scaled up to many instances to ensure optimal performance across all locations. The majority of SaaS software is licensed on a monthly or annual basis. Office 365 is a good example of a SaaS solution. Subscribers can get Exchange as a Service (online and/or desktop Outlook), Storage as a Service (OneDrive), and the rest of the Microsoft Office Suite for a monthly or annual price (online, the desktop version, or both). The most recent version is always offered to subscribers. This essentially allows you to have a Microsoft Exchange server without having to buy a server, install Exchange, and support it—the Exchange server is managed for you, including software patches and updates. This is far less expensive and requires much less effort to maintain up to date than installing and upgrading Office every year. Example: Microsoft One Drive, Dropbox, WordPress, and Amazon Kindle PaaS : Platform as a Service. With PaaS, you deploy your application onto a cloud service vendor's application-hosting environment. The developer creates the software, and the PaaS provider makes it possible to deploy and run it. Developers are freed from infrastructure management, allowing them to concentrate solely on development. Azure Websites and Azure Cloud Services are just two of the PaaS computing options available (web and worker roles). In either scenario, developers have a variety of options for deploying their application without having to understand the nuts and bolts that enable it. 7
Developers do not need to create virtual machines (VMs), log into each one using Remote Desktop (RDP), and install the program. They simply press a button (or something close to it), and Microsoft's tools setup the VMs, then deploy and install the program on them. In most cases, scaling out an Azure computing service is as simple as increasing the instance count, after which Azure creates new VMs and installs the software on them. Even the load balancing is handled automatically by Azure. To deploy a new version, simply republish, and Azure will automatically update all of your VMs. IaaS: Infrastructure as a Service An IaaS cloud vendor administers and runs virtualization software-based server farms, allowing you to create virtual machines that run on the vendor's infrastructure. You can create a virtual machine (VM) running Windows or Linux and install whatever you want on it, depending on the vendor. Azure also allows users to create virtual networks, load balancers, and storage, as well as use a variety of other services based on its architecture. Although you don't have control over the hardware or virtualization software, you do have control over the majority of the other aspects. In fact, unlike PaaS, you are entirely in charge of it. Because it allows for the lift and shift transfer approach, Azure Virtual Machines, the Azure IaaS product, is a popular choice when migrating services to Azure. You can migrate your software to a new VM that is configured similarly to the infrastructure that is currently hosting your services in your datacenter. Although some adjustments, such as URLs to other services or storage, may be required, many apps can be transferred this way. 1.4 AZURE BASICS Azure is a cloud computing platform that offers an ever-growing range of services to assist you in developing solutions that suit your business objectives. Azure services include everything from simple web services for hosting your company's online presence to completely virtualized PCs for executing unique software solutions. Azure offers a variety of cloud-based services, including remote storage, database hosting, and account administration. Azure also includes new features such as artificial intelligence (AI) and the Internet of Things (IoT) (IoT). Azure is a growing set of cloud services that can help your company address current and future business difficulties. Azure gives you the freedom to use your favourite tools and frameworks to build, manage, and deploy apps on a huge global network. 8
Microsoft Azure is a cloud computing platform that was introduced in February 2010. It's a free and open cloud platform that may be used for development, data storage, service hosting, and management. The Azure technology uses Microsoft data centers to host web applications over the internet. Azure key Concepts: Concept Name Description Regions Azure is a global cloud platform which is available across various regions around the world. When you request a service, application, or VM in Azure, you are first asked to specify a region. The selected region represents datacenter where your application runs. Datacenter In Azure, you can deploy your applications into a variety of data centers around the globe. So, it is advisable to select a region which is closer to most of your customers. It helps you to reduce latency in network requests. Azure portal The Azure portal is a web-based application which can be used to create, manage and remove Azure resource and services. It is located at https://portal.azure.com. Resources Azure resource is an individual computer, networking data or app hosting services which charged individually. Some common resources are virtual machines (VM), storage account, or SQL databases. Resource An Azure resource group is a container which holds related resource for groups an Azure solution. It may include every resource or just resource which you want to manage. Resource It is a JSON which defines one or more resource to deploy to a resource Manager group. It also establishes dependencies between deployed resources. templates 9
Automation: Azure allows you to automate the process of creating, managing and deleting resource by using PowerShell or the Azure command-line Interface (CLI). Azure PowerShell is a set of modules that offer cmdlets to manage Azure. In PowerShell most cases, you are allowed to use, the cmdlets command for the same tasks which you are performing in the Azure portal. Azure The Azure CLI is a tool that you can use to create, manage, and remove command-line Azure resources from the command line. interface(CLI) REST APIs Azure is built on a set of REST APIs help you perform the same operation that you do in Azure portal Ul. It allows your Azure resources and apps to be manipulated via any third party software application. Table 1.1 Key Concepts 1.5 AZURE SERVICES Azure's cloud computing platform comprises a number of services. Let's have a look at a couple of them. Compute services: Azure Cloud Services (web and worker roles), Azure Virtual Machines, Azure Websites, and Azure Mobile Services are all included. Data services: Microsoft Azure Storage (which includes the Blob, Queue, Table, and Azure Files services), Azure SQL Database, and Redis Cache are all included. Application services: This includes services like Azure Active Directory, Service Bus for linking distributed systems, HDInsight for analysing big data, Azure Scheduler, and Azure Media Services, which you may use to help create and run your applications. Network services: Virtual Networks, the Azure Content Delivery Network, and the Azure Traffic Manager are examples of Azure features. When migrating an application, it's useful to have a basic grasp of the various Azure services because you might be able to leverage them to ease the transfer and improve the program's robustness. 10
