Scribd
Upload
148 views

Module 05 Implement Infrastructure As A Service Solutions

Uploaded by

Xulfee
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
148 views

Module 05 Implement Infrastructure As A Service Solutions

Uploaded by

Xulfee
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 49

Module 05: Implement

infrastructure as a
service solutions

© Copyright Microsoft Corporation. All rights reserved.


Provision virtual machines in Azure

Create and deploy Azure Resource Manager templates


Module
Agenda
Manage container images in Azure Container Registry

Run container images in Azure Container Instances

© Copyright Microsoft Corporation. All rights reserved.


Lesson 1: Provision Virtual Machines in Azure

© Copyright Microsoft Corporation. All rights reserved.


Introduction

© Copyright Microsoft Corporation. All rights reserved.


Explore Azure virtual machines

Design considerations for virtual Virtual machine extensions


machine creation creation • Run custom scripts
• Availability • Deploy and manage configurations
• VM size • Collect diagnostics data
• VM limits
• VM image
• VM disks

© Copyright Microsoft Corporation. All rights reserved.


Compare virtual machine availability options (1 / 3)

Availability zones: An Availability Zone in an Azure region is a combination of a fault domain and an update domain.

Availability sets: A logical grouping of VMs that allows Azure to understand how your application is built to provide
for redundancy and availability.

Virtual machine scale sets: Create and manage a group of load balanced VMs . Number of VM instances can
automatically increase or decrease in response to demand or a defined schedule

Load balancer: A Layer-4 (TCP, UDP) load balancer that provides high availability by distributing incoming traffic
among healthy VMs.

© Copyright Microsoft Corporation. All rights reserved.


Compare virtual machine availability options (2 / 3)
Availability sets

Fault domains
A fault domain is a logical
group of underlying
hardware that share a
common power source and
network switch, similar to a
rack within an on-premises
datacenter.

© Copyright Microsoft Corporation. All rights reserved.


Compare virtual machine availability options (3 / 3)
Availability sets
Update domains
Update domains enable
targeting specific sets of
hardware for maintenance or
rebooting.

© Copyright Microsoft Corporation. All rights reserved.


Determine appropriate virtual machine size
The best way to determine the appropriate VM size is to consider the type of workload your VM needs to run.

VM Type Description
General Purpose Balanced CPU-to-memory ratio. Ideal for testing and development, small to medium databases,
and low to medium traffic web servers.
Compute Optimized High CPU-to-memory ratio. Good for medium traffic web servers, network appliances, batch
processes, and application servers.
Memory Optimized High memory-to-CPU ratio. Great for relational database servers, medium to large caches, and in-
memory analytics.
Storage Optimized High disk throughput and IO ideal for Big Data, SQL, NoSQL databases, data warehousing and
large transactional databases.
GPU Specialized virtual machines targeted for heavy graphic rendering and video editing, as well as
model training and inferencing (ND) with deep learning. Available with single or multiple GPUs.
High Performance Our fastest and most powerful CPU virtual machines with optional high-throughput network
Compute interfaces (RDMA).

© Copyright Microsoft Corporation. All rights reserved.


Exercise: Create a virtual machine

Task 1: Create a resource Task 2: Install a web server Task 3: View the web server in
group and a virtual machine action

Task 4: Clean up resources

© Copyright Microsoft Corporation. All rights reserved.


Summary and knowledge check

© Copyright Microsoft Corporation. All rights reserved.


Lesson 2: Create and Deploy Azure Resource
Manager Templates

© Copyright Microsoft Corporation. All rights reserved.


Introduction

© Copyright Microsoft Corporation. All rights reserved.


Explore Azure Resource Manager (1 / 2)

© Copyright Microsoft Corporation. All rights reserved.


Explore Azure Resource Manager (2 / 2)

Advantages of using templates: Template file


You can write template expressions that extend
• Declarative syntax: Azure Resource Manager the capabilities of JSON. These expressions
templates allow you to create and deploy an entire make use of the functions provided by Resource
Azure infrastructure declaratively. Manager.
• Repeatable results: Reliably deploy your
infrastructure throughout development.
• Orchestration: You don't have to worry about the
complexities of ordering operations.

© Copyright Microsoft Corporation. All rights reserved.


