This course will provide you in an virtual hands-on session how to setup infrastructure by using code. Please see agenda with details. After this course you will be able to use common technologies like ARM templates, Powershell to deploy fast and with little effort infrastructure to the Azure Cloud.
-
Day before the actual training:
- Meeting - Preparation of the system – for all participants
-
Day 1:
- 09:00 – 10:00 Part1 - What is Infrastructure as Code (IaC)
- 10:00 – 11:30 Part2 - Microsoft Azure Automation
- 11:30 – 12:30 Lunch Break
- 12:30 – 15:30 Part 3 - Setting up an IaC Environment (ARM, PowerShell, Azure CLI)
- 15:30 – 16:00 Q&A
-
Day 2:
- 09:00 – 09:20 Recap
- 09:20 – 11:30 Part 4a - IaC Automation Pipelines
- 11:30 – 12:30 Lunch Break
- 12:30 – 13:00 Part 4b - IaC Automation Pipelines (continued)
- 13:00 – 13:30 Q&A
- 13:30 – 16:00 Part 5 - Practical Hints and Real life scenarios
- Knowledge of Azure DevOps
- Basic Knowledge of Git
- Azure
- owner rights on Azure Subscription in order to create resources
- enough of credit to run the exercises
- have enough of privileges on local machine to install used software (e.g. PowerShell modules or Azure CLI, optionally running from VM in Azure)
- enough rights on Azure AD (tenant) to create new service principal identity or use existing one ( demonstrate Azure DevOps Service connection and demonstrate deployment to subscription via Azure Pipeline)
-
Part1 - What is Infrastructure as Code (IaC)
- In this session we will explore general principles of Introduction to IaC, types of IaC (imperative vs declarative), types of infrastructure in Azure (IaaS, PaaS, SaaS), Shared security responsibility
-
Part2 - Microsoft Azure Automation
- In this session we will look at Azure Resource Managed Concept, use Azure Cloud Shell, API, Azure Classic, explore the
Azure AD and relationships to tenant, subscription, managed group. Explore specific Azure Resources in respect to IaC- networking, security, databases, VMs, etc. and explore influence of Cloud/Solution Architecture on IaC
- In this session we will look at Azure Resource Managed Concept, use Azure Cloud Shell, API, Azure Classic, explore the
-
Part 3 - Setting up an IaC Environment (ARM, PowerShell, Azure CLI)
- In this session we will Install use Azure CLI, Powershell Azure AZ locally, use ARM templates to create Infrastructure in Azure via IaC, explore ARM syntax details and well as way to extend the ARM templates. Will talk about Powershell DSC and Azure Automation (DSC, RunBooks, etc.). Will look at usage of Visual Studio Code to Deploy ARM via Azure CLI or Powershell.
-
Part 4 - IaC Automation Pipelines
- Configuration as a Code
- In this session we will focus on configuration of IaC for the purpose of multi environment configuration. Explore Azure DevOps and KeyVault integration (Library vs Task), Link ARM to Key Vault secrets and VM Extension to configure Settings on VM
- Continuous Integration/Continuous Deployment (CI/CD)
- In this session we will explore Azure DevOps and prerequisites like Service Principals and Managed Identity to automatically deploy IaC, explore differences between Linux and Windows in respect to the configuration and see additional components required for deployment On-premise vs in Cloud via Build agents (exercise: register the VM as a build agent)
- Configuration as a Code
-
Part 5 - Practical Hints and Real life scenarios
- In this session we will try to answer any Q&A, Focus on areas which require more attention based on the group skills. Looking at real life examples and lessons learned from real projects. Based on the time we will cover some additional topics like lock resources, tag Resources, move resources or Modern Engineering and IaC.
-
Part1 - What is Infrastructure as Code (IaC)
-
Introduction to IaC
- Video - Infrastructure as code: What is it? Why is it important? (MG: we could get inspired by this introduction to IaC video – it's important to show why it is important. Someday later, we could record a video for this 😊. In the meantime, I can write down the content from the videos to make a document for this)
- Video - What is Infrastructure as Code?
