Setting up Management Group for production in enterprise

org1Once you have set up your first subscription, you can set up your Management Group.

In Azure, management groups are a way to group your subscriptions. When you apply policies and governance to your management group, all of the subscriptions within a management group automatically inherit the conditions applied. Enterprises want management groups as a way to scale your operations no matter how many subscriptions you may have.

For example, you may want to restrict the regions available for your resources to those within a particular region. A policy that reflects that can be applied to a management group and will automatically be applied to all management groups, all subscriptions, and all resources under that management group.

Continue reading “Setting up Management Group for production in enterprise”

Setting up Security Center for production in enterprise

Icon-security-241-Security-CenterSecurity Center provides out of the box policies and a dashboard to identify possible security issues with your subscription.

To start with Security Center has a good set of policies that will help you do basic audits and provide security alerts.

Use Security Center to meet your cloud requirements

In this article, you will be able to meet the following requirements:

  • Set up ways for your security team, developers, and operations to quickly audit subscriptions.
  • Mitigate security issues

Continue reading “Setting up Security Center for production in enterprise”

Setting up Log Analytics workspace for production in enterprise

icon_1.0.1195.1535Operations and security are central in any cloud deployment. It should be top of mind in each of your cloud deployments.

Enabling your operations team to find and fix errors, to build practices around scaling your data are essential to having a successful Azure data center.

Log Analytics provides a unified way to show what is happening across your Azure data center.

In this article learn how to set up Log Analytics to receive data from multiple Azure subscriptions, on premises virtual machines or other clouds. And learn to configure your Log Analytics workspace, set up role-based-access-control, and how to incorporate Log Analytics best practices. In addition, you will also learn how to get started with some important queries.

Continue reading “Setting up Log Analytics workspace for production in enterprise”

Organize Azure resources using management group, tags, naming convention

org1Once you have set up your Azure administrators, you can begin to consider how to organize your cloud into management groups, subscriptions, resource groups. You will want to develop a naming standard, and way to tag resources.

Although you may be focused initially on just getting your resources deployed, you will want to be able to manage them. For example, a year from now you may want to know who is responsible for the virtual machine that is no longer doing anything, but is costing money. In other words, you may want lifecycle management.

You may want the ability to charge a set of resources to a cost center and to budget those resources. For example, you may want to receive alerts for both the users and for your administrators when costs are out of line with expectations.

And as we all know, it is easier to organize as you go. In this article, you will learn about some key points in organizing your Azure resources.

Continue reading “Organize Azure resources using management group, tags, naming convention”

Checklist of Azure tools for enterprise admin: PowerShell, AzCopy, Azure CLI, Docker, Git, Azure Providers

powershellAzure provides the Azure Cloud Shell which includes almost every tool you will need already installed. But that requires you to be logged into the portal. And it times out after a short time. So you can administer Azure from your desktop.

There are tools you will normally want on your local computer to administer Azure:

  • PowerShell
  • Azure Powershell
  • Azure CLI and some additional tools (such as jq and Kubernetes)
  • AzCopy
  • Git
  • Docker
  • Visual Studio Code and extensions

All are cross platform tools. In this article, you will learn how to install the tools from the command line. And you will learn about Azure providers and how to add them to your subscription.

Continue reading “Checklist of Azure tools for enterprise admin: PowerShell, AzCopy, Azure CLI, Docker, Git, Azure Providers”

Setting up your enterprise Azure subscription administrators

azureadministratorpngMicrosoft makes it easy to get started using Azure — sign up for a free subscription and get started. The tutorial show you how to use the portal to create virtual machines, storage, backups. All good.

And then it comes time to take your applications into production. You may realize that you need to show auditors your security methods. And you want to be sure to protect your customer data. Or you may have cloud sprawl and want to control costs.

And you have had a good conversations about your requirements. What then?

This article shows you how to get your subscription up and running using some important best practices for your administrators. It shows how to set up Security Center and how to set up policies that can be used to help your security team validate that you are using best practices.

Continue reading “Setting up your enterprise Azure subscription administrators”

Requirements, plan for your enterprise Azure Subscription for production

Cloud Adoption Framework
Microsoft’s Cloud Adoption Framework

You can get started in Azure. But soon it becomes time to build your subscriptions for your enterprise. For example, giving unrestricted access to developers can make your devs very agile, but it can also lead to unintended cost consequences. In addition, you will want to have requirements to demonstrate compliance for security, monitoring, and resource access control.

In this article we help organize some thoughts around the strategy and plan for building out your cloud, including a plan that you can put into Azure DevOps.

The Cloud Adoption Framework provides guidance for in depth analysis and preparation for your cloud. 

Continue reading “Requirements, plan for your enterprise Azure Subscription for production”

Container Ecosystem on Windows, Linux – When to Choose

Everything the application depends on to run successfully can lives inside a container. Containers are an isolated, resource controlled, and portable runtime environment which runs on a host machine or virtual machine. An application or process which runs in a container is packaged with all the required dependencies and configuration files.

Containers grew up in Linux. In Windows Server 2016, containers can run on Windows and run Windows on the inside.

The idea is that you can run containers in the cloud, in the customer data center, or in container services and manage them consistently.

DockerAndAzureEcosystem_thumb

Continue reading “Container Ecosystem on Windows, Linux – When to Choose”

Container Orchestration with Docker Swarm, Marathon, Kubernetes

You need orchestration when transitioning from deploying containers individually on a single host to deploying complex multi-container apps on many machines.

The following describes some of the most popular:

  • Docker Swarm
  • Mesos DC/OS
  • Kubernetes

The purpose of this post is to define the terms and to surface the main features. The goal of the post is not to compare, but to provide definitions of the container technologies.

In general, these container solutions run and support Linux containers.

Continue reading “Container Orchestration with Docker Swarm, Marathon, Kubernetes”

Docker Container Concepts, Architecture, Overview

Containers are key to the modern datacenter.

Docker is an open platform for developing, shipping, and running applications in containers.
This post describes the conceptual parts that you will use in setting up Docker. Here are the primary parts:

  • Docker Image is a read-only template for creating a Docker container. You can create your own Dockerfile to define the steps to create an image.
  • Docker Container is a runnable instance of an image. You can create, start, stop, move, or delete a container using the Docker API or CLI.
  • You talk to the Container through the Docker Engine that provides the Docker client which talks to the Docker daemon. The Docker daemon listens for Docker API requests and manages Docker objects such as images, containers, networks, and volumes.
  • Docker Registries stores Docker images. You pull Docker images from the registries. There are public registries and private registries. One private registry is Azure Container Registry provides a private registry for your containers.
  • Task of automating and managing a large number of containers and how they interact is known as orchestration.

Continue reading “Docker Container Concepts, Architecture, Overview”