Hands-On Linux Administration on Azure E-Book

Hands-On Linux Administration on Azure

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Vijin BorichaAcquisition Editor: Rahul NairContent Development Editor: Nithin George VargheseTechnical Editor: Komal KarneCopy Editor: Safis EditingProject Coordinator:Drashti PanchalProofreader: Safis EditingIndexer: Mariammal ChettiyarGraphics: Tom ScariaProduction Coordinator: Deepika Naik

First published: August 2018

Production reference: 1310818

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78913-096-6

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

PacktPub.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Contributors

About the author

Frederik Vos, living in Purmerend, a city near Amsterdam in the Netherlands, works as a senior technical trainer of virtualization technologies, such as Citrix XenServer, and VMware vSphere. He specializes in data center infrastructures (hypervisor, network, and storage) and cloud computing (CloudStack, CloudPlatform, OpenStack, and Azure). He is also a Linux trainer and evangelist. He has a lot of knowledge as a teacher and also real-world experience as a system administrator. For the last three years he has been working as a freelance trainer and consultant within the ITGilde Cooperation, delivering many Linux training, such as Linux on Azure training for the Linux Foundation.

About the reviewers

Toni Willberg is a Linux on Azure subject matter expert with over 20 years of professional IT experience. His career started in 1997 as software developer and Linux sysadmin. Currently, Toni works with Microsoft as cloud solution architect, specializing in Azure infrastructure services. Prior to Microsoft, he was with Red Hat for eight years, working as solution architect focusing on Red Hat Enterprise Linux and related infrastructure technologies.

Sander van Vugt is a Linux expert and author living in the Netherlands. Sander has published different Linux-related titles and teaches classes for customers around the world. Sander is also the Director of ITGilde Academy.

Pascal van Dam has a bachelor's degree in Computer Science and has had his first experiences with Linux and the open source world as early as 1993. He's a HP-UX, AIX, and Linux Foundation trainer. As a Linux Foundation trainer he has had the honor to bring the Story of Linux and Open Source on Azure to many Microsoft colleagues in the world. Currently, Pascal is the Cloud Linux Architect for ATOS for both the on-premise and the public clouds such as Azure. At home, Pascal has six sons together with his love in lively home full of energy. Pascal strongly believes in having an open mind with an open view in an open world.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

Hands-On Linux Administration on Azure

Packt Upsell

Why subscribe?

