This blog will will give you a summary of Azure job focused program. It will cover entire hands on labs offered by program along with the projects.
The labs and projects summarised here will be provided with steps to complete inside our program of Azure job oriented course. It will help you to prepare on the basis of current job market and make you tackle the obstacles faced while applying for job in field of Azure.
Contents:
- Create free Microsoft Azure account
- Switch to pay as you go account
- Create billing alert using Azure portal
- Creation of WebApp in Azure cloud
- Create Virtual machine of Windows image
- Create Virtual Machine of Linux image
- Deploying and testing VMSS
- AKS cluster creation and accessing it
- Create Resource Group, Virtual Network, Subnet and Virtual Machine
- Create an Azure Firewall
- Create an Azure Bastion host
- Create and Configure VNet Peering
1.5 Network Endpoint and Security
- Network Endpoint Security
- Filter Traffic using Network Security Group
- Creating Service principal for applications
- User-assigned managed identities for Azure resources
- Secure Data using Key vault
- Create Azure file share
- Create Managed and Unmanaged Disk
- Create Blob lifecycle management
- Securing SQL Database
1.7 Container & Azure Kubernetes Services
- Creation and Testing Azure Container Registry
- Implement Azure Container Instances
- Creation of SQL as a PAAS in AKS
- Deploying Docker containers to Azure App Service web apps
1.8 Azure DevOps (CI/CD Tools and pipeline)
- Creating FREE Microsoft Azure DevOps Account
- Enable Parallelism in Azure DevOps
- Automating infrastructure deployments in Cloud
- Deploying a multi-container application in Azure
- Implement Github actions for CI/CD
1.9 Azure AD and On-Prem integration
- Azure Active Directory Synchronisation Using AD Connect
- Conditional Access to Users and identity protection
- Privileged Identity Management
1.9 Designing a solution to logging and monitoring for Azure Resources
- Monitor Application Performance with Application Insights
- Azure Monitoring Using Log Analytics
- Azure Network Watcher
- Microsoft defender for cloud
- Azure Sentinel
1.10 Azure Migration & Disaster Recovery
- Virtual Machine Replication via Azure Site Recovery
- Backup of Azure VM into Azure Backup Vault
- Backup of On-Premise Server into Azure Backup Vault
-
- Deployment of 3 tier Architecture in Azure
- Containerize and deploy a Java app to Azure
- Automating Infrastructure deployment using terraform and Azure pipeline
- Deploying multi-container application to AKS
- Migration of resources from On-Premise to Azure
- Migration of resources across Azure regions
- Azure Active Directory Synchronisation to on premise Active directory Using AD Connect
- Integrate and manage Azure DevOps security using SonarCloud
- Containerized Application Using Azure Kubernetes Service
- Role-based Access Control to Users in Active Directory
- Site-to-Site Connection using Azure Portal
- Create WordPress Site on Azure Portal
- Host your Portfolio via Azure Storage (Static Website Hosting)
Download Azure Job Oriented Brochure
Hands on Lab:
1.1 Azure Basics Labs
1. Register For Azure Free Trial Account
When stepping in cloud, first task you all should do is create a free trial account in Microsoft Azure (Microsoft offers $200 as free credit for one month)
Microsoft Azure is one of the top choices for any organization due to its freedom to build, manage, and deploy applications. Here, we will look at how to register for the Microsoft Azure FREE Trial Account, click here.
Note: Get this first step by step activity guide absolutely FREE from here
2. Switch to Pay as you go account
The pay-as-you-go subscription model is a pricing strategy where customers pay only for the resources they use. This is in contrast to traditional subscription models, where customers are charged a fixed monthly or annual fee regardless of their usage.
The PAYG model is becoming increasingly popular for a number of reasons. First, it gives customers more flexibility and control over their spending. Customers can scale their usage up or down as needed, and they only pay for what they use.
Second, the PAYG model can help businesses to reduce their upfront costs. Businesses do not need to commit to a long-term contract or purchase a large upfront license fee. This can free up capital for other business needs.
3. Create billing alert using Azure portal
Azure billing alerts allow you to monitor your Azure spending and receive notifications when your spending exceeds a certain threshold. This can help you to avoid unexpected costs and stay within your budget.
