These are the 20 regions listed, as can also be seen in the image.
- Central United States
- Eastern United States
- Eastern United States 2
- US Gov Iowa
- US Gov Virginia
- North Central United States
- South Central United States
- Western United States
- Northern Europe
- Western Europe
- Eastern Asia
- Western Asia South East
- East Japan
- West Japan
- Brazil South
- East Australia
- Australia So utheast
- Central India
- South India
Comment choose the right datacenter for your application
When creating a Windows Azure application, be it mobile application, web application or database storage, it asks to specify the region. The region here specifies a regional datacenter.
Performance - You should select the datacenter closest to the users of your application. Performance may be affected by the 'relative location of users who wish to access the application.The closer to the data center, the better the performance.
Cost - The price of hosting the application may also increase or decrease depending on the datacenter you choose. The price may actually vary depending on where the database is hosted or any other service used by the application. You must choose the same location for all the services used by your application. For example, a database or any other multimedia service. If kept in a separate data center, a fee will be charged per transaction, but no surcharge will be charged if kept in the same data center.
Legal - Laws vary from country to country and restrictions may apply in some areas on what information can be shared and what cannot. can't.
Microsoft Azure - Scenarios
Understanding the basic scenarios of Windows Azure will help us understand its use. In addition, it will help us understand the services offered. Three basic scenarios are discussed here. In addition to the following scenarios, there can be many other ways to use Azure services depending on customer needs, but all basic uses are covered in this chapter.
Software development is the most popular scenario in Windows Azure. The software is developed and tested on the local development fabric and then deployed in the Windows Azure cloud. Azure hosts the web application as well as the supporting processes, communicating with other web services.
Testing the application during software development usually becomes too long for developers if they need to change the environment configurations used to host the application. Dans Windows Azure, this is not a problem as the resources are absolutely under their control and can be changed as needed by the application. Once a web application is hosted in the Windows Azure cloud, it is ready for use by end users and organizations.
Moreover, the deployment of the application is very easy in Windows Azure using the tools provided by them. These tools are MS deploy, PowerShell, integration with Team Foundation Server (TFS). The Visual Studio cloud project is also a simple option to deploy the application.
An application is tested in the staging environment, and then deployed to the production environment for end users to use.
Business Process Offload
In some situations, an organization needs to reduce the loads on its on-premises systems for a certain period of time orregularly. This could be easily achieved by using Windows Azure services at a very low cost. Customers should pay only for transactions made on their app instead of paying for full hardware and software.
This is an extremely cost effective way to use new resources for the organization. Against this backdrop, Azure provides fairly rapid growth for businesses by expanding resources into the cloud when needed.
Integration of enterprise applications
This is commonly referred to as the EAI scenario. Consider a scenario, when it is necessary for two different organizations to send and receive data between applications which is then processed by those applications. Cross-company application integration can be done using Windows Azure. The service is called BizTalk service, whic h facilitates B2B messaging between aon-premise or on-cloud applications from different organizations.
This service allows a connection between applications even if they follow different transport protocols. The process also includes validating and extracting the properties required by the application at the receiving end. In a normal scenario, where communication is required between the applications of two organizations, the interaction will have to bypass the firewall by completing the official process. However, in the service offered by Windows Azure, communication between applications does not need to bypass the organization's firewall.
Microsoft Azure - Management Portal
As the name suggests, this is a portal to manage Azure services, which was released in 2012 It is a platform provided by Microsoft for its Azure customers where they can view, manage and purchase the services offered by Azure. Another portal called"Azure Preview Portal" was released by the Azure team in 2014, which makes it easier to access the platform on mobiles and tablets. However, the functionality is more or less the same in both portals.
To access the management portal -
Step 1 - Go to https: //manage.windowsazure.com "
Step 2 - Log in with your Hotmail or Live ID. If you don't have an Azure account, create one. You will get a free trial, and you will be able to explore, learn, and build your own applications using Windows Azure.
The following screen will appear.
As here we already have an application running, you can see a list of it. Your account will be empty for the first time. The left panel categorizes the applications and the central part lists allthe account applications.
Create a new application
Step 1 - Click on the lower left corner "New".
Step 2 - The following screen will appear and you can choose what you want to create.
Check credit and subions
Step 1 - Click on 'Credit ' in the green block at the top of the screen.
Step 2 - Click on ' See more details '. This will take you to the next screen. This screen will show you all the details of your subion, spending and data usage.
As the spending limit is set here, it says“ Remove spending limit ”. If the limit had not been set, he would have said "Set the spending limit." This way you can set a spending limit for yourself. Your services will be stopped once you reach the spending limit.
If you scroll through thepage down in the image above, you can see everything that is available with your subion and see the details on the right side.
You have complete control over your spending. The green block in which the "Credit " button is displayed will change color if you are about to run out of your credit. This amount is calculated based on your average daily expenses and will tell you in how many days your credit will be exceeded.
Add a new subion
Step 1 - Click on the identifier e-mail from your account or on the image in the upper right corner.
Step 2 - Click on "View my invoice " from the list.
Step 3 - This will bring you to the next screen. Click on 'add subion '.
Step 4 - Choose the subion in the list on the next screen.
Azure Preview Portal
Step 1 - Click on the 'your account email in the upper right corner.
Step 2 - Select "Switch to Azure Preview Portal".
Step 3 - The following screen appears. All features are the same. 'Azure Preview Portal ' is designed for mobile and tablet screens with a design responsive.
Microsoft Azure - Create virtual network
You can create a virtual network in the cloud or you can also connect to the network Local LAN to cloud network in Windows Azure. This tutorial will first explain how to create a cloud only network.
Creating a virtual network in cloud only
Step 1 - Log in to the Azure management portal.
Step 2 - Click on "New " in the lower left corner.
Step 3 - Click on "Network Services 'then ' Virtual Network '.
Step 4 - Click on 'Quick Create '.
Ste p 5 - Enter the name and leave all other fields as is except location. You don't have to specify in this case since everything will be decided by Azure itself.
Step 6 - Click on "Create a virtual network" and it 's done.
Create a virtual network in the cloud only (advanced settings)
Step 1 - Click on "custom creation " instead of "quick creation "when creating a new virtual network and the following screen will appear.
Step 2 - Enter the name from the 'Network ' and choose a location. You will see that it will draw an image at the bottom.
The name of the DNS server is optional to enter because we are creating a cloud-only network Also leave the "Point-to-Site Connectivity " and "Site-to-Site Connectivity " options as they are. The following chapters will have a demonstration on how to configure these two options.
Step 3 - Click on next and leave the defaults on the next screen.
Step 4 - Click on the next arrow and a virtual network is created.
You can add DNS servers and local network even after creating a virtual network.
Microsoft Azure - Virtual Machine Deployment
A quick process for creating a virtual machine has been included in the "Compute Module" chapter. This chapter contains the detailed process, including the configuration of virtual machines.
Step 1 - Log in to Azure Management Portal.
Step 2 - Locate and click on 'Virtual Machines ' in the left panel then click on 'Create a Virtual Machine '.
Step 3 - You can also click on "New " in the lower left corner, then on "Calculate " → "Virtual Machine '→ ' Rap creationide '.
Step 4 - Enter the DNS name. This must be unique. The DNS name is used to connect to the virtual machine.
Step 5 - Select image and size from the drop-down list. The size affects the cost of running the virtual machine.
Step 6 - Enter username and password. Don't forget to log into the virtual machine later.
Step 7 - Select the appropriate region.
Step 8 - Click on "Create virtual machine" and you are ready to use your new machine. Creating the machine will take a few seconds.
Create a virtual machine with advanced settings
Step 1 - Choose "Custom creation " instead of 'Quick creation ' in the options and you will be redirected to the next screen.
Step 2 - Choose an image from the list. In this screen you canNote that choosing an image is easier depending on its category displayed on the left side. Let's create a virtual machine for SQL Server for which we have chosen SQL Server on the left side and all the software in that category is displayed in the middle.
Step 3 - Click on the Next arrow.
Step 4 - Choose the release date of the version and enter the name of the VM.
Step 5 - Select the level. The size drop-down list would change the items depending on the level. In the basic version you will only get the first 5 options, while in the standard version you will get more options. It should be based on you and the requirements of your image. For example, in this case, let's choose SQL server. It requires at least an A4 machine with 8 cores and 14 GB of memory.
Step 6 - Enter the username and password and click on the flick Next.
Step 7 - Enter the DNS name which should be unique as mentioned earlier and select the region.
