Implementing Azure Solutions E-Book

Title Page

       BIRMINGHAM - MUMBAI

Copyright

Implementing Azure Solutions

Copyright © 2017 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

First published: May 2017

Production reference: 2170517

ISBN 978-1-78646-785-0

www.packtpub.com

Credits

Authors

Florian Klaffenbach Jan-Henrik Damaschke Oliver Michalski

Copy Editor

Madhusudan Uchil

Reviewers

Sebastian Durandeu

Rafael dos Santos

Project Coordinator

Virginia Dias

Commissioning Editor

Pratik Shah

Proofreader

Safis Editing

Acquisition Editor

Prachi Bisht

Indexer

Pratik Shirodkar

Content Development Editor

Amedh Gemraram Pohad

Graphics

 Kirk D'Penha

Technical Editor

Vishal Kamal Mewada

Production Coordinator

Shantanu Zagade

About the Authors

Florian Klaffenbach started in 2004 with his IT carrier as 1st and 2nd Level IT Support Technician and IT Salesman Trainee for a B2B online shop. After that, he changed to a small company working as IT Project Manager, planning, implementing, and integration from industrial plants and laundries into enterprise IT. After spending some years, he changed his path to Dell Germany. There he started from scratch as an Enterprise Technical Support Analyst and later worked on a project to start Dell Technical Communities and support over social Media in Europe and outside of the U.S. Currently he is working as a Solutions Architect and Consultant for Microsoft Infrastructure and Cloud and is specialized in Microsoft Hyper-V, Fileservices, System Center Virtual Machine Manager, and Microsoft Azure IaaS at msg services ag. In addition to his job, he is active as a Microsoft Blogger and Lecturer. He blogs for example on his own page Datacenter-Flo.de or Azure Community Germany. Together with a very good friend, he founded the Windows Server User Group Berlin to create network of Microsoft ITPros in Berlin. Florian maintains a very tight network for many vendors such as Cisco, Dell, or Microsoft and Communities. This helps him to grow his experience and to get the best solution for his customers. Since 2016, he is also Co-Chairman of the Azure Community Germany. In April 2016, Microsoft awarded Florian Microsoft Most Valuable Professional for Cloud and Datacenter Management.

Jan-Henrik Damaschke is an IT Consultant for Security, Network, and Infrastructure from Germany. He was MVP awarded in the categories of Enterprise Security, PowerShell, and AzureStack. PKI implementation and management is one of his core competencies as well as cloud-related security. He writes articles on security-related topics and is involved in many community events as a speaker as well as an organizer. He is passionate about sharing knowledge with others. For this purpose, he is member of the Microsoft Student Partner program and is engaged on forums and on other platforms. Currently, he is writing a book on Azure infrastructure solutions.

Oliver Michalski started in 1999 with his IT carrier as a Web Developer. Now, he is a Senior Software Engineer for Microsoft .NET and an SOA Architect. He also works as an Independent Enterprise Consultant in the field Microsoft Azure. When he started in 2011 with Microsoft Azure, there was no Azure Community on the German market. Therefore, Oliver founded the Azure Community Germany (ACD). Oliver is Chairman of the Azure Community Germany, and since April 2016 he has been a Microsoft Most Valuable Professional for Microsoft Azure.

About the Reviewers

Sebastian Durandeu is a senior software engineer with a primary focus on building applications and services for the Cloud using Microsoft technologies. He works at Southworks, a high-end software development company that helps businesses leverage the latest technologies. There he has worked closely with several Microsoft divisions helping the developer community adopt emerging technologies using recommended practices. Sebastian currently lives in Buenos Aires, Argentina where he is an active contributor in the developer community. He shares his knowledge via his Twitter (@sebadurandeu) and GitHub accounts (sdurandeu).

Rafael dos Santos Christian, Geysla’s husband, Ted’s father, Entrepreneur, Developer, Cloud specialist. 10 years experience developing and architecting web based solutions.

www.PacktPub.com

For support files and downloads related to your book, please visit www.PacktPub.com.

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.

h t t p s ://w w w . p a c k t p u b . c o m /m a p t

Get the most in-demand software skills with Mapt. Mapt gives you full access to all Packt books and video courses, as well as industry-leading tools to help you plan your personal development and advance your career.

