Implementing Azure Solutions
()
About this ebook
- Confidently configure, deploy, and manage cloud services and virtual machines
- Implement a highly-secured environment and respond to threats with increased visibility
- This comprehensive guide is packed with exciting practical scenarios that enable you to implement Azure solutions with ease
This book is for IT architects, system and network admins, and DevOps engineers who are aware of Azure solutions and want to implement them for their organization.
Related to Implementing Azure Solutions
Related ebooks
Implementing DevOps with Microsoft Azure Rating: 0 out of 5 stars0 ratingsMicrosoft Azure IaaS Essentials Rating: 4 out of 5 stars4/5Microservices with Azure Rating: 0 out of 5 stars0 ratingsImplementing Cloud Design Patterns for AWS Rating: 0 out of 5 stars0 ratingsGetting Started with Terraform Rating: 5 out of 5 stars5/5Mastering Cloud Development using Microsoft Azure Rating: 0 out of 5 stars0 ratingsMicrosoft Azure Security Rating: 0 out of 5 stars0 ratingsImplementing DevOps on AWS Rating: 0 out of 5 stars0 ratingsMastering Active Directory Rating: 0 out of 5 stars0 ratingsEnterprise PowerShell Scripting Bootcamp Rating: 0 out of 5 stars0 ratingsMicrosoft Azure Storage Essentials Rating: 0 out of 5 stars0 ratingsLearning Windows Server Containers Rating: 0 out of 5 stars0 ratingsAWS Security Cookbook: Practical solutions for managing security policies, monitoring, auditing, and compliance with AWS Rating: 0 out of 5 stars0 ratingsSQL Server 2017 Integration Services Cookbook Rating: 0 out of 5 stars0 ratingsGetting Started with Kubernetes - Second Edition Rating: 0 out of 5 stars0 ratingsDeveloping with Docker Rating: 5 out of 5 stars5/5Robust Cloud Integration with Azure Rating: 0 out of 5 stars0 ratingsLearning Microsoft Azure Rating: 4 out of 5 stars4/5Microsoft Azure Infrastructure Services for Architects: Designing Cloud Solutions Rating: 0 out of 5 stars0 ratingsLearn Azure in a Month of Lunches Rating: 0 out of 5 stars0 ratingsMicrosoft Certified Azure Fundamentals All-in-One Exam Guide (Exam AZ-900) Rating: 5 out of 5 stars5/5Microsoft Azure A Complete Guide - 2019 Edition Rating: 1 out of 5 stars1/5DevOps Bootcamp Rating: 0 out of 5 stars0 ratings
Enterprise Applications For You
Notion for Beginners: Notion for Work, Play, and Productivity Rating: 4 out of 5 stars4/5101 Ready-to-Use Excel Formulas Rating: 4 out of 5 stars4/5Creating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5Excel 2019 Bible Rating: 4 out of 5 stars4/5Excel : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Excel Programming: 1 Rating: 5 out of 5 stars5/5Agile Project Management: Scrum for Beginners Rating: 4 out of 5 stars4/5Excel Formulas and Functions 2020: Excel Academy, #1 Rating: 4 out of 5 stars4/5Excel Formulas That Automate Tasks You No Longer Have Time For Rating: 5 out of 5 stars5/5Bitcoin For Dummies Rating: 4 out of 5 stars4/5Learn Windows PowerShell in a Month of Lunches Rating: 0 out of 5 stars0 ratings50 Useful Excel Functions: Excel Essentials, #3 Rating: 5 out of 5 stars5/5Enterprise AI For Dummies Rating: 3 out of 5 stars3/5Essential Office 365 Third Edition: The Illustrated Guide to Using Microsoft Office Rating: 3 out of 5 stars3/5Excel 2019 For Dummies Rating: 3 out of 5 stars3/5Create Income through Self-Publishing: An Author's Approach on Generating Wealth by Self-Publishing Rating: 5 out of 5 stars5/5Scrivener For Dummies Rating: 4 out of 5 stars4/5Learning Python Rating: 5 out of 5 stars5/5Experts' Guide to OneNote Rating: 5 out of 5 stars5/5The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Rating: 4 out of 5 stars4/5Excel Tips and Tricks Rating: 0 out of 5 stars0 ratingsChatGPT Ultimate User Guide - How to Make Money Online Faster and More Precise Using AI Technology Rating: 0 out of 5 stars0 ratingsQuickBooks Online For Dummies Rating: 0 out of 5 stars0 ratingsUsing Word 2019: The Step-by-step Guide to Using Microsoft Word 2019 Rating: 0 out of 5 stars0 ratingsThe Ridiculously Simple Guide To Numbers For Mac Rating: 0 out of 5 stars0 ratingsSharePoint 2016 For Dummies Rating: 5 out of 5 stars5/5