1.6 AZURE PORTALS The simplest approach to manage the Azure resources you install is through an online administration portal. As mentioned in the last section, you may use this to construct virtual networks, access cloud services, set up VMs, set up storage accounts, define websites, and so on. The portal is presently available in two versions. The Azure Management Portal is the one that is currently in use. The Azure Preview Portal is the name of the new one that is currently being built. Both portals have a distinct look and feel, and you traverse through them in different ways. The Azure Preview Portal does not yet include all features (or all sections of all features). Virtual networks, for example, are not yet accessible in the new portal; scaling an Azure website includes some of the scaling options available in the new portal, but the old portal includes them all. Some functions, such as enabling and configuring the Redis Cache, are only available through the new portal. The present portal is designed from the perspective of a single resource: you can only act on one resource at a time. With a Resource group, you may view and manage several resources on the Azure Preview Portal. You can create a Resource group on the Preview Portal by identifying a set of services that work together, such as a website and the database it uses. Let's take a closer look at the two portals and how to use them. 1.6.1 Preview Portal Portal.microsoft.com is the URL for the Azure Preview Portal. The first time you open it, it will most likely look like Figure 1-1. HOME, NOTIFICATIONS, BROWSE, ACTIVE, and BILLING are all buttons on the left side. The Start board is the central portion of the screen that contains all of the tiles. The defaults are shown in Figure 1-1, and they include useful tiles like the service health and billing information for the selected subscription. By going to Settings (clicking your account in the upper-right corner) or right-clicking the start board itself, you may personalise your start board. 11
Figure 1.1 Azure Preview Portal Let's take a look at the buttons on the screen's left side. • You'll be taken back to this screen if you select HOME. • NOTIFICATIONS will show you the last 24 hours' worth of alerts and notifications. Messages like \"Your VM was successfully built\" fall under this category. • You can filter and jump to some maintenance-related operations using BROWSE (Figure 1.2). If you manage numerous subscriptions, for example, you can filter such that you only see one of them. To see how things are doing, go to the Portal Settings or the Service Health webpage. Your BROWSE blade will look like the one in Figure 1.2 at first. More items will appear on the BROWSE blade after you begin adding resources to your subscription. Until then, or if the service you're looking for isn't listed, click the arrow in the upper-right corner of the screen to go to everything (Figure 1.3). • The active journeys that you have open will be displayed by ACTIVE. • Your month-to-date billing information will be displayed in BILLING. 12
Figure 1.2 Browse Blade Figure 1.3 Browse Everything Blades and journeys Three virtual machines, a virtual network, and a website are included in the subscription utilised in this example. Two of the virtual machines are connected to the virtual network, while the third is not. We can see three virtual machines if we go to Virtual Machines (BROWSE > Everything > Virtual Machines) (Figure 1.4). A blade is the right-hand pane that shows the virtual machines. Then, if we click ContosoVM1, it scrolls to the right and opens a new blade with ContosoVM1's characteristics (Figure 1.5). At this stage, clicking Settings on this blade opens and scrolls to another blade to the right. A voyage is the name given to this entire series of choices. 13
Figure 1.4 Blade displaying VMs in the subscription. Figure 1.5 Blade to the right showing ContosoVM1. If we return to the leftmost menu and pick Virtual Networks instead of VM Settings, the path we built to the VM Settings will be hidden and a blade for virtual networks will appear instead. 14
Then, if you choose a virtual network, a blade to the right will appear, displaying information for that virtual network. This is a new adventure. At this point, selecting ACTIVE will bring you both of those excursions (Figure 1.6), and you may choose either one to return to the rightmost blade without having to retrace your steps. Figure 1.6 Window that appears when clicking the ACTIVE button in the left column. Simply hover over one of the active journeys and click the X that appears in the upper-right corner of that row to clear the list. Customizing the start board An Add to start board check box appears when you create new resources (Figure 1.7). If you tick this option, a tile for the new resource will be pinned to the start board as a shortcut to that resource. Figure 1.7 Add a new resource to the start board. A new tile appears when we create a new VM called testazurefiles and ask for it to be pinned to the start board, as seen in Figure 1.8. 15
Figure 1.8 New resources pinned to the Start board. You can also set the start board in edit mode by right-clicking it. Figure 1.9 depicts the editing choices for the new tile. Figure 1-9 Customize a new tile. When doing this, be careful because if you unpin something, you'll have to go back and re-pin it. There is no way to perform undo operation. 1.6.2 Management Portal Manage.windowsazure.com is the current production version of the Azure Management Portal. Let's go to the Azure Preview Portal using the same subscription as in the demo. You may examine all of the resources used in that subscription after logging in (Figure 1-10). 16
Figure 1.10 all items in the Azure Management Portal. A list of resource types can be found on the left side of the screen (Figure 1-11). The presented list has been condensed to save space, although it contains all resource types. Figure 1-11 Left side menu listing all resource types. 17
