MST400-M03.pdf
Document Details
Uploaded by InvigoratingCarnelian5090
null
Tags
Related
Full Transcript
MST400: Introduction to Microsoft Azure Administration Module 3: Azure Administration Tools Hooshang Kazemi, Ph.D. Module 3: Topics • Azure Resource Manager • Azure Administrator Tools • Azure Resource Manager (ARM) Templates MST400 Azure Resource Manager (ARM) • Azure Resource Manager (ARM) i...
MST400: Introduction to Microsoft Azure Administration Module 3: Azure Administration Tools Hooshang Kazemi, Ph.D. Module 3: Topics • Azure Resource Manager • Azure Administrator Tools • Azure Resource Manager (ARM) Templates MST400 Azure Resource Manager (ARM) • Azure Resource Manager (ARM) is the deployment and management service for Azure. It provides a management layer that enables you to create, update, and delete resources in your Azure account. • ARM enables you to work with the resources in your solution as a group. • You can do many tasks for all your resources in a single operation. Such as; • deploy, • update, or • delete. • Resource Manager provides; • security, • auditing, and • tagging MST400 Consistent management layer Azure tools interact with the Azure Resource Manager API. The API passes requests to the Resource Manager service, which authenticates and authorizes the requests. Resource Manager then routes the requests to the appropriate resource providers. MST400 Terminology • Resource - A manageable service that is available through Azure. like a virtual machine, storage account, web app, database, and virtual network. • Resource group - A logical container that holds related resources. • Resource provider - A service that supplies the resources we use. Some common resource providers are Microsoft.Compute, which supplies the VM resource, Microsoft.Storage, which supplies the storage account resource, and Microsoft.Web, which supplies resources related to web apps. • ARM template - A JavaScript Object Notation (JSON) file that declaratively defines one or more resources to deploy to a resource group. • Declarative syntax - In a file, you define the properties for the infrastructure you want to deploy to Azure without having to write programming commands to create it. The ARM template is an example of declarative syntax. MST400 Resource Groups • A resource group is a logical container for resources deployed on Azure. • All the resources in your group should share the same lifecycle. You deploy, update, and delete them together. • Resources can only exist in one resource group. • Resource Groups cannot be renamed. • Resource Groups can have resources of many different types (services). • Resource Groups can have resources from many different regions. MST400 Resource Manager Locks • Locks allow organizations to put a structure in place that prevents the accidental deletion of resources in Azure. • Locks can be associated with a subscription, resource group, or a resource. • Locks are inherited by child resources. Lock types • There are two types of resource locks. • Read-Only locks, which prevent any changes to the resource. • Delete locks, which prevent deletion. • ✔ Only the Owner and User Access Administrator roles can create or delete management locks. MST400 Moving Resources When moving resources, both the source group and the target group are locked during the operation. Write and delete operations are blocked on the resource groups until the move completes. This lock means you can't add, update, or delete resources in the resource groups. Locks don't mean the resources aren't available. MST400 Deleting resource groups • Remove unused Azure resources to ensure unexpected charges. • To list Resource groups in Azure PowerShell, use • Get-AzResourceGroup • To delete a Resource group using PowerShell, • Remove-AzResourceGroup -Name “<resource_Group_Name>" –Force –AsJob MST400 Resource Limits • • • • The limits shown are the limits for your subscription. When you need to increase a default limit, there is a Request Increase link. All resources have a maximum limit listed in Azure limits. If you are at the maximum limit, the limit can't be increased. MST400 Manage resource groups with PowerShell • Access the Cloud Shell. Create the resource lock and confirm your action. • New-AzResourceLock -LockName <lockName> -LockLevel CanNotDelete -ResourceGroupName <resourceGroupName> • View resource lock information. Notice the LockId that will be used in the next step to delete the lock. • Get-AzResourceLock • Delete the resource lock and confirm your action. • Remove-AzResourceLock -LockName <Name> -ResourceGroupName <Resource Group> • Verify the resource lock has been removed. • Get-AzResourceLock MST400 Demonstration – Resource Groups MST400 Azure Administrator Tools • Manage resources with the Azure portal. • Manage resources with Azure Cloud Shell. • Manage resources with Azure PowerShell. • Manage resources with Azure CLI. MST400 Azure Portal • Search resources, services, and docs. • Manage resources. • Create customized dashboards and favorites. • Access the Cloud Shell. • Receive notifications. • Links to the Azure documentation MST400 Azure Cloud Shell • Azure Cloud Shell is an interactive, browser-accessible shell for managing Azure resources. • Linux users can use Bash scripting, while Windows users can use PowerShell. • Authenticates automatically for instant access to your resources. • Requires a resource group, storage account, and Azure File share. • Persists $HOME using a 5-GB image held in your file share. MST400 PowerShell Cmdlets • AZ is the name for Azure PowerShell • Get-Verb displays format and description of commands • New-AzVm -ResourceGroupName “Demo-RG" -Name “Demo-VM" -Image "UbuntuLTS“ • Get-Help cmdlet displays the help file for any cmdlet • Get-Help Get-ChildItem -detailed MST400 Azure CLI • Azure CLI is a command-line program to connect to Azure and execute administrative commands on Azure resources. • For example, to restart a VM az vm restart -g MyResourceGroup -n MyVm • It runs on Linux, macOS, and Windows • It can be used interactively or through scripts • Use find to get help MST400 Demonstration MST400 ARM Templates • An ARM template is a JSON file that defines the infrastructure and configuration of resources to implement as a code. • Templates improve consistency. • Templates help express complex deployments. • Templates reduce manual, error-prone tasks. • Templates are code. • Templates promote reuse. • Templates are linkable. • Templates simplify orchestration. MST400 Template Schema • ARM templates are written in JSON, which allows you to express data stored as an object (such as a virtual machine) in text. { "$schema": "http://schema.management. azure.com/schemas/2019-0401/deploymentTemplate.json#", "contentVersion": "", "parameters": {}, "variables": {}, "functions": [], "resources": [], "outputs": {} } • a collection of key-value pairs. Each key is a string, whose value can be: • A string • A number • A Boolean expression • A list of values • An object (which is a collection of other key-value pairs) MST400 Template Parameters • In the parameters section of the template, you specify which values you can input when deploying the resources. • Here's an example that illustrates two parameters: one for a virtual machine's username, and one for its password: MST400 Thank you! MST400