Azure Administration 103

Posted on by espenk

Resource manger (RM)

  • Infrastructure: VM’s, storage acc., vnet, web api, db etc.
  • Deploy, monitor and manage all as a group with Azure Resource Manager
  • Update, deploy, delete all with one operation
  • Template for deploy for several environments, test, qa, prod
  • RM has security, tagging, auditing

Terminology

  • Resource, item, vm, storage acc, db
  • Resource group, container for resources
  • Resource provider, service that gives resources for deploy and manage in RManager
  • ARM, JSON file to define one or many resources that can be deployed
  • declarative syntax, example RManger template, “this is what to create” without giving programming sequence
  • Resource provider, i.e Microsoft.KeyVault/valuts, {provider}/{type}

Resource Group Deployments (RG)

  • RG logical collection
  • Resources can only exists in one RG
  • RG can not change name, renamed
  • RG can have many different resources
  • RG can have resources from different regions

Creating RG

  • Should share same lifecycle, (Deploy, update, delete together), if one resource, a database needs a different cycle, then use a different RG
  • A resource can only be in one RG
  • Add/remove to RG at any time
  • Can move a resource from one RG to another
  • A RG can contain resources from many regions
  • A RG can be used to scope access for admin
  • A resource can connect/call/talk to resources in a another RG, ie app->db connection

RM Locks

  • RM locks, is used to prevent a delete or removal
  • Can lock subscription, RG or resource
  • Locks use inheritance
  • Two types, Read only (no changes) and Delete
  • Only owner and user access admin role can create/delete locks

Moving Resources

Move resources to a new sub or resource to a new rg in the same sub.

When moving = source/target is locked, write/delete are blocked on the rg, no add, update or del in those rg’s. The resources are still functioning as normal.

Read this before move:

https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/move-support-resources

How to move:

Select the rg containing the resources, mark the resource and press move.

There are restrictions even of a service can be moved, ie. move vnet, must also move independent resources.

Use caution when moving or deleting a rg, if a rg is deleted all the resources in that rg is also deleted.

Can also remove individual resources within a group

Resource limits

Observer activity/limits on subscription, subscription, overview Usage +quotas

Find your subscription and get the Usage+quotas