Transcription
Fundamentalsof AzureSecond EditionMicrosoft Azure EssentialsMichael CollierRobin Shahan
PUBLISHED BYMicrosoft PressA division of Microsoft CorporationOne Microsoft WayRedmond, Washington 98052-6399Copyright 2016 by Michael Collier, RobinShahanAll rights reserved. No part of the contents ofthis book may be reproduced or transmitted inany form or by any means without the writtenpermission of the publisher.ISBN: 978-1-5093-0296-3Microsoft Press books are available throughbooksellers and distributors worldwide. If youneed support related to this book, emailMicrosoft Press Support atmspinput@microsoft.com. Please tell us whatyou think of this book at http://aka.ms/tellpress.This book is provided “as-is” and expresses theauthor’s views and opinions. The views, opinionsand information expressed in this book,including URL and other Internet websitereferences, may change without notice.Some examples depicted herein are provided forillustration only and are fictitious. No real
association or connection is intended or shouldbe inferred.Microsoft and the trademarks listed athttp://www.microsoft.com on the “Trademarks”webpage are trademarks of the Microsoft groupof companies. All other marks are property oftheir respective owners.Acquisitions Editor: Devon MusgraveDevelopmental Editor: Carol DillinghamEditorial Production: CohesionCopyeditor: Ann WeaverCover: Twist Creative Seattle
To my wife, Sonja, and sons, Aidan andLogan; I love you more than words canexpress. I could not have written this bookwithout your immense support and patience.—Michael S. CollierI dedicate this book to the many peoplewho helped make this the best book possibleby reviewing, discussing, and sharing theirtechnical wisdom. I especially want tomention Neil Mackenzie, who is alwayswilling to share his encyclopedic knowledge ofAzure with me, and whose tech reviews wereincredibly helpful. I’d also like to mentionJennelle Crothers, without whom networkingwould be a complete mystery to me.—Robin E. Shahan
Visit us today atMicrosoftPressStore.com Hundreds of titles available – Books,eBooks, and online resources fromindustry experts Free U.S. shipping eBooks in multiple formats – Read on yourcomputer, tablet, mobile device, or e-reader Print & eBook Best Value Packs eBook Deal of the Week – Save upto 60% on featured titles Newsletter and special offers – Bethe first to hear about newreleases, specials, and more Register your book – Getadditional benefits
ContentsIntroduction . xiiWho should read this book . xiiiAssumptions .xivThis book might not be for you if .xivOrganization of this book .xvConventions and features in this book . xviiiSystem requirements.xixDownloads .xxiUsing the code samples .xxiAcknowledgments . xxiiErrata, updates, & support . xxiiiFree ebooks from Microsoft Press . xxivWe want to hear from you .xxvStay in touch .xxvChapter 1: Getting started with MicrosoftAzure . 1What is Azure? . 2Overview of cloud computing.3iContents
Cloud offering .7Azure services . 10The new world: Azure Resource Manager . 12What is it?. 12Why use Resource Manager? . 14Maximize the benefits of using ResourceManager . 17Resource group tips . 18Tips for using Resource Manager templates. 19The classic deployment model . 23PowerShell changes for the Resource Managerand classic deployment models . 25Role-Based Access Control . 26What is it?. 27Roles . 28Custom roles . 30The Azure portal . 32Dashboard and hub . 33Creating and viewing resources . 37Subscription management and billing . 45Available subscriptions . 45iiContents
Share administrative privileges for yourAzure subscription . 48Pricing calculator . 50Viewing billing in the Azure portal. 55Azure Billing APIs . 58Azure documentation and samples . 59Documentation . 60Samples . 60Chapter 2: Azure App Service and Web Apps.62App Service and App Service plans . 63What is an App Service? . 63So what is an App Service plan? . 64How does this help you? . 65How to create an App Service plan in theAzure portal . 67Creating and deploying Web Apps . 73What is a Web App?. 74Options for creating Web Apps . 75Demo: Create a web app by using the AzureMarketplace . 79Demo: Create an ASP.NET website in VisualStudio and deploy it as a web app . 87iiiContents
