CLOUD COMPUTING

PRACTICAL FILE
MTECH CST 2ND SEMESTER

SUBMITTED TO:- GAGANJOT KAUR MAM

SUBMITTED BY:- DISHITA CHUGH
 INDEX

1. Introduction to Microsoft Azure

2. Create a Virtual Machine

3. Create a Web app

4. Create a virtual network

5. To create Azure pricing calculator to generate a cost

estimate for an Azure virtual machine and related
network resources.

6. To create the total cost of ownership (TCO)

Calculator to generate cost comparison report for
an on-premises environment.

7. To calculate composite SLAs.

8. To create a SQL database.

9. To create a Secure network traffic.

 EXPERIMENT:- 1

1) Introduction about Microsoft Azure.

a) What is Microsoft Azure?
Azure is a cloud computing platform and an online portal that allows
you to access and manage cloud services and resources provided by
Microsoft. These services and resources include storing your data and
transforming it, depending on your requirements. To get access to these
resources and services, all you need to have is an active internet
connection and the ability to connect to the Azure portal.
Things that you should know about Azure:
• It was launched on February 1, 2010, significantly later than its main
competitor, AWS.
• Its free to start and follows a pay-per-use model, which means you
pay only for the services you opt for.
• Interestingly, 80 percent of the fortune 500 companies use Azure
services for their cloud computing needs.
• Azure supports multiple programming languages, including java,
Node Js, and C#.
• Another benefit of Azure is the number of data centers it has around
the world. There are 42 Azure data centers spread around the globe,
which is the highest number of data centers for any cloud platform.
Also, Azure is planning to get 12 more data centers, which will
increase the number of data centers to 54, shortly.

b) What are the various Azure Services and how does Azure Work?

Azure provides more than 200 services, are divided into 18 categories.
These categories include computing, networking, storage, IoT,
migration, mobile, analytics, containers, artificial intelligence, and other
machine learning, integration, management tools, developer tools,
security, databases, DevOps, media identity, and web services. Lets take
a look at some of the major Azure services by category:
Computer Services
• Virtual Machine
This service enables you to create a virtual machine in windows,
Linux or any other configuration in seconds.

• Cloud Service
This service lets you create scalable applications within the cloud.
Once the application is deployed, everything, including
provisioning, load balancing, and health monitoring, is taken care
of my Azure.

• Service Fabric
With service fabric, the process of developing a microservice is
immensely simplified. Microservice is an application that contains
other bundled smaller applications.

• Functions
With functions, you can create applications in any programming
language. The best part about this service is that you need not
worry about hardware requirements while developing
applications because Azure takes care of that. All you need to do
is provide the code.

Networking
• Azure CDN
Azure CDN(Content Delivery Network) is for delivering content to
users. It uses a high bandwidth, and content can be transferred to
any person around the globe. The CDN service uses a network of
servers placed strategically around the globe so that the users can
access the data as soon as possible.
 • Express Route
This service lets you connect your on-premise network to the
Microsoft cloud or any other services that you want, through a
private connection. So, the only communication that will happen
here will be between the enterprise network and the service that you
want.
• Virtual network
The virtual network allows you to have any of the Azure services
communicate with one another privately and securely.
• Azure DNS
This service allows you to host your DNS domains or system domains
on Azure.

Storage
• Disk Storage
This service allows you to choose from either HDD (Hard Disk
Drive) or SSD (Solid State Drive) as your storage option along with
your virtual machine.

• Bob Storage
This service is optimized to store a massive amount of
unstructured data, including text and even binary data.

• File Storage
This is a managed file storage service that can be accessed via
industry SMB(server message block) protocol.

