ITGuyLevi/StudyStuff
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Upload files to "AZ104/MicrosoftAureAdministrator/Instructions/Labs"

Browse Source
This commit is contained in:
ITGuyLevi
2023-10-06 04:38:58 -07:00
parent 0b1722d3ec
commit 325e4c65d5
5 changed files with 1606 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

320
AZ104/MicrosoftAureAdministrator/Instructions/Labs/LAB_07-Manage_Azure_Storage.md Normal file
View File

@@ -0,0 +1,320 @@
---
lab:
title: '07 - Manage Azure storage'
module: 'Module 07 - Azure Storage'
---
# Lab 07 - Manage Azure Storage
# Student lab manual
## Lab scenario
You need to evaluate the use of Azure storage for storing files residing currently in on-premises data stores. While majority of these files are not accessed frequently, there are some exceptions. You would like to minimize cost of storage by placing less frequently accessed files in lower-priced storage tiers. You also plan to explore different protection mechanisms that Azure Storage offers, including network access, authentication, authorization, and replication. Finally, you want to determine to what extent Azure Files service might be suitable for hosting your on-premises file shares.
## Objectives
In this lab, you will:
+ Task 1: Provision the lab environment
+ Task 2: Create and configure Azure Storage accounts
+ Task 3: Manage blob storage
+ Task 4: Manage authentication and authorization for Azure Storage
+ Task 5: Create and configure an Azure Files shares
+ Task 6: Manage network access for Azure Storage
## Estimated timing: 40 minutes
## Architecture diagram
![image](../media/lab07.png)
## Instructions
### Exercise 1
#### Task 1: Provision the lab environment
In this task, you will deploy an Azure virtual machine that you will use later in this lab.
1. Sign in to the [Azure portal](https://portal.azure.com).
1. In the Azure portal, open the **Azure Cloud Shell** by clicking on the icon in the top right of the Azure Portal.
1. If prompted to select either **Bash** or **PowerShell**, select **PowerShell**.
>**Note**: If this is the first time you are starting **Cloud Shell** and you are presented with the **You have no storage mounted** message, select the subscription you are using in this lab, and click **Create storage**.
1. In the toolbar of the Cloud Shell pane, click the **Upload/Download files** icon, in the drop-down menu, click **Upload** and upload the files **\\Allfiles\\Labs\\07\\az104-07-vm-template.json** and **\\Allfiles\\Labs\\07\\az104-07-vm-parameters.json** into the Cloud Shell home directory.
1. From the Cloud Shell pane, run the following to create the resource group that will be hosting the virtual machine (replace the `[Azure_region]` placeholder with the name of an Azure region where you intend to deploy the Azure virtual machine)
>**Note**: To list the names of Azure regions, run `(Get-AzLocation).Location`
```powershell
$location = '[Azure_region]'
$rgName = 'az104-07-rg0'
New-AzResourceGroup -Name $rgName -Location $location
```
1. From the Cloud Shell pane, run the following to deploy the virtual machine by using the uploaded template and parameter files:
```powershell
New-AzResourceGroupDeployment `
-ResourceGroupName $rgName `
-TemplateFile $HOME/az104-07-vm-template.json `
-TemplateParameterFile $HOME/az104-07-vm-parameters.json `
-AsJob
```
>**Note**: Do not wait for the deployments to complete, but proceed to the next task.
1. Close the Cloud Shell pane.
#### Task 2: Create and configure Azure Storage accounts
In this task, you will create and configure an Azure Storage account.
1. In the Azure portal, search for and select **Storage accounts**, and then click **+ Create**.
1. On the **Basics** tab of the **Create storage account** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Subscription | the name of the Azure subscription you are using in this lab |
| Resource group | the name of a **new** resource group **az104-07-rg1** |
| Storage account name | any globally unique name between 3 and 24 in length consisting of letters and digits |
| Location | the name of an Azure region where you can create an Azure Storage account |
| Performance | **Standard** |
| Redundancy | **Geo-redundant storage (GRS)** |
1. Click **Next: Advanced >**, on the **Advanced** tab of the **Create storage account** blade, review the available options, accept the defaults, and click **Next: Networking >**.
1. On the **Networking** tab of the **Create storage account** blade, review the available options, accept the default option **Public endpoint (all networks}** and click **Next: Data protection >**.
1. On the **Data protection** tab of the **Create storage account** blade, review the available options, accept the defaults, click **Review + Create**, wait for the validation process to complete and click **Create**.
>**Note**: Wait for the Storage account to be created. This should take about 2 minutes.
1. On the deployment blade, click **Go to resource** to display the Azure Storage account blade.
1. On the Storage account blade, in the **Data management** section, click **Geo-replication** and note the secondary location.
1. On the Storage account blade, in the **Settings** section, select **Configuration**, in the **Replication** drop-down list select **Locally redundant storage (LRS)** and save the change.
1. Switch back to the **Geo-replication** blade and note that, at this point, the Storage account has only the primary location.
1. Display again the **Configuration** blade of the Storage account, set **Blob access tier (default)** to **Cool**, and save the change.
> **Note**: The cool access tier is optimal for data which is not accessed frequently.
#### Task 3: Manage blob storage
In this task, you will create a blob container and upload a blob into it.
1. On the Storage account blade, in the **Data storage** section, click **Containers**.
1. Click **+ Container** and create a container with the following settings:
| Setting | Value |
| --- | --- |
| Name | **az104-07-container** |
| Public access level | **Private (no anonymous access)** |
1. In the list of containers, click **az104-07-container** and then click **Upload**.
1. Browse to **\\Allfiles\\Labs\\07\\LICENSE** on your lab computer and click **Open**.
1. On the **Upload blob** blade, expand the **Advanced** section and specify the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Authentication type | **Account key** |
| Blob type | **Block blob** |
| Block size | **4 MB** |
| Access tier | **Hot** |
| Upload to folder | **licenses** |
> **Note**: Access tier can be set for individual blobs.
1. Click **Upload**.
> **Note**: Note that the upload automatically created a subfolder named **licenses**.
1. Back on the **az104-07-container** blade, click **licenses** and then click **LICENSE**.
1. On the **licenses/LICENSE** blade, review the available options.
> **Note**: You have the option to download the blob, change its access tier (it is currently set to **Hot**), acquire a lease, which would change its lease status to **Locked** (it is currently set to **Unlocked**) and protect the blob from being modified or deleted, as well as assign custom metadata (by specifying an arbitrary key and value pairs). You also have the ability to **Edit** the file directly within the Azure portal interface, without downloading it first. You can also create snapshots, as well as generate a SAS token (you will explore this option in the next task).
#### Task 4: Manage authentication and authorization for Azure Storage
In this task, you will configure authentication and authorization for Azure Storage.
1. On the **licenses/LICENSE** blade, on the **Overview** tab, click **Copy to clipboard** button next to the **URL** entry.
1. Open another browser window by using InPrivate mode and navigate to the URL you copied in the previous step.
1. You should be presented with an XML-formatted message stating **ResourceNotFound** or **PublicAccessNotPermitted**.
> **Note**: This is expected, since the container you created has the public access level set to **Private (no anonymous access)**.
1. Close the InPrivate mode browser window, return to the browser window showing the **licenses/LICENSE** blade of the Azure Storage container, and switch to the the **Generate SAS** tab.
1. On the **Generate SAS** tab of the **licenses/LICENSE** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Signing key | **Key 1** |
| Permissions | **Read** |
| Start date | yesterday's date |
| Start time | current time |
| Expiry date | tomorrow's date |
| Expiry time | current time |
| Allowed IP addresses | leave blank |
1. Click **Generate SAS token and URL**.
1. Click **Copy to clipboard** button next to the **Blob SAS URL** entry.
1. Open another browser window by using InPrivate mode and navigate to the URL you copied in the previous step.
> **Note**: If you are using Microsoft Edge, you should be presented with the **The MIT License (MIT)** page. If you are using Chrome, Microsoft Edge (Chromium) or Firefox, you should be able to view the content of the file by downloading it and opening it with Notepad.
> **Note**: This is expected, since now your access is authorized based on the newly generated the SAS token.
> **Note**: Save the blob SAS URL. You will need it later in this lab.
