Professional Documents
Culture Documents
models.
- Some of the key terms and concepts such as high availability, agility, elasticity, fault tolerance, and
CapEx vs. OpEx.
- The different cloud services available, the benefits of using the different types, and the management
responsibilities under each service type.
- Cloud models such as public, private and hybrid, and what the key characteristics of each model are.
- The different types of cloud service available: IaaS, PaaS, and SaaS; what the key characteristics of
each service are and when you would choose one over the other.
1. Which term from the list below would be viewed as benefits of using cloud services?
a.Unpredictable costs
b.Elasticity
2. Suppose you have two types of applications: legacy applications that require specialized mainframe
hardware and newer applications that can run on commodity hardware. Which cloud deployment model
would be best for you?
a. Public cloud
b. Private cloud
c. Hybrid cloud
3. You're developing an application and want to focus on building, testing, and deploying. You don't
want to worry about managing the underlying hardware or software. Which cloud service type is best
for you?
Azure is Microsoft's cloud computing platform. Azure provides over 100 services that enable you to do
everything from running your existing applications on virtual machines to exploring new software
paradigms such as intelligent bots and mixed reality.
Here are just a few kinds of services that we can find on Azure:
- Compute services such as VMs and containers that can run your applications
- Identity services that help you authenticate and protect your users
- Networking services that connect your datacenter to the cloud, provide high availability or host your
DNS domain
- Storage solutions that can accommodate massive amounts of both structured and unstructured data
- AI and machine-learning services can analyze data, text, images, comprehend speech, and make
predictions using data — changing the world of agriculture, healthcare, and much more.
1. What is Azure?
a. Microsoft's cloud computing platform, which provides compute power, storage, and services over
the Internet using a pay-as-you-go pricing model.
a. When your application or service requires a more powerful CPU or more memory to run faster.
With an Azure account and subscription, you can build, test, and deploy enterprise applications, create
custom web and mobile experiences, and gain insights from your data through machine learning and
powerful analytics.
An Azure account is what you use to sign in to the Azure website and administer or deploy services.
Every Azure account is associated with one or more subscriptions.
To create and use Azure services, you will need an Azure account. It allows you to build and deploy
cloud-based applications, utilize sophisticated artificial intelligence services, and extract essential
insights from your data.
With an Azure account, you can use a variety of free and paid services to create the next-generation
architecture for your product and users.
Subscriptions are a fundamental part of every IT service, providing a link between a person or
organization, the resources used and payment. Every subscription have a time limit.
An Azure subscription is a logical container used to provision resources in Microsoft Azure. It holds the
details of all your resources like virtual machines, databases, etc.
Subscription Types
Azure offers free and paid subscription options to suit different needs and requirements. The most
commonly used subscriptions are:
- Free
- Pay-As-You-Go
- Enterprise Agreement
- Student
An Azure free subscription includes a Rs. 13300/- credit to spend on any service for the first 30 days,
free access to the most popular Azure products for 12 months, and access to more than 25 products
that are always free. This is an excellent way for new users to get started. To set up a free subscription,
you need a phone number, a credit card, and a Microsoft account.
A Pay-As-You-Go (PAYG) subscription charges you monthly for the services you used in that billing
period. This subscription type is appropriate for a wide range of users, from individuals to small
businesses, and many large organizations as well.
- Discounts
An Enterprise Agreement provides flexibility to buy cloud services and software licenses under one
agreement, with discounts for new licenses and Software Assurance. It’s targeted at enterprise-scale
organizations.
When you sign up for an EA you will receive access to the EA portal, designed to manage subscriptions in
your EA. Since all the subscriptions in your EA rolls up in your portal, you will have a enterprise overview
of all the spending and budgeting related to your organization’s Azure spend. This is a key feature and
ensures that organizational departments adhere to corporate policies around spending.
== 2. Discounts
Generally, EA’s offer considerable discounts over pay-as-you-go subscriptions. An EA will be cost
effective and way more efficient than running the same services as the pay-as-you-go option, under the
right circumstances. Services such as Azure Virtual Machines have a discount rate up to 30%! Taking this
into cons…
Azure offers exclusive enterprise only services, such as Azure Active Directory Premium (AAD Premium).
