Azure virtual network

The Azure Virtual Network (VNet) creates an isolated private network segment in Azure. This concept is similar to VPC in AWS and GCP. Users specify a range of contiguous IPs (that is, CIDR: https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) and locations (otherwise known as regions in AWS). We can find a full list of locations at https://azure.microsoft.com/global-infrastructure/locations/. We can also create multiple subnets inside a virtual network, or enable an Azure firewall upon creation. The Azure firewall is a network security service with high availability and scalability. It can control and filter traffic with user-specified rules. It also provides inbound DNAT and outbound SNAT support. Depending on the platform you're using, you can install the Azure CLI (the documentation for which can be found here: https://docs.microsoft.com/en-us/cli/azure/?view=azure-cli-latest) via the instructions at the following link: https://docs.microsoft.com/en-us/cli/azure/install-azure-cli?view=azure-cli-latest. Alternatively, you can use cloud shell (https://shell.azure.com/) directly. Azure cloud shell is a cloud-based admin shell that you can use to manage your cloud resources, which already has the Azure CLI installed. 

In the following example, we'll demonstrate how to use the Azure CLI to create an Azure virtual network via an Azure cloud shell. Simply log in to your account and attach cloud storage to persist the data. Then, we're good to go: 

After clicking the Create button and waiting for a few seconds, a cloud shell console will be launched in your browser:

The Azure CLI commands start with az as the group name. You could type az --help to see a list of subgroups or use az $subgroup_name --help any time to find more information about a subcommand for a subgroup. A subgroup might contain multiple subgroups. At the end of the command is the operation that you want to carry out with the resource and a set of parameters about the configuration. This looks as follows:

# az $subgroup1 [$subgroup2 ...] $commands [$parameters]

In the following example, we'll create a virtual network named devops-vnet. First, we'll have to create a new resource group, since we deleted the only one we had in the previous section. Now, let's create a resource group called devops in the central US location:

# az group create --name devops --location centralus
{
  "id": "/subscriptions/f825790b-ac24-47a3-89b8-9b4b3974f0d5/resourceGroups/devops",
  "location": "centralus",
  "managedBy": null,
  "name": "devops",
  "properties": {
    "provisioningState": "Succeeded"
  },
  "tags": null
}

In the preceding command, the subgroup name is group and the operation command is create. Next, we'll use network.vnet subgroups to create our virtual network resources with the CIDR 10.0.0.0/8, and leave the rest of the settings as their default values:

# az network vnet create --name devops-vnet --resource-group devops --subnet-name default --address-prefixes 10.0.0.0/8
{
  "newVNet": {
    "addressSpace": {
      "addressPrefixes": [
        "10.0.0.0/8"
      ]
    },
    "ddosProtectionPlan": null,
    "dhcpOptions": {
      "dnsServers": []
    },
    "enableDdosProtection": false,
    "enableVmProtection": false,
    "etag": "W/"a93c56be-6eab-4391-8fca-25e11625c6e5"",
    "id": "/subscriptions/f825790b-ac24-47a3-89b8-9b4b3974f0d5/resourceGroups/devops/providers/Microsoft.Network/virtualNetworks/devops-vnet",
    "location": "centralus",
    "name": "devops-vnet",
    "provisioningState": "Succeeded",
    "resourceGroup": "devops",
    "resourceGuid": "f5b9de39-197c-440f-a43f-51964ee9e252",
    "subnets": [
      {
        "addressPrefix": "10.0.0.0/24",
        "addressPrefixes": null,
        "delegations": [],
        "etag": "W/"a93c56be-6eab-4391-8fca-25e11625c6e5"",
        "id": "/subscriptions/f825790b-ac24-47a3-89b8-9b4b3974f0d5/resourceGroups/devops/providers/Microsoft.Network/virtualNetworks/devops-vnet/subnets/default",
        "interfaceEndpoints": null,
        "ipConfigurationProfiles": null,
        "ipConfigurations": null,
        "name": "default",
        "networkSecurityGroup": null,
        "provisioningState": "Succeeded",
        "purpose": null,
        "resourceGroup": "devops",
        "resourceNavigationLinks": null,
        "routeTable": null,
        "serviceAssociationLinks": null,
        "serviceEndpointPolicies": null,
        "serviceEndpoints": null,
        "type": "Microsoft.Network/virtualNetworks/subnets"
      }
    ],
    "tags": {},
    "type": "Microsoft.Network/virtualNetworks",
    "virtualNetworkPeerings": []
  }
}

We could always view a list of our settings using az with the list command, such as az network vnet list, or go to the Azure portal to check it out:

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset