Azure Devops

Azure Cloud

Table of Contents

  1. Traditional Datacenter Architecture?
  2. Cloud Computing
  3. Cloud Service Models
  4. Cloud Deployment Models
  5. Well-Architected Framework
  6. Pillars of Cloud Computing
  7. Introduction to Azure Cloud
  8. Azure Core Concepts
  9. Azure Cloud Account
  10. Prerequisites Tools

This module introduces you to cloud computing. It covers things such as cloud concepts, deployment models, and understanding shared responsibility in the cloud.

What is Traditional Datacenter Architecture?

Data Center Image

Traditional IT infrastructure comprises physical hardware and software components, including data centers, servers, networking hardware, and enterprise applications. Maintaining such an infrastructure involves significant costs and challenges:

Problems With Traditional Architecture

  • Recurring Costs: Ongoing expenses for data center rent can be significant.
  • Operational Expenses: Costs for power supply, cooling, and maintenance can quickly add up.
  • Hardware Management: Adding or replacing hardware can be time-consuming and complex.
  • Scaling Challenges: Scaling up resources is often limited and can require substantial lead time.
  • Infrastructure Monitoring: A dedicated team is needed to continuously monitor and maintain the infrastructure.
  • Disaster Preparedness: How do you effectively manage disasters such as earthquakes, power outages, or fires?

Cloud Computing

Cloud computing is the delivery of computing services over the internet, enabling users to access and store data, applications, and resources on remote servers. It provides flexibility, scalability, and cost-efficiency, allowing businesses and individuals to leverage resources without the need for on-premises infrastructure.

Characteristics of Cloud Computing

  1. On-Demand Self-Service

    Users can provision resources automatically as needed without requiring human interaction from the service provider.

  2. Broad Network Access

    Cloud services are available over the network and can be accessed through standard mechanisms (e.g., mobile phones, tablets, laptops).

  3. Resource Pooling

    The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned according to demand.

  4. Rapid Elasticity

    Resources can be elastically provisioned and released to scale rapidly outward and inward commensurate with demand.

  5. Measured Service

    Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service.

  6. Security and Compliance

    Cloud providers implement robust security measures to protect data and comply with industry standards and regulations.

  7. Cost Efficiency

    With a pay-as-you-go model, businesses can save on upfront capital costs and reduce the overall cost of IT infrastructure.

  8. High Availability

    Cloud computing services are designed for high availability and reliability, ensuring minimal downtime for users.

How Cloud Computing Overcomes the Problems of Traditional Architecture

  1. Lower IT Costs:
    The cloud allows organizations to offload many costs associated with maintaining on-premises infrastructure, including purchasing, installing, configuring, and managing hardware. This shift can lead to substantial savings, as businesses only pay for what they use, reducing capital expenditures and ongoing operational costs

  2. Improved Agility and Time-to-Value:
    With cloud computing, organizations can deploy enterprise applications almost instantly, significantly reducing the time needed to respond to IT requests. Instead of waiting weeks or months for hardware and software setup, users—particularly developers and data scientists—can provision resources on demand, enhancing productivity and innovation

  3. Scalability and Cost-Effectiveness:
    The elasticity of cloud services enables businesses to scale their resources up or down based on current demand, effectively managing traffic spikes and dips without investing in excess capacity that may sit idle. This flexibility not only optimizes resource use but also ensures that organizations can adapt to changing business needs in real time

Conclusion

Cloud computing offers flexible, scalable, and cost-effective solutions, enabling organizations to innovate faster and focus on core business activities rather than managing infrastructure.

Cloud Service Models

Cloud computing is categorized into three primary service models, each serving different business needs and technical requirements:

Infrastructure as a Service (IaaS)

IaaS provides virtualized computing resources over the internet. It offers the fundamental building blocks of computing, including:

  • Compute: Virtual machines with various configurations.
  • Storage: Options for data storage like block, file, and object storage.
  • Networking: Virtual networks, load balancers, and firewalls.

Key Features:

  • Scalability: Easily scale up or down based on demand.
  • Control: Provides users with greater control over the infrastructure.

Example Providers: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP).

