Network Management Basics in Microsoft Azure
All warm spring greetings from the Lord of Fire!
The weather is cloudless - but this does not affect my love and craving for IT cloud stories.
And actually I continue my stories about Microsoft Azure - and today I want to highlight the situation regarding communications in the cloud - namely, aspects of the work of virtual networks.
So - anyone who wants to carry out the process of demystification in terms of Microsoft Azure capabilities in the field of network interaction - I ask for cat.
')
Networks are needed for communication - this is clear and obvious; I did not discover America by this. In our case, the networks are virtual. And they are used, as a rule, for virtual machines to communicate with each other, which are hosted in Microsoft Azure.
If you look at it from the point of view of applications, then they are distributed and can include various components that are better placed on individual virtual machines or services provided by Microsoft Azure: these can be web servers, these can be SQL DBMS and application server. And the service itself, represented by such a set of virtual machines, must be scalable - we are talking about the cloud with you. And the virtual network infrastructure described above is an internal network, as it is used only for internal communications between VMs within Azure. The only thing that needs to be done for reliable and familiar communication is to place the DNS server in Azure. This can be done in the old, good way - to deploy the VM and raise the corresponding role within it, or it can be both simpler and more reliable - by creating this service at the level of the Microsoft Azure infrastructure component.
There are also situations when the service must be hybrid, that is, to interact with the local network infrastructure — either of your organization as a whole, or directly from a specific device. Typically, VPN connections are used for such connections - and in our case they are also used - in the first case it is S2S-VPN (Site-to-site VPN) , and in the second it is P2S-VPN (Point-to-site VPN) .
As for network-to-network VPN connections, the ExpressRoute option is also available here - this is a guaranteed direct access channel directly to Microsoft Azure provided by telecom operators. This service is available on the territory of the Russian Federation.
In real enterprise computer networks, VPN devices are not only software based on Windows Server 2012R2 (well, how can it be without it), but also based on special hardware solutions from vendors such as Cisco or Juniper, and Microsoft Azure provides the ability to download special scripts with the parameters of your network to configure such devices.
The network configuration can also be described in an XML file - and such a configuration file can be imported into Microsoft Azure to create a network.
Well, the last component of the Microsoft Azure network stack is the traffic manager . This component is used to optimize the network load from the user to the services located in Microsoft Azure. Optimization options are 3: performance, looping (aka round robin) and failover.
Well, everything is traditional and similar with the models used in the traditional infrastructure. Performance means a wide and fast channel from a user to a service hosted in Azure (but ExpressRoute will be faster and more reliable in this regard).
This concludes my review of network power management capabilities in Azure. There is nothing supernatural and super-unusual in the network capabilities of the platform. Take advantage of the infrastructure and solutions to your problems!
With respect,
Fireman
George A. Gadzhiev
The weather is cloudless - but this does not affect my love and craving for IT cloud stories.
And actually I continue my stories about Microsoft Azure - and today I want to highlight the situation regarding communications in the cloud - namely, aspects of the work of virtual networks.
So - anyone who wants to carry out the process of demystification in terms of Microsoft Azure capabilities in the field of network interaction - I ask for cat.
')
What are the networks and what they have?
Networks are needed for communication - this is clear and obvious; I did not discover America by this. In our case, the networks are virtual. And they are used, as a rule, for virtual machines to communicate with each other, which are hosted in Microsoft Azure.
If you look at it from the point of view of applications, then they are distributed and can include various components that are better placed on individual virtual machines or services provided by Microsoft Azure: these can be web servers, these can be SQL DBMS and application server. And the service itself, represented by such a set of virtual machines, must be scalable - we are talking about the cloud with you. And the virtual network infrastructure described above is an internal network, as it is used only for internal communications between VMs within Azure. The only thing that needs to be done for reliable and familiar communication is to place the DNS server in Azure. This can be done in the old, good way - to deploy the VM and raise the corresponding role within it, or it can be both simpler and more reliable - by creating this service at the level of the Microsoft Azure infrastructure component.
There are also situations when the service must be hybrid, that is, to interact with the local network infrastructure — either of your organization as a whole, or directly from a specific device. Typically, VPN connections are used for such connections - and in our case they are also used - in the first case it is S2S-VPN (Site-to-site VPN) , and in the second it is P2S-VPN (Point-to-site VPN) .
As for network-to-network VPN connections, the ExpressRoute option is also available here - this is a guaranteed direct access channel directly to Microsoft Azure provided by telecom operators. This service is available on the territory of the Russian Federation.
In real enterprise computer networks, VPN devices are not only software based on Windows Server 2012R2 (well, how can it be without it), but also based on special hardware solutions from vendors such as Cisco or Juniper, and Microsoft Azure provides the ability to download special scripts with the parameters of your network to configure such devices.
The network configuration can also be described in an XML file - and such a configuration file can be imported into Microsoft Azure to create a network.
Well, the last component of the Microsoft Azure network stack is the traffic manager . This component is used to optimize the network load from the user to the services located in Microsoft Azure. Optimization options are 3: performance, looping (aka round robin) and failover.
Well, everything is traditional and similar with the models used in the traditional infrastructure. Performance means a wide and fast channel from a user to a service hosted in Azure (but ExpressRoute will be faster and more reliable in this regard).
This concludes my review of network power management capabilities in Azure. There is nothing supernatural and super-unusual in the network capabilities of the platform. Take advantage of the infrastructure and solutions to your problems!
With respect,
Fireman
George A. Gadzhiev
Source: https://habr.com/ru/post/252931/
All Articles