Windows Azure Essential, Essays (university) of Computer Science

Download Windows Azure Essential and more Essays (university) Computer Science in PDF only on Docsity!

Fundamentals

of Azure

Second Edition

Microsoft Azure Essentials

Michael Collier

Robin Shahan

PUBLISHED BY

Microsoft Press A division of Microsoft Corporation One Microsoft Way Redmond, Washington 98052- 6399 Copyright © 2016 by Michael Collier, Robin Shahan All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher. ISBN: 978 - 1 - 5093 - 0296 - 3 Microsoft Press books are available through booksellers and distributors worldwide. If you need support related to this book, email Microsoft Press Support at mspinput@microsoft.com. Please tell us what you think of this book at http://aka.ms/tellpress. This book is provided “as-is” and expresses the author’s views and opinions. The views, opinions and information expressed in this book, including URL and other Internet website references, may change without notice. Some examples depicted herein are provided for illustration only and are fictitious. No real association or connection is intended or should be inferred. Microsoft and the trademarks listed at http://www.microsoft.com on the “Trademarks” webpage are trademarks of the Microsoft group of companies. All other marks are property of their respective owners. Acquisitions Editor: Devon Musgrave Developmental Editor: Carol Dillingham Editorial Production: Cohesion Copyeditor: Ann Weaver Cover: Twist Creative • Seattle

- Hundreds of titles available – Books, eBooks, and

online resources from industry experts

**- Free U.S. shipping

• eBooks in multiple formats** – Read on your computer,

tablet, mobile device, or e-reader

**- Print & eBook Best Value Packs

• eBook Deal of the Week** – Save

up to 60% on featured titles

- Newsletter and special offers - Be the first to hear about new

releases, specials, and more

- Register your book – Get

additional benefits

microsoftpressstore.com Visit us today at

i Contents Contents Introduction............................................................................................................................................... vii Who should read this book ............................................................................................................................................... vii Assumptions ........................................................................................................................................................................ vii This book might not be for you if… ............................................................................................................................... viii Organization of this book ................................................................................................................................................. viii Conventions and features in this book .......................................................................................................................... ix System requirements............................................................................................................................................................. ix Downloads .................................................................................................................................................................................. x Using the code samples ................................................................................................................................................... x Acknowledgments ................................................................................................................................................................... x Errata, updates, & support .................................................................................................................................................. xi Free ebooks from Microsoft Press ................................................................................................................................... xi We want to hear from you .................................................................................................................................................. xi Stay in touch ............................................................................................................................................................................. xi Chapter 1: Getting started with Microsoft Azure .................................................................................. 1 What is Azure? .......................................................................................................................................................................... 2 Overview of cloud computing........................................................................................................................................ 2 Cloud offering ...................................................................................................................................................................... 3 Azure services ....................................................................................................................................................................... 4 The new world: Azure Resource Manager ..................................................................................................................... 4 What is it?............................................................................................................................................................................... 4 Why use Resource Manager? ......................................................................................................................................... 5 Maximize the benefits of using Resource Manager .............................................................................................. 6 Resource group tips ........................................................................................................................................................... 6 Tips for using Resource Manager templates ........................................................................................................... 7 The classic deployment model ........................................................................................................................................... 8 PowerShell changes for the Resource Manager and classic deployment models ......................................... 9 Role-Based Access Control .................................................................................................................................................. 9 What is it?............................................................................................................................................................................... 9 Roles ...................................................................................................................................................................................... 10 Custom roles ...................................................................................................................................................................... 11 The Azure portal .................................................................................................................................................................... 11