Billing alerts are based on the following concepts:
- Threshold: A threshold is a value that you specify. When your Azure spending exceeds the threshold, the alert will be triggered.
- Frequency: The frequency is how often the alert condition is evaluated. You can choose to evaluate the alert condition every hour, day, week, or month.
- Alert actions: Alert actions are the steps that are taken when the alert is triggered. You can choose to send an email notification, create an Azure Monitor alert, or call a webhook
1.2 Azure Compute Labs
1. Creation of WebApp in Azure cloud
Azure Web Apps are a platform-as-a-service (PaaS) offering provided by Microsoft Azure for hosting web applications. These apps allow developers to build, deploy, and scale web applications using various programming languages, frameworks, and tools.
Azure WebApp offers features like autoscaling, load balancing, continuous deployment, and integration with popular development tools like Git and GitHub.
2. Create Virtual machine of Windows image
By leveraging Azure VMs, you can quickly provision and deploy Windows-based virtual machines, allowing you to focus on your applications and business logic without the need for upfront hardware investment or infrastructure management.
With Azure VMs, you have the flexibility to create and manage Windows-based virtual machines tailored to your specific needs. You can choose from a wide range of Windows images provided by Microsoft, including different versions of Windows Server and Windows 10.
3. Create Virtual machine of Linux image
Virtual machine instance running the Ubuntu operating system within the Microsoft Azure cloud platform. Azure allows users to create and deploy virtual machines based on Ubuntu, which is a popular open-source Linux distribution.
Ubuntu VMs in Azure offer a flexible and scalable environment for running Ubuntu-based applications, services, and workloads. Users can choose from various versions of Ubuntu, including the Long-Term Support (LTS) releases, which provide stable and supported environments for extended periods.
4. Deploying and testing VMSS
VMSS (Virtual Machine Scale Set) is a computing service that allows you to automatically manage a group of virtual machines (VMs) as a single resource. With VMSS, you can easily deploy and manage a fleet of VMs in a scalable and cost-effective way.
5. AKS cluster creation
AKS (Azure Kubernetes Service) is a managed container orchestration service provided by Microsoft Azure. It simplifies the deployment, management, and scaling of containerized applications using Kubernetes. With AKS, developers and operators can focus on their applications’ logic and let Azure handle the underlying infrastructure and Kubernetes management tasks.
An AKS cluster is a group of virtual machines (nodes) that are provisioned in Azure to run containerized applications using Kubernetes. The cluster consists of a control plane and one or more worker nodes. The control plane is responsible for managing and orchestrating the worker nodes, while the worker nodes host the containers that make up the application. AKS takes care of managing and scaling the cluster, including node provisioning, upgrades, and scaling operations
1.3 Azure Networking Labs
1. Create Resource Group, Virtual Network, Subnet and Virtual Machine
To create a resource there are various components required such as resource group which is a logical container for for organizing and managing related Azure resources. Further if networking is included then its add up by virtual network, subnet.
These all components are required to create a Virtual machine too.
2. Create an Azure Firewall
Azure Firewall is a cloud-native and intelligent network firewall security service provided by Microsoft Azure. It is designed to protect cloud workloads running in Azure by offering stateful firewall capabilities with high availability and scalability.
Some of Key features and benefits of Azure Firewall include:
- Threat intelligence-based filtering
- Layer 3 to Layer 7 filtering capabilities
- Transport Layer Security (TLS) inspection
- Simplified deployment and management
- High availability and scalability
- Logging and monitoring
This is just the brief. A detailed blog is available here
3. Create an Azure Bastion host
Azure Bastion is a service provided by Microsoft Azure that allows secure and convenient remote access to virtual machines (VMs) deployed in Azure. It acts as a fully managed platform-as-a-service (PaaS) solution that you can provision within your virtual network. With Azure Bastion, you can establish RDP (Remote Desktop Protocol) or SSH (Secure Shell) sessions to your VMs directly from the Azure portal or using native SSH/RDP clients on your local computer.
The primary purpose of Azure Bastion is to enhance the security of remote access to VMs by eliminating the need for public IP addresses, agents, or special client software on the VMs.