You can use this list to look at a certain resource type. Click VIRTUAL MACHINES, for example, to see your virtual machines. This, in our case, pulls up a list of virtual machines (Figure 1.12). Figure 1.12 The list of the resources that are virtual machines. Select ContosoVM1 from the drop-down menu. This brings up the VM's Dashboard (Figure 1.13). DASHBOARD, MONITOR, ENDPOINTS, and CONFIGURE are the top-level menus for exploring the VM's different capabilities. There's a summary of the VM's performance as well as some general information like the DNS NAME. The menu options and Dashboard alter depending on the type of resource, and the menu options' contents are likewise dependent on the type of resource. The CONFIGURE page for a website, for example, offers options for.NET version, PHP version, Java version, and Python version, but these aren't important to a VM, thus they don't appear on the VM's Dashboard. 18
Figure 1.13 VM Dashboard. A context-aware menu, or command bar, runs across the bottom. It varies depending on the resource being used. Figure 1.14 depicts the situation for virtual machines. 19
Figure 1.14 Actions for the selected resource, which in this case is a VM. This menu changes as well, based on the resource being displayed. Notifications appear directly above the command bar at the bottom of the screen (Figure 1-15). Figure 1.15 Notification messages. 1.7 SUBSCRIPTION MANAGEMENT Available subscriptions There are numerous types of subscriptions that give you access to Azure services. To access these subscriptions, you'll need a Microsoft account (established by you for personal use) or a work or school account (provided by an administrator for business or academic usage). The most common subscriptions: Free trial: On the front page of azure.com, there is an option to join up for a free trial. You'll get a $200 credit and a month to test out any mix of Azure resources. Your trial will be suspended if you go over your credit limit. Your services will be decommissioned and no longer work at the end of the trial. This can be upgraded to a pay-as-you-go plan at any moment during your subscription. MSDN subscriptions: You get a certain amount of Azure credit each month if you have an MSDN subscription. If you have a Visual Studio Premium with MSDN subscription, for example, you will receive $100 in Azure credit per month. If you use up all of your credit, your service will be suspended until the next month begins. You can disable the spending limit and add a credit card to cover any unexpected expenses. Some of these fees are waived for MSDN members. For instance, Windows Virtual Machines are discounted by 33%. MSDN accounts are ideal for development and testing settings because of this. 20
Visit http://azure.microsoft.com/en-us/pricing/member-offers/msdn-benefits-details/ for additional information and to see the available MSDN membership tiers. Please keep in mind that these subscriptions are intended for development and testing purposes only, not for production. BizSpark accounts: Access to all of Microsoft's products for development and test environments for up to five MSDN accounts is one of the many perks offered by the BizSpark program to companies. You also get $150 in Azure credit for each of those five MSDN accounts, as well as discounted rates on a number of Azure services, including Windows Virtual Machines. For more information, see: //azure.microsoft.com/en-us/offers/ms-azr-0064p/. Pay-as-you-go: You pay for what you use with this subscription by linking a credit or debit card to your account. If you're a business, you can get approved for invoicing as well. For more information, check out http://azure.microsoft.com/en-us/offers/ms-azr-0003p/. Enterprise agreements: With an enterprise agreement, you agree to use a particular number of Azure services over the next year and pay for them in advance. The commitment you make gets used up throughout the course of the year. If your usage exceeds your commitment, you can pay for it quarterly or annually. You get a discount on Azure services based on the size of your commitment. For more information, see http://azure.microsoft.com/en-us/pricing/enterprise-agreement/. Share administrative privileges for your Azure subscription You can grant administrative access to additional Microsoft accounts after you've signed up for an Azure subscription with your Microsoft account. Depending on whether you're using the Azure Management Portal or the Azure Preview Portal, this is done differently. You must provide access to the new account on both portals if you want it to have access to both. The Azure Management Portal does not use Role-Based Access Control (RBAC), although the Azure Preview Portal does. RBAC is a feature that allows you to give account management more granular rights than just complete access to a subscription. (For more information about RBAC, see http://azure.microsoft.com/en-us/documentation/articles/role-based-access-control- configure/.) 21
• Add the OWNER role for the subscription to the user's account to enable them permission to alter the resources in a subscription in the Azure Preview Portal. • In the Azure Management Portal, you add the user's account as a co-administrator to the subscription to provide them administrative access. This account will have the same rights as the original subscription owner, but it will not be able to modify the service administrator or add or remove additional co-administrators. When requesting that an account be granted access in either portal, the account is automatically added to the subscription's default Azure Active Directory if it is not already there. In the Azure Management Portal, you can view and manage users in Active Directory. Let's have a look at how we can grant someone subscription access in each of the portals. Add administrative privileges in the Azure Preview Portal 1. Log in to your Azure account using the Azure Preview Portal (portal.azure.com). 2. Select Subscriptions from the BROWSE menu on the left side of the screen. 3. At least one subscription should appear on the Subscriptions blade when it opens. To add an administrator, select the one to which you wish to make a change. This brings up the blade for Subscriptions. 22
4. Click the Roles tile in the Access section to see a list of roles. 5. Assign the account to the OWNER role to add an administrator. To open the Owner blade, click OWNER. 23