 - Dashboard and hub - Creating and viewing resources 

• Subscription management and billing
  • Available subscriptions
  • Share administrative privileges for your Azure subscription
  • Pricing calculator
  • Viewing billing in the Azure portal............................................................................................................................
  • Azure Billing APIs
• Azure documentation and samples
  • Documentation
  • Samples
• Chapter 2: Azure App Service and Web Apps
  • App Service and App Service plans
    • What is an App Service?
    • So what is an App Service plan?
    • How does this help you?
    • How to create an App Service plan in the Azure portal
  • Creating and deploying Web Apps
    • What is a Web App?........................................................................................................................................................
    • Options for creating Web Apps
    • Demo: Create a web app by using the Azure Marketplace
    • Demo: Create an ASP.NET website in Visual Studio and deploy it as a web app
  • Configuring, scaling, and monitoring Web Apps
    • Configuring Web Apps
    • Monitoring Web Apps
    • Scaling Web Apps
• Chapter 3: Azure Virtual Machines
  • What is Azure Virtual Machines?
    • Billing
    • Service level agreement
  • Virtual machine models......................................................................................................................................................
    • Azure Resource Manager model
    • Classic/Azure Service Management model
  • Virtual machine components
    • Virtual machine
    • Disks
    • Virtual Network
    • Availability set....................................................................................................................................................................
  • Create virtual machines iii Contents
    • Create a virtual machine with the Azure portal
    • Create a virtual machine with a template
  • Connecting to a virtual machine.....................................................................................................................................
    • Remotely access a virtual machine
    • Network connectivity
  • Configuring and managing a virtual machine...........................................................................................................
    • Disks
    • Fault domains and update domains
    • Image capture
  • Scaling Azure Virtual Machines
    • Resource Manager virtual machines
    • Classic virtual machines
• Chapter 4: Azure Storage
  • Storage accounts
    • General-purpose storage accounts.........................................................................................................................
    • Blob storage accounts
  • Storage services...................................................................................................................................................................
    • Blob storage
    • File storage
    • Table storage
    • Queue storage
  • Redundancy
  • Security and Azure Storage
    • Securing your storage account
    • Securing access to your data
    • Securing your data in transit
    • Encryption at rest
    • Using Storage Analytics to audit access
    • Using Cross-Origin Resource Sharing (CORS)
  • Creating and managing storage
    • Create a storage account using the Azure portal
    • Create a container and upload blobs using Visual Studio Cloud Explorer
    • Create a file share and upload files using the Azure portal
    • Create a table and add records using the Visual Studio Cloud Explorer
    • Create a storage account using PowerShell
    • Create a container and upload blobs using PowerShell.................................................................................
    • Create a file share and upload files using PowerShell.....................................................................................
  • AzCopy: A very useful tool iv Contents
  • The Azure Data Movement Library
• Chapter 5: Azure Virtual Networks
  • What is a virtual network (VNet)?
    • Overview
    • Definitions
    • Creating a virtual network
    • Creating a virtual network using the Azure portal
    • Creating a virtual network using a Resource Manager template
  • Network Security Groups
  • Cross-premises connection options
    • Site-to-site connectivity
    • Point-to-site connectivity
    • Comparing site-to-site and point-to-site connectivity
    • Private site-to-site connectivity (ExpressRoute).................................................................................................
  • Point-to-site network
    • Overview of setup process
    • Configuring point-to-site VPN
• Chapter 6: Databases..............................................................................................................................
  • Azure SQL Database
    • Administration
    • Billing
    • Business continuity
  • Applications connecting to SQL Database
  • SQL Server in Azure Virtual Machines
    • Billing
    • Virtual machine configuration
    • Business continuity
  • Comparing SQL Database with SQL Server in Azure Virtual Machines
  • Database alternatives
    • MySQL
    • NoSQL options
• Chapter 7: Azure Active Directory........................................................................................................
  • Overview of Azure Active Directory
    • What is Azure Active Directory?
    • Active Directory editions
  • Creating a directory
    • Custom domains
    • Delete a directory v Contents
  • Users and groups
    • Add users...........................................................................................................................................................................
    • Add groups
    • Azure Multi-Factor Authentication
  • Application gallery
    • Adding gallery applications
    • Assigning users to applications
    • MyApps
• Chapter 8: Management tools
  • Management tools overview
  • Visual Studio 2015 and the Azure SDK
    • Install the Azure SDK
    • Manage resources with Cloud Explorer
    • Create an Azure resource............................................................................................................................................
  • Windows PowerShell
    • Azure PowerShell cmdlet installation
    • Connecting to Azure
  • Cross-platform command-line interface
    • Installation
    • Connecting to Azure
    • Usage
• Chapter 9: Additional Azure services
  • Some other Azure services we think you should know about
    • Azure Service Fabric
    • Cloud Services
    • Azure Container Service
    • DocumentDB
    • Azure Redis Cache
    • Azure HDInsight
    • Azure Search
    • Azure Service Bus
    • Azure Event Hubs
    • Azure Notification Hubs
    • Azure Media Services
    • Azure Backup
    • Azure Site Recovery
    • Azure Key Vault
  • More Azure services vi Contents
• Chapter 10: Business cases
  • Development and test scenarios
  • Hybrid scenarios
    • Network connectivity
    • Internet connectivity
  • Application and infrastructure modernization and migration
  • Azure Mobile Apps
  • Machine learning
• About the authors