PacktPub.com

Contributors

About the author

About the reviewers

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Reviews

Exploring the Azure Cloud

Fundamentals of cloud computing

Virtualization

Software-Defined Datacenter

SOA

Cloud services

Cloud types

Understanding the Azure Cloud

A small history of the Azure Cloud

Azure architecture

Azure in your organization

Azure and open source

Summary

Questions

Further reading

Getting Started with the Azure Cloud

Technical requirements

Getting access to Azure

Logging in using the Azure portal

Getting command-line access to Azure

Installing the Azure command-line interface

Logging in with the Azure CLI

PowerShell

Logging in with PowerShell

Azure Resource Manager

Linux and Azure

Linux distributions

Microsoft-endorsed Linux distributions

Deploying a Linux virtual machine

Your first virtual machine

Images

Image sizing

Virtual machine networking

Virtual machine information

Connecting to Linux

Logging in to your Linux VM using password authentication

Logging in to your Linux VM with an SSH private key

Summary

Questions

Further reading

Basic Linux Administration

The Linux shell

Executing commands

Command-line editing

Working with history

Auto-completion

Globbing

Redirections

Working with variables

Bash configuration files

Getting help

Using the man-pages

Using info documents

Other documentation

Working with text files

Reading text

Searching in text files

Editing text files

Finding your way in the filesystem

File hierarchy system

Mounting filesystems

Finding files on the filesystem

Process management

View processes

Sending signals to a process

Discretionary Access Control

User management

Group management

Login management

Summary

Questions

Further reading

Managing Azure

Technical requirements

Storage services

Storage accounts

Managed disks

Azure Files

Blob storage

Networking

Virtual network

Subnets

Network Security Group

Public IP address and network interface

Components for your virtual machine

Azure profile

Resource group

Storage account

Virtual network

NSG

Public IP address and network interface

Summary

Questions

Further reading

Advanced Linux Administration

Technical requirements

Software management

The RPM software manager

The DPKG software manager

Software management with YUM

Software management with Zypp

Software management with apt

Networking

Identifying the network interfaces

Identifying the IP address

Showing the route table

Network configuration

Changes in the network configuration

Hostname

DNS

Storage

Storage provided by block devices

Adding a data disk

Partitioning

Filesystems in Linux

Ext4 filesystem

XFS filesystem

ZFS filesystem

BTRFS filesystem

Swap filesystem

Linux software RAID

Systemd

Working with units

Services

Targets

Scheduled tasks

Mounting local filesystems

Mounting remote filesystems

Summary

Questions

Further reading

Managing Linux Security and Identities

Linux security tips

Technical requirements

Linux firewall

Firewalld zones

Firewalld services

Firewalld network sources

Linux Security Modules

SELinux

SELinux configuration

SELinux context on ports

SELinux context on files

SELinux Boolean

AppArmor

AppArmor status

Generating AppArmor profiles

Systemd security

Restricting access to the filesystem

Restricting network access

Azure Active Directory Domain Service

Setting up AADS

Linux configuration

NTP configuration

Hostname

DNS servers

Installing dependencies

Joining the domain – Ubuntu and RHEL/CentOS

Joining the domain – SUSE

Summary

Questions

Further reading

Deploying Your Virtual Machines

Deployment scenarios

What do you need?

Automated deployment options

Scripting

Azure Resource Manager

Initial configuration

Initial configuration with the Custom Script Extension

Initial configuration with cloud-init

Vagrant and Packer

Installing and configuring Vagrant

Deploying a virtual machine with Vagrant

Vagrant provisioners

Packer (part 1)

Installing and configuring Packer

Custom images and VHDs

Creating a managed image

Alternative method using snapshots

Packer (part 2)

