Create and Manage VMs

Question 1

Virtual machines (VMs)

Answer 1

1) Infrastructure-as-a-Service (IaaS) offering. With VMs, 2) you can deploy Windows Server and Linux-based workloads and have greater control over the infrastructure, your deployment topology, and configuration

Question 2

Perform configuration management

Answer 2

1) Windows PowerShell Desired State Configuration (DSC)

2) Custom Script Extension ( Puppet and Chef extensions)

Question 3

DSC script can describe

Answer 3

Manage server roles and Windows features
Manage registry keys
Copy files and folders
Deploy software
Run Windows PowerShell scripts

Question 4

DSC resources

Answer 4

1) Custom resources to simplify working with active directory, sql and IIS
2) After the DSC runs, a Managed Object Format (MOF) file is created

Question 5

Local Configuration Manager

Answer 5

1) Local Configuration Manager runs on all target nodes
2) Pushing configurations to bootstrap a target node
3) Pulling configuration from a specified location to bootstrap or update a target node
3) Applying the configuration defined in the MOF file to the target node, either during the bootstrapping stage or to repair configuration drift

Question 6

Configuring VMs with DSC

Answer 6

1) first create a Windows PowerShell script that describes the desired configuration state.
2) this involves selecting resources to configure and providing the appropriate settings.
3) use one of a number of methods to initialize a VM to run the script on startup.

Question 7

Puppet extension

Answer 7

1) Linux VM with puppet master
2) Select Puppet Enterprise Agent.
3) Under Puppet Enterprise Agent Configuration, supply the fully qualified address to the puppet master server node.

Question 8

Accepting agent node registration

Answer 8

1) When you create a Puppet agent node, it registers with the puppet master node at the supplied fully qualified address and sends a certificate request. Log in to the Puppet Enterprise console to accept the request so that you can add the agent node to your managed group of servers.

Question 9

Creating a Linux VM with a Chef server

Answer 9

1) Currently, there is no pre-configured VM for a Chef server on Azure.
2) Use the multi-tenant solution for the Chef server hosted by OpsDev
3) Create a Linux VM and manually set up the Chef server following instructions supplied by OpsDev

Question 10

Creating a Chef workstation

Answer 10

1) You must set up an administrative workstation to manage your configuration management workflow with Chef. This can be a local or hosted workstation

Question 11

Enabling remote debugging

Answer 11

You can use remote debugging to debug applications running on your VMs. Server Explorer in Visual Studio shows your VMs in a list

Question 12

Configure VM Networking

Answer 12

1) Configure DNS at the cloud service level
2) Configure endpoints with instance-level public IP addresses
3) Configure endpoints with reserved IP addresses
4) Configure access control lists (ACL)
5) Load balance endpoints and configure health probes
6) Configure Direct Server Return and keep-alive
7) Configure firewall rules

Question 13

Configuring DNS at the cloud service level

Answer 13

1) Creating a new VM using the existing management portal include providing a DNS name for the cloud service.
2) When provisioned, this DNS name can be used to access the VM. This DNS name resolves to the public virtual IP address of the cloud service, and after the cloud service has been created, the DNS name cannot be changed
3) the VM can be accessed directly by the public virtual IP address.

Question 14

Public endpoints

Answer 14

Public endpoints created for a VM use port forwarding to expose a single port on the publicly available virtual IP (VIP) assigned to the cloud service to which the VM belongs and map that public IP and port to a private IP and port available on a single VM instance.

Question 15

VM instance available across a range of ports

Answer 15

configure an instance-level public IP address (PIP) for that VM instance to use in addition to the VIP plus port endpoint you have configured for it. With this configuration, you can communicate directly with your VM instance using this public IP address (and any port) instead of (or in addition to) using the VIP address and a specific port.

Question 16

Advantages of PIP

Answer 16

First, by removing the need to define ports, you can enable scenarios, such as passive FTP, that rely on choosing ports dynamically. Second, you can rely on the PIP to uniquely identify your VM on outgoing requests to external services that have access control or firewall rules that allow or deny based on IP address.

Question 17

To assign a PIP to your VM

Answer 17

first ensure that your VM is deployed to a regional virtual network (VNET) since a PIP cannot be assigned to VMs that do not belong to a VNET. Second, configure that VM instance with a PIP.

Question 18

Configuring endpoints with reserved IP addresses

Answer 18

1) Public virtual IP addresses (VIP) used to access your VM via an endpoint are assigned to the cloud service to which that VM belongs, not to the VM itself
2) To use a reserved IP address with a VM, you must request it as a part of creating both a new cloud service and new VM. There is currently no support for assigning a reserved IP address to an existing cloud service and VM.

Question 19

Configuring access control lists

Answer 19

restrict access to your VMs to specific ranges of IP addresses by defining a list of permit or deny rules. They perform packet filtering on the host node running your VM, controlling what external traffic is allowed to reach it via the endpoint. They are defined on a VM endpoint or load balanced set and apply only to external traffic (for example, traffic that flows through the VIP and load balancer). They are not applied to internal traffic and cannot be applied to a VNET or to a subnet within a VNET.

Question 20

Load balancing endpoints and configuring health probes

Answer 20

1) Azure Internal Load Balancing (ILB) service
2) The load balancer uses a hashing function to achieve a relatively even distribution of load between the VMs while also ensuring the subsequent requests use the same protocol, from the same source IP/source port to the same destination IP/destination port hash to the same value, and therefore map to the same VM and continue to be sent to the same VM as long as it remains available.

Question 21

Load Balanced Endpoints Availability

Answer 21

Load balanced endpoints (public or internal) is functionality available only to VMs in the Standard tier and not to VMs in the Basic tier.

Question 22

Configuring Direct Server Return (DSR)

Answer 22

Enables the VM to return the response directly to the client instead of sending it through the load balancer. DSR is most commonly needed to support SQL Server AlwaysOn Availability Groups.

Question 23

keep-alive

Answer 23

While DSR addresses responses from the VM, keep-alives are intended to keep the TCP connection with the VM open even in the absence of application communication. Keep-alives accomplish this by periodically sending a keep-alive packet from the client application to the server-side application, which instructs both the server-side application and any load balancers along the way not to close the idle connection

Question 24

Leveraging name resolution within a cloud service

Answer 24

Azure provides an internal DNS that allows a VM hosted within a cloud service to resolve the IP address of another VM also hosted within that cloud service using the target VM’s host name. The host name, and therefore the fully qualified domain name, is set when you provision the VM