4. Create and Configure VNet Peering
VNet peering in Azure refers to the capability of seamlessly connecting two or more virtual networks within Azure. It allows the virtual networks to appear as a single network for the purpose of connectivity.
VNet peering uses Microsoft’s backbone infrastructure to route traffic between the virtual machines in the peered virtual networks. This means that the traffic between the virtual machines is routed through Microsoft’s private network only.
VNet peering is a useful feature in Azure as it offers several benefits, including:
- Low-latency, high-bandwidth connections between resources in different virtual networks.
- The ability for resources in one virtual network to communicate with resources in a different virtual network.
- Data transfer between virtual networks across Azure subscriptions, Azure Active Directory tenants, deployment models, and Azure regions
Want a comparison of Vnet, VPN, Express route? Browse here
1.4 Azure Loadbalancer Labs
1. VPN Gateway Connection
A VPN Gateway Connection in Azure is a type of virtual network gateway that enables encrypted communication between a virtual network in Azure and an on-premises network or another virtual network. It establishes a secure and private connection over the internet, allowing organizations to connect their on-premises infrastructure to Azure resources.
Here’s what you need to know about VPN Gateway Connections in Azure:
- Purpose and Function
- Site-to-Site VPN
- Point-to-Site VPN
- Configuration and Management
- VPN Device Compatibility
We have full blog of VPN vs Azure Express route
2. Create Azure Front Door
Azure Front Door is a worldwide content delivery network (CDN) and load-balancing solution for accelerating and protecting your online applications. It works by caching your static content at edge locations all around the world, allowing users to access it fast and reliably no matter where they are. To boost efficiency and availability, Azure Front Door may also disperse traffic among your backend servers.
3. Deploy Azure App Service and Add Traffic Manager
Azure App Service is a fully managed platform for building, deploying, and scaling web applications, mobile apps, and REST APIs. It offers a broad range of capabilities that enable you to quickly create and manage applications, without the need to set up or maintain infrastructure.
Adding up Azure app service with Azure traffic manager provides better functionality of managing traffic and equally dividing it for efficient traffic management.
1.5 Network Endpoint and Security
1. Network Endpoint Security
Network Endpoint Security in Azure refers to the set of measures and technologies employed to secure the endpoints within a network infrastructure. Endpoints can include devices such as servers, virtual machines, IoT devices, and user workstations. It involves implementing various security controls and practices to protect these endpoints from unauthorized access, data breaches, and other security threats.
Azure provides robust network endpoint security capabilities to help organizations strengthen their overall security posture. These capabilities include network security groups (NSGs), which act as virtual firewalls and allow administrators to define and enforce access control rules for inbound and outbound traffic. NSGs can be applied at the subnet or network interface level, ensuring that only authorized traffic is allowed to reach the endpoints.
2. Filter Traffic using Network Security Group
NSGs operate at the subnet or network interface level, providing granular control over network traffic. They are composed of security rules, each specifying a set of criteria for evaluating traffic. These criteria include:
- Direction: Whether the traffic is inbound or outbound
- Protocol: The type of network protocol, such as TCP, UDP, or ICMP
- Source: The originating IP address or network prefix
- Destination: The target IP address or network prefix
- Port: The specific port or range of ports to be allowed or denied
Want to know about difference Azure Firewall vs Azure NSG ?
3. Creating Service principal for applications
An Azure service principal is an identity that can be used by applications, hosted services, and automated tools to access Azure resources. It is a software entity that represents an application or service in Azure Active Directory (Azure AD). Service principals have a unique name and identifier, and they can be assigned roles that grant them access to specific Azure resources.
If you are looking for a way to secure and manage access to your Azure resources, then you should consider using service principals. They offer a number of benefits that can help you to improve the security, scalability, and flexibility of your Azure environment.
4. User-assigned managed identities
With user-assigned managed identities, resources can obtain credentials from Azure AD without the need to manage or store any secrets or credentials within the application or code. This simplifies the authentication process and enhances security by eliminating the need for developers to manage credentials manually.
The managed identity can be used to authenticate and access other Azure resources, such as Azure Key Vault or Azure Storage, by granting appropriate permissions to the identity.