Custom VHDs

Summary

Questions

Further reading

Exploring Continuous Configuration Automation

Technical requirements

Ansible

Installation of Ansible

SSH configuration

Bare-minimum configuration

Inventory file

Ansible playbooks and modules

Conditionals – when statement

Loops

Handlers

Working with variables

Working with templates

Authenticating to Microsoft Azure

Resource group

Virtual machine

Azure inventory management in Ansible

SaltStack

Some Salt terminology

SaltStack installation

Authorization

Execution modules

Salt states

Top file

Salt grains

State conditions

Working with variables and templates

Integration with Azure

PowerShell desired state configuration

Azure automation DSC

Automation account

Installing PowerShell DSC on Linux

Creating a desired state

PowerShell DSC Resources

Applying the resources in Azure

Other solutions

Summary

Questions

Further reading

Container Virtualization in Azure

History of containers

Chroot environment

OpenVZ

LXC

Systemd-nspawn

Creating a container with debootstrap

Creating a container with yum

systemd-firstboot

Deploying the first container

Enabling a container at boot time

Rkt

Getting started with Rkt

Creating Rkt images with acbuild

Creating Rkt images with Buildah

Docker

Docker installation

Building Docker images

Docker Machine

Docker Compose

Azure container instances

Docker registry

Azure container registry

Containers and storage

Summary

Questions

Further reading

Working with Azure Kubernetes Service

Technical requirements

Installing dependencies

Minikube

Starting to use AKS

Creating a cluster with the Azure CLI

Creating a cluster with PowerShell

First deployment in AKS

Creating services

Multicontainer pods

Working with Helm

Installing Helm

Helm repository management

Installing applications with Helm

Creating Helm charts

Working with Draft

Installing Draft

Using Draft

Managing Kubernetes

Updating applications

Scaling applications

Upgrading Kubernetes

Persistent storage

Azure Disk for Kubernetes

Azure File for Kubernetes

Summary

Questions

Further reading

Troubleshooting and Monitoring Your Workloads

Technical requirements

Accessing your system

No remote access

Knocking on the port

Boot diagnostics

Logging in Linux

Working with journalctl

Filters

Filtering based on fields

Database persistence

Syslog protocol

Adding log entries

Integrating journald with RSYSLOG

Other log files

Microsoft Log Analytics

Configuring the Log Analytics service

Installing the OMS agent

Getting the data

Log Analytics and Kubernetes

Log Analytics for your network

Performance monitoring

Displaying Linux processes with top

Top alternatives

Sysstat – a collection of performance-monitoring tools

dstat

Network stats with iproute2

Network monitoring with IPTraf-NG

tcpdump

Summary

Questions

Further reading

Assessments

Chapter 1: Exploring the Azure Cloud

Chapter 2: Getting Started with the Azure Cloud

Chapter 3: Basic Linux Administration

Chapter 4: Managing Azure

Chapter 5: Advanced Linux Administration

Chapter 6: Managing Linux Security and Identities

Chapter 7: Deploying Your Virtual Machines

Chapter 8: Exploring Continuous Configuration Automation

Chapter 9: Container Virtualization in Azure

Chapter 10: Working with the Azure Kubernetes Service

Chapter 11: Troubleshooting and Monitoring Your Workloads

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

This book shows how to deploy open source workloads in Microsoft Azure using virtual machines and containers. It provides an introduction to working with Linux in Azure environments, and the reader will get an introduction to working with Azure as well.

An important part of this book contains working with command-line interfaces, which makes it easy to use automation to deploy your workload in Azure.

Last but not least, it will show you how to use configuration management solutions such as Ansible and Salt to manage Linux instances in an Azure cloud environment.

Who this book is for

This book is for Microsoft professionals and Linux administrators and developers that need to deploy and manage their workloads in Azure. Prior knowledge of Linux and Azure is not necessary.

What this book covers

Chapter 1, Exploring the Azure Cloud, introduces cloud computing, explaining where it started and covering the meaning of all the terminology and abbreviations that are so common in the cloud.

Chapter 2, Getting Started with the Azure Cloud, covers the first steps in Azure: creating your account and getting started in Azure. The chapter introduces the user interfaces, and at the end of the chapter, your first virtual machine is running.

Chapter 3, Basic Linux Administration, contains Linux essentials, such as using the bash shell, where to find help, and topics such as user/group management and process management, which you need as a Linux user.

Chapter 4, Managing Azure, explains how to work with the Azure components that you need for virtual machines and other services: network and storage. It explains commands already used in more detail, and prepares you for the next chapters.

Chapter 5, Advanced Linux Administration, is a deep dive into, or (if you want) a crash course on Linux system administration: network, storage, software, and services. It also covers the recently introduced systemd init system.

Chapter 6, Managing Linux Security and Identities, is all about protection for your workload. Starting with some tips for security, the chapter covers Linux security modules (SELinux and Apparmor), Linux firewall (FirewallD), and network ACLs. The last part of this chapter is about integration with Azure Active Directory Services.

Chapter 7, Deploying Your Virtual Machines, covers the automation of deployments in Azure. How do you get a reproducible environment, especially if you are a developer? And if a standard image to deploy a virtual machine is not good enough, you'll learn how to build your own.

Chapter 8, Exploring Continuous Configuration Automation, explains that automation is very important, especially for the deployment phase. It's not that good at managing configuration or updates, though, during the complete life cycle. Ansible, Salt, and PowerShell DSC to the rescue!

Chapter 9, Container Virtualization in Azure, discusses why container virtualization is very popular, what it is exactly, what the available options are, and how to build and run your containers. A great deal in this chapter is about Docker, but other solutions, such as Rkt, are covered as well.

