Hands-On Networking with Azure E-Book

Hands-On Networking with Azure

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Vijin BorichaAcquisition Editor: Rahul NairContent Development Editor: Nithin VargheseTechnical Editor: Komal KarneCopy Editor: Safis EditingProject Coordinator: Virginia DiasProofreader: Safis EditingIndexer: Mariammal ChettiyarGraphics: Tom ScariaProduction Coordinator: Arvindkumar Gupta

First published: March 2018

Production reference: 1060318

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78899-822-2

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

PacktPub.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Contributors

About the author

Mohamed Waly has been interested in IT since he was a student. He has gained many certificates in the IT field. In July 2014, he was recognized as the youngest MVP in the world. He is an author, speaker, and a blogger. He has contributed to the Azure Community in Egypt and open source on Azure. Waly is currently working as an infrastructure consultant for BlueCloud Technologies, designing and implementing solutions for customers across MEA.

About the reviewers

Charbel Nemnom is a Microsoft Most Valuable Professional (MVP) for cloud and data center management. He has over 17 years of professional experience in the IT field and guides technical teams to optimize the performance of mission-critical enterprise systems.

He has extensive infrastructure expertise and vast knowledge of a variety of Microsoft technologies. He is Microsoft, Cisco, and VMware certified, and holds the following credentials—VCA-DCV, MCP, MCSA, MCTS, MCITP, MCS, MCSE, CCNP, ITIL®, and PMP®. You can follow him on Twitter at @CharbelNemnom.

Bert Wolters is the lead consultant of the hybrid cloud and apps business unit at the Dutch company InSpark.

In 2008, he decided to specialize in Microsoft infrastructure technology, focusing on system and platform management, and is still riding Microsoft's wave of innovation, looking forward to experimenting with every single new feature of Microsoft Azure. Driven by the will to gain and share knowledge, he's involved in the global Experts Live Community Foundation.

He currently advises companies how to get the most out of their Azure platform implementation or System Center Suite.

Sjoukje Zaal is a Microsoft Azure MVP and a principal architect with over 15 years of experience providing architecture, development, consultancy, and design expertise. She works at Ordina as a system integrator, based in the Netherlands.

She is very active in the Microsoft Community as a cofounder of SP&C NL and MixUG, writer, and a public speaker who is on MSDN/TechNet. She is also the author of Architecting Microsoft Azure Solutions.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

Hands-On Networking with Azure

Dedication

Packt Upsell

Why subscribe?

PacktPub.com

Contributors

About the author

About the reviewers

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Get in touch

Reviews

Azure Virtual Networks 101

Introduction

Learning outcomes

Technical requirements

Introduction to Microsoft Azure Networks

Azure terminologies

ASM versus ARM model

Azure portal (ARM model)

ARM key points

Azure VNet

Azure VNet benefits

Creating Azure VNet

Adding address spaces to the virtual network

Adding subnets to the virtual network

Azure VNet key points

Automating your tasks

Azure PowerShell

Installing the Azure PowerShell module

Installing the Azure PowerShell module from PowerShell Gallery

Creating a virtual network in Azure portal using PowerShell

Adding address space to a virtual network using PowerShell

Azure CLI

Installing Azure CLI 2.0

Creating a virtual network using Azure CLI 2.0

Adding a gateway subnet to a virtual network using Azure CLI 2.0

Adding an address space to a virtual network using Azure CLI 2.0

Summary

Questions

Further reading

Delving into Azure Virtual Networks

Introduction

Learning outcomes

Understanding Azure VNet architecture

Azure VNet service endpoints

Why use VNet service endpoints?