1. Close the InPrivate mode browser window, return to the browser window showing the **licenses/LICENSE** blade of the Azure Storage container, and from there, navigate back to the **az104-07-container** blade.
1. Click the **Switch to the Azure AD User Account** link next to the **Authentication method** label.
> **Note**: You can see an error when you change the authentication method (the error is *"You do not have permissions to list the data using your user account with Azure AD"*). It is expected.
> **Note**: At this point, you do not have permissions to change the Authentication method.
1. On the **az104-07-container** blade, click **Access Control (IAM)**.
1. In the **Add** section, click **Add a role assignment**.
1. On the **Add role assignment** blade, specify the following settings:
| Setting | Value |
| --- | --- |
| Role | **Storage Blob Data Owner** |
| Assign access to | **User, group, or service principal** |
| Select | the name of your user account |
1. Save the change and return to the **Overview** blade of the **az104-07-container** container and verify that you can change the Authentication method to (Switch to Azure AD User Account).
> **Note**: It might take about 5 minutes for the change to take effect.
#### Task 5: Create and configure an Azure Files shares
In this task, you will create and configure Azure Files shares.
> **Note**: Before you start this task, verify that the virtual machine you provisioned in the first task of this lab is running.
1. In the Azure portal, navigate back to the blade of the storage account you created in the first task of this lab and, in the **Data storage** section, click **File shares**.
1. Click **+ File share** and create a file share with the following settings:
| Setting | Value |
| --- | --- |
| Name | **az104-07-share** |
1. Click the newly created file share and click **Connect**.
1. On the **Connect** blade, ensure that the **Windows** tab is selected. Below you will find a grey textbox with a script, in the bottom right corner of that box hover over the pages icon and click **Copy to clipboard**.
1. In the Azure portal, search for and select **Virtual machines**, and, in the list of virtual machines, click **az104-07-vm0**.
1. On the **az104-07-vm0** blade, in the **Operations** section, click **Run command**.
1. On the **az104-07-vm0 - Run command** blade, click **RunPowerShellScript**.
1. On the **Run Command Script** blade, paste the script you copied earlier in this task into the **PowerShell Script** pane and click **Run**.
1. Verify that the script completed successfully.
1. Replace the content of the **PowerShell Script** pane with the following script and click **Run**:
```powershell
New-Item -Type Directory -Path 'Z:\az104-07-folder'
New-Item -Type File -Path 'Z:\az104-07-folder\az-104-07-file.txt'
```
1. Verify that the script completed successfully.
1. Navigate back to the **az104-07-share** file share blade, click **Refresh**, and verify that **az104-07-folder** appears in the list of folders.
1. Click **az104-07-folder** and verify that **az104-07-file.txt** appears in the list of files.
#### Task 6: Manage network access for Azure Storage
In this task, you will configure network access for Azure Storage.
1. In the Azure portal, navigate back to the blade of the storage account you created in the first task of this lab and, in the **Security + Networking** section, click **Networking** and then click **Firewalls and virtual networks**.
1. Click the **Selected networks** option and review the configuration settings that become available once this option is enabled.
> **Note**: You can use these settings to configure direct connectivity between Azure virtual machines on designated subnets of virtual networks and the storage account by using service endpoints.
1. Click the checkbox **Add your client IP address** and save the change.
1. Open another browser window by using InPrivate mode and navigate to the blob SAS URL you generated in the previous task.
1. You should be presented with the content of **The MIT License (MIT)** page.
> **Note**: This is expected, since you are connecting from your client IP address.
1. Close the InPrivate mode browser window, return to the browser window showing the **licenses/LICENSE** blade of the Azure Storage container.
1. In the Azure portal, open the **Azure Cloud Shell** by clicking on the icon in the top right of the Azure Portal.
1. If prompted to select either **Bash** or **PowerShell**, select **PowerShell**.
1. From the Cloud Shell pane, run the following to attempt downloading of the LICENSE blob from the **az104-07-container** container of the storage account (replace the `[blob SAS URL]` placeholder with the blob SAS URL you generated in the previous task):
```powershell
Invoke-WebRequest -URI '[blob SAS URL]'
```
1. Verify that the download attempt failed.
> **Note**: You should receive the message stating **AuthorizationFailure: This request is not authorized to perform this operation**. This is expected, since you are connecting from the IP address assigned to an Azure VM hosting the Cloud Shell instance.
1. Close the Cloud Shell pane.
#### Clean up resources
>**Note**: Remember to remove any newly created Azure resources that you no longer use. Removing unused resources ensures you will not see unexpected charges.
1. In the Azure portal, open the **PowerShell** session within the **Cloud Shell** pane.
1. List all resource groups created throughout the labs of this module by running the following command:
```powershell
Get-AzResourceGroup -Name 'az104-07*'
```
1. Delete all resource groups you created throughout the labs of this module by running the following command:
```powershell
Get-AzResourceGroup -Name 'az104-07*' | Remove-AzResourceGroup -Force -AsJob
```
>**Note**: The command executes asynchronously (as determined by the -AsJob parameter), so while you will be able to run another PowerShell command immediately afterwards within the same PowerShell session, it will take a few minutes before the resource groups are actually removed.
#### Review
In this lab, you have:
- Provisioned the lab environment
- Created and configured Azure Storage accounts
- Managed blob storage
- Managed authentication and authorization for Azure Storage
- Created and configured an Azure Files shares
- Managed network access for Azure Storage

650
AZ104/MicrosoftAureAdministrator/Instructions/Labs/LAB_08-Manage_Virtual_Machines.md Normal file
View File

@@ -0,0 +1,650 @@
---
lab:
title: '08 - Manage Virtual Machines'
module: 'Module 08 - Virtual Machines'
---
# Lab 08 - Manage Virtual Machines
# Student lab manual
## Lab scenario
You were tasked with identifying different options for deploying and configuring Azure virtual machines. First, you need to determine different compute and storage resiliency and scalability options you can implement when using Azure virtual machines. Next, you need to investigate compute and storage resiliency and scalability options that are available when using Azure virtual machine scale sets. You also want to explore the ability to automatically configure virtual machines and virtual machine scale sets by using the Azure Virtual Machine Custom Script extension.
## Objectives
In this lab, you will:
+ Task 1: Deploy zone-resilient Azure virtual machines by using the Azure portal and an Azure Resource Manager template
+ Task 2: Configure Azure virtual machines by using virtual machine extensions
+ Task 3: Scale compute and storage for Azure virtual machines
+ Task 4: Register the Microsoft.Insights and Microsoft.AlertsManagement resource providers
+ Task 5: Deploy zone-resilient Azure virtual machine scale sets by using the Azure portal
+ Task 6: Configure Azure virtual machine scale sets by using virtual machine extensions
+ Task 7: Scale compute and storage for Azure virtual machine scale sets (optional)
## Estimated timing: 50 minutes
## Architecture diagram
![image](../media/lab08.png)
## Instructions
### Exercise 1
#### Task 1: Deploy zone-resilient Azure virtual machines by using the Azure portal and an Azure Resource Manager template
In this task, you will deploy Azure virtual machines into different availability zones by using the Azure portal and an Azure Resource Manager template.
1. Sign in to the [Azure portal](http://portal.azure.com).
1. In the Azure portal, search for and select **Virtual machines** and, on the **Virtual machines** blade, click **+ Create**.
1. On the **Basics** tab of the **Create a virtual machine** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Subscription | the name of the Azure subscription you will be using in this lab |
| Resource group | the name of a new resource group **az104-08-rg01** |
| Virtual machine name | **az104-08-vm0** |
| Region | select one of the regions that support availability zones and where you can provision Azure virtual machines |
| Availability options | **Availability zone** |
| Availability zone | **1** |
| Image | **Windows Server 2019 Datacenter - Gen1/Gen2** |
| Azure Spot instance | **No** |
| Size | **Standard D2s v3** |
| Username | **Student** |
| Password | **Pa55w.rd1234** |
| Public inbound ports | **None** |
| Would you like to use an existing Windows Server license? | **No** |
1. Click **Next: Disks >** and, on the **Disks** tab of the **Create a virtual machine** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| OS disk type | **Premium SSD** |
| Enable Ultra Disk compatibility | **No** |
1. Click **Next: Networking >** and, on the **Networking** tab of the **Create a virtual machine** blade, click **Create new** below the **Virtual network** textbox.
