blog
Getting Started with Azur ...
18 August 22

Getting Started with Azure

Posted byDivya Nain
facebooktwitterlinkedin
news-featured

Practice Azure fundamentals hands-on by signing up for a 7-day, risk-free trial with INE. You'll access all our Azure labs and a robust library covering the latest in Cyber Security, Networking, Cloud, and Data Science!

Today, cloud infrastructure is the fundamental building component for any business or organization that functions online. The market is flooded with cloud service providers. Let’s explore the cloud services that Microsoft has to offer. I’m sure you’ve heard of Azure.

What is Azure?

Microsoft Azure is a cloud platform that offers more than 200 cloud services and products to help companies and individuals attain their computing, storage, and many other cloud needs.

Here is a list of what will be covered in this blog:

  • How to start using Azure
  • INE Azure Playground Labs
  • A quick look at services offered by Azure
  • Azure Hierarchy
  • Access control in Azure
  • Creating groups and users
  • Creating a VM from the Azure portal
  • Creating a VM from Azure CLI
  • Creating and managing containers with Az Python SDK
  • Conclusion

How to start using Azure

You will need an Azure account to start using Azure. With a Microsoft account, you can sign up for Azure on the official website.

1_RLio-rD5KNwLOYM4AADh5Q.png

Enter your profile details and billing details after signing up with your Microsoft account.

Azure gives you a free account to use for 12 months where you will get 200 USD in Azure credit to use for the first month. There is also an option for you to create an account as a student, but you will need the email address of your educational institute to sign up for Azure. Here you also get a 12-month free account to use all the services, but you will get 100 USD in Azure credits, which you can utilize for the whole year.

After you have done all the steps, you will be greeted with You are ready to start Azure. Now head on over to the Azure portal to start using all the Azure services.

INE Azure Playground Labs

INE introduces the Azure Playground labs! In these labs, you will learn and practice Azure Cloud operations in a sandboxed Azure account provided by INE. You can access the lab from here (an active INE subscription is required).

There are multiple labs offered in this course, so you can start your journey with Azure. Each lab has some specific goals and tasks that you have to complete. You are provided with thorough solutions. Take a reference whenever you are stuck somewhere.

1_TXL1IxxNupY3U70T7DF_cQ.png

There will be multiple categories and labs for you to try on. Going through all these labs will clear up all the basics for you.

Go on to this course, and start any of the labs. It will take around a minute to start the lab.

When you open the lab, a new tab will open. There are some terms to use the lab. See below:

1_VFapq7C9V5QNacnbYWMuZQ.png

When you agree to terms and conditions, you will be given the creds for the Azure portal. Just like the below image:

1_bNQCs8ftIbL4uS2791YDtw.png

Click on the login URL and enter the given details. You are good to go. You will be assigned a resource group where you can create some resources and get familiar with Azure services.

1_ePUjHUL1a9nrX6PRE6k8Iw.png

This resource group will be empty. You can create limited resources, which were mentioned in the terms and conditions.

Don’t forget to stop the lab after you are done using Azure.

A quick look at services offered by Azure

As mentioned above, there are more than 200 services and products offered by Azure. We will be covering some of the services to get you started.

0_y_gpWDCyiPS69pWY.png

Image source: Azure services

Don't get overwhelmed by this picture. Let me break this down into some easy and short categories. We will be covering them in detail down the line.

  • Compute: This is one of the primary reasonsfor switching from on-premises to the cloud. Azure provides many compute services, like AzureVM, Azure K8 services, Azure Functions, and many more.
  • Storage: Azure provides you with 4 types of storage services as per your needs: blob storage, file storage, queue storage, and table storage.
  • Databases: Azure provides many database services for all the popular database types. e.g. SQL, MySQL, PostgreSQL, MariaDB, and many more. Azure has an in-house NoSQL solution called Cosmos DB.
  • Azure Networking: Azure networking has a very wide variety of services. It helps in linking resources and providing access to applications. Azure Virtual Network, DNS services, application gateways, load balancers, and others are among the services available.

There are many other services and types of services that I didn't mention here. You can check all the services by browsing “All services”.

Azure also provides a marketplace where you can find the third-party services provided on Azure that are optimized for the Azure platform.

Azure Hierarchy

Azure has something called a landing zone. I am not going to make it tough to understand.
You will have an Azure active directory/tenant and every tenant has a root management group, which is called the tenant root group.

  • Tenant: A tenant is an entity that controls and owns a particular instance of Microsoft cloud services. When an organisation registers for a Microsoft cloud service, such as Azure, Microsoft Intune, or Microsoft 365, it obtains and owns a reserved Azure AD service instance. There are no similarities or divisions between any two Azure AD tenants.
  • Management group: You can manage access, policies, and compliance across different subscriptions using management groups. Consider management groups as the containers that are used to construct a meaningful hierarchy for usage with Azure Policy and Azure Role Based Access Controls. Look at the image below for reference.
0_T40NSBzuNqobAjBC.png

Image source: Management group hierarchy

You can create management groups under the root tenant group and also children management groups under those groups. You will then create subscriptions under management groups, and if you don’t create any management groups, every subscription will be under the root tenant group

  • Subscriptions: A subscription’s main function is to offer a standard payment model for using Azure services. A subscription may be linked to one or more tenants, directories, or domains.

