Azure – AzureDays

Walkthrough: Create Azure Kubernetes Service (AKS) using Terraform

November 23, 2020

When you are building your cloud infrastructure, you can think of it as code. Infrastructure as code means that the virtual machines, networking, and storage can all be thought of as code. On Azure, you can build your infrastructure using Azure Resource Manager (ARM) templates and deploy using PowerShell. You could also use PowerShell or Azure CLI to express your infrastructure. Many enterprises use Terraform, an open source infrastructure as code provider by HashiCorp, to build, change, version cloud infrastructure.

You can use Terraform across multiple platforms, including Amazon Web Services, IBM Cloud (formerly Bluemix), Google Cloud Platform, DigitalOcean, Linode, Microsoft Azure, Oracle Cloud Infrastructure, OVH, Scaleway VMware vSphere or Open Telekom Cloud, OpenNebula and OpenStack. In this article, we’ll explore Azure. At a high level, you write the configuration of your infrastructure in Terraform files that can describe the infrastructure of a single application or of your entire data center, and then apply it to the target cloud (in this case Azure).

In this article, you install Terraform and configure it, create the Terraform configuration plans for two resource groups an AKS cluster and Azure Log Analytics workspace, and apply the plans into Azure. Continue reading “Walkthrough: Create Azure Kubernetes Service (AKS) using Terraform”

Walkthrough: Create Azure Kubernetes Service (AKS) using ARM template

November 19, 2020

Azure Kubernetes Service (AKS) provides a hosted Kubernetes service where Azure handles critical tasks like health monitoring and maintenance for you. AKS reduces the complexity and operational overhead of managing Kubernetes by offloading much of that responsibility to Azure. When you create AKS, Azure provides the Kubernetes control plane. You need manage only the agent nodes within your clusters.

There are several ways to deploy to Azure, including using the portal, Azure CLI, Azure PowerShell, and Terraform.

In this walkthrough, you will create an AKS cluster using an ARM template and then use Azure CLI to deploy a simple application to the cluster. You will review the design decisions made for the walkthrough, see how the template supports Kubenet for Kubernetes networking, role-based-access-control (RBAC) and how it supports managed identities to communicate with other Azure resources. Finally, you will use a Kubernetes manifest file to define the desired state of the cluster, and test the application.

Continue reading “Walkthrough: Create Azure Kubernetes Service (AKS) using ARM template”

Serverless apps in Kubernetes, Azure Functions

November 17, 2020

Azure Functions provides serverless computing as Functions-as-a-Service, which provides a platform for you to develop, run, and manage application functionalities without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app.

Azure Functions executes code to respond to changes in data, responding to messages, running on a schedule, or as the result of an HTTP request.

Typically, you just deploy the function into an existing base container provided by Microsoft. But if you specific needs, such as specific version, you can deploy your Function app as a custom container into the Azure Functions service.

As an alternative to Azure service, you can deploy Azure Functions into your own Kubernetes deployment and run Functions along side your other Kubernetes deployments.

With Azure Functions service you no longer need to manage disk capacity or memory. The compute requirements are are handled automatically. You pay for what and when you use it, rather than fixed sizes and memory required by other Azure services.

You can use a Docker container to deploy your function app to Azure Functions. You can also deploy Azure Functions app into your own Kubernetes.

In this article, you learn about the key features of Azure Functions with containers.

Let’s get started.

Continue reading “Serverless apps in Kubernetes, Azure Functions”

When to use Azure Kubernetes Service (AKS) for compute service

November 12, 2020

Azure offers several ways to host your application code. In some recent articles here we described some services and features for App Services and Container Instances. Other alternatives include Azure Batch and Azure Functions.

The Azure Architecture Center provides guidance on how to choose a compute service for your application.

There are tradeoffs between control and ease of management. Infrastructure-as-a-Service (IaaS) vs Platform-as-a-Service (PaaS) offers various levels of control, flexibility, and portability.

Microsoft provides guidance for your compute service selection.

Continue reading “When to use Azure Kubernetes Service (AKS) for compute service”

Alternatives to Azure Kubernetes Service (AKS): Azure App Services

November 9, 2020

app-service-icon You can run your web applications in Azure App Service in a fully managed service using either Windows and Linux-based containers. You may not need the overhead of a Kubernetes deployment. App Services provides security, load balancing, autoscaling, and automated management.