There is only one user with the Owner role in this account: Subscription admins. You can view the role, the group to which it is assigned (Subscription admins), and the subscription to which it is assigned if you click the owner (Visual Studio Ultimate with MSDN, in this case). 6. At the top of the Owner blade, click +Add. This brings up the Add Users blade, where you can choose which account you wish to provide OWNER access to. You can either choose an account from the default Active Directory listings or search for one by name or email address. If the account isn't already in Active Directory, you'll see a notice saying it'll be added automatically. 24
7. Click Select at the bottom of the blade after selecting the account. The Owner blade will be refreshed, and you can now see that the account has been assigned to the Owner role. You may manage the subscription by logging in with that account. The Azure Preview Portal now has administrator access, but not the other portal. Add a co-administrator in Azure Management Portal 1. Go to the Azure Management Portal and sign in (manage.windowsazure.com). On the left, click SETTINGS. 2. Select ADMINISTRATORS from the SETTINGS page, then click ADD+ at the bottom of the screen to display a screen where you may specify the co-administrator. 25
3. Type the email address and choose the subscription you want that person to manage, then check the box in the lower-right corner of the screen. It will show the subscription for which the account is now a co-administrator on the ADMINISTRATORS screen. In the Azure Management Portal, this account can now manage the subscription. 1.8 BILLING Being able to see your billing information is a crucial part of using Azure. If you have a credit account, like as an MSDN account, it's helpful to know how much credit you have left and where the fees are piling up. This appears by default in the Azure Preview Portal's start board (Figure 1.17). 26
Figure 1.16 Billing tile on the Azure Preview Portal start board. This means that this account has $119.65 in credit left and that it will be seven days before the next cycle begins and the full credit is applied. You can also examine this information by selecting BILLING from the menu on the left side of the start board. You can acquire more information by clicking that tile or selecting the subscription on the BILLING blade (Figure 1.18). 27
Figure 1.17 Billing blade. This displays the remaining credit, billing cycle details, and the burn rate (the pace at which costs accumulate). The breakdown of charges by Azure service is shown at the bottom of that blade (Figure 1.19), so you can understand where the costs are. Figure 1.18 Breakdown of charges. 28
This tile will show you the details of the Resource Costs if you click it (Figure 1-20). Figure 1.19 Billing details. When it comes to monitoring the costs of your Azure membership, having the option to check billing information on a regular basis is really useful. If you have a monthly credit subscription, you'll be able to determine when you're approaching the limit. You may also see where your expenses are piling up. Also, if you provision some VMs and then forget they're there, you'll be able to see them because they'll be billed. 1.9 PRICING CALCULATOR The pricing calculator at http://azure.microsoft.com/en-us/pricing/calculator/ can be used to estimate the cost of your Azure infrastructure. Each Azure service has its own pricing structure. Many Azure services have basic, standard, and premium tiers, with several price and performance levels in each tier, allowing you to choose the best performance level for your needs. As you make changes to the options, the pricing estimate appears at the bottom of the page. You can examine each feature individually or use the full calculator to estimate multiple features at once. 29
Figure 1.20 Pricing calculator with Websites selected. Each feature has its own set of options that you can customise. If you choose Virtual Machines, for example, you can specify the following: • Which types of VMs you want and how many of each you want: • Windows VM: Basic or Standard, D-Series or A-Series • Linux VM: Basic or Standard, D-Series or A-Series • SQL Server VM: Basic or Standard; D-Series or A-Series; Web, Standard, or Enterprise edition • Biztalk Server: Basic or Standard, Standard or Enterprise edition • Oracle: Basic or Standard, multiple selections of Oracle software 30
• Bandwidth (egress) Another example of a service-dependent selection is Mobile Services, which allows you to specify the following: • Tier (Free, Basic, Standard) • Whether to include a SQL Database • Bandwidth (egress) • The number of push notifications per month The pricing calculator can help you estimate your Azure costs. It should be noted that it does not include regional variations, but you can find them by going to the individual service pricing pages at http://azure.microsoft.com/en-us/pricing/ and selecting the region. 1.10 AZURE VIRTUAL MACHINES Platform-as-a-Service (PaaS) is undeniably appealing for a specific set of workloads. However, not every solution can or should be accommodated by the PaaS model. Some workloads necessitate near total infrastructure control, such as operating system configuration, disc persistence, and the ability to install and configure traditional server software. Infrastructure- as-a-Service (IaaS) and Azure Virtual Machines come into play here. 1.10.1 Virtual Machine (VM) Basics Azure Virtual Machines, along with Virtual Networks, is a key feature of Azure's IaaS capabilities. Azure Virtual Machines enables the deployment of virtual machines (VMs) running Windows Server or Linux in a Microsoft Azure datacenter. You have complete control over the VM's configuration. All server software installation, configuration, and maintenance, as well as operating system patches, fall under your purview. Please keep in mind that the terminology used to describe the Azure Virtual Machines feature and a virtual machine instance can be a little perplexing. As a result, in this chapter, Azure Virtual Machines refers to the feature, whereas virtual machine or VM refers to an instance of an actual compute node. The primary distinctions between Azure Cloud Services (web and worker roles) and Azure Virtual Machines are control and persistence. \"Azure Websites and Azure Cloud Services,\" PaaS cloud services are composed of web and/or worker roles and are primarily managed by the Azure platform, allowing you to focus on developing the application rather than managing 31