Under subscriptions, we have resource groups, and then under these groups, we have actual resources. Check this image below:

0_BNtU1IWwMpwK-TCP.png

Image source: Azure hierarchy

Here is an example of an Azure landing zone, or we can say the entire hierarchy provided in the Microsoft documentation.

0_ZeJscRM4BOFS7VOi.png

Image source: Example architecture

Access control in Azure

Access management is very crucial for every organization when we are talking about cloud resources. Azure offers role-based access control and recommends using a least-privileged access model, meaning that you should give users the bare minimum permissions necessary to complete their tasks.

Azure has built-in roles and you can also create custom roles, giving you full control of the access control management. This diagram below from Microsoft Docs can help you understand Azure’s role-based access control.

0_RuXUqPFF-q6QiLxJ.png

Image source: RBAC Approach

Creating groups and users

With Azure Active Directory, you can create groups and users. If you have used any other cloud platform, you may have seen IAM for that purpose. As I mentioned earlier in the hierarchy, there is an active Azure directory at the very start.

So let’s first create a group. For that, head to Azure Active Directory and click on “Create Group”. You will see something like this:

1_pjs5ufHFExRcTKJaUtjBGA.png

In the same manner, you can also create a user. Just go to Azure Active Directory > All users > Add new user

1_7uCnmJ7iup8xoK721y8RLA.png

You can create a new user or invite a new user and assign a group to them.

For more details, you can refer to the Microsoft docs here.

Creating a VM from the Azure portal

First of all, go to Virtual Machines on the Azure portal. There you will see an option to “Create”. The first option to create a basic VM is the Azure virtual machine. You have several options to start a VM here. See below:

1_fej6qNgyC_4Jy9UGGWUezg.png

After that, you will have to enter some basic details for your VM. Here I am creating an Ubuntu server and giving it a username as TestUser. You can select a size for your VM (RAM and vCPU). See below:

1_XUwO594_lQTx46M83IUSeA.png

After this, you can configure your disks, networking, tags, etc. Or you can just click on Review+create, then Azure will do some validation checks and, after a few seconds, you can see something like this:

1__pSvlIed3jrHDah6u_x_Vw.png

After you click on Create, Azure will initiate the deployment process. Depending on the configurations, it will take some time to create the VM for you. Generally, it takes about 2 minutes.

Now, after everything is deployed, you can head to virtual machines, and you will see your VM is created. See below:

1_sECl0Xbu4Faa5wvqwtQYqg.png

You can use the public IP address to login into the SSH of our Ubuntu machine. See below:

1_3EfVghIZNaFDFizpnMbEvQ.png

Creating a VM from Azure CLI

First, let’s understand what Azure CLI is. It is a cross-platform command-line tool that will help us to manage our resources through the terminal.

There are multiple ways you can use the Azure CLI. You can use the cloud shell where you have both bash and PowerShell environment options. You can also install the Azure CLI on your Windows, Linux, or macOS.

If you want to read more about Azure CLI, you can head over here.

We will be using the cloud shell with a bash environment. You can access the cloud shell from this icon on the right top of your Azure portal.

1_3Sm95hG0OYVR-Cj9vaDOuQ.png

If it asks you to create a storage account, it is because you don’t have one or created none. Click on Create, and you will be taken to Azure CLI like this:

1_L_C5TBJXie2RajK7MOuspQ.png

Now we will be creating a VM from the CLI.

The below steps until creating the resource group are for the new account you create. No need to do it in our hands-on lab.

First, let’s list our subscriptions.

az account list

Set a subscription with the following command.

az account set --subscription ‘my-subscription-name’

Now we will be creating a resource group where our resources will reside.

az group create --location eastus --name 'ResourceGroupName'

Here we are creating a TestRG resource group in the eastus location.

1_bgab6pMf4Pdi_RsQDpacWw.png

You can start from here for our hands-on lab.

You can check your assigned resource group name for the hands-on lab on the creds page.

1_yvFUCQGa6f39kaAW-qm46g.png

Now create a Ubuntu VM with this command:

az vm create -n TestVM -g ResourceGroupName --admin-username testuser --authentication-type password --admin-password Test@123pass --image UbuntuLTS --size Standard_D2s_v4
  • az vm create will start the creation of the VM
  • -n specifies the name of the VM
  • -g specifies the resource group for the VM
  • — admin-username will provide the username to the VM
  • — authentication-type password will specify that use password for SSH authentication
  • — admin-password specifies the password for the user
  • — image specifies the image used for the creation of the VM
  • — size let you choose the size for VM

It will give you an output like this:

1_cXf6Czoorms1EE-UFQmFNw.png

Now we can use the public IP to connect to our VM through SSH. See below:

1_n3Ll9LbM0_0cYSG-yVpuBw.png

Don’t forget to delete the resource group after using the VM to avoid unnecessary charges.

az group delete -n ResourceGroupName

In the case of the hands-on lab, you don't have to delete the resource group.