Configuring service endpoints for Azure VNet

Azure VNet service endpoints key points

Azure services integration with virtual networks

Integrating Azure services with Azure VNet key benefits

Virtual network peering

Configuring virtual network peering

Virtual network peering key points

Securing Azure VNet

NSG

Creating NSG

Inbound security rules

Outbound security rules

Associating the NSG

Associating the NSG to an NIC

Associating the NSG to a subnet

Azure DDoS protection

Automating the tasks

Adding a service endpoint to an existing virtual network using PowerShell

Adding a service endpoint to an existing virtual network using Azure CLI

Creating virtual network peering using PowerShell

Creating virtual network peering using Azure CLI

Creating NSG using PowerShell

Creating NSG using Azure CLI

Associating NSG with a subnet using PowerShell

Associating NSG with a subnet using Azure CLI

Summary

Questions

Further reading

Azure Network for VMs

Introduction

Learning outcomes

Azure VMs

Azure VMs series

Azure VMs statuses

Creating and configuring Azure VMs

Azure VMs networking

Adding inbound and outbound rules

Adding an additional NIC to the VM

Configuring the NICs

Azure VNets considerations for Azure VMs

Automating tasks

Creating an Azure VM using Azure PowerShell

Creating an Azure VM using Azure CLI 2.0

Adding an inbound or outbound rule to an Azure VM using Azure PowerShell

Adding an inbound or outbound rule to an Azure VM using Azure CLI 2.0

Attaching an NIC to an Azure VM using Azure PowerShell

Attaching an NIC to an Azure VM using Azure CLI 2.0

Enabling IP forwarding using Azure PowerShell

Enabling IP forwarding using Azure CLI 2.0

Adding an additional IP address using Azure PowerShell

Adding an additional IP address using Azure CLI 2.0

Summary

Questions

Further information

Network Connectivity Scenarios in Azure

Introduction 

Learning outcomes

Network connectivity scenarios in Azure

VNet2VNet connection

VNet2VNet connection benefits

Creating a VNet2VNet connection

VNet2VNet connection key points

Point-to-Site connection

Point-to-Site connection advantages

Creating a Point-to-Site connection

Point-to-Site connection key points

Site-to-Site connection

Site-to-Site connection benefits

Creating a Site-to-Site connection

Site-to-Site connection key points

ExpressRoute

ExpressRoute benefits

ExpressRoute connectivity models

Co-location at a cloud exchange

Point-to-Point Ethernet connection

Any-to-any (IPVPN) connection

User-defined routes

Creating a user-defined route

User-defined routing key points

Summary

Questions

Further information

Azure DNS

Introduction

Learning outcomes

Azure DNS

Azure DNS benefits

Azure DNS zones and records

Creating a DNS zone

Creating a DNS record

DNS zones and records key points

Azure DNS delegation

Configuring DNS delegation for third-party domain names

Configuring DNS delegation for subdomains

Azure DNS delegation key points

Azure reverse DNS zone

Azure reverse DNS zone key points

Private Azure DNS zones

Private Azure DNS zones key points

Automating the tasks

Creating an Azure DNS zone using PowerShell

Creating an Azure DNS zone using Azure CLI 2.0

Creating an Azure DNS record using PowerShell

Creating an Azure DNS record using Azure CLI 2.0

Configuring Azure DNS delegation using PowerShell

Configuring Azure DNS delegation using Azure CLI 2.0

Creating an Azure reverse DNS zone using PowerShell

Creating an Azure reverse DNS zone using Azure CLI 2.0

Creating a PTR record using PowerShell

Creating a PTR record using Azure CLI 2.0

Summary

Questions

Further information

Azure Load Balancers

Introduction

Learning outcomes

Introduction to Azure Load Balancer

Azure Load Balancer benefits

Azure Load Balancer flavors

Basic Azure Load Balancer

Standard Azure Load Balancer

Standard Azure Load Balancer benefits

Public Azure Load Balancer

Internal Azure Load Balancer

Hands-on with Azure Load Balancers

Creating a public Azure Load Balancer

Creating an internal Azure Load Balancer

Configuring public load balancer frontend IPs

Creating a public IP address

Add additional frontend IP

Configuring internal load balancer frontend IPs

Configuring the load balancer backend pools

Configuring load balancer health probes

Configuring load balancing rules

Configuring inbound NAT rules

Summary

Questions

Further information

Azure Traffic Manager

Introduction

Learning outcomes

Introduction to Azure Traffic Manager

Why Azure Traffic Manager?