To purchase this service, you will need to have an EA in place.
An Azure for Students subscription includes $100 in Azure credits to be used within the first 12 months
plus select free services without requiring a credit card at sign-up. You must verify your student status
through your organizational email address.
Access Management
You can create separate subscriptions on your Azure account to reflect different organizational
structures. For example, you could limit engineering to lower-cost resources, while allowing the IT
department a full range. This design allows you to manage and control access to the resources that
users provision within each subscription. These kind of flexibility can be obtained through the Azure EA
Subscription.
Billing
One bill is generated for every Azure subscription on a monthly basis. The payment is charged
automatically to the associated account credit or debit card within 10 days after the billing period ends.
On your credit card statement, the line item would say MSFT Azure.
You can analyze your bill in the Azure portal – this will provide access to all your invoices, as well as a
cost analysis breakdown of what got charged each month.
You can set spending limits on each subscription to ensure you aren’t surprised at the end of the month.
Reports can be generated by subscriptions, if you have multiple internal departments and need to do
“chargeback,” a possible scenario is to create subscriptions by department or project.
Azure Enterprise portal - an online management portal that helps you manage costs for your Azure EA
services. You can:
- Reconcile the costs of your consumed services, download usage reports, and view price lists.
## Departments help you segment costs into logical groupings. Departments enable you to set a
budget or quota at the department level.
## Accounts are organizational units in the Azure Enterprise portal. You can use accounts to manage
subscriptions and access reports.
## Subscriptions are the smallest unit in the Azure Enterprise portal. They're containers for Azure
services managed by the service administrator.
The following administrative user roles are part of your enterprise enrollment:
- Enterprise administrator
- Department administrator
- Account owner
- Service administrator
Enterprise administrator
Users with this role have the highest level of access. They can:
## Department administrator
You can have multiple department administrators for each enterprise enrollment.
You can grant department administrators read-only access when you edit or create a new department
administrator.
## Account owner
## Service administrator
The service administrator role has permissions to manage services in the Azure portal and assign users
to the co-administration role.
https://azure.microsoft.com/en-us/support/plans/
An Azure Virtual Network (VNet) is a representation of your own network in the cloud. It is a logical
isolation of the Azure cloud dedicated to your subscription. Each VNet you create has its own CIDR block
and can be linked to other VNets and on-premises networks as long as the CIDR blocks do not overlap.
When you create a VNet, your services and VMs within your VNet can communicate directly and
securely with each other in the cloud.
==> Managing Virtual Network in Azure
a) Virtual Network
b) IP Address Range
c) Subnets
d) NIC
Virtual Network : We can consider it as a dedicated LAN created for our subscription to place the VMs
Class A : 10.0.0.0/8
224.0.0.0/4 (Multicast)
255.255.255.255/32 (Broadcast)
127.0.0.0/8 (Loopback)
169.254.0.0/16 (Link-local)
Subnet : 10.0.0.0/24
10.0.0.0/24 Subnet Id
10.0.0.2/24
10.0.0.255/24 Broadcast
NIC : Gets automatically created when we create a VM. Helps that VM to communicate with other VMs
of the same or other subnets, even with VMs from different Virtual Networks.
Network Security Group : Control the inbound traffic for the entire virtual network. A good way for
filtering the traffic. We can further filter the traffic using Firewall.
[10:14 PM, 5/30/2020] Apratim Sir Azure: A network security group is a layer of security that acts as a
virtual firewall for controlling traffic in and out of virtual machines (via network interfaces) and subnets.
It contains a set of security rules that allow or deny inbound and outbound traffic using the following 5-
tuple: protocol, source IP address range, source port range, destination IP address range, and
destination port range. A network security group can be associated to multiple network interfaces and
subnets, but each network interface or subnet can be associated to only one network security group.
