Implement IaaS solutions
Implement IaaS solutions is part of Develop Azure compute solutions topics. The total weight of this in the exam will be 25-30%. This training post is designed to help and provide readers with a better understanding of the topic mentioned.
Disclaimer: This is not a training article to help complete the Microsoft Azure AZ-204, but it provides a good insight into the areas within these topics. Labs and hands-on work are essential to passing most Microsoft Azure exams.
Implement IaaS solutions:
Azure virtual machine creation checklist:
Before you create a VM, you should consider the following:
Naming a VM
The VM name is used as the computer name, which is configured as part of the operating system
- Up to 15 characters for a Windows VM
- Up to 64 characters for a Linux VM
Current best practices for VM name choices:
|Environment||dev, prod, QA||Identifies the environment for the resource|
|Location||uw (US West), ue (US East)||Identifies the region into which the resource is deployed|
|Instance||01, 02||For resources that have more than one named instance (such as web servers)|
|Product or Service||service||Identifies the product, application, or service that the resource supports|
|Role||sql, web, messaging||Identifies the role of the associated resource|
VM pricing models
Two primary costs for every VM:
- Storage – The cost of storing data in every virtual hard disk. This cost is independent of whether the VM is running
- Compute – The usage-based price for compute capacity when the VM is currently allocated
There are two payment options for compute costs:
- Pay as you go – Compute capacity is billed and paid as it is used without a long-term commitment
- Reserved instances – Compute capacity can be pre-purchased at a reduced rate for anticipated usage
VM storage options
Azure Storage is the Microsoft cloud-based data storage solution. It supports almost any type of data and provides security, redundancy, and scalable access to the stored data. A Storage account provides access to objects in Azure Storage for a specific subscription. VMs always have one or more storage accounts to hold each attached virtual disk.
Use Azure Premium Storage for production workloads, especially those that are sensitive to performance variations or are I/O intensive. For development or testing, Standard storage is suitable.
Managed and unmanaged disks
- The Azure platform manages the disk and the backing storage
- You don’t have to worry about storage account limits and thresholds
- You manually create and manage virtual hard disks (VHDs) in your Storage account
- You will need to consider account throughput and capacity limits when using this model
Implement IaaS solutions:
create ARM templates
Azure Resource Manager overview
Resource Manager provides a consistent management layer to perform tasks through Azure PowerShell, Azure CLI, Azure portal, REST API, and client SDKs. All capabilities that are available in the Azure portal are also available through Azure PowerShell, Azure CLI, the Azure REST APIs, and client SDKs. Functionality initially released through APIs will be represented in the portal within 180 days of initial release.
A manageable item that is available through Azure. Some common resources are a virtual machine, storage account, web app, database, and virtual network, but there are many more.
A container that holds related resources for an Azure solution. The resource group can include all the resources for the solution, or only those resources that you want to manage as a group. You decide how you want to allocate resources to resource groups based on what makes the most sense for your organization.
A service that supplies the resources that you can deploy and manage through Resource Manager. Each resource provider offers operations for working with the resources that are deployed. Some common resource providers are Microsoft.Compute, which supplies the virtual machine resource, Microsoft.Storage, which supplies the storage account resource, and Microsoft.Web, which supplies resources related to web apps.
Resource Manager template
Syntax that lets you state “Here is what I intend to create” without having to write the sequence of programming commands to create it. The Resource Manager template is an example of declarative syntax. In the file, you define the properties for the infrastructure to deploy to Azure.
Resource Manager template deployment
With Resource Manager, you can create a template (in JSON format) that defines the infrastructure and configuration of your Azure solution. By using a template, you can repeatedly deploy your solution throughout its lifecycle and have confidence that your resources are deployed in a consistent state.
When you create a solution from the portal, the solution automatically includes a deployment template. You don’t have to create your template from scratch because you can start with the template for your solution and customize it to meet your specific needs.
You can also retrieve a template for an existing resource group by either exporting the current state of the resource group, or viewing the template used for a particular deployment. Viewing the exported template is a helpful way to learn about the template syntax.
Implement IaaS solutions:
create container images for solutions by using Docker
Virtualization and containers
Containers and VMs each have their uses. In fact, many container deployments use VMs as the host operating system rather than running directly on the hardware, especially when running containers in the cloud.
A container is an isolated, lightweight silo for running an application on a host operating system. Containers build on top of a host operating system’s kernel, and they contain only apps and some lightweight operating system APIs and services that run in user mode.
In contrast to containers, VMs run complete operating systems, including their own kernels.
A container is a loosely isolated environment that allows us to build and run software packages. These software packages include the code and all dependencies to run applications quicker and more reliably in most computing environments. These packages are known as container images.
Docker is a containerization platform that you can use to develop, ship, and run containers. Docker doesn’t use a hypervisor, and you can run it on a desktop or laptop if you’re developing and testing applications. The desktop version of Docker supports Linux, Windows, and macOS. For production systems, Docker is available for server environments, including many variants of Linux and Windows Server 2016 and newer versions.