vii Contents Introduction Microsoft Azure is Microsoft's cloud computing platform, providing a wide variety of services you can use without purchasing and provisioning your own hardware. Azure enables the rapid development of solutions and provides the resources to accomplish tasks that may not be feasible in an on-premises environment. Azure's compute, storage, network, and application services allow you to focus on building great solutions without the need to worry about how the physical infrastructure is assembled. This book covers the fundamentals of Azure you need to start developing solutions right away. It concentrates on the features of the Azure platform that you are most likely to need to know rather than on every feature and service available on the platform. This book also provides several walkthroughs you can follow to learn how to create VMs and virtual networks, websites and storage accounts, and so on. In many cases, real-world tips are included to help you get the most out of your Azure experience. In addition to its coverage of core Azure services, the book discusses common tools useful in creating and managing Azure-based solutions. The book wraps up by providing details on a few common business scenarios where Azure can provide compelling and valuable solutions, as well as a chapter providing overviews of some of the commonly used services not covered in the book. Who should read this book This book focuses on providing essential information about the key services of Azure for developers and IT professionals who are new to cloud computing. Detailed, step-by-step demonstrations are included to help the reader understand how to get started with each of the key services. This material is useful not only for those who have no prior experience with Azure, but also for those who need a refresher and those who may be familiar with one area but not others. Each chapter is standalone; there is no requirement that you perform the hands-on demonstrations from previous chapters to understand any particular chapter.

Assumptions

We expect that you have at least a minimal understanding of virtualized environments and virtual machines. There are no specific skills required overall for this book, but having some knowledge of the topic of each chapter will help you gain a deeper understanding. For example, the chapter on virtual networks will make more sense if you have some understanding of networking, and the chapter on databases will be more useful if you understand what a database is and why you might use one. Web development skills will provide a good background for understanding Azure Web Apps, and some understanding of identity will be helpful when studying the chapter on Active Directory.

ix Contents Conventions and features in this book This book presents information using conventions designed to make the information readable and easy to follow:

 To create specific Azure resources, follow the numbered steps listing each action you must take to

complete the exercise.

 There are currently two management portals for Azure: the Azure portal at

https://portal.azure.com and the Azure classic portal at http://manage.windowsazure.com. In most cases, the book uses the Azure portal, but the Azure classic portal may be used for those features that have not been migrated to the newer portal yet, such as Azure Active Directory.

 Boxed elements with labels such as “Note” or "See Also" provide additional information.

 A plus sign (+) between two key names means that you must press those keys at the same time.

For example, “Press Alt+Tab” means that you hold down the Alt key while you press Tab.