Under the storage account, it will show the storage accounts you have already created. As the next screen shows, an account name is displayed in the drop-down list which is a previously created storage account. You can choose an account already created. created or even use an automatically generated account.
Step 8 - Then the availability is set. This option allows you to create a set of virtual machines that will ensure that if a point unique fails, it does not affect your machine and continues working. Here we choose the option 'none '.
The last option is End Points. Endpoints are used to communicate with virtual machines through other resources that you can leave. In a following chapter, we will provide a detailed illustration.Here you can configure the endpoints.
Step 9 - Click Next and the virtual machine will be created in seconds for you.
Connecting to a virtual network
Step 1 - Create a virtual machine using the steps described previously. If you already have a virtual network created in Azure, it will be displayed in the highlighted drop-down list as shown in the next screen. You can choose the network as shown in the following image.
Step 2 - When you access your virtual network and your previously created management portal, click on 'Dashboard '. The virtual machine will be displayed in the resources of this network as shown in the following image.
Access to the virtual machine
There is a step by step guide on connecting to the virtual machine in the " Calculation module chapter earlier in this tutorial.to refer.
When creating a virtual machine, the following considerations should be taken into account -
Choose location according to user location to avoid latency issue. It is best to choose the region closest to the physical location of the end users.
You should review the costs that will be incurred based on the size you choose for the virtual machine beforehand, to make sure it is under control.
If you use the already created storage account, you will be able to manage things better.
Microsoft Azure - Configuration of endpoints
While creating a virtual machine, we come across a part where the endpoints can be configured. The two default endpoints enabled when creating a mavirtual china are Remote Desktop and PowerShell. What is an end point? A virtual machine on the same cloud can automatically communicate with each other. But in case we need it to communicate with our own computer, we will need an endpoint configured to achieve this. Essentially, it is about accessing the virtual machine through a port. An endpoint provides remote access to services running on a virtual machine. It has a public and private port which must be specified when creating an endpoint. Additionally, an endpoint can be accessed securely by enabling access control lists (ACLs).
In the next section, it is demonstrated how a new endpoint can be configured for a virtual machine that has already been created. However, this can also be done the same way as to create a new one in the configuration part of theassistant.
Step 1 - Click Virtual Machine in your Azure Management portal.
Step 2 - Click on 'Endpoint ' then on 'Add '.
Step 3 - Select " Add standalone endpoint "as shown in the following image.
Step 4 - Select the name from the drop-down list. You can also enter a custom name. Here, let's select Http from the options. It will automatically assign unused ports. Or you can enter it manually.
Step 5 - If you check 'Create a load balanced set ', this will distribute the load on the virtual machines. Leave it unchecked here as it can be configured later if needed.
Step 6 - The "Enable direct return from server" box is checked when the SQL server "Always enabled" function is required, so leave it unchecked.
Summerape 7 - Click on the Next arrow.
Endpoint Access Control
We may grant or deny service access to a host or individual network. If nothing is specified, the endpoint can be accessed from any host and network.
Step 1 - Select "Manage ACL" as shown in the following image.
Step 2 - Enter the deion of the access.
Step 3 - Enter the subnet mask.
Step 4 - Click Next and it's done.
Microsoft Azure - Connectivity point to site
In the last chapter, we saw how an endpoint can be created to access a virtual machine; it is quite a tedious task. If a virtual machine in a virtual network must be connected to a machine on site, point- Site connectivity is required. Point-to-site connectivity makes it very productive.tif working with remote virtual machines.
Basically an on-premises machine is connected to a virtual network using point-to-site connectivity. However, we can connect up to 128 on-premises machines to a virtual network in Azure. Access to the virtual network in the cloud is granted via a certificate. The certificate must be installed on each local machine that must be connected to the virtual network.
Enabling point-to-site connectivity on an existing virtual network
If you have already created a virtual network in Azure, you can access it in the management portal.
Step 1 - Log in to the Azure management portal.
Step 2 - Click on "Networks " in the left panel and select the network you want to work with.
Step 3 - Click on "Configure " as shown in the following image.
Step 4 - Check the boxse "Configure point-to-site connectivity ". This will allow you to enter the starting IP address and CIDR.
Step 5 - Scroll down and click on “Add Gateway Subnet”.
Step 6 - Enter the gateway subnet and click “Save.” The message displayed in the following screen will appear.
Step 7 - Click Yes and point-to-site connectivity is performed.
You will need a certificate to access your virtual network.
Create a new virtual network with point-to-site connectivity
Step 1 - Click New → Network Services → Virtual Network → Custom Creation.
Step 2 - Enter the network name, select the location and click Next.
Step 3 - On the next screen, select 'Configure a point-to-site VPN ' and click Next.
Step 4 - You can select or enter the starting IP address and select CIDR.
Step 5 - Enter the subnet and click on 'Add Gateway Subnet ' as before and enter the required information.
Step 6 - Point- connectivity to the site is complete.
Step 7 - Click on the network name, as it is 'MyNet ' above image.
Step 8 - Click on 'Dashboard ' as shown in the next screen.
You will see that the gateway is not yet created. for this to happen, you will need to generate a certificate first.
Point-to-site VPN only supports self-signed certificates.
Create a certificate
Step 1 - Go to the link msdn.microsoft.com or google 'Windows SDK for 8.1 '. Then navigate to the msdn link or the version of Windows you want to use the tool for.
Step 2 - Download the circled file as shown in the following image. It will be saved as an .exe file named sdksetup on your machine.
Step 3 - Run the file. When running the installation wizard, when you reach the next screen, uncheck the circled part. By default, they are checked.
Step 4 - Once the installation is complete, run the command prompt as administrator on your computer.
Step 5 - Enter the following commands one by one to create a root certificate
cd C: Program Files (x86) Windows Kits 8.1 bin x64 makecert - sky exchange -r -n "CN = MyNet " -pe -a sha1 -len 2048 -ss My
The first ch commandwill change the directory to the command prompt. In the above command, replace the highlighted part with the name of your network.
Step 6 - Then enter the following command to create the c ertificate client.
makecert -n "CN = MyNetClient "-pe -sky exchange -m 96 -ss My -in " MyNet "-is my -a sha1
Step 7 - Find 'mmc 'on your computer and launch it.
Step 8 - Click on 'File ' and 'Add / Remove Snap-in ".
Step 9 - In the screen that appears, click on "Certificate " then on "Add ".
Step 10 - Select 'My user account ' and click 'Finish '.
Step 11 - Expand "Current User " in the left panel, then "Personal ", then "Certificates '.
You can see the certificates here.
Step 12 - Clickright on the certificate and click on 'All tasks ' then on 'Export '.
Step 13 - Follow the wizard. You will need to name the certificate and select a location to save it.
Download the certificate
Step 1 - Connect you to the Azure management portal.
Step 2 - Go to the network and click on "Certificate", then on "Download root certificate".
Step 3 - Click on Browse and select the location of the certificate you just created.
Download the VPN Client package
The Client package VPN will connect you to the network.
Step 1 - Go to the network dashboard in the azure management portal.
Step 2 - Scroll down and locate the following options on the right side of the screen.
Step 3 - Select the option and download it. You will see a similar filee on your computer. Run and install it.
Step 4 - When you install it, Windows might try to prevent it. Choose "Run anyway" if this happens.
Step 5 - Navigate to "Networks" on your computer and you will see an available VPN connection as shown in the following image.
Step 6 - Click on this network as in this example “MyNet” and connect. You will be connected to the network.
Microsoft Azure - Site-to-site connectivity
Most organizations already have a network on their premises and would rather want to connect it to Windows Azure than to put everything on the cloud. It is also called hybrid network connectivity. It connects the virtual network in Azure to the local network. Setting up a site-to-site connectivity network is quite easy for someone who knows the basics of networking like IP addresses, subnetsand default gateways.
The items needed before configuring the network in this case are
- A VPN device that can be configured.
- External IP address for this VPN device.
Creating a Site-to-Site Connectivity Network
Step 1 - Select New → Network Services → Virtual Network → Creation custom
Step 2 - Enter the network name and select the region.
Step 3 - Enter the DNS name for name resolution if you want, otherwise you can leave it blank if you want it to be automatically done by Azure.
Step 4 - Check the 'Configure site-to-site VPN ' option.
Step 5 - Enter your VPN device details in the address space as shown in the following image.
Step 6 - Enter the details of your virtual network din the address space.
Step 7 - After entering the subnets, enter the gateway subnet of your virtual network.
Step 8 - Click on next and the network is created.
S tep 9 - Select the network and access its "Dashboard". You will need to create a gateway for this.