• Queue Storage
 With queue storage, you can provide stable message queuing for
a large workload. This service can be accessed from anywhere in
this world.
c) Why use Azure?
Now that you know more about Azure and the services it provides, you
might be interested in exploring the various uses of Azure.
• Application development: You can create any web application in
Azure.
• Testing: After developing an application successfully on the
platform, you can test it.
• Application hosting: Once the testing is done, Azure can help you
host the application
• Create virtual machines: You can create virtual machines in any
configuration you want with the help of Azure.
• Integrate and sync features: Azure lets you integrate and sync
virtual devices and directories.
• Collect and store metrics: Azure lets you collect and store
metrics, which can help you find what works.
• Virtual hard drives: These are extensions of the virtual machines;
they provide a huge amount of data storage.
 Experiment:-2
2) To create a virtual machine.
a) Create a virtual machine in the portal
In this task, we will create a Windows Server 2019 Datacenter – Gen1
virtual machine.
1. Sign in to the Azure portal (https://portal.azure.com).
2. From the All services blade, search for and select Virtual machines,
and then click + Add and choose + Virtual machine.
3. On the basis tab, fill in the following information (leave the defaults
for everything else):
Settings Values

Subscription Choose your subscription

Resource Group myRGVM(create new)

Virtual machine name myVm

Location (US) East US

Image Windows Server 2019

Datacenter- Gen1

Size Standard D2s v3

Administrator account username Azureuser

Administrator account password Pa$$w0rd1234

 Inbound port rules – Allow select RDP (3389) and HTTP (80)
ports

4. Switch to the networking tab, and look for the Select inbound ports:
Settings Values

Select inbound ports HTTP (80), RDP (3389)

5. Switch to the management tab, and in its Monitoring section, select

the following setting:
Settings Values

Boot diagnostics Disable

6. Leave the remaining defaults and then click the Review + Create
button at the bottom of the page.
7. Once validation is passed click the Create button. It can take
anywhere from five to seven minutes to deploy the virtual machine.
8. You will receive updates on the deployment page and via the
Notifications area (the bell icon in the top menu).
9. Verify port 80 and 3389 opened
 EXPERIMENT:- 3
3) To create a web app
In this walkthrough, we will create a new web app that runs a docker
container. The container displays a Welcome message.
Task1:- Create a web app
Azure App service is actually a collection of four services, all of which are
built to help you host and run web applications. The four services(Web
Apps, Mobile Apps, API Apps, and Logic Apps) look different, but in the end
they all operate in very similar ways. Web apps are the most commonly
used of the four services, and this is the service that we will be using in this
lab.
In this task we will create an Azure app service web app.
a) Sign-in to the Azure portal.
b) From the All services blade, search for and select App services, and click
+ Add, + create, or + New.
c) On the Basics tab of the web app blade, specify the following settings
(replace xxxx in the name of the web app with letters and digits such
that the name is globally unique). Leave the defaults for everything else,
Including the app service plan.

Setting Value

Subscription Choose your subscription

Resource Group myRGWebApp1(create new)

Name myDockerWebAppxxxx

Publish Docker container

Operating system Linux

Region East US
 d) Click Next > Docker and configure the container information. The startup
command is optional and not needed in this exercise.

This is same container that was used in the container instances

walkthrough to display a hello world message.

Setting Value

Options Single container

Image Source Docker Hub

Access Types Public

Image and Tag microsoft/aci-helloworld

e) Click Review + create, and then click create.

Task 2: Test the web app
In this task, we will test the web app.
1. Wait for the Web app to deploy.
2. From Notifications click Go to resource.
3. On the Overview blade, locate the URL entry.
4. Click on the URL to open the new browser tab and displays the
Welcome to Azure container instances page.
Switch back to the overview blade of your web app and note that it includes
several charts. If you repeat step 4 a few times, you should be able to see
corresponding telemetry being displayed in the charts. This includes number of
requests and average response time.
 EXPERIMENT:- 4
4) To create a virtual network.

In this walkthrough, we will create a virtual network, deploy two virtual

machines onto that virtual network and then configure them to allow one
virtual machine to ping the other within that virtual network.

Task1:- In this task, we will create a virtual network.

1. Sign in to the Azure portal at https://portal.azure.com
2. From the All services blade, search for and select Virtual networks, and
then click + Add, + Create, + New.
3. On the Basics tab, fill in the following information (leave the defaults for
everything else):
Setting Value

Subscription Leave default provided

Resource group Create new resource group

Name Vnet1

Region (US) East US

4. Click the Review + create button. Ensure the validation passes.

Task 2:- Create two virtual machines.

