In this topic,  I will address the following resources in Azure Resource Manager (ARM):

• Azure VMs
• Availability Sets
• Load-Balancers

Lab overview for Highly Available IaaS 3-tier service

N.B: In this topic, I use PowerShell cmdlets to manage Azure resources. You can have further information here.

The goal of this lab regards the deployment of a 3-tier service:

• First tier: Web Servers
• Second tier: Application Servers
• Third tier: Database Servers

The user will connect to the Web Servers load-balancer. Then the Web Servers will connect to the application servers across the application load-balancer. Then Application servers will send a request to SQL Servers. The availability Set will be configured on each server role to support the 99,95% SLA.

Regarding the network, the virtual network is split into two subnets called external and internal subnet. All VMs are stored in the same storage account.

I have created the resource groups, the storage account and the virtual network. It only remains to create availability set, Azure VMs and load-balancer.

Availability Set

Usually to support High Availability, we use two servers that host the same role or/and application. Then these servers are spread across several racks, rooms or hypervisors (in case of VMs). In this way, even if an outage occurs, the others servers continue to deliver the service. In Azure, we use the Availability Set to spread in the datacenter, the Azure VMs which deliver the same service.

With Availability Set comes two concepts:

• Fault Domain: this is a physical unit for the deployment of an application. Thanks to fault domain, VMs are deployed on different servers, racks and switches to avoid a single point of failure.
• Update Domain: this is a logical unit for the deployment of an application. Servers which are associated with the same availability set will be arranged in the rack. In this way, one update domain will be unavailable at the same time when Microsoft makes an update. So servers in the remaining update domains continue to deliver the service.

To support the 99,95% SLA, I will create an availability set for each tier. To create the Availability Set from the portal, go to the Marketplace and select Availability Set. You can then specify the availability set name, the number of fault and update domains and the resource group.

You can do the same thing with PowerShell.

New-AzureRmAvailabilitySet -ResourceGroupName LabHAIaaS -Name AppTier -Location "West Europe" -PlatformUpdateDomainCount 2 -PlatformFaultDomainCount 2

Once I have created availability sets, I have three new resources in the resource group:

Azure VMs creation

N.B: At this moment, you can’t associate availability set to a VM already created (in Azure Resource Manager) from PowerShell or from the portal.

Now I will create Azure VMs with the availability set association. You can create it by using the portal:

Below you can find PowerShell cmdlets to create an external virtual machine: (the public IP is needed to connect to VMs from the portal. If you have a Site-to-Site VPN, you shouldn’t need the public IP)

# Set values for existing resource group and storage account names
$rgName="LabHAIaaS"
$locName="West Europe"
$saName="labhaiaasvm"
$AVName = "WebTier"
# Ask for VM credential
$cred=Get-Credential -Message "Type the name and password of the local administrator account."

# Set the existing virtual network and subnet index
$vnetName="LabHAIaasNetwork"
$subnetIndex=1
$vnet=Get-AzureRMVirtualNetwork -Name $vnetName -ResourceGroupName $rgName

# Create the NIC.
$nicName="ExtVM06-NIC"
$pip=New-AzureRmPublicIpAddress -Name $nicName -ResourceGroupName $rgName -Location $locName -AllocationMethod Dynamic
$nic=New-AzureRmNetworkInterface -Name $nicName -ResourceGroupName $rgName -Location $locName -SubnetId $vnet.Subnets[$subnetIndex].Id -PublicIpAddressId $pip.Id

#Availabiloty Set
$AvID = (Get-AzureRmAvailabilitySet -ResourceGroupName $RGName -Name $AvName).id

# Specify the name, size, and existing availability set
$vmName="ExtVM06"
$vmSize="Standard_A0"
$vm=New-AzureRmVMConfig -VMName $vmName -VMSize $vmSize -AvailabilitySetId $AvID

# Specify the image and local administrator account, and then add the NIC
$pubName="MicrosoftWindowsServer"
$offerName="WindowsServer"
$skuName="2012-R2-Datacenter"
$vm=Set-AzureRmVMOperatingSystem -VM $vm -Windows -ComputerName $vmName -Credential $cred -ProvisionVMAgent -EnableAutoUpdate
$vm=Set-AzureRmVMSourceImage -VM $vm -PublisherName $pubName -Offer $offerName -Skus $skuName -Version "latest"
$vm=Add-AzureRmVMNetworkInterface -VM $vm -Id $nic.Id

