Azure - VM, VNet

Virtual Machines

• Virtualisation - Some one (Now a days it can be done by public cloud providers) go through Physical server and install Hypervisor, helps to logically divide the machine so the multiple people can use it.

• For example azure buy’s servers and install Hypervisor then they provide the service.

• VM in Azure:

  • Subscription (Mandatory)

  • Resource group (mandatory) - helps to track the resource

  • VM name

  • region (pick up a region near to you / near to users)

  • Availability zones

  • Security type

  • Image (depending on the requirement)

  • VM architecture

  • Azure spot discount - There will always be unused resource in azure, if you check this you will get discount on this but these resource can go down anytime and can’t use for production

  • Size - Pick based on requirement like depending on cpu, memory , iops etc..

    • Series - A (deprecated) : only for dev or test use cases

    • Bs - Series: Pre trial use cases , for POC’s , less cpu , less ram , like less then mobile’s

    • D-Series:

      • General purpose compute

      • offers most production workloads

    • E-Series: Memory intense application (like redis)

    • F-Series: Compute intense (like cron jobs, batch jobs, where multiple process runs)

    • G-Series: Memory and storage optimises

    • H-Series: High Performance computing VM’s

    • Ls- Series: Storage optimised VM’s (like SSD’s)

    • M Series: Memory Optimised

    • Mv2-Series: Largest Memory Optimised VM’s

    • N-Series: GPU enabled VM’s

  • Authentication Type:

    • Username and password

    • SSH Public Key

  • Inbound port rules

Virtual Network (VNet)

• What if VNet not exist’s :

  • If there is No VNet all apps are deployed in single network , if one app hacked all the hacked

• Using VNet , we can secure the application by deploying it in different network so that complexity reduces

• VNet is a logical network with in the physical network

• We can create number of Vnet if we have azure subscription

• Size of VPC is number is IP address of the VNet have

  

Subnets

• For every VNets there will be subnets

  • public subnet → the apps deployed in it will be accessible for users

  • private subnet → in this subnet only private servers like databases are deployed and only accessible by the backed or the frontend application

  • application gateway subnet → this is the subnet dedicated to deploy application gateway or the load balancer, we cannot deploy other resources like VM’s etc.

Route table

• This is the table attached to subnets to route the traffic to the dedicated resource

• can be defined user defined routes

• This are the rules that guide the traffic tell how to move within the subnets

• Those are the rules or the path called as system routes which maintains those are called as route table

VNet Peering

• Virtual networks are independent from each other like they are separate entities as said above

• there are some cases like 2 dependent applications are deployed on separate networks in these type of cases we use VNet peering.

• VNet Peering allows you to connect 2 VNet’s using route table

• VNet Peering and VPN Gateway both are same concept, that allow different virtual networks to talk each other

• VNet Peering → connecting the different VNet’s

• VPN Peering → This is for hybrid connectivity where connecting on-premises network with the VNet