the server infrastructure. With an Azure Virtual Machines VM, you are in charge of nearly every aspect of the VM. Web and worker roles are generally thought to be stateless (due to the lack of a persistent disc), but Azure VMs are stateful servers with persistent discs. There are two kinds of discs: operating system discs data discs. The operating system disc is required, but the data disc is optional. The operating system (Windows or Linux) is stored on the OS disc, and your application data is stored on the data disc. VMs are ideal for a wide range of server workloads that do not fit into a PaaS model due to the level of control afforded to the user and the use of persistent discs. Database servers (SQL Server, Oracle, MongoDB, and so on), Windows Server Active Directory, SharePoint, and many other server workloads are now entirely possible to run on the Microsoft Azure platform. Users can move such workloads from an on-premises datacenter to one or more Azure regions if desired, a process known as lift and shift. Before going any further, it's important to understand what exactly constitutes an Azure cloud service. A cloud service is fundamentally a container for virtual machines. The container includes a DNS endpoint, network connectivity (including access to the public Internet if desired), security, and a management unit. A cloud service can contain a variety of VM types, including Azure web and worker role instances and Azure Virtual Machines VMs. At the time of writing, a cloud service container could not contain both web and worker role instances, as well as Azure Virtual Machines VMs (that is, a cloud service cannot host PaaS and IaaS VMs at the same time). An Azure cloud service, as shown in Figure 1-21, consists of either a collection of web and worker roles or VMs. 32
Figure 1-21 Cloud service container options. 1.10.1.1 Status Azure VMs have three possible states: Running Stopped Stopped (Deallocated). Running The VM is on and running normally. Stopped The VM is stopped, but it is still consuming compute resources within Azure. Stopped (Deallocated) The VM is stopped, and it is not consuming compute resources within Azure. > Stop-AzureVM -Name \"az-essential\" -ServiceName \"az-essential\" –StayProvisioned Shutting down the VM from the VM's operating system will also stop it but will not deallocate it. 1.10.1.2 IP Address The cloud service owns the public virtual IP (VIP) address, not the VM. Each virtual machine (VM) has its own direct IP (DIP) address. The VIP will remain as long as one or more VMs are running or stopped. The VIP will be released if all of the VMs are stopped. If you want to stop (power down) the instance while keeping the VIP and DIP addresses, stop the VM but do not deallocate it. 33
VMs are assigned a dynamic IP address by default. If your use case necessitates the VM having a static IP address, you can configure the VM's static IP address through the Azure Management Portal or PowerShell. 1.10.2 Creating and Configuring Virtual Machines Azure Virtual Machines are divided into two tiers: Basic and Standard. Basic tier VMs are ideal for workloads that do not necessitate load balancing or the ability to auto scale. All Azure Virtual Machines configurations and features are supported by VMs in the Standard tier. There are various VM sizes available in the Basic and Standard tiers. The A-series VMs are the traditional sizes that have been available since the inception of Azure Virtual Machines. The D-series VMs were released in September 2014, with faster processors, a higher memory- to-core ratio, and a solid-state drive (SSD) for the temporary physical disc. When you create a VM, you get two discs: an operating system disc that is saved in Azure blob storage and a temporary disc. The temporary disc is a physical disc that is housed within the server's chassis. The temporary disc (also known as the D drive in Windows VMs) employs a traditional HDD platter for A-series VMs and an SSD for D-series VMs. Using the Azure Management Portal or the Azure Preview Portal is one of the simplest ways to get started creating Azure VMs. There are two Azure management portals: the current Azure Management Portal at http://manage.windowsazure.com and the new Azure Preview Portal at http://portal.azure.com. Unless otherwise specified, all examples in this material are from the Azure Preview Portal. Create a virtual machine with the Azure Preview Portal Log in to the Azure Preview Portal at http://portal.azure.com if you haven't already. You will need an Azure subscription at this point. If you don't already have one, you can get a free trial at http://azure.microsoft.com. To begin, click the +NEW button in the lower-left corner of the screen, followed by the Everything label at the top of the New blade. As shown in Figure 1-22, doing so opens the Gallery blade, from which you can choose the Virtual Machines option. You can now see the extensive selection of virtual machine options provided by Microsoft and its partners. Official images from Microsoft (for Windows systems), select partners such as Canonical and Oracle, and the OSS community via VMDepot are included in the gallery. VMDepot offers a 34
catalogue of preconfigured Linux systems, applications, and development stacks for use in Azure VM deployment. Images from VMDepot are not tested for security, compatibility, or performance. Figure 1.22 The Virtual Machines gallery For this example, choose the Windows Server 2012 R2 Datacenter image. You can read about the image, including any operating system updates, on the resulting blade. To proceed with the creation of your new VM, click the blue Create button. The Create VM blade should then appear. As shown in Figure 1-23, you provide several important details about your new VM on this blade: Host Name The name of the VM. User Name The administrative user name. Password The password for the administrative user. Pricing Tier Expand this lens to view all the different pricing tiers (for example, Basic and Standard, A-series and D-series). 35
Optional Configuration Expand this lens to control several important settings, such as: The cloud service name (the DNS name; for example, contoso.cloudapp.net). Whether operating system automatic updates (that is, Windows Update) is enabled (default is ON). The storage account to store the operating system disk’s virtual hard drive (VHD). Any Virtual Network options (the VM will be placed in its own Virtual Network unless otherwise specified). Whether diagnostics should be enabled (default is not to enable diagnostics). Resource Group Provides a logical container for Azure resources (to help manage resources that are often used together). Subscription The Azure subscription to use if you have more than one. Location The Azure region where the VM should be placed. When finished, click the blue Create button to instruct Azure to start creating your VM. This process could take several minutes. 36