# Specify the OS disk name and create the VM
$diskName="OSDisk"
$storageAcc=Get-AzureRmStorageAccount -ResourceGroupName $rgName -Name $saName
$osDiskUri=$storageAcc.PrimaryEndpoints.Blob.ToString() + "vhds/" + $vmName + $diskName + ".vhd"
$vm=Set-AzureRmVMOSDisk -VM $vm -Name $diskName -VhdUri $osDiskUri -CreateOption fromImage
New-AzureRmVM -ResourceGroupName $rgName -Location $locName -VM $vm

Once all Azure VMs are created, I have 6 VMs in the resource group with their own network interfaces.

In the below example, you can see that Azure VMs that belong to the WebTier availability set are spread between two fault and update domains.

Implement the external load-balancer

Now that Azure VMs are created and are in availability sets, we can create the Load-Balancer. First, I create the external Load-Balancer for the Web servers (WebTier). Open the marketplace and type Load-Balancer. Then create it and chose the Public scheme. Create a public static IP as below and select the resource group.

Once the load-balancer is created, open settings and select Backend Pools.

Then create a backend address pool, and choose the WebTier availability Set and the Azure VMs as below.

Now you can create a probe to verify the health of your application. In the below example I create a probe for a web service which listens on HTTP/80.

Once the probe is created, we can create a load-balancing rule related to the probe health. If a server is not healthy, the load-balancer will not route traffic to this server.

Implement internal Load Balancer

As the external Load-Balancer, create again a load-balancer but this time select the Internal scheme. Then select the virtual network and the internal subnet (where are the application servers). To finish, select the resource group and set a static IP address.

Next, open the settings of this load-balancer and select Backend Pools.

Then create a backend pool and select the AppTier availability set and its Azure VMs.

Then I create a probe to verify the health of the application on port TCP/1234.

To finish, I create the load-balacing rule based on the previous probe to route the traffic to healthy servers.

The post Deploy highly available IaaS service in Azure Resource Manager appeared first on Tech-Coffee.

In this topic, I’ll talk about Azure IaaS and how to deploy a first virtual machine in ARM from scratch. I’ll show you how to deploy resources by using GUI or PowerShell. Covered features will be:

• Resource group
• Storage account
• Virtual Network
• Azure VMs

Install Azure RM PowerShell module

To install the PowerShell module and to manage resource by using ARM, you have to download and install the module. By using PowerShell v5, you can run the below commands:

# Install the Azure Resource Manager modules from the PowerShell Gallery
Install-Module AzureRM
Install-AzureRM
# Import AzureRM modules for the given version manifest in the AzureRM module
Import-AzureRM

Logon to Azure Portal and select the subscription

To logon to the Azure Portal by using the web browser, you can browse to https://portal.azure.com. By using PowerShell, you can run the below command:

Add-AzureRMAccount

If like me, you have multiple subscriptions associated to your tenant, you have to select the right one. If you use the web browser, you can select the subscription by clicking on your name on top right.

In PowerShell, you have to use this cmdlet:

Select-AzureRMSubscription

But before running this command you need to get the subscription id by using Get-AzureRMSubscription:

Once you have the subscription ID you can use the Select-AzureRMSubscription as below:

Create the resource group

All resources that I will create will belong to the same resource group. This resource group will contain the storage account, the virtual network and the Azure VMs (and its NICs).

To create the resource group by using the GUI, click on resource groups and select add. Then give a name to your resource group and chose the location.

By using PowerShell, you have just to run the below command:

New-AzureRmResourceGroup -Name MyRG -Location "West Europe"

Now I have my resource group which is ready.

Create the storage account

To have more information about how works storage account, you can read this topic.

To create a Storage Account by using the GUI, just select new Data + Storage and select Storage account.

Then give a name (lower case, no special char) to your storage account and choose the storage account type. Then select the resource group that you have previously created.

To create the same storage account by using PowerShell, you can run the below command:

New-AzureRmStorageAccount -ResourceGroupName MyRG `
                          -Name stoaccountlab `
                          -Type Standard_LRS `
                          -Location "West Europe"

Then your storage account is created:

Create the virtual network

The virtual network is required to connect Azure VM to the network. The virtual network is an address space (as 10.0.0.0/8) that have to be split in the subnet. Then Azure VM will belong to a subnet.