Azure Traffic Manager endpoints

Azure Traffic Manager routing methods

Creating Traffic Manager profile

Traffic Manager configuration

Configuring Traffic Manager service endpoints

Configuring endpoints for Traffic Manager with performance routing method

Adding an Azure endpoint

Adding an external endpoint

Adding a nested endpoint

Configuring endpoints for Traffic Manager with the geographic routing method

Configuring endpoints for Traffic Manager with the priority routing method

Configuring endpoints for Traffic Manager with the weighted routing method

Azure Traffic Manager key points

Automating the tasks

Creating a Traffic Manager profile using Azure PowerShell

Creating a Traffic Manager profile using Azure CLI 2.0

Adding an Azure endpoint using Azure PowerShell

Adding an Azure endpoint using Azure CLI 2.0

Adding an external endpoint using Azure PowerShell

Adding an external endpoint using Azure CLI 2.0

Adding a nested endpoint using Azure PowerShell

Adding a nested endpoint using Azure CLI 2.0

Summary

Questions

Further information

Azure Application Gateway

Introduction

Learning outcomes

An introduction to Azure Application Gateway

Why Azure Application Gateway?

The flavors of Azure Application Gateway

Creating an Azure Application Gateway

Configuring Azure Application Gateway settings

Azure Application Gateway configurations

Configuring WAF

Configuring the backend pool

Configuring Azure Application Gateway HTTP settings

Configuring frontend IP configurations

Configuring listeners

Configuring basic listener

Configuring multi-site listener

Configuring rules

Configuring basic rule

Configuring path-based rule

Configuring health probes

Summary

Questions

Further reading

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

Microsoft Azure networking is one of the most valuable and important offerings in Azure. It's impossible to imagine an environment without networks. No matter what solution you are building for the cloud, you'll find a compelling use for Azure networking. This book will get you up-to-speed on Microsoft Azure networking by teaching you how to use the different networking services. Based on real-world scenarios, you will be able to leverage secure design patterns. By reading this book, you will develop a strong networking foundation for Azure Virtual Machines, and for expanding your on-premise environment to Azure.

This book starts with an introduction to Microsoft Azure Networking and how to create Azure Virtual Networks with subnets of different types within them. This book will also help you understand the architecture of Azure networks and how it integrates with other Azure services. You will then learn the best practices for designing your Azure VM networks, whether Windows or Linux-based. You will also learn how to expand your networks into Azure, and how to use Azure DNS. Moreover, you will master best practices to deal with Azure Load Balancers (followed by the role of Azure Traffic Manager) and the solutions they offer in different scenarios. Finally, this book demonstrates the workings of Azure Application Gateway, which offers various layer-7 load balancing capabilities for applications.

Who this book is for

This book targets developers, IT professionals, and even database admins who have experience of working with Microsoft Azure and want to make the most of Azure networking services. It would also be a great guide for network engineers who would like to learn Azure.

What this book covers

Chapter 1, Azure Virtual Networks 101, introduces Azure and its models in addition to Azure Virtual Networks and subnets, and how to create and manage them. By the end of the chapter, you will have learned how to automate manual tasks implemented throughout the chapter using Azure PowerShell and Azure CLI 2.0.

Chapter 2, Delving into Azure Virtual Networks, introduces Azure networking architecture and what is going on behind the scenes. Also, you will learn how to work with Virtual Networks service endpoints and network security groups. By the end of the chapter, you will have learned how to automate manual tasks.

Chapter 3, Azure Network for VMs, introduces Azure VMs and how to design and implement networking solutions for Azure VMs. By the end of the chapter, you will have learned how to automate manual tasks.

Chapter 4, Network Connectivity Scenarios in Azure, introduces the most common scenarios for extending your on-premises to Azure, which includes how to implement those scenarios.

Chapter 5, Azure DNS, introduces how to use Azure DNS as a service, managing your zones on Azure, delegating zones, and even working with reverse DNS zones in Azure. By the end of the chapter, you will have learned how to automate manual tasks.

Chapter 6, Azure Load Balancers, introduces Azure Load Balancer and its importance, followed by a step-by-step guide on how to configure Azure Load Balancer.