Reviews for Implementing Azure Solutions
0 ratings0 reviews
Book preview
Implementing Azure Solutions - Florian Klaffenbach
Title Page
Implementing Azure Solutions
Eliminate the pain point of implementation
Florian Klaffenbach
Jan-Henrik Damaschke
Oliver Michalski
BIRMINGHAM - MUMBAI
Copyright
Implementing Azure Solutions
Copyright © 2017 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: May 2017
Production reference: 2170517
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
ISBN 978-1-78646-785-0
www.packtpub.com
Credits
About the Authors
Florian Klaffenbach started in 2004 with his IT carrier as 1st and 2nd Level IT Support Technician and IT Salesman Trainee for a B2B online shop. After that, he changed to a small company working as IT Project Manager, planning, implementing, and integration from industrial plants and laundries into enterprise IT. After spending some years, he changed his path to Dell Germany. There he started from scratch as an Enterprise Technical Support Analyst and later worked on a project to start Dell Technical Communities and support over social Media in Europe and outside of the U.S.
Currently he is working as a Solutions Architect and Consultant for Microsoft Infrastructure and Cloud and is specialized in Microsoft Hyper-V, Fileservices, System Center Virtual Machine Manager, and Microsoft Azure IaaS at msg services ag.
In addition to his job, he is active as a Microsoft Blogger and Lecturer. He blogs for example on his own page Datacenter-Flo.de or Azure Community Germany. Together with a very good friend, he founded the Windows Server User Group Berlin to create network of Microsoft ITPros in Berlin.
Florian maintains a very tight network for many vendors such as Cisco, Dell, or Microsoft and Communities. This helps him to grow his experience and to get the best solution for his customers. Since 2016, he is also Co-Chairman of the Azure Community Germany. In April 2016, Microsoft awarded Florian Microsoft Most Valuable Professional for Cloud and Datacenter Management.
With that few lines, I want to thank all people, especially my family and friends who supported me while writing the book. Most of them didn’t see me for a long time because I was spending most of my spare time for preparing the next chapter or testing new features which I wanted to mention within the book.
I also want to thank the guys from Microsoft and the coauthors Jan-Henrik and Oliver who support with reviewing and clearing some open questions and misunderstandings.
Hopefully you as reader enjoy the reading the book as much as I writing it.
Jan-Henrik Damaschke is an IT Consultant for Security, Network, and Infrastructure from Germany. He was MVP awarded in the categories of Enterprise Security, PowerShell, and AzureStack. PKI implementation and management is one of his core competencies as well as cloud-related security. He writes articles on security-related topics and is involved in many community events as a speaker as well as an organizer. He is passionate about sharing knowledge with others. For this purpose, he is member of the Microsoft Student Partner program and is engaged on forums and on other platforms. Currently, he is writing a book on Azure infrastructure solutions.
Oliver Michalski started in 1999 with his IT carrier as a Web Developer. Now, he is a Senior Software Engineer for Microsoft .NET and an SOA Architect. He also works as an Independent Enterprise Consultant in the field Microsoft Azure. When he started in 2011 with Microsoft Azure, there was no Azure Community on the German market. Therefore, Oliver founded the Azure Community Germany (ACD).