Platform as a Service (PaaS)

PaaS offers a platform allowing customers to develop, run, and manage applications without the complexity of building and maintaining the underlying infrastructure.

Key Features:

  • Development Tools: Integrated development environments (IDEs) and application hosting.
  • Middleware: Services that help manage application operations.

Example Providers: Google App Engine, Microsoft Azure App Service, Heroku.

Software as a Service (SaaS)

SaaS delivers software applications over the internet, on a subscription basis. Users access the software via a web browser, eliminating the need for installation and maintenance.

Key Features:

  • Accessibility: Accessible from any device with internet connectivity.
  • Automatic Updates: Providers manage the infrastructure, security, and updates.

Example Providers: Salesforce, Google Workspace, Microsoft 365.

Examples

Feature IaaS (Infrastructure as a Service) PaaS (Platform as a Service) SaaS (Software as a Service)
Definition Virtualized computing resources over the internet. Cloud-based platform allowing developers to build, deploy, and manage applications. Software delivered over the internet on a subscription basis.
Management Responsibility User manages the OS, applications, and data. Provider manages the infrastructure and platform; user manages applications and data. Provider manages everything; user simply uses the software.
Scalability Highly scalable; users can adjust resources as needed. Scalable; resources can be adjusted for application needs. Limited scalability; depends on the service plan.
Examples Amazon EC2,Azure Virtual Machine, Google Compute Engine Google App Engine, Microsoft Azure Google Workspace, Salesforce
Use Case Hosting websites, storage, and backups. Developing and deploying applications without worrying about underlying infrastructure. Accessing software applications like email or CRM systems.
Customization High level of customization for OS and applications. Moderate customization; focuses on app development. Low customization; pre-built software solutions.
Cost Structure Pay-as-you-go for usage and storage. Subscription-based, usually with tiered pricing. Subscription-based, often with different pricing tiers.
Ideal For IT administrators, system architects. Developers, software engineers. End-users, businesses.

Conclusion

Understanding these cloud service models helps businesses choose the right solution based on their operational needs and technical requirements.

Cloud Deployment Models

Cloud deployment models define how cloud services are provided and utilized. The main types of cloud deployment models are:

Public Cloud

In a public cloud deployment, the services and infrastructure are provided off-site over the internet and shared across multiple organizations. The cloud provider manages everything, and users pay for the resources they consume.

Key Features:

  • Cost-Effective: No capital expenditure, only operational costs.
  • Scalability: Easily scalable to accommodate varying workloads.

Example Providers: Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP).

Private Cloud

A private cloud is dedicated to a single organization and can be hosted either on-premises or off-site. It offers more control over data security and privacy but requires a higher capital investment.

Key Features:

  • Enhanced Security: Greater control over sensitive data and compliance.
  • Customization: Tailored to specific business needs.

Example Use Cases: Enterprises with strict regulatory requirements or sensitive data management.

Hybrid Cloud

The hybrid cloud model combines both public and private clouds, allowing data and applications to be shared between them. This offers greater flexibility and more deployment options.

Key Features:

  • Flexibility: Businesses can leverage both environments based on their needs.
  • Cost Efficiency: Balance between cost and performance by utilizing both public and private resources.

Example Use Cases: Organizations that need to handle varying workloads and want to maintain control over sensitive data while leveraging public resources for other applications.

Community Cloud

A community cloud is shared among several organizations with similar requirements, often within the same industry. It can be managed internally or by a third-party provider.

Key Features:

  • Cost Sharing: Organizations share the costs of infrastructure and services.
  • Collaboration: Facilitates collaboration among organizations with shared interests or requirements.

Example Use Cases: Government agencies or educational institutions sharing resources for collaborative projects.

Conclusion

Understanding the different cloud deployment models allows organizations to choose the right mix of solutions based on their business needs, security requirements, and budget constraints.

Well-Architected Framework

The Well-Architected Framework (WAF) is a set of best practices created by Amazon Web Services (AWS) to assist cloud architects in building secure, high-performing, resilient, and efficient infrastructure for their applications. The framework is divided into five key pillars:

Operational Excellence

  • Focus: Emphasizes running and monitoring systems to deliver business value and continuously improve processes and procedures.
  • Key Practices: Implement automation, monitoring, incident response, and evolve procedures based on feedback.

