From 9c95cbe2969e177a5305976272446f641b58e09d Mon Sep 17 00:00:00 2001 From: jmenne Date: Mon, 12 Feb 2024 14:12:25 +0100 Subject: [PATCH 1/2] template fix, VM2 not in subnet2. --- ...ters.json => az104-06-vms-parameters.json} | 0 ...mplate.json => az104-06-vms-template.json} | 138 ++++-------------- ...06-Implement_Network_Traffic_Management.md | 104 ++++++------- 3 files changed, 80 insertions(+), 162 deletions(-) rename New Instructions/AllFiles/Lab06/{az104-06-vms-loop-parameters.json => az104-06-vms-parameters.json} (100%) rename New Instructions/AllFiles/Lab06/{az104-06-vms-loop-template.json => az104-06-vms-template.json} (82%) diff --git a/New Instructions/AllFiles/Lab06/az104-06-vms-loop-parameters.json b/New Instructions/AllFiles/Lab06/az104-06-vms-parameters.json similarity index 100% rename from New Instructions/AllFiles/Lab06/az104-06-vms-loop-parameters.json rename to New Instructions/AllFiles/Lab06/az104-06-vms-parameters.json diff --git a/New Instructions/AllFiles/Lab06/az104-06-vms-loop-template.json b/New Instructions/AllFiles/Lab06/az104-06-vms-template.json similarity index 82% rename from New Instructions/AllFiles/Lab06/az104-06-vms-loop-template.json rename to New Instructions/AllFiles/Lab06/az104-06-vms-template.json index f6ea6ce0..8e5f1ade 100644 --- a/New Instructions/AllFiles/Lab06/az104-06-vms-loop-template.json +++ b/New Instructions/AllFiles/Lab06/az104-06-vms-template.json @@ -45,7 +45,7 @@ "type": "Microsoft.Network/networkSecurityGroups", "apiVersion": "2023-06-01", "name": "[parameters('networkSecurityGroups_az104_06_nsg1_name')]", - "location": "eastus", + "location": "[resourceGroup().location]", "properties": { "securityRules": [ { @@ -89,11 +89,11 @@ ] } }, - { + { "type": "Microsoft.Network/virtualNetworks", "apiVersion": "2023-06-01", "name": "[parameters('virtualNetworks_az104_06_vnet1_name')]", - "location": "eastus", + "location": "[resourceGroup().location]", "properties": { "addressSpace": { "addressPrefixes": [ @@ -103,7 +103,6 @@ "subnets": [ { "name": "subnet0", - "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_az104_06_vnet1_name'), 'subnet0')]", "properties": { "addressPrefix": "10.60.0.0/24", "delegations": [], @@ -114,7 +113,6 @@ }, { "name": "subnet1", - "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_az104_06_vnet1_name'), 'subnet1')]", "properties": { "addressPrefix": "10.60.1.0/24", "delegations": [], @@ -123,9 +121,8 @@ }, "type": "Microsoft.Network/virtualNetworks/subnets" }, - { + { "name": "subnet2", - "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_az104_06_vnet1_name'), 'subnet1')]", "properties": { "addressPrefix": "10.60.2.0/24", "delegations": [], @@ -139,11 +136,11 @@ "enableDdosProtection": false } }, - { + { "type": "Microsoft.Compute/virtualMachines", "apiVersion": "2023-03-01", "name": "[parameters('virtualMachines_az104_06_vm0_name')]", - "location": "eastus", + "location": "[resourceGroup().location]", "dependsOn": [ "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_az104_06_nic0_name'))]" ], @@ -160,7 +157,7 @@ }, "osDisk": { "osType": "Windows", - "name": "[concat(parameters('virtualMachines_az104_06_vm0_name'), '_disk1_5e57d096d8d54757b417a168417a69f8')]", + "name": "[concat(parameters('virtualMachines_az104_06_vm0_name'), '_disk1')]", "createOption": "FromImage", "caching": "ReadWrite", "deleteOption": "Detach", @@ -171,7 +168,7 @@ "osProfile": { "computerName": "[parameters('virtualMachines_az104_06_vm0_name')]", "adminUsername": "localadmin", - "adminPassword": "[parameters('adminPassword')]", + "adminPassword": "[parameters('adminPassword')]", "windowsConfiguration": { "provisionVMAgent": true, "enableAutomaticUpdates": true, @@ -200,7 +197,7 @@ "type": "Microsoft.Compute/virtualMachines", "apiVersion": "2023-03-01", "name": "[parameters('virtualMachines_az104_06_vm1_name')]", - "location": "eastus", + "location": "[resourceGroup().location]", "dependsOn": [ "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_az104_06_nic1_name'))]" ], @@ -217,7 +214,7 @@ }, "osDisk": { "osType": "Windows", - "name": "[concat(parameters('virtualMachines_az104_06_vm1_name'), '_disk1_0c60cd0e9f8d43aaaebfa572d1de0319')]", + "name": "[concat(parameters('virtualMachines_az104_06_vm1_name'), '_disk1')]", "createOption": "FromImage", "caching": "ReadWrite", "deleteOption": "Detach", @@ -228,7 +225,7 @@ "osProfile": { "computerName": "[parameters('virtualMachines_az104_06_vm1_name')]", "adminUsername": "localadmin", - "adminPassword": "[parameters('adminPassword')]", + "adminPassword": "[parameters('adminPassword')]", "windowsConfiguration": { "provisionVMAgent": true, "enableAutomaticUpdates": true, @@ -257,7 +254,7 @@ "type": "Microsoft.Compute/virtualMachines", "apiVersion": "2023-03-01", "name": "[parameters('virtualMachines_az104_06_vm2_name')]", - "location": "eastus", + "location": "[resourceGroup().location]", "dependsOn": [ "[resourceId('Microsoft.Network/networkInterfaces', parameters('networkInterfaces_az104_06_nic2_name'))]" ], @@ -274,7 +271,7 @@ }, "osDisk": { "osType": "Windows", - "name": "[concat(parameters('virtualMachines_az104_06_vm2_name'), '_disk1_58417ddb19d7418886b4b5c42507a7f0')]", + "name": "[concat(parameters('virtualMachines_az104_06_vm2_name'), '_disk1')]", "createOption": "FromImage", "caching": "ReadWrite", "deleteOption": "Detach" @@ -284,7 +281,7 @@ "osProfile": { "computerName": "[parameters('virtualMachines_az104_06_vm2_name')]", "adminUsername": "localadmin", - "adminPassword": "[parameters('adminPassword')]", + "adminPassword": "[parameters('adminPassword')]", "windowsConfiguration": { "provisionVMAgent": true, "enableAutomaticUpdates": true, @@ -313,7 +310,7 @@ "type": "Microsoft.Compute/virtualMachines/extensions", "apiVersion": "2023-03-01", "name": "[concat(parameters('virtualMachines_az104_06_vm0_name'), '/customScriptExtension')]", - "location": "eastus", + "location": "[resourceGroup().location]", "dependsOn": [ "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachines_az104_06_vm0_name'))]" ], @@ -322,17 +319,17 @@ "publisher": "Microsoft.Compute", "type": "CustomScriptExtension", "typeHandlerVersion": "1.7", - "settings": { + "settings": { "commandToExecute": "powershell.exe Install-WindowsFeature -name Web-Server -IncludeManagementTools && powershell.exe remove-item 'C:\\inetpub\\wwwroot\\iisstart.htm' && powershell.exe Add-Content -Path 'C:\\inetpub\\wwwroot\\iisstart.htm' -Value $('Hello World from ' + $env:computername)" - }, + }, "protectedSettings": {} } - }, + }, { "type": "Microsoft.Compute/virtualMachines/extensions", "apiVersion": "2023-03-01", "name": "[concat(parameters('virtualMachines_az104_06_vm1_name'), '/customScriptExtension')]", - "location": "eastus", + "location": "[resourceGroup().location]", "dependsOn": [ "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachines_az104_06_vm1_name'))]" ], @@ -343,15 +340,15 @@ "typeHandlerVersion": "1.7", "settings": { "commandToExecute": "powershell.exe Install-WindowsFeature -name Web-Server -IncludeManagementTools && powershell.exe remove-item 'C:\\inetpub\\wwwroot\\iisstart.htm' && powershell.exe Add-Content -Path 'C:\\inetpub\\wwwroot\\iisstart.htm' -Value $('Hello World from ' + $env:computername) && powershell.exe New-Item -Path 'c:\\inetpub\\wwwroot' -Name 'image' -Itemtype 'Directory' && powershell.exe New-Item -Path 'c:\\inetpub\\wwwroot\\image\\' -Name 'iisstart.htm' -ItemType 'file' && powershell.exe Add-Content -Path 'C:\\inetpub\\wwwroot\\image\\iisstart.htm' -Value $('Image from: ' + $env:computername)" - }, + }, "protectedSettings": {} } - }, + }, { "type": "Microsoft.Compute/virtualMachines/extensions", "apiVersion": "2023-03-01", "name": "[concat(parameters('virtualMachines_az104_06_vm2_name'), '/customScriptExtension')]", - "location": "eastus", + "location": "[resourceGroup().location]", "dependsOn": [ "[resourceId('Microsoft.Compute/virtualMachines', parameters('virtualMachines_az104_06_vm2_name'))]" ], @@ -366,85 +363,13 @@ "protectedSettings": {} } }, - { - "type": "Microsoft.Network/networkSecurityGroups/securityRules", - "apiVersion": "2023-06-01", - "name": "[concat(parameters('networkSecurityGroups_az104_06_nsg1_name'), '/default-allow-http')]", - "dependsOn": [ - "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_az104_06_nsg1_name'))]" - ], - "properties": { - "protocol": "Tcp", - "sourcePortRange": "*", - "destinationPortRange": "80", - "sourceAddressPrefix": "*", - "destinationAddressPrefix": "*", - "access": "Allow", - "priority": 1100, - "direction": "Inbound", - "sourcePortRanges": [], - "destinationPortRanges": [], - "sourceAddressPrefixes": [], - "destinationAddressPrefixes": [] - } - }, - { - "type": "Microsoft.Network/networkSecurityGroups/securityRules", - "apiVersion": "2023-06-01", - "name": "[concat(parameters('networkSecurityGroups_az104_06_nsg1_name'), '/default-allow-rdp')]", - "dependsOn": [ - "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_az104_06_nsg1_name'))]" - ], - "properties": { - "protocol": "Tcp", - "sourcePortRange": "*", - "destinationPortRange": "3389", - "sourceAddressPrefix": "*", - "destinationAddressPrefix": "*", - "access": "Allow", - "priority": 1000, - "direction": "Inbound", - "sourcePortRanges": [], - "destinationPortRanges": [], - "sourceAddressPrefixes": [], - "destinationAddressPrefixes": [] - } - }, - { - "type": "Microsoft.Network/virtualNetworks/subnets", - "apiVersion": "2023-06-01", - "name": "[concat(parameters('virtualNetworks_az104_06_vnet1_name'), '/subnet0')]", - "dependsOn": [ - "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_az104_06_vnet1_name'))]" - ], - "properties": { - "addressPrefix": "10.60.0.0/24", - "delegations": [], - "privateEndpointNetworkPolicies": "Disabled", - "privateLinkServiceNetworkPolicies": "Enabled" - } - }, - { - "type": "Microsoft.Network/virtualNetworks/subnets", - "apiVersion": "2023-06-01", - "name": "[concat(parameters('virtualNetworks_az104_06_vnet1_name'), '/subnet1')]", - "dependsOn": [ - "[resourceId('Microsoft.Network/virtualNetworks', parameters('virtualNetworks_az104_06_vnet1_name'))]" - ], - "properties": { - "addressPrefix": "10.60.1.0/24", - "delegations": [], - "privateEndpointNetworkPolicies": "Disabled", - "privateLinkServiceNetworkPolicies": "Enabled" - } - }, { "type": "Microsoft.Network/networkInterfaces", "apiVersion": "2023-06-01", "name": "[parameters('networkInterfaces_az104_06_nic0_name')]", - "location": "eastus", + "location": "[resourceGroup().location]", "dependsOn": [ - "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_az104_06_vnet1_name'), 'subnet0')]", + "[resourceId('Microsoft.Network/virtualNetworks/', parameters('virtualNetworks_az104_06_vnet1_name'))]", "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_az104_06_nsg1_name'))]" ], "kind": "Regular", @@ -484,9 +409,9 @@ "type": "Microsoft.Network/networkInterfaces", "apiVersion": "2023-06-01", "name": "[parameters('networkInterfaces_az104_06_nic1_name')]", - "location": "eastus", + "location": "[resourceGroup().location]", "dependsOn": [ - "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_az104_06_vnet1_name'), 'subnet1')]", + "[resourceId('Microsoft.Network/virtualNetworks/', parameters('virtualNetworks_az104_06_vnet1_name'))]", "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_az104_06_nsg1_name'))]" ], "kind": "Regular", @@ -526,9 +451,9 @@ "type": "Microsoft.Network/networkInterfaces", "apiVersion": "2023-06-01", "name": "[parameters('networkInterfaces_az104_06_nic2_name')]", - "location": "eastus", + "location": "[resourceGroup().location]", "dependsOn": [ - "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_az104_06_vnet1_name'), 'subnet0')]", + "[resourceId('Microsoft.Network/virtualNetworks/', parameters('virtualNetworks_az104_06_vnet1_name'))]", "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_az104_06_nsg1_name'))]" ], "kind": "Regular", @@ -544,7 +469,7 @@ "privateIPAddress": "10.62.0.4", "privateIPAllocationMethod": "Dynamic", "subnet": { - "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_az104_06_vnet1_name'), 'subnet0')]" + "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetworks_az104_06_vnet1_name'), 'subnet2')]" }, "primary": true, "privateIPAddressVersion": "IPv4" @@ -556,12 +481,13 @@ }, "enableIPForwarding": false, "disableTcpStateTracking": false, - "networkSecurityGroup": { + "networkSecurityGroup": { "id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('networkSecurityGroups_az104_06_nsg1_name'))]" }, "nicType": "Standard", "auxiliaryMode": "None", "auxiliarySku": "None" - }} + } + } ] } diff --git a/New Instructions/Lab/LAB_06-Implement_Network_Traffic_Management.md b/New Instructions/Lab/LAB_06-Implement_Network_Traffic_Management.md index fed7f91e..42fff443 100644 --- a/New Instructions/Lab/LAB_06-Implement_Network_Traffic_Management.md +++ b/New Instructions/Lab/LAB_06-Implement_Network_Traffic_Management.md @@ -8,7 +8,7 @@ lab: ## Lab introduction -In this lab, you learn how to configure and test a public Load Balancer and an Application Gateway. +In this lab, you learn how to configure and test a public Load Balancer and an Application Gateway. This lab requires an Azure subscription. Your subscription type may affect the availability of features in this lab. You may change the region, but the steps are written using **East US**. @@ -16,28 +16,27 @@ This lab requires an Azure subscription. Your subscription type may affect the a ## Lab scenario -Your organization has a public website. You need to load balance incoming public requests across different virtual machines. You also need to provide images and videos from different virtual machines. You plan on implementing an Azure Load Balancer and an Azure Application Gateway. All resources are in the same region. +Your organization has a public website. You need to load balance incoming public requests across different virtual machines. You also need to provide images and videos from different virtual machines. You plan on implementing an Azure Load Balancer and an Azure Application Gateway. All resources are in the same region. ## Interactive lab simulations There are interactive lab simulations that you might find useful for this topic. The simulation lets you to click through a similar scenario at your own pace. There are differences between the interactive simulation and this lab, but many of the core concepts are the same. An Azure subscription is not required. -+ [Create and configure and Azure load balancer](https://mslabs.cloudguides.com/guides/AZ-700%20Lab%20Simulation%20-%20Create%20and%20configure%20an%20Azure%20load%20balancer). Create a virtual network, backend servers, load balancer, and then test the load balancer. -+ [Deploy Azure Application Gateway](https://mslabs.cloudguides.com/guides/AZ-700%20Lab%20Simulation%20-%20Deploy%20Azure%20Application%20Gateway). Create an application gateway, create virtual machines, create the backend pool, and test the gateway. ++ [Create and configure and Azure load balancer](https://mslabs.cloudguides.com/guides/AZ-700%20Lab%20Simulation%20-%20Create%20and%20configure%20an%20Azure%20load%20balancer). Create a virtual network, backend servers, load balancer, and then test the load balancer. ++ [Deploy Azure Application Gateway](https://mslabs.cloudguides.com/guides/AZ-700%20Lab%20Simulation%20-%20Deploy%20Azure%20Application%20Gateway). Create an application gateway, create virtual machines, create the backend pool, and test the gateway. + [Implement traffic management](https://mslabs.cloudguides.com/guides/AZ-104%20Exam%20Guide%20-%20Microsoft%20Azure%20Administrator%20Exercise%2010). Implement complete hub and spoke network including virtual machines, virtual networks, peering, load balancer, and application gateway. ## Job skills -+ Task 1: Use a template to provision an infrastructure. ++ Task 1: Use a template to provision an infrastructure. + Task 2: Configure an Azure Load Balancer. + Task 3: Configure an Azure Application Gateway. - ## Task 1: Use a template to provision an infrastructure In this task, you will use a template to deploy one virtual network, one network security group, and two virtual machines. -1. Download the **\\Allfiles\\Lab06** lab files (template and parameters). +1. Download the **\\Allfiles\\Lab06** lab files (template and parameters). 