90DaysOfDevOps/2022/zh_tw/Days/day34.md

8.2 KiB

title published description tags cover_image canonical_url id
#90DaysOfDevOps - Microsoft Azure Hands-On Scenarios - Day 34 false 90DaysOfDevOps - Microsoft Azure Hands-On Scenarios devops, 90daysofdevops, learning null null 1048763

Microsoft Azure Hands-On Scenarios

The last 6 days have been focused on Microsoft Azure and the public cloud in general, a lot of this foundation had to contain a lot of theory to understand the building blocks of Azure but also this will nicely translate to the other major cloud providers as well.

I mentioned at the very beginning about getting a foundational knowledge of the public cloud and choosing one provider to at least begin with, if you are dancing between different clouds then I believe you can get lost quite easily whereas choosing one you get to understand the fundamentals and when you have those it is quite easy to jump into the other clouds and accelerate your learning.

In this final session, I am going to be picking and choosing my hands-on scenarios from this page here which is a reference created by Microsoft and is used for preparations for the AZ-104 Microsoft Azure Administrator

There are some here such as Containers and Kubernetes that we have not covered in any detail as of yet so I don't want to jump in there just yet.

In previous posts, we have created most of Modules 1,2 and 3.

Virtual Networking

Following Module 04:

I went through the above and changed a few namings for the purpose of #90DaysOfDevOps. I also instead of using the Cloud Shell went ahead and logged in with my new user created on previous days with the Azure CLI on my Windows machine.

You can do this using the az login which will open a browser and let you authenticate to your account.

I have then created a PowerShell script and some references from the module to use to build out some of the tasks below. You can find the associated files in this folder. (Cloud\01VirtualNetworking)

Please make sure you change the file location in the script to suit your environment.

At this first stage we have no virtual network or virtual machines created in our environment, I only have a cloudshell storage location configured in my resource group.

I first of all run my PowerShell script

  • Task 1: Create and configure a virtual network

  • Task 2: Deploy virtual machines into the virtual network

  • Task 3: Configure private and public IP addresses of Azure VMs

  • Task 4: Configure network security groups

  • Task 5: Configure Azure DNS for internal name resolution

Network Traffic Management

Following Module 06:

Next walkthrough, from the last one we have gone into our resource group and deleted our resources, if you had not set up the user account like me to only have access to that one resource group you could follow the module changing the name to 90Days* this will delete all resources and resource group. This will be my process for each of the following lab.

For this lab I have also created a PowerShell script and some references from the module to use to build out some of the tasks below. You can find the associated files in this folder. (Cloud\02TrafficManagement)

  • Task 1: Provision the lab environment

I first of all run my PowerShell script

  • Task 2: Configure the hub and spoke network topology

  • Task 3: Test transitivity of virtual network peering

For this my 90DaysOfDevOps group did not have access to the Network Watcher because of permissions, I expect this is because Network Watchers are one of those resources that are not tied to a resource group which is where our RBAC was covered for this user. I added the East US Network Watcher contributer role to the 90DaysOfDevOps group.

^ This is expected, since the two spoke virtual networks are not peered with each other (virtual network peering is not transitive).

  • Task 4: Configure routing in the hub and spoke topology

I had another issue here with my account not being able to run the script as my user within the group 90DaysOfDevOps which I am unsure of so I did jump back into my main admin account. The 90DaysOfDevOps group is an owner of everything in the 90DaysOfDevOps Resource Group so would love to understand why I cannot run a command inside the VM?

I then was able to go back into my michael.cade@90DaysOfDevOps.com account and continue this section. Here we are running the same test again but now with the result being reachable.

  • Task 5: Implement Azure Load Balancer

  • Task 6: Implement Azure Application Gateway

Azure Storage

Following Module 07:

For this lab I have also created a PowerShell script and some references from the module to use to build out some of the tasks below. You can find the associated files in this folder. (Cloud\03Storage)

  • Task 1: Provision the lab environment

I first of all run my PowerShell script

  • Task 2: Create and configure Azure Storage accounts

  • Task 3: Manage blob storage

  • Task 4: Manage authentication and authorization for Azure Storage

I was a little impatient waiting for this to be allowed but it did work eventually.

  • Task 5: Create and configure an Azure Files shares

On the run command this would not work with michael.cade@90DaysOfDevOps.com so I used my elevated account.

  • Task 6: Manage network access for Azure Storage

Serverless (Implement Web Apps)

Following Module 09a:

  • Task 1: Create an Azure web app

  • Task 2: Create a staging deployment slot

  • Task 3: Configure web app deployment settings

  • Task 4: Deploy code to the staging deployment slot

  • Task 5: Swap the staging slots

  • Task 6: Configure and test autoscaling of the Azure web app

This script I am using can be found in (Cloud/05Serverless)

This wraps up the section on Microsoft Azure and the public cloud in general. I will say that I had lots of fun attacking and working through this scenarios.

Resources

Next we will be diving into version control systems, specifically around git and then also code repository overviews and we will be choosing GitHub as this is my preferred option.

See you on Day 35