Azure Virtual Machines

  • Azure Virtual Machines:
    • Azure Compute Unit (ACU) to provide a way of comparing compute (CPU) performance across Azure SKUs and to identify which SKU is most likely to satisfy your performance needs.
    • VM Series:
      • A Series: Entry level for Dev/Test
      • D Series: General purpose/Balanced (Infrastructure)
      • F Series: Optimized for compute (Web Apps, Analytics, Gaming)
      • G Series: Optimized for memory and storage (SQL, ERP, SAP)
      • H Series: High performance (Modeling, AI)
      • L Series: Storage optimized (Data warehousing, Cassandara, MongoDB)
      • G Series: GPU enabled (Graphics, Videos)
    • VM Sizes:
      • General Purpose: (B, DSv3, DSv2, Dv3, Dv2, DS, D, Av2, A0-7)
        • Balanced CPU-to-memory ratio.
        • Ideal for testing and development, small to medium databases, and low to medium traffic web servers.
      • Compute optimized: (Fsv2, Fs, F)
        • High CPU-to-memory ratio.
        • Good for medium traffic web servers, network appliances, batch processes, and application servers.
      • Memory optimized: (Esv3, Ev3, M, GS, G, DSv2, DS, Dv2, D)
        • High memory-to-CPU ratio.
        • Great for relational database servers, medium to large caches, and in-memory analytics.
      • Storage optimized: (Ls)
        • High disk throughput and I/O.
        • Ideal for Big Data, SQL, and NoSQL databases.
      • GPU: (NV, NC)
        • Specialized virtual machines targeted for heavy graphic rendering and video editing. Available with single or multiple GPUs.
      • High performance compute: (H, A8-11)
        • Fastest and most powerful CPU virtual machines with optional high-throughput network interfaces (RDMA).
    • Deploying VMs:
      • Azure portal: Used to create IaaS v2 (ARM) virtual machines.
      • Azure PowerShellCan be used to create virtual machines using either Azure Service Manager (ASM) to create IaaS v1 or the Azure Resource Manager IaaS v2 virtual machines.
      • Azure CLI
      • Visual Studio
      • Azure Resource Manager templates:
        • ARM template max size can be 1 MB.
    • Connecting VMs to your infrastructure:
      • Site to Site VPN
      • Azure vNet with multiple VMs
      • Azure based DC or on-premises DC
      • ExpressRoute
    • VM images:
      • Image Types:
        • OS images: Includes only a generalized OS
        • VM images: Includes an OS and all disks attached
      • Image Sources:
        • Azure Marketplace: Contains recent version for Windows Server and Linux distributions
        • VM Depot: Community managed repository of Linux and FreeBSD VM images
      • Custom image:
        • Image you create and upload for use in Azure.
    • Availability Sets: Its a logical group of virtual machines that are deployed across fault domains and update domains. Availability sets make sure that your application is not affected by single points of failure, like the network switch or the power unit of a rack of servers.
      • Create an availability set to provide redundancy for your application. Create two or more virtual machines in the availability set to distribute their placement across Azure hardware clusters.
      • For redundancy, configure multiple virtual machines in an Availability Set.
      • Configure each application tier into separate Availability Sets.
      • Combine a Load Balancer with Availability Sets.
      • Microsoft have a SLA in place for availability sets that’s 99.95% and for premium disks, its 99.9%.
      • Each virtual machine in an availability set is placed in one update domain and two fault domains.
      • Update domain: Virtual machines in the same update domain will be restarted together during planned maintenance. Azure never restarts more than one update domain at a time.
        • Update domains are VMs that shares the same hardware host (1-20 update domains are available).
        • It allows Azure to perform incremental or rolling upgrades across a deployment.  Each update domain contains a set of virtual machines and associated physical hardware that can be updated and rebooted at the same time.
        • During planned maintenance, only one update domain is rebooted at a time. By default there are five update domains, but you configure up to twenty update domains.
      • Fault domain: Virtual machines in the same fault domain shares a common power source and physical network switch.
        • It defines a group of virtual machines that share a common set of hardware, switches, and more that share a single point of failure.
        • For example, a server rack serviced by a set of power or networking switches.
        • VMs in an availability set are placed in at least two fault domains. This mitigates against the effects of hardware failures, network outages, power interruptions, or software updates.
        • 1-3 fault domains per availability set.