1. Sign in to the **Azure portal** - `https://portal.azure.com`. @@ -53,37 +52,34 @@ In this task, you will use a template to deploy one virtual network, one network 1. Select **Edit parameters** and load the **\\Allfiles\\Lab06\\az104-06-vms-loop-parameters.json** file. -1. Select **Save**. +1. Select **Save**. 1. Use the following information to complete the fields on the custom deployment page, leaving all other fields with the default value. - | Setting | Value | + | Setting | Value | | --- | --- | | Subscription | your Azure subscription | | Resource group | `az104-rg6` (If necessary, select **Create new**) | | Password | Provide a secure password | - >**Note**: If you receive an error that the VM size is unavailable, select a SKU that is available in your subscription and has at least 2 cores. + >**Note**: If you receive an error that the VM size is unavailable, select a SKU that is available in your subscription and has at least 2 cores. 1. Select **Review + Create** and then select **Create**. >**Note**: Wait for the deployment to complete before moving to the next task. The deployment should take approximately 5 minutes. - - >**Note**: Review the resources being deployed. There will be one virtual network with three subnets. Each subnet will have a virtual machine. - + + >**Note**: Review the resources being deployed. There will be one virtual network with three subnets. Each subnet will have a virtual machine. + ## Task 2: Configure an Azure Load Balancer In this task, you implement an Azure Load Balancer in front of the two Azure virtual machines in the virtual network. Load Balancers in Azure provide layer 4 connectivity across resources, such as virtual machines. Load Balancer configuration includes a front-end IP address to accept connections, a backend pool, and rules that define how connections should traverse the load balancer. - ## Architecture diagram - Load Balancer ->**Note**: Notice the Load Balancer is distributing across two virtual machines in the same virtual network. - +>**Note**: Notice the Load Balancer is distributing across two virtual machines in the same virtual network. ![Diagram of the lab tasks.](../media/az104-lab06-lb-architecture.png) - 1. In the Azure portal, search for and select `Load balancers` and, on the **Load balancers** blade, click **+ Create**. 1. Create a load balancer with the following settings (leave others with their default values) then click **Next: Frontend IP configuration**: @@ -97,11 +93,11 @@ In this task, you implement an Azure Load Balancer in front of the two Azure vir | SKU | **Standard** | | Type | **Public** | | Tier | **Regional** | - + ![Screenshot of the create load balancer page.](../media/az104-lab06-create-lb1.png) 1. On the **Frontend IP configuration** tab, click **Add a frontend IP configuration** and use the following settings: - + | Setting | Value | | --- | --- | | Name | `az104-fe` | @@ -109,9 +105,8 @@ In this task, you implement an Azure Load Balancer in front of the two Azure vir | Gateway Load Balancer | None | | Public IP address | Select **Create new** (use the instructions in the next step) | - -1. On the **Add a public IP address** popup, use the following settings before clicking **OK** and then **Add**. When completed click **Next: Backend pools**. - +1. On the **Add a public IP address** popup, use the following settings before clicking **OK** and then **Add**. When completed click **Next: Backend pools**. + | Setting | Value | | --- | --- | | Name | `az104-lbpip` | @@ -120,31 +115,31 @@ In this task, you implement an Azure Load Balancer in front of the two Azure vir | Assignment | Static | | Routing Preference | **Microsoft network** | - >**Note:** The Standard SKU provides a static IP address. Static IP addresses are assigned with the resource is created and released when the resource is deleted. + >**Note:** The Standard SKU provides a static IP address. Static IP addresses are assigned with the resource is created and released when the resource is deleted. -1. On the **Backend pools** tab, click **Add a backend pool** with the following settings (leave others with their default values). Click **+ Add** (twice) and then click **Next: Inbound rules**. +1. On the **Backend pools** tab, click **Add a backend pool** with the following settings (leave others with their default values). Click **+ Add** (twice) and then click **Next: Inbound rules**. | Setting | Value | | --- | --- | | Name | `az104-be` | | Virtual network | **az104-06-vnet1** | - | Backend Pool Configuration | **NIC** | + | Backend Pool Configuration | **NIC** | | Click **Add** to add a virtual machine | | | az104-06-vm0 | **check the box** | | az104-06-vm1 | **check the box** | -1. As you have time, review the other tabs, then click **Review and create**. Ensure there are no validation errors, then click **Create**. +1. As you have time, review the other tabs, then click **Review and create**. Ensure there are no validation errors, then click **Create**. 1. Wait for the load balancer to deploy then click **Go to resource**. **Add a rule to determine how incoming traffic is distributed** 1. In the **Settings** blade, select **Load balancing rules**. - + 1. Select **Add a load balancing rule**. Add a load balancing rule with the following settings (leave others with their default values). When finished click **Save**. >**Note:** As you configure the rule use the informational icons to learn about the setting. - + | Setting | Value | | --- | --- | | Name | `az104-lbrule` | @@ -159,7 +154,7 @@ In this task, you implement an Azure Load Balancer in front of the two Azure vir | Protocol | **TCP** | | Port | `80` | | Interval | `5` | - | Close the create health probe window | **Save** | + | Close the create health probe window | **Save** | | Session persistence | **None** | | Idle timeout (minutes) | `4` | | TCP reset | **Disabled** | @@ -174,10 +169,9 @@ In this task, you implement an Azure Load Balancer in front of the two Azure vir > **Note**: You may need to refresh more than once or open a new browser window in InPrivate mode. - ## Task 3: Configure an Azure Application Gateway -In this task, you implement an Azure Application Gateway in front of two Azure virtual machines. An Application Gateway provides layer 7 load balancing, Web Application Firewall (WAF), SSL termination, and end-to-end encryption to the resources defined in the backend pool. The Application Gateway routes images to one virtual machine and videos to the other virtual machine. +In this task, you implement an Azure Application Gateway in front of two Azure virtual machines. An Application Gateway provides layer 7 load balancing, Web Application Firewall (WAF), SSL termination, and end-to-end encryption to the resources defined in the backend pool. The Application Gateway routes images to one virtual machine and videos to the other virtual machine. ## Architecture diagram - Application Gateway @@ -200,7 +194,7 @@ In this task, you implement an Azure Application Gateway in front of two Azure v 1. Click **Save** - > **Note**: This subnet will be used by the Azure Application Gateway. The Application Gateway requires a dedicated subnet of /27 or larger size. + > **Note**: This subnet will be used by the Azure Application Gateway. The Application Gateway requires a dedicated subnet of /27 or larger size. 1. In the Azure portal, search and select `Application Gateways` and, on the **Application Gateways** blade, click **+ Create**. @@ -214,24 +208,24 @@ In this task, you implement an Azure Application Gateway in front of two Azure v | Region | The **same** Azure region that you used in Task 1 | | Tier | **Standard V2** | | Enable autoscaling | **No** | - | Minimum instance count | `2` | - | Availability zone | **None** | + | Minimum instance count | `2` | + | Availability zone | **None** | | HTTP2 | **Disabled** | | Virtual network | **az104-06-vnet1** | | Subnet | **subnet-appgw (10.60.3.224/27)** | ![Screenshot of the create app gateway page.](../media/az104-lab06-create-appgw.png) -1. Click **Next: Frontends >** and specify the following