Implement Solutions that Use Virtual Machines Flashcards
Virtual Machine Components
- Resource Group
- VM Size
- Network
- Images
- Virtual Disk/Storage
Azure Virtual Machine Main Creation Methods
Azure Portal Azure CLI Azure PowerShell with AZ module Azure ARM templates (APIs also exist)
Basic Details needed to Create a Virtual Machine (in the Azure Portal)
Basic: Subscription Resource Group Details: VM Name Region Image - list available in your selected region (not required) Azure Spot Instance VM Size - list available in your selected region Administrative: Administrator Account Username* Administrator Account Password* *Linux Can Use Username/ Password OR SSH public key Inbound port rules: Public Inbound Ports Select Inbound ports - permits inbound access from any machine on the specified port.
Azure Spot Instance
Setting that allows Azrue to stop and deallocate a virtual machine if Azure needs compute capacity back for whatever reason.
Linux alternative to VM Admin Username Password
SSH Public Key
Public Inbound Ports - Azure Portal
Setting when creating Azure VM instance in the inbound port rules section
Default access outside the Virtual Network or the internet is not permitted
Selecting an inbound port creates a rule to allow ANY machine to access the selected port(s)
More granular rules available in ‘networking’ (specify IPs etc)
Availability Options for Azure VM
No Infrastructure redundancy required,
Availability Zone
Availability Set
Reasons to Deploy VMs with code in Azure
- Add consistency to your deployments and VM creation
- Any production system should be implemented using automation
- Construct similar down-level environments such as DEV/TEST
Tools for Programmatic VM Creation
Azure CLI
Azure PowerShell
ARM Templates
Steps to create VM programmatically
- Create Resource Group (or choose existing resource group)
- Execute command to create Virtual Machine w/parameters
- Ensure Networking is correct - Remote Access Port may need to be Open, application ports may need to be open, etc.
-can also add rules to the network security group directly to control access to this VM based on ports & IP addresses
(recommended) - Retrieve Public IP address to connect
Azure CLI Create Resource Group Command
az group create –name “resource group name” \
–location ‘“location”
Create VM Azure CLI command
az vm create
–resource-group “resource-group-name” \
–name “name” \
–image “image -name” \
~admin option choice~
–size “size - default = standard ds1 v2”)
Admin options 1:
- -admin-username “username” \
- -admin-password “password
Admin options 2:
- -admin-username “username” \
- -authentication-type “ssh” \
- -ssh-key-value “path-to-key-value”
Default VM Size if Not specified
Standard Ds1 v2
Enable Remote Access w/ Azure CLI
az vm open-port
- -resource-group “rg-name” \
- -name “vm-name” \
- -port “port to open number”
Get VM public address via Azure CLI
az vm list-ip-addresses \
- -resource-group “resource group name” \
- -name “vm name” \
- -output table
What type of Object must be created in Azure Powershell to hold username/password for a local admin on a VM?
PSCredential
example script:
$username =’username’
$password = ConvertTo-SecureString ‘somepassword’ -AsPlainText -Force
$WindowsCred = New-Object System.Management.Automation.PSCredential ($username, $password)
Create New VM in Azure PowerShell Command
New-AzVM
- ResourceGroupName $resource GroupName
- Name $VM Name
- Image $imageName
- Credential $WindowsCred
- OpenPorts 99999
(Minimum info needed)
Which of these methods of VM creation can specify open ports at VM Creation?
Azure CLI
Azure PowerShell
Azure PowerShell
Using the -OpenPorts parameter of New-AzVm command
Get Azure VM Public IP address via PowerShell Command
Get-AzPublicIpAddress
- ResourceGroupName ‘rg-name’
- Name ‘vm-name’
Can add pipe to the end to get only ipaddress property :
… | Select-Object IpAddress
PowerShell Command to Log In to Azure
Connect-AzAccount -SubscriptionName ‘your sub name’
PowerShell Command to point to correct subscription
Set-AzContext -SubscriptionName ‘sub-name’
Azure Powershell Create Resource Group Command
New-AzResourceGroup
- Name ‘rg-name’
- Location ‘location’
Why Use IaaS solutions over PaaS solutions?
Higher level of control when deploying the infrastructure needed for your application
True or False: In Azure VMs, Azure manages administrative tasks related to a VM’s operating system such as installing OS upgrades or patches.
False, Azure provides underlying hardware on configuration for machine to run correctly, but you still need to manage the VM administrative task
VM Quota Limit
20 VMs per Region Per Subscription (soft limit)
What does a VM’s size property control?
Resources assigned to the VM:
- amount of memory
- processing power,
- number of virtual network interface cards allowed
- Total storage capacity available for VM
What is a VM Extension?
