Hands-on cloud administration in azure free pdf download
Maximum PC September Photoshop Elements Tricks and Tips March Linux Format UK May Skip to content Cloud Computing 0. Leave a Reply Cancel reply Your email address will not be published. Video Tutorials. Then, you needed to invest in hardware like firewalls, routers, network switches, servers, and storage.
You needed licenses for a virtualization layer, operating system licenses for virtual machines, and then licenses for different kinds of software. In the end, all material investment was in vain if you didn't have the right people to set everything up and maintain it in the years to come.
Once everything was in place and you had your private cloud running, it required new investment every few years as you needed new versions of software virtualization, operating systems, and other software and hardware needed to be replaced as well:.
The hosted cloud came as the first step in the transition from the private cloud to the public. As creating and maintaining your own private cloud demanded large-scale investment, some companies took advantage and started offering services where you could rent part of their data center and use it as your own private cloud.
They specialized in this kind of offer; it was cheaper for them to buy hardware and software as vendors offered discounts on mass purchases. So, creating an environment in the hosted cloud was cheaper then creating an identical environment in the private cloud.
There is also the question of upfront investment; using the private cloud requires that all hardware and most software licenses be paid for upfront, so many companies have decided to use the hosted cloud as they don't have to make an upfront investment but monthly or yearly subscriptions instead. Also, it's easier for data centers to provide experts to maintain systems as a single expert can take care of multiple customer environments.
For the private cloud, you need a network engineer, a storage specialist, a virtualization specialist, and so on, and this is for a single data center. In the case of a hosted cloud, all personnel are still required but a single specialist can set up and maintain environments for multiple customers and the price of maintenance is lower than for a private cloud. Note that to access the hosted cloud, usually some sort of Virtual Private Network VPN , either site-to-site or point-to-site, is required.
We access resources located outside our own network and located in another hosted network as shown in the following diagram:. In the next step of cloud evolution, the public cloud emerged. Large service providers offered large amounts of resources for on-demand use. Similar to the hosted cloud, resources you used were still outside your local infrastructure and hosted by service providers who specialized in this kind of offer.
There are two key differences. The first difference is that in a hosted data center the amount of resources available I usually predetermined and to get more resources you need to wait for new resources to be configured, if this becomes available at all.
In the public cloud, providers have a large amount of resources available for on-demand requests and you can get them whenever you need them. You can create any kind and any amount of resources when needed. All you need is to create a subscription and access to the internet to start deploying.
This also means you have highly scalable environments and you are not limited by the initial size of the resources created. For example, if you create a virtual machine with four CPUs and 16 GB of RAM and find out over time that the virtual machine can't handle the workload you have, you don't need to create a new virtual machine; you can use a scale-up option to change size.
Scaling up is explained later in more detail. This works other way around: If you find out that the size of the virtual machine initially created is too large for your workload, you don't need to keep that size and pay for something you don't need. Simply scaling down will do the trick. In this case, we access resources over the internet as shown in the following diagram:. The other difference between a hosted cloud and a private cloud is pricing.
In the public cloud, pricing is based on usage and the model of payment is such that you pay for only things that are used. So, in the public cloud, if you create a virtual machine, you will be paying for that virtual machine for the time you actually use it.
If you stop or delete this virtual machine, you will not be paying for it. The payment model is different for different cloud providers and can vary by per-day, per-hour, or per-minute usage.
As we'll talk about Microsoft Azure, it's important to mention that Azure is using a per-minute billing system. So, for example, if you create a virtual machine in Microsoft Azure and delete it after 12 days, 11 hours and 13 minutes, the amount you pay will be calculated for that exact amount of time.
In a per-hour billing system, you would pay for 12 days and 12 hours. In a per-day billing system, you would pay for 13 days. Another difference is multitenancy. Even the public cloud is available to everyone; creating your own subscription creates your own tenant. By using special fabric, this tenant separates your resources from other tenants, and resources created in that tenant are available only to people with access to that specific tenant.
The term cloud or public cloud wasn't forged with modern IT but the term started in the s with the concept of resources being time shared. The concept did evolve in the s with the private cloud. However, the cloud did evolve and shift further to a modern form in the s. Google followed with Google App Engine in Microsoft announced their version of the cloud in October and it was publicly available in February Other service providers followed and many companies such as IBM or Oracle have their own public cloud offering.
Looking at market shares and the pace at which they evolve, we can put only two cloud providers at the top of this list: Amazon Web Services and Microsoft. We already said that Microsoft announced their version of the public cloud in and public release was in At this time, the official name for Microsoft's public cloud platform was Windows Azure. The name was changed in April to Microsoft Azure.
The reason for the change was never publicly announced but there were many guesses. One of the theories was that Microsoft needed to change its name due to embracing open source software. As Microsoft added a Linux virtual machine to their offering, the name convention became too confusing. A virtual machine running Linux on a Microsoft public cloud would initially be Windows Azure Linux virtual machine, and having Windows and Linux in same name was confusing indeed.
