azure

Azure Virtual Machines 101

https://docs.microsoft.com/en-us/learn/modules/intro-to-azure-virtual-machines/2-compile-a-checklist-for-creating-a-vm

As MS says “Performing a migration of on-premises servers to Azure requires planning and care. You can move them all at once, or more likely, in small batches or even individually. Before you create a single VM, you should sit down and sketch out your current infrastructure model and see how it might map to the cloud.”

Start with the network
Name the VM
Decide the location for the VM
Determine the size of the VM
Understanding the pricing model
Storage for the VM
Select an operating system

Virtual net

https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview

Address space: When creating a VNet, you must specify a custom private IP address space using public and private (RFC 1918) addresses. Azure assigns resources in a virtual network a private IP address from the address space that you assign. For example, if you deploy a VM in a VNet with address space, 10.0.0.0/16, the VM will be assigned a private IP like 10.0.0.4.

Best practices

As you build your network in Azure, it is important to keep in mind the following universal design principles:

Ensure non-overlapping address spaces. Make sure your VNet address space (CIDR block) does not overlap with your organization’s other network ranges.
Your subnets should not cover the entire address space of the VNet. Plan ahead and reserve some address space for the future.
It is recommended you have fewer large VNets rather than multiple small VNets. This will prevent management overhead.
Secure your VNet’s by assigning Network Security Groups (NSGs) to the subnets beneath them.

The below is just for test and learning

Let’s create a VM’, and yes we need several resources.

This is what we will end up with in our RG: boose-rg:

VirtualNet, VirtualMachine, IP-addr, Network Security Group, Network Interface, disk for OS and a disk for data.

Now if you want to see the topology, well on the top left corner select “All services” and enter/search “Network watcher” (or search for Network watcher), press topology, find subscription and RG:

Fill in the above mentioned and you will see the topology:

Pretty cool, now let’s create the VM (I just need to delete it all first, it takes some minutes):

We need a RG, boose-rg, lets make it in WEST EUROPE, use our subscription and and Environment tag test:

Now we have our empty RG, lets add a WM

BASIC

  • Add the RG, name the VM, add region and Windows Server 2016
  • Hm, High Availability (to create redundancy in case a VM is impacted due to an update or other event.) equals availability options, to no, ZONE or SET.
  • In the WEST EUROPE region we can only pick zone, and we took 1.
  • The sizes offer you options for the number of vCPUs, RAM, and data disks.
  • We would love to take D8S_V3 witch has vCPU 8, RAM 32, Data disk 16, Max IOPS 12800, but insufficient credits…so DS1_v2 and add a admin user.
  • For the Public inbound ports we should set NONE, but here we will connect from the internet over RDP, so we allow 3389.

ZONE, There are three Availability Zones per supported Azure region […], If one zone is compromised, then replicated apps and data are instantly available in another zone.

SET, The number of VM instances can automatically increase or decrease in response to demand or a defined schedule.

The number of data disks will determine maximum IOPS (IOPS stands for input/output operations per second.) and the overall size will determine the amount of temporary storage available and depends on what is supported in the region.

General purpose – Balanced CPU-to-memory ratio, small to medium databases
Compute optimized – High CPU-to-memory ration, medium traffic web servers and application servers
Memory optimized – High memory-to-CPU ratio, relational database servers, medium to large caches, and in-memory analytics
Storage optimized – High disk throughput and IO
GPU – Heavy graphic rendering and video editing
High performance compute – Fastest and most powerful CPU virtual machines

DISK

  • Premium SSD and default encryption
  • And we need a data disk with 1024 GB
  • And keep the same encryption

NETWORKING

We will leave this to default

MANGEMENT

We will leave this to default, but for future, CREATE A BACKUP!

ADVANCED

We will leave this default

TAGS

We will add Environment and Test

REVIEW AND CREATE, lean back for a minute or two.

Lets head over to our RG boose-rg and check the newly created resources and connect to the VM

Lets inspect the boose-rg-vnet

This format 10.0.0.1/24 is so called Classless Inter-Domain Routing CIDR representation so in short it’s a bit mask that describes what portion of the IP address can be used for the range. 10.0.0.0 (router, network card )giving you range in this format: 10.0.0.1 – 10.0.0.255 (/24 is 253 units, /25 is 126 units)

Lets inspect the boose-vm1-nsg

A network security group contains security rules that allow or deny inbound network traffic to, or outbound network traffic from, several types of Azure resources. For each rule, you can specify source and destination, port, and protocol.

The rest is self explained after the choices we made, boose-vm1_DataDisk_O has 1024GB P SSD, the boose-vm1_OsDisk has 127 GB P SSD.

Now lets connect!

Choose RDP and download the mstsc

Enter the admin user (either \username or localhost\username)

And we are in

Attach managed disk, hm..could be a issue, but you see it with disk part

https://docs.microsoft.com/en-us/azure/storage/files/storage-files-deployment-guide

So we created a new vm in order to find our disk, it turns out we have to select (after diskmgmt.msc) “Be sure to select “GPT” when asked”

To assign a drive letter to the disk, right-click on the “unallocated” space of the online and initialized disk, and click “New Simple Volume”. This will allow you to assign drive letter. Note that you do not need to format the volume as this will be done later.

Assign it F and format it

And now it is ready for use:

There are many ways to cp, I tried this:

https://www.c-sharpcorner.com/article/copy-our-on-premises-data-to-azure-storage-using-azcopy/

But I did not get my storage key due to free subscriptions….

So i just right-clicked and copy

CLEAN UP

# Get all resources in a resource group
Get-AzResource -ResourceGroupName boose-rg | ft
# Get a resource group by wildcard
Get-AzResourceGroup -Name ‘boose*’
# Remove all resources in a group and the group
Get-AzResourceGroup -Name ‘boose*’ | Remove-AzResourceGroup -Force -AsJob

Lets create a second vm and look at the topology (the names may differ, it was a bit ad-hoc):

And our resources:

What about time zones (created a new VM)

Login and check default

Lets change it to Brasilia UTC-03:00, navigate to server manger, locate time

Change it, and press ok

Done, cmd output

Ok, lets restart the VM and see if it sticks…., jepp it did.

With powershell, run it as admin

Get-TimeZone -ListAvailable
Get-TimeZone -ListAvailable | where ({$_.Id -like "Russian*"})
Set-TimeZone -Id "Russian Standard Time"
Get-Date

Ok, lets restart the server

Comments Off on Azure Virtual Machines 101