Security rules are evaluated in priority-order, starting with the lowest number rule, to determine
whether traffic is allowed in or out of the network interfaces or subnets associated with the network
security group. A network security group has separate inbound and outbound rules, and each rule can
allow or deny traffic. Each network security group has a set of default security rules, which allows all
traffic within a virtual network and outbound traffic to the internet. There is also a rule to allow traffic
originating from Azure's load balancer probe. All other traffic is automatically denied. These default
rules can be overridden by specifying rules with a lower priority number.
A virtual machine is a computer file, typically called an image, which behaves like an actual computer. In
other words, creating a computer within a computer. It runs in a window, much like any other
programme, giving the end user the same experience on a virtual machine as they would have on the
host operating system itself. The virtual machine is sandboxed from the rest of the system, meaning that
the software inside a virtual machine cannot escape or tamper with the computer itself. This produces
an ideal environment for testing other operating systems including beta releases, accessing virus-
infected data, creating operating system backups and running software or applications on operating
systems for which they were not originally intended.
Multiple virtual machines can run simultaneously on the same physical computer. For servers, the
multiple operating systems run side-by-side with a piece of software called a hypervisor to manage
them. Each virtual machine provides its own virtual hardware, including CPUs, memory, hard drives,
network interfaces and other devices. The virtual hardware is then mapped to the real hardware on the
physical machine which saves costs by reducing the need for physical hardware systems along with the
associated maintenance costs that go with it, plus reduces power and cooling demand.
Azure Virtual Machines (VM) is one of several types of on-demand, scalable computing resources that
Azure offers. Typically, you choose a VM when you need more control over the computing environment
than the other choices offer.
An Azure VM gives you the flexibility of virtualization without having to buy and maintain the physical
hardware that runs it. However, you still need to maintain the VM by performing tasks, such as
configuring, patching, and installing the software that runs on it.
# Naming
A virtual machine has a name assigned to it and it has a computer name configured as part of the
operating system. The name of a VM can be up to 15 characters.
# Locations
All resources created in Azure are distributed across multiple geographical regions around the world.
Usually, the region is called location when you create a VM. For a VM, the location specifies where the
virtual hard disks are stored.
# VM size
The size of the VM that you use is determined by the workload that you want to run. The size that you
choose then determines factors such as processing power, memory, and storage capacity. Azure offers a
wide variety of sizes to support many types of uses.
** Azure charges an hourly price based on the VM’s size and operating system. For partial hours, Azure
charges only for the minutes used. Storage is priced and charged separately.
# VM Limits
Your subscription has default quota limits in place that could impact the deployment of many VMs for
your project. The current limit on a per subscription basis is 20 VMs per region. Limits can be raised by
filing a support ticket requesting an increase
- Virtual machines use virtual hard disks (VHDs) to store their operating system (OS) and data. VHDs are
also used for the images you can choose from to install an OS.
- Azure provides many marketplace images to use with various versions and types of Windows Server
operating systems and Linux based operating systems. Marketplace images are identified by image
publisher, offer, sku, and version (typically version is specified as latest).
- Only 64-bit operating systems are supported.
# Related resources
The resources in this table are used by the VM and need to exist or be created when the VM is created
Storage account Yes The VM needs the storage account to store its virtual
hard disks.
Data disks No The VM can include data disks to expand storage capabilities
- Usernames can be a maximum of 20 characters in length and cannot end in a period (".").
administrator
admin
admin1
admin2
adm
actuser
aspnet
backup
console
david
guest
john
owner
root
sql
sys
server
support
support_388945a0
test
test1
test2
test3
user
user1
user2
user3
user4
user5
123
# What are the password requirements when creating a VM?
- There are varying password length requirements, depending on the tool you are using:
- Have a digit
==> Practical 1
Name: VM-RG
Location : East US
Region : East US
Password : C0llecti0n@123
==> Practical 2
Name: VM-RG
Location : East US
Region : East US
Size : Standard D2 v3
Password : C0llecti0n@123
==> Practical 3
- Access Windows Virtual Machine from another Windows System using RDP
- Access Linux Virtual Machine from another Windows System using Putty
- Access Windows Virtual Machine from another Linux Machine with GUI using xfreerdp
- Access Linux Virtual Machine from another Linux Machine using ssh
https://azure.microsoft.com/en-in/pricing/details/virtual-machines/series/