In this task, we will create two virtual machines in the virtual network.
1. From the All services blade, search for Virtual machines and then click +
Add, + Create, + New, from the drop down select Virtual Machine.
2. On the Basics tab, fill in the following information (leave the defaults for
everything else):
 Setting Value

Subscription Use default supplied

Resource group Select default in drop down

Virtual machine name vm1

Region (US) East US

Image Windows server 2019 Datacenter

– Gen1
Username azureuser

Password Pa$$w0rd1234

Public inbound ports Select Allow selected ports

Selected inbound ports RDP(3389)

3. Select Networking tab. Make sure the virtual machine is placed in the vnet1
virtual network. Review the default settings, but do not make any other
changes.
4. Click Review + create. After the validation passes, click create. Deployment
times can vary but it can generally take between three to six minutes to
deploy.
5. Monitor your deployment, but continues on to the next step.
6. Create a second virtual machine by repeating steps 2 to 4 above. Make sure
use a different virtual machine name, that the virtual machine is in the
same virtual network, and is using a new public IP address.
 Setting Value

Resource group myRGVNet

Virtual machine name Vm2

Virtual network Vnet1

Public IP Vm2-ip

7. Wait for both virtual machines to deploy and status says running.
Task 3:- Test the connection

In this task, we will try to test whether the virtual machines can communicate
(ping) each other. If not we will install a rule to allow an ICMP connection. Usually
ICMP connections are automatically blocked.

1. From the All resources blade, search for vm1, open its Overview blade, and
make sure its Status is Running. You may need to Refresh the page.
2. On the Overview blade, select Connect and then select RDP from the drop
down.

Note: The following directions tell you how to connect to your VM from a
Windows computer.

3. On the Connect with RDP blade, keep the default options to connect by IP
address over port 3389 and click Download RDP File.
4. Open the downloaded RDP file (located at the bottom left of you VM) and
click Connect when prompted.
5. In the Windows Security window, type the username azureuser and
password Pa$$w0rd1234 and then click OK.
6. You may receive a certificate warning during the sign-in process.
Click Yes to create the connection and connect to your deployed VM. You
 should connect successfully. Close the Windows Server and Dashboard
windows that pop up. You should see a Blue Windows background. You are
now in your virtual machine.
7. Open up PowerShell on the virtual machine by clicking the Start button,
and in Search type PowerShell, right click on Windows PowerShell to Run
as administrator
8. In Powershell, try to ping vm2 by typing:

CodeCopy

ping vm2

9. You should be successful. You have pinged VM2 from VM1.

 EXPERIMENT:- 5
5) To create Azure pricing calculator to generate a cost estimate for an Azure
virtual machine and related network resources.
Task 1:- Configure the pricing calculator.
In this task, we will estimate cost of a sample infrastructure by using the Azure
Pricing Calculator.
Note: To create an Azure Pricing Calculator estimate, this walkthrough
provides example configurations for the VM and related resources. Use this
example configurations or provide the Azure Pricing Calculator with details of
your actual resource requirements instead.
1. In a browser, navigate to the Azure Pricing Calculator webpage.
2. To add details of your VM configuration, click Virtual Machines on
the Products tab. Scroll down to view the virtual machine details.
3. Replace Your Estimate and Virtual Machines text with more descriptive
names for your Azure Pricing Calculator estimate and your VM
configuration. This walkthrough example uses My Pricing Calculator
Estimate for the estimate, and Windows VM for the VM configuration.
4. Modify the default VM configuration.

