This course teaches you how to manage application and network services in the Azure ecosystem.
By the end of this course, you'll have gained a firm understanding of the key components that comprise the Azure application and network services ecosystem. Ideally, you will achieve the following learning objectives:
- How to use Active Directory.
- How to understand networking strategies for Azure and communication services.
- How to use Redis cache.
This course is intended for individuals who wish to pursue the Azure 70-532 certification.
You should have work experience with Azure and general cloud computing knowledge.
This Course Includes
- 1 hour and 10 minutes of high-definition video.
- Expert-led instruction and exploration of important concepts surrounding Azure application and network services.
What You Will Learn
- How to utilize Azure Active Directory.
- How to implement Azure communication strategies.
- How to take advantage of Redis caching.
Hello and welcome back. In this section we'll discuss the topic of virtual networks, deploying to virtual networks, as well as network configuration, so let's get started.
So we'll cover the topic of Azure networking, as we've just said, and we'll discuss virtual networks and how to deploy VMs and Cloud services to virtual networks. And then finally, we'll finish off with the topic of network configurations focusing on subnets and importing and exporting existing network configurations.
A virtual network or VNet is a representation of network in the Azure Cloud and can host a collection of virtual machines and services. A VNet provides network isolation that is specific to your Azure subscription and can be made part of your existing on-premises network. You can control all the aspects of the network including its IP range, subnets, and routes.
Here is a basic overview of a network that includes two subnets. We see multiple VMs in each subnet, isolated to that subnet, and with a defined route for accessing external components. For example, we have a connection between the Web subnet and the world. And the Services subnet is accessible from the Web subnet with the Services subnet being isolated from external networks.
Let's go and see how we can set up a virtual network in Azure now. We can create a virtual network by going to the Portal, clicking New, and searching for a virtual network so let's go and do that now. And then when the Menu finally appears click Virtual Network and we're going to create via the Classic deploy model this time. So click Create once you've changed that selection at the bottom. We need to give our networks a name and we call this on ca-test-network and we'll create a new group. We'll now complete the creation and wait until the network becomes available. And now our virtual network has been created.
Let's now have a look at how we can add a new VM to our virtual network. A new VM can be added to a virtual network during the creation process which is by far the easiest way to add a VM to a VNet. We can move an existing VM to a virtual network but this requires us to remove the existing VM whilst keeping the virtual disk. We then need to recreate the VM on the virtual network and then reattach the VHD to this new VM.
For this demo we'll simply create a new VM on our existing network. So we'll go ahead and create a new VM for our Portal. And of course we have to use the Classic deploy model because that's the same as the one that we used in our VNet. And we used the existing Resource group that we've just created which is our ca-test-group and click Next. We just click the Standard, click Select, and we've got ourselves included here or in the virtual network of the ca-test-network which we've created, so we click OK. And now we've managed to complete the set up of our virtual machine which will be added to our virtual network.
Adding a cloud service to a virtual network includes altering the service configuration file. That's the one with the cscfg extension and adding a network configuration section. After this the service can be deployed or redeployed to become part of the network. We won't be going into detail in this section but the configuration sample here highlights some of the key elements of the network configuration section. We see the virtual network site specifying the VNet we want to use. We have the InstanceAddress element defining the roleName and within that we specify the applicable subnet. So to recap, we've covered the basics of a virtual network and how to add a VM or cloud service to a virtual network.
Let's now have a look into modifying subnets and network configurations. After deploying a virtual network we may need to make changes to it. Changes such as modifying the network address space to move, expand, or shrink it. Adding and removing subnets or growing and shrinking subnets as requirements change. We might also want to create point-to-site connections, being connections from individual clients to virtual networks.
Let's see how we can do this now in the Azure Portal. Firstly, let's have a look at how we might go about modifying a subnet. Let's go to our virtual network and then we'll navigate to the Subnet option under Settings and I have a subnet called subnet1 here. We can simply click on that subnet and change the subnet so it had ranges on a different IP address. Now click OK and it's now going to update the IP address and that'll complete the change that we need to make to our subnet.
There are two important notes to remember when modifying a subnet. Firstly, a subnet cannot be modified once one or more VMs or cloud services have been deployed to it. Secondly, the virtual network address prefix can be modified as long as the change does not impact existing subnets. Once we have a virtual machine or service deployed to a subnet we can change the subnet that a virtual machine or a cloud service belongs to fairly easily. The simplest way to move a virtual machine between subnets is by using Azure PowerShell commandlets.
In this example, we invoke Get-AzureVM to get a reference to our virtual machine providing the ServiceName and VM Name. We applied this to the Set-AzureSubnet command, specifying the subnet name that the VM should belong to. This is followed by a call to update AzureVM to restart the service and apply the new network configuration. To update a subnet for a cloud service we need to update the service configuration file and redeploy it as per our previous example.
Let us now have a look at exporting an existing virtual network configuration. This is a key certification part topic and you may see questions relating to it on the exam. Knowing how and when to export a network configuration and then how to import it again is expected knowledge for the section. You may want to export a network configuration for a variety of reasons. You may want to recreate the network under a different subscription. You may want to create a similar network using the current network configuration as a template. Or you may want to simply modify the current network. For any of these scenarios the first step is to export the configuration from the Azure Portal which we'll demonstrate now.
For this demo we'll be using the Classic Portal as the new Portal does not support exporting the network configuration at this time. Having selected our virtual network which we can find by going down to the network section and selecting our test network. Now click on the Dashboard link and at the bottom of the page we've got the Export button, click that and we can see that we can then export our configuration. And if we open this file... And here we see an example of the network configuration file representing our current virtual network.
Now let's have a look at importing a network config. I've made a minor change to the previously downloaded network configuration to extend the network address range slightly. So I've made a change on this line here to increase it from 28 to 24 so there should be more subnets available for us. Let's now import this updated configuration. In the Classic Portal, let's go to the network blade down at the bottom, click on Networks, and we're going to click on New in the bottom left, and then we're going to say Import Configuration. We'll browse for our file and it should be seen in the Downloads area and it's the NetworkConfig.xml we're looking for. Now we've selected our file for upload, let's click to continue, and click the tick.
We've could've just as easily modified the network name to deploy a new network or modified any of the other properties, remembering that some changes are restricted depending on the currently deployed subnets and services. If we click on this subnet right now, and if we click on Configure, now we're on the Configure page. We can see that the subnet one, the change has taken effect, and that concludes the demo.
In this section we introduced virtual networks and covered deploying VMs and services to VNets. We looked at subnets, moving existing services between subnets, as well as the restrictions on modifying a subnet. Lastly, we had a look at importing and exporting network configurations, a key topic on the certification part.
In the next section, we'll be moving on from virtual networks and onto the topic of designing and implementing a communication strategy.
About the Author
Isaac has been using Microsoft Azure for several years now, working across the various aspects of the service for a variety of customers and systems. He’s a Microsoft MVP and a Microsoft Azure Insider, as well as a proponent of functional programming, in particular F#. As a software developer by trade, he’s a big fan of platform services that allow developers to focus on delivering business value.