Labs on Microsoft Azure

(and Dev, Test, & Demo systems)

About the presenter

Wesley Fernandes Vieira

Sr. Partner Technical
Consultant
wesleyf@microsoft.com LATAMPTS@microsoft.com

Consultor de infraestrutura desde 2005

Desde 2008 como consultor na Microsoft (MCS)

Desde 2012 como Partner Technical Consultant

Especialista em Datacenter e Desktop

About the presenter

Eumar Assis
Sr. Partner Technical
Consultant
latampts@Microsoft.com | eassis@microsoft.com |

Desenvolvedor Microsoft h 10 anos

@eumarassis

Juntou-se GPS no incio de 2012

Atuava em Cleveland, OH - USA em 2011
Microsoft Services em 2010
Grandes portais e parceiros do Brasil

CICLO DE
VIDA DO
PROJETO

LATAM Partner Services Apoio tcnico em pr-vendas, consultoria e

treinamento
Ajuda
Ajudar
Vender

PR-VENDAS TCNICAS

OFERTAS

SERVIOS

Competir com confiana,

apoiados por consultores
da Microsoft que tm os
conhecimentos mais
recentes do produto,
vendas tcnicas e
entrega.
Viso & Valor de produtos e
solues
Assistncia tcnica
competitiva
Demos & suporte POC

ASSESSORIA

Servios de consultoria para

ajudar nas implementaes de
projeto
Servios de consultoria em:
Orientao para implantao
Orientao para
desenvolvimento
Assistncia de migrao
Otimizao
Arquitetura

REAS
DE
SOLU
O

Assessoria ilimitada para

oportunidades acima U$ 3000

Desktop

Messaging

Ajuda
Habilitar

Implementar

Datacenter

TREINAMENTO
Obter vises gerais do produto, vendas
tcnicas e conhecimento profundo em
solues
Expanda a sua prtica de servios e
implantar com xito as solues Microsoft.
Talleres
Workshops
tcnicos de
tcnicos/preventa
pr-vendas

Acelerador de Prtica
(PA)

Workshops tcnicos
profundo

Gratuito para
parceiros do MPN

Use suas horas de consultoria do MPN

Collaboration &
Content

Como eu poderia obter o acesso a

estes servios?

Application
Development

Business
Intelligence

Platform as a
Service

Partner Technical Services / Servios em: Espanhol, Portugus, &

Ingls
latampts@microsoft.com
RSC: 0-800-761-7454, 11-4706-0900
Acesso a comunidades tcnicas Online

Module 0: Welcome!

Introductions

After completing this training you will be able to:

Sign up for Microsoft Azure

Explain how to create a virtual machine in Azure

Create a custom virtual machine

Share virtual machines between users

Upload virtual machines from Hyper-V to Azure

Create Virtual Machines through automated scripts via PowerShell

Module 1: Getting Started on Microsoft

Azure
After completing this Module you will:

Be able to set up an Azure Account

Be able to navigate Azure Portal

Understand the pricing and licensing model in Microsoft Azure

Module 2: VMs on Azure The Basics

After completing this module this module you will:

Be able to provision a VM in Azure from the existing image gallery

Understand some of the architecture behind Azure VMs

Understanding the Architecture

Understanding the Architecture

Tip

Create things like the Storage Accounts and Cloud Services before creating
VMs if you want to use logical names.
Custom Logical Names

Auto Generated Names

Overview: Cloud Services

Cloud Service acts as a network and security
boundary for virtual machines.
Cloud service URL is mapped to a public IP
when there is at least one active virtual
machine.

contososvc.cloudapp.net
137.135.67.36

http://contosvc.cloudapp.net = 137.135.67.36

All external traffic to virtual machines uses this

IP.
Demo-VM1 Demo-VM2

Overview: Connectivity in Azure

cloudservice.cloudapp.net VIP

Input Endpoint

VIP: Input Endpoint

Forwards public -> private traffic per port

Listens on public IP Address of cloud service
Optionally load balanced across multiple virtual
machines
Supported protocols: TCP/UDP
Default Endpoints: RDP and PowerShell

Public Virtual IP Address (VIP)

Public IP Address of the cloud service
Can change if all virtual machines are deleted

Internal IP Address(s)

Internal IP Address
Internal IP Address of a virtual machine set by
Windows Azure from its own address pool or your
own address pool if using a virtual network. Can
change unless deployed into a virtual network.

Understanding the Architecture

Virtual Machine Limits

50 Virtual Machines per cloud service.

150 Input Endpoints per cloud service.

20 Cloud Services Per Subscription.

Module 3: Creating Custom Images

After completing this module you will:

Be able to customize a VM and save it to the VM Gallery

Be able to create VMs from the images saved in the Gallery

Module 4: Introduction to Azure Storage

After completing this module you will:

Understand how the VHD files are stored in Azure and how you can manage
your storage accounts.