Creating and managing container with Az Python SDK

Az Python SDK is a set of Python libraries for Azure services that can be incorporated into your programs to manage resources. This is very useful for programmers.

We will be creating a blob storage container (It’s just like a bucket from AWS or GCP) with the Python SDK, then we will upload a file, or in terms of Azure, a blob, and then download it back and, of course, delete the container after use.

First, we need to install the python library for blob storage. For that, use the below command:

pip install azure-storage-blob

Next, we need a storage account to create a container there. If you are following the blob in the cloud shell example, we were prompted to create a storage account. We can use that storage account for our test, or you can create a new one. We need a connection string from the storage account to connect our Python SDK code to the Azure storage account. Go to all resources or storage accounts and select one of the storage accounts and click on access keys. See the picture below:

1_IHQ8WfRz_YXca9iEDz1rdw.png

Now we have the connection string. We will now create a test container.

import os
from azure.storage.blob import BlobServiceClientconnection_string = 'Paste your connection string here'# Create a blob service client object
blob_service_client = BlobServiceClient.from_connection_string(connection_string)#container name to be used
cont_name = 'test'# Create the container
cont_client = blob_service_client.create_container(cont_name)

Now we will create a local file, which has to be uploaded.

# name of local dir
loc_dir = "./data"#creating the local dir
os.mkdir(loc_dir)# file to be created
fname =  "testfile.txt"#path for the file
fpath = os.path.join(loc_dir, fname)#open file for writing some data
file = open(fpath, 'w')#Writing some data
file.write("This is test file to check azure blob storage")#closing the file
file.close()

Now upload the file to the container.

# creating a blob client using file name for the blob name
b_client = blob_service_client.get_blob_client(container=cont_name, blob=fname)#printing that process is started
print("Uploading blob to container:" + fname)# Upload the created file
with open(fpath, "rb") as data:
    b_client.upload_blob(data)

Now, after uploading, we will list all the blobs available in the container.

print("Blobs in container:")# List the blobs in the container
blobs = cont_client.list_blobs()
for blob in blobs:
    print(blob.name)

Now we will download the blob and save it to our machine.

down_fname = os.path.join(loc_dir, 'download.txt')
b_client = blob_service_client.get_container_client(container= cont_name) 
print("Downloading blob" + down_fname)with open(down_fname, "wb") as d_file:
    d_file.write(b_client.download_blob(blob.name).readall())

Last but not least delete the container.

#Make sure to delete the container
print("Press enter to delete the container:")
input()print("Deleting container")
cont_client.delete_container()

Here I have added the input so you can go and check the container on the portal.

The full code is this:

import os
from azure.storage.blob import BlobServiceClientconnection_string = 'Paste your connection string here'# Create a blob service client object
blob_service_client = BlobServiceClient.from_connection_string(connection_string)#container name to be used
cont_name = 'test'# Create the container
cont_client = blob_service_client.create_container(cont_name)# name of local dir
loc_dir = "./data"#creating the local dir
os.mkdir(loc_dir)# file to be created
fname =  "testfile.txt"#path for the file
fpath = os.path.join(loc_dir, fname)#open file for writing some data
file = open(fpath, 'w')#Writing some data
file.write("This is test file to check azure blob storage")#closing the file
file.close()# creating a blob client using file name for the blob name
b_client = blob_service_client.get_blob_client(container=cont_name, blob=fname)#printing that process is started
print("Uploading blob to container:" + fname)# Upload the created file
with open(fpath, "rb") as data:
    b_client.upload_blob(data)print("Blobs in container:")# List the blobs in the container
blobs = cont_client.list_blobs()
for blob in blobs:
    print(blob.name)down_fname = os.path.join(loc_dir, 'download.txt')
b_client = blob_service_client.get_container_client(container= cont_name) 
print("Downloading blob" + down_fname)with open(down_fname, "wb") as d_file:
    d_file.write(b_client.download_blob(blob.name).readall())#Make sure to delete the container
print("Press enter to delete the container:")
input()print("Deleting container")
cont_client.delete_container()

You can check the output like this:

1_iuPj_UJ5Zj84RkvP3gsFsw.png

Conclusion

There is so much to do on the Azure platform, which of course can’t be explained in just one blog post. Here I have tried to explain everything in simple terms so that you will not be overwhelmed with a lot of information. With the examples above and the basics of Azure covered in this blog, you can be sure that you can start your journey to the cloud with Microsoft Azure. Going through the INE Azure Playground Labs will surely give you a great head start.

There will be a lot more detailed blogs as well on specific topics on Azure. Hope you liked the blog :)

Practice Azure fundamentals hands-on by signing up for a 7-day, risk-free trial with INE. You'll access all our Azure labs and a robust library covering the latest in Cyber Security, Networking, Cloud, and Data Science!

Need training for your entire team?

Schedule a Demo

Hey! Don’t miss anything - subscribe to our newsletter!

© 2022 INE. All Rights Reserved. All logos, trademarks and registered trademarks are the property of their respective owners.
Terms of servicePrivacy policy
instagram Logofacebook Logotwitter Logolinkedin Logoyoutube Logo