Figure 1.23 The Create VM blade Connect to a virtual machine When using the Azure Preview Portal to create a VM, Remote Desktop is enabled by default. To connect to the VM, click the Connect button at the top of the VM blade you want to connect to, as shown in Figure 1-24. 37
Figure 1.24 Connecting to a VM. This will start a download of a preconfigured Remote Desktop (.rdp) file to your local machine. Connect to the VM by opening the RDP file. When initially provisioning the VM, you must provide the administrative user name and password. 1.10.3 Configuring VM disks Azure Virtual Machines are created using VHD files. VHDs are used in Azure Virtual Machines in two ways: Image A VHD that serves as a template for creating a new Azure VM. It lacks settings such as a machine name, administrative user, and so on because it is a template. This chapter contains more information on creating and using images. Disk A bootable VHD that can be used as a mountable disc for a VM. When an image is provisioned, it is transformed into a disc. Disks are classified into two types: operating system discs and data discs. All persistent discs (the OS disc and data discs) are backed up in Azure Storage by page blobs. As a result, the discs inherit the advantages of blob storage, such as high availability, durability, and geo-redundancy options. Blob storage is a mechanism for safely storing data for use by the VM. On the VM, the discs can be mounted as drives. To prevent accidental deletion of the page blob containing the VHD, the related container, or the storage account, the Azure platform will hold an infinite lease on it. An OS disc is used for the operating system, as the name implies. The OS disc for a Windows Server VM is the standard C drive; this is where Windows stores its data. It is used for the /dev/sda1 partition, which is used for the root directory in a Linux VM. For Windows, the maximum size of an OS disc is currently 127 GB. 38
A data disc is the other type of disc used in Azure Virtual Machines. The data disc is also employed. The data disc is also used to store a wide variety of data, as the name implies. Each data disc can hold up to 1 TB of data. Data discs are frequently used to store application data, such as data from your custom application, or server software, such as SQL Server, as well as the associated data and log files. Azure Virtual Machines also come with a physical temporary disc that is not saved to Azure Storage. The temporary disc should only be used for temporary (or replicated) data, as the data will be lost if the physical hardware fails. The various disc types are depicted in Figure 1.25. Figure 1.25 Disk types in Azure Virtual Machines. Caching: Azure Virtual Machines can cache access to the operating system and data discs. Caching has the potential to reduce transactions to Azure storage while also improving performance for specific workloads. There are three types of disc cache: Read/Write, Read, and None. The operating system disc has two cache options: Read/Write (the default) and Read. There are three cache options on the data disc: Read/Write, Read, and None (default). When creating a VM or attaching discs to an existing VM, keep in mind that there is currently a limit of four data discs that can have caching enabled. Attach a disk The VM created earlier in this chapter has only one disc, which is the OS disc. You can add a data disc to the VM by either creating a new, empty disc or uploading an existing VHD. The Azure Preview Portal can be used for either. 39
If you want to use an existing VHD, upload it to Azure and attach it to the VM. If you don't already have a VHD, you can create one with Disk Management in Windows. Figure 1.26 Number and size of disks. The Disks lens, shown in Figure 1.26, shows how many discs are attached to the current VM, as well as the total size of all attached discs. To create and attach a new disc, first open the Disks blade by clicking on the Disks lens. You will be able to attach a new disc or an existing disc to this blade. Attaching a new disc is as simple as clicking Attach New at the top of the Disks blade, as shown in Figure 1.27. Figure 1.27 Attached disk details. You will be able to provide several key settings from the resulting Attach A New Disk blade, as shown in Figure 1.28: 40
Storage Container The Azure Storage account and blob container that will store your new data disk. Disk File Name Provide your own or accept the default. Size (GB) The size of the new data disk (VHD). Host Caching The cache option to use for the data disk. Figures 1.28 attach a new data disk. Click Attach Existing at the top of the Disks blade to attach an existing data disc. As shown in Figure 1.29, the resulting Attach An Existing Disk blade will give you the option to select an existing VHD from your Azure Storage account. You can upload an existing VHD to a blob container in the desired storage account using your preferred Azure Storage management tool (be sure that VHD is set as a page blob and not a block blob). 41
Figure 1.29 The Attach An Existing Disk blade. Formatting disks After attaching the data discs to the Azure VM, each data disc must be formatted, just like a disc on a physical Windows server. The VHDs are stored in Azure Storage using page blobs in a sparse format. This means that Azure Storage charges are only applied to data within the VHD that has been written. As a result, when formatting the discs, it is recommended that you use a quick format. A quick format avoids storing large ranges of zeros with the page blob, saving you actual storage space and money. 42
Figure 1.30 Windows Disk Management. To format the disk(s), use Remote Desktop to connect to the VM remotely. Open Disk Management after connecting to and logging into the VM. Disk Management is a native Windows application that allows you to view and format unallocated discs. Continue by right- clicking the unallocated disc and selecting Initialize Disk, as shown in Figure 1-30. To initialise the disc, follow the wizard's instructions. After the disc has been initialised, you can begin formatting it. 1. Select New Simple Volume from the context menu when you right-click the disc. The New Simple Volume Wizard should be launched. 2. Go through the wizard again, this time selecting the desired volume size and drive letter. 3. When prompted to format the volume, make sure to select Perform A Quick Format. 4. Finish the steps in the wizard to start formatting the disk. Disk performance Another consideration with Azure VM discs is IOPS. At the time of writing, each data disc has a maximum IOPS and a maximum transfer rate of 60 MB/s (for Standard-tier VMs). This may or may not be enough for the desired workload. You should run performance tests to ensure that the disc performance is adequate. 43