Storage Architecture

Locally Redundant Storage

Windows Azure Storage

Locally Redundant Storage

Windows Azure Storage

Replication

Windows Azure Storage

Geo-Redundant Storage

WEST
DC

EAST
DC

> 500 miles

Continuous
storage

Windows Azure Storage

Azure Storage Management Tools

Name

Block Blobs

Page Blobs

Tables

Queues

Platform

Price

License

CloudBerry Explorer

Windows

Free / $39.99 Pro

Proprietary

Visual Studio + Azure SDK

Windows

From free

Proprietary

Azure Explorer

Windows

Free

Proprietary

Azure Blob Studio 2011

Windows

Free

MsPL

Azure Management Studio

Windows

$195

Proprietary

CloudXplorer

Windows

$35

Proprietary

Zudio

Web

$8/m or $80/yr

Proprietary

Azure Storage Explorer

Windows

Free

CDDL

http://storagetools.azurewebsites.net/

Module 5: Managing VHDs and Image

Files
After completing this module you will:

Understand the difference between an image and a disk

Know how to copy VMs from sources outside Azure and prepare them for use
in Azure

Image vs. Disk

Sysprepped
Image

VM #3
VM #2
VM #1

Name:
My Company App
Demo

Name:
Contoso Demo

Disk
Non-Sysprepped

VM #1

Name: Tailspin
Toys Demo

Name: Tailspin
Toys Demo

Uploading VMs to Azure

Sysprepped
Image
Name:
My Company App
Demo

OR
Disk
Non-Sysprepped
Name: Tailspin
Toys Demo

Upload to Azure

Download from Azure

Uploading VMs to Azure

1. Prepare the Image to be uploaded

2. Create a storage account in Azure & container

3. Prepare the connection to Microsoft Azure

4. Upload the VHD file

http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-create-uploa
d-vhd-windows-server
/

TIPs : Uploading VMs to Azure

Tips for success and saving time:

Fixed Format disk. (127 GB limit per disk)

Dynamic IP Address

Admin User Account

VHD vs. VHDX

Enable Remote Desktop

Module 6: Using PowerShell with Azure

After completing this module you will:

Begin using PowerShell to provision VMs in Azure

Understand how to use PowerShell to provision services in Azure

Connecting to Azure

Using the Azure AD method

Add-AzureAccount
Authenticate to using credential information

Using the certificate method

Get-AzurePublishSettingsFile
Import-AzurePublishSettingsFile
Download and import subscription information contained in a .publishsettings file

Information Needed to Create a VM

Image Name
Get-AzureVMImage | select ImageName

Disk Name
Get-AzureDisk | select DiskName

Data Center Location

Get-AzureLocation

Common Settings
Name
The name of the Virtual Machine

AvailabilitySetName
The availability set (used for high availability)

InstanceSize
ExtraSmall, Small, Medium, Large, ExtraLarge

Virtual Machine Provisioning

Quick VM Provisioning Mode
Supports VM Creation in a Single Cmdlet
New-AzureQuickVM Windows ServiceName $svc Name $vm1 ImageName $wimg
Location $location Password $pwd

Advanced Provisioning Configuration Mode

Provision With Endpoints and Data Disks
New-AzureVMConfig Name $vm1 InstanceSize Medium ImageName $img |
Add-AzureProvisioningConfig Windows Password $pwd |
Add-AzureDataDisk CreateNew DiskLabel Data DiskSizeInGB 10 LUN 0 |
Add-AzureEndPoint Name web PublicPort 80 LocalPort 80 Protocol TCP

Create Multiple Pre-Defined VMs in a Batch

New-AzureVM -VMs $vm1, $vm2, $vm3

Provisioning Options
Windows

Add-AzureProvisioningConfig Options
-Windows -Password $pwd
-WindowsDomain -Password $pwd
-Domain $dom, -JoinDomain $fqdn, -DomainUser $domUser
-DomainPassword $domPwd -MachineObjectOU $ou
-DisableAutomaticUpdates
-NoRDPEndpoint, -TimeZone, Certificates

Linux

Add-AzureProvisioningConfig Options
-Linux
-LinuxUser $user -Password $pwd
-DisableSSH , -NoSSHEndpoint
-SSHKeyPairs, -SSHPublicKeys
installed from certificates deployed in cloud service

Virtual Machine Storage

Data Disks
Add/Remove data disks at boot or while running
Create blank or attach existing disks
Add-AzureDataDisk CreateNew DiskLabel Data DiskSizeInGB 10 LUN 0

Modify Cache Settings of OS Disk or Data Disk

Modifying OS Disk while running requires reboot
Set-AzureOSDisk "ReadWrite" VM $vm1
Set-AzureDataDisk -VM $vm1 -LUN 2 -HostCaching ReadOnly

Deploying into a Virtual Network

Virtual Machine Settings

Set Subnet on VM
Set-AzureSubnet

Deployment Settings
Set Virtual Network
-VNetName
Set DNS Servers
- New-AzureDns and -DNSSettings

Demo

Publishing a web farm using Azure PowerShell

Module 7: Azure VMs Best Practices

After completing this module you will:

Be able to describe the best practices for managing and deploying VMs in
Azure

Best Practices for Azure VM Compute

Turn off your virtual machines when not in use

Estimate and limit your virtual machine count

You will not be charged for virtual machines that are Stopped (Deallocated)

Do you need full capacity 24/7? Probably not

Do you need all of that?