    • Virtual Machine Scale Set is an Azure compute resource you can use to deploy and manage a set of identical VMs. With all VMs configured the same, VM scale sets are designed to support true auto-scale – no pre-provisioning of VMs is required – making it easier to build large-scale services targeting resource-intensive compute, data, and containerized workloads.
      • You can create both Linux and Windows VM Scale Sets from the Azure Portal. These scale sets are automatically created with load balancer NAT rules to enable SSH or RDP connections.
      • You can set the maximum, minimum and default number of VMs, and define triggers – action rules based on resource consumption.
      • When you increase the number of virtual machines in a scale set, VMs are balanced across update and fault domains to ensure, maximum availability. Similarly when you scale in, VMs are removed with maximum availability in mind.
      • Scale set are often integrated with Azure Insight, Load Balancer and NAT rules. Azure Insight is used to measure when to scale up or scale down. The Load Balance and NAT rules work together to spread the workload over the available machines as they are added.
      • A method for deploying VMs as  a set.
      • Use Cases:
        • Hyperscale workload
        • Stateless web front ends
        • Container orchestration
        • Microservices clusters
      • Azure Resource Explorer is a great tool to view and modify resources you have created in your subscription. The tool is web-based and uses your Azure portal logon credentials. This tool is particularly useful in viewing Azure scale sets. With the tool you can see the individual virtual machines and their properties.
    • Types of IP Addresses:
      • Public IP addresses: Used for communication with the Internet, including Azure public-facing services, like SQL Services. You can associate public IP addresses with virtual machines, internet facing load balancers, VPN gateways, and application gateways.
        • Dynamic allocation: the IP address is not allocated at the time of its creation. Instead, the public IP address is allocated when you start (or create) the associated resource (like a VM or load balancer). The IP address is released when you stop (or delete) the resource. This means the IP address can change.
        • Static allocation: the IP address for the associated resource does not change. In this case an IP address is assigned immediately. It is released only when you delete the resource or change its allocation method to dynamic.
      • Private IP addresses: Used for communication within an Azure virtual network (VNet), and your on-premises network when you use a VPN gateway or ExpressRoute circuit to extend your network to Azure. You can associate private IP addresses with virtual machinesinternal load balancers, and application gateways.
        • The default allocation method is dynamic, where the IP address is automatically allocated from the resource’s subnet (using DHCP). This IP address can change when you stop and start the resource.
        • You can set the allocation method to static to ensure the IP address remains the same. In this case, you also need to provide a valid IP address that is part of the resource’s subnet.
    • Configuration Management Tools: Deploying and maintaining the desired state of your servers and application resources can be tedious and error prone. Azure supports several configuration management systems.
      • Desired State Configuration (DSC)With Azure automation Desired State Configuration (DSC), you can consistently deploy, reliably monitor, and automatically update the desired state of all your IT resources, at scale from the cloud. DSC is a VM agent extension and works on both Windows and Linux. DSC supports ARM templates, Azure PowerShell, and XPLAT-CLI.
      • Chef and Puppet: Chef are Puppet are other configuration management tools that lets you automate the entire lifecycle of your Azure infrastructure, from initial provisioning through application deployment. Both are popular Linux tools and VM agent extensions.
      • Ansible: Ansible is an open source, clientless automation tool that automates software and OS features provisioning, configuration management, and application deployment. Ansible includes a suite of modules for interacting with Azure Resource Manager, making possible to create and orchestrate infrastructure in Azure.
    • Monitoring and DiagnosticsThe administrator enables and configures VM diagnostics from the Monitoring area of the new portal VM blade. An administrator can enable diagnostic logging for: Basic metrics, Network and web metrics, .NET metrics, Windows event system logs, Windows event security logs, Windows event application logs, Diagnostic infrastructure logs:
      • You can access host-level metrics from VMs (Azure Resource Manager-based) and virtual machine scale sets without any additional diagnostic setup.
      • These new host-level metrics are available for Windows and Linux instances. These metrics are not to be confused with the Guest-OS-level metrics that you have access to when you turn on Azure Diagnostics on your VMs or virtual machine scale sets.
      • Alerts: You can receive an https://azure.microsoft.com/en-us/documentation/articles/insights-receive-alert-notifications/ When the value of an alert rule crosses an assigned threshold, the alert rule becomes active and can send a notification. For an alert rule on events, a rule can send a notification on every event, or, only when a certain number of events happen.
        • When you create an alert rule, you can select options to send an email notification to the service administrator and co-administrators or to another administrator that you can specify. A notification email is sent when the rule becomes active, and when an alert condition is resolved.