1.6 Azure Storage Solution
1. Secure Data using Key vault
By leveraging Azure Key Vault, organizations can enhance the security posture of their applications and services by securely managing cryptographic keys and secrets, reducing the risk of data breaches and unauthorized access to sensitive information.
Here are some benefits provided by Azure key vault:
- Centralized Key and Secret Management
- Secure Key Generation and Storage
- Key Management Operations
- Secret Management
- Access Control and Permissions
- Integration with Azure Services
- Auditing and Monitoring
2. Create Azure file share
An Azure file share is a fully managed file storage solution that provides a secure and scalable way to store and share files in the cloud. Azure file shares are accessible via the industry-standard SMB and NFS protocols, making them compatible with a wide range of applications.
3. Create Managed and Unmanaged Disk
n Azure, disks are used to store data for virtual machines (VMs). There are two types of disks: managed and unmanaged.
Managed disks are managed by Azure, which means that Azure handles the provisioning, configuration, and maintenance of the disks. This can save you time and effort, as you don’t need to manage the disks yourself.
Unmanaged disks, on the other hand, are managed by you. This means that you are responsible for provisioning, configuring, and maintaining the disks. Unmanaged disks can be a good option if you need more control over the disks, or if you have existing disks that you want to use with Azure.
4. Create Blob lifecycle management
Blob lifecycle management is a powerful tool for managing the lifecycle of your blobs in Azure Blob Storage. It allows you to automatically move blobs to different storage tiers based on their age or access patterns.
Blob lifecycle management is a feature of Azure Blob Storage that allows you to define rules for how blobs are moved between different storage tiers. These tiers have different costs and performance characteristics.
- Hot tier: The hot tier is the most expensive tier, but it provides the best performance.
- Cool tier: The cool tier is less expensive than the hot tier, but it has slightly lower performance.
- Archive tier: The archive tier is the least expensive tier, but it has the lowest performance.
5. Securing SQL database
SQL databases are a critical part of many businesses and organizations. They store sensitive data such as customer information, financial records, and trade secrets. As such, it is important to take steps to secure SQL databases and protect them from unauthorized access, modification, or destruction.
1.7 Container & Azure Kubernetes Services
1. Creation and testing Azure Container Registry
Azure Container Registry is a cloud-based service provided by Microsoft Azure that enables organizations to store, manage, and deploy container images. It serves as a private registry for hosting Docker container images, allowing developers to easily build, store, and distribute containerized applications within their Azure environment.
2. Implement Azure Container Instances
Azure Container Instances (ACI) is a fully managed, serverless container orchestration service for running containers in Azure. ACI allows you to run Docker containers without having to provision or manage any virtual machines. This makes it a quick and easy way to deploy and scale containerized applications.
3. Creation of SQL as a PAAS in AKS
With SQL as a PaaS in AKS, developers can easily provision and configure databases within their Kubernetes clusters using Azure SQL Database. They can take advantage of features like automated backups, high availability, and built-in security mechanisms provided by Azure.
By leveraging SQL as a PaaS in AKS, developers can streamline their application deployment processes, improve scalability, and reduce operational overhead associated with managing SQL databases. It provides a convenient and managed solution for storing and retrieving data in a Kubernetes environment, allowing developers to focus on application development and innovation.
4. Deploying Docker containers to Azure App Service web apps
Azure Web App for Containers enables developers to deploy their applications as Docker containers directly to Azure Web Apps. This integration allows developers to take advantage of the benefits of both Docker containers and the Azure Web Apps platform. Azure Web App for Containers provides a managed platform for hosting these Docker container-based applications. It takes care of infrastructure management, scaling, and load balancing, allowing developers to focus on their application code.
By leveraging Docker containers, developers can package their applications along with their dependencies into a container image, ensuring consistency and portability across different environments. This eliminates the need for manual configuration and streamlines the deployment process.
