Ultimate Azure IaaS for Infrastructure Management

By Dean Cefola

"Elevate Your Skills to Master The Cloud"

Key Features

● Step-by-step guide and real-world scenarios to help readers confidently implement Azure IaaS solutions.

• Language: English
• Publisher: Orange Education Pvt Ltd
• Release date: May 30, 2024
• ISBN: 9788197256363

Book preview

CHAPTER 1

Introduction to Azure IaaS

Introduction

Welcome to a journey through the Azure IaaS world! There is a lot of ground to be covered but we would do well to focus on one thought — to take our learning to its logical conclusion, we need to think about SMART goals. SMART goals are specific, measured, assignable, realistic, and timed. This is the best way to apply what you learn so that you can get what you need out of it and continue to learn and grow. We will come back to SMART goals at the end of each chapter to help you out.

Azure infrastructure is usually the traditional IT person’s first area of cloud adoption. This is because we find many similarities between cloud infrastructure and on premises infrastructure. In this chapter, you will be eased into this very deep topic by building on the foundation of traditional IT skills. This will help you understand the benefits and challenges of the ever-evolving world of the Azure cloud.

Structure

In this chapter, we will discuss the following topics:

Brief History of the Cloud

Cloud Layers, On-premises, IaaS, PaaS, SaaS

Benefits and Challenges of Azure IaaS

Brief History of the Cloud

Cloud computing is the delivery of computing services over the internet, or more specifically computing that happens in a third party’s data center that you consume as a service over a remote connection. The cloud has been around for a long time depending on your definition. Google search is a type of cloud and so is your online email. Each provides a computing service that happens out there in some data center, somewhere on the planet that you do not manage or control but is a computing service you consume. That is the essence of the cloud.

The cloud offers many benefits, such as faster innovation, scalability, flexibility, reliability, productivity, and cost-efficiency. The fact that you do not have to build or manage any of the underlying infrastructure, you can just deploy 10,000 VMs 40,000 databases with 200,000 containers across 8,000 networks across five geographies at the same time, right now is the kind of scale and innovation to your processes you can start to think about with the cloud. This should change your emphasis from manual efforts on a single system to considering the possibilities of managing thousands of resources through automation and scalable solutions, which mean increased productivity and reliability. All of this comes down, ultimately, to cost. This is where the cloud outshines on premise or other types of hosted solutions because you only pay for what you use, and the underlying hardware is not your problem. If a host breaks, Microsoft must fix it and your VMs simply move to another host and keep on working.

All cloud computing services are not the same. There are different types of cloud computing models that provide different levels of control, responsibility, and abstraction to the users. The three major types of cloud computing environments are public cloud, private cloud, and hybrid cloud. Microsoft Azure is public cloud, as well as national and top-secret cloud, to support the varying needs of governments. For further reading please visit the following links: https://azure.microsoft.com/en-us/explore/global-infrastructure/government/; https://azure.microsoft.com/en-us/blog/azure-government-top-secret-now-generally-available-for-us-national-security-missions/

It is a commercially available public service that anyone can create an account on and create resources to meet their needs. Your own data centers, in a way, are private cloud.

The resources and infrastructure are exclusively yours and you must maintain them and can use them how you like. The hybrid cloud combines the public and private clouds through networking and other identity connection services so you can share users, applications, and the data between them. Azure can also be set up in a hybrid model.

So, for the rest of this book, we will focus on the public and hybrid cloud implementations of Azure. There are also several different types of cloud services, and the best way to understand those is by starting with something you may be familiar with, the on premise or data center computing.

On-Premises

In the data center or on-premises environment, you are responsible for managing everything, the physical building, power, cooling as well as the physical racks of equipment which also means the physical network, cables, switches, routers, and so on, along with the storage. This could be a SAN, NAS, or disks on the servers. These servers might have been used as physical instances or virtualization platforms hosting virtual machines (VM). Each VM has an operating system, drivers, IT support tools, as well as the application you need to run. There may also be databases and other runtime environments to make the system capable of presenting the app to the users.

The problem with this approach is that all of these things are required by the business to function, but they do not bring value to the business. It is thought of as an expense or a necessary evil that all must have to get our work done.

Figure 1.1: On-premises operating model

As the preceding graphic shows, the on-premises model of computing puts all of the responsibility for building and maintaining the layers of computing on you. While this can be good for maintaining a large measure of control in your environment, this is done at the expense of the business. This means that the company must invest in more hardware, CAPEX costs, service contracts, vacilities, personnel, power, cooling, and more, to run the computing infrastructure before they can receive any benefits to the business.

The cloud approach disagrees with this premise and offloads much of the cost and responsibility for the computing environment so you can get value on demand right away. All the multiple layers of cloud that we will discuss next help you find the right balance of the services you provide and the requirements of how you provide them.

IaaS

The first level of cloud service is known as infrastructure as a service, or IaaS. Here we give up the management of the physical data center services and physical equipment. This allows us to focus on deploying Compute, Storage, and Network services that run on top of that physical infrastructure.

In IaaS, you control VMs size and configuration and manage from the OS layer up through the applications and presentation. And so, begins the trade-off between control and managed services. Since IaaS manages the underlying infrastructure, you are limited to the CPU and RAM configurations of the platform. If you need a VM with three CPU cores and 9GB of RAM, you cannot have it.