Configuring, scaling, and monitoring WebApps . 96Configuring Web Apps . 97Monitoring Web Apps .105Scaling Web Apps .108Chapter 3: Azure Virtual Machines . 121What is Azure Virtual Machines? . 122Billing .124Service level agreement .126Virtual machine models. 127Azure Resource Manager model .128Classic/Azure Service Management model.129Virtual machine components . 130Virtual machine .131Disks .131Virtual Network .135Availability set.145Create virtual machines . 146Create a virtual machine with the Azureportal .149Create a virtual machine with a template .156ivContents
Connecting to a virtual machine. 159Remotely access a virtual machine .159Network connectivity .160Configuring and managing a virtual machine. 164Disks .165Fault domains and update domains .173Image capture .175Scaling Azure Virtual Machines . 187Resource Manager virtual machines .187Classic virtual machines .190Chapter 4: Azure Storage . 192Storage accounts . 194General-purpose storage accounts.196Blob storage accounts .197Storage services. 197Blob storage .198File storage .201Table storage .206Queue storage .208Redundancy . 212vContents
Security and Azure Storage . 215Securing your storage account .216Securing access to your data .219Securing your data in transit .222Encryption at rest .223Using Storage Analytics to audit access .227Using Cross-Origin Resource Sharing (CORS).231Creating and managing storage . 231Create a storage account using the Azureportal .233Create a container and upload blobs usingVisual Studio Cloud Explorer .239Create a file share and upload files using theAzure portal .244Create a table and add records using theVisual Studio Cloud Explorer .250Create a storage account using PowerShell.253Create a container and upload blobs usingPowerShell .256Create a file share and upload files usingPowerShell .260AzCopy: A very useful tool . 263viContents
The Azure Data Movement Library . 267Chapter 5: Azure Virtual Networks . 268What is a virtual network (VNet)? . 268Overview .269Definitions .270Creating a virtual network .274Creating a virtual network using the Azureportal .275Creating a virtual network using a ResourceManager template .283Network Security Groups . 297Cross-premises connection options . 300Site-to-site connectivity .300Point-to-site connectivity .301Comparing site-to-site and point-to-siteconnectivity .303Private site-to-site connectivity(ExpressRoute) .304Point-to-site network . 305Overview of setup process .306Configuring point-to-site VPN .307Chapter 6: Databases . 321viiContents
Azure SQL Database . 323Administration .331Billing .337Business continuity .339Applications connecting to SQL Database . 352SQL Server in Azure Virtual Machines . 356Billing .357Virtual machine configuration .358Business continuity .360Comparing SQL Database with SQL Server inAzure Virtual Machines . 361Database alternatives . 364MySQL .365NoSQL options .370Chapter 7: Azure Active Directory . 372Overview of Azure Active Directory . 373What is Azure Active Directory? .374Active Directory editions .382Creating a directory . 383Custom domains .388Delete a directory .394viiiContents
Users and groups . 395Add users.395Add groups .403Azure Multi-Factor Authentication .406Application gallery . 411Adding gallery applications .413Assigning users to applications .415MyApps .418Chapter 8: Management tools . 421Management tools overview . 422Visual Studio 2015 and the Azure SDK . 424Install the Azure SDK .424Manage resources with Cloud Explorer .428Create an Azure resource .434Windows PowerShell . 436Azure PowerShell cmdlet installation .438Connecting to Azure .444Cross-platform command-line interface . 451Installation .452Connecting to Azure .457Usage .462ixContents
Chapter 9: Additional Azure services . 467Some other Azure services we think youshould know about . 468Azure Service Fabric .468Cloud Services .469Azure Container Service .471DocumentDB .472Azure Redis Cache .474Azure HDInsight .475Azure Search .477Azure Service Bus .478Azure Event Hubs .479Azure Notification Hubs .481Azure Media Services .482Azure Backup .483Azure Site Recovery .485Azure Key Vault .486More Azure services . 487Chapter 10: Business cases . 489Development and test scenarios . 490Hybrid scenarios . 495xContents
Network connectivity .496Internet connectivity .498Application and infrastructure modernizationand migration . 501Azure Mobile Apps . 504Machine learning . 507xiContents