1.8 Azure DevOps (CI/CD Tools and pipeline)
1. Creating FREE Microsoft Azure DevOps Account
Azure DevOps account is a cloud-based service provided by Microsoft that enables teams to plan, develop, test, and deliver applications efficiently. Azure DevOps account provides a centralized platform for managing all aspects of software development projects. It includes features such as Azure Boards for agile project management, Azure Repos for version control and code collaboration, Azure Pipelines for continuous integration and delivery, and Azure Test Plans for test management and execution.
Want to create free Azure DevOps account? Click Here
2. Enable Parallelism in Azure DevOps
Parallelism in Azure DevOps refers to the ability to execute multiple tasks or stages of a pipeline simultaneously. It allows for the concurrent execution of jobs, which can significantly improve the speed and efficiency of pipeline runs.
The use of parallelism in Azure Pipelines offers several benefits for running pipelines. Firstly, it reduces the overall execution time of pipelines by running multiple jobs in parallel.
Want to enable parallelism in your Azure DevOps account? Click Here
3. Automating infrastructure deployments in cloud
Automating infrastructure deployments in the Azure cloud using Terraform involves leveraging Terraform, an open-source infrastructure as code (IaC) tool, to define and manage Azure resources in a declarative manner. With Terraform, you can describe your desired infrastructure configuration using a simple and human-readable language, and then use Terraform commands to create, modify, and destroy Azure resources automatically.
In summary, automating infrastructure deployments in the Azure cloud using Terraform provides a powerful and flexible approach to provisioning and managing Azure resources. By defining infrastructure configurations in Terraform scripts, you can automate the creation, modification, and destruction of Azure resources, ensuring consistency, repeatability, and efficiency in your Azure deployments.
4. Deploying a multi-container application in Azure
Azure provides various options for deploying and orchestrating containers, such as Azure Kubernetes Service (AKS), Azure Container Instances (ACI), and Azure Service Fabric. These services enable you to run, scale, and manage containerized applications efficiently in the Azure cloud.
The approach used here of deploying a multi-container application in Azure is by using Azure Kubernetes Service (AKS). AKS is a managed container orchestration service that simplifies the deployment, management, and scaling of containerized applications using Kubernetes.
5. Implement Github actions for CI/CD
Azure offers its own set of tools for CI/CD on Azure DevOps portal. There are various tools available in market for CI/CD pipelines.One such tool is Github actions offered by Github for CI/CD deployment.
Here you will be using Github actions to implement CI/CD deployment on Azure portal. This will deploy web application on Azure portal.
1.9 Azure AD and On-Prem integration
1. Azure Active Directory Synchronisation Using AD Connect
Azure AD sync is a component of Azure AD Connect that facilitates the synchronization of identity data between an organization’s on-premises environment and Azure Active Directory (Azure AD).
It consists of two main components: the on-premises Azure AD and the service-side component in Azure AD called Azure AD Connect sync service. The on-premises component is responsible for connecting to the on-premises directory, while the service-side component handles the synchronization process in Azure AD.
2. Conditional Access to Users and identity protection
Conditional Access to Users and Identity Protection refers to the security features and policies provided by Azure Active Directory (Azure AD) to protect user accounts and control access to resources based on risk conditions. It involves two main components: Azure AD Identity Protection and Azure AD Conditional Access.
3. Privileged Identity Management
Privileged Identity Management (PIM) is a security solution designed to manage and control access to important resources within an organization. It enables organizations to minimize the number of people who have access to secure information or resources, reducing the risk of unauthorized access or inadvertent impact on sensitive resources.
Privileged Identity Management enables organizations to implement just-in-time privileged access, granting users temporary and time-limited access to Azure and Azure AD resources. This approach allows organizations to oversee and monitor the actions performed by users during their privileged access.
1.9 Designing a solution to logging and monitoring for Azure Resources
1. Monitor Application Performance with Application Insights
Monitoring application performance with Application Insights in Azure DevOps involves integrating Application Insights into your application’s development and deployment pipeline within Azure DevOps. By doing so, you can track and analyze application performance data throughout the software development lifecycle.
By integrating Application Insights into your Azure DevOps pipelines, you can proactively monitor the performance of your applications, gain valuable insights, and streamline the process of optimizing and maintaining application performance.
