TCS IREP PROGRAM

TEAM-25
UCD

GUIDED BY
Mrs. KUSUM

SUBMITTED BY

S.ARAVIND KUMAR-(CT20161844954)
R.KAVINCHAKARAVARTHI-(CT20151526670)
V.HARIHARAKRISHNAN-(CT20151527419)

1
S.NO VERSION NAME OF THE TASK STATUS REMARKS
1.a 1.0 Create a New Virtual Machine in Completed Successfully
Resource Manager deployment created virtual
Model machine
1.b 1.0 Create a New Virtual Machine Completed Installed visual
with existing virtual network using studio and we
Json Template are working on it
2 1.0 Create a SSD disk named Disk1 of Completed Created a SSD
space 128 GB and attach it to any for 128GB
existing VM.
3 1.0 Create a Virtual network named Completed Successfully
Testvnet1. Create 3 subnet with the created vnet and
following range subnets
Subnet1: 10. 0.0.0/24
Subnet2: 172.16.0.0/24
Subnet2: 192.168.0.0/24

4 1.0 Create 2 VM with two different Completed Successfully

virtual networks and with two pinged two VM
different Azure regions. Use a in different
PowerShell script to connect from location
Vnet1 to Vnet2 using Virtual
Network Gateway
5 1.0 Create 2 VM with two different Completed Successfully
virtual networks and within the created 2 VM
same Azure regions. Connect these and pinged
two VM without using virtual
network gateway.
6.a 1.0 Use an existing VM say VM1 and Completed Successfully
VM2 and assign the following de-associated
network traffic requirements VM2 public IP
a. Public IP address should be
de-associated to the VM2
6.b 1.0 You can take RDP from VM1 to Completed Issue in Remote
VM2 and Vice versa should not be desktop
done(using Network Security connection
Group)
7 1.0 Establish a secure connection from Completed Successfully
your laptop to the Azure virtual connected
network using azure point to site
VPN
8 1.0 Block the Internet connectivity for Completed Successfully
an existing VM blocked the
internet
connectivity for
a VM

2
9 1.0 Create a blob storage with the hot Completed Successfully
access tier and the replication type created storage
should be LRS using PowerShell account

10.a 1.0 Create a recovery service Vault Completed Backup created

and create the following backup for given
retention point policies schedule
a. Schedule a daily back up
at 1.00 AM for 15 days for aVM1
10.b 1.0 Schedule a weekly backup at 1.00 Completed Backup created
AM every Tuesday for 30 weeks for given
schedule
11 1.0 Create a backup for a VM with the Completed Created the backup
above retention policies using for VM using
PowerShell powershell
12 1.0 Restore a VM from created backup Completed Successfully
point restored VM
from backup
point
13 1.0 Create a file share in azure storage Completed Successfully
account with 1 GB space and created a file
access the file share from any share for 1GB
existing VM
14 1.0 Create any web app and make sure Completed Created connectivity
the connectivity is established Between DB and
using azure sql database web app
15 1.0 Create two same web app and Completed Successfully two
deploy it in two different locations web servers are
and implement a traffic manager created
with routing method as
performance. Make sure you
access a webapp by making
another web app down.
16 1.0 Create an availability set with the Completed Successfully
following settings and assign it to created an
VM’s availability set
*Fault domain: 3 with given
* Update domain: 5 settings
17 1.0 Create a Linux VM using a Completed Successfully
PowerShell and install Google created a Linux
chrome application in the Linux VM using
VM PowerShell

18 1.0 Provide read only permission to Completed Successfully

your colleagues’ ID for any of your provided read
existing resource group only permission

3
19 1.0 Create a VM with 2 NIC’s using Completed Successfully
Json Template created VM with
two NIC
20 1.0 Create the following inbound Completed Successfully
security rule for an existing VM created inbound
*Name: allow http security rule for
*priority: 1100 the VM using
*Source: any given rules
*protocol: TCP
*source port range: *
*Destination: any
*Destination port
Range: 80
*Action: allow

SCENARIO:

7 2.0 Create two same web app and Completed Successfully

deploy it in two different locations created two web
and implement a traffic manager apps and SQL
with routing method as
performance make sure each
webapp is connected to SQL.
Make sure you access a webapp by
making another web app down.