1. On the **Create virtual network** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Name | **az104-08-rg01-vnet** |
| Address range | **10.80.0.0/20** |
| Subnet name | **subnet0** |
| Subnet range | **10.80.0.0/24** |
1. Click **OK** and, back on the **Networking** tab of the **Create a virtual machine** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Subnet | **subnet0** |
| Public IP | **default** |
| NIC network security group | **basic** |
| Public inbound Ports | **None** |
| Accelerated networking | **Off**
| Place this virtual machine behind an existing load balancing solution? | **No** |
1. Click **Next: Management >** and, on the **Management** tab of the **Create a virtual machine** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Boot diagnostics | **Enable with custom storage account** |
| Diagnostics storage account | accept the default value |
| Patch orchestration options | **Manual updates** |
>**Note**: If necessary, select an existing storage account in the dropdown list. Record the name of the storage account. You will use it in the next task.
1. Click **Next: Advanced >**, on the **Advanced** tab of the **Create a virtual machine** blade, review the available settings without modifying any of them, and click **Review + Create**.
1. On the **Review + Create** blade, click **Create**.
1. On the deployment blade, click **Template**.
1. Review the template representing the deployment in progress and click **Deploy**.
>**Note**: You will use this option to deploy the second virtual machine with matching configuration except for the availability zone.
1. On the **Custom deployment** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Resource group | **az104-08-rg01** |
| Network Interface Name | **az104-08-vm1-nic1** |
| Public IP Address Name | **az104-08-vm1-ip** |
| Virtual Machine Name | **az104-08-vm1** |
| Virtual Machine Computer Name | **az104-08-vm1** |
| Admin Username | **Student** |
| Admin Password | **Pa55w.rd1234** |
| Enable Hotpatching | **false** |
| Zone | **2** |
>**Note**: You need to modify parameters corresponding to the properties of the distinct resources you are deploying by using the template, including the virtual machine and its network interface.
1. Click **Review + Create**, on the **Review + Create** blade, click **Create**.
>**Note**: Wait for both deployments to complete before you proceed to the next task. This might take about 5 minutes.
#### Task 2: Configure Azure virtual machines by using virtual machine extensions
In this task, you will install Windows Server Web Server role on the two Azure virtual machines you deployed in the previous task by using the Custom Script virtual machine extension.
1. In the Azure portal, search for and select **Storage accounts** and, on the **Storage accounts** blade, click the entry representing the diagnostics storage account you created in the previous task.
1. On the storage account blade, in the **Data Storage** section, click **Containers** and then click **+ Container**.
1. On the **New container** blade, specify the following settings (leave others with their default values) and click **Create**:
| Setting | Value |
| --- | --- |
| Name | **scripts** |
| Public access level | **Private (no anonymous access**) |
1. Back on the storage account blade displaying the list of containers, click **scripts**.
1. On the **scripts** blade, click **Upload**.
1. On the **Upload blob** blade, click the folder icon, in the **Open** dialog box, navigate to the **\\Allfiles\\Labs\\08** folder, select **az104-08-install_IIS.ps1**, click **Open**, and back on the **Upload blob** blade, click **Upload**.
1. In the Azure portal, search for and select **Virtual machines** and, on the **Virtual machines** blade, click **az104-08-vm0**.
1. On the **az104-08-vm0** virtual machine blade, in the **Settings** section, click **Extensions**, and the click **+ Add**.
1. On the **New resource** blade, click **Custom Script Extension** and then click **Create**.
1. From the **Install extension** blade, click **Browse**.
1. On the **Storage accounts** blade, click the name of the storage account into which you uploaded the **az104-08-install_IIS.ps1** script, on the **Containers** blade, click **scripts**, on the **scripts** blade, click **az104-08-install_IIS.ps1**, and then click **Select**.
1. Back on the **Install extension** blade, click **OK**.
1. In the Azure portal, search for and select **Virtual machines** and, on the **Virtual machines** blade, click **az104-08-vm1**.
1. On the **az104-08-vm1** blade, in the **Automation** section, click **Export template**.
1. On the **az104-08-vm1 - Export template** blade, click **Deploy**.
1. On the **Custom deployment** blade, click **Edit template**.
>**Note**: Disregard the message stating **The resource group is in a location that is not supported by one or more resources in the template. Please choose a different resource group**. This is expected and can be ignored in this case.
1. On the **Edit template** blade, in the section displaying the content of the template, insert the following code starting with line **20** (directly underneath the `"resources": [` line):
>**Note**: If you are using a tool that pastes the code in line by line intellisense may add extra brackets causing validation errors. You may want to paste the code into notepad first and then paste it into line 20.
```json
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"name": "az104-08-vm1/customScriptExtension",
"apiVersion": "2018-06-01",
"location": "[resourceGroup().location]",
"dependsOn": [
"az104-08-vm1"
],
"properties": {
"publisher": "Microsoft.Compute",
"type": "CustomScriptExtension",
"typeHandlerVersion": "1.7",
"autoUpgradeMinorVersion": true,
"settings": {
"commandToExecute": "powershell.exe Install-WindowsFeature -name Web-Server -IncludeManagementTools && powershell.exe remove-item 'C:\\inetpub\\wwwroot\\iisstart.htm' && powershell.exe Add-Content -Path 'C:\\inetpub\\wwwroot\\iisstart.htm' -Value $('Hello World from ' + $env:computername)"
}
}
},
```
>**Note**: This section of the template defines the same Azure virtual machine custom script extension that you deployed earlier to the first virtual machine via Azure PowerShell.
1. Click **Save** and, back on the **Custom template** blade, click **Review + Create** and, on the **Review + Create** blade, click **Create**
>**Note**: Wait for the template deployment to complete. You can monitor its progress from the **Extensions** blade of the **az104-08-vm0** and **az104-08-vm1** virtual machines. This should take no more than 3 minutes.
1. To verify that the Custom Script extension-based configuration was successful, navigate back on the **az104-08-vm1** blade, in the **Operations** section, click **Run command**, and, in the list of commands, click **RunPowerShellScript**.
1. On the **Run Command Script** blade, type the following and click **Run** to access the web site hosted on **az104-08-vm0**:
```powershell
Invoke-WebRequest -URI http://10.80.0.4 -UseBasicParsing
```
>**Note**: The **-UseBasicParsing** parameter is necessary to eliminate dependency on Internet Explorer to complete execution of the cmdlet
>**Note**: You can also connect to **az104-08-vm0** and run `Invoke-WebRequest -URI http://10.80.0.5 -UseBasicParsing` to access the web site hosted on **az104-08-vm1**.
#### Task 3: Scale compute and storage for Azure virtual machines
In this task you will scale compute for Azure virtual machines by changing their size and scale their storage by attaching and configuring their data disks.
1. In the Azure portal, search for and select **Virtual machines** and, on the **Virtual machines** blade, click **az104-08-vm0**.
1. On the **az104-08-vm0** virtual machine blade, click **Size** and set the virtual machine size to **Standard DS1_v2** and click **Resize**
>**Note**: Choose another size if **Standard DS1_v2** is not available.
1. On the **az104-08-vm0** virtual machine blade, click **Disks**, Under **Data disks** click **+ Create and attach a new disk**.
1. Create a managed disk with the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Disk name | **az104-08-vm0-datadisk-0** |
| Storage type | **Premium SSD** |
| Size (GiB| **1024** |
1. Back on the **az104-08-vm0 - Disks** blade, Under **Data disks** click **+ Create and attach a new disk**.
1. Create a managed disk with the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Disk name | **az104-08-vm0-datadisk-1** |
| Storage type | **Premium SSD** |
| Size (GiB)| **1024 GiB** |
1. Back on the **az104-08-vm0 - Disks** blade, click **Save**.
1. On the **az104-08-vm0** blade, in the **Operations** section, click **Run command**, and, in the list of commands, click **RunPowerShellScript**.