IntroductionMicrosoft Azure is Microsoft's cloud computingplatform, providing a wide variety of services youcan use without purchasing and provisioningyour own hardware. Azure enables the rapiddevelopment of solutions and provides theresources to accomplish tasks that may not befeasible in an on-premises environment. Azure'scompute, storage, network, and applicationservices allow you to focus on building greatsolutions without the need to worry about howthe physical infrastructure is assembled.This book covers the fundamentals of Azure youneed to start developing solutions right away. Itconcentrates on the features of the Azureplatform that you are most likely to need toknow rather than on every feature and serviceavailable on the platform. This book alsoprovides several walkthroughs you can follow tolearn how to create VMs and virtual networks,websites and storage accounts, and so on. Inmany cases, real-world tips are included to helpyou get the most out of your Azure experience.In addition to its coverage of core Azure services,the book discusses common tools useful inxiiIntroduction
creating and managing Azure-based solutions.The book wraps up by providing details on a fewcommon business scenarios where Azure canprovide compelling and valuable solutions, aswell as a chapter providing overviews of some ofthe commonly used services not covered in thebook.Who should read thisbookThis book focuses on providing essentialinformation about the key services of Azure fordevelopers and IT professionals who are new tocloud computing. Detailed, step-by-stepdemonstrations are included to help the readerunderstand how to get started with each of thekey services. This material is useful not only forthose who have no prior experience with Azure,but also for those who need a refresher andthose who may be familiar with one area but notothers. Each chapter is standalone; there is norequirement that you perform the hands-ondemonstrations from previous chapters tounderstand any particular chapter.xiiiIntroduction
AssumptionsWe expect that you have at least a minimalunderstanding of virtualized environments andvirtual machines. There are no specific skillsrequired overall for this book, but having someknowledge of the topic of each chapter will helpyou gain a deeper understanding. For example,the chapter on virtual networks will make moresense if you have some understanding ofnetworking, and the chapter on databases will bemore useful if you understand what a database isand why you might use one. Web developmentskills will provide a good background forunderstanding Azure Web Apps, and someunderstanding of identity will be helpful whenstudying the chapter on Active Directory.This book might not befor you if This book might not be for you if you arelooking for an in-depth developer orarchitecture-focused discussion on a wide rangeof Azure features, or if you are looking for detailson other public or private cloud platforms.xivIntroduction
Organization of thisbookThis book explores six foundational features ofthe Microsoft Azure platform, along with insightson getting started with Azure, managementtools, and common business scenarios. Thisbook also includes a chapter with overviews ofsome of the more commonly used services, suchas HDInsight (Azure’s Hadoop service) andService Bus, but there are many services in theAzure platform that are not in the scope of thisbook, such as Azure Batch, Data Lake Analytics,and Azure DNS, just to mention a few. To learnabout all of the services available in the Azureplatform, start your journey athttp://azure.microsoft.com. Also, there is a webapplication that shows the many services ofAzure and allows you to drill down to learnmove. See http://aka.ms/azposterapp.The topics explored in this book include: xvGetting started with Azure: Understandwhat cloud computing is, learn about AzureResource Manager and Role-Based AccessControl, visit the management portals, learnabout billing, find out how you canIntroduction
contribute to the Azure documentation andcode samples. xviAzure App Service and Web Apps: Learnabout the Azure App Service, consisting ofWeb Apps, Logic Apps, Mobile Apps, APIApps, and Function Apps. We will focus onWeb Apps and how they work with the AppService and App Service plans, covering thetopic from deployment to monitoring andscaling.Virtual Machines: Explore the basic featuresof Azure Virtual Machines, including how tocreate, configure, and manage them.Storage: Read about the basics of AzureStorage, including blobs, tables, queues, andfile shares, as well as some of the optionsavailable such as Premium Storage and CoolStorage.Virtual Networks: Learn the basics of virtualnetworks, including how to create one, andwhy a virtual network might be necessary.This also covers site-to-site and point-to-sitenetworking, as well as ExpressRoute.Databases: Explore two relational databaseoptions available in Azure: Azure SQLIntroduction