settings (leave others with their default values). When complete, click **OK**. +1. Click **Next: Frontends >** and specify the following settings (leave others with their default values). When complete, click **OK**. | Setting | Value | | --- | --- | | Frontend IP address type | **Public** | - | Public IP address| **Add new** | - | Name | `az104-gwpip` | - | Availability zone | **None** | + | Public IP address| **Add new** | + | Name | `az104-gwpip` | + | Availability zone | **None** | - >**Note:** The Application Gateway can have both a public and private IP address. + >**Note:** The Application Gateway can have both a public and private IP address. > 1. Click **Next: Backends >** and then **Add a backend pool**. Specify the following settings (leave others with their default values). When completed click **Add**. @@ -240,7 +234,7 @@ In this task, you implement an Azure Application Gateway in front of two Azure v | Name | `az104-appgwbe` | | Add backend pool without targets | **No** | | Virtual machine | **az104-rg6-nic1 (10.60.1.4)** | - | Virtual machine | **az104-rg6-nic2 (10.60.0.4)** | + | Virtual machine | **az104-rg6-nic2 (10.60.2.4)** | 1. Click **Add a backend pool**. This is the backend pool for **images**. Specify the following settings (leave others with their default values). When completed click **Add**. @@ -256,9 +250,9 @@ In this task, you implement an Azure Application Gateway in front of two Azure v | --- | --- | | Name | `az104-videobe` | | Add backend pool without targets | **No** | - | Virtual machine | **az104-rg6-nic2 (10.60.0.4)** | + | Virtual machine | **az104-rg6-nic2 (10.60.2.4)** | -1. Select **Next: Configuration** and then **Add routing rules**. Complete the information. +1. Select **Next: Configuration** and then **Add routing rules**. Complete the information. | Setting | Value | | --- | --- | @@ -270,18 +264,18 @@ In this task, you implement an Azure Application Gateway in front of two Azure v | Port | `80` | | Listener type | **Basic** | -1. Move to the **Backend targets** tab. Select **Add** after completing the basic information. +1. Move to the **Backend targets** tab. Select **Add** after completing the basic information. | Setting | Value | | --- | --- | | Backend target | `az104-appgwbe` | | Backend settings | `az104-http` (create new) | - >**Note:** Take a minute to read the information about **Cookie-based affinity** and **Connection draining**. + >**Note:** Take a minute to read the information about **Cookie-based affinity** and **Connection draining**. -1. In the **Path based routing** section, select **Add multiple targets to create a path-based rule**. You will create two rules. Click **Add** after the first rule and then add the second rule. +1. In the **Path based routing** section, select **Add multiple targets to create a path-based rule**. You will create two rules. Click **Add** after the first rule and then add the second rule. - **Rule - routing to the images backend** + **Rule - routing to the images backend** | Setting | Value | | --- | --- | @@ -290,7 +284,7 @@ In this task, you implement an Azure Application Gateway in front of two Azure v | Backend settings | **az104-http** | | Backend target | `az104-imagebe` | - **Rule - routing to the videos backend** + **Rule - routing to the videos backend** | Setting | Value | | --- | --- | @@ -303,38 +297,36 @@ In this task, you implement an Azure Application Gateway in front of two Azure v 1. Select **Next: Review + create >** and then click **Create**. - > **Note**: Wait for the Application Gateway instance to be created. This will take approximately 5-10 minutes. While you wait consider reviewing some of the self-paced training links at the end of this page. + > **Note**: Wait for the Application Gateway instance to be created. This will take approximately 5-10 minutes. While you wait consider reviewing some of the self-paced training links at the end of this page. 1. After the application gateway deploys, search for and select **az104-appgw**. 