1. On the **Run Command Script** blade, type the following and click **Run** to create a drive Z: consisting of the two newly attached disks with the simple layout and fixed provisioning:
```powershell
New-StoragePool -FriendlyName storagepool1 -StorageSubsystemFriendlyName "Windows Storage*" -PhysicalDisks (Get-PhysicalDisk -CanPool $true)
New-VirtualDisk -StoragePoolFriendlyName storagepool1 -FriendlyName virtualdisk1 -Size 2046GB -ResiliencySettingName Simple -ProvisioningType Fixed
Initialize-Disk -VirtualDisk (Get-VirtualDisk -FriendlyName virtualdisk1)
New-Partition -DiskNumber 4 -UseMaximumSize -DriveLetter Z
```
> **Note**: Wait for the confirmation that the commands completed successfully.
1. In the Azure portal, search for and select **Virtual machines** and, on the **Virtual machines** blade, click **az104-08-vm1**.
1. On the **az104-08-vm1** blade, in the **Automation** section, click **Export template**.
1. On the **az104-08-vm1 - Export template** blade, click **Deploy**.
1. On the **Custom deployment** blade, click **Edit template**.
>**Note**: Disregard the message stating **The resource group is in a location that is not supported by one or more resources in the template. Please choose a different resource group**. This is expected and can be ignored in this case.
1. On the **Edit template** blade, in the section displaying the content of the template, replace the line **30** `"vmSize": "Standard_D2s_v3"` with the following line):
```json
"vmSize": "Standard_DS1_v2"
```
>**Note**: This section of the template defines the same Azure virtual machine size as the one you specified for the first virtual machine via the Azure portal.
1. On the **Edit template** blade, in the section displaying the content of the template, replace line **50** (`"dataDisks": [ ]` line) with the following code :
```json
"dataDisks": [
{
"lun": 0,
"name": "az104-08-vm1-datadisk0",
"diskSizeGB": "1024",
"caching": "ReadOnly",
"createOption": "Empty"
},
{
"lun": 1,
"name": "az104-08-vm1-datadisk1",
"diskSizeGB": "1024",
"caching": "ReadOnly",
"createOption": "Empty"
}
]
```
>**Note**: If you are using a tool that pastes the code in line by line intellisense may add extra brackets causing validation errors. You may want to paste the code into notepad first and then paste it into line 49.
>**Note**: This section of the template creates two managed disks and attaches them to **az104-08-vm1**, similarly to the storage configuration of the first virtual machine via the Azure portal.
1. Click Save and, back on the Custom template blade, click Review + Create and, on the Review + Create blade, click Create.
>**Note**: Wait for the template deployment to complete. You can monitor its progress from the **Disks** blade of the **az104-08-vm1** virtual machine. This should take no more than 3 minutes.
1. Back on the **az104-08-vm1** blade, in the **Operations** section, click **Run command**, and, in the list of commands, click **RunPowerShellScript**.
1. On the **Run Command Script** blade, type the following and click **Run** to create a drive Z: consisting of the two newly attached disks with the simple layout and fixed provisioning:
```powershell
New-StoragePool -FriendlyName storagepool1 -StorageSubsystemFriendlyName "Windows Storage*" -PhysicalDisks (Get-PhysicalDisk -CanPool $true)
New-VirtualDisk -StoragePoolFriendlyName storagepool1 -FriendlyName virtualdisk1 -Size 2046GB -ResiliencySettingName Simple -ProvisioningType Fixed
Initialize-Disk -VirtualDisk (Get-VirtualDisk -FriendlyName virtualdisk1)
New-Partition -DiskNumber 4 -UseMaximumSize -DriveLetter Z
```
> **Note**: Wait for the confirmation that the commands completed successfully.
#### Task 4: Register the Microsoft.Insights and Microsoft.AlertsManagement resource providers
1. In the Azure portal, open the **Azure Cloud Shell** by clicking on the icon in the top right of the Azure Portal.
1. If prompted to select either **Bash** or **PowerShell**, select **PowerShell**.
>**Note**: If this is the first time you are starting **Cloud Shell** and you are presented with the **You have no storage mounted** message, select the subscription you are using in this lab, and click **Create storage**.
1. From the Cloud Shell pane, run the following to register the Microsoft.Insights and Microsoft.AlertsManagement resource providers.
```powershell
Register-AzResourceProvider -ProviderNamespace Microsoft.Insights
Register-AzResourceProvider -ProviderNamespace Microsoft.AlertsManagement
```
#### Task 5: Deploy zone-resilient Azure virtual machine scale sets by using the Azure portal
In this task, you will deploy Azure virtual machine scale set across availability zones by using the Azure portal.
1. In the Azure portal, search for and select **Virtual machine scale sets** and, on the **Virtual machine scale sets** blade, click **+ Add** (or **+ Create**).
1. On the **Basics** tab of the **Create a virtual machine scale set** blade, specify the following settings (leave others with their default values) and click **Next : Disks >**:
| Setting | Value |
| --- | --- |
| Subscription | the name of the Azure subscription you are using in this lab |
| Resource group | the name of a new resource group **az104-08-rg02** |
| Virtual machine scale set name | **az10408vmss0** |
| Region | select one of the regions that support availability zones and where you can provision Azure virtual machines different from the one you used to deploy virtual machines earlier in this lab |
| Availability zone | **Zones 1, 2, 3** |
| Image | **Windows Server 2019 Datacenter - Gen1** |
| Azure Spot instance | **No** |
| Size | **Standard D2s_v3** |
| Username | **Student** |
| Password | **Pa55w.rd1234** |
| Already have a Windows Server license? | **No** |
>**Note**: For the list of Azure regions which support deployment of Windows virtual machines to availability zones, refer to [What are Availability Zones in Azure?](https://docs.microsoft.com/en-us/azure/availability-zones/az-overview)
1. On the **Disks** tab of the **Create a virtual machine scale set** blade, accept the default values and click **Next : Networking >**.
1. On the **Networking** tab of the **Create a virtual machine scale set** blade, click the **Create virtual network** link below the **Virtual network** textbox and create a new virtual network with the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Name | **az104-08-rg02-vnet** |
| Address range | **10.82.0.0/20** |
| Subnet name | **subnet0** |
| Subnet range | **10.82.0.0/24** |
>**Note**: Once you create a new virtual network and return to the **Networking** tab of the **Create a virtual machine scale set** blade, the **Virtual network** value will be automatically set to **az104-08-rg02-vnet**.
1. Back on the **Networking** tab of the **Create a virtual machine scale set** blade, click the **Edit network interface** icon to the right of the network interface entry.
1. On the **Edit network interface** blade, in the **NIC network security group** section, click **Advanced** and click **Create new** under the **Configure network security group** drop-down list.
1. On the **Create network security group** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Name | **az10408vmss0-nsg** |
1. Click **Add an inbound rule** and add an inbound security rule with the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Source | **Any** |
| Source port ranges | **\*** |
| Destination | **Any** |
| Destination port ranges | **80** |
| Protocol | **TCP** |
| Action | **Allow** |
| Priority | **1010** |
| Name | **custom-allow-http** |
1. Click **Add** and, back on the **Create network security group** blade, click **OK**.
1. Back on the **Edit network interface** blade, in the **Public IP address** section, click **Enabled** and click **OK**.
1. Back on the **Networking** tab of the **Create a virtual machine scale set** blade, under the **Load balancing** section, ensure that the **Use a load balancer** entry is selected and specify the following **Load balancing settings** (leave others with their default values) and click **Next : Scaling >**:
| Setting | Value |
| --- | --- |
| Load balancing options | **Azure load balancer** |
| Select a load balancer | **(new) az10408vmss0-lb** |
| Select a backend pool | **(new) bepool** |
1. On the **Scaling** tab of the **Create a virtual machine scale set** blade, specify the following settings (leave others with their default values) and click **Next : Management >**:
| Setting | Value |
| --- | --- |
| Initial instance count | **2** |
| Scaling policy | **Manual** |
1. On the **Management** tab of the **Create a virtual machine scale set** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| Boot diagnostics | **Enable with custom storage account** |
| Diagnostics storage account | accept the default value |
>**Note**: You will need the name of this storage account in the next task.
Click **Next : Health >**:
1. On the **Health** tab of the **Create a virtual machine scale set** blade, review the default settings without making any changes and click **Next : Advanced >**.