Why subscribe?

Fully searchable across every book published by Packt

Copy and paste, print, and bookmark content

On demand and accessible via a web browser

Customer Feedback

Thanks for purchasing this Packt book. At Packt, quality is at the heart of our editorial process. To help us improve, please leave us an honest review on this book's Amazon page at h t t p s ://w w w . a m a z o n . c o m /d p /1786467852.

If you'd like to join our team of regular reviewers, you can e-mail us at [email protected]. We award our regular reviewers with free eBooks and videos in exchange for their valuable feedback. Help us be relentless in improving our products!

Table of Contents

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the color images of this book

Errata

Piracy

Questions

Getting Started with Azure Implementation

Service models

Deployment models

Cloud characteristics

Microsoft Azure

Azure services overview

Azure basics

Azure Resource Manager

Resources

Azure regions

Azure Portal

Azure automation

Azure Automation tools

REST APIs

Summary

Azure Resource Manager and Tools

Understanding the Azure resource manager

Functionalities provided by the Azure resource manager

Working with the Azure resource manager

Creating an Azure resource group

Adding a resource to an Azure resource group

First approach - adding a storage account to your Azure resource group

Second approach - adding a storage account to your Azure resource group

Third approach - adding a storage account to your Azure resource group

Tagging in the Azure resource manager

Locking Azure resources

Azure resource locks

Working with ARM templates

Exporting a deployment as an ARM template (for IT pros)

Example 1: exporting a resource group to an ARM template

Example 2: exporting a resource (from the deployment history) to an ARM template

Example 3: exporting a resource (classic) to an ARM template

Modifying an ARM template

Authoring an ARM template

Creating your own ARM template (for developers)

Azure resource explorer

Summary

Deploying and Synchronizing Azure Active Directory

Azure Active Directory

Azure Active Directory options

Azure AD free

Azure AD basic

Azure AD premium P1

Deploying a custom Azure AD

Adding accounts and groups to Azure AD

Azure AD Connect high available infrastructure

Summary

Implementing Azure Networks

Azure networking limits

Azure networking components

Azure virtual networks (VNet)

VNet peering

Azure VPN gateways

Azure local gateway

Azure ExpressRoute

Azure global Points of Presence

National Azure Points of Presence

Azure connections

Azure routes

Azure third-party network devices

Azure load balancer

Hash-based distribution

Port forwarding

Automatic reconfiguration

Service monitoring

Azure application gateways

Azure Traffic Manager

Azure DNS

Setting up Azure networks

Setting up Azure VNet

Setting up Azure virtual network site-to-site VPN

Configuring local network gateway

Configuring Azure virtual network gateway

Configuring connection between local and virtual network gateways

Setting up Azure virtual network with MPLS and ExpressRoute

Configuring Azure virtual network gateway

Configuring Azure ExpressRoute circuit

Configuring connection between ExpressRoute circuit and Azure virtual gateway

Setting up Azure VNet peering

Preparing the deployment

Configuring VNet peering

Configuring custom routes

Configuring third-party network appliances

Common Azure network architectures

Summary

Implementing and Securing Azure Storage Accounts

Storage accounts

General purpose Storage account

Blob Storage account

Replication and redundancy

Locally redundant storage

Zone-redundant storage

Geo-redundant storage

Read-access geo-redundant storage

Azure Storage services

Blob Storage services

Table storage services

Queue storage services

File storage services

Access keys

Exploring Azure Storage with Azure Storage Explorer

Premium Storage account

Premium storage requirements

Pricing

Summary

Planning and Deploying Virtual Machines in Azure

Azure virtual machine types

A-series virtual machines

D-series and DS-series virtual machines

F-series and FS-series virtual machines

G-series and GS-series virtual machines

H-series virtual machines

NV-series and NC-series virtual machines

NV virtual machines

NC virtual machines

Ls-series virtual machines

Virtual machine extensions

Managed Disks

Availability sets

Deploying a virtual machine in Azure

Accessing a virtual machine in Azure

Changing IP and DNS settings

Common scenarios for virtual machines

Optimization of Azure related communication traffic

On-demand usage for calculations

Disaster recovery for on-premises servers

Summary

Implementing Azure Cloud Services

What is an Azure Cloud Service?