Security

  • Focus: Protects data, systems, and assets while delivering business value through risk assessments and mitigation strategies.
  • Key Practices: Implement strong identity and access management, use encryption for data protection, and maintain compliance with regulations.

Reliability

  • Focus: Ensures a workload performs its intended function correctly and consistently when expected.
  • Key Practices: Design systems for failover and recovery, implement backups, and use redundancy to minimize the impact of failures.

Performance Efficiency

  • Focus: Utilizes IT and computing resources efficiently to meet system requirements and maintain that efficiency as demand changes and technologies evolve.
  • Key Practices: Select the right resource types and sizes, monitor performance, and adjust resources dynamically to meet demand.

Cost Optimization

  • Focus: Avoids unnecessary costs by understanding where money is spent and eliminating unneeded expenses.
  • Key Practices: Monitor and analyze costs, implement resource optimization strategies, and use pricing models effectively.

Conclusion

By following the Well-Architected Framework, organizations can enhance their cloud architectures’ resilience, efficiency, and security. AWS provides a Well-Architected Tool that helps review workloads against these best practices, offering insights and recommendations to improve architecture.

For further details, check the official AWS Well-Architected Framework documentation.

Pillars of Cloud Computing

The pillars of cloud computing refer to essential principles that guide the design, deployment, and management of cloud services. Below are the primary pillars:

Cost Efficiency

  • Organizations can reduce costs associated with hardware and software by utilizing cloud services, which operate on a pay-as-you-go model. This allows businesses to scale resources based on demand without significant upfront investments.

Scalability

  • Cloud computing offers the ability to scale resources up or down quickly based on usage. This elasticity is crucial for businesses that experience variable workloads, enabling them to accommodate peak demands without overprovisioning.

Performance

  • Cloud providers typically offer robust infrastructure and high availability, ensuring that applications run efficiently and with low latency. They also provide various tools for monitoring and optimizing performance.

Security

  • Security is a critical pillar, as cloud providers implement a range of security measures to protect data and applications. This includes identity and access management, encryption, and compliance with industry regulations.

Reliability

  • Cloud services are designed to be reliable, with built-in redundancies and backup solutions to ensure continuity. This minimizes downtime and enhances the overall resilience of applications.

Flexibility

  • The cloud allows organizations to deploy applications and services quickly without the constraints of physical infrastructure. This flexibility supports innovation and rapid experimentation.

Conclusion

Understanding these pillars is essential for organizations looking to leverage cloud computing effectively. They serve as a foundation for building cloud strategies that optimize resources and improve overall operations

Introduction to Azure Cloud

Azure is a cloud computing platform by Microsoft, offering a wide range of services such as virtual machines, storage, networking, and databases. It enables businesses to build, deploy, and manage applications in a scalable, secure, and global environment.

Azure offers services under three primary models:

  1. Infrastructure as a Service (IaaS)
  2. Platform as a Service (PaaS)
  3. Software as a Service (SaaS)

Azure Core Concepts

Azure Cloud Account

An Azure cloud account is a user account that provides access to Microsoft Azure’s cloud services, allowing users to create, manage, and scale resources such as virtual machines, databases, and applications over the internet.

Azure Subscription

An Azure subscription is an agreement that allows users to access and use Microsoft Azure cloud services. It defines the resources available to the user, billing details, and usage limits. Each subscription can contain multiple resources and services, and users can choose from various pricing plans, including free, pay-as-you-go, and enterprise options.

Resource Groups

A Resource Group is a logical container used to organize and manage Azure resources (like virtual machines, databases, and storage accounts). All the resources inside a resource group share the same lifecycle—meaning you can deploy, update, or delete them together.

Here’s how you can create a resource group:

az group create --name myResourceGroup --location eastus

Regions and Availability Zones

  • Regions: Azure has data centers around the globe. A region is a specific geographical location where Azure resources are hosted. When you deploy resources, you must choose a region to locate them.