Chapter 10, Working with the Azure Kubernetes Service, explains that, like the other workloads, it is not very difficult to automate containers, after that: orchestration is needed. On top of that, Kubernetes provides scalability and availability.

Chapter 11, Troubleshooting and Monitoring Your Workloads, the last chapter of this book, covers troubleshooting options. What can you do if you can't access the workload? What do you do if your application doesn't perform as expected? And don't forget: logging is always very important!

To get the most out of this book

This book is written for system administrators and developers that need to know how to deploy and manage their workloads in Azure. This means that you have already day-to-day experience of operational tasks. It helps if you already have some experience of using the command line and writing scripts, but it's not strictly necessary. Hence, the scripting examples in this book are not perfect. A pragmatic approach is taken to help you understand the technology in Azure and get the job done.

To get the most out of the book, it is very important that you use this book as a workbook. Go and sit behind your computer and go through all the examples. This is the only way to really understand the topics covered in this book. The only things you need are as follows:

A computer with Linux, Windows 10, or macOS installed

An internet connection so you are able to connect to Azure

I am also a big fan of virtual machines, running in Azure or not. You can play without breaking your daily workstation, and on top of that, you can easily redeploy them or use snapshots to undo or replay the steps you have taken.

Download the example code files

You can download the example code files for this book from your account at www.packtpub.com. If you purchased this book elsewhere, you can visit www.packtpub.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

Log in or register at

www.packtpub.com

.

Select the

SUPPORT

tab.

Click on

Code Downloads & Errata

.

Enter the name of the book in the

Search

box and follow the onscreen instructions.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR/7-Zip for Windows

Zipeg/iZip/UnRarX for Mac

7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub athttps://github.com/PacktPublishing/Hands-On-Linux-Administration-on-Azure. In case there's an update to the code, it will be updated on the existing GitHub repository.

We also have other code bundles from our rich catalog of books and videos available athttps://github.com/PacktPublishing/. Check them out!

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/HandsOnLinuxAdministrationonAzure_ColorImages.pdf.

Get in touch

Feedback from our readers is always welcome.

General feedback: Email [email protected] and mention the book title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packtpub.com.

Exploring the Azure Cloud

In this first chapter, I want to talk about cloud computing. What exactly is the cloud?

Starting with a small history of virtualization, I want to explain how the transformation of physical hardware into hardware components that are build-in software, made it possible to go beyond the borders of the classic data center in many ways.

After that, I'll explain the different terminology used in cloud technology.

Here is a list of topics covered in this chapter:

Virtualization of compute, network, and storage

Software Defined Networking, storage, and the data center

Service-oriented architecture

(

SOA

)

Cloud services

Cloud types

Fundamentals of cloud computing

If you are starting in a new area of expertise in Information Technology (IT), most of the time you'll start studying the concepts, the architecture, and sooner or later you'll start playing around and getting familiar with the topic.

However, in cloud computing, it really helps if you not only understand the concept and the architecture, but also where it comes from. I don't want to give you a lesson in the facts of history, but I want to show you that inventions and ideas in the past are still in use in modern cloud environments. This will give you a better understanding of what the cloud is and how to use it within your organization.

Virtualization

In the early 1970s, IBM was working on some sort of virtualization: each user had their own separated operating system, while still sharing the overall resources of the underlying system.

The main reason to develop this system was the possibility of assigning the resources based on the application needs, to add extra security and reliability: if a virtual machine crashes, the other virtual machines are still running without any problem. Nowadays, this type of virtualization has evolved into container virtualization!

Fast forward to 2001, and another type of virtualization, called hardware virtualization, was introduced by companies such as VMWare. In their product, VMware Workstation, they added a layer on top of an existing operating system that provided a set of standard hardware, build-in software instead of physical elements, to run a virtual machine. This layer become known as a hypervisor. Later on, they built their own operating system that specialized in running virtual machines: VMware ESX.