To create the virtual network, just click on New, Networking, Virtual Network and create.

Then give a name to the virtual network, specify the address space, the subnet name and its address range. Select the resource group that you have previously created and select the location.

New-AzureRmVirtualNetwork -Name MyNetwork -ResourceGroupName MyRG -Location "West Europe" -AddressPrefix 192.168.0.0/16
$VirtualNetwork = Get-AzureRmVirtualNetwork -Name MyNetwork -ResourceGroupName MyRG
Add-AzureRmVirtualNetworkSubnetConfig -Name Internal -VirtualNetwork $VirtualNetwork -AddressPrefix 192.168.0.0/24
Set-AzureRmVirtualNetwork -VirtualNetwork $VirtualNetwork

You can see the subnets in the virtual network, you can click on settings and select subnets. You can add more subnets by clicking on Add.

Create the Azure VM in Resource Manager

In this example I will create a Windows Server 2012R2 Azure VM. Its virtual disk will be stored in the storage account that we have created and connected in the above subnet. To create the VM, just click on New, Compute and select the Windows Server 2012 R2 Datacenter image.

Then specify the basic settings of the VM as its name, a username and password. Specify also the resource group that we have created previously.

Next chose the size of the VM and click ok.

To finish, specify the storage account, the virtual network and the subnet. The public IP is required if you need to access to your VM from an IP address. The network security group enable you to deploy filter as a firewall.

Once you have finished to set your VM, you can jump to summary section and click on OK to launch the VM creation.

You can do the same thing by using PowerShell but it is a little bit more complex than previous PowerShell operations.

# Set values for existing resource group and storage account names
$rgName="MyRG"
$locName="West Europe"
$saName="stoaccountlab"
# Ask for VM credential
$cred=Get-Credential -Message "Type the name and password of the local administrator account."
# Set the existing virtual network and subnet index
$vnetName="MyNetwork"
$subnetIndex=0
$vnet=Get-AzureRMVirtualNetwork -Name $vnetName -ResourceGroupName $rgName

# Create the NIC.
$nicName="VM01-NIC"
$pip=New-AzureRmPublicIpAddress -Name $nicName -ResourceGroupName $rgName -Location $locName -AllocationMethod Dynamic
$nic=New-AzureRmNetworkInterface -Name $nicName -ResourceGroupName $rgName -Location $locName -SubnetId $vnet.Subnets[$subnetIndex].Id -PublicIpAddressId $pip.Id

# Specify the name, size, and existing availability set
$vmName="VM01"
$vmSize="Basic_A1"
$vm=New-AzureRmVMConfig -VMName $vmName -VMSize $vmSize

# Specify the image and local administrator account, and then add the NIC
$pubName="MicrosoftWindowsServer"
$offerName="WindowsServer"
$skuName="2012-R2-Datacenter"
$vm=Set-AzureRmVMOperatingSystem -VM $vm -Windows -ComputerName $vmName -Credential $cred -ProvisionVMAgent -EnableAutoUpdate
$vm=Set-AzureRmVMSourceImage -VM $vm -PublisherName $pubName -Offer $offerName -Skus $skuName -Version "latest"
$vm=Add-AzureRmVMNetworkInterface -VM $vm -Id $nic.Id

# Specify the OS disk name and create the VM
$diskName="OSDisk"
$storageAcc=Get-AzureRmStorageAccount -ResourceGroupName $rgName -Name $saName
$osDiskUri=$storageAcc.PrimaryEndpoints.Blob.ToString() + "vhds/" + $vmName + $diskName + ".vhd"
$vm=Set-AzureRmVMOSDisk -VM $vm -Name $diskName -VhdUri $osDiskUri -CreateOption fromImage
New-AzureRmVM -ResourceGroupName $rgName -Location $locName -VM $vm

Once the script has run, the VM is created with a public IP and a private IP. This VM belongs to MyRG resource group.

And as you can see, all resources that I have created previously are in MyRG resource group.

Conclusion

I think the new Azure deployment model is more flexible than the old. First, Cloud Services are not required anymore for IaaS and it is a great thing. Secondly the resource group are great to manage the lifecycle of an application because you can update resources without impact on other application in others resource groups. Thirdly you can use a JSON to deploy consistently on AzureStack and Microsoft Azure. To finish, cmdlets are the same than the old deployment model except that the commands contain RM (ex: Get-AzureRMVM). So why not move to the new deployment model? J

The post Getting started with Azure IaaS in Resource Manager appeared first on Tech-Coffee.