  • Availability Zones: These are isolated locations within a region. They provide redundancy and protect resources from data center failures.

Azure Free Account Creation

Click here to create Azure Cloud Free Account

Discuss what is free there

Walk through Some Azure Services and options

  • Create your Azure Account
  • Walk through some of the services from Azure Cloud
    • Azure Cloud shell
    • Create a resource Group
    • Create a Virtual Machine
      • Linux Vm and login with ssh user and password
      • Linux vm and login with ssh user and key
      • Windows vm
    • Create SP and generate creds
    • Give Permission to newly created Service principal
    • Install Azure cli
      • Login to Azure cloud with Az cli

Azure CLI Commands

  1. Login to Azure: az login
  2. List Subscriptions: az account list
  3. Create a Resource Group: az group create --name <ResourceGroupName> --location <Location>
  4. List Resource Groups: az group list
  5. Create a Virtual Machine: az vm create --resource-group <ResourceGroupName> --name <VMName> --image <ImageName>
  6. List Virtual Machines: az vm list --output table
  7. Start a Virtual Machine: az vm start --resource-group <ResourceGroupName> --name <VMName>
  8. Stop a Virtual Machine: az vm stop --resource-group <ResourceGroupName> --name <VMName>
  9. Delete a Resource Group: az group delete --name <ResourceGroupName> --yes --no-wait
  10. Get Help for a Command: az <command> --help

Steps to create Service Principle

Follow these steps to create a Service Principal using the Azure Portal UI.

1. Log in to the Azure Portal

  • Go to Azure Portal and log in with your Azure credentials.

2. Navigate to Azure Active Directory

  • In the left-hand sidebar, click on Azure Active Directory.
  • If you don’t see it, search for “Azure Active Directory” in the search bar at the top.

3. Create a New App Registration

  • In the Azure Active Directory page, under Manage, select App registrations.
  • Click the New registration button at the top.

4. Fill in the App Registration Details

  • Name: Provide a name for your service principal (e.g., MyServicePrincipal).
  • Supported account types: Select Accounts in this organizational directory only.
  • Redirect URI: Leave this blank unless required for your setup.
  • Click Register to create the App Registration.

5. Create a Client Secret

  • After registering the app, you will be redirected to the app’s Overview page.
  • In the left-hand menu, click on Certificates & secrets.
  • Under the Client secrets section, click on New client secret.
  • Provide a description (e.g., MySecret) and set an expiration time (e.g., 6 months, 1 year).
  • Click Add.
  • Copy the client secret value that is generated. You won’t be able to view it again after you leave this page.

6. Assign Roles to the Service Principal

  • Navigate to the Subscription or Resource Group where you want to give the service principal access.
  • In the left-hand menu, click on Access control (IAM).
  • Click the Add role assignment button.
  • Choose a role (e.g., Contributor, Reader), and then click Next.
  • Under Assign access to, select User, group, or service principal.
  • In the Select box, search for the name of your service principal (App registration name), and then click Next.
  • Review and click Assign to complete the role assignment.

7. Collect Key Information

You will need the following details to log in with the service principal via Azure CLI or use it in scripts:

  • Client ID (AppId): This can be found on the Overview page of your App Registration.
  • Tenant ID: This can also be found on the Overview page.
  • Client Secret: The value you copied earlier from the Certificates & secrets section.

Optional: Create a Service Principal via CLI

Alternatively, if you want to create a service principal using Azure CLI, you can run the following command:

az ad sp create-for-rbac --name "<your-app-name>" --role contributor --scopes /subscriptions/<subscription-id>

How to login with service principle

az login --service-principal \
--username <AppId> \
--password <Password> \
--tenant <TenantId>

How to create ssh key

 ssh-keygen -f ubuntu

Managed Identity

Managed Identity is a feature of Azure Active Directory (Azure AD) that provides an automatically managed identity for applications. With Managed Identity, applications can authenticate to Azure services without storing credentials, making it a secure and streamlined method for handling access to resources.

Types of Managed Identity

  1. System-assigned Managed Identity:

    • Created directly by Azure for a specific resource.
    • The identity is tied to the resource lifecycle (created with the resource and deleted when the resource is deleted).