2. Azure Monitoring Using Log Analytics
Azure Monitoring using Log Analytics is a comprehensive monitoring solution provided by Microsoft Azure. It enables you to collect, analyze, and gain insights from logs and metrics generated by various Azure resources and applications.
Log Analytics is a central repository for storing and analyzing monitoring data, allowing you to monitor the health, performance, and availability of your Azure resources.
Here are the key components and features of Azure Monitoring using Log Analytics:
- Log Analytics Workspace: It provides a scalable and secure environment for collecting and analyzing logs from various sources.
- Data Collection: It can collect logs, metrics, and performance data from both Azure and non-Azure sources.
- Data Analysis and Query Language: Log Analytics uses query language called Kusto Query Language (KQL) to analyze and query data
- Alerting and Notification: When an alert condition is met, it can trigger notifications via email, SMS, or other integration options, allowing you to take proactive actions.
- Automation and Remediation: Log Analytics can integrate with Azure Automation and Azure Logic Apps to automate remediation actions based on monitoring data. You can define automated workflows to respond to alerts and perform remedial actions to address issues.
3. Azure Network Watcher
Azure Network Watcher is a comprehensive monitoring and diagnostic service provided by Microsoft Azure. It offers a suite of tools and capabilities to monitor, diagnose, and gain insights into the network health and connectivity of Azure resources.
By utilizing Azure Network Watcher, you can effectively monitor and diagnose network issues, optimize performance, ensure compliance, and enhance the overall reliability of your Azure network infrastructure.
4. Microsoft defender for cloud
Microsoft Defender for Cloud is a cloud-native application protection platform (CNAPP) that offers a range of security measures and practices designed to safeguard cloud-based applications from various cyber threats and vulnerabilities.
It combines several capabilities, including:
- Development Security Operations (DevSecOps) Solution
- Cloud Security Posture Management (CSPM) Solution
- Cloud Workload Protection Platform (CWPP)
Microsoft Defender for Cloud facilitates unified DevOps security management across multicloud and multiple-pipeline environments, enabling organizations to keep their cloud applications secure from the start.
5. Azure Sentinel
Azure Sentinel is a cloud-native solution that combines security information and event management (SIEM) with security orchestration, automation, and response (SOAR) capabilities. It provides intelligent security analytics and threat intelligence across the enterprise, offering a comprehensive solution for attack detection, threat visibility, proactive hunting, and threat response.
Microsoft Sentinel acts as a bird’s-eye view across the enterprise, providing organizations with the ability to see and stop threats before they cause harm. It eliminates the need for complex security infrastructure setup and maintenance, allowing organizations to scale their security needs dynamically while reducing costs compared to legacy SIEM solutions.
1.10 Azure Migration & Disaster Recovery
1. Virtual Machine Replication via Azure Site Recovery
Virtual Machine (VM) replication via Azure Site Recovery is a disaster recovery solution provided by Microsoft Azure. It allows you to replicate and protect your on-premises or Azure VMs by maintaining a secondary copy of the VMs in a different Azure region or on-premises datacenter.
You can achieve high availability and disaster recovery capabilities for your critical VM workloads. It helps minimize downtime, provides data protection, and allows for faster recovery in case of infrastructure failures, natural disasters, or other disruptive events.
2. Backup of Azure VM into Azure Backup Vault
Azure Backup Vault is a scalable and secure cloud-based service provided by Microsoft Azure that allows you to protect and restore your data and applications in the event of accidental deletions, data corruption, or system failures.
When you back up an Azure VM into an Azure Backup Vault, the service takes a snapshot of the VM’s disks and stores them in the vault. This snapshot captures the entire state of the VM at a specific point in time, including the operating system, applications, and data.
3. Backup of On-Premise Server into Azure Backup Vault
Backing up your on-premises server into an Azure Backup Vault is a Microsoft Azure product that allows you to secure the data on your server by producing and storing backups in an Azure cloud-based backup vault. This backup technique assists in protecting your important data and offers an extra layer of data security in the event of unintentional data loss, hardware failure, or other disruptive circumstances.
Azure Backup provides a reliable and scalable solution for backing up on-premises servers into the cloud. It eliminates the need for maintaining on-premises backup infrastructure and offers the flexibility to store backups. offsite in a secure Azure environment.
