Transcription

Get started guide forAzure IT operatorsAuthors and ContributorsThe following resources contributed to this version of this guide:AuthorNeil Peterson Microsoft – Senior Content DeveloperContributors and Reference ContentRobin Shahan Microsoft – Senior Content DeveloperMichael Collier Microsoft – Senior SDEMicrosoft Azure Essentials: Fundamentals of Azure, Second EditionSummaryThe purpose of this document is to provide information that will help quickly get started using Azureservices. The target audience is those in an IT operator role. 2016 Microsoft. All rights reserved. This document is for informational purposes only.Microsoft makes no warranties, express or implied, with respect to the information presentedhere.

ContentsIntroduction to cloud computing and Microsoft Azure. 3Cloud computing overview . 3Types of cloud computing . 4SaaS: Software as a service . 4PaaS: Platform as a service. 4IaaS: Infrastructure as a service. 4Azure services. 5Compute services . 5Data services . 5Application services . 5Network services . 5Azure key concepts. 6Datacenters and regions . 6Azure portal. 6Resources . 6Resource groups . 6Resource Manager templates . 6Automation . 7Azure PowerShell . 7Azure command-line interface . 7REST APIs . 7Getting started with Azure subscriptions . 8Select and enable an Azure subscription . 8Grant administrative access to an Azure subscription . 9View billing information in the Azure portal. 9Get billing information from billing APIs. 9Forecast cost with the pricing calculator . 9Set up billing alerts . 9Azure Resource Manager. 10Tips for creating resource groups. 10Building Resource Manager templates. 11Security of Azure resources (RBAC) . 12

Azure Virtual Machines. 13Use cases. 13Deployment of virtual machines . 13Portal. 13PowerShell. 14Command-line interface . 14Access and security for virtual machines . 14Azure Storage. 15Use cases. 16Blob storage . 16File storage . 16Table storage . 17Queue storage . 17Deploying a storage account . 17Portal. 17PowerShell. 17Command-line interface . 18Access and security for Azure Storage. 19Virtual machine disks . 19Storage tools . 19Storage API . 19Storage access keys. 19Shared access signatures . 19Azure Virtual Network . 20Use cases. 20Cloud-only virtual networks . 20Cross-premises virtual networks . 20Deploying a virtual network . 20Portal. 20PowerShell. 20Command-line interface . 21Access and security for virtual networks . 21

This guide introduces core concepts related to the deployment and management of a Microsoft Azureinfrastructure. If you are new to cloud computing, or Azure itself, this guide will help get you quicklystarted with concepts, deployment, and management details. Many sections of this guide discuss anoperation such as deploying a virtual machine, and then provide a link for in-depth technical detail.Introduction to cloud computing and Microsoft AzureCloud computing overviewCloud computing provides a modern alternative to the traditional on-premises datacenter. Public cloudvendors provide and manage all computing infrastructure and the underlying management software.These vendors provide a wide variety of cloud services. A cloud service in this case might be a virtualmachine, a web server, or cloud-hosted database engine. As a cloud provider customer, you lease thesecloud services on an as-needed basis. In doing so, you convert the capital expense of hardwaremaintenance into an operational expense. A cloud service also provides these benefits: Rapid deployment of large compute environmentsRapid deallocation of systems that are no longer requiredEasy deployment of traditionally complex systems like load balancersAbility to provide flexible compute capacity or scale when neededMore cost-effective computing environmentsAccess from anywhere with a web-based portal or programmatic automationCloud-based services to meet most compute and application needsWith on-premises infrastructure, you have complete control over the hardware and software that isdeployed. Historically, this has led to hardware procurement decisions that focus on scaling up. Anexample is purchasing a server with more cores to satisfy peak performance needs. Unfortunately, thisinfrastructure might be underutilized outside a demand window. With Azure, you can deploy only theinfrastructure that you need, and adjust this up or down at any time. This leads to a focus on scaling outthrough the deployment of additional compute nodes to satisfy a performance need. Although this hasconsequences for the design of an appropriate software architecture, there is now ample proof thatscaling out the commodity of cloud services is more cost-effective than scaling up through expensivehardware.Microsoft has deployed many Azure datacenters around the globe, with more planned. Additionally,Microsoft is increasing sovereign clouds in regions like China and Germany. Only the largest globalenterprises can deploy datacenters in this manner, so using Azure makes it easy for enterprises of anysize to deploy their services close to their customers.For small businesses, Azure allows for a low-cost entry point, with the ability to scale rapidly as demandfor compute increases. This prevents a large up-front capital investment in infrastructure, and itprovides the flexibility to architect and re-architect systems as needed. The use of cloud computing fitswell with the scale-fast and fail-fast model of startup growth.For more information on the available Azure regions, see Azure regions.