Step 10 - Click on "Create Gateway" at the bottom of the screen. Once the gateway is created, "Gateway IP address" is displayed on the next screen.
You can now configure the VPN device using the information.
Site-to-site connectivity is faster than point-to-site connectivity. This facilitates the transfer of data. You just need a shared key to access the network. Unlike point-to-site connectivity, you don't have to install certificates on each machine that you want to connect to the virtual machine. Inactually, the same shared key works for each machine.
Microsoft Azure - Traffic Manager
Let 's first see what service is provided by Azure traffic manager. Basically, this service balances the traffic load of services hosted in Azure. The routing policy is defined by the customer and the traffic to services hosted in Azure is redirected according to define policies. The traffic manager is a DNS based service. Thus, it will improve the availability and performance of the applications.
Let's see how to create and configure a traffic manager in Azure.
Create Traffic Manager
Step 1 - Log into the Azure management portal and click on “New” in the lower left corner.
Step 2 - Select Network Services → Traffic Manager → Quick Create.
Step 3 - Enter the DNS prefix and select the load balancing method.
There are three options in this drop-down list.
Performance - This option is ideal when you have endpoints in two different locations. When a DNS is requested, it is redirected to the region closest to the user.
Round Robin - This option is ideal when you want to distribute traffic between multiple endpoints. Traffic is distributed in a loop by selecting a healthy endpoint.
Failover - In this option one primary access point is configured, but in case of failure others terminals are made available as a backup.
Step 4 - Based on your requirement, you can choose a load balancing method. Let's choose the performances here.
Step 5 - Click Create.
You will see the traffic manager created and displayedin your management portal. Its state will be inactive until it is configured.
Create endpoints to monitor via Traffic Manager
Step 1 - Select the 'Traffic Manager ' in the left panel in the management portal you want to work on.
Step 2 - Select "Endpoints" from the top horizontal menu as shown in the following image. Then select "Add endpoints ".
Step 3 - The screen shown in the following image will appear. Choose the type of service and the items for that service will be listed.
Step 4 - Select the service endpoints and continue.
Step 5 - The service endpoints will be provisioned.
You can see that in this case the service 'tutorialsPointVM 'created in Azure will now be monitored by the managerof traffic and its traffic will be redirected according to the specified policy.
Step 1 - Click on "Configure" in the top menu bar as shown in the following image.
Step 2 - Enter the DNS lifetime (TIL). This is the length of time that a client / user will continue to use a particular endpoint. For example, if you enter 40 seconds the traffic manager will be polled every 40 seconds for changes to the traffic management system.
Step 3 - You can change the load balancing method here by choosing the desired method from the drop down menu. Here, let's choose 'Performance ' as chosen previously.
Step 4 - If you scroll down you will see the 'Watch Settings ' header. You can choose the protocol; enter the port number and the relative path.if of a service to monitor.
Microsoft Azure - PowerShell
PowerShell is a framework or you can say an interface created by the Azure team that allows the user to automate and manage Windows Azure services . It is a command line tool that uses s or cmdlets to perform tasks such as creating and managing storage accounts or virtual machines which can easily be done using the predefined commands.
Install Azure PowerShell
Step 1 - Log in to Azure Management Portal.
Step 2 - Click on "Downloads ".
Step 3 - In the following screen , search for 'Command Line Tools ', then search for “Windows Azure PowerShell.” Click 'Install ' in the list below to download the installer and install it.
You can also visit the link http://www.windowsazure.com/ en-us / manage / downloads / "
Connect to your subion
Once you have installed Azure PowerShell, you will need to connect it to your Azure subion.
Step 1 - Locate Microsoft 'Azure PowerShell ' in your programs.
Step 2 - Pin it to the taskbar. You can run it as ISE by pinning it to the taskbar in Windows 8. Either way, if it doesn't show the " Run ISE as administrator ”, it is in the programs. ISE makes it easy to copy / paste commands.
Step 3 - Right click on "Microsoft Azure PowerShell" and select "Run ISE as administrator".
Login you to your Azure account
Using Active Directory
To get started with Azure Tasks, you will first need to add your Azure account to PowerShell. You just need to do this step once on your computer and every time you run Azure PowerShell it will connect to the account in a tomato way.
Step 1 - Enter the following cmdlet in PowerShell.
Step 2 - The screen shown in the following image will appear and ask you your account identification information. Enter the credentials and login.
Step 3 - You are now ready to perform tasks in Azure using Azure PowerShell.
Using a certificate
In this method, you can download a certificate to your computer and connect to our account using that certificate.
Step 1 - Enter the following cmdlet inPowerShell. You will be prompted to save a file and the file will be downloaded to your computer with the extension. publishsettings .
You will see a similar file on your computer.
Step 2 - Enter the following cmdlet. The highlighted part is the path to the file downloaded in the previous step. Also replace the file name with your own
Import-AzurePublishSettingsFile C: Users Sahil Downloads BizSpark-11-5-2015credentials.publishsettings
Step 3 - Just to make sure everything went well. the following cmdlet. It will display your account and subion details.
You can add many accounts to Azure PowerShell.
Run the following cmdlets. Replace the highlighted part with your account ID. It will ask for your confirmation and it 's done.
Remove-AzureAccount -Name [email protected]
The following cmdlet lists all the commands available for Azure tasks.
Many tasks can be handled using PowerShell, such as creating and managing web applications, storage accounts, virtual machines, etc. In fact, many users find it faster and better than the Azure management portal. To manage Azure storage using PowerShell, see Table, Blobs, and Queues chapter.e this tutorial.
Microsoft Azure - Monitoring virtual machines
Monitoring virtual machines is important to keep track of its performance and health. Windows Azure provides an interactive interface to monitor statistics about virtual machine performance. The five key statistics are -
- Percentage of CPU
- Disk read bytes / sec
- Bytes of 'disk write / s
- Network in
- Network out
Monitor the VM in Azure Management Portal.
Step 1 - Log in to Azure Management Portal.
Step 2 - Access the virtual machine.
Step 3 - Select the virtual machine you want to monitor.
Step 4 - Select Monitor from the top menu as shown in the following image.
You can see 5 key terms on the'screen above. It looks pretty complicated at first glance, but when you look closely you can see that each line in the graph is a different color that matches the color of the term. For example, CPU Percentage is colored purple and the purple line on the graph represents it. The machine shown in the picture above is quite new. The following sections explain how the numbers are read.
CPU Percentage is the most common statistic to check when there is a performance problem in an application. It shows the CPU usage as a percentage. In the following image, you can see that in the last drop down in the upper right corner, 1 hour is selected and the highest usage is at 3:15, which is 0.13%.
Disk read bytes / sec
Disk I / O operations are another factor affecting performanceances. The disk read byte / second measures the amount of data read each second from the disk. If read operations are performed on the disk more frequently, performance issues can be resolved by using a faster disk.
Write-to-disk bytes / sec
Likewise, the write-to-disk byte / sec measures the amount of data written every second. If the application needs to write a large amount of data to the disk, a larger disk can be chosen.
In the picture above, you can see that the point the highest disk read is 218.35 bytes / s at 3:25. You can see the data of the last hour because "1 hour " is selected in the drop-down list. You can also see the data of the last hour. Last 24 hours and last 7 days.
Network traffic monitoring can be done by looking at the numbers "networken "in the" Monitor "section. Network input statistics can be either bytes or received TCP segments.
Network egress statics indicates the TCP segments sent per second. You can also see relative or absolute statistics by selecting an option from the drop-down box circled in the following image.
Likewise, you can choose the duration from the drop-down list highlighted in the following image.
You can also choose particular metrics, by clicking on "Add metrics" at the bottom of the screen. The following screen will appear , where you can check the metrics you want.
Enabling diagnostics allows you to collect logs. Azure will collect logs and store them in a storage account you specified. We can enable diagnostics by going to "p portalrevision ”. The diagnostic numbers aid in troubleshooting because error logs can be tracked in the storage account.
Step 1 - Switch to the 'preview portal '.
Step 2 - Locate the "Virtual machine (classic)" in the left panel.
Step 3 - Select the machine and "All settings".
Step 4 - Do scroll down and locate "Diagnostics." Select 'Diagnostic ' as shown in the following image.
Step 5 - Select" Enabled "in the next panel displayed on the right side. By default it will be disabled.
Step 6 - As it uses a storage account to store logs, you will need to configure the account setting. storage by clicking on the circled part button in the following image.
Step 7 - You can also select or deselect the tyeg logs you want to keep.