Approximately: 1 XL = 2 L = 4 M = 8 S (regarding costs)

Start small Scale up/down more granularly

Configure Endpoints which is specifically required.

Secure access to your Azure VM with ACLS. Endpoint Access Control Lists (ACLs)
allow the administrator to enable granular network access for configured endpoints.

Best Practices for Azure VM Storage

Temporary Disks:

The temporary disk is very useful for data that is temporary in nature. This disk however may not remain
through standard VM lifecycle events like restart. A great use for the temporary disk is the pagefile. A
common misconfiguration that we have seen is customers placing a SQL database file or Windows AD
files on temporary storage.

Uploaded OS Disks:

When utilizing an OS disk uploaded to Azure, the following best practices should be taken after starting
the VM in Azure:

Move the pagefile to the temporary disk

Configure activation

Configure SAN Policy to automatically online new volumes

Configure Keep-Alive to avoid RDP session timeouts

Ref.
http://azure.microsoft.com/blog/2014/05/08/virtual-machines-best-practices-single-vms-temporary-sto
rage-and-uploaded-disks
/

Best Practices for Azure VM

Networking

Virtual Machines get an internal IP address and a public virtual IP address.

Design your infrastructure taking into consideration that Azure network IP addressing follows RFC1918
definitions. This includes IP addresses in the following ranges:

10.0.0.0 - 10.255.255.255 (10/8 prefix)

172.16.0.0 - 172.31.255.255 (172.16/12 prefix)

192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

Virtual Networks are Layer-3 overlays. Azure does not support any Layer 2 semantics.
Azure will support standard IP-based protocols within the virtual network. However, it will block multicast,
broadcast, IP-in-IP encapsulated packets and Generic Routing Encapsulation (GRE) packets. Standard protocols
include:

TCP

UDP

ICMP

Azure provides a gateway service that enables cross-premises connectivity. It requires 2 IP addresses from your
routing domain to enable routing between your premises and the cloud. It requires you to specify at least a /29
subnet from which it can pick IP addresses for setting up routes.

Tips and Tricks for Managing Azure VMs

Always leverage Availability Sets to get SLA.

Never place intensive read/write information on the Windows System Drive for
improved performance.

Turn off VMs when not in use. Shut them down through the portal or PowerShell,
not just the OS.

When copying VHDs from another source:

Create Storage Accounts and Cloud Services with logical names ahead of time.

If you will be moving VHDs and copying them, do all the work in the same data
center when possible.

Turn off certain features like geo-location for cost savings.

As an IT person, have backups of the critical VHDs! Confirm the name of this
service

Other Ways to Use Azure VMs

Configure an environment that matches each of your customers installed

components. Then when they call for support spin up the VM quickly.

If you have a demo of your solution you do frequently enable it in an

image in azure. Then when at a customer site, anyone can connect to use
it. You could share it with the customer, etc.

Virtualize domain controllers

Developer scenarios and common support scenarios for different versions

of your products.

Expand your data center capacity

Learn new products / build training environments

Store large amounts of data

Module 8: Summary
After completing this training you are now able to:

Sign up for Windows Azure

Provision virtual machines in Azure

Create custom VM Images

Understand and manage Azure storage

Manage VHD and Image files

Use PowerShell with Azure VMs

Understand some Azure VM best practices

Additional Resources

See the Additional Resources folder for more information and how-to guides
around Azure Infrastructure Services

Common PowerShell Tasks

Azure Documentation and Blog resources

3rd Party Tools and Support

Going Deeper on Azure

Partner Practice Enablement: Windows Azure Technical Training

Access Microsoft Partner learning path here

Download Azure training kit from here

Drop an email to latampts@microsoft.com for any questions/clarifications

Do you want to learn more and become an expert

on Azure?
Our Team, LATAMPTS, has other Microsoft Azure
offerings to help you in a personalized 1:1
Labs on Azure 1:1
Starter Kits Dev and Test
experience.
We will focus on teaching
partners how to use Azure for lab
machines. Microsoft Azure Virtual
Machines is a low-cost, easy to
use solution that most
partners have access to
today, except they are not using
it.

A set of deliverables,
packaged as an offering.
Starter kits are designed to show
a partner a specific scenario in
Azure that could be possible for
them to build and equip them in
the technical sales cycle.
Supports you to create a
profitable business.

- Get a personalized 1-1 experience with a PTC

- Get hands-on experience during the session while being guided