Deploy multi-tiered solutions (1 / 3)
Template deployment

"resources": [ PUT
{ https://management.azure.com/subscriptions/{subscr
"type": "Microsoft.Storage/storageAccounts", iptionId}/...?api-version=2019-04-01
"apiVersion": "2019-04-01", REQUEST BODY
"name": "mystorageaccount", {
"location": "westus", "location": "westus",
"sku": { "sku": {
"name": "Standard_LRS" "name": "Standard_LRS"
}, },
"kind": "StorageV2", "kind": "StorageV2",
"properties": {} "properties": {}
} }
]

© Copyright Microsoft Corporation. All rights reserved.


Deploy multi-tiered solutions (2 / 3)
Three-tier template

Three-tier application through a single


Resource Manager template.

© Copyright Microsoft Corporation. All rights reserved.


Deploy multi-tiered solutions (3 / 3)
Nested templates

Nested templates deploying a similar


three-tier application

© Copyright Microsoft Corporation. All rights reserved.


Explore conditional deployment

Optional deployment
• Use the condition element to specify whether the resource is deployed.
• The value for the condition resolves to true or false.

Create or use existing resource


• You can use conditional deployment to create a new resource or use an existing one.

Runtime functions
• If you use a reference or list function with a resource that is conditionally deployed, the
function is evaluated even if the resource isn't deployed. You get an error if the function
refers to a resource that doesn't exist.
• Use the if function to make sure the function is only evaluated for conditions when the
resource is deployed.

© Copyright Microsoft Corporation. All rights reserved.


Set the correct deployment mode (1 / 3)

Two deployment mode: an incremental update or a complete update.


• The difference between these two modes is how Resource Manager handles existing resources in
the resource group that aren't in the template.
• For both modes, Resource Manager tries to create all resources specified in the template.

Complete mode Incremental mode


In complete mode, Resource Manager deletes In incremental mode, Resource Manager
resources that exist in the resource group but leaves unchanged resources that exist in the
aren't specified in the template. resource group but aren't specified in the
template.

© Copyright Microsoft Corporation. All rights reserved.


Set the correct deployment mode (2 / 3)

Example result
To illustrate the difference between incremental and complete modes, consider the following table.

Resource Group contains Template contains Incremental result Complete result


Resource A Resource A Resource A Resource A
Resource B Resource B Resource B Resource B
Resource C Resource D Resource C Resource D
Resource D

• When deployed in incremental mode, Resource D is added to the existing resource group.
• When deployed in complete mode, Resource D is added and Resource C is deleted.

© Copyright Microsoft Corporation. All rights reserved.


Set the correct deployment mode (3 / 3)
Set deployment mode

To set the deployment mode when deploying with Azure CLI, use the mode parameter.

az deployment group create \


--mode Complete \
--name ExampleDeployment \
--resource-group ExampleResourceGroup \
--template-file storage.json

© Copyright Microsoft Corporation. All rights reserved.


Exercise: Create and deploy Azure Resource Manager
templates by using Visual Studio

Task 1: Create an Azure Task 2: Add an Azure resource Task 3: Add parameters to the
Resource Manager template to the template template

Task 4: Create a parameter file Task 5: Deploy the template Task 6: Clean up resources

© Copyright Microsoft Corporation. All rights reserved.


Summary and knowledge check

© Copyright Microsoft Corporation. All rights reserved.


Lesson 3: Manage Container Images in Azure
Container Registry

© Copyright Microsoft Corporation. All rights reserved.


Introduction

© Copyright Microsoft Corporation. All rights reserved.


Discover the Azure Container Registry (1 / 2)

Use cases Azure Container Registry service tiers


Pull images from an Azure container registry to Azure Container Registry is available in
various deployment targets: multiple service tiers.
• Scalable orchestration systems that manage • Basic
containerized applications across clusters of • Standard
hosts.
• Premium
• Azure services that support building and
running applications at scale.

© Copyright Microsoft Corporation. All rights reserved.


Discover the Azure Container Registry (2 / 2)

Supported images and artifacts Azure Container Registry Tasks


• Grouped in a repository, each image is a read- • Use Azure Container Registry Tasks (ACR
only snapshot of a Docker-compatible Tasks) to streamline building, testing,
container. pushing, and deploying images in Azure.
• Azure container registries can include both
Windows and Linux images.
• Azure Container Registry also stores Helm
charts and images built to the Open Container
Initiative (OCI) Image Format Specification.