If it isn't, think about striping the disc or using storage spaces (Windows Server 2012 or higher) to boost disc performance. Endpoints Endpoints for Azure cloud services are exposed by the Azure Load Balancer. It is the Azure Load Balancer configuration that governs how requests from the Internet reach a specific port on the VM via a related protocol (such as TCP or UDP). Azure VMs are not configured to accept requests from the Internet by default. A VM must be configured with one or more endpoints to accomplish this. This configuration actually configures the Azure Load Balancer to allow traffic from the Internet by mapping public ports on the Azure Load Balancer to private ports on the VM. Scroll down toward the bottom of the Virtual Machine blade and look for the Endpoints lens to view or edit a VM, including adding endpoints. Figure 1-31 shows the current endpoints, along with their names and corresponding ports. Figure 1.31 View current endpoints. Additionally, a load-balanced configuration for a group of VMs is possible. This enables multiple VMs to collaborate, for example, as a collection of web servers in a web farm environment. When using a load-balanced set, the Azure Load Balancer will distribute incoming requests across all available VMs rather than routing them to a single VM. 44
As shown in Figure 1.32, selecting the Endpoints lens opens a new blade with more details on the current endpoints, as well as the ability to remove or add new endpoints. Figure 1.32 Add virtual machine endpoints Adding an endpoint instructs the Azure Load Balancer to allow traffic from the Internet to reach your VM via the specified protocol and port. If your virtual machine is using its own firewall software, such as Windows Firewall for Windows Server instances, you may need to configure the server's firewall to allow traffic on the desired port and protocol. 1.10.4 Virtual Machine Management Creating an Azure VM is only the first step. To successfully manage the VMs, you must consider several important factors. Scalability, SLA, disc management, and machine maintenance are all important considerations. The user is primarily responsible for the overall management of the VMs. The Microsoft Azure platform will ensure that the VM is accessible from the outside world. Aside from that, you, the user, can do pretty much whatever you want. The VM can be configured and managed remotely using PowerShell or through a standard Remote Desktop connection. Availability set Azure virtual machines are hosted on physical servers in Microsoft's Azure datacenters. As with most physical devices, there is the possibility of a failure. If the physical server fails, the 45
Azure VMs that are hosted on it will also fail. If a failure occurs, the Azure platform will attempt to locate a healthy host server on which to reconstitute the VM as soon as possible. This service-repair procedure may take several minutes. The application(s) hosted on that VM will be unavailable during that time. In addition to hardware failures, the VMs may be impacted by periodic updates initiated by the Azure platform itself. Microsoft will upgrade the host operating system on which the guest VMs run on a regular basis (you are still responsible for the guest VM's operating system patching). The VM will be rebooted and thus temporarily unavailable during these updates. This is a logical feature used to ensure that a group of related VMs are deployed so that they are not all subject to a single point of failure and so that they are not all upgraded at the same time during a host operating system upgrade in the datacenter. It is recommended that at least two instances of the VM be deployed to avoid a single point of failure. In fact, Azure only offers a SLA when two or more VMs are deployed in an availability set. This is a logical feature used to ensure that a group of related VMs are deployed so that they are not all vulnerable to a single point of failure and are not all upgraded at the same time in the datacenter during a host operating system upgrade. The first two VMs in an availability set are assigned to two different fault domains, ensuring that a single point of failure does not affect both of them at the same time. Similarly, the first five VMs in an availability set are assigned to five different update domains, reducing the impact when the Azure platform forces host operating system updates one update domain at a time. VMs in an availability set should all have the same set of capabilities. Sidebar: Virtual machine update and fault domains The update and fault domains used for your VMs can be viewed by visiting the related cloud service in the Azure Management Portal at http://manage.windowsazure.com. If there is an existing availability set, the VM can be added to it as part of the VM provisioning process. If there is no existing availability set, one must be created. Select the Availability Set lens on the desired VM's blade to configure the VM's availability set. Then, at the top of the Availability Set blade, click New. Provide the desired name for the new availability set on the resulting New Availability Set blade. 46
It is possible to add an existing VM that is not already in an availability set to an availability set. The VM, however, must be part of the same cloud service (must have the same DNS name; for example, contoso.cloudapp.net). Navigate to the Availability Set lens of the desired VM. Then, choose the desired existing availability set. The VM will restart to apply the change. Service level agreement For multiple instance VMs deployed in an availability set, Microsoft provides a 99.95 percent connectivity SLA. That is, for the SLA to apply, at least two instances of the VM must be deployed within an availability set. Scalability Azure Virtual Machines, like most Azure services, scale out rather than scale up. This means that adding larger, more powerful machines is preferable to deploying more instances of the same configuration. Before VMs can be scaled (out or in), they must be assigned to an availability set. It is critical to determine the maximum number of VMs when determining the scale out approach for VMs, because that maximum number of VMs must be created, configured, and placed into an availability set. When it comes time to scale out, the VMs in the availability set are used to meet the scale-out requirements. To take advantage of Azure's auto scale feature, VMs