Chapter 7, Azure Traffic Manager, introduces Azure Traffic Manager and its importance, followed by a step-by-step guide on how to configure Azure Traffic Manager. By the end of the chapter, you will have learned how to automate manual tasks.

Chapter 8, Azure Application Gateway, introduces Azure Application Gateway and its importance, followed by a step-by-step guide on how to configure Azure Application Gateway.

To get the most out of this book

It's highly recommended to have knowledge of virtualization and networking, such as Hyper-V/VMware/Citrix, or CCNA .

Having knowledge of other Azure services will be a great benefit. You can check out my other book about Azure Storage at the following link: https://www.packtpub.com/big-data-and-business-intelligence/learning-microsoft-azure-storage.

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/HandsOnNetworkingwithAzure_ColorImages.pdf.

Get in touch

Feedback from our readers is always welcome.

General feedback: Email [email protected] and mention the book title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packtpub.com.

Azure Virtual Networks 101

Introduction

This chapter introduces Azure Virtual Networks, differences between the Azure Service Management and Azure Resource Manager models, and some key points that will help you to design your solution. We will also cover Azure Virtual Network subnet types and in which scenarios these subnets would be used. Finally, you will learn how to automate all the manual tasks that have been implemented throughout the chapter.

Learning outcomes

The following topics will be covered:

Introduction to Microsoft Azure Networks

Azure terminologies

Azure Service Management

(

ASM

) versus the

Azure Resource Manager

(

ARM

) model

Azure

Virtual Network

(

VNet

)

Automating your tasks

Technical requirements

To go through the book smoothly, you need to have the following:

An Azure subscription

: You can sign up for a trial from the following link 

https://azure.microsoft.com/en-us/free/

PowerShell

: Make sure you have PowerShell V3, by running the following cmdlet to check the version

$PSVersionTable.PSVersion

Azure PowerShell module

: You can download it from the following link 

https://www.microsoft.com/web/handlers/webpi.ashx/getinstaller/WindowsAzurePowershellGet.3f.3f.3fnew.appids

Azure CLI 2.0

: You can download it for your OS from the following links:

Windows

: 

https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-windows?view=azure-cli-latest

Linux

: 

https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-linux?view=azure-cli-latest

Mac

: 

https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-macos?view=azure-cli-latest

Introduction to Microsoft Azure Networks

One of the major facts in our life is networking. In the beginning, human beings used to make networks communicate with each other to fulfill their needs. That's why when the computer revolution took place, networks were a very important piece of the puzzle to let computers communicate with each other.

Through the whole of the IT revolution, networks used to be an indispensable part of every IT environment to have a properly functioning environment. It is no surprise that networking is a vital part of cloud from many aspects, starting from the remote connection to your Azure VMs, to spanning your environment across on-premises and Azure. You will notice that networks are used with almost all Azure services, this includes, but is not limited to Azure VMs, Azure SQL Databases, Azure Web Apps, and so on.

At the time of writing, Microsoft Azure is generally available in 36 regions, with plans announced for six additional regions, as shown in the following table:

Region

Status

Location

East US

Generally available

Virginia

East US 2

Generally available

Virginia

Central US

Generally available

Iowa

North Central US

Generally available

Illinois

South Central US

Generally available

Texas

West Central US

Generally available

West Central US

West US

Generally available

California

West US 2

Generally available

West US 2

US Gov Virginia

Generally available

Virginia

US Gov Iowa

Generally available

Iowa

US DoD East

Generally available

Virginia

US DoD Central

Generally available

Iowa

US Gov Arizona

Generally available

Arizona

US Gov Texas

Generally available

Texas

Canada East

Generally available

Quebec City

Canada Central

Generally available

Toronto

Brazil South

Generally available

Sao Paulo State

North Europe

Generally available

Ireland

West Europe

Generally available

Netherlands

UK West

Generally available

Cardiff

UK South

Generally available

London

Germany Central

Generally available

Frankfurt

Germany Northeast

Generally available

Magdeburg

France Central

Coming soon

Paris

France South

Coming soon

Marseille

Southeast Asia