Region Operating system Type

North Europe Windows (OS only)

Tier Instance
Standard A2: 2 Core(s), 3.5 GB RAM, 135 GB
Temporary storage

Note: The VM instance specifications and pricing may differ from those in this
example. Follow this walkthrough by choosing an instance that matches the
example as closely as possible. To view details about the different VM product
options, choose Product details from the More info menu on the right.
5. Set the Billing Option to Pay as you go.
6. In Azure, a month is defined as 730 hours. If your VM needs to be available
100 percent of the time each month, you set the hours-per-month value
to 730. This walkthrough example requires one VM to be available 50
percent of the time each month. Leave the number of VMs set at 1, and
change the hours-per-month value to 365.
7. In the Managed OS Disks pane, modify the default VM storage
configuration.
Tier Disk Size Number of Snapshot Storage
Disks Transactions
Standard S30: 1024 1 off 10,000
HDD GiB

8. To add networking bandwidth to your estimate, go to the top of the Azure

Pricing Calculator webpage. Click Networking in the product menu on the
left, then click the Bandwidth tile. In the Bandwidth added message dialog,
click View.
9. Add a name for your VM bandwidth configuration. This walkthrough
example uses the name Bandwidth: Windows VM. Modify the default
bandwidth configuration by adding the following details.
Region Zone 1 Outbound Data Transfer
Amount
North Europe 50GB

10. To add an Application Gateway, return to the top of the Azure Pricing
Calculator webpage. In the Networking product menu, click the Application
Gateway tile. In the Application Gateway message dialog, click View.
11. Add a name for your Application Gateway configuration. This walkthrough
uses the name App Gateway: Windows VM. Modify the default Application
Gateway configuration by adding the following details.
 Region Tier Size

North Europe Basic Small

Instances Hours
1 365

Data Processed
50GB

Zone 1: North America, Europe

50 GB

Task 2:- Review the pricing estimate

In this task, we will review the results of the Azure Pricing Calculator.
1. Scroll to the bottom of the Azure Pricing Calculator webpage to view total
Estimated monthly cost.
2. Change the currency to Euro, then select Export to download a copy of the
estimate for offline viewing in Microsoft excel format.
 EXPERIMENT:- 6

6) To create the total cost of ownership (TCO) Calculator to generate cost

comparison report for an on-premises environment.
Task 1:- Configure the TCO calculator.
In this task, we will add infrastructure information to the calculator.
1. In a browser, navigate to the Total Cost of Ownership (TCO)
Calculator page.
2. To add details of your on-premises server infrastructure, click + Add server
workload in the Define your workloads pane.
Settings Value

Name Server: Windows VMs

Workload Windows/Linux server

Environment Virtual Machines

Operating system Windows

VMs 50

Virtualization Hyper-V

Core(s) 8

RAM (GB) 16

Optimize by CPU

Windows Server 2008/2008 R2 Off

3. Select + Add server workload to make a row for a new server workloads
definition.
Settings Value

Name Servers: Linux VMs

Workload Windows/Linux server

Environment Virtual Machines

Operating System Linux

VMs 50

Core(s) 8

RAM(GB) 16

Optimize by CPU

Windows server 2008/2008 R2 Off

4. In the Storage pane, click Add storage.

Settings Value

Name Server storage

Storage type Local Disk/SAN

Disk type HDD

Capacity 60 TB

Backup 120 TB
 Archive 0 TB

5. In the Networking pane, add bandwidth.

Settings Value

Outbound 15 TB

6. Click next.
7. Explore the options and make any adjustments that you require.
Settings Value

Currency Euro

8. Click next.
Task 2:- Review the results and save a copy.
In this task, we will review cost saving recommendations and download a
report.
1. Review the Azure cost saving recommendations and visualizations.

Settings Value

Timeframe 3 years

Region North Europe

2. To modify the information you provided, go to the bottom of the page, and
click Back.
3. To save or print a PDF copy of the report, click Download.
 EXPERIMENT:- 7
7) To calculate composite SLAs.

In this walkthrough, we will determine availability SLA of Azure services and

then calculate application composite SLA-based expected availability.
Our example application consists of these Azure services. We will not go in
to deep architectural configuration and considerations, the intention here
is to give an high level example.
• App service: To host the application.
• Azure AD B2C: To authenticate user logins and manage profiles.
• Application Gateway: To manage application access, and scaling.
• Azure SQL Database: To store application data.