Extensions enable you to automate some tasks or configuration once deployment of a VM completes successfully. Examples of extensions: -Run custom scripts -Deploy and manage configs -Collect diagnostic data
Method that creates a Resource Group in C#
azure.ResourceGroups.Define(groupName).WithRegion(Location).Create();
Method to create Virtual Network in C# using Azure SDK
azure.Networks.Define(vnetName) .WithRegion(location) .WithExistingResourceGroup(resourceGroupName) .WithAddressSpace(vnetAddress) .WithSubnet(subnetName, subnetAddress) .Create();
Method to create Network Interface for a VM in C# SDK
azure.NetworkInterfaces.Define(niName) .WithRegion(location) ,WithExistingResourceGroup(rgName) .WithExistingPrimaryNetwork(network) .WithSubnet(subnetName) .WithPrimaryPrivateIPAddressDynamic() .Create()
//network => created from the azure.Networks.Define() command
In relation to a VM, what does a Virtual Network do?
Allows Communication with the rest of the world
In relation to a VM, what is the significance of the Network Interface?
The network interface is used to connect to the virtual network to send/receive information
Method that creates a VM in C# SDK
azure.VirtualMachines.Define(vmName) .WithRegion(location) .WithExistingResourceGroup(rgName) .WithExistingPrimaryNetworkInterface(nic) .WithLatestWindowsImage(params) .WithAdminUsername(username) .WithAdminPassword(password) .WithComputerName(vmName) .WithSize(VirtualMachineSizeTypes.SomeValue) .Create();
//nic = created via azure.NetworkInterfaces.Define()….
In relation to VMs, what does an Availability Set do?
Ensure that any VM in the same availability set is not placed on the same hardware.
What is the point of an Availability Set?
If you have multiple Availability Sets, VMs will not be restarted at the same time because of software upgrades to a server.
Provides high availability.
Allows load balancing.
True or False: You can only add your VM to an availability set at creation time.
True - If you forget to add a VM to an availability set, you must delete the VM and start over to assign it.
True or False: Your VM instances must be in Availability Sets in order to load balance them
True
What is an ARM template?
JSON file that defines what resources you want deployed in Azure with their configurations
True or False: ARM templates are only used to deploy VMs in Azure
False: ARM Templates can be used to create ANY resource
Can you reuse the same ARM template for different environments? If so, how? If not, why?
Yes, you can use the same ARM template for multiple environments by making use of template parameters to customize each environment at deployment time
What does ARM stand for?
Azure Resource Manager
What does Azure Resource Manager convert the JSON formatted ARM template into upon receiving?
REST API operations
What methods can you use to deploy an ARM template?
Azure Portal Azure CLI PowerShell with the Az Module REST API Azure Cloud Shell
What is the $schema in an ARM Template?
The location of the JSON schema file that describes the template’s language
Example: https://schema.management.azure.com/schemas/2019-04-01/.deploymentTemplate.json#
What is the contentVersion of an ARM template?
The version of the template, as defined by the user
Useful for version controlling templates
What is the apiProfile of an ARM template for?
versioning of resource types that are defined within your template
What is the parameters section of an ARM template used for?
To provide values during deployment so that the same template is reusable across environments
What is the ‘variables’ section in an ARM template used for?
To define values that are reused in your template and often constructed from parameter values
What is the ‘functions’ section of an ARM Template used for?
Allows you to create custom functions that simplify templates
Ex: generate resource name based on environment deploying into
What is the ‘resources’ section of an ARM template used for?
To specify the items you want to deploy such as VMs, storage accounts, networking elements, etc
What is the ‘outputs’ section of an ARM template for?
Typically return values from deployed resources in the template for inspection
Where can you download an ARM template automatically created from a step by step configuration of a VM
In the Azure Portal, you can use the Create function within Virtual Machines and follow the prompts. Then, on review + create, the template will be validated and instead of clicking ‘Create’, you can choose the option to download a template.
The generated template will contain necessary parameters as well.
How is a parameter defined in the ARM template?
“my-param-name” : {
“type”: “my-param-type”
}
How is a parameter set in the parameter JSON file for an ARM template
"parameters": {
"my-param-name" : {
"value":"my-param-value"
}, ......
}
Parameter value can also be an array or object or array of objects
Can a variable use another variable in an ARM template?
No
How do you call a variable in an ARM template?
[variables(‘your-variable-name’)]
What is the command to deploy with an ARM template in PowerShell?
New-AzResourceGroupDeployement
- Name ‘deployName’
- ResourceGroupName ‘rg-name’
- TemplateFile ‘path-to-template-file’
- TemplateParameterFile ‘path-to-template-param-file’