Changing it to Microsoft Azure Linux virtual machine made more sense. Now, this is only one of the theories that you can find and not an official reason for the name change. Not only the name changed over the years. The first version of Azure, Windows Azure, had completely different specifications and a different type of portal. This portal was later referred to as a classic portal and the model of management for resources created in the classic portal was referred to as Azure Standard Management ASM.
The classic portal layout is shown in the following screenshot:. At this time, Microsoft realized there were issues with their cloud model and started working on completely new fabric. In , a new Azure portal was announced. These features changed how we managed resources in the cloud. In ASM, the only way to allow someone to administrate Azure resources was to add this person as a co-administrator to the Azure subscription. This person would have total access and control over the subscription in question.
With RABC, we got the option to give different permission levels to users such as reader or contributor, without giving them full access to the subscription. Resource groups went even further.
Resource groups in Azure represent logical containers where you can place resources depending on the convention of your choosing. For example, you can place all resources that are used by a single application in a single resource group.
This would allow you to give user access to a single resource group with the option to manage or access only that specific resource group. When that user logs in to the tenant, he will be able to see only the resource group that was assigned to him even if you have other resource groups under the same subscription or tenant.
You could go further with RABC and assign only users to a specific resource but that is too granular and hard to manage. Assignment based on resource groups is considered best practice and the best way to manage Azure resources. The new Azure portal was considered a preview version until December This portal became available in April , when it was announced, but it was a preview version. The new portal layout is shown in the following screenshot:.
The classic portal was announced to be retired and this eventually happened in January ARM templates are JSON files that hold information about Azure resources and can be used to deploy new resources or edit existing resources. You are able to create an ARM template and reuse it multiple times to create similar environments. By doing so, you automated your infrastructure deployment steps and removed possible mistakes in the deployment and configuration process.
Speaking of IaC, we have lot of terms something as something in cloud world. The main types of services in Microsoft Azure and cloud in general are:. Each type represents a different kind of service level and our control over that resource. To explain each one and how they relate, it's best to compare them to services in our local data center. A service layer for all models is shown in the following diagram and we'll use this to explain the relationship between cloud models:.
In a private data center, we are responsible to set up and maintain everything. We need to set up a networking stack, prepare and configure storage, buy and prepare hardware, install software, and configure the virtualization host.
Then we need to configure images and servers, and deploy and manage databases. Security is also our concern in all aspects—physical security, network security, host and OS security, and finally application security for all application software running on our servers.
With IaaS, it gets easier. We don't have to prepare anything anymore; all we need to do is sign up for a subscription and create a virtual machine when needed and start using it. The part where we must buy, prepare, configure, and maintain is no longer our concern and the cloud service provider takes care of that, in our case Microsoft with Azure. Preparing images and deployments is also no longer our responsibility. Security is getting easier and physical, network, and host security are handled by Microsoft.
We still have a responsibility in the security corner in order to keep our operating system up to date, patched, and secure. Application security is also our responsibility and we need to keep applying the best security practices in order to stay safe and secure.
Many people forget that when migrating to the cloud we need to step up security. As the cloud service provider takes care of a big part of security, many get comfortable and relaxed and they neglect the part of security they need to take care of.
When moving to the cloud, we need to remember that our resources and applications are publicly exposed and will experience significantly more "attacks" compared to when using on-premises infrastructure. Attacking resources on-premises usually means getting behind a firewall, then breaching the server and getting some data out.
Now, many services are accessible over the internet and you need to take care of security better than ever before. PaaS is getting even easier to use than IaaS. Everything that we said the cloud service provider is taking care of applies, plus some more. In this type of service, Microsoft is taking care of the operating system, additional software needed, and an additional layer of security.
We still need to maintain everything we place there depending on the PaaS service and the part of security that remains our problem.
Again, people forget that security part very quickly as even more responsibility is on Microsoft. However, IaaS is often used with VPN connections either point-to-site or site-to-site and endpoints are not publicly exposed in this case. This is not the case with PaaS, which is more often accessed over the internet.
Because of this, we need to take security very seriously unless we want to lose our data or access to our services. Finally, we have SaaS. In SaaS, the cloud service provider is taking care of almost everything, from end to end. In this case, we have a complete solution prepared and all we have to do is create a subscription and assign users different kinds of access.
Usually, SaaS has to have modules, an administrator, and a user. The administrator module is used to manage users and access levels; the user module is used to actually use the software feature we subscribed to. Security is also our responsibility, only on the user level, and we need to make sure users are aware that they need to keep their credentials safe and their password strong enough to prevent accounts being brute-forced into.
This diagram explaining Pizza as a Service is very often used to describe how cloud services relate to real-life situations and to better understand what cloud computing offers:. In this case, we can compare pizza to all four types we have in the previous diagram that explains IaaS, PaaS, and SaaS as well as on-premises computing. When compared to on-premises computing, pizza would be the homemade option. We need to buy all ingredients, mix everything, bake it, buy sodas, and serve.