        • For example, this alert rule will trigger when the CPU percentage guest OS value is greater than 75% in a five minute period.
        • It supports alerts via SMS, Emails and Webhook (Automation Runbook, Function, Logic App, Third party URL)
    • Security GroupsIts a group of rules that can be applied to Interfaces, vNets and Subnets.
    • Backups: Based on Recovery Services Vault. Retention Range can be either daily, weekly or monthly backup point.
    • Enable Update Management: Its enable per VM. Create Operations Management Suite (OMS) workspace and install OMS agents. Takes 15-30 mins to report results. Scans every 12 hrs by default.
    • Change Tracking: Helps identify changes in your environment (Windows and Linux) for debugging, troubleshooting and compliance. Tracks Software, File, Registry Keys (Windows) and Services/Daemons. All data is sent to Log Analytics service.
    • Extensions: VM Agent Extensions are software components that extend the VM functionality and management operations. An administrator can install multiple extensions on a VM. Currently available extensions include management tools such as Desired State Configuration (DSC), Chef, and Puppet.
      • VM Agent: Its a secured, light-weight process that installs, configures, and removes VM extensions on instances of Azure virtual machines. It intended to bootstrap these additional extensions, offered both by Microsoft and partners. The extensions that the agent loads provide specific features to increase your productivity using the instance.
    • Azure Cross-Platform Command-Line Interface (XPLAT-CLI) provides a set of open source, cross-platform commands for working with Azure. Although available for all platforms, XPLAT-CLI is primarily for use with Linux-based VMs, as Windows VMs are usually managed with Azure PowerShell commands.
    • Although Azure virtual machines are based on Windows Server Hyper-V but not all Hyper-V features are supported. For example, Multipath I/O and Network Load Balancing are not currently supported.
    • Upgrade of the Windows operating system of a Microsoft Azure virtual machine is not supported. Instead, you should create a new Azure virtual machine that is running the supported version of the operating system that is required and then migrate the workload.
    • Linux endorsed distributions supports an upgrade of the operating system of a Microsoft Azure virtual machine in case of full open source license. If licensed Linux distribution is used, then follow partner-specific rules to upgrade (BYOL or other).
    • Some of the physical hosts in the Azure data centers may not support larger virtual machine sizes, such as A5 to A11. If that happens you may get an error message such as Failed to configure virtual machine or Failed to create virtual machine.
    • Fixed size VHD disk is uploaded to Azure (VHDX disk is not supported but you can convert it using PowerShell cmdlet)
    • Source virtual machines must be generalized using Sysprep. If using ARM, must also set the status of virtual machine to generalized using the Set-AzureRMVm cmdlet.
    • For capturing IaaS v2 Azure virtual machines, you must use PowerShell or Azure Resource Explorer.
    • All Linux distributions available in Azure image gallery are endorsed distributions and Azure Platform SLA (e.g up time availability) applies only to endorsed Linux distributions. Non-endorsed distributions may run on Azure, if they meet a number of -re-requisites.
    • Azure provides a large image gallery in the Marketplace. The gallery includes recent operating system images of Windows Server, Linux, and SQL Server. You can also store your own images in Azure, by capturing an existing virtual machine and uploading the image.
Advertisements

About Ishtiaque

I am IBM Certified Infrastructure Systems Architect, Linux Foundation Certified System Administrator, Oracle Certified Programmer in Java and Web Component Developer, and TOGAF 9 certified with over 10 years of support and development experience in IBM middleware software and Java. Additionally, have a sound grip in databases and OpenStack administration. I hold the following certifications: IBM Certified Infrastructure Systems Architect Linux Foundation Certified System Administrator (LFCS) TOGAF 9 Certified Oracle Certified Expert, Java EE6 Web Component Developer Oracle Certified Professional – Java 6 Programmer ITIL v3 Foundation Certified IBM Certified Solution Architect – Cloud Computing Infrastructure V1 IBM Certified System Administrator – WebSphere Portal V8, V7, V6.1, V6 IBM Certified System Administrator – WebSphere Application Server V7, V6.1 IBM Certified System Administrator – AIX V7 IBM Certified System Administrator – WebSphere MQ V7 IBM Certified Deployment Professional – Business Process Manager Advanced V7.5 IBM Certified Solution Advisor – Cloud Computing Architecture V3 IBM Certified Solution Developer – WebSphere Portal V5.1
This entry was posted in azure. Bookmark the permalink.