 A right angle bracket between two or more menu items (e.g., File Browse > Virtual Machines)

means that you should select the first menu or menu item, then the next, and so on. System requirements For many of the examples in this book, you need only Internet access and a browser (Internet Explorer 10 or higher) to access the Azure portals. Chapter 2, "Azure App Service and Web Apps," and Chapter 4, "Azure Storage," use Visual Studio to show concepts used in developing applications for Azure. For these examples, you will need Visual Studio. The system requirements are:

 Windows 7 Service Pack 1, Windows 8, Windows 8.1, Windows 10, Windows Server 2008 R2 SP1,

Windows Server 2012, or Windows Server 2012 R

 Computer that has a 1.6GHz or faster processor (2GHz recommended)

 1 GB (32 Bit) or 2 GB (64 Bit) RAM (Add 512 MB if running in a virtual machine)

 4 GB of available hard disk space

 5400 RPM hard disk drive

 DirectX 9 capable video card running at 1024 x 768 or higher-resolution display

 DVD-ROM drive (if installing Visual Studio from DVD)

 Internet connection

After installing Visual Studio, you must also install the Azure Tools and SDK for the language of your choice from https://azure.microsoft.com/tools/. The system requirements for the Azure SDK that are not included in the Visual Studio system requirements are as follows:

 IIS7 with ASP.NET and WCF HTTP Activation, Static Content, IIS Management Console, and HTTP

Redirection

 Web Deployment Tools 2.1 or up

x Contents

 Internet Explorer 10 or higher

Depending on your Windows configuration, you might require Local Administrator rights to install or configure Visual Studio 201 5. Downloads Some of the chapters in this book include exercises that let you interactively try out new material learned in the main text. Chapter 4, “Azure Storage,” has PowerShell scripts; Chapter 5, “Virtual Networks,” has PowerShell scripts and a Resource Manager template. These can be downloaded from the following page: https://aka.ms/FundAzure2e/downloads Follow the instructions on the target page to download the code sample files. Note To use the PowerShell scripts, you need to have Azure PowerShell installed. This article explains how to install and configure Azure PowerShell: https://azure.microsoft.com/documentation/articles/powershell-install-configure/.

Using the code samples

The code samples are stored within a unique .ZIP file, “FundAzure2E.ZIP,” which can be downloaded to your computer and unzipped so that you can use them with the exercises in this book.

 Samples for Chapter 4, “Azure Storage,” are in the Chapter4_PowerShellScripts folder in the ZIP

file. This includes the PowerShell scripts for both Blob storage and File Storage. You can open, edit, and run these using the PowerShell ISE.

 Samples for Chapter 5, “Azure Virtual Networks,” are in the folder

“Chapter5_PowerShellScripts_And_Templates.” This includes both the Resource Manager templates used to create and modify a virtual network and the PowerShell script used to create a point-to-site VPN Network. To use the Resource Manager templates, please follow the instructions provided in the chapter. You can open, edit, and run the PowerShell script with PowerShell ISE. Acknowledgments The Azure community is made up of many people bound together by this one technology. We are honored to be members of this community, and we thank you for your help and support. We would like to especially thank Neil Mackenzie, Mike Wood, and Mike Martin, as well as Byron Tardif, Ashwin Kamath, and Rajesh Ramabathiran from the Azure App Service team for their detailed technical reviews and feedback. All of them provided additional insights that greatly enhanced the overall quality and value of this book. Special thanks to the team at Microsoft Press for their unwavering support and guidance on this journey. It was a pleasure to work with our editors, Devon Musgrave and Carol Dillingham. Thanks to Chris Norton for helping us through the final edit cycles. Most importantly, we are profoundly grateful to our families and friends for their love, encouragement, and patience. Many nights and weekends were sacrificed in the writing of this book.

1 CH A PTER 1 | Getting started with Microsoft Azure C H A P T E R (^1) Getting started with Microsoft Azure

The purpose of this ebook is to help you understand the fundamentals of

Microsoft Azure so you can hit the ground running when you start using it.

With an Azure account, you can work through the demos in this book and

use them as hands-on labs. If you don’t have an Azure account, you can

sign up for a free trial at azure.microsoft.com. If you have an MSDN

subscription, you can activate the included Azure benefits and use the

associated monthly credit. You can also check out Purchase Options at

https://azure.microsoft.com/pricing/purchase-options/ and Member Offers

at https://azure.microsoft.com/pricing/member-offers/ (for members of

MSDN, the Microsoft Partner Network, BizSpark, and other Microsoft

programs).

