AZ-104 Azure Admin

• Microsoft Azure Administrator
• compile-a-checklist-for-creating-a-vm

Tools

Client side tools

Installing power shell on Linux

1. c
2. install-az-ps

Network

• VNet
• subnets
  • Azure reserves the first four addresses and the last address in each subnet for its use.
  • By default, there is no security boundary between subnets
• NSG
• separate subnets addresses so they can be connected together, e.g. with on-prem

VMs

take an inventory:

• What does the server communicate with?
• Which ports are open?
• Which OS is used?
• How much disk space is in use?
• What kind of data does this use? Are there restrictions (legal or otherwise) with not having it on-premises?
• What sort of CPU, memory, and disk I/O load does the server have? Is there burst traffic to account for?

VM configuration

Naming the VM

You can specify a name of up to:

• 15 characters on a Windows VM
• 64 characters on a Linux VM.

A good convention is to include the following information in the name:

Element	Example	Notes
Environment	dev, prod, QA	Identifies the environment for the resource
Location	uw (US West), ue (US East)	Identifies the region into which the resource is deployed
Instance	01, 02	For resources that have more than one named instance (web servers, etc.)
Product or Service	service	Identifies the product, application, or service that the resource supports
Role	sql, web, messaging	Identifies the role of the associated resource

For example, devusc-webvm01 might represent the first development web server hosted in the US South Central location.

VM Location

• place your VMs as close as possible to your users to improve performance and to meet any legal, compliance, or tax requirements.
• the location can limit your available options.
  • Each region has different hardware available and some configurations are not available in all regions.
  • there are price differences between locations.

VM size

• Be careful about resizing production VMs - they will be rebooted automatically which can cause a temporary outage and change some configuration settings such as the IP address.

The VM size can be changed while the VM is running, as long as the new size is available in the current hardware cluster the VM is running on.

The Azure portal makes this obvious by only showing you available size choices.

The command line tools will report an error if you attempt to resize a VM to an unavailable size. Changing a running VM size will automatically reboot the machine to complete the request.

VM Pricing

• Compute costs - Compute expenses are priced on a per-hour basis but billed on a per-minute basis.
  • TODO There is something about stopped vs de-allocated
  • There are two ways:
    • pay-as-you-go option, you pay for compute capacity by the second, with no long-term commitment or upfront payments
      • Prefer this option if you run applications with short-term or unpredictable workloads that cannot be interrupted.
    • Reserved Virtual Machine Instances (RI) option is an advance purchase of a virtual machine for one or three years in a specified region.
      • The commitment is made up front, and in return, you get up to 72% price savings compared to pay-as-you-go pricing.
      • RIs are flexible and can easily be exchanged or returned for an early termination fee.
      • Prefer this option if the VM has to run continuously, or you need budget predictability, and you can commit to using the VM for at least a year.
• Storage costs - You are charged separately for the storage the VM uses.
  • The status of the VM has no relation to the storage charges that will be incurred; even if the VM is stopped/deallocated and you aren’t billed for the running VM, you will be charged for the storage used by the disks.

VM Storage

All Azure virtual machines will have at least two virtual hard disks (VHDs).

• The first disk stores the operating system,
• the second is used as temporary storage.

You can add additional disks to store application data;

• the maximum number is determined by the VM size selection (typically two per CPU).

It's common to create one or more data disks, particularly since the OS disk tends to be quite small. Also, separating out the data to different VHDs allows you to manage the security, reliability, and performance of the disk independently.

The data for each VHD is held in Azure Storage as page blobs, which allows Azure to allocate space only for the storage you use. It's also how your storage cost is measured; you pay for the storage you are consuming.

Storage

• learn

• Determine storage account types

• A storage account provides a unique namespace for your Azure Storage data that's accessible from anywhere in the world over HTTP or HTTPS.

  • every storage account in Azure must have a unique-in-Azure account name.
    • Storage account names must be between 3 and 24 characters in length and may contain numbers and lowercase letters only.

• blob storage - A massively scalable object store for text and binary data.

  • data lake storage
    • https://<storage-account-name>.dfs.core.windows.net
  • https://<storage-account-name>.blob.core.windows.net
  • Access: http(s) restfull
  • can manage thousands of simultaneous uploads, massive amounts of video data, constantly growing log files, and can be reached from anywhere with an internet connection.
  • One advantage of blob storage over disk storage is that it doesn't require developers to think about or manage disks. Data is uploaded as blobs, and Azure takes care of the physical storage needs.
  • ideal for
    • Serving images or documents directly to a browser.
    • Streaming video and audio.
    • for more see Azure blobs

• Queue Storage - A messaging store for reliable messaging between application components.

  • https://<storage-account-name>.queue.core.windows.net
  • Access: http(s)
  • max 64kb per message.

• Table Storage - NoSQL table option for structured, non-relational data.

  • https://<storage-account-name>.table.core.windows.net

• Azure Files - Managed file shares for cloud or on-premises deployments.

  • https://<storage-account-name>.file.core.windows.net
  • access: SMB or NFS

• Azure Disks - Block-level storage volumes for Azure VMs.

• Replication

  • LRS - Local redundant storage. replicates your data three times within a single data center in the primary region.

• Accessing the storages

  • AzCopy
  • Azure Storage Explorer
  • Azure File Sync

NFS storage

I seem to require a premium support an a blob type

SMB storage

Mount SMB share in Ubuntu server

See: https://learn.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-linux?tabs=Ubuntu%2Csmb311

You can find the mount command by

• browsing portal.azure.com storageaccount -> File shares
• click the fileshare
• click 'connect'
• click 'Linux' tab
• click the 'Show Script' button

sudo mount -t cifs //hcknfstest.file.core.windows.net/firstsmb /data -o username=$STORAGE_ACCOUNT_NAME,password=$STORAGE_ACCOUNT_KE,serverino,nosharesock,actimeo=30,mfsymlinks
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log messages (dmesg)