You will also see a panel at the bottom with the title "Monitoring". This section displays the same statistics as described in the section above.
These numbers help users identify the causes of an application 's performance slippage. They can also generate alerts for these features; they exceed the set limits.
Microsoft Azure - Configuring Alert Rules
While monitoring a virtual machine, we can see different metrics related to a virtual machine in Azure. Azure has also implemented a way to alert the VM administrator when these metrics exceed or exceed a specified limit via email. Setting up an alert can be very useful in notifying the administrator of issues that require special attention.
Step 1 - Accessz in the “Monitoring” section of your virtual machine.
Step 2 - Select the metrics for which you want to set an alert.
Step 3 - Select "Add rule " at the bottom.
Step 4 - Enter the name of alert and enter other information.
Step 5 - In the next screen that appears, select the condition. It can be greater than, less than or equal to.
Step 6 - Enter the threshold value which will be in percentage. In this example, let's enter 85 which means you will receive an email when the CPU usage of your virtual machine averages 85% in the last 10 minutes.
In addition to sending the alert email to the department administrator and co-administrators, you can receive an alert in another email.
You can set a maximum of 10 alerts for each yearsimply. Alerts can be sent to administrator's email address plus an additional email provided when setting up an alert.
Likewise, you can set alerts for other Azure services like web apps and mobile apps.
Microsoft Azure - Application Deployment
In this chapter, we have different ways to deploy an application on Windows Azure. When we say application, it can be a web application or a mobile application. Previously, web applications were called websites, but now everywhere they are called web applications. We will discuss how to deploy apps from Visual Studio and the Management Portal in the 'Websites ' chapter.
Deploying a Web Application from PowerShell
To get started with PowerShell, see the "PowerShell" chapter of the tutorial. To deploy a We siteb From PowerShell, you will need the deployment package. You can get it from your website developers or from you if you are in web deployment you know how to create a deployment package. In the following sections, you will first learn how to create a deployment package in Visual Studio, and then use PowerShell cmdlets, you will deploy the package to Azure.
Create Deployment Package
Step 1 - Go to your website in Visual Studio.
Step 2 - Right click on the name of the application in the solution explorer. Select "Publish ".
Step 3 - Create a new profile by selecting "New Profile " from the drop-down list. Enter the profile name. There may be different options in the drop-down list depending on whether the websites are previously published from the same computer.
Step 4 - On the next screen choose 'Web Deploy Package ' in the publish method.
Step 5 - Choose a path to store the deployment package. Enter the site name and click Next.
Step 6 - On the next screen, leave the defaults enabled and select 'publish '.
When done, in the folder in your chosen location you will find a zip file that you need during deployment.
Create a website in Azure using PowerShell
Step 1 - Enter the following cmdlets to create a website. Replace the highlighted room. This command will create a free subion website. You can change the subion after the website is created.
New-AzureWebsite -name "mydeploymentdemo " -location "East US "
If the cmdlet is successful, you willerr all information as shown in the image above. You can see your website url like in this example, it is mydeploymentdemo.azurewebsites.net.
Step 2 - You can visit the url to make sure everything went well.
Deploy website using deployment package
Once the website is created in Azure, all you need to do is copy your website code. Create the zip folder (deployment package) on your local computer.
Step 1 - Enter the following cmdlets to deploy your website.
Publish-AzureWebsiteProject -name "mydeploymentdemo " - package "C: Users Sahil Desktop deploymentDemo MyWebsiteOnAzure.zip "
Here in the command above, the name of the site which has just been created is given and the path of the zip file on the computer.
Step 2 - Go to your site 's URL. You cansee the website as shown in the following image.
Microsoft Azure - Backup and restore
Azure backup can be used to back up data to site in the cloud. Data is stored in encrypted mode. The following sections provide a detailed illustration of how to do this using Azure. In this process, we will first create a backup vault where our data will be stored and then see how the data can be backed up from our on-site computer. The backup agent that is installed on the computer, first encrypts the data and then sends it to the network to the storage location in Azure. Your data is completely safe and secure.
Create Backup Vault
Step 1 - Connect to your management portal.
Step 2 - In the lower right corner, select New → Data Services → Recovered Servicesration → Backup Vault → Quick creation.
Step 3 - Enter the name of the safe and select the region. It will be created and displayed in your portal. management.
Step 4 - Select the vault and click on "Download vault credentials " as shown in the following image .
Step 5 - It will save a credentials file to your computer.
Step 6 - Now scroll down the same page in Azure and you will see three options under “Download Agent.” Select an appropriate option. Let's choose the third option from the list in this example.
Step 7 - The configuration Agent will be registered on your computer. You will need to install it following the wizard. There is nothing very specific about the installation process.
Step 8 - At the end of the installation, you glassz a button at the bottom of the "Proceed to recording" pop-up window. Click this button and the following screen will appear.
Step 9 - The first step is to identify the safe. Browse the credentials file on your computer that was saved in the last step.
Step 10 - The next step of the recording wizard is to choose the encryption setting. You can enter your own phrase secret or let the wizard generate it itself. Here choose "Generate Passphrase ".
Step 11 - Find the location where you want to save passphrase. It is very important to keep this passphrase file safe as you will not be able to restore backups without it.
Step 12 - Click Next and the file will be saved to the selected location.
Schedule a backup
After completing the wizard in the above section, you will see the following program that was installed in the previous step, running on your computer. You will come across the selection of your computer's data folder that you want to back up to Azure and the backup frequency in this wizard.
Step 1 - Click on "Schedule backup" in the right panel.
In this example, let's select the data folder named 'QServicesManagementSystem '.
Follow the steps that appear on the screen and are completely understandable. You are allowed to backup 3 times at most and you can choose between daily and weekly frequency.
Step 2 - In the next step, select the retention period of backup to your online storage. Set it as needed.
Step 3 - You can choose "Save nowant ”in the left pane of the Backup Agent. This will save a copy of your data at that precise moment. Then you can see it in your management portal by selecting the save vault and going to its dashboard.
You can see in the following image that 'There is an item listed in ' Jobs 'section because the data was backed up by selecting ' back up now '. This section will show all activities of the backup job. Backup schedule details are displayed in the "Status" section.
Step 4 - You can recover data by selecting "Recover data" in the backup agent and following the 'assistant.
Microsoft Azure - Self-service capabilities
Self-service capabilities here refer to the ability to manage group, user profile, and passwords.are useful in reducing costs and work of IT departments. It improves user experience and takes away the unnecessary hassle of asking administrator permissions. Self-service capabilities allow users to manage the mentioned services without compromising system security. Everything takes place within the rules defined by the organization.
Suppose that few people in an organization want to create a group where they can connect to each other for a certain period of time. Usually they will have to ask the administrator to create a group for them. But in Azure Active Directory, one person can create a group and others can join the group without having to ask the administrator. Also, the group owns and can transfer the ownership of the group to someone else by himself.
Azure Active Directory offers the services that allow users (customer employees or application users) to manage their password on their own. End users can perform an auto-inion to reset the password. In addition, this service includes resetting and changing the password by end users.
Self-service capacity policies are fully controlled by Azure Active Directory administrators. They can configure policies according to their organization's policy. They can view reports on resets, end user password changes, etc. In this way, administrators can monitor user activities for the management of their account, even after making them self-service capable.
To use this service, organizations must subscribe to the basic or premium version of AzureActive Directory. A detailed demonstration of self-service password reset and group management using Azure Active Directory can be found in a separate chapter of this tutorial.
Microsoft Azure - Multi-factor authentication
All of us at some point have encountered multi-factor authentication. For example, customers of some banks receive a call or one-time password as a text message on their mobile phone when they log into their online banking account. Multi-factor authentication refers to the system in which more than one system authenticates the user to access an application. Multi-factor authentication provides better security for Azure customers. It allows the customer to choose whether they want to use more than one credential system to allow users to access the applications. The authenticityMultifactor fication can be used to protect both on-premises and cloud directories.
In this process, the user first logs in with the username and password in the normal way. The credentials are verified, and then if automatic call authentication is enabled, the user receives a call and is prompted to confirm the connection attempt.
Mobile app - Mobile apps for all platforms (Android, iOS and Windows) are available. This app sends a notification when a login attempt is made, then the user can choose to authenticate, if it is a real attempt.
Text Message - This method sends a one-time password to the user's registered mobile phone. They answer from their phone or type in the passworde single-use on their login page.
Automated call - The automated call asks the user must validate the connection attempt by pressing a key on the keyboard of his phone.