2 CH A PTER 1 | Getting started with Microsoft Azure What is Azure? The following will give an overview of Azure, which is Microsoft’s cloud computing platform.

Overview of cloud computing

Cloud computing provides a modern alternative to the traditional on-premises datacenter. A public cloud vendor is completely responsible for hardware purchase and maintenance and provides a wide variety of platform services that you can use. You lease whatever hardware and software services you require on an as-needed basis, thereby converting what had been a capital expense for hardware purchase into an operational expense. It also allows you to lease access to hardware and software resources that would be too expensive to purchase. Although you are limited to the hardware provided by the cloud vendor, you only have to pay for it when you use it. Cloud environments provide an online portal experience, making it easy for users to manage compute, storage, network, and application resources. For example, in the Azure portal, a user can create a virtual machine (VM) configuration specifying the following: the VM size (with regard to CPU, RAM, and local disks), the operating system, any predeployed software, the network configuration, and the location of the VM. The user then can deploy the VM based on that configuration and within a few minutes access the deployed VM. This quick deployment compares favorably with the previous mechanism for deploying a physical machine, which could take weeks just for the procurement cycle. In addition to the public cloud just described, there are private and hybrid clouds. In a private cloud, you create a cloud environment in your own datacenter and provide self-service access to compute resources to users in your organization. This offers a simulation of a public cloud to your users, but you remain completely responsible for the purchase and maintenance of the hardware and software services you provide. A hybrid cloud integrates public and private clouds, allowing you to host workloads in the most appropriate location. For example, you could host a high-scale website in the public cloud and link it to a highly secure database hosted in your private cloud (or on-premises datacenter). Microsoft provides support for public, private, and hybrid clouds. Microsoft Azure, the focus of this book, is a public cloud. Microsoft Azure Stack is an add-on to Windows Server 2016 that allows you to deploy many core Azure services in your own datacenter and provides a self-service portal experience to your users. You can integrate these into a hybrid cloud through the use of a virtual private network.

Comparison of on-premises versus Azure

With an on-premises infrastructure, you have complete control over the hardware and software that you deploy. Historically, this has led to hardware procurement decisions focused on scaling up; that is, purchasing a server with more cores to satisfy a performance need. With Azure, you can deploy only the hardware provided by Microsoft. This leads to a focus on scale-out through the deployment of additional compute nodes to satisfy a performance need. Although this has consequences for the design of an appropriate software architecture, there is now ample proof that the scale-out of commodity hardware is significantly more cost-effective than scale-up through expensive hardware. Microsoft has deployed Azure datacenters in over 22 regions around the globe from Melbourne to Amsterdam and Sao Paulo to Singapore. Additionally, Microsoft has an arrangement with 21Vianet, making Azure available in two regions in China. Microsoft has also announced the deployment of Azure to another eight regions. Only the largest global enterprises are able to deploy datacenters in this manner, so using Azure makes it easy for enterprises of any size to deploy their services close to their customers, wherever they are in the world. And you can do that without ever leaving your office.

4 CH A PTER 1 | Getting started with Microsoft Azure running Windows or Linux and install anything you want on it. Azure provides the ability to set up virtual networks, load balancers, and storage and to use many other services that run on its infrastructure. You don’t have control over the hardware or virtualization software, but you do have control over almost everything else. In fact, unlike PaaS, you are completely responsible for it. Azure Virtual Machines, the Azure IaaS offering, is a popular choice when migrating services to Azure because it enables the “lift and shift” model for migration. You can configure a VM similar to the infrastructure currently running your services in your datacenter and migrate your software to the new VM. You might need to make tweaks, such as URLs to other services or storage, but many applications can be migrated in this manner. Azure VM Scale Sets (VMSS) is built on top of Azure Virtual Machines and provides an easy way to deploy clusters of identical VMs. VMSS also supports autoscaling so that new VMs can be deployed automatically when required. This makes VMSS an ideal platform to host higher-level microservice compute clusters such as for Azure Service Fabric and the Azure Container Service.

