Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.
-
Upload
anastasia-edwards -
Category
Documents
-
view
221 -
download
0
Transcript of Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.
![Page 1: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/1.jpg)
![Page 2: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/2.jpg)
Azure Resource Manager
Gautam ThaparPrincipal Program ManagerMicrosoft Corporation
CDP-B345Charles LamannaPrincipal Engineering ManagerMicrosoft Corporation
![Page 3: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/3.jpg)
AgendaWhy Azure Resource Manager
What has already been enabledQuestions/Feedback
![Page 4: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/4.jpg)
Today’s ChallengeIt’s difficult to…
Deploy or update a group of resources, repeatedly
Manage permissions on a group of resources
Visualize a group of resources in a logical view, including monitoring/billing
![Page 5: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/5.jpg)
Singletons
Deploy becomes more complex
Proper use of resources becomes more abstract
Isolation makes communication a challenge
STORAGE
![Page 6: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/6.jpg)
6
Resource Centric Views
![Page 7: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/7.jpg)
Introducing Resource ManagerApplication Lifecycle Container
Declarative solution for Deployment and Configuration
Consistent Management Layer
![Page 8: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/8.jpg)
Resource Groups Tightly coupled containers of
multiple resources of similar or different types
Every resource *must* exist in one and only one resource group
Resource groups can span regions
RESOURCE GROUP
![Page 9: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/9.jpg)
Coupling for ResourcesResource Group is a unit of management
Lifecycle: deployment, update, delete, status
Identity: resources can talk to each other
Grouping: Metering, billing, quota: applied & rolled up to group
Access Control: Scope for RBAC permissions
![Page 10: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/10.jpg)
Resource Group LifecycleQuestion: Should these resources be in the same group or a different one?
Hint: Do they have common lifecycle and management?
Answer: Up to you.
![Page 11: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/11.jpg)
Azure Templates can:• Ensure Idempotency
• Simplify Orchestration
• Simplify Roll-back
• Provide Cross-Resource Configuration and Update Support
Azure Templates are: • Source file, checked-in
• Specifies resources and dependencies (VMs, WebSites, DBs) and connections (config, LB sets)
• Parametized input/output
Instantiation of repeatable config.Configuration Resource Group
Power of Repeatability
SQL - A Website VirtualMachines
SQL-AWebsite[SQL CONFIG] VM (2x)
DEPENDS ON SQLDEPENDS ON SQL
SQLCONFIG
![Page 12: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/12.jpg)
12
Add your own PowerSome resources can be extended allowing more code or data inside the resource
• AV agent inside a VM
• WordPress Webdeploy package on a Website
Allow for Scripting or Imperative configuration of resources
Extensible solution (Windows and Linux):• VMM Agent
• DSC (in-VM PowerShell)
• Chef
• Puppet
![Page 13: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/13.jpg)
Consistent Management Layer
AZURE RESOURCE MANAGER API
![Page 14: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/14.jpg)
So, what does this all mean…Application Lifecycle ContainerDeploy and Manage your application as you see fit
Declarative solution for Deployment and ConfigurationSingle click deployment of multiple instantiations of your application
Consistent Management LayerThe same experience of deployment and management whether you go from the Portal, Command Line,
or Tools
![Page 15: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/15.jpg)
DemoLet’s see that work
![Page 16: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/16.jpg)
16
Azure RM Capabilities• Centralized auditing of operations
• Simple tagging and grouping of resources
• Consistent access control (e.g. RBAC)
![Page 17: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/17.jpg)
17
Supported Resources and Roadmap
• Websites• SQL Azure DB• Classic Compute• Classic Network• Classic Storage• Redis Cache
… all existing Azure services are coming on-line
![Page 18: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/18.jpg)
18
Audited Management Operations
• Create / Update / Delete operations are audited
• Rich querying capabilities
• Available at subscription, resource group and resource
![Page 19: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/19.jpg)
19
Detailed Audits• Rich information about the who, what and when
• Correlation id groups related operations (e.g. templates)
![Page 20: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/20.jpg)
Resource Tags• Name-value pairs assigned to
resources or resource groups
• Subscription-wide taxonomy and complete for tag consistency
• Each resource can have up to 15 tags
![Page 21: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/21.jpg)
Tagging Tips• Notes: attach notes to resources via
tags
• Creator: track who is the “owner” or responsible for a resource
• Department/Cost center: record who is responsible for paying for a resource
• Environment: group resources in production vs. pre-production vs. test
![Page 22: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/22.jpg)
22
Organizational conceptsResource groups
• Tightly coupled to a container of resources
• Follows RBAC rules
• 1 resource group
Tags
• Loosely coupled user or system defined categorization
• Arbitrary boundaries
• 15 tags to use as needed
Resource groups and tags are the building blocks from which users define applications.
![Page 23: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/23.jpg)
23
Access Control: RBAC• Allows secure access with granular permissions to resources
• Assignable to users, groups or service principals
• Built-in roles make it easy to get started
![Page 24: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/24.jpg)
24
Two Key Concepts
Role Definitions
• describes the set of permissions (e.g. read actions)
• can be used in multiple assignments
Role Assignments
• associate role definitions with an identity (e.g. user/group) at a scope (e.g. resource group)
• always inherited – subscription assignments apply to all resources
![Page 25: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/25.jpg)
Role Based Access Control
![Page 26: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/26.jpg)
Granular Scopes
/subscriptions/{id}/resourceGroups/{name}/providers/…/sites/{site}
subscription level – grants permissions for all resources in the sub
resource group level – grants permissions for all resources in the group
resource level – grants permissions to the specific resource
![Page 27: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/27.jpg)
DemoLet’s see that work
![Page 28: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/28.jpg)
28
Recap
Next generation of Azure management
Templates provides predictability / efficiency
Audits, Tags, Access Control & more
Works Everywhere (public + private clouds)
![Page 29: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/29.jpg)
29
References• MVA Azure RM session: http://aka.ms/arm-devops • API docs on MSDN: http://aka.ms/armmsdn • Template docs on MSDN: http://aka.ms/templatemsdn • Azure RM cmdlets: http://aka.ms/armpowershell
• Available on twitter: @clamanna and @gautamthapar
![Page 30: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/30.jpg)
30
Questions/Feedback
![Page 31: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/31.jpg)
TechEd Mobile app for session evaluations is currently offline
SUBMIT YOUR TECHED EVALUATIONSFill out an evaluation via
CommNet Station/PC: Schedule Builder
LogIn: europe.msteched.com/catalog
We value your feedback!
![Page 32: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/32.jpg)
Resources
Learning
Microsoft Certification & Training Resources
www.microsoft.com/learning
TechNet
Resources for IT Professionals
http://microsoft.com/technet
Sessions on Demand
http://channel9.msdn.com/Events/TechEd
Developer Network
http://developer.microsoft.com
![Page 33: Agenda Why Azure Resource Manager What has already been enabled Questions/Feedback.](https://reader030.fdocuments.net/reader030/viewer/2022032705/56649d825503460f94a67f85/html5/thumbnails/33.jpg)
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.