{"id":996,"date":"2018-01-22T11:35:56","date_gmt":"2018-01-22T11:35:56","guid":{"rendered":"http:\/\/wiki.thomasandsofia.com\/?p=996"},"modified":"2018-03-20T09:58:58","modified_gmt":"2018-03-20T09:58:58","slug":"azure-networking","status":"publish","type":"post","link":"https:\/\/wiki.thomasandsofia.com\/?p=996","title":{"rendered":"Azure Networking"},"content":{"rendered":"<p><a href=\"https:\/\/channel9.msdn.com\/Shows\/TechNet+Radio\/TNR1668\" target=\"_blank\" rel=\"noopener\">https:\/\/channel9.msdn.com\/Shows\/TechNet+Radio\/TNR1668<\/a><\/p>\n<p>Return to <a href=\"http:\/\/wiki.thomasandsofia.com\/2018\/01\/22\/azure-for-aws-professionals-menu\/\">Main Menu<\/a><\/p>\n<h2>Create the Virtual Network<\/h2>\n<h3>By the Dashboard<\/h3>\n<ul>\n<li>Dashboard &gt; + Create a resource &gt; Networking &gt; Virtual Network\n<ul>\n<li>Name<\/li>\n<li>Address space: 10.0.0.0\/16\n<ul>\n<li>Okay to use same addresses used in other vnets, but will not be able to network them together.<\/li>\n<\/ul>\n<\/li>\n<li>Subscription: Pay as you go<\/li>\n<li>Subnet name: Public, private, web, application etc.<\/li>\n<li>Subnet address range: 10.0.0.0\/24<\/li>\n<li>Resource Group: This is a tag, kind of like a project, or cloudformation stack, to group items together.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>By Command Line CLI<\/h3>\n<h4>Create the vnet<\/h4>\n<pre>azure network vnet create &lt;vnetName&gt; --resource-group &lt;resourceGroup&gt; --location &lt;Region&gt; --address-prefixes \"10.0.0.0\/8\"<\/pre>\n<h5>To view your vnet:<\/h5>\n<pre>azure network vnet list<\/pre>\n<h4>Create a subnet<\/h4>\n<pre>azure network vnet subnet create &lt;subnetName&gt; --resource-group &lt;resourceGroup&gt; --vnet-name &lt;vnetName&gt; --address-prefix \"10.1.0.0\/24\"<\/pre>\n<h5>To view everything in the new vnet:<\/h5>\n<pre>azure network vnet show &lt;vnetName&gt; --resource-group &lt;resourceGroup&gt;<\/pre>\n<h5>Same in JSON<\/h5>\n<pre>azure network vnet show &lt;vnetName&gt; --resource-group &lt;resourceGroup&gt; --json<\/pre>\n<h5>Same in JSON &amp; find variable<\/h5>\n<pre>azure network vnet show &lt;vnetName&gt; --resource-group &lt;resourceGroup&gt; --json | jq .location<\/pre>\n<h3>By Template<\/h3>\n<p>(CloudFormation, brah!)<br \/>\nLocate Azure templates here: <a href=\"https:\/\/azure.microsoft.com\/en-us\/resources\/templates\/\" target=\"_blank\" rel=\"noopener\">https:\/\/azure.microsoft.com\/en-us\/resources\/templates\/<\/a><br \/>\n<a href=\"https:\/\/azure.microsoft.com\/en-us\/resources\/templates\/101-vnet-two-subnets\/\" target=\"_blank\" rel=\"noopener\"> https:\/\/azure.microsoft.com\/en-us\/resources\/templates\/101-vnet-two-subnets\/<\/a><\/p>\n<pre>{\r\n  \"$schema\": \"https:\/\/schema.management.azure.com\/schemas\/2015-01-01\/deploymentTemplate.json#\",\r\n  \"contentVersion\": \"1.0.0.0\",\r\n  \"parameters\": {\r\n    \"vnetName\": {\r\n      \"type\": \"string\",\r\n      \"defaultValue\": \"VNet1\",\r\n      \"metadata\": {\r\n        \"description\": \"VNet name\"\r\n      }\r\n    },\r\n    \"vnetAddressPrefix\": {\r\n      \"type\": \"string\",\r\n      \"defaultValue\": \"10.0.0.0\/16\",\r\n      \"metadata\": {\r\n        \"description\": \"Address prefix\"\r\n      }\r\n    },\r\n    \"subnet1Prefix\": {\r\n      \"type\": \"string\",\r\n      \"defaultValue\": \"10.0.0.0\/24\",\r\n      \"metadata\": {\r\n        \"description\": \"Subnet 1 Prefix\"\r\n      }\r\n    },\r\n    \"subnet1Name\": {\r\n      \"type\": \"string\",\r\n      \"defaultValue\": \"Subnet1\",\r\n      \"metadata\": {\r\n        \"description\": \"Subnet 1 Name\"\r\n      }\r\n    },\r\n    \"subnet2Prefix\": {\r\n      \"type\": \"string\",\r\n      \"defaultValue\": \"10.0.1.0\/24\",\r\n      \"metadata\": {\r\n        \"description\": \"Subnet 2 Prefix\"\r\n      }\r\n    },\r\n    \"subnet2Name\": {\r\n      \"type\": \"string\",\r\n      \"defaultValue\": \"Subnet2\",\r\n      \"metadata\": {\r\n        \"description\": \"Subnet 2 Name\"\r\n      }\r\n    }\r\n  },\r\n  \"variables\": {\r\n    \"apiVersion\": \"2015-06-15\"\r\n  },\r\n  \"resources\": [\r\n    {\r\n      \"apiVersion\": \"2015-06-15\",\r\n      \"type\": \"Microsoft.Network\/virtualNetworks\",\r\n      \"name\": \"[parameters('vnetName')]\",\r\n      \"location\": \"[resourceGroup().location]\",\r\n      \"properties\": {\r\n        \"addressSpace\": {\r\n          \"addressPrefixes\": [\r\n            \"[parameters('vnetAddressPrefix')]\"\r\n          ]\r\n        },\r\n        \"subnets\": [\r\n          {\r\n            \"name\": \"[parameters('subnet1Name')]\",\r\n            \"properties\": {\r\n              \"addressPrefix\": \"[parameters('subnet1Prefix')]\"\r\n            }\r\n          },\r\n          {\r\n            \"name\": \"[parameters('subnet2Name')]\",\r\n            \"properties\": {\r\n              \"addressPrefix\": \"[parameters('subnet2Prefix')]\"\r\n            }\r\n          }\r\n        ]\r\n      }\r\n    }\r\n  ]\r\n}<\/pre>\n<h3>Create a template from your Resource Group<\/h3>\n<ul>\n<li>Resource Group &gt; Automation Script\n<ul>\n<li>This makes really ugly code.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>From the CLI<\/p>\n<p>This is accessed from the Automation Script screen.<\/p>\n<pre>#!\/bin\/bash\r\nset -euo pipefail\r\nIFS=$'\\n\\t'\r\n\r\n# -e: immediately exit if any command has a non-zero exit status\r\n# -o: prevents errors in a pipeline from being masked\r\n# IFS new value is less likely to cause confusing bugs when looping arrays or arguments (e.g. $@)\r\n\r\nusage() { echo \"Usage: $0 -i &lt;subscriptionId&gt; -g &lt;resourceGroupName&gt; -n &lt;deploymentName&gt; -l &lt;resourceGroupLocation&gt;\" 1&gt;&amp;2; exit 1; }\r\n\r\ndeclare subscriptionId=\"\"\r\ndeclare resourceGroupName=\"\"\r\ndeclare deploymentName=\"\"\r\ndeclare resourceGroupLocation=\"\"\r\n\r\n# Initialize parameters specified from command line\r\nwhile getopts \":i:g:n:l:\" arg; do\r\ncase \"${arg}\" in\r\ni)\r\nsubscriptionId=${OPTARG}\r\n;;\r\ng)\r\nresourceGroupName=${OPTARG}\r\n;;\r\nn)\r\ndeploymentName=${OPTARG}\r\n;;\r\nl)\r\nresourceGroupLocation=${OPTARG}\r\n;;\r\nesac\r\ndone\r\nshift $((OPTIND-1))\r\n\r\n#Prompt for parameters is some required parameters are missing\r\nif [[ -z \"$subscriptionId\" ]]; then\r\necho \"Your subscription ID can be looked up with the CLI using: az account show --out json \"\r\necho \"Enter your subscription ID:\"\r\nread subscriptionId\r\n[[ \"${subscriptionId:?}\" ]]\r\nfi\r\n\r\nif [[ -z \"$resourceGroupName\" ]]; then\r\necho \"This script will look for an existing resource group, otherwise a new one will be created \"\r\necho \"You can create new resource groups with the CLI using: az group create \"\r\necho \"Enter a resource group name\"\r\nread resourceGroupName\r\n[[ \"${resourceGroupName:?}\" ]]\r\nfi\r\n\r\nif [[ -z \"$deploymentName\" ]]; then\r\necho \"Enter a name for this deployment:\"\r\nread deploymentName\r\nfi\r\n\r\nif [[ -z \"$resourceGroupLocation\" ]]; then\r\necho \"If creating a *new* resource group, you need to set a location \"\r\necho \"You can lookup locations with the CLI using: az account list-locations \"\r\n\r\necho \"Enter resource group location:\"\r\nread resourceGroupLocation\r\nfi\r\n\r\n#templateFile Path - template file to be used\r\ntemplateFilePath=\"template.json\"\r\n\r\nif [ ! -f \"$templateFilePath\" ]; then\r\necho \"$templateFilePath not found\"\r\nexit 1\r\nfi\r\n\r\n#parameter file path\r\nparametersFilePath=\"parameters.json\"\r\n\r\nif [ ! -f \"$parametersFilePath\" ]; then\r\necho \"$parametersFilePath not found\"\r\nexit 1\r\nfi\r\n\r\nif [ -z \"$subscriptionId\" ] || [ -z \"$resourceGroupName\" ] || [ -z \"$deploymentName\" ]; then\r\necho \"Either one of subscriptionId, resourceGroupName, deploymentName is empty\"\r\nusage\r\nfi\r\n\r\n#login to azure using your credentials\r\naz account show 1&gt; \/dev\/null\r\n\r\nif [ $? != 0 ];\r\nthen\r\naz login\r\nfi\r\n\r\n#set the default subscription id\r\naz account set --subscription $subscriptionId\r\n\r\nset +e\r\n\r\n#Check for existing RG\r\naz group show $resourceGroupName 1&gt; \/dev\/null\r\n\r\nif [ $? != 0 ]; then\r\necho \"Resource group with name\" $resourceGroupName \"could not be found. Creating new resource group..