1. On the **Advanced** tab of the **Create a virtual machine scale set** blade, specify the following settings (leave others with their default values) and click **Review + create**.
| Setting | Value |
| --- | --- |
| Spreading algorithm | **Fixed spreading (not recommended with zones)** |
>**Note**: The **Max spreading** setting is currently not functional.
1. On the **Review + create** tab of the **Create a virtual machine scale set** blade, ensure that the validation passed and click **Create**.
>**Note**: Wait for the virtual machine scale set deployment to complete. This should take about 5 minutes.
#### Task 6: Configure Azure virtual machine scale sets by using virtual machine extensions
In this task, you will install Windows Server Web Server role on the instances of the Azure virtual machine scale set you deployed in the previous task by using the Custom Script virtual machine extension.
1. In the Azure portal, search for and select **Storage accounts** and, on the **Storage accounts** blade, click the entry representing the diagnostics storage account you created in the previous task.
1. On the storage account blade, in the **Data Storage** section, click **Containers** and then click **+ Container**.
1. On the **New container** blade, specify the following settings (leave others with their default values) and click **Create**:
| Setting | Value |
| --- | --- |
| Name | **scripts** |
| Public access level | **Private (no anonymous access**) |
1. Back on the storage account blade displaying the list of containers, click **scripts**.
1. On the **scripts** blade, click **Upload**.
1. On the **Upload blob** blade, click the folder icon, in the **Open** dialog box, navigate to the **\\Allfiles\\Labs\\08** folder, select **az104-08-install_IIS.ps1**, click **Open**, and back on the **Upload blob** blade, click **Upload**.
1. In the Azure portal, navigate back to the **Virtual machine scale sets** blade and click **az10408vmss0**.
1. On the **az10408vmss0** blade, in the **Settings** section, click **Extensions**, and the click **+ Add**.
1. On the **New resource** blade, click **Custom Script Extension** and then click **Create**.
1. From the **Install extension** blade, **Browse** to and **Select** the **az104-08-install_IIS.ps1** script that was uploaded to the **scripts** container in the storage account earlier in this task, and then click **OK**.
>**Note**: Wait for the installation of the extension to complete before proceeding to the next step.
1. In the **Settings** section of the **az10408vmss0** blade, click **Instances**, select the checkboxes next to the two instances of the virtual machine scale set, click **Upgrade**, and then, when prompted for confirmation, click **Yes**.
>**Note**: Wait for the upgrade to complete before proceeding to the next step.
1. In the Azure portal, search for and select **Load balancers** and, in the list of load balancers, click **az10408vmss0-lb**.
1. On the **az10408vmss0-lb** blade, note the value of the **Public IP address** assigned to the frontend of the load balancer, open an new browser tab, and navigate to that IP address.
>**Note**: Verify that the browser page displays the name of one of the instances of the Azure virtual machine scale set **az10408vmss0**.
#### Task 7: Scale compute and storage for Azure virtual machine scale sets
In this task, you will change the size of virtual machine scale set instances, configure their autoscaling settings, and attach disks to them.
1. In the Azure portal, search for and select **Virtual machine scale sets** and select the **az10408vmss0** scale set
1. In the **az10408vmss0** blade, in the **Settings** section, click **Size**.
1. In the list of available sizes, select **Standard DS1_v2** and click **Resize**.
1. In the **Settings** section, click **Instances**, select the checkboxes next to the two instances of the virtual machine scale set, click **Upgrade**, and then, when prompted for confirmation, click **Yes**.
1. In the list of instances, click the entry representing the first instance and, on the scale set instance blade, note its **Location** (it should be one of the zones in the target Azure region into which you deployed the Azure virtual machine scale set).
1. Return to the **az10408vmss0 - Instances** blade, click the entry representing the second instance and, on the scale set instance blade, note its **Location** (it should be one of the other two zones in the target Azure region into which you deployed the Azure virtual machine scale set).
1. Return to the **az10408vmss0 - Instances** blade, and in the **Settings** section, click **Scaling**.
1. On the **az10408vmss0 - Scaling** blade, select the **Custom autoscale** option and configure autoscale with the following settings (leave others with their default values):
| Setting | Value |
| --- |--- |
| Scale mode | **Scale based on a metric** |
1. Click the **+ Add a rule** link and, on the **Scale rule** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- |--- |
| Metric source | **Current resource (az10480vmss0)** |
| Time aggregation | **Average** |
| Metric namespace | **Virtual Machine Host** |
| Metric name | **Network In Total** |
| Operator | **Greater than** |
| Metric threshold to trigger scale action | **10** |
| Duration (in minutes) | **1** |
| Time grain statistic | **Average** |
| Operation | **Increase count by** |
| Instance count | **1** |
| Cool down (minutes) | **5** |
>**Note**: Obviously these values do not represent a realistic configuration, since their purpose is to trigger autoscaling as soon as possible, without extended wait period.
1. Click **Add** and, back on the **az10408vmss0 - Scaling** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- |--- |
| Instance limits Minimum | **1** |
| Instance limits Maximum | **3** |
| Instance limits Default | **1** |
1. Click **Save**.
1. In the Azure portal, open the **Azure Cloud Shell** by clicking on the icon in the top right of the Azure Portal.
1. If prompted to select either **Bash** or **PowerShell**, select **PowerShell**.
1. From the Cloud Shell pane, run the following to identify the public IP address of the load balancer in front of the Azure virtual machine scale set **az10408vmss0**.
```powershell
$rgName = 'az104-08-rg02'
$lbpipName = 'az10408vmss0-ip'
$pip = (Get-AzPublicIpAddress -ResourceGroupName $rgName -Name $lbpipName).IpAddress
```
1. From the Cloud Shell pane, run the following to start and infinite loop that sends the HTTP requests to the web sites hosted on the instances of Azure virtual machine scale set **az10408vmss0**.
```powershell
while ($true) { Invoke-WebRequest -Uri "http://$pip" }
```
1. Minimize the Cloud Shell pane but do not close it, switch back to the **az10408vmss0 - Instances** blade and monitor the number of instances.
>**Note**: You might need to wait a couple of minutes and click **Refresh**.
1. Once the third instance is provisioned, navigate to its blade to determine its **Location** (it should be different than the first two zones you identified earlier in this task.
1. Close Cloud Shell pane.
1. On the **az10408vmss0** blade, in the **Settings** section, click **Disks**, click **+ Create and attach a new disk**, and attach a new managed disk with the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| LUN | **0** |
| Storage type | **Standard HDD** |
| Size (GiB) | **32** |
1. Save the change, in the **Settings** section of the **az10408vmss0** blade, click **Instances**, select the checkboxes next to the instances of the virtual machine scale set, click **Upgrade**, and then, when prompted for confirmation, click **Yes**.
>**Note**: The disk attached in the previous step is a raw disk. Before it can be used, it is necessary to create a partition, create a filesystem, and mount it. To accomplish this, you will use Azure virtual machine Custom Script extension. First, you will need to remove the existing Custom Script Extension.
1. In the **Settings** section of the **az10408vmss0** blade, click **Extensions**, click **CustomScriptExtension**, and then click **Uninstall**.
>**Note**: Wait for uninstallation to complete.
1. In the Azure portal, open the **Azure Cloud Shell** by clicking on the icon in the top right of the Azure Portal.
1. If prompted to select either **Bash** or **PowerShell**, select **PowerShell**.
1. In the toolbar of the Cloud Shell pane, click the **Upload/Download files** icon, in the drop-down menu, click **Upload** and upload the file **\\Allfiles\\Labs\\08\\az104-08-configure_VMSS_disks.ps1** into the Cloud Shell home directory.
1. From the Cloud Shell pane, run the following to display the content of the script:
```powershell
Set-Location -Path $HOME
Get-Content -Path ./az104-08-configure_VMSS_disks.ps1
```
>**Note**: The script installs a custom script extension that configures the attached disk.
1. From the Cloud Shell pane, run the following to excecute the script and configure disks of Azure virtual machine scale set:
```powershell
./az104-08-configure_VMSS_disks.ps1
```
1. Close the Cloud Shell pane.
1. In the **Settings** section of the **az10408vmss0** blade, click **Instances**, select the checkboxes next to the instances of the virtual machine scale set, click **Upgrade**, and then, when prompted for confirmation, click **Yes**.