• Standard Azure Portal: https://manage.windowsazure.com
• Preview Portal: https://portal.azure.com

The Standard Azure Portal is based on the REST API called Service Management while the Preview Portal is based on Azure Resource Manager (ARM). Microsoft introduces ARM to simplify the deployment in their Public Cloud thanks to reusable template written in JSON. We will see in the next section that this template is declarative and describes the resource and its properties that you want to deploy. So it is easy to deploy your development, validation and production environments with the same template. It enables to avoid mistakes and configuration drift. To finish, these templates will be reusable in the AzureStack solution. With ARM and template, you enter in the DevOps worldJ.

This topic is not intended to teach you everything about the Azure Resource Manager template. I write this topic to make a quick overview. To go in deep, I recommend you to check links referenced in the documentation section.

Documentation

Before getting to the heart of the matter, I want to share with you some resources that may interest you:

• Authoring Azure Resource Manager Templates by Tom FitzMacken
• Cloud Consistency with Azure Resource Manager by Kristian Nese
• Azure Resource Manager DevOps Jump Start by David Tesar and Kevin Lam

Recommended stuff

Nothing is mandatory to create and edit your JSON template. But some software can ease your life. However to deploy resources in Azure, you need an Azure subscription. Below you can find the recommended software:

• Azure PowerShell module: it enables to control Azure Resource by using PowerShell. You can download it here;
• Visual Studio 2015: I use Visual Studio 2015 Community. It is an Integrated Development Environment (IDE). You can download it here;
• Azure SDK for .NET: It is the development kit for Microsoft Azure. Be sure to download Azure SDK for Visual Studio 2015. You can download it here.

Azure Resource Manager template

Structure

The template structure looks like this:

{
 "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
 "contentVersion": "",
 "parameters": { },
 "variables": { },
 "resources": [ ],
 "outputs": { }
 }

In the below table, you can find the description of each part of the JSON structure. This table comes from Authoring Azure Resource Manager Templates topic.

Parameters part

In the parameters part, you define which settings will be asked to users when the deployment will be executed. Below you can find an example of a simple parameter:

"StoAccountName": {
        "type": "string",
 }

This parameter is called StoAccountName and its type is a string. When the deployment will be executed, the user will be asked to set the StoAccountName parameter. You can add a default value for this parameter as below. However, if you specify another value during deployment, the specified value will replace the defaultValue.

"StoAccountName": {
       "type": "string",
       "defaultValue": "techcoffeevmsto",
}

To finish you can specify a list of allowed values by using allowedValues. You may have noticed that in the below example, the allowed values are between brackets because it is a table.

"StorageAccountType": {
        "type": "string",
        "allowedValues": [
            "Standard_LRS",
            "Standard_GRS",
            "Standard_ZRS"
        ]
}

The allowed parameter types are:

• String
• SecureString (usually for password)
• int (Integer)
• bool (Boolean)
• object
• array

You can create a file that contains values of each parameter to avoid to specify them each time you execute a deployment. Below this is an example of a parameter file:

"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "StorageAccountType": {
            "value": "Standard_LRS"
        },
        "VirtualNetworkName": {
            "value": "TechCoffeevNet"
        },
        "StoAccountName": {
            "value": "techcoffeevmstorage"
        }    
    }
}

To call a parameter in the JSON template, you can use parameters(‘<ParameterName>’).

Variables part

Variables are used to simplify the readability of the template and to reuse several times a same value but specified one time. You can use parameters to construct variables. Below some examples:

"VMWEBImageOffer": "WindowsServer",
"VMWEBOSDiskName": "[concat(parameters('VMWEBName'), '_OSDisk')]",
"ResourcesLocation": "[ResourceGroup().location]"

VMWEBImageOffer is a variable that containing WindowsServer string.

VMWebOSDiskName variable contains a concatenation of the value of the VMWEBName parameters and the string _OSDisk. For example, if VMWebName parameter is VMWEB01, the VMWEBOSDiskName variable contains VMWEB01_OSDisk.

To finish ResourcesLocation contains the location of the resource group where the resources will be deployed.

