To leverage Azure as Infrastructure as a service, we have to think in terms following capabilities
- Compute
- Available through Virtual Machines
- Network
- Available through Virtual Network
- Storage
- Available through Storage Account
Virtual Network
- Equivalent of a network in Azure
- It contains an IP range
- Can be subdivided into multiple Logical Subnets
- A default Subnet is created with a subset of the IP range when a VNET is created
- Additional subnets can be added and associated with different subsets of the IP range.
Virtual Machine
- Equivalent of a physical machine in Azure
- Hosted inside a VNET
- Every machine contains a Network Interface through which it connects with VNET
Storage
- Virtual machine uses Virtual Hard drives to store OS and temp data
- Virtual Hard drives can be stored in blobs in a Storage account
- VHDs are also used for storing the images
- Temp data gets deleted when restarting a Virtual machine
- Additional data disks can also be added to store Application data
- Disks can be configured as managed or unmanaged Disks
- For unmanage disks, we need to manage the storage account
- Managed disks are managed by Microsoft and are commended for 99.999% availability
Network Interface
- IP Addresses are attached to a VNET interface that is linked to VM
- Private IPs are used for communicating between VMs
- Public IPs are used for external access
- When a virtual machine is restarted, it will get a new Public IP address
Network Security Group
- A subnet can be secured with a Network Security group
- NSG contains rules for ingress (incoming network traffic) and egress (outgoing network traffic)