In addition, App Services has DevOps capabilities, such as continuous deployment from Azure DevOps, GitHub, Docker Hub, and other sources, package management, staging environments, custom domain, and TLS/SSL certificates.

By fully-managed, we mean App Service automatically patches and maintains the OS and language frameworks for you. Spend time writing great apps and let Azure worry about the platform.

With App Services Environment, deploy your application within a virtual network you define where you can have fine-grained control over inbound and outbound application network traffic.
Continue reading “Alternatives to Azure Kubernetes Service (AKS): Azure App Services”

Alternatives to Azure Kubernetes (AKS): Azure Container Instances

November 6, 2020

You may want to use containers for your deployments to Azure, but you may not want all the complexities of either standing up your own Kubernetes cluster on premises or Azure Kubernetes Service (AKS). For example, you may want to run a container for a short time.

Azure Container Instance have fast startup times, can be accessed using an IP address or a fully qualified domain name (FQDN). You can customize the size, use either Linux or Windows containers. You can schedule Linux containers to use NVIDIA Tesla GPU resources (preview).

Let’s learn more about Azure Container Instances.

Continue reading “Alternatives to Azure Kubernetes (AKS): Azure Container Instances”

View and register resource providers

September 17, 2020

Microsoft.VisualStudio.Services.Icons Just because Azure provides a resource, you may not have access to it in your subscription. You may have to add a particular resource.

You can think of a resource provider as a way Azure (ugh) provides resources. Another way to think about resource provides is that they are the services provided by a resource. For example, a resource provider offers a resource type called vaults for creating the key vault.

Each provider has one or more resource types. The name of a resource type is in the format: {resource-provider}/{resource-type}. The resource type for a key vault is Microsoft.KeyVault/vaults.

Continue reading “View and register resource providers”

Organize Azure resources in resource groups using portal, PowerShell, Azure CLI

September 15, 2020

Microsoft.VisualStudio.Services.Icons When you create, update, and delete resources in Azure you are using the Azure Resource Manager (ARM). Azure Resource Manager provides access control, tagging, auditing of your resources.

In this article, you use the portal, PowerShell, the Azure Command Line Interface (CLI) to create, manage access and delete resources. Links are provided in the reference section of this chapter for you to learn how to manage resources using the REST API.

You create resources in either an imperative way by describing each of the steps and feature with scripts. In a following post, you will learn how to create resources using a declarative syntax with an ARM template to describe the features and properties.

Continue reading “Organize Azure resources in resource groups using portal, PowerShell, Azure CLI”

Walkthrough using Azure Policy to audit and enforce compliance

July 9, 2020

azpolicy Use Azure Policy to manage and enforce your standards for governance and compliance and to assess that compliance at scale. When you implement Azure Policy, you are effectively adding guard-rails for your users. But you also have a way to audit your organization compliance against a particular policy.

In this walkthrough, you will learn the implications of using a Policy in Azure. For this walkthrough, you will use Azure CLI to create a storage account that will not be compliant, but allowing its contents to be accessed using HTTP. Then you will add a Policy that requires HTTPS, and see how you can audit existing, non-compliant resource. You will audit the resource using the portal and using PowerShell script. Then you will create another non-compliant resource and see how Azure blocks the resource during creation.

Continue reading “Walkthrough using Azure Policy to audit and enforce compliance”

Understanding Azure Policy for regulatory compliance

July 7, 2020

azpolicy Use Azure Policy to manage and enforce your standards for governance and compliance and to assess that compliance at scale. The idea is to set standards and to be able to demonstrated your organization is meeting your regularoty compliance goals.

In previous blog posts, you learned about setting up Management Groups and Security Center. For management groups, you learned that policies can be applied across multiple subscriptions. You noticed that Security Center provides a set of policies (an an policy initiative) for your subscription.

In this post, learn the basics of Azure Policy for you to manage resource consistency, regulatory compliance, security, and cost. And how Policies can be grouped together as initiatives, and how you can assign initiatives to specific regulatory compliance goals.

Continue reading “Understanding Azure Policy for regulatory compliance”