In 2008, Microsoft entered the hardware-virtualization market with the Hyper-V product, as an optional component of Windows 2008.

Hardware virtualization is all about separating software from hardware, breaking the traditional boundaries between hardware and software. The hypervisor is responsible for mapping the virtual resources on physical resources.

This type of virtualization was the enabler for a revolution in data centers:

Because of the standard set of hardware, every virtual machine can run everywhere

Because virtual machines are isolated from each other, there is no problem if a virtual machine crashes

Because a virtual machine is just a set of files, you have new possibilities for backup, moving virtual machines, and so on

New options possible in

high availability

(

HA

), the migration of running virtual machines

New deployment options, for example, working with templates

New options in central management, orchestration, and automation, because it's all software

Isolation, reservation, and limiting of resources where needed, sharing resources where possible

Software-Defined Datacenter

Of course, if you can transform hardware into software for compute, it's only a matter of time before someone realizes you can do the same for network and storage.

For networking, it all started with the concept of virtual switches. Like every other form of hardware virtualization, it is nothing more than building a network switch in the software instead of hardware.

In 2004, development started on Software Defined Networking (SDN), to decouple the control plane and the data plane. In 2008, there was the first real switch implementation that achieved this goal using the OpenFlow protocol at Stanford University.

Using SDN, you have similar advantages as in compute virtualization:

Central management, automation, and orchestration

More granular security by traffic isolation and providing firewall and security policies

Shaping and controlling data traffic

New options available for HA and scalability

In 2009, Software-Defined Storage (SDS) development started at several companies, such as scality and cleversafe. Again, it's about abstraction: decoupling services (logical volumes and so on) from the physical storage elements.

If you have a look into the concepts of SDS, some vendors added a new feature to the already existing advantages of virtualization. You can add a policy to a virtual machine, defining the options you want: for instance, replication of data or a limit on the number of IOPS. This is transparent for the administrator; there is communication between the hypervisor and the storage layer to provide the functionality. Later on, this concept was also adopted by some SDN vendors.

You can actually see that virtualization slowly changed to a more service-oriented way of thinking.

If you can virtualize every component of the physical data center, you have a Software-Defined Datacenter (SDDC). The virtualization of networking, storage, and compute function made it possible to go further than the limits of one piece of hardware. SDDC makes it possible, by abstracting the software from the hardware, to go beyond the borders of the physical data center.

In the SDDC environment, everything is virtualized and often fully automated by the software. It totally changes the traditional concept of data centers. It doesn't really matter where the service is hosted or how long it's available (24-7 or on demand), and there are possibilities to monitor the service, maybe even add options such as automatic reporting and billing, which all make the end user happy.

SDDC is not the same as the cloud, not even a private cloud running in your data center, but you can argue that, for instance, Microsoft Azure is a full-scale implementation of SDDC. Azure is by definition software-defined.

SOA

In the same period that hardware virtualization become mainstream in the data center, and the development of SDN and SDS started, something new was coming in the world of software development and implementation for web-based applications' SOA:

Minimal services that can talk to each other, using a protocol such as SOAP. Together they deliver a complete web-based application.

The location of the service doesn't matter, the service must be aware of the presence of the other service, and that's about it.

A service is a sort of black box; the end user doesn't need to know what's inside the box.

Every service can be replaced.

For the end user, it doesn't matter where the application lives or that it consists of several smaller services. In a way, it's similar to virtualization: what seems to be one physical resource, for instance, a storage LUN, can actually include several physical resources (storage devices) in multiple locations.

The power of virtualization combined with SOA gives you even more options in scalability, reliability, and availability.

There are many similarities between the SOA model and SDDC, but there is a difference: SOA is about interaction between different services; SDDC is more about the delivery of services to the end user.

The modern implementation of SOA is microservices, provided by cloud environments such as Azure, running standalone or running in virtualization containers such as Docker.

