Book Image

Implementing Azure Solutions - Second Edition

By : Florian Klaffenbach, Markus Klein, Sebastian Hoppe, Oliver Michalski, Jan-Henrik Damaschke

Book Image

Implementing Azure Solutions - Second Edition

By: Florian Klaffenbach, Markus Klein, Sebastian Hoppe, Oliver Michalski, Jan-Henrik Damaschke

Overview of this book

<p>Microsoft Azure offers numerous solutions that can shape the future of any business. However, the major challenge that architects and administrators face lies in implementing these solutions. </p><p>Implementing Azure Solutions helps you overcome this challenge by enabling you to implement Azure Solutions effectively. The book begins by guiding you in choosing the backend structure for your solutions. You will then work with the Azure toolkit and learn how to use Azure Managed Apps to share your solutions with the Azure service catalog. The book then focuses on various implementation techniques and best practices such as implementing Azure Cloud Services by configuring, deploying, and managing cloud services. As you progress through the chapters, you’ll learn how to work with Azure-managed Kubernetes and Azure Container Services. </p><p>By the end of the book, you will be able to build robust cloud solutions on Azure.</p>

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Free Chapter

Getting Started with Azure Implementation

Getting Started with Azure Implementation

Technical requirements

Deployment models

Cloud characteristics

Multi-cloud characteristics and models

Cloud brokering

Microsoft Azure

Azure services overview

Azure Resource Manager (ARM)

Microsoft data center and backbone

Azure automation

Azure automation tools

Further reading

Azure Resource Manager and Tools

Azure Resource Manager and Tools

Technical requirements

Understanding ARM

Functionalities provided by ARM

Working with ARM

Creating an Azure resource group

Adding a resource to a resource group

First approach – adding a storage account to your resource group

Second approach – adding a storage account to your resource group

Locking Azure resources

Azure resource locks

Working with ARM templates

Exporting a deployment as an ARM template (for IT pros)

Example 1 – exporting a resource group to an ARM template

Example 2 – exporting a resource (classic) to an ARM template

Modifying an ARM template

Authoring an ARM template

Creating your own ARM template (for developers)

Further reading

Deploying and Synchronizing Azure Active Directory

Deploying and Synchronizing Azure Active Directory

Azure AD options

Azure AD premium P1

Deploying a custom Azure AD

Adding accounts and groups to Azure AD

Installing Azure AD Connect – prerequisites

Installing a basic Azure AD Connect environment

Azure AD Connect highly available infrastructure

Azure AD conditional access

Further reading

Azure Managed Applications

Azure Managed Applications

Technical requirements

Azure managed applications overview

History and purpose of Azure managed applications

Scenarios of Azure managed application publishing

Azure managed applications architecture

Elements of an Azure managed application

Security and access of an Azure managed application

Creating a managed application definition

The file mainTemplate.json

The file createUiDefinition.json

The UI definition outline

The basics step

Additional steps in the steps section

The outputs section

Testing and validation of our template files

Testing and validating the mainTemplate.json file

Validation and testing against Azure

Validation and testing with local scripts

Testing and validating the createUiDefinition.json file

Validation and testing against Azure

Validation and testing with local scripts

Publishing a managed application to the internal service catalog

Creating the service catalog managed application definition

The basics section

The package section

The authentication and lock level section

Deploying a managed application from the internal service catalog

The deployment process

The managed resource group

Publishing a managed application to the Azure marketplace

Technical and business requirements

Further reading

Implementing Azure Networks

Implementing Azure Networks

Azure networking limits

Azure networking components

Azure virtual networks (VNet)

VNet peering and global VNet peering

VNet service endpoints

Azure VPN gateways

Azure local gateway

Azure virtual WAN

Azure ExpressRoute

ExpressRoute Direct

ExpressRoute Global Reach

Azure connections

Azure third-party network devices

Azure load balancer

Hash-based distribution

Port forwarding

Automatic reconfiguration

Service monitoring

Azure Application Gateways and Web Application Firewall

Web Application Firewall

Azure Traffic Manager

Setting up Azure networks

Setting up Azure VNet

Setting up Azure virtual network site-to-site VPN

Configuring local network gateway

Configuring Azure virtual network gateway

Configuring connection between local and virtual network gateways

Setting up Azure virtual network with MPLS and ExpressRoute

Configuring Azure virtual network gateway

Configuring Azure ExpressRoute circuit

Setting up Azure VNet peering

Preparing the deployment

Configuring VNet peering

Configuring custom routes

Common Azure network architectures

Further reading

Implementing Azure Storage

Implementing Azure Storage

Storage accounts

The Blob storage account

General-purpose storage v1 account

General-purpose storage v2 accounts

Azure File Sync/Storage Sync services

Azure Data Lake

Replication and redundancy

Locally redundant storage (LRS)