Database and SQL Server in Azure VirtualMachines. xviiAzure Active Directory: Explore basicfeatures of Azure AD, including creating adirectory, users and groups, and using theapplication gallery.Management Tools: Explore three commontools for working with Azure: Visual Studio2015 and the Azure SDK, Azure PowerShellcmdlets, and the Cross-Platform CommandLine InterfaceAdditional Azure services: Get an overviewabout Azure services not covered in thebook that may be fundamental to you nowor in the future, such as Azure Service Fabricand Azure Container Service.Business Scenarios: Explore five commonscenarios for utilizing Azure features:development and test, hybrid, applicationand infrastructure modernization, and AzureMobile Apps, and Machine Learning.Introduction
Conventions andfeatures in this bookThis book presents information usingconventions designed to make the informationreadable and easy to follow: xviiiTo create specific Azure resources, follow thenumbered steps listing each action you musttake to complete the exercise.There are currently two management portalsfor Azure: the Azure portal athttps://portal.azure.com and the Azureclassic portal athttp://manage.windowsazure.com. In mostcases, the book uses the Azure portal, butthe Azure classic portal may be used forthose features that have not been migratedto the newer portal yet, such as Azure ActiveDirectory.Boxed elements with labels such as “Note”or "See Also" provide additional information.A plus sign ( ) between two key namesmeans that you must press those keys at thesame time. For example, “Press Alt Tab”means that you hold down the Alt key whileyou press Tab.Introduction
A right angle bracket between two or moremenu items (e.g., File Browse VirtualMachines) means that you should select thefirst menu or menu item, then the next, andso on.System requirementsFor many of the examples in this book, you needonly Internet access and a browser (InternetExplorer 10 or higher) to access the Azureportals.Chapter 2, "Azure App Service and Web Apps,"and Chapter 4, "Azure Storage," use VisualStudio to show concepts used in developingapplications for Azure. For these examples, youwill need Visual Studio. The system requirementsare: xixWindows 7 Service Pack 1, Windows 8,Windows 8.1, Windows 10, Windows Server2008 R2 SP1, Windows Server 2012, orWindows Server 2012 R2Computer that has a 1.6GHz or fasterprocessor (2GHz recommended)1 GB (32 Bit) or 2 GB (64 Bit) RAM (Add 512MB if running in a virtual machine)Introduction
4 GB of available hard disk space 5400 RPM hard disk drive DirectX 9 capable video card running at 1024x 768 or higher-resolution displayDVD-ROM drive (if installing Visual Studiofrom DVD)Internet connectionAfter installing Visual Studio, you must alsoinstall the Azure Tools and SDK for the languageof your choice fromhttps://azure.microsoft.com/tools/.The system requirements for the Azure SDK thatare not included in the Visual Studio systemrequirements are as follows: IIS7 with ASP.NET and WCF HTTP Activation,Static Content, IIS Management Console,and HTTP Redirection Web Deployment Tools 2.1 or up Internet Explorer 10 or higherDepending on your Windows configuration, youmight require Local Administrator rights toinstall or configure Visual Studio 2015.xxIntroduction
DownloadsSome of the chapters in this book includeexercises that let you interactively try out newmaterial learned in the main text. Chapter 4,“Azure Storage,” has PowerShell scripts; Chapter5, “Virtual Networks,” has PowerShell scripts anda Resource Manager template. These can bedownloaded from the following page:https://aka.ms/FundAzure2e/downloadsFollow the instructions on the target page todownload the code sample files.Note To use the PowerShell scripts, you needto have Azure PowerShell installed. This articleexplains how to install and configure ng the code samplesThe code samples are stored within a unique .ZIPfile, “FundAzure2E.ZIP,” which can bedownloaded to your computer and unzipped sothat you can use them with the exercises in thisbook.xxiIntroduction
