Becoming a Cloud Expert - Microsoft Azure IaaS - Level 1
- Life Time Access
- Certificate on Completion
- Access on Android and iOS App
Are You Looking to Become a Cloud Expert?
Cloud computing is one of the biggest technology revolution in the IT industry spreading at the speed of light all over the world. More and more business companies are looking for ways to migrate their applications into the cloud or to build new web-scale applications from scratch atop a cloud infrastructure.
The demand for more skilled people in the area of cloud computing is increasing every day across multiple industries. Starting from IT Expert, DevOps Engineers, Developers, Consultants, Security Experts and more.
This course is part of a larger training program called "Becoming a Cloud Expert" and it is the first important cornerstone for learning how to migrate applications into the cloud while using the Infrastructure As a Service model inside Microsoft Azure. We will learn how to create, set up and manage virtual networks, private/public IPs, storage accounts, virtual machines, virtual disks, security rules, access control and much more.
Join us and start to pave your way as a Cloud Expert!
- General understanding of cloud computing models ("Getting Started with Cloud Computing")
- Understand the Building Blocks of Azure Infrastructure as a Service
- Create Virtual Networks, Subnets,
- Allocate Private and Public IP Addressees
- Plan and Deploy Windows and Linux Virtual Machines
- Configure Traffic Filtering using Security Rules
- Manage and Attach Virtual Disks to VMs
- Create and Manage Storage Accounts
- Configure Users and Access Role Assignments
- Operate and Monitor VMs Ongoing Tasks
Section Overview - Introduction to Microsoft Azure
Cloud Computing is the transformation of computer hardware, software and networks into a utility service just like electric, water or gas services. Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources, that can be rapidly provisioned and released with minimal management effort or service provider interaction.
Microsoft Azure provides the services to build, manage and deploy applications on a global scale while using multiple data centers connected with super fast network. The all hardware and software orchestration of the cloud infrastructure is done using a specialized cloud operating system, called “Microsoft Azure” developed by Microsoft.
The cloud services are supposed to be available on global scale and this is one of the most impressive thing about a public cloud provider, like Microsoft Azure, Amazon AWS, or Google cloud. Those players are building and running a huge global infrastructure and every year they announce on additional regions.
Let's review the Azure web portal in high level.
As part of the management layer of Azure, there is a central component that is called Azure Resource Manager, or in short ARM. The azure resource manager is used to allocate and deploy resources, organize resources into groups, control access to resources and much more.
Let's review the Azure ARM inside Microsoft Azure - resources, resource groups, resource providers, accounts and subscriptions and deployment templates.
Access management for resources is a critical function for any group of users or an organization that is using the Azure cloud. As administrators, the Role-based access control (RBAC) will be used to manage who has access to Azure resources and what they can do with those resources.
Let's create new users and assign them access to specific entities.
- What is Virtual Network?
- Virtual network setting
- IP Address Types
- VM, NICs and IP Configuration
- Azure Network Security
- Traffic filtering with security rules
- Network Security Group (NSG)
- Application Security Group (ASG)
A virtual network is basically a private isolated connectivity layer being used to connect between a group of cloud resources.
In azure a virtual network is a managed entity that users are creating with a group of setting that are configured during the creation process or added later when the virtual network entity is already created.
Let's review the all process end-to-end for creating virtual network and subnets.
As soon as we have a new virtual network, we can create VMs as resources inside that virtual network or inside a specific subnet. Each resource must be assigned with at least one private IP address from the virtual network address range we allocated to the virtual network. In addition, if we want a resource inside the virtual network to access the outside internet than we will need to use also a public IP address.
We have an IP address, that can be public or private created dynamically or with a static configuration. In Azure, we have a virtual machine, network interfaces and IP configuration profiles. Let’s see how those building blocks are connected and what kind of combination we can create.
Let's review how to create network interfaces, attach them to VMs and create or adjust IP configuration.