-
Types of IaC (imperative vs declarative)
-
Types of infrastructure in Azure (IaaS, PaaS, SaaS)
- https://docs.microsoft.com/en-us/learn/modules/align-requirements-in-azure/3-service-models
- https://docs.microsoft.com/en-us/learn/modules/align-requirements-in-azure/4-iaas
- https://docs.microsoft.com/en-us/learn/modules/align-requirements-in-azure/5-paas
- https://docs.microsoft.com/en-us/learn/modules/align-requirements-in-azure/6-saas
-
Shared security responsibility
-
-
Part2 - Microsoft Azure Automation
- Azure Resource Managed Concept
- https://docs.microsoft.com/en-us/learn/modules/control-and-organize-with-azure-resource-manager/
- https://docs.microsoft.com/en-us/azure/azure-resource-manager/
- https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/overview
- https://docs.microsoft.com/en-us/azure/azure-resource-manager/managed-applications/overview
- https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/azure-subscription-service-limits
- Use Azure Cloud Shell
- https://docs.microsoft.com/en-us/azure/cloud-shell/overview
- https://docs.microsoft.com/en-us/azure/cloud-shell/features *
- https://docs.microsoft.com/en-us/azure/cloud-shell/using-the-shell-window *
- https://docs.microsoft.com/en-us/azure/cloud-shell/persisting-shell-storage *
- https://docs.microsoft.com/en-us/azure/cloud-shell/quickstart
- https://docs.microsoft.com/en-us/azure/cloud-shell/quickstart-powershell
- https://docs.microsoft.com/en-us/learn/modules/bash-introduction/
- (exercise) Open Portal and start Azure Cloud Shell
- API
- Azure Classic
- Azure AD - principles of tenant, subscription, managed group
- Specific Azure Resources in respect to IaC- networking, security, databases, VMs, etc.
- https://docs.microsoft.com/en-us/learn/modules/welcome-to-azure/3-tour-of-azure-services
- (exercise) Create Security Principles via Azure Cloud Shell
- Cloud/Solution Architecture
- https://docs.microsoft.com/en-us/azure/architecture/
- https://docs.microsoft.com/en-us/learn/modules/azure-well-architected-security/
- (exercise) Create in Azure Cloud Shell -TBD
- Azure Resource Managed Concept
-
Part 3 - Setting up an IaC Environment (ARM, PowerShell, Azure CLI)
-
Azure CLI
- Documentation: https://docs.microsoft.com/en-us/cli/azure/?view=azure-cli-latest
- https://docs.microsoft.com/en-us/learn/modules/control-azure-services-with-cli/
- https://docs.microsoft.com/en-us/learn/modules/manage-virtual-machines-with-azure-cli/
- (list of possible topics) https://docs.microsoft.com/en-us/learn/browse/?terms=Azure%20CLI
- https://docs.microsoft.com/en-us/azure/virtual-machines/classic-vm-deprecation
- (exercise)Create VM via Azure CLI
-
Use Powershell Azure AZ locally
- https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-7
- (exercise) Install and execute Azure PowerShell command
-
Use ARM (Terraform in a Standalone training) to deploy something into the infrastructure
- Create and deploy ARM templates by using the Azure portal
- Enhance ARM template
- ARM syntax details
- https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/template-syntax
- https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/template-functions
- https://docs.microsoft.com/en-us/azure/templates/
- https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/overview
- https://docs.microsoft.com/en-us/learn/modules/build-azure-vm-templates/
- https://docs.microsoft.com/en-us/learn/modules/modify-azure-resource-manager-template-reuse/
- https://docs.microsoft.com/en-us/learn/modules/create-azure-resource-manager-template-vs-code/
- https://docs.microsoft.com/en-us/learn/modules/modify-azure-resource-manager-template-reuse/
- https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/template-best-practices ² (exersise) Create Key Vault ² (Azure CLI access to key vault) https://docs.microsoft.com/en-us/azure/key-vault/general/manage-with-cli2
-
Powershell DSC
- General principles
- https://docs.microsoft.com/en-us/powershell/scripting/dsc/overview/authoringadvanced?view=powershell-7
- (exercise) Execute locally (on created VM) https://docs.microsoft.com/en-us/powershell/scripting/dsc/quickstarts/website-quickstart?view=powershell-7
- (Ansible) https://docs.microsoft.com/en-us/learn/modules/configure-infrastructure-azure-pipelines/
- (Ansible) https://docs.microsoft.com/en-us/azure/developer/ansible/getting-started-cloud-shell?toc=%2Fazure%2Fcloud-shell%2Ftoc.json&bc=%2Fazure%2Fbread%2Ftoc.json
- (Ansible) https://docs.microsoft.com/en-us/azure/developer/ansible/vm-configure
- (exercise) Install IIS on created VM from portal via DSC extension (ARM TBD)
- (Chef, Puppet) TBD
- https://docs.microsoft.com/en-us/powershell/scripting/dsc/getting-started/wingettingstarted?view=powershell-7
- Azure Automation(DSC, Runbooks, etc.)
