The course is part of these learning paths
Overview of the course
What is a Virtual Machine?
Creating and Connecting to Azure VMs
Scaling Azure Virtual Machines
Design and Implement VM Storage
Configure Monitoring & Alerts for Azure VMs
Azure Resource Manager Virtual Machines
Virtual Machines are a very foundational and fundamental resource in Cloud Computing. Deploying virtual machines gives you more flexibility and control over your cloud infrastructure and services, however, it also means you have more responsibility to maintain and configure these resources. This course gives you an overview of why use virtual machines as well as how to create, configure, and monitor VMs in Azure Resource Manager.
Azure Resource Manager Virtual Machines: What You'll Learn
|Lesson||What you'll learn|
|Overview||Overview of the course and the Learning Objectives|
|What is a Virtual Machine?||Understand what are Azure Virtual Machines and what workloads are ideal for VMs|
|Creating and Connecting to Azure VMs||Learn to deploy Windows and Linux VMs as well as how to connect to these VMs|
|Scaling Azure Virtual Machines||Understand VM scaling, load-balancing, and Availability Sets in Azure Resource Manager|
|Configuration Management||Understand the basic concepts of Desired State Configuration and the options available to Azure VMs|
|Design and Implement VM Storage||Gain an understanding of the underlying Storage options available to VMs as well as Encryption|
|Configure Monitoring & Alerts for Azure VMs||Learn to monitor VMs in Azure Resource Manager as well as configure alerts.|
|Summary||Course summary and conclusion|
Let’s do a quick demo in which we explore the Azure File Service. Here we are at Storage accounts view. Let’s create a new storage account by clicking ‘+Add’. We’ll need to give it a unique name, and so we’ll call it “azurefiledemo1.” We’re going to leave this as “General purpose” which is the “Account kind” used for Blobs, Files, Tables, and Queues. Standard performance is fine. We’ll change the “Replication” to LRS and leave the storage encryption option for data at rest to “Disabled” since this is a demo. Let’s create a new ResourceGroup called FileRG and click Create.
Looks like our new storage account is successfully created. On the left hand side of the blade you’ll see options for accessing Blob, Files, etc as well as in the middle of the view. Let’s click “Files.” To add a File share, we simply click “+File share.” Let’s call it “demoshare.” For the quota, you’ll notice the note that says to specify in GB the total size of the file share up to approximately 5 TB. Let’s specify 1 GB and click “Create.” That’s successful, so let’s click on our new file share to view the properties. Here we are able to add directories upload files, modify the quota, etc. Let’s upload a file. I have a file on my local computer to upload. Clicking on that file you can see that we hae a URL of where that file lives on the storage account.
You’ll also notice a “Connect” button at the top of this view. Clicking “Connect” display a blade with information telling us how to map a drive from an Azure VM to connect to our fileshare. You’ll also note that SMB TCP port 445 Outbound to the internet on the VM needs to be open. This is open by default on newly created Windows VMs but you want to be careful if you’re using Network security groups to lockdown traffic to your VMs that you remember to open this port for access to the Azure File Service. Let’s copy this “net use” command to use later.
So this is great for VMs, but what if we wanted to allow connection to anyone on the internet with proper credentials? Let’s go back to our storage account. Under settings we have what’s called Access keys. This storage access key is what’s actually used by Azure VMs and applications to access our storage account. They even provide a ready-made connection string. We also have under “Settings” what’s called a “Shared access signature” or SAS which is what allows us to generate security tokens users outside Azure to access our storage account. There are many configurable options you have to restrict services, resources types, and permissions You can even allow only certain IPs. Let’s click Generate SAS. Since we care about the Azure File Service in particular, we can copy and paste this SAS URL and provide it to anyone and they will be able to access file File Service. If you look closely you can see that this link will expire the next day. You can generate these SAS tokens through PowerShell and set particular expiration times.
Let’s connect to a VM I have set up and try to access our new File share. Let’s open PowerShell as Administrator and type:
net use Z: \\azurefiledemo1.file.core.windows.net\demoshare /u:AZURE\azurefiledemo1 <access-key>
And there we go, the command has completed successfully and looking at File Explorer we now have a new mapped drive with our file share name. We can also see the file I’ve uploaded is present there as well. This concludes this demo on the Azure File Service.
We’ve explored and covered a lot of ground with regards to designing and implementing Azure VM Storage. By now you have a very healthy and practical view of the different storage options available, VM Disk redundancy, Azure Disk Encryption, and the Azure File Service.
About the Author
Chris has over 15 years of experience working with top IT Enterprise businesses. Having worked at Google helping to launch Gmail, YouTube, Maps and more and most recently at Microsoft working directly with Microsoft Azure for both Commercial and Public Sectors, Chris brings a wealth of knowledge and experience to the team in architecting complex solutions and advanced troubleshooting techniques. He holds several Microsoft Certifications including Azure Certifications.
In his spare time, Chris enjoys movies, gaming, outdoor activities, and Brazilian Jiu-Jitsu.