\"\r\nset -e\r\n(\r\nset -x\r\naz group create --name $resourceGroupName --location $resourceGroupLocation 1&gt; \/dev\/null\r\n)\r\nelse\r\necho \"Using existing resource group...\"\r\nfi\r\n\r\n#Start deployment\r\necho \"Starting deployment...\"\r\n(\r\nset -x\r\naz group deployment create --name \"$deploymentName\" --resource-group \"$resourceGroupName\" --template-file \"$templateFilePath\" --parameters \"@${parametersFilePath}\"\r\n)\r\n\r\nif [ $? == 0 ];\r\nthen\r\necho \"Template has been successfully deployed\"\r\nfi\r\n<\/pre>\n<h2>Network Security Groups<\/h2>\n<ul>\n<li>These are a combination of AWS Network ACLs and Security Groups\n<ul>\n<li>Statefull like Security Groups<\/li>\n<li>Can assign both Access and Deny rules<\/li>\n<li>Can filter on addresses, address prefixes or wildcards<\/li>\n<\/ul>\n<\/li>\n<li>Can be assigned at Subnet Level or VM or even per NIC<\/li>\n<li>The ability to use smaller and fewer lists speeds up your network traffic.<\/li>\n<\/ul>\n<h2>Multiple NICs<\/h2>\n<ul>\n<li>Can assign up to 10 NICs per VM<\/li>\n<li>Internal and External<\/li>\n<li>MAC and IP addresses persist through VM life cycle<\/li>\n<li>Separate frontend-backend traffic and management-data planes<\/li>\n<\/ul>\n<h2>MarketPlace Options<\/h2>\n<ul>\n<li>Load Balancers<\/li>\n<li>Firewalls<\/li>\n<li>etc.<\/li>\n<\/ul>\n<h2>Internet IP addresses and Load Balancing<\/h2>\n<h3>Public IP Addresses<\/h3>\n<ul>\n<li>Can be used for instance level or load balancing<\/li>\n<\/ul>\n<h3>Instance Level IP<\/h3>\n<ul>\n<li>Internet IP addigned exclusively to a single VM.<\/li>\n<li>Entire port range is accessible by default<\/li>\n<li>Primarily for targeting a specific VM<\/li>\n<\/ul>\n<h3>Load Balanced IP (VIP)<\/h3>\n<ul>\n<li>Internet IP load balanced among one or more VM instances<\/li>\n<li>Allows port redirection<\/li>\n<li>Primarily for load balanced, highly available or autoscale scenarios<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>https:\/\/channel9.msdn.com\/Shows\/TechNet+Radio\/TNR1668 Return to Main Menu Create the Virtual Network By the Dashboard Dashboard &gt; + Create a resource &gt; Networking &gt; Virtual Network Name Address space: 10.0.0.0\/16 Okay to use same addresses used in other vnets, but will not be able to network them together. Subscription: Pay as you go Subnet name: Public, private, web, ..<\/p>\n<div class=\"clear-fix\"><\/div>\n<p><a href=\"https:\/\/wiki.thomasandsofia.com\/?p=996\" title=\"read more...\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-996","post","type-post","status-publish","format-standard","hentry","category-azure-for-aws-experts"],"_links":{"self":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/996","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=996"}],"version-history":[{"count":9,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/996\/revisions"}],"predecessor-version":[{"id":1295,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=\/wp\/v2\/posts\/996\/revisions\/1295"}],"wp:attachment":[{"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=996"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=996"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wiki.thomasandsofia.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=996"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}