Create Multi-Factor Authentication Provider
Step 1 - Click 'New ' in the corner lower left → App Services → Active Directory → Multi-factor authentication provider → Quick create.
Step 2 - Enter the name of the provider.
Step 3 - Select the usage template. Let's choose "By Authentication " for this example. Please note that you will not be able to change the usage template once the multiple authentication provider is created. consider your needs before choosing it.
Step 4 - Then there is an option, whether you want to link the existing directory or not. Here, lionsan existing directory name "tutorialspoint" that was previously created at this multifactor provider.
Step 5 - After clicking on "Create", it will be listed in your list of services. Select the multifactor supplier you just created and you will see the following screen.
Step 6 - Select 'Manage ' at the bottom of the screen and you will be taken to a new page as shown in the following image.
Step 7 - Select "Configure" to choose authentication.
Step 8 - You can set the number of attempts, change the phone number from which the call is made (the default number is already there), two-way message timeout (the default is 60 seconds), One-time password timeout (default is 300 seconds) in general settings. You can also provide ae-mail address where you can be notified if a one-time password is bypassed.
Step 9 - Scroll down the page and you will see the fraud settings. Under Fraud settings you can choose to allow users to send fraud alerts, block the user if an alert is reported and also to define an email address to which alerts are sent.
After enabling multi-factor authentication for users, they will be asked to choose one of three methods (automated message, SMS, or mobile app) the next time they log into their account. The chosen method will be used to authenticate them each time they log into their account.
Enable multi-factor authentication for existing directory
One way is to bind the directory to multiple -factor authentication providers when it is created, such as we have itseen in the previous section. However, you can also do it in the following way for a particular user.
Step 1 - Navigate to your directory by choosing it in the left panel and click on 'Manage MultiFactor Auth ' at the bottom of the screen.
Step 2 - This will take you to the next screen. Here you can select the user and enable or disable multi-factor authentication for the user.
Enable multi-factor authentication for on-premises applications
When you create a new multiple authentication provider at using the management portal and select to manage it, you are redirected to the page as shown in the first section of this chapter. If you want to enable multi-factor authentication for your on-premises application, you need to install the authentication server by clicking on the highlighted link.te, you can configure the parameter as you want.
Step 1 - Click on the link circled in the following image.
Step 2 - You will be taken to the next screen, download the configuration and generate the activation credentials in order to connect to the server.
Microsoft Azure - Forefront Identity Manager
Forefront Identity Manager (FIM) is an identity management software that manages user profiles on the organization's premises. is also known as Microsoft Identity Manager (MIM) or Microsoft Forefront Identity Manager (MFIM). We have already discussed Azure Active Directory in this tutorial. FIM is an on-premises version of Azure Active Directory. This software existed long before the launch of Windows Azure services, and as cloud services evolved there was a need to manage user profiles in Azure as well.Microsoft has improved the software with the ability to link it to Azure Active Directory.
Imagine a situation where a company has partial data or extended infrastructure in the cloud. This raises the need to provide access to end users in both locations (on-premises and in the cloud). FIM allows users to securely access data in the cloud. It also manages synchronization. It is a very simple interface to create users, set password and allow users to reset their own passwords.
Experts find FIM less complex and easy to use compared to other identity management software. It is also easy to use synchronies and to use in the environment where Microsoft products are used.
FIM can be connected to Azure Active Directory using the Forefront Identity Manager Connector for Windows Azure Active Directory . This tool is used to synchronize on-premises data in FIM with Azure Active Directory.
Once you have downloaded and installed the tool, you just need to follow the wizard, in order to connect your FIM information with Azure on-cloud Active Directory.
Microsoft Azure - Data import and export job
This is a very useful service for customers in case a large amount of data is not accessible over the network from their storage account. Azure offers customers the option of putting their data on a hard drive and shipping it to Azure data centers. data is then uploaded to their storage account. Similarly, if the customer needs to upload data that is not viable.them over the network, it can ship an empty disk drive to the datacenter and the Azure team will copy the data to that drive and send it back to the customer. In both cases, the data is encrypted.
Data export task
Suppose you have a large amount of data in your Azure storage account and you want a copy of that data.
Create Export Job
In this process you will receive a shipping address, where empty hard drives should be shipped.
Step 1 - Log in to the Azure management portal and select “Storage” from the left panel.
Step 2 - Select the storage account.
Step 3 - Click on "Import / Export" from the top menu.
Step 4 - Create "Export job".
The following l 'screen will appear.
Step 5 - By clicking on the next arrowante, you will see the following screen, where you will need to provide your contact and shipping details.
Step 6 - In the next screen, you will need to select the blob data you want to export. You can specify the path or choose to export all blob data from the storage account.
Step 7 - Enter a name for the job in lowercase. The address you can see here is the address the hard drives should be shipped to. This address is based on the location of my storage account.
Step 8 - In the next step you will need to provide the hard drive shipping details for delivery to the datac enter and return to your location.
Step 9 - Click next and you are done.
Hard drives to ship
To determine the number of hard drives you need for Blob data, you will need to use Microsoft Azure Import / Export Tool . You will need to download and install this tool on your machine. Only 3.5 inch SATA I / II hard drives are supported up to 6TB.
Ship hard drives
You must ship hard drives to 'delivery address obtained when creating the export task. Then you need to go back to the management portal to enter the tracking number, in case you chose to provide the tracking number after shipment in the screen above.
You will need to enter the decryption key before reading data from hard drives. You can get the decryption key from your management portal by selecting the name of the task.
Import data task
If you want to store large amount of data on your storage account, you can To do this, save it to hard drive and sendthe at the data center.
Prepare the hard drives
You will need to use Microsoft Azure Import / Export Tool to prepare the hard drives. As mentioned in the previous section, only 3.5 inch SATA hard drives are supported for this purpose. This process will create a drive log file that you will need when creating the import job in the Management Portal. The log file will be saved to your computer.
Create an import task
Step 1 - Log in to the management portal and go to the storage account.
Step 2 - Select "import / export" at the bottom of the screen.
Step 3 - Select 'Create Job Import '.
Step 4 - Check the box and click Next.
Step 5 - In the next screen, fill in the details of the return shipping address. Enter the details and clickon Next.
Step 6 - Download the drive log file created during hard drive preparation.
Step 7 - Enter the import name for the task.
Step 8 - Enter the shipping details for the delivery of the hard drives to the data center and return to your location.
Ship the hard drives to Data
Ship the hard drive to the address obtained when creating the import task in the management portal. Enter the task shipment tracking number in the management portal to complete the task.
Microsoft Azure - Websites
There is a detailed deion of building websites in Azure in the chapter “Compute module.” Azure website service is named “Web Apps ” all over the management portal, make no mistake about it This chapter has some other terms associated with Azure websites. In a hosting environmentNormally, developers usually experience issues when deploying their websites to production. The Azure Websites service ensures that developers have the fewest problems when deploying their websites. In addition, the Azure website service falls under PaaS (Platform as a Service). This means that websites can be deployed without actually having a full-fledged infrastructure.
Create a website in Azure Management Portal
To reconnect to the creation of the website, let's take a look at these steps of creating a website in the portal of Azure management.
Step 1 - Log in to your management portal.
Step 2 - Click on 'New ' in the lower left corner of the screen → Calculate → Web Applications → Quick Create.
Step 3 - Enter the details as shown in the image above and click on "Create Web Application ".
Step 4 - Return to the websites in your management portal and you will see it listed. Click on the URL.
You will be redirected to the website you just created.
Deploying Azure website from Visual Studio
Let's publish our website to from Visual Studio in the domain name we just created. After creating a website or web application in Visual Studio.
Step 1 - Go to Solution Explorer and right click on the name of the website / web application.
Step 2 - Choose ' publish '.
Step 3 - In this step, you need to login to the Azure subion account in order. Click 'Import '.
Step 4 - Click on " Add Azure subion ".
Step 5 - For the first time, you will need to 'Download the d file'subion '.
Step 6 - The above step will download a file with the .publishsetting extension to your computer (if you don 't 'not logged in, it will ask you to log in before downloading).
Step 7 - Return to the same pop-up window and now find the file that just downloaded.
Step 8 - Now expand the drop down list and you will see the websites available in your subion . As in the image below, you can see two websites. Let's select 'tutorialsPoint '.
Step 9 - On the next screen, leave the defaults enabled. There are many options for public methods. We need the "Web Deploy" method here. Click on "Confirm connection ".
Step 10 - On the next screen, again leave the defaults enabled.
Step 11 - Finally on the backdeny screen, click publish.
Step 12 - Go to website url and you will see your content.