Zone-redundant storage (ZRS)

Geo-redundant storage (GRS)

Read-access geo-redundant storage (RA-GRS)

Azure Storage services

Blob storage services

Table storage services

Queue storage services

File storage services

Exploring Azure Storage with Azure Storage Explorer

Premium storage accounts

Premium storage requirements

How to deploy a storage account?

Further reading

Virtual Machines in Azure

Virtual Machines in Azure

D-series and DS-series VMs

F-series and FS-series VMs

G-series and GS-series VMs

NV-series and NC-series VMs

SAP HANA Large Instances

Availability sets

Availability Zone (AZ)

Azure Hybrid Use Benefit (HUB)

Azure Reserved Instances (RIs)

Accelerated networking for VMs

VM serial console

Azure Confidential Compute

Deploying a VM in Azure

Accessing a VM in Azure

Changing IP and DNS settings

Common scenarios for VMs

Optimization of Azure-related communication traffic

On-demand usage for calculations

Disaster recovery for on-premises servers

Further reading

Implementing Azure-Managed Kubernetes and Azure Container Service

Implementing Azure-Managed Kubernetes and Azure Container Service

Technical requirements

Containers – the concept and basics

Microservices – the concept

Workloads to run in containers

Deploying container hosts in Azure

Docker on Linux

Windows Server Container VM

Azure Container Registry (ACR)

Creating a first container in Azure

Azure Marketplace containers

Creating custom containers

Container orchestration

The concept of container orchestration

Azure Kubernetes Service (AKS)

Further reading

Implementing Azure Cloud Services

Implementing Azure Cloud Services

Technical requirements

What is an Azure Cloud Service?

Understanding the Cloud Service architecture

The service endpoint

Going deeper into the Cloud Services

Service definition file

LoadBalancerProbes

NetworkTrafficRules

Service configuration file

NetworkConfiguration

Azure Cloud Services versus other Azure PaaS offerings such as Azure App Services

Selection of a Guest OS and an update level

Selection of an Azure series

Creating your first Azure cloud service

Further reading

Implementing Azure Governance

Implementing Azure Governance

Technical requirements

Organizational governance

Azure hierarchy

Naming standards

Technical governance

Resource groups

Resource auditing

Management groups

Azure Security Center

Azure Cost Management

Further reading

Azure Hybrid Data Center Services

Azure Hybrid Data Center Services

Technical requirements

Preparing the ASDK host

Identity management configuration

Networking configuration

VM design of Azure Stack (ASDK)

Azure Stack configuration task

Operating Azure Stack

Working with the portals

Working with PowerShell

Working with the CLI

Hybrid cloud patterns

Configure hybrid cloud connectivity

Machine learning solution with Azure Stack

Azure stack staged data analysis

Azure Stack cloud burst scenario

Azure Stack geo-distributed Application

Monitoring Azure Stack

Further reading

Assessments

Chapter 1: Getting Started with Azure Implementation

Chapter 2: Azure Resource Manager and Tools

Chapter 3: Deploying and Synchronizing Azure Active Directory

Chapter 4: Azure Managed Applications

Chapter 5: Implementing Azure Networks

Chapter 6: Implementing Azure Storage

Chapter 7: Virtual Machines in Azure

Chapter 8: Implementing Azure-Managed Kubernetes and Azure Container Service

Chapter 9: Implementing Azure Cloud Services

Chapter 10: Implementing Azure Governance

Chapter 11: Azure Hybrid Data Center Services

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Questions

Please answer the following questions:

If we talk about Azure governance, what is meant by this?
What is the goal for Azure role-based access control (RBAC)?
How do you make sure that the written governance will be used by the contributors in Azure later on?
What are management groups in Azure used for?
Which tools could help to support Azure governance?
Why is it so important to have Azure governance quite early in your Azure project?
What is the difference between Azure Cost Management and Cloudyn?