Oliver is Chairman of the Azure Community Germany, and since April 2016 he has been a Microsoft Most Valuable Professional for Microsoft Azure.
About the Reviewers
Sebastian Durandeu is a senior software engineer with a primary focus on building applications and services for the Cloud using Microsoft technologies. He works at Southworks, a high-end software development company that helps businesses leverage the latest technologies. There he has worked closely with several Microsoft divisions helping the developer community adopt emerging technologies using recommended practices. Sebastian currently lives in Buenos Aires, Argentina where he is an active contributor in the developer community. He shares his knowledge via his Twitter (@sebadurandeu) and GitHub accounts (sdurandeu).
Rafael dos Santos Christian, Geysla’s husband, Ted’s father, Entrepreneur, Developer, Cloud specialist. 10 years experience developing and architecting web based solutions.
I would like to thank Lucas Romao for the support and mentoring on learning Microsoft Azure. I also would like to thank all the SDK Team at ITIX, you guys are amazing and I love work with you guys.
www.PacktPub.com
For support files and downloads related to your book, please visit www.PacktPub.com.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at service@packtpub.com for more details.
At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.
h t t p s ://w w w . p a c k t p u b . c o m /m a p t
Get the most in-demand software skills with Mapt. Mapt gives you full access to all Packt books and video courses, as well as industry-leading tools to help you plan your personal development and advance your career.
Why subscribe?
Fully searchable across every book published by Packt
Copy and paste, print, and bookmark content
On demand and accessible via a web browser
Customer Feedback
Thanks for purchasing this Packt book. At Packt, quality is at the heart of our editorial process. To help us improve, please leave us an honest review on this book's Amazon page at h t t p s ://w w w . a m a z o n . c o m /d p /1786467852.
If you'd like to join our team of regular reviewers, you can e-mail us at customerreviews@packtpub.com. We award our regular reviewers with free eBooks and videos in exchange for their valuable feedback. Help us be relentless in improving our products!
Table of Contents
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the color images of this book
Errata
Piracy
Questions
Getting Started with Azure Implementation
Service models
Deployment models
Cloud characteristics
Microsoft Azure
Azure services overview
Azure basics
Azure Resource Manager
Resources
Azure regions
Azure Portal
Azure automation
Azure Automation tools
REST APIs
Summary
Azure Resource Manager and Tools
Understanding the Azure resource manager
Functionalities provided by the Azure resource manager
Working with the Azure resource manager
Creating an Azure resource group
Adding a resource to an Azure resource group
First approach - adding a storage account to your Azure resource group
Second approach - adding a storage account to your Azure resource group
Third approach - adding a storage account to your Azure resource group
Tagging in the Azure resource manager
Locking Azure resources
Azure resource locks
Working with ARM templates
Exporting a deployment as an ARM template (for IT pros)
Example 1: exporting a resource group to an ARM template
Example 2: exporting a resource (from the deployment history) to an ARM template
Example 3: exporting a resource (classic) to an ARM template
Modifying an ARM template
Authoring an ARM template
Creating your own ARM template (for developers)
Azure resource explorer
Summary
Deploying and Synchronizing Azure Active Directory
Azure Active Directory
Azure Active Directory options
Azure AD free
Azure AD basic
Azure AD premium P1
Deploying a custom Azure AD
Adding accounts and groups to Azure AD
Azure AD Connect high available infrastructure
Summary
Implementing Azure Networks
Azure networking limits
Azure networking components
Azure virtual networks (VNet)
VNet peering
Azure VPN gateways
Azure local gateway
Azure ExpressRoute
Azure global Points of Presence
National Azure Points of Presence
Azure connections
Azure routes
Azure third-party network devices
Azure load balancer
Hash-based distribution
Port forwarding
Automatic reconfiguration
Service monitoring
Azure application gateways
Azure Traffic Manager
Azure DNS
Setting up Azure networks
Setting up Azure VNet
Setting up Azure virtual network site-to-site VPN
Configuring local network gateway
Configuring Azure virtual network gateway
Configuring connection between local and virtual network gateways