  2. User-assigned Managed Identity:

    • Created independently of a specific resource.
    • Can be assigned to multiple resources.
    • Persisted even when the assigned resources are deleted.

Key Features

  • Credential management: No need to hard-code credentials in the application.
  • Integration with Azure services: Managed Identity integrates seamlessly with services like Azure Key Vault, Azure Storage, and Azure SQL Database.
  • Secure authentication: Utilizes Azure AD for authentication, eliminating the risk of leaking secrets.

Use Cases

  • Accessing Azure Key Vault securely without storing secrets.
  • Managing access to Azure Blob Storage from an Azure Virtual Machine or App Service.
  • Authenticating to Azure SQL Database without credentials.

How to Use

  1. Enable Managed Identity for your Azure service (e.g., Virtual Machine, App Service).
  2. Assign roles to the Managed Identity via Azure RBAC (Role-Based Access Control).
  3. Use the appropriate SDK or Azure CLI to authenticate and access resources securely.

Login with Managed identity

 az login --identity

Login with user assigned managed identity

az login --identity --username <client-id>

Azure App Service

Key Features

  • Multi-Language Support: .NET, Java, Node.js, Python, PHP, Ruby
  • Integrated Development Environment: Supports Visual Studio, Visual Studio Code, GitHub
  • Continuous Integration and Deployment (CI/CD): Integrates with GitHub, Azure DevOps, Bitbucket, Docker Hub
  • Scaling and Load Balancing: Built-in autoscaling and load balancing
  • Security Features:
    • Managed Identity for secure access
    • App Service Environment (ASE) for isolation
    • Built-in authentication and authorization
  • Custom Domains and SSL: Easy configuration for custom domains and SSL certificates
  • Monitoring and Diagnostics: Insights through Azure Monitor and Application Insights
  • API Management: Features for API versioning, security, and analytics
  • Global Reach: Deploy applications in multiple Azure regions

Types of Azure App Services

  • Web Apps: Host websites and web applications
  • API Apps: Build and host APIs
  • Mobile Apps: Provide backend services for mobile applications
  • Function Apps: Run serverless functions in response to events

Getting Started

  1. Create an Azure App Service:

    • Log in to Azure Portal
    • Click on Create a resource
    • Search for App Service
    • Configure settings (Subscription, Resource Group, Name, Publish method, Runtime Stack, Region)
    • Select or create an App Service plan
    • Click Create

  2. Deploy Your Application:

    • Use CI/CD pipelines or manual upload
    • Configure application settings and environment variables
    • Monitor and manage through Azure Portal

Prerequisites tools.

Follow This for Terraform based Azure Devops

Day Wise Planning

Day 01 Cloud Basics and Planning

Day 02 Azure Cloud

  • Free tier account creation
  • Cloud shell
  • Azure virtual machine
  • Network security group
  • Azure cli
  • Azure AD Entra ID
    • user
    • Service Principle

Day 03

  • Azure App Service
  • Create dotnet project
  • Create Mavcen project
  • Deploy to Azure App

Day 04

  • Docker basics
    • Dockerfile
    • ACR
    • Docker hub

Day 05

  • AKS Deployment

Day 06

  • Azure Devops
    • Account Creation
    • Organization creation
    • Project Creation
    • organization setting
    • Project settings

Day 07

  • Azure Repos

Day 08

  • Azure Pipeline
    • Classic

Class 09

  • Azure Pipeline
    • Classic

Class 10

  • Azure Pipeline
    • Yaml based

Class 11

  • Azure Pipeline
    • Yaml based

Class 12

  • Azure Release Pipeline

Class 13

  • End to end pipeline from build to deploy to multiple environment

Class 14

  • Terraform pipeline with Azure Devops

Class 15

  • Azure Devops Integrations
Part 1

Azure Devops

Part 2

Azure Devops

Part 3

Azure Devops

part 4

Azure Devops

Part 5

Azure devops

AKS

Managed Kubernetes

Azure Devops Test Plans

Azure Devops

Docker

Dockerfile