- General principles
-
ARM in Visual Studio Code
- Deploy ARM via Azure CLI
- Deploy ARM via Powershell
-
ARM in Visual Studio
- Demo deploy from Visual Studio Code
- ARM Deployment example -TBD
- Demo deploy from Visual Studio Code
-
-
Part 4 - IaC Automation Pipelines
- Configuration as a Code
- Multi environment configuration
- (exercise) Create Azure DevOps, Create Project, repository, add YAML pipeline
- Azure DevOps and KeyVault integration (Library vs Task)
- https://docs.microsoft.com/en-us/azure/devops/pipelines/release/azure-key-vault?view=azure-devops
- https://azuredevopslabs.com/labs/vstsextend/azurekeyvault/
- https://docs.microsoft.com/en-us/learn/modules/manage-secrets-with-azure-key-vault/
- https://docs.microsoft.com/en-us/azure/key-vault/general/manage-with-cli2
- Link ARM to Key Vault secrets
- VM Extension to configure Settings on VM
- (exercise) change background on VM -TBD
- Multi environment configuration
- Continuous Integration/Continuous Deployment (CI/CD)
-
Azure DevOps (repository, pipelines, CI/CD putting together)
- https://dzone.com/articles/infrastructure-as-code-a-devops-way-to-manage-it-i
- https://docs.microsoft.com/en-us/learn/paths/automate-deployments-azure-devops/
- (exercise) pipeline with creating VM for each environment
-
Service Principals and Managed Identity
-
Differences between Linux and Windows in respect to the configuration (e.g. SSH vs Remote PowerShell)
-
Deployment On-premise vs in Cloud via Build agents (exercise: register the VM as a build agent)
- https://docs.microsoft.com/en-us/learn/modules/host-build-agent/
- Containers – build agent-TBD
- https://docs.microsoft.com/en-us/azure/devops/pipelines/agents/docker?view=azure-devops
- https://docs.microsoft.com/en-us/learn/modules/run-docker-with-azure-container-instances/
- (exercise) register created VM to Agent pool
- (Terraform , will be trained in standalone training) https://docs.microsoft.com/en-us/learn/modules/provision-infrastructure-azure-pipelines/
-
- Configuration as a Code
-
Part 5 - Practical Hints and Real life scenarios
- Q&A
- Focus on areas which require more attention based on the group skills. Looking at real life examples and lessons learned from real projects.
- Additional topics
- Lock Resources
- Tag Resources
- Move Resources (Azure CLI)
- Modern Engineering and IaC
- Accenture Cloud Platform - Setup and security items
- Self-Service Portal (https://messp.avanade.com)
- Modern Engineering Site (https://mep.avanade.com)
- Avanade Docs (https://docs.avanade.com)
- Cloud Solution Studio (https://www.cloudsolutionstudio.com/)
- Microsoft Code sample
- List of LogicApp examples (https://docs.microsoft.com/en-us/samples/browse/?expanded=azure&products=azure-logic-apps)
- Microsoft reference architecture