You can see how easy it is to deploy a website in Azure using Visual Studio. You can make changes in Visual Studio and publish it from there. This makes the test very easy applications.
In the management portal, if you access the website dashboard, you can see the numbers related to the website. You can control a lot of things related to your website from this section of your management portal.You can view website statistics, create a backup, configure settings and scale the website.
Step 1 - To see website statistics, select Monitor from the top menu and you will see the following screen.
Step 2 - Go to ifte Web and select "Dashboard " from the top menu.
Step 3 - Scroll down and you will see the following information.
Publishing in stages
Windows Azure allows the deployment of a website in stages. You can create the deployment locations.
Add deployment location for testing before production
Basically this feature allows you to deploy your website in a separate location for testing and then change the 'location. If something is wrong, you can just revert to the previous version by changing the location. Sometimes applications do not behave as expected on a large scale, this feature comes in handy in such situations. makes deployment tasks very easy for developers and organizations.
Microsoft Azure - Scalability
Scaling ist System adaptability to the changed amount of workload or traffic to the web application. One of the great features of the Azure service is its ability to scale automatically according to the demands of the use of the application.
Basically increasing or decreasing resources for the application is called scaling. The instance is created every time a web application is deployed. Creating the instance means assigning a server to this application. Increasing the instance means adding the affected servers to this application. Scaling is done by creating more instances, which is called scaling . Another way to achieve scaling is to provision the larger role instances, also known as scaling .
Setting up scaling is easier in Azure than in hosting traditional. The main server does not need to be stopped. It also eliminates the physical constraints of adding resources.
Scaling capabilities depend on the app service plan you choose in Azure. Th There are five app service plans in Azure -
| || Maximum number of occurrences || Update autoscale supported |
| Free || 1 || No |
| Shared || 1 || No |
| Basic || 3 || No |
| Standard || 10 ||Yes |
| Premium || 50 || Yes |
In the free and shared service plan, you cannot scale the app because only one instance is available. In the basic plan, you can scale the app manually. It means that you need to check the metrics manually to see if more instances are needed, then scale them up or down from your Azure management portal. In both standard and premium plans, you can choose to scale automatic according to a few parameters.
To see all the options available in the different plans -
Step 1 - Access your web application in the portal management and select 'scale ' 'from the top menu. You can see under the free service plan that only one instance is created.
Step 2 - As part of a plan bytage, you can create 1 instance but you don't have the autoscaling option.
Step 3 - As part of the basic service plan, you can create up to 3 instances, but you have the auto-scale option. This means you can manually scale up the instances when you need it. Additionally, you can choose the instance size.
Step 4 - As part of the standard service plan, you can choose autoscaling based on -
percentage of CPU - You can choose to scale up the instances based on the average percentage of CPU over a specified period of time. In the following image, you can see that we have chosen to increase the number of instances up to 3 if the average CPU usage is between 60% and 80%.
Schedule - You can set the number of instances that will bewould operate on a particular day of the week or at a particular time of day. In addition, you can specify the dates when you need to increase instances.
Here the premium option for this app is not discussed. You can see different options depending on your subion for the plans service. But the concept will remain the same.
Things to consider
You can modify the service plan even after have created it.
All instances are from the same service plan. You cannot have one shared instance and another standard for the same application. cannot combine and match instances from different service plans for the same application.
Even if you have opted for autoscaling, you must monitor the metrics and performance of your application toget the most out of Azure. This way, you could save money and optimize application performance.
Microsoft Azure - Disk Configuration
You would have noticed that we can attach a disk to a virtual machine that we create in Azure. We will discuss these discs in this chapter. The disk here refers to data disks that can be stored on Azure. All types of disks are virtual hard disks with .vhd extensions. Vhds is the image file that stores the contents of the physical hard drive. These are therefore images of the files, which we usually find on our computer's hard drive. There are two types of virtual hard disks -
- Operating system VHD and data disks
- Image VHD
Based on scalability, there are two types of virtual hard disks -
- Sizee fixed
- Dynamic expansion
Azure only supports fixed size virtual hard disks. If you need to download an expandable VHD, you will need to convert it to a fixed size VHD first. The maximum size supported by Azure is 1 terabyte for a disk.
Virtual machine and disks
When we create a virtual machine, it always resides in a storage account in an Azure account. If there is no existing storage account in Azure, when attempting to create a virtual machine, Azure will automatically create one. If you already have a storage account, it will ask you to choose the storage account when creating a virtual machine. There is a detailed procedure on creating a virtual machine in this tutorial.
Create / Attach a disk in a virtual machine
Step 1 - Go to the virtual machine.
Step 2 - Sselect "Dashboard" from the top menu.
Step 3 - Click on "Attach disk '→ Attach empty disk at the bottom of the screen.
Step 4 - Enter details in the next screen that appears.
It will take a few seconds to attach the disk to the virtual machine .
Configure the disk in the virtual machine
Step 1 - Connect to the virtual machine via the .rpd downl file on your local machine.
Step 2 - In the virtual machine, right click on the Windows icon in the lower left corner and select "Disk Management".
Step 3 - You will see a message stating that the disk is available on the screen. This is the same disk you attached in the previous step.
Step 4 - Before you can use it, you must allocate it. You will see that it is still nots allocated. Scroll down on the same screen and locate the disk as shown in the following image, it is disk 2. Right click on it and select "New Simple Volume".
Step 5 - Follow the wizard. It will ask very general questions, like naming the drive and file system. In the last screen, make sure to keep the quick format option checked.
Step 6 - Once the wizard's work is done, you will be ready to use the disk. In this example, we have created drive “F”. You can create the folder and files or copy your data to drive F.
You will need to locate the disk first to delete it. It is very important to locate the correct disk. When you create a virtual machine, you select the corresponding storage account. The disks reside in the comstorage pte.
Step 1 - Access the virtual machine storage account.
Step 2 - Click on "Containers " in the top menu.
Step 3 - Click on vhd.
Step 4 - All vhds in this storage account This list will also contain vhds from other virtual machines, so be very careful in selecting the vhd.
Step 5 - Select the vhd you want to remove. You must know the name of the disk in order to identify it among the different vhds in the list (when you attach the disk, you are prompted to enter the name of the disk).
Create an image of the virtual machine
Step 1 - Access the management portal.
Step 2 - Select the desired virtual machine to create an image of.
Step 3 - Click on "Dashboard " in the menuu superior.
Step 4 - Click on the 'Capture ' icon at the bottom of the window.
Step 5 - Name the image and enter the deion.
Step 6 - Once the capture is complete, find the image, follow the points given below -
Create an image from your Computer
This is done via the sysprep tool available in all Modern Windows operating systems.
Step 1 - Go C Drive -> Windows -> System32 → Sysprep
Step 2 - You can also copy the following path in the C address bar: Windows Sys tem32 Sysprep
Step 3 - Run the application 'sysprep'. This will create a VHD file on your computer thati is the image of your machine.
You might be confused with vhds names, when you have multiple virtual machines under the same storage account. To know the names of the vhds associated with a particular machine is to run the "Get-AzureDisk" cmdlet in Windows PowerShell. This cmdlet will give you full details of the disks for each virtual machine.
Step 1 - Run the following command
Step 2 - Locate your virtual machine name in the list. Under this virtual machine, check the disk name and medial link for your name and vhd link.
Microsoft Azure - Disk Caching
We saw in the previous chapter "Disk Configuration" how we had to choose the cache preference for the disk we attached. By default, vs'is "none ". We can choose read only or read / write as per our requirement. This chapter explains how this setting affects the performance of I / O operations.
Normally, cache settings are greatly improved when read-write operations with large amount of data are performed. However, if a lot of random I / O operations are performed, disabling the cache is preferable because cache operations incur a charge based on the number of transactions. Random operations will not provide any significant performance improvement.
The read cache improves performance, when data is read before, during I / O operations, and stored in the cache. The cache should also be h big enough to store all the data.
For all operating system disks, caching inmemory is performed by default unless it is manually disabled by the user. If lots of random file I / O operations are performed on operating system disks, it is best to move them to a data disk where the default cache is disabled. Cache settings can be manipulated using PowerShell commands, APIs, and the Azure management portal. We can set the cache from the management portal when creating virtual machines and data disks.
Microsoft Azure - Customize access
We have two portals to access and manage our Azure service by logging into our Azure account. The Azure management portal has some responsiveness issues, which is why a second portal called the preview portal was designed. The preview portal was launched later to improve the user experience on tablets andmobile devices.