Setting up Azure virtual network with MPLS and ExpressRoute
Configuring Azure virtual network gateway
Configuring Azure ExpressRoute circuit
Configuring connection between ExpressRoute circuit and Azure virtual gateway
Setting up Azure VNet peering
Preparing the deployment
Configuring VNet peering
Configuring custom routes
Configuring third-party network appliances
Common Azure network architectures
Summary
Implementing and Securing Azure Storage Accounts
Storage accounts
General purpose Storage account
Blob Storage account
Replication and redundancy
Locally redundant storage
Zone-redundant storage
Geo-redundant storage
Read-access geo-redundant storage
Azure Storage services
Blob Storage services
Table storage services
Queue storage services
File storage services
Access keys
Exploring Azure Storage with Azure Storage Explorer
Premium Storage account
Premium storage requirements
Pricing
Summary
Planning and Deploying Virtual Machines in Azure
Azure virtual machine types
A-series virtual machines
D-series and DS-series virtual machines
F-series and FS-series virtual machines
G-series and GS-series virtual machines
H-series virtual machines
NV-series and NC-series virtual machines
NV virtual machines
NC virtual machines
Ls-series virtual machines
Virtual machine extensions
Managed Disks
Availability sets
Deploying a virtual machine in Azure
Accessing a virtual machine in Azure
Changing IP and DNS settings
Common scenarios for virtual machines
Optimization of Azure related communication traffic
On-demand usage for calculations
Disaster recovery for on-premises servers
Summary
Implementing Azure Cloud Services
What is an Azure Cloud Service?
Understanding the Cloud Service architecture
Roles
The service endpoint
Going deeper into the Cloud Services
Service Definition File
LoadBalancerProbes
WebRole
WorkerRole
NetworkTrafficRules
Service configuration file
Role
NetworkConfiguration
Azure Cloud Services versus other Azure PaaS offerings, such as Azure App Services
Selection of a Guest OS and an update level
Selection of an Azure series
series A
series D
series F
series G
series N
series H
In a nutshell
Creating your first Azure cloud service
Part 1
Part 2
Summary
Implementing Azure Container Service
What is an Azure Container Service?
Understanding containers
Cluster
Orchestrator
Mesosphere DC/OS
Docker swarm
Kubernetes
Creating your first Azure Container Service
How to work with your Azure container service cluster
Summary
Implementing Azure Security
Azure Identity Security
Azure Active Directory
Azure Active Directory editions
Privileged Identity Management
Identity protection
Detection of vulnerabilities and potential risky accounts
Investigation of potential suspicious events
Multi-factor authentication
Conditional access
Resource security
Role-based Access Control
Resource tags and policies
Azure network security
Network security groups
Priority
Source
Destination
Network virtual appliances
Azure Storage security
Key management
Shared access signatures
Service-level SAS
Account-level SAS
Storage Encryption
Storage account encryption
Azure disk encryption
Logging and monitoring
Azure Logs
Azure Security Center
Summary
Skill Wrap Up and Migration Scenario
On-premises infrastructure scenario
Background network infrastructure
Background information on Microsoft Active Directory
Background information on Microsoft Exchange Server
Background information on Microsoft SharePoint Server
Background information on Microsoft Skype for Business Server
Background information one document management system based on SMB shares
Background information on public website based on TYPO3 CMS
Background information on backup services
Background information on file servers
Customer requirements
Solution in Azure
Solution for a wide area network
Solution for point-to-site VPN and GeoIP/DNS
Solution for Azure LAN integration
Solution for identity and access management
Solution for SharePoint services
Solution for Exchange services
Solution for document management system
Solution for file services
Personal homeshares
No ACL shares
Classic shares
Solution for a public website with TYPO3 CMS
Solution for backup services
Summary
Azure Price Calculator
Azure TCO and RIO Calculator
Preface
Welcome to our book about implementing Azure solutions. Microsoft Azure is the cloud platform of Microsoft and offers you numerous services to host your existing application infrastructure, deliver services tailored to your individual needs, or even expand your on-premise applications. Azure integrates the cloud services you need to develop, test, implement, and manage your applications and allows you to focus on building great solutions without the need to worry about how the physical infrastructure is assembled.