All public cloud providers provide an ability to filter traffic and I am planning to present how it is being done in Microsoft Azure. In Microsoft Azure we can filter network traffic to and from resources in an virtual network with an entity that is called network security group.
Another useful option in Azure related to traffic filtering is using application security groups. The focus is moving to the function of the applications. We can group VMs based on their function.
Let's review how to configure NSG and ASG.
- The Power of a Cloud Storage
- Types of Cloud Storage
- Azure Storage Services
- Storage Replication Options
- Storage Accounts
- VMs Disks
- Encryption Data at Rest
Cloud storage is basically the option to store data on the Internet through a cloud computing provider who manages and operates data storage as a service. We talked about it in the introduction course about cloud computing but this is the power of the cloud, it is a public infrastructure enabling companies to build applications that can scale on a global level without the limitation of a single private data center.
There are three main storage types
- Block Storage
- File Storage
- And Object Storage
Storage services provided by public cloud providers are basically a mix of multiple options to fulfill the storage needs of a variety of applications.
Any type of storage service, like blobs, files, disks, tables, and queues that we would like to use must be allocated inside a logical entity called a storage account. A storage account entity can be created and managed by us or in some cases it will be created and managed by Azure.
One of the most valuable features in a public cloud is high data durability. We know that data can be damaged because of many things like hardware failures, network or power outages, or maybe some massive site disasters. Systems availability is a critical factor and data is a critical component in almost all systems. This is why Microsoft Azure and also other cloud providers are replicating our data and enable us to configure the best replication option for our application.
- Locally-redundant storage
- Zone-redundant storage
- Geo-redundant storage
- Read-access Geo-redundant
Let's review how to create and manage a storage account.
In addition to allocating computing power and setting networking connectivity, we also would like the capability to allocate storage capacity as virtual disks.
There are three types of azure VM disks:
- Operating System Disk (OS Disk)
- Temporary Disk
- Data Disk/s
Let's review how to create, attach and detach data disks for VMs.
Security is a critical part of any solution, including the storage. Our next topic is encryption data at rest, meaning data that is stored in Microsoft Azure storage services.
- Azure Key Vault
- SSE - Storage Service Encryption
- Azure Disk Encryption (ADE)
- Virtual Machines
- VM Types and Sizes
- Creating Windows\Linux VMs
- VMs Setting
- VMs Operation and Monitoring
At the core technology value of virtualization, we can say that virtualization is a great way to divide and optimize physical IT resources into logical entities or also called virtual resources. It is an abstraction management layer of physical objects into logical objects. Now going back to the cloud, a public cloud environment is all about virtualization but of course in a much larger scale than a single private data center.
VM as a resource can be allocated on-demand while using the flexibility comes with a cloud environment. We can define the required VM from a variety of VM types and sizes to be used for different application workloads.
Every application or better call it workload will have a different resources consumption profile. Some applications require more CPUs power and less memory capacity and in other cases, it will be the other way around, more memory and less CPU power. So Microsoft Azure provides us with a variety of VM types and sizes that will be more optimized to the resources consumption profile of our application.
Let's review how to create a new VM while following the all process end-to-end.
- Attaching Network Interfaces
- Attaching Data Disks
- Scaling a VM Size
- Security recommendations
- Adding Extensions
- Configure access control
- Shutdown/Run a VM
- Configure Auto-shutdown
- Scheduled Backups
- Using Inventory management for installed software components
- Running scripts on a VM
- Analyze activity logs
- Review metrics or KPIs
- Configure alerts
- Configure the diagnostics setting
- Review the Azure Advisor recommendations
Hi and welcome!
After learning so many features and configuration options in Azure, it is a great time to practice and building your first cloud IaaS system.
Your mission, if you are willing to accept it :-), will be to create an end-to-end cloud-based solution using Microsoft Azure while using the services and resource types we covered in this course.
Please download the PDF file for a detailed information about your mission.
From 0 to 1: Hive for Processing Big DataLoony Corn
Quickbooks Online - Level 2 BookkeepingLisa Newton