Cloud services

here's that magic word: cloud. It's not that easy to find out exactly what it means. One way to describe it is that you want to provide a service that:

Is always available, or available on-demand

Can be managed by self-service

Is able to scale up/down, and so is elastic

Offers rapid deployment

Can be fully automated and orchestrated

On top of that, you want monitoring and new types of billing options: most of the time, you only pay for what you use.

Cloud technology is about the delivery of a service via the internet, in order to give an organization access to resources such as software, storage, network, and other types of IT infrastructure and components.

The cloud can offer you many service types, here are the most important ones:

Infrastructure as a service

(

IaaS

): A platform to host your virtual machines

Platform as a service

(

PaaS

): A platform to develop, build, and run your applications, without the complexity of building and running your own infrastructure

Software as a service

(

SaaS

): Using an application running in the cloud, such as Office 365

Cloud types

There are several cloud implementations possible:

Public cloud

: Running all the services at a service provider. Microsoft's Azure is an implementation of this type.

Private cloud

: Running your own cloud in your data center. Microsoft recently developed a special version of Azure for this: Azure Stack.

Hybrid cloud

: A combination of a public and private cloud. One example is combining the power of Azure and Azure Stack, but you can also think about new disaster recovery options or moving services from your data center to the cloud and back if more resources are temporarily needed.

The choice for one of these implementations depends on several factors, to name a few:

Costs

: Hosting your services in the cloud can be more expensive than hosting them locally, caused by resource usage. On the other hand, it can be cheaper; for example, you don't need to implement complex and costly availability options.

Legal restrictions

: Sometimes you are not allowed to host data in a public cloud.

Internet connectivity

: There are still countries where the necessary bandwidth or even the stability of the connection is a problem.

Complexity

: Hybrid environments can be especially difficult to manage; support for applications and user-management can be challenging.

Understanding the Azure Cloud

Now that you know more about virtualization and cloud computing, it's time to introduce you to the Microsoft implementation of the cloud: Azure.

Starting again with some history, in this chapter, you'll find out about the technology behind Azure and that Azure can be a very good solution for your organization.

A small history of the Azure Cloud

In 2002, Microsoft started a project called Whitehorse, to streamline the development, deployment, and implementation of an application within an SOA model. In this project, there was a focus on delivering small prebuilt web applications and the ability to transform them into a service. This project died silently around 2006.

Many of the lessons learned in this project and the appearance of Amazon Web Services (AWS) were the drivers for Microsoft to start a project called RedDog in 2006.

After a while, Microsoft added three other development teams to this project:

.NET Services

: Services for developers using the SOA model.

.NET Services offered Service Bus as a secure, standards-based messaging infrastructure.

Live Services and Live Mesh

: A SaaS project to enable PCs and other devices to communicate with each other through the internet.

SQL Services

: A SaaS project to deliver Microsoft SQL through the internet.

In 2008, Microsoft announced the start of Azure, and with its public release in 2010, Azure was ready to deliver IaaS and PaaS solutions. The name RedDog survived for a while: the classic portal was also known as RedDog Front-End (RDFE).

Nowadays, Azure is the Microsoft solution for the public cloud, delivering all kinds of services, such as virtual machines, Web and Mobile Apps, Active Directory, and databases.

It's still growing in its number of features, customers, and availability. Azure is available in more than 36 regions. This is very important for scalability, performance, and redundancy.

Having these many regions also helps compliance with legal rules and security/privacy policies. Microsoft is using the same Online Services Terms (http://www.microsoftvolumelicensing.com/) for all their online services, such as Office 365, which includes rulings such as the EU Standard Contractual Clause. Information and documents regarding security, privacy, and compliance are available via Microsoft's Trust Center: https://www.microsoft.com/en-us/TrustCenter.

Azure architecture

Microsoft Azure is running on a customized, stripped-down, and hardened version of Hyper-V, also known as the Azure Hypervisor.