Samples for Chapter 4, “Azure Storage,” arein the Chapter4 PowerShellScripts folder inthe ZIP file. This includes the PowerShellscripts for both Blob storage and FileStorage. You can open, edit, and run theseusing the PowerShell ISE.Samples for Chapter 5, “Azure VirtualNetworks,” are in the folder “Chapter5PowerShellScripts And Templates.” Thisincludes both the Resource Managertemplates used to create and modify avirtual network and the PowerShell scriptused to create a point-to-site VPN Network.To use the Resource Manager templates,please follow the instructions provided in thechapter. You can open, edit, and run thePowerShell script with PowerShell ISE.AcknowledgmentsThe Azure community is made up of manypeople bound together by this one technology.We are honored to be members of thiscommunity, and we thank you for your help andsupport. We would like to especially thank NeilMackenzie, Mike Wood, and Mike Martin, as wellas Byron Tardif, Ashwin Kamath, and RajeshxxiiIntroduction
Ramabathiran from the Azure App Service teamfor their detailed technical reviews and feedback.All of them provided additional insights thatgreatly enhanced the overall quality and value ofthis book.Special thanks to the team at Microsoft Press fortheir unwavering support and guidance on thisjourney. It was a pleasure to work with oureditors, Devon Musgrave and Carol Dillingham.Thanks to Chris Norton for helping us throughthe final edit cycles.Most importantly, we are profoundly grateful toour families and friends for their love,encouragement, and patience. Many nights andweekends were sacrificed in the writing of thisbook.Errata, updates, &supportWe’ve made every effort to ensure the accuracyof this book. You can access updates to thisbook—in the form of a list of submitted errataand their related xiiiIntroduction
If you discover an error that is not already listed,please submit it to us at the same page.If you need additional support, email MicrosoftPress Book Support at mspinput@microsoft.com.Please note that product support for Microsoftsoftware and hardware is not offered throughthe previous addresses. For help with Microsoftsoftware or hardware, go tohttp://support.microsoft.com.Free ebooks fromMicrosoft PressFrom technical overviews to in-depthinformation on special topics, the free ebooksfrom Microsoft Press cover a wide range oftopics. These ebooks are available in PDF, EPUB,and Mobi for Kindle formats, ready for you todownload at:http://aka.ms/mspressfreeCheck back often to see what is new!xxivIntroduction
We want to hear fromyouAt Microsoft Press, your satisfaction is our toppriority, and your feedback our most valuableasset. Please tell us what you think of this bookat:http://aka.ms/tellpressWe know you’re busy, so we’ve kept it short withjust a few questions. Your answers go directly tothe editors at Microsoft Press. (No personalinformation will be requested.) Thanks inadvance for your input!Stay in touchLet’s keep the conversation going! We’re onTwitter: http://twitter.com/MicrosoftPressxxvIntroduction
CHAPTER1Getting started withMicrosoft AzureThe purpose of this ebook is to helpyou understand the fundamentalsof Microsoft Azure so you can hitthe ground running when you startusing it.With an Azure account, you canwork through the demos in thisbook and use them as hands-onlabs. If you don’t have an Azureaccount, you can sign up for a freetrial at azure.microsoft.com. If youhave an MSDN subscription, you1 of 540C H A P T E R 1 Getting started with Microsoft Azure
can activate the included Azurebenefits and use the associatedmonthly credit. You can also checkout Purchase Options ions/ and MemberOffers s/ (for members ofMSDN, the Microsoft PartnerNetwork, BizSpark, and otherMicrosoft programs).What is Azure?The following will give an overview of Azure,which is Microsoft’s cloud computing platform.2 of 540C H A P T E R 1 Getting started with Microsoft Azure
Overview of cloud computingCloud computing provides a modern alternativeto the traditional on-premises datacenter. Apublic cloud vendor is completely responsiblefor hardware purchase and maintenance andprovides a wide variety of platform services thatyou can u
cloud computing. Detailed, step-by-step demonstrations are included to help the reader understand how to get started with each of the key services. This material is useful not only for those who have no prior experience with Azure, but also for those who need a refresher an