© Copyright Microsoft Corporation. All rights reserved.


Explore storage capabilities

Every Basic, Standard, and Premium Azure container registry benefits from advanced Azure storage
features

• Encryption-at-rest: All container images in • Image limits: The container image and
your registry are encrypted at rest. storage limits in place for Azure container
• Geo-redundant storage: Azure uses a geo- registries:
redundant storage scheme to guard against o Repositories No limit
loss of your container images. o Images No limit
• Geo-replication: For scenarios requiring even o Layers No limit
more high-availability assurance, consider o Tags No limit
using the geo-replication feature of Premium o Storage 5 TB
registries.

© Copyright Microsoft Corporation. All rights reserved.


Build and manage containers with tasks

ACR Tasks is a suite of features within Azure Container Registry. It provides cloud-based container image
building for platforms including Linux, Windows, and ARM, and can automate OS and framework
patching for your Docker containers.
Task scenarios
ACR Tasks supports several scenarios to build and maintain container images and other artifacts:
• Quick task
• Automatically triggered tasks
• Multi-step task

© Copyright Microsoft Corporation. All rights reserved.


Explore elements of a Dockerfile (1 / 2)
# Step 1: Specify the parent image for the new image
FROM ubuntu:18.04

# Step 2: Update OS packages and install additional software


RUN apt -y update && apt install -y wget nginx software-properties-common apt-transport-https \
&& wget -q <URL>/ubuntu/18.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb \
&& dpkg -i packages-microsoft-prod.deb \
&& add-apt-repository universe \
&& apt -y update \
&& apt install -y dotnet-sdk-3.0

# Step 3: Configure Nginx environment


CMD service nginx start

# Step 4: Configure Nginx environment


COPY ./default /etc/nginx/sites-available/default

© Copyright Microsoft Corporation. All rights reserved.


Explore elements of a Dockerfile (2 / 2)
# STEP 5: Configure work directory
WORKDIR /app

# STEP 6: Copy website code to container


COPY ./website/. .

# STEP 7: Configure network requirements


EXPOSE 80:8080

# STEP 8: Define the entry point of the process that runs in the container
ENTRYPOINT ["dotnet", "website.dll"]

© Copyright Microsoft Corporation. All rights reserved.


Exercise: Build and run a container image by using Azure
Container Registry Tasks

Task 1: Create an Azure Task 2: Build and push image Task 3: Verify the results
Container Registry from a Dockerfile

Task 4: Run the image in the Task 5: Clean up resources


ACR

© Copyright Microsoft Corporation. All rights reserved.


Summary and knowledge check

• Explain the features and benefits Azure


Container Registry offers
• Describe how to use ACR Tasks to automate
builds and deployments
• Explain the elements in a Dockerfile
• Build and run an image in the ACR by using
Azure CLI

© Copyright Microsoft Corporation. All rights reserved.


Lesson 4: Run Container Images in Azure
Container Instances

© Copyright Microsoft Corporation. All rights reserved.


Introduction

© Copyright Microsoft Corporation. All rights reserved.


Explore Azure Container Instances (1 / 3)
Feature Description
Fast startup times Containers can start in seconds without the need to provision and manage VMs

Public IP connectivity and DNS Containers can be directly exposed to the internet with an IP address and a fully
name qualified domain name (FQDN)

Hypervisor-level security Container applications are as isolated in a container as they would be in a VM

Container nodes can be scaled dynamically to match actual resource demands for
Custom sizes
an application

Persistent storage Containers support direct mounting of Azure Files shares

Linux and Windows containers The same API is used to schedule both Linux and Windows containers

Container Instances supports scheduling of multicontainer groups that share host


Co-scheduled groups
machine resources

Virtual network deployment Container Instances can be deployed into an Azure virtual network

© Copyright Microsoft Corporation. All rights reserved.


Explore Azure Container Instances (2 / 3)

Container groups
The top-level resource in
Azure Container Instances is
the container group.

The containers in a container


group share a lifecycle,
resources, local network, and
storage volumes.

© Copyright Microsoft Corporation. All rights reserved.