Customers, who manage their services through the Azure portal, come here often and the Azure team has planned for customizing the look of the Azure preview portal. Users can choose the color and features to display on the dashboard, making it easy for them to navigate portal services. Let's see what can be customized in the Azure preview portal.
You can connect directly to the preview portal by visiting https: //portal.azure.com/ " and using your Azure account or you can access it from the Azure management portal. The Azure team continues to make small changes, but the overall concept remains the same. So when you try to customize your portal it might look a little different, but the basic functionality remainshave the same.
Step 1 - Log in to the Azure management portal.
Step 2 - Switch to Azure preview portal by clicking on your photo and choosing "Switch to Azure preview portal".
Step 3 - You will see the following screen which is your Azure account dashboard. The tiles in the middle of the screen represent some of the common tasks performed by the Azure preview portal. To customize these tiles, click the circled "Settings " icon.
Step 4 - This will take you to the next screen. You can enlarge the screen by clicking on the circled button. You can choose from the available themes which will change the background color of the screen. On the same screen, you can choose to show / hide the order labels that show the name of the order. Likewise, you can enable / disable animations.
Step 5 - If you scroll down you will see an option to change the language.
Step 6 - You can also change the size of the thumbnail. You can enlarge or reduce it. For example, on the next screen if you want my resource groups to be larger -
Right click on the thumbnail and choose customize.
Otherwise, choose 'customize ' in the top strip of the tile. It will appear when you hover your cursor over it.
Choose the size of the tile. Click "Done "at the top of the screen.
Step 7 - You can also customize your dashboard by moving the tiles as you want. You just need to drag and drop the thumbnail to another location on the screen.
Step 8 - You can pin the one of your sources in the dashboard.
Access the resource. Right-click on it or click on the three dots.
Click " Pin to board "dashboard.
When you return to the dashboard by clicking on " Microsoft Azure "in the upper left corner, you will see the resource there as shown in the following image.
Azure - Customize Company Branding
When a company has many applications, it may want to display the appearance of the company on the login page of these applications. There could be several goals behind this, including marketing. Companies that use Azure Active Directory for identity management can do so by customizing the appearance of the login page.
This feature is available for basic and premium editions of Azure Active Directory. You will not find it in the free edition.
If you don 't haveDo not have a subion to the basic or premium edition, you can have a free trial of the premium edition.
Azure Active Directory (ADD) Premium Edition active free trial
Step 1 - Log into your Azure management portal.
Step 2 - Go to the Azure Active Directory you want to work with.
Step 3 - Click on the "Licenses " tab in the top menu, as shown in the following image.
Step 4 - Click on "Try Azure Active Directory Premium now" and it will be activated for this directory.
Refresh your page as it may take a few seconds to update and display on your portal. Once activated, you will see the plan under the "Licenses " tab.
Before proceeding, make sure that the images (logo, background, square background) you want to display on the page ofconnection are the correct size and dimension. If you are not careful with this, you would waste your time uploading images and eventually you will find that the branding changes are not made. Here are some specifications -
| Image || Size in kb || Recommended dimensions || Maximum dimensions || Supported format |
| Logo || 5 -10 || 60-280 || 60-300 || png / jpeg |
| Square logo || 5-10 || 240-240 || 240-240 || png / jpeg |
| Dark square logo theme || 5-10 || 240-240 || 240-240 || png / jpeg |
| Illustration of the login page || 500 (300 recommended) || 1420-1200 || 1420-1200 || Png / jpeg / gif |
Step 1 - Access the directorydirectory you want to work with.
Step 2 - Click on the "Configure" tab in the top menu.
Step 3 - Click on the "Customize brand" button. The following pop-up window will appear.
Step 4 - Enter details and upload images.
Step 5 - Click Next and enter details.
Once you are done, look for notifications at the bottom of the window to make sure the changes are accepted. In the following image, you can see a notification in a red outline which shows that it was not successful on a previous attempt and generated an error. If the changes are not accepted, a If an error occurs, click the "Details " button to find the cause. This usually happens when the size and dimension of the images to be uploaded are not correct.
Connexion with a custom login page
When you log in to your organization 's application, you will see your logo, large artwork image and login text on that page. For example, let's sign in to Office 365 using the organization account.
Items to take into account
The domain name must be active.
It may take up to 'at a time for the changes to appear on the login page.
To test, choose ' in private session of Internet Explorer (or corresponding session in another browser where cookies do not affect your browsing).
Azure - Self-service password reset
Users of your directory can be allowed to reset their password, if they forget their password, in a few steps rather than having to ask the administratorur doing it for them. This saves time and costs for the IT department or help desk responsible for these types of tasks in an organization. The administrator can set the password reset policy. This service is available in the basic and premium editions of Azure Active Directory. In the chapter "Customizing the corporate image", a little "how" to get a free trial of the premium edition of Azure Active Directory is included.
Step 1 - Log in to the management portal.
Step 2 - Go to the active directory.
Step 3 - Click on the 'Configuration ' tab.
Step 4 - Scroll down and locate the heading "User Password Reset Policy".
Step 5 - Click on "Yes " to allow users to reset the password as shown in the next image and scroll down to set policy.
Step 6 - You can choose to allow users to reset their password in certain groups.
Step 7 - Refer to the image above; you have Choose from four options to authenticate password reset. For example, let's choose two here. In this case, users will be able to use their mobile phone or other email address to verify password reset.
Step 8 - In the "Number of authentication methods required " drop-down list, if you choose 2 that users will need to provide two credentials (for example, mobile phone and desk phone). In this example, let's leave it as is.
Step 9 - Next option is whether you want them to sign up for the reset or notisation of their password. If you choose "No ", the administrator will have to do it for each user individually.
Step 10 - Link "Customize " Contact your administrator ". You can give a specific webpage link or email id which the user can contact when he has a problem resetting his password.
Step 11 - Click on "Save " at the bottom of the screen .
The next time users log in to access their account, they will be prompted to register for the password reset service where they can enter their phone number or email address. -mail. This information will be used when they forget / lose their password. In this example, as a defined policy, they can choose from one of the verification code options, via a call on their phone mobile, atext on their mobile phone or via email to another email address.
Azure - Self-service group management
Users can create groups themselves in the access panel. Let's see how to allow users to create and join groups.
Configure Rules for Self-Service Group Management
Step 1 - Log in to the management portal.
Step 2 - Go to Active Directory.
Step 3 - Click on the "Configure " tab in the top menu.
Step 4 - Scroll down and locate the heading "group management". Here you can choose to let users create and manage their own group. There are 6 things you should define under this heading. The Azure team continues to add the features.
Step 5 - The first option is 'Delegated group management enabled '. If youchoose yes, this will allow you to transfer authority to manage groups to users through access panel, which is the main purpose.
Step 6 - The second option is whether users can create security groups.
Step 7 - The third option is that you can choose to allow all users to manage groups or some of them. If you choose “Some”, you will need to specify the group.
Step 8 - The fourth option is, it allows you to enable / disable users to create groups in Office 365.
Step 9 - The fifth option is, if you want to allow certain users to create and manage groups for Office 365, you will need to specify them.
Step 10 - The last option is to activate the dedicated group. If you choose to enable them, you will be prompted to add group members.
AOnce the changes have been made, a "Save" button will appear at the bottom of the screen to save the changes.
Microsoft Azure - Create a group
In this section, we create a group. The user who creates the group is the owner of the group and can add or remove members from the group. Since we allowed users to create their own group in the previous step, any user in this directory can create and manage a group.
Step 1 - Access the access panel by visiting myapps.microsoft.com
Step 2 - Log in to your azure account.
Step 3 - At the top you will see “Groups”. Click on it to create a new group.
Step 4 - Choose "My groups / All " in the drop-down list at the top.
Step 5 - Click on "Create un new group ”.
Step 6 - The following screen will appear. Enter the name and deion of the group.
Step 7 - You can allow all users to join the group or choose them to seek approval from the group owner before joining the group. I chose the first option where owner approval is required. This means that users who want to join the group other than the added users will need to request approval.
Step 8 - Choose the desired option and click on "Create ".
Step 9 - Return to the “Groups” page. To add members to the group, select the group. In this case, let's select 'Developers Group '.
Step 10 - Click on "Add members ".
Step 11 - The following pop-up will list all users in the directory.can add members by clicking on their name.
Step 12 - You can add / remove a member, change the group deion and delete the group on this page. You can also designate someone else as the owner of this group.
If any ' one wants to join the group, he will ask for owner approval.The owner will get a notification and see the request in the "approvals " tab of the access panel as shown in the image below Also, if someone has requested to join a group owned by someone else, they will see their requests here.