Understanding the Cloud Service architecture

Roles

The service endpoint

Going deeper into the Cloud Services

Service Definition File

LoadBalancerProbes

WebRole

WorkerRole

NetworkTrafficRules

Service configuration file

Role

NetworkConfiguration

Azure Cloud Services versus other Azure PaaS offerings, such as Azure App Services

Selection of a Guest OS and an update level

Selection of an Azure series

series A

series D

series F

series G

series N

series H

In a nutshell

Creating your first Azure cloud service

Part 1

Part 2

Summary

Implementing Azure Container Service

What is an Azure Container Service?

Understanding containers

Cluster

Orchestrator

Mesosphere DC/OS

Docker swarm

Kubernetes

Creating your first Azure Container Service

How to work with your Azure container service cluster

Summary

Implementing Azure Security

Azure Identity Security

Azure Active Directory

Azure Active Directory editions

Privileged Identity Management

Identity protection

Detection of vulnerabilities and potential risky accounts

Investigation of potential suspicious events

Multi-factor authentication

Conditional access

Resource security

Role-based Access Control

Resource tags and policies

Azure network security

Network security groups

Priority

Source

Destination

Network virtual appliances

Azure Storage security

Key management

Shared access signatures

Service-level SAS

Account-level SAS

Storage Encryption

Storage account encryption

Azure disk encryption

Logging and monitoring

Azure Logs

Azure Security Center

Summary

Skill Wrap Up and Migration Scenario

On-premises infrastructure scenario

Background network infrastructure

Background information on Microsoft Active Directory

Background information on Microsoft Exchange Server

Background information on Microsoft SharePoint Server

Background information on Microsoft Skype for Business Server

Background information one document management system based on SMB shares

Background information on public website based on TYPO3 CMS

Background information on backup services

Background information on file servers

Customer requirements

Solution in Azure

Solution for a wide area network

Solution for point-to-site VPN and GeoIP/DNS

Solution for Azure LAN integration

Solution for identity and access management

Solution for SharePoint services

Solution for Exchange services

Solution for document management system

Solution for file services

Personal homeshares

No ACL shares

Classic shares

Solution for a public website with TYPO3 CMS

Solution for backup services

Summary

Azure Price Calculator

Azure TCO and RIO Calculator

Preface

Welcome to our book about implementing Azure solutions. Microsoft Azure is the cloud platform of Microsoft and offers you numerous services to host your existing application infrastructure, deliver services tailored to your individual needs, or even expand your on-premise applications. Azure integrates the cloud services you need to develop, test, implement, and manage your applications and allows you to focus on building great solutions without the need to worry about how the physical infrastructure is assembled.

A very complex field of work and, therefore, the question arises immediately is this: where should I start? Unfortunately, we cannot answer this question, but we can show you the way so that you may find your own answer.

This book provides you with complete solutions that you can follow to learn how to create VMs, virtual networks, storage accounts, and so on as well as best-practice guidance of our consulting work to help you get the most out of your Azure experience. We hope this is a healthy mixture, but are always open to suggestions.

You can send us your feedback at h t t p s ://w a z c o m m u n i t y . w o r d p r e s s . c o m /f e e d b a c k /.

What this book covers

Chapter 1, Getting Started with Azure Implementation, provides an overview of cloud service models, cloud deployment models, cloud characteristics, and Azure services.

Chapter 2, Azure Resource Manager and Tools, explains all about the Azure Resource Manager and its concepts (Azure Resource Groups, Azure Resource Tags, and Locks). You will also get an introduction to working with the ARM Templates area.

Chapter 3, Deploying and Synchronizing Azure Active Directory, gives you an overview of the deployment, management, and functionalities of Azure Active Directory and its relation to a Microsoft Azure subscription.

Chapter 4, Implementing Azure Networks, explains how networking in Azure works, how to plan Azure network components, and how to deploy different network components within Azure.

Chapter 5, Implementing and Securing Azure Storage Accounts, explains all about Azure Storage Management and its concepts (BLOBs, tables, queues, and files). You will also get some basic storage configurations.

Chapter 6, Planning and Deploying Virtual Machines in Azure, demonstrates the difference between the Azure virtual machine types, the common use cases for the different types, and how to deploy virtual machines.