1. In the **Application Gateway** resource, in the **Monitoring** section, select **Backend health**. -1. Ensure both servers in the backend pool display **Healthy**. +1. Ensure both servers in the backend pool display **Healthy**. 1. On the **Overview** blade, copy the value of the **Frontend public IP address**. 1. Start another browser window and test this URL - `http:///image/`. -1. Verify you are directed to the image server (vm1). +1. Verify you are directed to the image server (vm1). 1. Start another browser window and test this URL - `http:///video/`. -1. Verify you are directed to the video server (vm2). +1. Verify you are directed to the video server (vm2). > **Note**: You may need to refresh more than once or open a new browser window in InPrivate mode. - - ## Key takeaways -Congratulations on completing the lab. Here are the main takeaways for this lab. +Congratulations on completing the lab. Here are the main takeaways for this lab. + Azure Load Balancer is an excellent choice for distributing network traffic across multiple virtual machines at the transport layer (OSI layer 4 - TCP and UDP). + Public Load Balancers are used to load balance internet traffic to your VMs. An internal (or private) load balancer is used where private IPs are needed at the frontend only. + The Basic load balancer is for small-scale applications that don't need high availability or redundancy. The Standard load balancer is for high performance and ultra-low latency. + Azure Application Gateway is a web traffic (OSI layer 7) load balancer that enables you to manage traffic to your web applications. + The Application Gateway Standard tier offers all the L7 functionality, including load balancing, The WAF tier adds a firewall to check for malicious traffic. -+ An Application Gateway can make routing decisions based on additional attributes of an HTTP request, for example URI path or host headers. ++ An Application Gateway can make routing decisions based on additional attributes of an HTTP request, for example URI path or host headers. ## Learn more with self-paced training @@ -343,7 +335,7 @@ Congratulations on completing the lab. Here are the main takeaways for this lab. ## Cleanup your resources -If you are working with your own subscription, take a minute to delete the lab resources. This will ensure resources are freed up and cost is minimized. The easiest way to delete the lab resources is to delete the lab resource group. +If you are working with your own subscription, take a minute to delete the lab resources. This will ensure resources are freed up and cost is minimized. The easiest way to delete the lab resources is to delete the lab resource group. + In the Azure portal, select the resource group, select **Delete the resource group**, **Enter resource group name**, and then click **Delete**. + Using Azure PowerShell, `Remove-AzResourceGroup -Name resourceGroupName`. From a233afd83c321e330b6f72666bdd1cce73590d7d Mon Sep 17 00:00:00 2001 From: jmenne Date: Mon, 12 Feb 2024 14:18:05 +0100 Subject: [PATCH 2/2] Rename template and parameter file --- .../Lab/LAB_06-Implement_Network_Traffic_Management.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/New Instructions/Lab/LAB_06-Implement_Network_Traffic_Management.md b/New Instructions/Lab/LAB_06-Implement_Network_Traffic_Management.md index 42fff443..db81126d 100644 --- a/New Instructions/Lab/LAB_06-Implement_Network_Traffic_Management.md +++ b/New Instructions/Lab/LAB_06-Implement_Network_Traffic_Management.md @@ -46,11 +46,11 @@ In this task, you will use a template to deploy one virtual network, one network 1. On the edit template page, select **Load file**. -1. Locate and select the **\\Allfiles\\Lab06\\az104-06-vms-loop-template.json** file and select **Open**. +1. Locate and select the **\\Allfiles\\Lab06\\az104-06-vms-template.json** file and select **Open**. 1. Select **Save**. -1. Select **Edit parameters** and load the **\\Allfiles\\Lab06\\az104-06-vms-loop-parameters.json** file. +1. Select **Edit parameters** and load the **\\Allfiles\\Lab06\\az104-06-vms-parameters.json** file. 1. Select **Save**.