4
1.A) Create a New Virtual Machine in Resource Manager deployment model

 Click the New button found on the upper left-hand corner of the Azure portal.
 Select Compute, and then select Windows Server 2012 Datacenter.
 Enter the virtual machine information. The user name and password entered here is used
to log in to the virtual machine. When complete, click OK.
 Select a size for the VM. To see more sizes, select View all or change the Supported
disk type filter.
 Under Settings, keep the defaults and click OK.
 On the summary page, click Ok to start the virtual machine deployment.
 The VM will be pinned to the Azure portal dashboard. Once the deployment has
completed, the VM summary automatically opens.
 Click the Connect button on the virtual machine properties. A Remote Desktop Protocol
file (.rdp file) is created and downloaded.
 To connect to your VM, open the downloaded RDP file. If prompted, click Connect. On
a Mac, you need an RDP client such as this Remote Desktop Client from the Mac App
Store.
 Enter the user name and password you specified when creating the virtual machine, then
click Ok.
 You may receive a certificate warning during the sign-in process. Click Yes or Continue
to proceed with the connection

5
6
7
8
9
1.B)Create a New Virtual Machine with existing virtual network using Json Template

 Create a VM with visual studio

 And on that VM open Visual studio and select new Filenew
projectcloudASP.NETMVC template
 Add resources NIC, Public IP, Storage account, Virtual network and add VM

10
11
12
13
2. Create a SSD disk named Disk1 of space 128 GB and attach it to any existing VM.

Please Note: Make sure 128GB Space is assigned as any drive Letter in that specified VM

 Create a VM with SSD disk type

 Open the VM Overview in the portal
 Then go to Disks
 Here Create the disk of Size 128 GB by clicking on Add.
 Now login to the VM using RDP
 And then Enable the disk via server manager -> Files and Servers
 Then set the Virtual disk Configurations and Partitioning

14
15
16
17
3. Create a Virtual network named Testvnet1. Create 3 subnet with the following range

Subnet1: 10. 0.0.0/24

Subnet2: 172.16.0.0/24

Subnet2: 192.168.0.0/24

 Create a Vnet for a single address space.

 Then open the Vnet in portal and go to Address Space
 There click on address space
 Add the address space as required
 Then create the subnets as given

18
19
20
21
22
4. Create 2 VM with two different virtual networks and with two different Azure regions.
Use a PowerShell script to connect from Vnet1 to Vnet2 using Virtual Network Gateway
Create 2 new VM’s at 2 different Locations with two different Vnets

 Create Virtual Network Gateways in those two locations for those two Vnets
 Create a Connection pair using Connections
 Log in to the two VM’s and do disable the firewall
 Now ping the two VM’s using their private IP

23
24
25
26
27
28
29
30
31
32
5. Create 2 VM with two different virtual networks and within the same Azure regions.
Connect these two VM without using virtual network gateway

 Create VM’s in the same location

 Set peering in both Vnets of the VM’s
 Disable the firewalls
 Then Pinging is done

33
34
35
36
37
38
39
6. Use an existing VM say VM1 and VM2 and assign the following network traffic
requirements

a. Public IP address should be de-associated to the VM2

 VM2 disassociate (public-IP)

 Now you cannot log in to the VM using RDP from the local system

b. You can take RDP from VM1 to VM2 and Vice versa should not be done (using
Network Security Group)

 Log in to Vm1 using RDP

 In run, use Mstsc cmd to open RDP
 Connect using the private IP of VM2
 Use NSG to block the outbound RDP of the VM2 and then try to connect to VM1 from
VM2 using mstsc cmd in a similar way, which will not happen due to the NSG rule
created

40
41
42
7. Establish a secure connection from your laptop to the Azure virtual network using azure
point to site VPN
1. Create a virtual network
2. Add a gateway subnet
3. Specify a DNS server (optional)
4. Create a virtual network gateway
5. Generate certificates

$cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature `

-Subject "CN=P2SRootCert" -KeyExportPolicy Exportable `
-HashAlgorithm sha256 -KeyLength 2048 `
-CertStoreLocation "Cert:\CurrentUser\My" -KeyUsageProperty Sign -KeyUsage CertSign
6. Add the client address pool

New-SelfSignedCertificate -Type Custom -KeySpec Signature `

-Subject "CN=P2SChildCert" -KeyExportPolicy Exportable `
-HashAlgorithm sha256 -KeyLength 2048 `
-CertStoreLocation "Cert:\CurrentUser\My" `
-Signer $cert -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2")
7. Upload the root certificate public certificate data
8.Ping the VM

43
44
45
8. Block the Internet connectivity for an existing VM

Steps done are,

 Use NSG of that particular VM

 Block the outbound http requests
 Try to connect to a website from the VM

46
47
48
49
9. Create a blob storage with the hot access tier and the replication type should be LRS
using PowerShell

Steps done are,

 Login to the Azure Account from the Power Shell ISE

 Create a Storage Account as stated from the Power Shell using the New-
AzureRmStorageAccount command

50
51
52
10. Create a recovery service Vault and create the following backup retention point
policies

a. Schedule a daily back up at 1.00 AM for 15 days for a VM1 .

b. Schedule a weekly backup at 1.00 AM every Tuesday for 30 weeks

Steps,
1. Create a recovery service vault
2. Select a VM from resource group and click on the backup policy from the left task label
3. Enter the backup policy for daily backup
4. Save the backup policy

53
54
55
11) Create a backup for a VM with the above retention policies using PowerShell