Chapter 7, Implementing Azure Cloud Services, explains all about Azure Cloud Services, the Cloud Service architecture, Azure Cloud Services versus Azure App Services, and how to create your first Cloud Service.

Chapter 8, Implementing Azure Container Service, provides basic knowledge about the Azure Container Service area and how to create your first container service. You will also learn the necessary steps to work with the service afterward.

Chapter 9, Implementing Azure Security, explains all about Azure security concepts (identity management with Azure AD, Role-based Access Control (RBAC), and Azure Storage security) and the Azure Security Center.

Chapter 10, Skill Wrap Up and Migration Scenario, provides a basic overview of how classical applications and services can be placed in the Microsoft Cloud ecosystem and which tools can be used for the migration. This chapter is based on a common use case and migration scenario.

What you need for this book

Learning from a book only works if you have the opportunity to implement what you have learned in practice. That's why you need an Azure subscription. To do this at no cost, you can use a free Azure trial from h t t p s ://a z u r e . m i c r o s o f t . c o m /e n - u s /f r e e /.

To understand parts of the book, you also need an installation of Visual Studio. You can use any edition of Visual Studio. To avoid unnecessary costs, I recommend using the free Visual Studio Community Edition from h t t p s ://w w w . v i s u a l s t u d i o . c o m /d o w n l o a d s /.

Who this book is for

This book focuses on providing essential information about the implementation of Azure solutions to software architects, developers, and IT professionals. The technical information will be offered to you in an intermediate and expert level.

Basic knowledge is not necessary, but it is useful for a better understanding of the text. Therefore, some knowledge of programming languages is recommended.

Conventions

In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.

Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "The current project consists of three artifacts in two solution folders,TemplatesandScripts."

A block of code is set as follows:

"parameters": { "storageAccountName": { "type": "string", "metadata": { "description": "Storage Account Name" } } }

Any command-line input or output is written as follows:

Resize-AzureVNetGateway -GatewaySKU Basic -VnetName DCF-ANE-GW01

New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "In the portal, click on New, then click on Data + Storage, and then click on Storage account."

Reader feedback

Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.

To send us general feedback, simply e-mail [email protected], and mention the book's title in the subject of your message.

If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.

Customer support

Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.

Downloading the color images of this book

We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from h t t p ://w w w . p a c k t p u b . c o m /s i t e s /d e f a u l t /f i l e s /d o w n l o a d s /I m p l e m e n t i n g A z u r e S o l u t i o n s _ C o l o r I m a g e s . p d f.

Errata

Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting h t t p ://w w w . p a c k t p u b . c o m /s u b m i t - e r r a t a, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.

To view the previously submitted errata, go to h t t p s ://w w w . p a c k t p u b . c o m /b o o k s /c o n t e n t /s u p p o r t  and enter the name of the book in the search field. The required information will appear under the Errata section.

Piracy

Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.

Please contact us at [email protected] with a link to the suspected pirated material.

We appreciate your help in protecting our authors and our ability to bring you valuable content.

Questions

If you have a problem with any aspect of this book, you can contact us at [email protected], and we will do our best to address the problem.

Getting Started with Azure Implementation

Cloud services have come a long way in the last 5 to 10 years. Cloud was and still is one of the biggest trends in Information Technology (IT), with new topics still to be discovered.

In the early 2000s, cloud computing wasn't a widely used phrase, but the concept as well as data centers with massive computing power were already existent and used. Later in that decade, the word cloud became a buzzword for nearly anything that was not tangible or online. But the real rise of cloud computing with all its different service models happened before, when the big IT companies started their cloud offers. That was Amazon, Google, and Microsoft in particular. As the cloud offers developed, they enabled companies from startups to Fortune 500s to use cloud services, from web services to virtual machines with billing exact to the minute.

In this chapter, we'll explore the following topics:

Cloud service models

Cloud deployment models

Cloud characteristics

Azure services overview

Service models

Cloud computing the new trend model for enabling workloads, that use resources from a a normally extreme huge resource pool, that is operated by a cloud service provider. These resources include servers, storage, network resources, applications, services or even functions. These can be rapidly deployed, operated and automated with a low effort and the prices are calculated on a minute base. This cloud model is composed of five essential characteristics, three service models, and four deployment models.