Task 1:- Determine the SLA uptime percentage values for our application.
1. In a browser, go to the SLA summary for Azure services page.
2. Locate the App Service SLA uptime value, 99.95%. Click View full details,
and then expand SLA details. Notice the Monthly uptime
percentages and Service Credits.
3. Return to the SLA webpage and locate the Azure Active Directory
B2C service and determine the SLA uptime value, 99.9%.
4. Locate the Application Gateway SLA uptime value, 99.95%.
5. The Azure SQL database uses Premium tiers but is not configured for Zone
Redundant Deployments. Locate the Azure SQL Database SLA uptime
value, 99.99%.
Note: There are different uptime values for different configurations and
deployments of Azure SQL Database. It is important you are clear on your
required uptime values, when planning and costing your deployment and
configuration. Small changes in uptime can have impact on service costs as well as
potentially increase complexity in configuration.
Task 2:- Calculate the application composite SLA percentage uptime.
1. If any of the services that comprises our application are not available our
application will not be available for users to sign in to and use. As such the
total uptime for our application consists of the following:
App Service % uptime X Azure AD B2C % uptime X Azure Application Gateway %
uptime X Azure SQL Database % uptime = Total % Uptime
which in percentage term is as follows:
99.95% X 99.9% X 99.95% X 99.99% = 99.79%
This is the SLA-based expected availability of our application with the current
services and architecture.
 EXPERIMENT:- 8
8) To create a SQL database.

Task1:- Create the database.

In this task we will create a SQL database based on the AdventureWorksLT
sample database.
1. Sign in to the Azure portal at https://portal.azure.com.
2. From the All services blade, search for and select SQL databases, and then
click ** + Add, + Create, + New**.
3. On the Basics tab, fill in this information.
Setting Value

Subscription Use default supplied

Resource group Create new resource group

Database name db1

Server Select Create new(A new

sidebar will open on the right)

Server name sqlserverxxxx

Server admin login sqluser

Password Pa$$w0rd1234

Location (US) East US

Click OK
4. On the Networking tab and configure the following settings (leave others
with their defaults)
Setting Value

Connectivity Public Endpoint

Allow azure services and resources Yes

to access this server
Add current client IP address No

5. On the Security tab. | Setting | Value | | — | — | | Azure Defender for

SQL| Not now |
6. Move to the Additional settings tab. We will be using the
AdventureWorksLT sample database.
Setting Value

Use existing data Sample

7. Click review + create and then click Create to deploy and provision the
resource group, server, and database. It can take approx.. 2 to 5 minutes to
deploy.

Task 2:- Test the database.

In this task we will configure the SQL server and run a SQL query.
1. When the deployment has completed, click go to resource from the
deployment blade. Alternatively, from the All resources blade, search
and select Databases, then SQL databases ensure your new database
was created. You may need to Refresh the page.
2. Click the db1 entry representing the SQL database you created. On
the db1 blade click Query editor(preview).
3. Login as sqluser with the password Pa$$w0rd1234.
4. You will not be able to login. Read the error closely and make note of
the IP address that needs to be allowed through the firewall.
5. Back on the db1 blade, click overview.
6. From the db1 Overview blade, click set server firewall located on the
top center of the overview screen.
7. Click + add client IP (top menu bar) to add the IP address referenced
in the error. (it may have autofilled for you – if not paste it into the
address fields). Be sure to save your changes.
8. Return to your SQL database (slide the bottom toggle bar to the left)
and click on query editor (preview). Try to login again as sqluser with
the password Pa$$w0rd1234. This time you should succeed. Note
that it may take a couple of minutes for the new firewall rule to be
deployed.
9. Once you log in successfully, the query pane appears enter the
following query into the editor pane.
10.Click Run, and then review the query results in the Results pane. The
query should run successfully.
 EXPERIMENT:- 9
9) To create a Secure network traffic.

In this walkthrough, we will configure a network security group.

Task1:- Create a virtual machine.

In this task, we will create a windows server 2019 Datacenter virtual machine.