You can call a variable in the JSON template by using variables(‘<VariableName>’).

Resources part

In this part you define the resource that will be deployed in Microsoft Azure (Virtual Machines, vNICs, Storage Accounts and so on). If the object already exists, it will be updated with the settings specified in the template.

I really recommend you to use Visual Studio with Azure SDK because you can add a resource to the template with some clicks. When you have created an Azure Resource Group Project (Templates, Visual C# and Cloud), right click on resources in the JSON Outline and click on Add New Resource.

Select the resource that you want to add and click on Add. For example, below I add a Storage Account:

When you have clicked on add, you should have additional parameters, variables and resources as below:

{
    "name": "[parameters('mystoaccountName')]",
    "type": "Microsoft.Storage/storageAccounts",
    "location": "[parameters('mystoaccountLocation')]",
    "apiVersion": "2015-05-01-preview",
    "dependsOn": [ ],
    "tags": {
           "displayName": "mystoaccount"
     },
     "properties": {
           "accountType": "[parameters('mystoaccountType')]"
     }
}

Now you just have to change the properties of the resource group with your variables and parameters and the resource configuration is finished!

Make a loop

I know that I said earlier that I will not go deep in this topic, but I think loops are important to simplify your template. Loops enable you to declare one time a resource and make several deployments of this resource. For example, you can declare once a time a Virtual Machine and make a loop to create several instances with the same settings.

To make a loop, first you should create an integer parameter as below:

"WebInstanceCount": {
        "defaultValue": "2",
        "type": "int"
}

Now I’ll take an example of creating several vNICs by using a loop.

{
       "name": "[concat('vNIC_', parameters('VMWEBName'), copyindex(1))]",
       "type": "Microsoft.Network/networkInterfaces",
       "location": "[variables('ResourcesLocation')]",
       "apiVersion": "2015-05-01-preview",
        "copy": {
            "name": "VMWEBNicLoop",
            "count": "[parameters('WebInstanceCount')]"

        }
}

First, you can see copy element that enables to specify a loop name and a counter. So in count element, I specify my parameter WebInstanceCount that has a default value of 2. So two vNIC will be created by using this loop.

Now I want to get the counter index to name my vNIC (to name them vNIC1, vNIC2 and so on). So I use copyindex() function. You can find it in the above example in the name element. The number 1 specified in the copyindex() function enables me to shift the index by 1. I do that because the index start from 0 but I don’t want a vNIC called vNIC0. So I have shifted the index by 1 to start from vNIC1.

Deploy the template

You can deploy the template directly from Visual Studio, by using PowerShell or from the Azure Marketplace (template deployment).

Deploy from Visual Studio

To deploy your resource from Visual Studio, right click on your project and select Deploy.

Next, select your account, your subscription and so on. You can fill automatically your parameter files by clicking on Edit Parameters.

In Edit Parameters, you can specify the parameter values. When you have specified the AllowedValues element in parameters, you have a drop-down menu instead of a field.

Deploy from Azure Portal

You can also deploy the JSON directly from the Azure Portal. Navigate to the marketplace and find template deployment.

Now you just have to past your JSON template and set the parameters, the resource group and so on:

Deploy from PowerShell

Here is my favorite method. You can deploy the template from PowerShell by using the New-AzureResourceGroup cmdlet. First connect to your subscription.

Next run the following command:

New-AzureResourceGroup -Name TechCoffeeLab `
                       -Location "West US" `
                       -DeploymentName TechCoffeeDep `
                       -TemplateParameterFile C:\temp\TechCoffeeLab.param.json `
                       -TemplateFile C:\temp\TechCoffeeLab.json `
                       -verbose

You can find my JSON files on my GitHub repository: https://github.com/SerreRom/TechCoffee

Now that the deployment is finished you can open your Azure Portal to see your resources deployed:

Conclusion

This topic presents you a quick overview of the Azure Resource Manager Template. To go in deep, I recommend you to check links referenced in the documentation section. As you have seen in this topic, template enables to make consistent deployments, even if you have several environments as testing, validation and production. Moreover, you can update quickly some settings just by changing the values in the template. To finish you can leverage on Azure VM Extensions to configure your Virtual Machines as you want (run scripts, Desired State configuration and so on) during the deployment. And JSON template will be compatible with Azure Stack J.

The post Deploy Azure Resources with JSON template appeared first on Tech-Coffee.