The Docker platform consists of several components that you can use to build, run, and manage containerized applications.
This is an instance of a Docker image. It represents the execution of a single application, process, or service. It consists of the contents of a Docker image, an execution environment, and a standard set of instructions. When scaling a service, you create multiple instances of a container from the same image. Or a batch job can create multiple containers from the same image, passing different parameters to each instance.
This refers to a package with all the dependencies and information required to create a container. The dependencies include frameworks and the deployment and execution configuration that a container runtime uses. Usually, an image derives from multiple base images that are layers stacked on top of each other to form the container’s file system. An image is immutable once it has been created.
This refers to the action of building a container image based on the information and context provided by its Dockerfile, plus additional files in the folder where the image is built. You can build images by using the Docker docker build command.
This refers to the process of downloading a container image from a container registry.
This refers to the process of uploading a container image to a container registry.
This refers to a text file that contains instructions on how to build a Docker image. It’s like a batch script; the first line states the base image, followed by instructions to install required programs, copy files, and so on until you get the working environment you need.
Retrieving a new container image from Docker Hub
Running the retrieved container image
Implement IaaS solutions:
publish an image to the Azure Container Registry
Azure Container Registry (ACR)
Container Registry is a managed Docker registry service based on the open-source Docker Registry 2.0. Create and maintain Azure container registries to store and manage your private Docker container images.
Use container registries in Azure with your existing container development and deployment pipelines. Use Azure Container Registry Build (ACR Build) to build container images in Azure. Build on demand, or fully automate builds with source code commit and base image update build triggers.
A service that stores container images
A group of related container images
A point-in-time snapshot of a Docker-compatible container
A software application and its dependencies running in an isolated environment
Docker containers and registries
In the Docker ecosystem, a container registry contains a set of container repositories. Container repositories function like code source-control repositories as they store versioned copies of a container image. A machine running Docker can pull a container image from a registry and create a new container instance from the image.
Container Registry SKUs
|Basic||• Ideal for developers learning about Container Registry |
• Same programmatic capabilities as Standard and Premium, however, there are size and usage constraints
|Standard||• Same capabilities as Basic, but with increased storage limits and image throughput. |
• Should satisfy the needs of most production scenarios.
|Premium||• Higher limits on constraints, such as storage and concurrent operations, including enhanced storage capabilities to support high-volume scenarios. |
• Adds features like geo-replication for managing a single registry across multiple regions
Create a container registry by using Azure CLI
Build a Docker image for Container Registry
Azure Container Registry Build (ACR Build)
ACR Tasks is a suite of features within Container Registry that provides streamlined and efficient Docker container image builds in Azure. ACR Build is one of the tasks available in ACR Tasks.
Implement IaaS solutions:
run containers by using Azure Container Instance
Azure Container Instances (ACI)
Containers are becoming the preferred way to package, deploy, and manage cloud applications. Container Instances offers the fastest and simplest way to run a container in Azure, without having to manage any virtual machines and without having to adopt a higher-level service.
Container Instances is a good solution for any scenario that can operate in isolated containers, including simple applications, task automation, and build jobs. For scenarios where you need full container orchestration, including service discovery across multiple containers, automatic scaling, and coordinated application upgrades, we recommend Azure Kubernetes Service (AKS).
Container Instances features
|Fast startup times||Containers can start in seconds without the need to provision and manage VMs|
|Public IP connectivity and DNS name||Containers can be directly exposed to the internet with an IP address and a fully qualified domain name (FQDN)|
|Hypervisor-level security||Container applications are as isolated in a container as they would be in a VM|
|Custom sizes||Container nodes can be scaled dynamically to match actual resource demands for an application|
|Persistent storage||Containers support direct mounting of Azure Files shares|
|Linux and Windows containers||The same API is used to schedule both Linux and Windows containers|
|Co-scheduled groups||Container Instances supports scheduling of multicontainer groups that share host machine resources|
|Virtual network deployment||Container Instances can be deployed into an Azure virtual network|
Deploy a container to Container Instances
When you deploy an image that’s hosted in a private container registry, you must supply the registry’s credentials.
1.First, get the full name of the container registry login server (replace <acrName> with the name of your registry).
2.Next, get the container registry password.
3.Now, use the az container create command to deploy the container.
Replace <acrLoginServer> and <acrPassword> with the values that you obtained from the previous two commands. Replace <acrName> with the name of your container registry and <aciDnsLabel> with desired DNS name.
More topics on Develop Azure compute solutions:
Microsoft Azure AZ-204 exam topics:
If you have covered the current topics in Connect to and consume Azure services and third-party services then you can have a look at the other topic areas:
Monitor, troubleshoot, and optimize Azure solutions (10-15%)
View full documentation Microsoft Azure: AZ-204 exam content from Microsoft