#### Clean up resources
>**Note**: Remember to remove any newly created Azure resources that you no longer use. Removing unused resources ensures you will not see unexpected charges.
1. In the Azure portal, open the **PowerShell** session within the **Cloud Shell** pane.
1. Remove az104-08-configure_VMSS_disks.ps1 by running the following command:
```powershell
rm ~\az104-08*
```
1. List all resource groups created throughout the labs of this module by running the following command:
```powershell
Get-AzResourceGroup -Name 'az104-08*'
```
1. Delete all resource groups you created throughout the labs of this module by running the following command:
```powershell
Get-AzResourceGroup -Name 'az104-08*' | Remove-AzResourceGroup -Force -AsJob
```
>**Note**: The command executes asynchronously (as determined by the -AsJob parameter), so while you will be able to run another PowerShell command immediately afterwards within the same PowerShell session, it will take a few minutes before the resource groups are actually removed.
#### Review
In this lab, you have:
+ Deployed zone-resilient Azure virtual machines by using the Azure portal and an Azure Resource Manager template
+ Configured Azure virtual machines by using virtual machine extensions
+ Scaled compute and storage for Azure virtual machines
+ Deployed zone-reslient Azure virtual machine scale sets by using the Azure portal
+ Configured Azure virtual machine scale sets by using virtual machine extensions
+ Scaled compute and storage for Azure virtual machine scale sets

267
AZ104/MicrosoftAureAdministrator/Instructions/Labs/LAB_09a-Implement_Web_Apps.md Normal file
View File

@@ -0,0 +1,267 @@
---
lab:
title: '09a - Implement Web Apps'
module: 'Module 09 - Serverless Computing'
---
# Lab 09a - Implement Web Apps
# Student lab manual
## Lab scenario
You need to evaluate the use of Azure Web apps for hosting Contoso's web sites, hosted currently in the company's on-premises data centers. The web sites are running on Windows servers using PHP runtime stack. You also need to determine how you can implement DevOps practices by leveraging Azure web apps deployment slots.
## Objectives
In this lab, you will:
+ Task 1: Create an Azure web app
+ Task 2: Create a staging deployment slot
+ Task 3: Configure web app deployment settings
+ Task 4: Deploy code to the staging deployment slot
+ Task 5: Swap the staging slots
+ Task 6: Configure and test autoscaling of the Azure web app
## Estimated timing: 30 minutes
## Architecture diagram
![image](../media/lab09a.png)
## Instructions
### Exercise 1
#### Task 1: Create an Azure web app
In this task, you will create an Azure web app.
1. Sign in to the [**Azure portal**](http://portal.azure.com).
1. In the Azure portal, search for and select **App services**, and, on the **App Services** blade, click **+ Create**.
1. On the **Basics** tab of the **Web App** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- | ---|
| Subscription | the name of the Azure subscription you are using in this lab |
| Resource group | the name of a new resource group **az104-09a-rg1** |
| Web app name | any globally unique name |
| Publish | **Code** |
| Runtime stack | **PHP 7.3** |
| Operating system | **Windows** |
| Region | the name of an Azure region where you can provision Azure web apps |
| App service plan | accept the default configuration |
1. Click **Review + create**. On the **Review + create** tab of the **Create Web App** blade, ensure that the validation passed and click **Create**.
>**Note**: Wait until the web app is created before you proceed to the next task. This should take about a minute.
1. On the deployment blade, click **Go to resource**.
#### Task 2: Create a staging deployment slot
In this task, you will create a staging deployment slot.
1. On the blade of the newly deployed web app, click the **URL** link to display the default web page in a new browser tab.
1. Close the new browser tab and, back in the Azure portal, in the **Deployment** section of the web app blade, click **Add a Deployment slot**.
>**Note**: The web app, at this point, has a single deployment slot labeled **PRODUCTION**.
1. Click **+ Add slot**, and add a new slot with the following settings:
| Setting | Value |
| --- | ---|
| Name | **staging** |
| Clone settings from | **Do not clone settings**|
1. Back on the **Deployment slots** blade of the web app, click the entry representing the newly created staging slot.
>**Note**: This will open the blade displaying the properties of the staging slot.
1. Review the staging slot blade and note that its URL differs from the one assigned to the production slot.
#### Task 3: Configure web app deployment settings
In this task, you will configure web app deployment settings.
1. On the staging deployment slot blade, in the **Deployment** section, click **Deployment Center** and then select the **Settings** tab.
>**Note:** Make sure you are on the staging slot blade (rather than the production slot).
1. On the **Settings** tab, in the **Source** drop-down list, select **Local Git** and click the **Save** button
1. On the **Deployment Center** blade, copy the **Git Clone Url** entry to Notepad.
>**Note:** You will need the Git Clone Url value in the next task of this lab.
1. On the **Deployment Center** blade, select the **Local Git/FTPS credentials** tab, in the **User Scope** section, specify the following settings, and click **Save**.
| Setting | Value |
| --- | ---|
| User name | any globally unique name (must not contain `@` character) |
| Password | any password that satisfies complexity requirements|
>**Note:** The password must be at least eight characters long, with two of the following three elements: letters, numbers, and non-alphanumeric characters.
>**Note:** You will need these credentials in the next task of this lab.
#### Task 4: Deploy code to the staging deployment slot
In this task, you will deploy code to the staging deployment slot.
1. In the Azure portal, open the **Azure Cloud Shell** by clicking on the icon in the top right of the Azure Portal.
1. If prompted to select either **Bash** or **PowerShell**, select **PowerShell**.
>**Note**: If this is the first time you are starting **Cloud Shell** and you are presented with the **You have no storage mounted** message, select the subscription you are using in this lab, and click **Create storage**.
1. From the Cloud Shell pane, run the following to clone the remote repository containing the code for the web app.
```powershell
git clone https://github.com/Azure-Samples/php-docs-hello-world
```
1. From the Cloud Shell pane, run the following to set the current location to the newly created clone of the local repository containing the sample web app code.
```powershell
Set-Location -Path $HOME/php-docs-hello-world/
```
1. From the Cloud Shell pane, run the following to add the remote git (make sure to replace the `[deployment_user_name]` and `[git_clone_url]` placeholders with the value of the **Deployment Credentials** user name and **Git Clone Url**, respectively, which you identified in previous task):
```powershell
git remote add [deployment_user_name] [git_clone_url]
```
>**Note**: The value following `git remote add` does not have to match the **Deployment Credentials** user name, but has to be unique
1. From the Cloud Shell pane, run the following to push the sample web app code from the local repository to the Azure web app staging deployment slot (make sure to replace the `[deployment_user_name]` placeholder with the value of the **Deployment Credentials** user name, which you identified in previous task):
```powershell
git push [deployment_user_name] master
```
1. If prompted to authenticate, type the `[deployment_user_name]` and the corresponding password (which you set in the previous task).
1. Close the Cloud Shell pane.
1. On the staging slot blade, click **Overview** and then click the **URL** link to display the default web page in a new browser tab.
1. Verify that the browser page displays the **Hello World!** message and close the new tab.
#### Task 5: Swap the staging slots
In this task, you will swap the staging slot with the production slot
1. Navigate back to the blade displaying the production slot of the web app.
1. In the **Deployment** section, click **Deployment slots** and then, click **Swap** toolbar icon.
1. On the **Swap** blade, review the default settings and click **Swap**.
1. Click **Overview** on the production slot blade of the web app and then click the **URL** link to display the web site home page in a new browser tab.
1. Verify the default web page has been replaced with the **Hello World!** page.
#### Task 6: Configure and test autoscaling of the Azure web app
In this task, you will configure and test autoscaling of Azure web app.
1. On the blade displaying the production slot of the web app, in the **Settings** section, click **Scale out (App Service plan)**.
1. Click **Custom autoscale**.
>**Note**: You also have the option of scaling the web app manually.