1.11 Azure Developer Labs
1. API Management
API Management in Azure is a powerful platform that enables organizations to efficiently manage, secure, and publish their APIs across various environments.
API management has comprehensive features such as a powerful policy framework, advanced analytics and monitoring capabilities, a developer portal for self-service API consumption, and scalability and availability as a fully managed service
2. API Gateway
An API gateway in Azure refers to the API Management gateway component within the Azure API Management service. It serves as an intermediary between client applications and backend services, providing various functionalities such as request routing, policy enforcement, and telemetry collection.
The key roles and features of the API Management gateway in Azure include:
- Proxying API requests
- Authentication and credentials verification
- Usage quotas and rate limits
- Request and response transformations
- Caching responses
- Logging, metrics, and tracing
2. Projects
1. Deployment of 3 tier Architecture in Azure
A 3-tier architecture is a software design pattern that separates an application into three logical tiers: presentation, application, and data. Each tier has a specific set of responsibilities and communicates with the other tiers through well-defined interfaces.
Tier | Responsibilities |
---|---|
Presentation | Displays the user interface and handles user interactions. |
Application | Contains the business logic of the application and processes user requests. |
Data | Stores and manages the application’s data. |
2. Containerise and deploy a Java app to Azure
Deployment of a Java app to a web server is a legacy process but as the DevOps field is growing day by day, we will learn to deploy the app inside containers and power, efficiency and simplicity of AKS or kubernetes. This will also improve the hardware usage while deploying a single app and leaving rest hardware usable for other applications.
This project will cover your knowledge on deployment, containers, Azure Kubernetes Service(AKS), CI/CD pipelines, git repository and some more technologies used so far in Azure on daily basis.
3. Automating Infrastructure deployment using Terraform and Azure pipeline
Terraform is an open-source Infrastructure as Code(IaC) software tool that enables you to safely and predictably create, change, and improve infrastructure. Azure Pipelines is a continuous integration and continuous delivery (CI/CD) service that helps you automate the build, test, and deployment of your code.
By automating infrastructure deployment using Terraform and Azure Pipelines, you can:
- Reduce the risk of human error
- Improve the speed of deployment
- Increase the reliability of deployments
Planning to perform this lab? Click here
4. Deploying multi-container application to AKS
Deploying a multi-container application to Azure Kubernetes Service (AKS) is the process of deploying multiple containers to an AKS cluster. AKS is a managed Kubernetes service that makes it easy to deploy and manage containerized applications.
There are many benefits to deploying a multi-container application to AKS, including:
- Scalability: You can scale your application up or down by adding or removing container instances.
- High availability: AKS distributes your containers across multiple hosts, so your application will remain available even if one host fails.
- Security: AKS uses industry-standard security features to protect your applications.
- Cost savings: AKS can help you save money by reducing the need for manual infrastructure management.
5. Migration of resources from On-Premise to Azure
Migration of resources from On-Premise to Azure is the process of moving your existing IT infrastructure and workloads from your own data center to the Microsoft Azure cloud platform. This can include servers, virtual machines, storage, databases, and applications.
Why migrate to Azure?
There are many benefits to migrating to Azure, including:
- Scalability and flexibility: Azure offers a wide range of services that can be scaled up or down as needed, giving you the flexibility to meet your changing business demands.
- Reliability and security: Azure is a highly reliable and secure platform, with built-in security features and disaster recovery capabilities.
- Cost savings: Azure can help you save money on IT costs by reducing the need for hardware and software maintenance.
- Innovation: Azure offers a wide range of innovative services that can help you stay ahead of the curve and improve your business operations.
6. Migration of resources across Azure regions
Azure regions are geographically separate locations where Azure resources are hosted. Each region has a unique set of datacenters, which are interconnected with high-bandwidth links. This architecture ensures that Azure resources are highly available and resilient to failures in any one region.
Microsoft provides a variety of tools and services to help you migrate resources across Azure regions. The most common approach is to use the Azure Resource Mover service and Azure Site Recovery.