On top of this hypervisor, there is a cloud layer. This layer or fabric is a cluster of many hosts hosted in Microsoft's data center and is responsible for the deployment, management, and health of the infrastructure.

This layer is managed by the fabric controller, which is responsible for resource management, scalability, reliability, and availability.

This layer also provides the management interface via an API, built on REST, HTTP, and XML. Another way to interact with the fabric controller is provided by the Azure Portal and software such as the Azure CLI via the Azure Resource Manager.

These user-interfacing services will communicate through resource providers to the fabric:

Compute Resource Provider

Network Resource Provider

Storage Resource Provider

These resource providers will create the needed services, such as a virtual machine.

Azure in your organization

Azure can deliver IaaS: it's easy to deploy virtual machines, manually or automated, and use these virtual machines to develop, test, and host your applications. There are many extra services available to make your life as a system engineer easier, such as backup and restore options, adding storage, and availability options. For web applications, it's even possible to deliver the service without creating a virtual machine!

Of course, Azure can also be used for PaaS solutions; like IaaS, PaaS includes all components for your infrastructure but adds support for the complete life cycle of your cloud applications: building, testing, deploying, managing, and updating. There are precoded application components available as well; you can save time transforming these components together with your code into the service you want to deliver. Containers can be another part of your PaaS solution, the Azure Container Service simplifies the deployment, management, and operations on containers using Kubernetes or another orchestrator, such as Mesos.

If you are a company or organization that wants to host an SaaS solution in Azure, this is possible using AppSource. You can even provide integration with other Microsoft products, such as Office 365 and Dynamics.

In 2017, Microsoft announced Azure Stack. You can run Azure now in your own data center or run it in the data center from a service provider of your choice to provide IaaS and PaaS. It will give you the power of Azure in scalability and availability, without worrying about the configuration. You only need to add more physical resources if needed. And if you want, you can use it in a hybrid solution with the public Azure for disaster recovery or consistent workloads in both cloud and on-premises deployments.

Azure Stack is not the only thing you can use for hybrid environments. You can, for instance, connect your local Active Directory with Azure Active Directory, or use the Azure Active Directory application to provide SSO to both local and hosted web applications.

Azure and open source

In 2009, before Azure went public, Microsoft started adding support for open source frameworks, such as PHP, and in 2012, added support for Linux virtual machines, due to requests from many customers.

At that time, Microsoft was not a big friend of the open source community, and it's fair to say that they really didn't like the Linux operating system. This changed around 2014, when Satya Nadella succeeded Steve Ballmer as CEO of Microsoft. In October of that year, he even announced at a Microsoft Conference in San Francisco that Microsoft loves Linux!

Since that time, Azure has grown into a very open-source-friendly environment:

It offers a platform for many open source solutions, such as Linux instances, container technology, and application/development frameworks.

Integration with open source solutions by providing open and compatible APIs. For instance, the CosmoDB service offers a MongoDB-compatible API.

Documentation, SDKs, and examples are all Open Source and available on GitHub:

https://github.com/Azure

.

Microsoft is working together with open source projects and vendors and is also a major contributor of code to many open source projects.

In 2016, Microsoft entered the Linux Foundation organization as a Platinum member to confirm their steadily increasing interest and engagement in open source development.

In October 2017, Microsoft said that more than 40% of all virtual machines in Azure are running the Linux Operating System and Azure is running many containerized workloads. Besides that, the microservices are all using open source programming languages and interfaces.

Microsoft is very serious about open source technology, open source PowerShell, and many other products. Not every Microsoft product in Azure is open source, but at least you can install and run Microsoft SQL on Linux.

Summary

In this chapter, we discussed the history of virtualization, the concept of the cloud, and explained the terminology used in cloud environments.

Some people think that Microsoft was a little bit late entering the world of the clouds, but actually they started researching and developing techniques in 2006, and many parts of that work survived in Azure. Some of the projects died, because it was too early and many people were skeptical about the cloud in those days.

We also covered the architecture of the Azure cloud and the services that Azure can offer your organization.

