Hello Everyone,
The below blog is only for those who are starting with Azure and wish to understand about some basic networking and resource concepts in Azure.
If you are a beginner and want to explore Azure and do some Tests with the azure resources/services yourself, please create an account in https://azure.microsoft.com/en-in/features/azure-portal/ . You could use any of your existing microsoft account for it. Azure gives 200$ free credits for 12 months along with a few free services' access. There are a set of 25 services that are available for free even after the 1 year trail period. I have not explored these myself as i was fortunate enough to explore Azure as part of my regular job.
Explore what comes free here . Without any further delay I will get started with some concepts for you to begin your azure journey.
Azure Subscription : This is your starting point . Your azure account can have access to one of more subscriptions. Billing is done for all resources in the subscription and the one who is owning the subscription has to pay the bill as we use azure services. .For ease of use , you could have different subscriptions of your different environments like Prod, Dev, Test .
Azure resources: Simply put, these are instances of services, solutions and applications that we avail from azure.It could be a VM, database, Storage etc.You could find the resources in azure market place or get a direct link to it by searching for it in the search bar in azure portal, and get it added to your subscription to start using them.
Resource groups (RGs) : This is a logical grouping of resources for your project, that came with the latest deployment model in azure called ARM(Azure Resource Manager). Imagine i have a POC project and need to use a bunch of resources for it. I can add all my resources under a single resource group and get the resource group deleted which will save my time in dealing with deletion of each of the resources that I have added.
Virtual Networks (VNet) : This is your isolated and dedicated virtual network in azure to deploy your resources and establish network connectivity within (or outward when needed). Similar jargon in AWS cloud is called VPC. You can establish Vnet to VNet connections via VNet peering techniques and can connect to the private on-premise networks outside the cloud using either Point-To-Site (Much like your office VPN and it doesnt need a VPN device), Site-Site (Biway connection VPN through which you can make your resources talk to the on-premise resources, need a devide ) and Express routes VPN (Similar in function to Site-Site VPN, but faster and has got more features as it works with several connectivity providers- need VPN device too).
I will write a short blog later on how to setup a Point-To-Site VPN for your Azure VNet.
A Virtual network is scoped to a single Azure region, which means you cannot have a VNet spanning multiple azure regions.
Subnets: This is a subset of your VNet to host similar resources and manage security better. For example, you need to have a dedicated subnet created for managed instances in your VNet as per design .The IP address range you set for subnets need to be the subset of that you define for your VNet.
NSG(Network Security Groups):This is your firewall feature which needs to be there within the VNet to provide better security and isolation either at the Subnet level or any VM's NIC. You can create inbound and outbound rules in the NSG attached to your subnet to manage the traffic by allowing or denying it based on IP address, port numbers etc.
Hope this helps you gain some basic understanding about Azure. Thanks for visiting.!
The below blog is only for those who are starting with Azure and wish to understand about some basic networking and resource concepts in Azure.
If you are a beginner and want to explore Azure and do some Tests with the azure resources/services yourself, please create an account in https://azure.microsoft.com/en-in/features/azure-portal/ . You could use any of your existing microsoft account for it. Azure gives 200$ free credits for 12 months along with a few free services' access. There are a set of 25 services that are available for free even after the 1 year trail period. I have not explored these myself as i was fortunate enough to explore Azure as part of my regular job.
Explore what comes free here . Without any further delay I will get started with some concepts for you to begin your azure journey.
Azure Subscription : This is your starting point . Your azure account can have access to one of more subscriptions. Billing is done for all resources in the subscription and the one who is owning the subscription has to pay the bill as we use azure services. .For ease of use , you could have different subscriptions of your different environments like Prod, Dev, Test .
Azure resources: Simply put, these are instances of services, solutions and applications that we avail from azure.It could be a VM, database, Storage etc.You could find the resources in azure market place or get a direct link to it by searching for it in the search bar in azure portal, and get it added to your subscription to start using them.
Resource groups (RGs) : This is a logical grouping of resources for your project, that came with the latest deployment model in azure called ARM(Azure Resource Manager). Imagine i have a POC project and need to use a bunch of resources for it. I can add all my resources under a single resource group and get the resource group deleted which will save my time in dealing with deletion of each of the resources that I have added.
Virtual Networks (VNet) : This is your isolated and dedicated virtual network in azure to deploy your resources and establish network connectivity within (or outward when needed). Similar jargon in AWS cloud is called VPC. You can establish Vnet to VNet connections via VNet peering techniques and can connect to the private on-premise networks outside the cloud using either Point-To-Site (Much like your office VPN and it doesnt need a VPN device), Site-Site (Biway connection VPN through which you can make your resources talk to the on-premise resources, need a devide ) and Express routes VPN (Similar in function to Site-Site VPN, but faster and has got more features as it works with several connectivity providers- need VPN device too).
I will write a short blog later on how to setup a Point-To-Site VPN for your Azure VNet.
A Virtual network is scoped to a single Azure region, which means you cannot have a VNet spanning multiple azure regions.
Subnets: This is a subset of your VNet to host similar resources and manage security better. For example, you need to have a dedicated subnet created for managed instances in your VNet as per design .The IP address range you set for subnets need to be the subset of that you define for your VNet.
NSG(Network Security Groups):This is your firewall feature which needs to be there within the VNet to provide better security and isolation either at the Subnet level or any VM's NIC. You can create inbound and outbound rules in the NSG attached to your subnet to manage the traffic by allowing or denying it based on IP address, port numbers etc.
Hope this helps you gain some basic understanding about Azure. Thanks for visiting.!
Thanks for this. Got an overview on azure subscription, Vnet and subnet and basic senarios where we can use them.
ReplyDeleteGlad you find it useful. :)
Delete