 Register with Microsoft recovery service “Register-AzureRmResourceProvider -

ProviderNamespace "Microsoft.RecoveryServices"
 Create service vault “New-AzureRmRecoveryServicesVault -Name "testvault" -
ResourceGroupName " test-rg" -Location "West US"
 Set vault context “Get-AzureRmRecoveryServicesVault -Name "testvault" | Set-
AzureRmRecoveryServicesVaultContext”
 Create protection and retention policies object $schPol = Get-
AzureRmRecoveryServicesBackupSchedulePolicyObject -WorkloadType
"AzureVM"
 $retPol = Get-AzureRmRecoveryServicesBackupRetentionPolicyObject -
WorkloadType "AzureVM"
 New-AzureRmRecoveryServicesBackupProtectionPolicy -Name "NewPolicy" -
WorkloadType "AzureVM" -RetentionPolicy $retPol -SchedulePolicy $schPol
 Back up Azure VMs
 Create new policy “$pol=Get-
AzureRmRecoveryServicesBackupProtectionPolicy -Name "NewPolicy"
 Enable-AzureRmRecoveryServicesBackupProtection -Policy $pol -Name
"V2VM" -ResourceGroupName "RGName1"
 Trigger a backup job
 $namedContainer = Get-
AzureRmRecoveryServicesBackupContainer -ContainerType "AzureVM" -
Status "Registered" -FriendlyName "V2VM"
$item = Get-AzureRmRecoveryServicesBackupItem -Container
$namedContainer -WorkloadType "AzureVM"

 $job = Backup-AzureRmRecoveryServicesBackupItem -Item $item

------------ --------- ------ --------- -------
----------

56
57
58
59
60
61
12) Restore a VM from created backup point

Once you created a backup point go to that VM and click on file recovery
On next blade download the file and copy it on the VM you have to back up and copy the
password on azure portal on that VM and then open the file that you copied to the VM,
then paste that password to that command prompt
Then the VM will be restored from the previous backup point

62
63
64
13. Create a file share in azure storage account with 1 GB space and access the file share
from any existing VM

Steps done are,

New -> Storage -> Storage Account

Type : General and not Blob
Go to the Storage Account
Files -> File Share
Create a file share for quota 1 GB
Login to the VM
File Share -> Connect
Copy the value given in the window to a notepad
Go to Access Key
Copy the Access Key and paste it in the same notepad
Replace drive folder as “o: \\”
Replace the key in the Connect value
Save and execute the command as such from command prompt
Now you can find a drive in the file explorer

65
66
67
14. Create any web app and make sure the connectivity is established using azure sql
database
 Create a webapp from azure portal
 Login to visual studio and import sample application
 Create a app service as sql database.
 Publish to Azure with SQL Database
 Configure the web app name
 Create an App Service plan
 Create a sql server
 Create sql database
 Publish.
 Stream log with verbos

68
69
70
71
72
73
74
15).Create two same web app and deploy it in two different locations and implement a
traffic manager with routing method as performance. Make sure you access a webapp by
making another web app down.

In the Azure portal

 Create a web app and host it in two VM’s

 Now create a TRAFFIC MANAGER PROFILE and add the VM’s as endpoints using its
Public IP address
 Once both are online try out the TM’s DNS address
 After that Stop the VM whose app is being run
 Now after the configured time the other VM’s app will be up and running if you try again

75
76
77
78
16. Create an availability set with the following settings and assign it to VM’s

* Fault domain: 3
* Update domain: 5
In the Azure portal

 Create an availability set with the specified values

 Now create a VM and set the availability set with the one created before

79
80
81
17. Create a Linux VM using a PowerShell and install google chrome application in the
Linux VM

82
83
84
18. Provide read only permission to your colleagues’ ID for any of your existing resource
group

In the Azure portal,

 Create a New User
 Open a Resource Group
 Now in Access Control Add a user as reader to give read only permission

85
86
87
19. Create a VM with 2 NIC’s using Json Template

In Visual Studio,

 Create a Azure Resource Group Project

 Now create the template for the VM specified
 Deploy the project in the Azure subscription
 Now check in the Azure portal to check the deployment

88
89
20. Create the following inbound security rule for an existing VM
*Name: allow http
*priority: 1100
*Source: any
*protocol: TCP
*source port range: *
*Destination: any
*Destination port range: 80
*Action: allow

In the portal,

 Open the NSG of an existing VM

 Now set the inbound rule as specified

90
91
92
SCENARIO TASK:
7). Create two same web app and deploy it in two different locations and implement a
traffic manager with routing method as performance make sure each webapp is connected
to SQL. Make sure you access a webapp by making another web app down.

 Create a web app+SQL and host it in two VM’s

 Now create a TRAFFIC MANAGER PROFILE and add the VM’s as endpoints using its
Public IP address
 Once both are online try out the TM’s DNS address
 After that Stop the VM whose app is being run
 Now after the configured time the other VM’s app will be up and running if you try again

93
94
95
96
97
CERTIFICATES:

98
99
10
0