7. Azure Active Directory(Entra ID) Synchronisation Using AD Connect
Azure Active Directory (Azure AD) or Entra ID is a cloud-based identity and access management service that helps organizations manage user identities and access to cloud applications. Azure AD Connect is a synchronization tool that helps organizations synchronize their on-premises Active Directory (AD) domain with Azure AD now known as Microsoft Entra ID.
It consists of two main components: the on-premises Azure AD and the service-side component in Azure AD called Azure AD Connect sync service. The on-premises component is responsible for connecting to the on-premises directory, while the service-side component handles the synchronization process in Azure AD.
8. Integrate and manage Azure DevOps security using SonarCloud
SonarCloud is a cloud-based code analysis platform that helps you improve the quality of your code. It can be integrated with Azure DevOps to provide continuous code analysis and feedback. This integration allows you to:
- Scan your code for security vulnerabilities
- Identify potential bugs and defects
- Measure code quality metrics
- Get feedback on your code changes
The integration between SonarCloud and Azure DevOps is easy to set up and use. Once you have integrated the two platforms, you can start scanning your code for security vulnerabilities and other defects. The results of the scan will be displayed in your Azure DevOps dashboard, so you can easily track the progress of your code reviews.
9. Containerised application using AKS
A deployment is an AKS object used to manage the deployment and scaling of containerized applications. It provides a declarative way to define and control the lifecycle of application containers within a Kubernetes cluster.
A Kubernetes deployment describes the desired state of the application, including the container image, the number of replicas to run, and the configuration of the application’s pods.
It ensures that the desired state is achieved and maintained by continuously monitoring the actual state of the application and making necessary adjustments
10. Role-based Access Control
One of the major techniques for advanced access control, role-based access control (RBAC), limits network access based on a person’s function within an organisation. The levels of access that employees have to the network are described by the jobs in RBAC. Only the information needed for them to do their jobs well is accessible to employees. Access can depend on a number of things, including power, accountability, and job proficiency.
This project will be providing you the working on provide RBAC and its working which will eventually help you in managing the access of various roles in an organisation.
11. Site to Site VPN Connection using Azure Portal
A Site-to-Site VPN connection in Azure allows you to connect your on-premises network to your Azure Virtual Network (VNet) over an encrypted IPsec tunnel. This type of connection is often used to connect corporate networks to Azure, or to connect multiple Azure VNets together.
Site-to-Site VPN connections are configured using a VPN gateway. A VPN gateway is a dedicated virtual network appliance that provides secure connectivity between your on-premises network and Azure. To create a Site-to-Site VPN connection, you will need to create a VPN gateway in Azure and configure your on-premises VPN device to connect to it.
12. Create WordPress Site on Azure Portal
WordPress is a popular open-source platform that allows users to create and manage websites easily. You all might have gone through some of the websites designed using wordpress but they are so optimised that you can hardly find that it is working on based of wordpress template.
Here we will be deploying the wordpress website on Azure portal where you can access the website which will be having database and entire wordpress and resulting a working website. This project will be a good start of deploying a website and going through usage of various services of Azure.
13. Host your Portfolio via Azure Storage (Static Website Hosting)
Azure Storage is a cloud storage solution by Microsoft that provides highly available, scalable, durable, and secure storage for various data objects in the cloud. It offers a range of storage services and features, for IT professionals to interact & manage data stored in Azure Storage accounts.
One of the most cost-effective and scalable ways to host your portfolio online is by using Azure Blob Storage and Azure Static Website Hosting. With Azure Blob Storage, you can store and retrieve any amount of data from anywhere on the web, while Azure Static Website Hosting allows you to host static websites without the need for a web server or any other infrastructure.
Next Task For You
Begin your journey toward Mastering Azure Cloud and landing high-paying jobs. Just click on the register now button below to register for a Free Class on Mastering Azure Cloud: How to Build In-Demand Skills and Land High-Paying Jobs. This class will help you understand better, so you can choose the right path and clear the certification exam.
abdul says
I see you will cover variety of Azure topics, what kid of Azure Job position one will be eligible after this training?
Aditya Raj says
“You will be eligible for various Azure positions like Azure Administrator, Solution Architect, Azure Security Engineer, Azure DevOps Engineer, & Azure Developer.”
Thanks & Regards
Team K21