1. Leave the default option **Scale based on a metric** selected and click **+ Add a rule**
1. On the **Scale rule** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- |--- |
| Metric source | **Current resource** |
| Time aggregation | **Maximum** |
| Metric namespace | **App Service plans standard metrics** |
| Metric name | **CPU Percentage** |
| Operator | **Greater than** |
| Metric threshold to trigger scale action | **10** |
| Duration (in minutes) | **1** |
| Time grain statistic | **Maximum** |
| Operation | **Increase count by** |
| Instance count | **1** |
| Cool down (minutes) | **5** |
>**Note**: Obviously these values do not represent a realistic configuration, since their purpose is to trigger autoscaling as soon as possible, without extended wait period.
1. Click **Add** and, back on the App Service plan scaling blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- |--- |
| Instance limits Minimum | **1** |
| Instance limits Maximum | **2** |
| Instance limits Default | **1** |
1. Click **Save**.
1. In the Azure portal, open the **Azure Cloud Shell** by clicking on the icon in the top right of the Azure Portal.
1. If prompted to select either **Bash** or **PowerShell**, select **PowerShell**.
1. From the Cloud Shell pane, run the following to identify the URL of the Azure web app.
```powershell
$rgName = 'az104-09a-rg1'
$webapp = Get-AzWebApp -ResourceGroupName $rgName
```
1. From the Cloud Shell pane, run the following to start and infinite loop that sends the HTTP requests to the web app:
```powershell
while ($true) { Invoke-WebRequest -Uri $webapp.DefaultHostName }
```
1. Minimize the Cloud Shell pane (but do not close it) and, on the web app blade, in the **Monitoring** section, click **Process explorer**.
>**Note**: Process explorer facilitates monitoring the number of instances and their resource utilization.
1. Monitor the utilization and the number of instances for a few minutes.
>**Note**: You may need to **Refresh** the page.
1. Once you notice that the number of instances has increased to 2, reopen the Cloud Shell pane and terminate the script by pressing **Ctrl+C**.
1. Close the Cloud Shell pane.
#### Clean up resources
>**Note**: Remember to remove any newly created Azure resources that you no longer use. Removing unused resources ensures you will not see unexpected charges.
1. In the Azure portal, open the **PowerShell** session within the **Cloud Shell** pane.
1. List all resource groups created throughout the labs of this module by running the following command:
```powershell
Get-AzResourceGroup -Name 'az104-09a*'
```
1. Delete all resource groups you created throughout the labs of this module by running the following command:
```powershell
Get-AzResourceGroup -Name 'az104-09a*' | Remove-AzResourceGroup -Force -AsJob
```
>**Note**: The command executes asynchronously (as determined by the -AsJob parameter), so while you will be able to run another PowerShell command immediately afterwards within the same PowerShell session, it will take a few minutes before the resource groups are actually removed.
#### Review
In this lab, you have:
+ Created an Azure web app
+ Created a staging deployment slot
+ Configured web app deployment settings
+ Deployed code to the staging deployment slot
+ Swapped the staging slots
+ Configured and test autoscaling of the Azure web app

105
AZ104/MicrosoftAureAdministrator/Instructions/Labs/LAB_09b-Implement_Azure_Container_Instances.md Normal file
View File

@@ -0,0 +1,105 @@
---
lab:
title: '09b - Implement Azure Container Instances'
module: 'Module 09 - Serverless Computing'
---
# Lab 09b - Implement Azure Container Instances
# Student lab manual
## Lab scenario
Contoso wants to find a new platform for its virtualized workloads. You identified a number of container images that can be leveraged to accomplish this objective. Since you want to minimize container management, you plan to evaluate the use of Azure Container Instances for deployment of Docker images.
## Objectives
In this lab, you will:
- Task 1: Deploy a Docker image by using the Azure Container Instance
- Task 2: Review the functionality of the Azure Container Instance
## Estimated timing: 20 minutes
## Architecture diagram
![image](../media/lab09b.png)
## Instructions
### Exercise 1
#### Task 1: Deploy a Docker image by using the Azure Container Instance
In this task, you will create a new container instance for the web application.
1. Sign in to the [Azure portal](https://portal.azure.com).
1. In the Azure portal, search for locate **Container instances** and then, on the **Container instances** blade, click **+ Create**.
1. On the **Basics** tab of the **Create container instance** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| ---- | ---- |
| Subscription | the name of the Azure subscription you are using in this lab |
| Resource group | the name of a new resource group **az104-09b-rg1** |
| Container name | **az104-9b-c1** |
| Region | the name of a region where you can provision Azure container instances |
| Image Source | **Quickstart images** |
| Image | **mcr.microsoft.com/azuredocs/aci-helloworld:latest (Linux)** |
1. Click **Next: Networking >** and, on the **Networking** tab of the **Create container instance** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| --- | --- |
| DNS name label | any valid, globally unique DNS host name |
>**Note**: Your container will be publicly reachable at dns-name-label.region.azurecontainer.io. If you receive a **DNS name label not available** error message, specify a different value.
1. Click **Next: Advanced >**, review the settings on the **Advanced** tab of the **Create container instance** blade without making any changes, click **Review + Create**, ensure that the validation passed and click **Create**.
>**Note**: Wait for the deployment to complete. This should take about 3 minutes.
>**Note**: While you wait, you may be interested in viewing the [code behind the sample application](https://github.com/Azure-Samples/aci-helloworld). To view it, browse the \\app folder.
#### Task 2: Review the functionality of the Azure Container Instance
In this task, you will review the deployment of the container instance.
1. On the deployment blade, click the **Go to resource** link.
1. On the **Overview** blade of the container instance, verify that **Status** is reported as **Running**.
1. Copy the value of the container instance **FQDN**, open a new browser tab, and navigate to the corresponding URL.
1. Verify that the **Welcome to Azure Container Instance** page is displayed.
1. Close the new browser tab, back in the Azure portal, in the **Settings** section of the container instance blade, click **Containers**, and then click **Logs**.
1. Verify that you see the log entries representing the HTTP GET request generated by displaying the application in the browser.
#### Clean up resources
>**Note**: Remember to remove any newly created Azure resources that you no longer use. Removing unused resources ensures you will not see unexpected charges.
1. In the Azure portal, open the **PowerShell** session within the **Cloud Shell** pane.
1. List all resource groups created throughout the labs of this module by running the following command:
```powershell
Get-AzResourceGroup -Name 'az104-09b*'
```
1. Delete all resource groups you created throughout the labs of this module by running the following command:
```powershell
Get-AzResourceGroup -Name 'az104-09b*' | Remove-AzResourceGroup -Force -AsJob
```
>**Note**: The command executes asynchronously (as determined by the -AsJob parameter), so while you will be able to run another PowerShell command immediately afterwards within the same PowerShell session, it will take a few minutes before the resource groups are actually removed.
#### Review
In this lab, you have:
- Deployed a Docker image by using the Azure Container Instance
- Reviewed the functionality of the Azure Container Instance

264
AZ104/MicrosoftAureAdministrator/Instructions/Labs/LAB_09c-Implement_Azure_Kubernetes_Service.md Normal file
View File

@@ -0,0 +1,264 @@
---
lab:
title: '09c - Implement Azure Kubernetes Service'
module: 'Module 09 - Serverless Computing'
---
# Lab 09c - Implement Azure Kubernetes Service
# Student lab manual
## Lab scenario
Contoso has a number of multi-tier applications that are not suitable to run by using Azure Container Instances. In order to determine whether they can be run as containerized workloads, you want to evaluate using Kubernetes as the container orchestrator. To further minimize management overhead, you want to test Azure Kubernetes Service, including its simplified deployment experience and scaling capabilities.
## Objectives
In this lab, you will:
+ Task 1: Register the Microsoft.Kubernetes and Microsoft.KubernetesConfiguration resource providers.
+ Task 2: Deploy an Azure Kubernetes Service cluster
+ Task 3: Deploy pods into the Azure Kubernetes Service cluster
+ Task 4: Scale containerized workloads in the Azure Kubernetes service cluster
## Estimated timing: 40 minutes
## Architecture diagram
![image](../media/lab09c.png)
## Instructions
### Exercise 1
#### Task 1: Register the Microsoft.Kubernetes and Microsoft.KubernetesConfiguration resource providers.
In this task, you will register resource providers necessary to deploy an Azure Kubernetes Services cluster.