Types of cloud computingCloud computing is usually classified into three categories: SaaS, PaaS, and IaaS.SaaS: Software as a serviceSaaS is software that is centrally hosted and managed. It’s usually based on a multitenant architecture—a single version of the application is used for all customers. It can be scaled out to multiple instances toensure the best performance in all locations. SaaS software typically is licensed through a monthly orannual subscription.Microsoft Office 365 is a prototypical model of a SaaS offering. Subscribers pay a monthly or annualsubscription fee, and they get Microsoft Exchange as a service (online and/or desktop MicrosoftOutlook), storage as a service (Microsoft OneDrive), and the rest of the Microsoft Office suite (online,the desktop version, or both). Subscribers always get the most recent version. So you can have anExchange server without having to purchase a server and install and support Exchange—the Exchangeserver is managed for you. Compared to installing and upgrading Office every year, this is much lessexpensive and requires much less effort to keep updated.PaaS: Platform as a serviceWith PaaS, you deploy your application into an application-hosting environment that the cloud servicevendor provides. The developer provides the application, and the PaaS vendor provides the ability todeploy and run it. This frees developers from infrastructure management so they can focus ondevelopment.Azure provides several PaaS compute offerings, including the Web Apps feature of Azure App Serviceand Azure Cloud Services (web and worker roles). In either case, developers have multiple ways todeploy their application without knowing anything about the nuts and bolts that support it. Developersdon’t have to create virtual machines (VMs), use Remote Desktop Protocol (RDP) to sign in to each one,or install the application. They just hit a button (or close to it), and the tools provided by Microsoftprovision the VMs and then deploy and install the application on them.IaaS: Infrastructure as a serviceAn IaaS cloud vendor runs and manages all physical compute resources and the required software toenable computer virtualization. A customer of this service deploys virtual machines in these hosteddatacenters. Although the virtual machines are located in an offsite datacenter, the IaaS consumer hascontrol over the configuration and management of them.Azure includes several IaaS solutions, including Azure Virtual Machines, virtual machine scale sets, andrelated networking infrastructure. Azure Virtual Machines is a popular choice for initially migratingservices to Azure because it enables a “lift and shift” migration model. You can configure a VM like theinfrastructure currently running your services in your datacenter, and then migrate your software to thenew VM. You might need to make configuration updates, such as URLs to other services or storage, butyou can migrate many applications in this way.Virtual machine scale sets are built on top of Azure Virtual Machines and provide an easy way to deployclusters of identical VMs. Virtual machine scale sets also support autoscaling so that new VMs can bedeployed automatically when required. This makes virtual machine scale sets an ideal platform to hosthigher-level microservice compute clusters, such as Azure Service Fabric and Azure Container Service.

Azure servicesAzure offers many services in its cloud computing platform. These services include the following.Compute servicesServices for hosting and running application workload: Azure Virtual Machines—both Linux and WindowsApp Services (Web Apps, Mobile Apps, Logic Apps, API Apps, and Function Apps)Azure Batch (for large-scale parallel and batch compute jobs)Azure RemoteAppAzure Service FabricAzure Container ServiceData servicesServices for storing and managing data: Azure Storage (comprises the Azure Blob, Queue, Table, and File services)Azure SQL DatabaseAzure DocumentDBMicrosoft Azure StorSimpleAzure Redis CacheApplication servicesServices for building and operating applications: Azure Active Directory (Azure AD)Azure Service Bus for connecting distributed systemsAzure HDInsight for processing big dataAzure SchedulerAzure Media ServicesNetwork servicesServices for networking both within Azure and between Azure and on-premises datacenters: Azure Virtual NetworkAzure ExpressRouteAzure-provided DNSAzure Traffic ManagerAzure Content Delivery NetworkFor detailed documentation on each of these services, as well as other Azure services, see Azure servicedocumentation.

Azure key conceptsDatacenters and regionsAzure is a global cloud platform that is generally available in many regions around the world. When youprovision a service, application, or VM in Azure, you are asked to select a region. The selected regionrepresents a specific datacenter where your application runs. For more information, see Azure regions.One of the benefits of using Azure is that you can deploy your applications into a variety of datacentersaround the globe. The region you choose can affect the performance of your application. It’s optimal tochoose a region that is closer to most your customers, to reduce latency in network requests. You mightalso select a region to meet the legal requirements for distributing your app in certain countries.Azure portalThe Azure portal is a web-based application that can be used to create, manage, and remove Azureresources and services. The Azure portal is located at https://portal.azure.com. It includes acustomizable dashboard and tooling for managing Azure resources. It also provides billing andsubscription information. For more information, see Microsoft Azure portal overview.ResourcesAzure resources are individual compute, networking, data, or app hosting services that have beendeployed into an Azure subscription. Some common resources are a virtual machines, storage accounts,or SQL databases. Azure services often consist of several related Azure resources. For instance, an Azurevirtual machine might include a VM, storage account, network adapter, and public IP address. All ofthese are individual resources. Each resource can be created, managed, and deleted individually or as agroup. Azure resources are covered in more detail later in this guide.Resource groupsAn Azure resource group is a container that holds related resources for an Azure solution. The resourcegroup can include all the resources for the solution, or only resources that you want to manage as agroup. Azure resource groups are covered in more detail later in this guide.Resource Manager templatesAn Azure Resource Manager template is a JavaScript Object Notation (JSON) file that defines one ormore resources to deploy to a resource group. It also defines the dependencies between deployedresources. Resource Manager templates are covered in more detail later in this guide.

AutomationIn addition to creating, managing, and deleting resources by using the Azure portal, you can aut