Explore Azure Container Instances (3 / 3)

Deployment Storage
• There are two common ways to deploy a multi- • Specify external volumes to mount within a
container group: ARM template or a YAML file. container group.
Resource allocation • Map those volumes into specific paths within the
individual containers in a group.
• Azure Container Instances allocates resources such
as CPUs, memory, and optionally GPUs (preview) to a Common scenarios
container group by adding the resource requests of • Multi-container groups are useful in cases where
the instances in the group. you want to divide a single functional task into a
Networking small number of container images.
• Container groups share an IP address and a port
namespace on that IP address.

© Copyright Microsoft Corporation. All rights reserved.


Exercise: Deploy a container instance by using the Azure

Task 1: Create a resource Task 2: Create a container Task 3: Verify the container is
group for the container running

© Copyright Microsoft Corporation. All rights reserved.


Run containerized tasks with restart policies (1 / 2)

Overview Container restart policy


With a configurable restart policy, you can When you create a container group in Azure
specify that your containers are stopped when Container Instances, you can specify one of
their processes have completed. three restart policy settings:
• Always
• Never
• OnFailure

© Copyright Microsoft Corporation. All rights reserved.


Run containerized tasks with restart policies (2 / 2)

Specify a restart policy Run to completion


Specify the --restart-policy parameter when Azure Container Instances starts the container, and
you call az container create. then stops it when its application, or script, exits.
When Azure Container Instances stops a container
az container create \ whose restart policy is Never or OnFailure, the
--resource-group myResourceGroup \
container's status is set to Terminated.
--name mycontainer \
--image mycontainerimage \
--restart-policy OnFailure

© Copyright Microsoft Corporation. All rights reserved.


Set environment variables in container instances (1 / 2)
az container create \
• Provides dynamic
--resource-group myResourceGroup \
configuration of the --name mycontainer2 \
application or script run by --image mcr.microsoft.com/azuredocs/aci-wordcount:latest \
the container. --restart-policy OnFailure \
--environment-variables 'NumWords'='5' 'MinLength'='8'
• ACI supports both Windows
and Linux containers to pass
secrets as environment
variables

• In the example two variables


are passed to the container
when it is created.

© Copyright Microsoft Corporation. All rights reserved.


Set environment variables in container instances (2 / 2)
YAML example apiVersion: 2018-10-01
location: eastus
• Set a secure environment name: securetest
variable by specifying the properties:
secureValue property containers:
- name: mycontainer
instead of the regular value properties:
for the variable's type. environmentVariables:
• The two variables defined in - name: 'NOTSECRET'
value: 'my-exposed-value'
the YAML demonstrate the - name: 'SECRET'
two variable types. secureValue: 'my-secret-value'
image: nginx
...

© Copyright Microsoft Corporation. All rights reserved.


Mount an Azure file share in Azure Container Instances (1 / 2)

Overview Limitations
• By default, Azure Container Instances are • You can only mount Azure Files shares to Linux
stateless. If the container crashes or stops, all of containers.
its state is lost. • Azure file share volume mount requires the
• To persist state beyond the lifetime of the Linux container run as root.
container, you must mount a volume from an • Azure File share volume mounts are limited to
external store. CIFS support.

© Copyright Microsoft Corporation. All rights reserved.


Mount an Azure file share in Azure Container Instances (2 / 2)

Deploy container and mount volume - Mount multiple volumes


YAML • To mount multiple volumes in a container
• You can also deploy a container group and instance, you must deploy using an Azure
mount a volume in a container with the Azure Resource Manager template or a YAML file.
CLI and a YAML template. • To use a template or YAML file, provide the
share details and define the volumes by
populating the volumes array in the
properties section of the template.

© Copyright Microsoft Corporation. All rights reserved.


Summary and knowledge check

• Describe the benefits of Azure Container


Instances and how resources are grouped
• Deploy a container instance in Azure by using
the Azure CLI
• Start and stop containers using policies
• Set environment variables in your container
instances
• Mount file shares in your container instances

© Copyright Microsoft Corporation. All rights reserved.


Lab 05: Deploy compute
workloads by using images
Lab 04: Constructing
and containers
a polyglot data
solution
http://aka.ms/az204labs 45
minutes

http://aka.ms/az204labs

© Copyright Microsoft Corporation. All rights reserved.


© Copyright Microsoft Corporation. All rights reserved.

You might also like