Build a network
- Azure has two different deployment models for creating and working with resources: Azure Resource Manager and classic
- Azure Resource Manager is the deployment and management service that provides a consistent management layer and allows you to create, update, and delete resources in your Azure subscription
- Microsoft recommends creating most new virtual networks through the Resource Manager deployment model
- Azure networking components include:
- Virtual networks
- IP addresses
- Subnets
- Network interface card
- DNS
Azure provides a name resolution service that enables VMs and cloud services within Azure to communicate by name
To increase availability and scalability, you can create two or more VMs that publish the same application
You can use an Azure load balancer to enable this traffic distribution between VMs
-
Azure load balancers are of two types:
- Public load balancer
- Internal load balancer
The load balancer can probe the health of the various server instances
All outbound traffic to the internet that originates from your service undergoes source network address translation (SNAT) by using the same VIP address as for incoming traffic
Application gateways provide load-balanced solutions for network traffic that is based on the HTTP protocol
Azure Traffic Manager is another load-balancing solution that Azure includes
-
Traffic Manager can:
- Improve availability of critical applications
- Improve responsiveness for high-performance applications
- Upgrade and perform service maintenance without downtime
- Combine on-premises and cloud-based applications
- Distribute traffic for large, complex deployments
Traffic Manager works at the DNS level
-
Network Security Groups
- You use Network Security Groups to provide network isolation for Azure resources by defining rules that can allow or deny specific traffic to individual VMs or subnets
-
User-defined routes
- User-defined routes (UDR) control network traffic by defining routes that specify the next hop of the traffic flow
-
Forced tunneling
- With forced tunneling, you can redirect internet-bound traffic back to the company’s on-premises infrastructure
-
Regional virtual networks
- Regional virtual networks can span a complete Azure region or datacenter
-
Cross-premises network connectivity
- Virtual networks in Azure also enable you to extend your on-premises networks to the cloud
Create a virtual network and a subnet
You can create a virtual network by using the Azure portal, the Azure CLI 1.0, or PowerShell
Create a network load balancer
- Azure Load Balancer is available in two SKUs: Basic and Standard
- You can use Azure Load Balancer to:
- Load-balance incoming internet traffic to your VMs
- Load-balance traffic across VMs inside a virtual network
- Port forward traffic to a specific port on specific VMs
- Provide outbound connectivity for VMs inside your virtual network
Azure Traffic Manager
- Traffic Manager uses DNS to direct client requests to the most appropriate service endpoint based on a traffic-routing method and the health of the endpoints
- Traffic Manager provides a range of traffic-routing methods and endpoint monitoring options to suit different application needs and automatic failover models
- Traffic Manager is resilient to failure, including the failure of an entire Azure region
Configure virtual network gateways
- Azure VPN Gateway serves as the cross-premises gateway connecting your workloads in Azure Virtual Network to on-premises sites
- It is necessary to connect to on-premises sites through IPsec S2S VPN tunnels or through ExpressRoute circuits
Top comments (0)