Azure CLI
Azure CLI is a cross-platform command-line tool built by Microsoft that enables users to create, manage, and automate resources in Azure directly from the terminal.
Instead of relying on the Azure web portal, developers, cloud engineers, and system administrators can interact with Azure services using structured az commands. This makes it ideal for scripting, automation, and efficient infrastructure management across services like virtual machines, storage, networking, and resource groups.
Project Overview
In this project, I will:
Create a Resource Group
Set up a Virtual Network (VNet) and Subnet
Provision a Linux Virtual Machine
Create a Storage Account and upload files
Store secrets in Azure Key Vault
Monitor costs and configure a budget alert
Creating a Resource Group
A Resource Group acts as a logical container for organizing related Azure resources.
Services such as virtual machines, storage accounts, databases, and networks are grouped together so they can be deployed, managed, and deleted as a single unit. This helps simplify resource management and keeps your infrastructure organized.
Step 1: Define a Resource Group Variable
A variable is a named value that you can reuse throughout your commands or scripts.
Rather than typing the same value repeatedly (like a resource name or configuration), you assign it to a variable once and reference it whenever needed. This improves readability, reduces errors, and makes your workflow more efficient.
Create the Resource Group
This step creates a resource group named mylab-rg in the East US region. All resources used in this lab will be deployed into this group, making them easier to manage and remove when no longer needed.
- verify it was created in the Azure Portal
Build a Virtual Network (VNet) & Subnet
1. Create a VNet
A Virtual Network (VNet) is a private, isolated network within Azure that allows cloud resources to communicate securely.
It handles IP address allocation, provides network isolation, and ensures secure connectivity between services like virtual machines and databases running in your Azure environment.
- Create a Virtual Network with a broad 10.0.0.0/16 IP address space.
2. Create a Subnet
A subnet is a smaller division of a virtual network’s IP address range.
It helps organize resources, improve security, and control traffic flow between services by creating isolated sections within the larger network.
In this step, you’ll create a subnet using the 10.0.1.0/24 range, which is a smaller portion of your VNet, dedicated specifically for hosting your virtual machines.
3. Create a Network Security Group (NSG)
A Network Security Group (NSG) is a collection of security rules in Azure that manage the flow of inbound and outbound traffic to your virtual network resources.
It acts like a virtual firewall, allowing or blocking traffic based on IP address, port, or protocol, helping secure and isolate your resources.
In this step, you’ll create an NSG that can later be associated with your subnet or virtual machines.
4. Open Port 22 (SSH) & 80 (HTTP)
Port 22 (SSH) is used for secure, encrypted remote access to your Linux VM. Opening this port allows administrators to log in and manage the server safely.
Port 80 (HTTP) is the standard port for web traffic. Opening this port lets your server respond to unencrypted web requests from browsers or clients.
In this step, we will add inbound rules to your NSG, giving priority to SSH access, followed by HTTP, so your VM can be accessed and serve web pages.
- Allow SSH (Port 22)
- Allow HTTP (Port80)
5. Attach NSG to Subnet
Associating a Network Security Group (NSG) with a subnet ensures that all virtual machines within that subnet automatically follow the NSG’s rules.
This provides consistent network-level protection for every resource in the subnet, so you don’t have to apply rules individually to each VM.
Confirm resources are created from Azure Portal
Provision a Linux Virtual Machine
A Virtual Machine (VM) is a software-based computer that runs an operating system and applications just like a physical machine. Instead of using physical hardware, it operates on virtualized resources provided by a cloud platform.
In Microsoft Azure, VMs give you on-demand access to CPU, memory, storage, and networking. This allows you to deploy and manage servers quickly without owning physical hardware.
In this step, we’ll create an Ubuntu VM with a public IP address inside your VNet so it can be accessed from the internet.
1. Allocate a Public IP
A public IP allows your VM to be reachable from outside the VNet (e.g., your browser or SSH client). Without it, the VM can only be accessed internally or via a VPN.
2. Create the Virtual Machine
We will create a B1s Ubuntu VM using auto-generated SSH keys. This VM will be connected to your existing subnet and protected by the Network Security Group (NSG).
This VM is your actual cloud compute instance, where your web application and services will run.
3. Retrieve the public IP
Fetch the VM’s public IP address from Azure so you can use it to SSH into the machine or access any hosted web services.
4. Verify the VM is running
Check that the VM is active by querying its status and displaying it neatly in a table; this ensures the VM is running before you try to connect.
5. SSH Into your VM and Install Nginx
Connect to your VM using SSH, install the Nginx web server via APT, and start its service. A new VM is typically empty, so Nginx allows you to verify that HTTP traffic on port 80 is accessible.
Top comments (0)