A very complex field of work and, therefore, the question arises immediately is this: where should I start? Unfortunately, we cannot answer this question, but we can show you the way so that you may find your own answer.
This book provides you with complete solutions that you can follow to learn how to create VMs, virtual networks, storage accounts, and so on as well as best-practice guidance of our consulting work to help you get the most out of your Azure experience. We hope this is a healthy mixture, but are always open to suggestions.
You can send us your feedback at h t t p s ://w a z c o m m u n i t y . w o r d p r e s s . c o m /f e e d b a c k /.
What this book covers
Chapter 1, Getting Started with Azure Implementation, provides an overview of cloud service models, cloud deployment models, cloud characteristics, and Azure services.
Chapter 2, Azure Resource Manager and Tools, explains all about the Azure Resource Manager and its concepts (Azure Resource Groups, Azure Resource Tags, and Locks). You will also get an introduction to working with the ARM Templates area.
Chapter 3, Deploying and Synchronizing Azure Active Directory, gives you an overview of the deployment, management, and functionalities of Azure Active Directory and its relation to a Microsoft Azure subscription.
Chapter 4, Implementing Azure Networks, explains how networking in Azure works, how to plan Azure network components, and how to deploy different network components within Azure.
Chapter 5, Implementing and Securing Azure Storage Accounts, explains all about Azure Storage Management and its concepts (BLOBs, tables, queues, and files). You will also get some basic storage configurations.
Chapter 6, Planning and Deploying Virtual Machines in Azure, demonstrates the difference between the Azure virtual machine types, the common use cases for the different types, and how to deploy virtual machines.
Chapter 7, Implementing Azure Cloud Services, explains all about Azure Cloud Services, the Cloud Service architecture, Azure Cloud Services versus Azure App Services, and how to create your first Cloud Service.
Chapter 8, Implementing Azure Container Service, provides basic knowledge about the Azure Container Service area and how to create your first container service. You will also learn the necessary steps to work with the service afterward.
Chapter 9, Implementing Azure Security, explains all about Azure security concepts (identity management with Azure AD, Role-based Access Control (RBAC), and Azure Storage security) and the Azure Security Center.
Chapter 10, Skill Wrap Up and Migration Scenario, provides a basic overview of how classical applications and services can be placed in the Microsoft Cloud ecosystem and which tools can be used for the migration. This chapter is based on a common use case and migration scenario.
What you need for this book
Learning from a book only works if you have the opportunity to implement what you have learned in practice. That's why you need an Azure subscription. To do this at no cost, you can use a free Azure trial from h t t p s ://a z u r e . m i c r o s o f t . c o m /e n - u s /f r e e /.
To understand parts of the book, you also need an installation of Visual Studio. You can use any edition of Visual Studio. To avoid unnecessary costs, I recommend using the free Visual Studio Community Edition from h t t p s ://w w w . v i s u a l s t u d i o . c o m /d o w n l o a d s /.
Who this book is for
This book focuses on providing essential information about the implementation of Azure solutions to software architects, developers, and IT professionals. The technical information will be offered to you in an intermediate and expert level.
Basic knowledge is not necessary, but it is useful for a better understanding of the text. Therefore, some knowledge of programming languages is recommended.
Conventions
In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.
Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: The current project consists of three artifacts in two solution folders, Templates and Scripts.
A block of code is set as follows:
Any command-line input or output is written as follows:
New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: In the portal, click on New, then click on Data + Storage, and then click on Storage account.
Warnings or important notes appear in a box like this.
Tips and tricks appear like this.
Reader feedback
Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of.
To send us general feedback, simply e-mail feedback@packtpub.com, and mention the book's title in the subject of your message.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at www.packtpub.com/authors.
Customer support
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Downloading the color images of this book
We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from h t t p ://w w w . p a c k t p u