Cloud offers are mainly categorized into the following service models:

Infrastructure as a Service

(

IaaS

): Infrastructure as a Service describes a model in which the cloud provider gives the consumer the possibility to create and configure resources from the computing layer upwards. This includes virtual machines, networks, appliances, and many other infrastructure-related resources:

The most popular IaaS resources in Azure contain virtual machines, virtual networks (internal and external), container services and storage.

Platform as a Service

(

PaaS

): Platform as a Service gives the consumer an environment from the operating system upwards. So, the consumer is not responsible for the underlying IaaS infrastructure. Examples are operating systems, databases, or development frameworks:

Microsoft Azure contains many PaaS resources such as SQL databases, Azure app services, or cloud services.

Software as a Service

(

SaaS

): Software as a Service is the model with the lowest levels of control and required management. A SaaS application is reachable from multiple clients and consumers, and the owning consumer doesn't have any control over the backend, except for some application related management tasks.

Examples of SaaS applications are Office 365, Visual Studio Online, Outlook website, OneDrive, and even the Amazon website itself is a SaaS app with Amazon as its own consumer.

A comparison of service model responsibilities is as follows:

Deployment models

Furthermore, there are a number of deployment models for cloud computing that need to be discussed. These deployment models cover nearly all common cloud computing provider scenarios. They describe the group of consumers that are able to use the services of the cloud service, rather than the institution or the underlying infrastructure:

Public Cloud

: A Public Cloud describes a cloud computing offer that can be accessed by the public. This includes individuals as well as companies.

Examples of a Public Cloud are Microsoft Azure and Amazon AWS.

Community Cloud

: A Community Cloud is only accessible by a specified group. These are, for example, connected by location, an organization membership, or by reasons of compliance.

Examples of a Community Cloud are Microsoft Azure Germany (location) or Microsoft Azure Government (organization and compliance) for US Government authorities.

Private Cloud

: Private Cloud describes an environment/infrastructure built and operated by a single organization for internal use. These offers are specifically designed for the different units in the organization.

Examples are Microsoft

Windows Azure Pack

(

WAP

) or Microsoft Azure Stack, as well as OpenStack, if they are used for internal deployments.

Hybrid Cloud

: The Hybrid Cloud combines the Private and Public Clouds. It is defined as a Private Cloud environment at the consumer's premises as well as Public Cloud infrastructure that the consumer uses. These structures are generally connected by site-to-site VPNs or

Multiprotocol Label Switching

(

MPLS

). A Hybrid Cloud could also exist as combination of any other models such as Community and Public Clouds.

Examples are Azure VMs connected to an on-premises infrastructure via ExpressRoute or site-to-site VPN.

Below is a comparison between a related example, in this case between Azure (Public Cloud) and Azure Pack (Private Cloud):

Cloud characteristics

Microsoft Azure is one of the biggest cloud service providers worldwide, offering a wide range of services from IaaS to PaaS to SaaS. It fulfills all the characteristics that the National Institute of Standards and Technology (NIST) describes for cloud computing. These are as follows:

On-demand self-service

: An automated deployment of resources that a consumer orders through an interface such as a consumer portal.

Broad network access

: Providing availability of cloud services through a standardized network interface that are, at best, accessible by several endpoint devices.

Resource pooling

: This means that the automated assignment and reassignment of diverse resources from various resource pools for individual customers is possible.

Rapid elasticity

: It is also known as rapid scaling, and describes the ability to scale resources in a massive way. The automatic and fast assignment and reassignment of resources, and rapid up- and down-scaling of single instances are keywords when talking about

rapid elasticity

. The adjustment of web server resources depending on the demand is an example of rapid elasticity.

Measured service

: All usage data for consumer resources is monitored and reported to be available for consumers and the cloud provider. This is one of the requirements for minute-based billing.

Microsoft Azure

When Windows Azure came online to the general public in February 2010 there were solely database services, websites, and virtual machine hosting available. Over time, Microsoft constantly added features and new services to Azure, and, as there were more and more offers for Linux and other non-Windows services, Microsoft decided in April 2014 to rename Windows Azure as Microsoft Azure. This supported Microsoft's commitment to transform itself into a services company, which means that, in order to be successful, you have to offer as many services as possible to as many clients as possible. Since then, Microsoft has constantly improved and released new services. Additionally, it constantly builds and expand its data centers all over the world.