Microsoft Azure - Security Reports and Alerts
Azure Active Directory enables the administrator to view security reports containing different types of data.
It contains all the data of attempt to connection, which is normal. If the system detects someSomething abnormal during connection, it is collected in the bug report. There are 9 types of reports available in this category, as you can see in the following image.
To view these reports -
Step 1 - Login to the management portal and navigate to the active directory.
Step 2 - Click on the "Reports " tab in the top menu.
Step 3 - Click on one of the categories for which you want to see data under "Abnormal activity ".
On the same screen, if you scroll down you will see some reports under "Activity report". These are the activities like reset password, registration, etc. Each report name is meaningful. Currently there are 4 types of reports in this category.
If you click on one of them, the details will appeartront as in the following image. Here, let's look for the audit report. You can see that an activity has occurred. All other types of reports are listed in the left panel where you can easily browse them. You can also download the report in CSV format by clicking the 'Download ' button at the bottom of the screen.
This category contains the cloud app usage reports in the organization. This category provides an interactive way to monitor application usage.
For example, in the next screen, when you click on "Use the application " in the left panel, you can see that there are 12 connections in the application access panel and 3 in the Visual Studio application.
Search activity d 'a particular user
Azure Active Directory provides another funcUseful feature that allows the administrator to search for activity for a particular user. As soon as you click on "Reports" in the top menu, you will see the following screen. You only need to enter the display name of the user or the principal name of the user. You will see all the activities in the directory.
In the screen above, we did a search by entering the user 's display name and details of User activity with time and date are listed on the screen.
Azure Active Directory Editions and Reports
All types of reports are not available in all editions of Azure Active Directory. The following table lists the types of reports available in three editions of Azure Active Directory.
Microsoft Azure - Recovery orchestrated
Orchestrated recovery is one of the functionalitiestees of the Azure Site Recovery service. Azure Site Recovery automates the recovery of applications in the event of a failover at the primary site. This recovery is done in a coordinated fashion to restore applications even if they have a multi-level workload. With multi-tiered applications, coordinated recovery is essential for quickly restoring service, which is a difficult part of IT recovery and disaster tasks. However, with cloud technology, it has become a very simple and easy task.
To enable orchestrated site recovery, you must create a recovery plan. This can be done in the Azure Management portal. Plans created for disaster recovery can be tested without disrupting service.
Create Site Recovery Vault
Step 1 - Log into your Azure management portal.
Step 2 - Click on "New "in the bottom left corner.
Step 3 - Click Data Services → Recovery Services -> Site Recovery Vault → Quick Creation.
Step 4 - Enter the name and select the region. Make sure this vault is in the same region where the virtual machines and networks reside.
Step 5 - You will be taken to the next screen. On the next screen, you can see a drop down list. If you expand the drop-down list, you will see the different scenarios in which recovery can be configured.
Here you have to choose the r economy scenario according to the needs of the organization. Let's examine each scenario in detail -
Enter the VMM site On-premises and Azure
In this scenario, the on-premises virtual machines are replicated to Azure. There are few prerequisites for these on-premises resources.
Server de virtual machine running on Windows 2012 R2 server.
The virtual machine server must have at least one cloud to protect.
The cloud must have at least one VMM host group and one Hyper-V host server, or one cluster and virtual machine on the Hyper-V host server.
Setting up site restoration is a very methodological task. If you are not ready with all the prerequisites mentioned above, after going through a few steps in the task, you may need to go back.
When you select this scenario in the drop-down list, you need to follow the five steps circled in the image above.
Between local Hyper-V site and Azure
This option is chosen for the replication of virtual machines residing on a local Hyper-V server The choice is suitable when the Hyper-V server is running but VMM is not available.
Prerequisites (on premises)
- On premises the host must be the Windows 2012 R2 server with the Hyper-V role.
- Hyper-V must have at least one virtual machine.
Between site on premises with VMWare / physical server and Azure
This scenario replicates the servers physical on Azure. You should also choose this option from the drop-down list when you need to replicate VMware virtual machines residing on your premises. Protection is provided in various ways, such as replicating data over the Internet. Before you begin the deployment, you mu I know the following terms. You will configure the following servers while configuring site recovery in this scenario -
Process Server - Protected server data Items are first sent to the process server where they are cached, compressed and encrypted.The data is sent to the master target server.
Configuration Server - This server is a communication link between the protected elements, the process and the master target server.
Primary target server - Primary target server stores data replicated from protected items.
Between two VMWare sites on premises
Between two sites On-premises VMM and a SAN Array application
In this scenario, the on-premises VMM site is replicated to another site. Hyper-V virtual machines in this site are protected through replication SAN (Storage Array Based). An organization can take advantage of this option if it has an existing SAN infrastructure.
The following image describes the prerequisites for this scenario is deployed.
Create a recovery plan
Once the configurationOnce you complete site recovery for one of your chosen scenarios, in your management m portal you will need to create a recovery plan to orchestrate your recovery.
Step 1 - In the management portal, navigate to the Azure Site Recovery vault you are working with.
Step 2 - Select "Recovery plans" from the top menu. You will see different options depending on your choice of scenario and the resources saved in the recovery vault.
Step 3 - You can create the recovery plan for site recovery as you want. It will also tell you about any prior tasks, in case you missed a step in the process.
Step 4 - The custom plan created here can be executed in the event of a switch to orchestrate recovery. Services can be made available on a secondary site.
Microsoft Azure - Health Monitoring
Continuous health monitoring is one of the features of Azure Site Recovery. You do not have to subscribe exclusively to this feature. In the previous chapter, we saw how Azure Site Recovery can be configured for different scenarios. After all configurations are complete, Hyper-V Recovery Manager continuously monitors the health of instances of protected resources. This is done by the Hyper-V Remote Recovery Manager from Azure. This procedure consists of collecting the data of the virtual machines used for recovery.
What happens in Azure Site Recovery is that data is continuously collected for recovery. Whenever data is transferred as part of continuous health monitoring, it is always encrypted, so it is safe and secure.
The data is repliquids on the secondary site. The secondary site is made available in the event of a failover. In order to ensure that everything is working properly, a failover test can be performed. Planned and unplanned failovers are two circumstances in which the secondary site must be made available. Planned failover is typically done for testing, maintenance, etc., while unplanned failover occurs in the event of a disaster. Regardless of the type of failure, the virtual machines at the primary site are continuously monitored and data is collected. Thus, continuous health monitoring is a feature that keeps secondary site data always available.
In addition to backup and orchestrated recovery, Azure Site Recovery continuously monitors the health of all of its resource instances.
Microsoft Azure - Upgrades
Let's say our services are runningwork correctly on Azure. After a while we need to make changes and upgrade the services that are already running. Here is the tricky part, sometimes the upgrade would go smoothly and sometimes you wouldn't know what is causing the problem. Windows Azure has attempted to resolve these issues.
Update a cloud service
The application code can be easily updated in the Azure management portal. You will need a service package (.cspkg) and service configuration files (.cscfg) before continuing.
Step 1 - Log in to the management portal.
Step 2 - Navigate to the service you want to update.
Step 3 - Click on "Instances " in the top menu, then on "update '. The following screen will appear.
Step 4 - Enter the name of the deployment label and download the .cs filespkg and .cscfg.
Step 5 - Select the role you want to update or select “all” if you want to update all roles.
Step 6 - Check the box if necessary and click on the "Arrow" on the right side.
VIP switchover (virtual IP)
You might come across a scenario, when you need to make changes to the service architecture. Azure provides a way to easily manage the upgrade. There are two deployment environments: production and staging. Suppose your service is in production, but you can deploy the new version to the staging environment. After that you just test it and hopefully y or swap it with the production deployment. Behind the scenes, the virtual IP addresses of production and staging are swapped so that the staging becomes production and production becomes intermediary.diary. During the changeover, the service is not interrupted. All this is done without interruption of service. It also makes it easy to roll back to the older production version in case you need to.
Step 1 - Log in to the management portal.
Step 2 - Access the service. Select "Instances " from the top menu. You can see in the next screen, two instances are there for this service.
Step 3 - When you have deployed the service in preparation and in production, you will see that 'Swap ' at this bottom of the screen is activated, just click on this Swap icon and it will be done.
< data-cfasync = "false " src="/cdn-cgi/s/5c5dd728/cloudflare-static/email-decode.min.js">
- You cannot swap if you have a different number of endpoints for each deployment.
- This does not change your service's IP address.