1. Sign in to the Azure portal.

2. From the All services blade, search for and select Virtual machines, and
then click + Add, + Create, + New Virtual Machine.
3. On the Basics tab, fill in the following information (leave the defaults for
everything else):
Settings Value

Subscription Use default provided

Resource group Create new resource group

Virtual machine name SimpleWinVM

Region (US) East US

Image Windows Server 2019 datacenter

gen1
Size Standard D2s v3

Administrator account username azureuser

Administrator account password Pa$$w0rd1234

Inbound port rules None

 4. Switch to the networking tab, and configure the following setting:

Settings Value
NIC network security group None

5. Switch to the management tab, and in its Monitoring section, select the
following setting:
Settings Value
Boot diagnostics Disable

6. Leave the remaining defaults and then click the Review + create button at
the bottom of the page.
7. Once Validation is passed click the Create button. It can take about five
minutes to deploy the virtual machine.
8. Monitor the deployment. It may take a few minutes for the resource group and
virtual machine to be created.
9. From the deployment blade or from the Notification area, click Go to resource.
10. On the SimpleWinVM virtual machine blade, click Networking, review
the Inbound port rules tab, and note that there is no network security group
associated with the network interface of the virtual machine or the subnet to
which the network interface is attached.

Note: Identify the name of the network interface. You will need it in the next task.

Task 2:- Create a network security group.

In this task, we will create a network security group and associate it with the
network interface.

1. From the All services blade, search for and select Network security
groups and then click + Add, + Create, + New
2. On the Basics tab of the Create network security group blade, specify the
following settings.
 Setting Value

Subscription Use default subscription

Resource group Select default from drop down

Name myNSGSecure

Region (US) East US

3. Click Review + create and then after the validation click Create.
4. After the NSG is created, click Go to resource.
5. Under Settings click Network interfaces and then + Associate.
6. Select the network interface you identified in the previous task.

Task 3:- Configure an inbound security port rule to allow RDP.

In this task, we will allow RDP traffic to the virtual machine by configuring an
inbound security port rule.

1. In the Azure portal, navigate to the blade of the SimpleWinVM virtual

machine.
2. On the Overview pane, click Connect.
3. Attempt to connect to the virtual machine by selecting RDP and
downloading an running the RDP file. By default the network security group
does not allow RDP. Close the error window.
4. On the virtual machine blade, scroll down to the Settings section, click
on Networking, and notice the inbound rules for the myNSGSecure
(attached to network interface: myVMNic) network security group denies
all inbound traffic except traffic within the virtual network and load
balancer probes.
5. On the Inbound port rules tab, click Add inbound port rule .
Click Add when you are done.
Setting Value

Source Any

Source port ranges *

Destination Any

Destination port ranges 3389

Protocol TCP

Action Allow

Priority 300

Name AllowRDP

6. Select Add and wait for the rule to be provisioned and then try again to
RDP into the virtual machine by going back to Connect This time you should
be successful. Remember the user is azureuser and the password
is Pa$$w0rd1234.

Task 3:- Configure an outbound security port rule to deny Internet access.

In this task, we will create a NSG outbound port rule that will deny Internet
access and then test to ensure the rule is working.

1. Continue in your virtual machine RDP session.

2. After the machine starts, open an Internet Explorer browser.
3. Verify that you can access https://www.bing.com and then close Internet
Explorer. You will need to work through the IE enhanced security pop-ups.

Note: We will now configure a rule to deny outbound internet access.

4. Back in the Azure portal, navigate back to the blade of

the SimpleWinVM virtual machine.
5. Under Settings, click Networking, and then Outbound port rules.
6. Notice there is a rule, AllowInternetOutbound. This a default rule and
cannot be removed.
7. Click Add outbound port rule to the right of the myNSGSecure (attached to
network interface: myVMNic) network security group and configure a new
outbound security rule with a higher priority that will deny internet traffic.
Click Add when you are finished.
Setting Value

Source Any

Source port ranges *

Destination Service tag

Destination service tag Internet

Destination port ranges *

Protocol TCP

Action Deny

Priority 4000

Name Denylnternet

8. Click add return to the VM you RDP’s.

9. Browse to https://www.microsoft.com The page should not display. You
may need to work through additional IE enhanced security pop-ups.