You are giving up control over these items and in return are gaining the globally scalable services of a VM that can be deployed anywhere in the world in seconds. This also means operating system updates are something you still need to manage. The cloud does also have services to help you with those updates, but for that we need help from the next layer. As you consider and evaluate public cloud services, it is critical to understand the shared responsibility model and which security tasks the cloud provider handles and which tasks you handle. The workload responsibilities vary depending on whether the workload is hosted on Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS), or in an on-premises datacenter.

Figure 1.2: Cloud IaaS operating model

PaaS

The next layer of cloud is platform as a service, or PaaS. The platform layer relinquishes control over the operating system, middleware, and runtime allowing us to consume a cloud service that just works to accomplish our goals. In PaaS we have generally left VMs behind and moved into serverless computing services such as Azure application services, functions, Azure SQL Databases, and logic apps. A great example of this is a web server. In IaaS you would build the server and OS, then install the web hosting roles and configurations. Then the web pages themselves will be served up to the users. In PaaS you would deploy the Azure web app service, where you only need to provide your code for the web pages and everything else is done for you.

There are however several PaaS services which are IaaS dependent like, Azure Virtual Desktop, (AVD) Azure Kubernetes Service (AKS), and Azure VMWare Service (AVS) — all these give the user a management layer of PaaS but compute in IaaS.

Figure 1.3: Cloud PaaS operating model

SaaS

The final layer is SaaS, also known as software as a service. All the physical infrastructure, VMs, operating systems, along with their high availability and disaster recovery requirements, along with the runtime platform environments are abstracted away so that we can just focus on the presentation layer and user experience. You have exchanged all the management of the environment for the ease of use. The users connect to the application over the internet and just use it.

Figure 1.4: Cloud SaaS operating model

This is how Microsoft’s global scale identity service, Azure Active Directory, recently renamed to Microsoft Entra ID, functions, as well as other services like Office 365, Dynamics 365, Intune, and many third party services as well.

One further thing to clarify is that this is not progression. While there can be a better cost to benefit ratio in SaaS in comparison with IaaS, it is not the case that the REAL cloud users are on SaaS and IaaS is only half cloud. No, IaaS, PaaS, and SaaS are all cloud models and have ongoing value across different use cases, and if you need VMs with an OS you control to make the apps work as your users need it. IaaS VMs are not the only thing used in the cloud. It is equally important to learn as many aspects of the cloud as possible to become successful as an Azure administrator.

IaaS is not all rainbows and unicorns, there are some challenges and limitations that you should also be aware of. In IaaS, you are responsible for securing and complying with the regulations that apply to your data and applications running on those VMs, storage accounts and networks. You also control the application layer, so you must take the additional steps to secure your data and network ports as well as any other industry or geo-political regulations you need to comply with. For example, if you lived in the European Union you would be subject to General Data Protection Regulations (GDPR). You can read more about GDPR here; What is GDPR, the EU’s new data protection law? - GDPR.eu. There are cloud services and solutions beyond IaaS that may be able to help you with these, but you still need to implement and monitor them according to your needs.

IaaS is a more complex cloud implementation than PaaS or SaaS. You have more areas of responsibility, which means you need more skills in managing those areas. You need to understand your workloads enough to right size your VMs correctly for performance. There is also managing the VMs and application’s high availability and disaster recovery needs, which a PaaS service does natively for you. Do not forget about the VMs operating system with everything to deployments, updates, troubleshooting and decommissions, drivers, middleware, runtime environments, it is all on you; and you need to do it securely while controlling costs. Setting up the proper services within your storage accounts and protecting your data can be a complex task as well, and more so depending on your use cases. Then, there are your networks, IP address allocation, and management of security to routing.

Conclusion

IaaS was built on the history of the on-premises data center and extrapolated into a globally scalable service. IaaS is also only one part of the cloud. PaaS and SaaS have great value in their own way and overlap with the IaaS services as well. The further you move down the line from on-premises to IaaS to PaaS to SaaS, you give up some control but in return the service does more for you. This chapter covers how IaaS fits into the rest of the cloud. In the next chapter, we will focus on IaaS in more detail.

Multiple Choice Questions

In IaaS which are the resources we focus on?

Web applications, DNS, identity and authentication

Regions, subscriptions, and zones

Global databases, functions, and logic applications

VMs, networks, storage, and databases

Which cloud layer would Entra ID be most closely related to?

On-premises

Hybrid

IaaS

PaaS

SaaS

In IaaS, how are operating system patches installed on VMs by default?

(select all that apply)

Manually

Automatically by Microsoft

By containers

Windows update

Sudo Apt update

Azure update manager

Microsoft Intune

Answers

d

e

a, e, f

CHAPTER 2

Getting Started with Azure IaaS

Introduction

Let us get started with Azure infrastructure as a service! There are many things we do in our traditional environments that must also be done in the cloud, but with a different set of tools and emphasis. For example, on-premises we never worried about powering off VMs to reduce our cost. However, in the cloud, this is one of the very best ways to reduce our monthly costs. This is because on-prem costs were all laid out upfront when hardware was purchased, or it was amortized over several years. But the cloud follows a ‘pay as you go’ model, which means you must take action to reduce costs instead of getting a discount on hardware purchases every few years. This must also be done in configurations, policies, security, and the governance and management tools of the cloud, and that is what this chapter is all