Comparing pizza to IaaS, we would buy frozen pizzas and bake them, set up the table, and serve. Pizza, compared to PaaS, would be home delivery—we just order our pizza and need to buy sodas and serve. Lastly, the SaaS version of pizza would be dining in a restaurant: we go out and order and everything is done for us. We get our pizza, get our sodas, and everything is served.
We already discussed some of the features and benefits that each cloud service model brings to us. IaaS needs more enrolment and more maintenance than PaaS.
SaaS needs even less of a human touch than PaaS and almost no maintenance except for user administration. But there is an other side of that as well. SaaS asks for minimum maintenance and administration, but gives you a minimum amount of customization too. If you need something changed in SaaS, you'll probably need to contact your cloud service provider who can make the changes.
In PaaS, you have more freedom in terms of administration, maintenance, and customization. However, these changes are usually a preconfigured set of options you can choose from, but there are still more options than in SaaS. IaaS requires the most administration and maintenance but gives you the best customization options as well.
As you are controlling everything from the operating system upwards you can select different preconfigured images or even bring in your own OS image , you have the best control as well.
You can select what features you are going to configure, what server roles you are going to have on that server, and even install any type of software on that virtual machine. The bottom line is you need to decide what kind of feature is best suited for you in a given situation.
In some cases, the simplest solution would be SaaS, as that product offers everything you need. If you need the latest settings and features, you'll probably use the PaaS model. If you have some legacy dependencies, IaaS would be the way to go. This way, you would be able to configure and install everything related to that dependency.
The first benefit of cloud computing is obvious from all things previously written: it's easier to maintain and manage. With the cloud there are many areas of expertise you don't need to provide yourself; the cloud service provider manages these thing for you. But this can be kind of a trap—cloud resources are not self-managed and you still need IT professionals who will manage and maintain your resources and keep them in good health.
These are different kinds of IT professionals than in a local data center, but we still need people who understand core IT. If you are using databases, you are still going to need a database administrator. IT professionals need to adjust their skills and roles to cloud computing and leave on-premises behind them, but we still need them very much.
The financial benefit is also one of the obvious pros. In an on-premises environment you needed to buy and pay for all resources upfront, before you started using them. There are many different hardware components that we need to prepare for a local data center such as a firewall, network switches, storage, servers, a power supply that cannot be interrupted, and so on.
We need to prepare infrastructure that can handle this kind of hardware, such as a proper server room. Cooling that will keep our hardware at the optimum temperature or provide enough electrical power that we can keep this running without overloading our electrical grid. And when we have everything in place, we need to have proper licenses for the virtualization host, operating system licenses for each virtual machine you want to run, and licenses for any additional software you plan to use such as SQL Server, endpoint protection, or any other software needed.
In a local data center, you need to buy and prepare everything in advance. This can be a significant financial hit for any organization. And after this initial cost, we have to pay upkeep. We are paying for electricity, for a cooling system, the required spare parts, and someone to maintain all of this. After a few years, our hardware and software becomes obsolete and we need to repeat everything again. It can be hard to keep up and stay relevant in these conditions.
In the cloud, we don't have to pay upfront for anything; we are using services in a pay-as-you-go model where you pay for resources you are using on a per-minute basis.
We don't have to invest heavily in anything—you create resources when you need them, for the amount of time you need them for, and delete them once you're done.
If we need a new server, we can have that in a matter of minutes in the cloud. There is no need to contact different resellers, no filling in orders and waiting for deliveries. In Azure, you just spin up a virtual machine or any other resource whenever you need it. Once you don't need it anymore, you can delete it and from that moment on you don't need to pay for it anymore. This is also one of the differences between the cloud and on-premises: you are not stuck with what you buy.
In a local data center, you need to buy resources in order to use them. Once you don't need them, they don't magically disappear from your server room. And even if it did somehow disappear, you still invested money. Assessment in terms of how many resources we need for a specific service can also be a big issue.
Let's say we are creating a new web application that we are going to offer to end users. Following is what you need for this book: Hands-On Cloud Administration in Azure is for system administrators, cloud admins, cloud engineers, and DevOps engineers who are interested in understanding administration-related services in Azure.
Prior experience of working with Azure is an added advantage. With the following software and hardware list you can run all code files present in the book Chapter Click here to download it.
Azure for Architects [Packt] [Amazon]. Mustafa Toroman is a program architect and senior system engineer with Authority Partners. He has years of experience in designing and monitoring infrastructure solutions, and has lately been focused on designing new solutions in the cloud and migrating existing solutions to the cloud. He is very interested in DevOps processes and he's also an Infrastructure-as-Code enthusiast. Click here if you have any feedback or suggestions.
Skip to content. Star 3.
0コメント