Azure services overview

Azure offers many services in its cloud computing platform. These services include the following:

The service categories, differentiated between platform services and infrastructure services, are as follows:

Platform Services

:

Management

: The management services include the management portal, the marketplace with the services gallery, and the components to automate things in Azure.

Services compute

: Services compute are the Azure cloud services that are basically PaaS offers for developers to quickly build and deploy highly scalable applications. The service fabric and Azure RemoteApp are also in this category.

Security

: Containing all the services that provide identity in Azure, such as the Azure Active Directory, multi-factor authentication, and the key vault that is a safe place for your certificates.

Integration

: The integration services include interface services such as BizTalk and Azure Service Bus, but also message helpers such as storage queues.

Media and CDN

: These are basically two services. One is the CDN that makes it possible to build your own content delivery network based on Azure. The other is the media services that make it very easy to use and process different media with the help of Azure.

Web and mobile

: These include all the services that assist in creating apps or backend services for web and mobile; for example, web apps and API apps.

Developer services

: These are cloud-based development tools for version control, collaboration, and other development-related tasks. The Azure SDK is a part of the developer services.

Data

: The data services contain all the different database types that you can deploy in Azure (SQL, DocumentDB, MongoDB, Table storage and so on) and diverse tools to configure them.

Analytics and IoT

: As the name suggests, analytics services are tools to analyze and process data. This offers a broad range of possibilities from machine learning to stream analytics. These can, but don't have to, build on certain data services.

Internet of Things

(

IoT

) services include the fundamental tools needed to work with devices used for the IoT such as the Raspberry Pi 2.

Hybrid operations

: This category sums up all the remaining services that could not clearly be categorized. These include backup, monitoring, and disaster recovery as well as many others.

Infrastructure services

:

Operating system and server compute

: This category consists of compute containers. It includes virtual machine containers and, additionally, the container services that are quite new to the product range.

Storage

: Storage services are the two main storage types:

BLOB

and

file storage

. They have different pricing tiers depending on the speed and latency of the storage ordered. Storage is looked at in detail in

Chapter 6

,

Planning and Deploying Virtual Machines in Azure

.

Networking

: This category consists of the basic networking resources. Examples are Load Balancer, ExpressRoute, and VPN Gateways.

The important thing is to remember that we are talking about a rapidly changing and very agile cloud computing platform. After this chapter, if you have not already done so, you should start using Azure by experimenting, exploring, and implementing your solutions, while reading the correlating chapters.

For testing purposes, you should use the Azure Free Trial (https://azure.microsoft.com/en-in/offers/ms-azr-0044p/‎), Visual Studio Dev Essentials (https://www.visualstudio.com/dev-essentials/) or the included Azure amount from a MSDN subscription.

Azure basics

In the following section, we will take a look at the basic Microsoft Azure key concepts. This should provide an overview and an idea of how to use Azure.

Azure Resource Manager

In the previous major version of Azure, a deployment backend model called Azure Service Manager (ASM) was used. With higher demand on scaling, being more flexible and more standardized a new model called the ARM was introduced and is now the standard way of using Azure.

This includes a new portal, a new way of looking at things as resources and a standardized API that every tool, including the Azure portal, that interacts with Azure uses.

With this API and architectural changes, it's possible to use such things as Azure Resource Manager templates for any size of deployment. ARM templates are written in JavaScript Object Notation (JSON) and are a convenient way to define one or more resources and their relationship to another programmatically. This structure is then deployed to a resource group. With this deployment model, it’s possible to define dependencies between resources as well as being able to deploy the exact same architecture again and again. The next part will dive a little deeper into resources.

Resources

Azure resources are the key to every service offering in Azure. Resources are the smallest building blocks and represent a single technical entity like a VM, a Network Interface Card, a storage account, database or a website.

When deploying a web app, a resource called App service will be deployed along with a service plan for billing.

When deploying a Virtual Machine from Azure Marketplace template a VM resource will be created as well as a storage account resource holding the virtual hard disks, a Public IP Address resource for initial access to the VM, a Network Interface card and a Virtual Network resource.