within an availability set should all be the same size. As of this writing, you must use the Azure Management Portal at http://manage.windowsazure.com to use Azure's auto scale features for VMs in an availability set. Scaling is an automatic operation handled by Azure based on configured rules. For either Azure Storage queues or Service Bus, the configuration can be related to time of day (for example, scale out during business hours and contract in the evening), or metrics such as average CPU utilisation or queue depth (number of messages residing in the queue). The percentage of average CPU utilisation represents the average usage over the previous hour. The metric used for queue depth is the target number of messages to be processed per machine, which means that when deciding whether to scale, Azure will consider the total number of messages in a queue divided by the number of instances. When the scale rules are met, Azure will auto scale in approximately one hour. This includes the time it takes to collect VM metrics and the time it takes to provision a new VM. This means 47
that while the default auto scale rules are frequently adequate for macro level scaling, they are unlikely to be adequate for rapid burst scale-out requirements. The CPU utilisation scaling settings will try to keep the average CPU utilisation percentage across all instances within the defined range. You have control over the target range of VMs as well as the rules that govern how the VMs scale out or in. You can specify the minimum and maximum number of VMs that can be used, ensuring that neither too few nor too many VMs are used. If a scaling action is required, Azure will scale in or out based on the number of VMs specified for when a scaling action should take place. Be aware that each scaling action is followed by a wait time, or \"cool down\" period. This prevents the system from thrashing VMs up and down and gives the system time to try to stabilise before performing another scaling action. Image capture Once you've configured your new Azure VM to your liking, you might want to create a clone of it. For example, you might want to create several more virtual machines (VMs) using the one you just created as a template. This is known as capturing the VM or creating a generalised VM Image. When you create a VM Image, you capture not only the operating system disc, but also any attached data. When you capture the VM in order to use it as a template for future VMs, the original VM (the original source) is deleted after the capture is completed. Instead, a template image will be available for use in the Azure Management Portal's Virtual Machine gallery. There are several steps you must take in order to capture a VM and make it available for use. The steps below are for capturing a VM running Windows Server. If you're running a Linux virtual machine, the process is similar, except you'd use waagent -deprovision instead of a Windows sysprep command. 1. Connect to the VM using Remote Desktop. 2. Open a command prompt window as the administrator. 3. Navigate to the %windir%/system32/sysprep directory and then run Sysprep.exe. 4. In the System Preparation Tool, perform the following actions: a. From the System Cleanup Action list, select Enter System Out-Of-Box Experience (OOBE). b. Select the Generalize check box. 48
c. In Shutdown Options drop-down list, select Shutdown. 5. The VM will run sysprep. If you are still connected to the VM via RDP, you will be disconnected when it begins to shut down. Watch the VM in the Azure Management Portal until it completely shuts down and shows a status of ―Stopped.‖ 6. From the Azure Management Portal, select the VM to capture and then click the CAPTURE button in the bottom tray menu. 7. Provide a name for the new image and select the I Have Run Sysprep On The Virtual Machine check box. 8. Click the check mark to capture the image. 9. The image should now appear in your Virtual Machine gallery, under My Images. You can now use this image to create a new VM instance. 1.11 SUMMARY • Cloud computing is a cutting-edge replacement for traditional on-premises data centre. A public cloud provider is in charge of all hardware purchases and maintenance, and often offers a wide range of platform services to choose from. You lease whatever hardware and software services you need on an as-needed basis, changing a capital outlay for hardware into an operating expense. • SaaS, PaaS, and IaaS are the three most common cloud computing categories. The line between these, though, is blurring as the cloud matures. • Azure is a growing set of cloud services that can help your company address current and future business difficulties. Azure gives you the freedom to use your favourite tools and frameworks to build, manage, and deploy apps on a huge global network. • Azure's cloud computing platform comprises a number of services. • The simplest approach to manage the Azure resources you install is through an online administration portal. As mentioned in the last section, you may use this to construct virtual networks, access cloud services, set up VMs, set up storage accounts, define websites, and so on. • There are numerous types of subscriptions that give you access to Azure services. To access these subscriptions, you'll need a Microsoft account (established by you for personal use) or a work or school account (provided by an administrator for business or academic usage). 49
• The pricing calculator at http://azure.microsoft.com/en-us/pricing/calculator/ can be used to estimate the cost of your Azure infrastructure. Each Azure service has its own pricing structure • Azure Virtual Machines, along with Virtual Networks, is a key feature of Azure's IaaS capabilities. Azure Virtual Machines enables the deployment of virtual machines (VMs) running Windows Server or Linux in a Microsoft Azure datacentre. 1.12 KEYWORD • Software as a service (SaaS) is software that is centrally hosted and managed for the benefit of the end user. It's commonly based on a multi-tenant architecture, which means that all clients have access to the same version of the programme. • Platform as a service (PaaS) is a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud- based apps to sophisticated, cloud-enabled enterprise applications. You purchase the resources you need from a cloud service provider on a pay-as-you-go basis and access them over a secure Internet connection. Infrastructure as a service (IaaS) is a type of cloud computing service that offers essential compute, storage and networking resources on demand, on a pay-as-you-go basis. IaaS is one of the four typ 50
Search