1. Sign in to the [Azure portal](https://portal.azure.com).
1. In the Azure portal, open the **Azure Cloud Shell** by clicking on the icon in the top right of the Azure Portal.
1. If prompted to select either **Bash** or **PowerShell**, select **PowerShell**.
>**Note**: If this is the first time you are starting **Cloud Shell** and you are presented with the **You have no storage mounted** message, select the subscription you are using in this lab, and click **Create storage**.
1. From the Cloud Shell pane, run the following to register the Microsoft.Kubernetes and Microsoft.KubernetesConfiguration resource providers.
```powershell
Register-AzResourceProvider -ProviderNamespace Microsoft.Kubernetes
Register-AzResourceProvider -ProviderNamespace Microsoft.KubernetesConfiguration
```
1. Close the Cloud Shell pane.
#### Task 2: Deploy an Azure Kubernetes Service cluster
In this task, you will deploy an Azure Kubernetes Services cluster by using the Azure portal.
1. In the Azure portal, search for locate **Kubernetes services** and then, on the **Kubernetes services** blade, click **+ Create**, and then click **+ Create a Kubernetes cluster**.
1. On the **Basics** tab of the **Create Kubernetes cluster** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| ---- | ---- |
| Subscription | the name of the Azure subscription you are using in this lab |
| Resource group | the name of a new resource group **az104-09c-rg1** |
| Kubernetes cluster name | **az104-9c-aks1** |
| Region | the name of a region where you can provision a Kubernetes cluster |
| Availability zones | **None** (uncheck all boxes) |
| Kubernetes version | accept the default |
| Node size | accept the default |
| Node count | **1** |
1. Click **Next: Node Pools >** and, on the **Node Pools** tab of the **Create Kubernetes cluster** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| ---- | ---- |
| Enable virtual nodes | **Disabled** (default) |
| Enable virtual machine scale sets | **Enabled** (default) |
1. Click **Next: Authentication >** and, on the **Authentication** tab of the **Create Kubernetes cluster** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| ---- | ---- |
| Authentication method | **System-assigned managed identity** (default) |
| Role-based access control (RBAC) | **Enabled** |
1. Click **Next: Networking >** and, on the **Networking** tab of the **Create Kubernetes cluster** blade, specify the following settings (leave others with their default values):
| Setting | Value |
| ---- | ---- |
| Network configuration | **kubenet** |
| DNS name prefix | any valid, globally unique DNS host name |
1. Click **Next: Integrations >**, on the **Integrations** tab of the **Create Kubernetes cluster** blade, set **Container monitoring** to **Disabled**, click **Review + create**, ensure that the validation passed and click Create.
>**Note**: In production scenarios, you would want to enable monitoring. Monitoring is disabled in this case since it is not covered in the lab.
>**Note**: Wait for the deployment to complete. This should take about 10 minutes.
#### Task 3: Deploy pods into the Azure Kubernetes Service cluster
In this task, you will deploy a pod into the Azure Kubernetes Service cluster.
1. On the deployment blade, click the **Go to resource** link.
1. On the **az104-9c-aks1** Kubernetes service blade, in the **Settings** section, click **Node pools**.
1. On the **az104-9c-aks1 - Node pools** blade, verify that the cluster consists of a single pool with one node.
1. In the Azure portal, open the **Azure Cloud Shell** by clicking on the icon in the top right of the Azure Portal.
1. Switch the **Azure Cloud Shell** to **Bash** (black background).
1. From the Cloud Shell pane, run the following to retrieve the credentials to access the AKS cluster:
```sh
RESOURCE_GROUP='az104-09c-rg1'
AKS_CLUSTER='az104-9c-aks1'
az aks get-credentials --resource-group $RESOURCE_GROUP --name $AKS_CLUSTER
```
1. From the **Cloud Shell** pane, run the following to verify connectivity to the AKS cluster:
```sh
kubectl get nodes
```
1. In the **Cloud Shell** pane, review the output and verify that the one node which the cluster consists of at this point is reporting the **Ready** status.
1. From the **Cloud Shell** pane, run the following to deploy the **nginx** image from the Docker Hub:
```sh
kubectl create deployment nginx-deployment --image=nginx
```
> **Note**: Make sure to use lower case letters when typing the name of the deployment (nginx-deployment)
1. From the **Cloud Shell** pane, run the following to verify that a Kubernetes pod has been created:
```sh
kubectl get pods
```
1. From the **Cloud Shell** pane, run the following to identify the state of the deployment:
```sh
kubectl get deployment
```
1. From the **Cloud Shell** pane, run the following to make the pod available from Internet:
```sh
kubectl expose deployment nginx-deployment --port=80 --type=LoadBalancer
```
1. From the **Cloud Shell** pane, run the following to identify whether a public IP address has been provisioned:
```sh
kubectl get service
```
1. Re-run the command until the value in the **EXTERNAL-IP** column for the **nginx-deployment** entry changes from **\<pending\>** to a public IP address. Note the public IP address in the **EXTERNAL-IP** column for **nginx-deployment**.
1. Open a browser window and navigate to the IP address you obtained in the previous step. Verify that the browser page displays the **Welcome to nginx!** message.
#### Task 4: Scale containerized workloads in the Azure Kubernetes service cluster
In this task, you will scale horizontally the number of pods and then number of cluster nodes.
1. From the **Cloud Shell** pane, and run the following to scale the deployment by increasing of the number of pods to 2:
```sh
RESOURCE_GROUP='az104-09c-rg1'
AKS_CLUSTER='az104-9c-aks1'
kubectl scale --replicas=2 deployment/nginx-deployment
```
1. From the **Cloud Shell** pane, run the following to verify the outcome of scaling the deployment:
```sh
kubectl get pods
```
> **Note**: Review the output of the command and verify that the number of pods increased to 2.
1. From the **Cloud Shell** pane, run the following to scale out the cluster by increasing the number of nodes to 2:
```sh
az aks scale --resource-group $RESOURCE_GROUP --name $AKS_CLUSTER --node-count 2
```
> **Note**: Wait for the provisioning of the additional node to complete. This might take about 3 minutes. If it fails, rerun the `az aks scale` command.
1. From the **Cloud Shell** pane, run the following to verify the outcome of scaling the cluster:
```sh
kubectl get nodes
```
> **Note**: Review the output of the command and verify that the number of nodes increased to 2.
1. From the **Cloud Shell** pane, run the following to scale the deployment:
```sh
kubectl scale --replicas=10 deployment/nginx-deployment
```
1. From the **Cloud Shell** pane, run the following to verify the outcome of scaling the deployment:
```sh
kubectl get pods
```
> **Note**: Review the output of the command and verify that the number of pods increased to 10.
1. From the **Cloud Shell** pane, run the following to review the pods distribution across cluster nodes:
```sh
kubectl get pod -o=custom-columns=NODE:.spec.nodeName,POD:.metadata.name
```
> **Note**: Review the output of the command and verify that the pods are distributed across both nodes.
1. From the **Cloud Shell** pane, run the following to delete the deployment:
```sh
kubectl delete deployment nginx-deployment
```
1. Close the **Cloud Shell** pane.
#### Clean up resources
>**Note**: Remember to remove any newly created Azure resources that you no longer use. Removing unused resources ensures you will not see unexpected charges.
1. In the Azure portal, open the **Bash** shell session within the **Cloud Shell** pane.
1. List all resource groups created throughout the labs of this module by running the following command:
```sh
az group list --query "[?starts_with(name,'az104-09c')].name" --output tsv
```
1. Delete all resource groups you created throughout the labs of this module by running the following command:
```sh
az group list --query "[?starts_with(name,'az104-09c')].[name]" --output tsv | xargs -L1 bash -c 'az group delete --name $0 --no-wait --yes'
```
>**Note**: The command executes asynchronously (as determined by the --nowait parameter), so while you will be able to run another Azure CLI command immediately afterwards within the same Bash session, it will take a few minutes before the resource groups are actually removed.
#### Review
In this lab, you have:
+ Deployed an Azure Kubernetes Service cluster
+ Deployed pods into the Azure Kubernetes Service cluster
+ Scaled containerized workloads in the Azure Kubernetes service cluster