In the last part of this chapter, I showed you that Azure is a very open-source-friendly environment and that Microsoft puts in a lot of effort to make Azure an open, standard cloud solution with interoperability in mind.

In the next chapter, we'll start using Azure and learn how to deploy and use Linux in Azure.

Questions

What components in your physical data center can be transformed into software?

What is the difference between container virtualization and hardware virtualization?

If you want to host an application in the cloud, which service type is the best solution?

Let's say one of your applications needs strict privacy policies. Is it still a good idea to use cloud technology for your organization?

Why are there so many regions available in Azure?

What is the purpose of Azure Active Directory?

Further reading

If you want to learn more about Hyper-V and how you can use Azure together with Hyper-V for site recovery and protection of your workloads, check out Windows Server 2016 Hyper-V Cookbook, Second Edition by Packt.

There are many nice technical articles about the history of virtualization, cloud computing, and their relationship. One I really want to mention is about the Formal Discussion on Relationship between Virtualization and Cloud Computing (ISBN 978-1-4244-9110-0).

Don't forget to visit the Microsoft website and GitHub repository as mentioned in this chapter!

Getting Started with the Azure Cloud

In the first chapter, I covered the history of, and the ideas behind, virtualization and cloud computing. After that, you read about the Microsoft Azure Cloud. This chapter will help you take your first steps into the world of Azure, get access to Azure, explore the different Linux offerings, and deploy your first Linux virtual machine.

After deployment, you will need access to your virtual machine using SSH with password authentication, or using an SSH key pair.

To take the first steps on your journey into the Azure Cloud, it is important to complete all the exercises and examine the outcome.

Technical requirements

If you want to try all the examples in this chapter, you'll need at least a browser. For stability reasons, it's important to use a very recent version of a browser. Microsoft offers a list of supported browsers in the documentation on the Azure documentation website:

Microsoft Edge (latest version)

Internet Explorer 11

Safari (latest version, Mac only)

Chrome (latest version)

Firefox (latest version)

Based on personal experience, I recommend using Google Chrome or a browser based on a recent version of its engine, such as Vivaldi.

You can do all the exercises in your browser, even the exercises involving the command line. In daily life, it's a better idea to use a local installation of the software; it's faster, easier to copy and paste code, and you can save history and the output from the commands.

Getting access to Azure

To start in Azure, the first thing you'll need is an account. Go to https://azure.microsoft.com and get yourself a free account to get started, or use the corporate account that is already in use. Another possibility is to use Azure with a Visual Studio Dev Essentials subscription, a Visual Studio subscription, or an Enterprise/Dev subscription.

If you are using a free account, you'll get some credits to start, some of the popular services for a limited time, and some services that will stay free forever, such as the container service. You can find the most recent list of free services at https://azure.microsoft.com/en-us/free. You won't be charged during the trial period, except for virtual machines that need additional licensing, but you do need a credit card to identify yourself.

Logging in using the Azure portal

Point your browser to https://azure.microsoft.com and use your credentials to log in. You are ready to start using Azure, or, in other words, to start using your subscription. In Azure, a subscription grants you access to the Azure Portal with your account, which is also used for accounting and billing, and a subscription gives you access to Azure services.

The Azure portal takes you to a dashboard that you can modify to meet your monitoring needs. You can now do the following:

Inspect your resources

Create new resources

Visit the marketplace

Get insights into your billing

You can use the web interface, doing everything graphically, or use the Azure Cloud Shell available via the web interface, which provides a Bash or a PowerShell interface.

Getting command-line access to Azure

There are several good reasons to prefer the command line. That's why in this book we'll mostly cover command-line access:

It can help you to understand the architecture of Azure. In the graphical interface, often you can do many things in one configuration window, without understanding the relationships between the different fields and components.

It is the first step in automation and orchestration.

The web interface is still in active development; the web interface can, and will, change over time:

Some features and options are not available yet.