Azure services

Azure includes many services in its cloud computing platform. Let’s talk about a few of them.

 Compute services This includes the Azure Virtual Machines—both Linux and Windows, Cloud

Services, App Services (Web Apps, Mobile Apps, Logic Apps, API Apps, and Function Apps), Batch (for large-scale parallel and batch compute jobs), RemoteApp, Service Fabric, and the Azure Container Service.

 Data services This includes Microsoft Azure Storage (comprised of the Blob, Queue, Table, and

Azure Files services), Azure SQL Database, DocumentDB, StorSimple, and the Redis Cache.

 Application services This includes services that you can use to help build and operate your

applications, such as Azure Active Directory (Azure AD), Service Bus for connecting distributed systems, HDInsight for processing big data, Azure Scheduler, and Azure Media Services.

 Network services This includes Azure features such as Virtual Networks, ExpressRoute, Azure

DNS, Azure Traffic Manager, and the Azure Content Delivery Network. When migrating an application, it is worthwhile to have some understanding of the different services available in Azure because you might be able to use them to simplify the migration of your application and improve its robustness. It is impossible for us to cover everything in this book, but there are some services we felt you should know about. Chapter 9, “Additional Azure services,” provides a list of these services and a brief description of each of them. The new world: Azure Resource Manager The Azure Resource Manager is the new methodology for deploying resources.

What is it?

Since it went into public preview, the Azure Service Management (ASM) deployment model has been used to deploy services. In the Azure portal, services managed with ASM are referred to as classic. In 2015, Microsoft introduced the Resource Manager deployment model as a modern, more functional replacement for ASM. The Resource Manager deployment model is recommended for all new Azure workloads.

5 CH A PTER 1 | Getting started with Microsoft Azure These deployment models are often referred to as control planes because they are used to control services, not just to deploy them. This is different from a data plane, which manages the data used by a service. Typically, your running Azure infrastructure will contain many resources, but some of the resources will be related to one another in some way, such as all being the component services required to run a web application. For example, you might have two VMs running the web application, using a database to store data, and residing in the same virtual network. With Resource Manager, you deploy these assets into the same resource group and manage and monitor them together. You can deploy, update, or delete all of the resources in a resource group in one operation. In this example, the resource group would contain the following:

 VM

 VM

 Virtual network

 Storage account

 Azure SQL Database

You can also create a template that precisely defines all the Resource Manager resources in a deployment. You can then deploy this Resource Manager template into a resource group as a single control-plane operation, with Resource Manager in Azure ensuring that resources are deployed correctly. After deployment, Resource Manager provides security, auditing, and tagging features to help you manage your resources.

Why use Resource Manager?

There are several advantages to using Resource Manager. The deployment is faster because resources can be deployed in parallel rather than sequentially as they are in ASM. The Resource Manager model enables each service to have its own service provider, and they can update it as needed independently of the other services. Azure Storage has its own service provider, VMs have their own service provider, and so on. With the ASM model, all services had to be updated at one time, so if one service was finished and the rest were not, the one that was ready had to wait on the others before it could be released. Here are some of the other major advantages to the Resource Manager model:

 Deployment using templates

 You can create a reusable (JSON) template that can be used to deploy all of the resources for

a specific solution in one fell swoop. You no longer have to create a VM in the portal, wait for it to finish, then create the next VM, and so on.

 You can use the template to redeploy the same resources repeatedly. For example, you may

set up the resources in a test environment and find that it doesn’t fit your needs. You can delete the resource group, which removes all of the resources for you, then tweak your template and try again. If you only want to make changes to the resources deployed, you can just change the template and deploy it again, and Resource Manager will change the resources to conform to the new template.

 You can take that template and easily re-create multiple versions of your infrastructure, such

as staging and production. You can parameterize fields such as the VM name, network name, storage account name, etc., and load the template repeatedly, using different parameters.