Empfohlen
Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (19)
Ähnlich wie Global Azure Bootcamp 2018 - Azure Resource Manager (ARM)
Ähnlich wie Global Azure Bootcamp 2018 - Azure Resource Manager (ARM) (20)
Mehr von Adin Ermie
Mehr von Adin Ermie (7)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Global Azure Bootcamp 2018 - Azure Resource Manager (ARM)
- 1. ©2018 Avanade Inc. All Rights Reserved. ©2017 Avanade Inc. All Rights Reserved. aka ARM, Infrastructure-as-Code (IaC), or the “Ops” of DevOps Azure Resource Manager
- 2. ©2018 Avanade Inc. All Rights Reserved. What we’re going to talk about 2 Introduction to ARM What is Azure Resource Manager? Tools we can use ARM Template Structure Demos Review / Q&A Useful Links
- 3. ©2018 Avanade Inc. All Rights Reserved. Manager, Infrastructure Consulting – Cloud @ Avanade • Cloud Solutions Architect (Datacenter/Azure) • Azure (IaaS, PaaS, Recovery Services) • Operations Management Suite (OMS), Azure Monitor, Azure Security Center (ASC) 3x MVP - Cloud and Datacenter Management (CDM) Email: Adin.Ermie@outlook.com Twitter: @AdinErmie LinkedIn: https://www.linkedin.com/in/adinermie Blog: http://AdinErmie.com Who Am I? 3
- 4. ©2018 Avanade Inc. All Rights Reserved. Background • Azure Resource Manager, or ARM, is the primary deployment type for Azure • Replaces the classic Azure Service Manager (ASM) model; aka “Azure v1” • Used across cloud environments, including: Public (Azure), Sovereign (Gov Cloud), and Private (Azure Stack) The ARM model lets you state "Here is what I intend to create" without having to write the sequence of programming commands to create it. Azure Resource Manager template - A JavaScript Object Notation (JSON) file that defines one or more resources to deploy to a resource group. It also defines the dependencies between the deployed resources. The template can be used to deploy the resources consistently and repeatedly. Introduction to ARM 4
- 5. ©2018 Avanade Inc. All Rights Reserved. What is Azure Resource Manager? Resource Grouping Resource Dependencies Repeatable Deployments Deployment Templates Role Based Access Control (RBAC) Granular Billing / Resource Tagging
- 6. ©2018 Avanade Inc. All Rights Reserved. • Visual Studio • Visual Studio Code • Terraform, Azure Building Blocks, Ansible, etc. • Configuration via Azure Automation DSC (aka PowerShell DSC), IaaS VM Custom Script Extension, Puppet, Chef, Salt Stack • Visualize with ARMViz Tools We Can Use 6 We’re going to use Visual Studio Code. Why? Because it’s lightweight, and cross-platform supported (i.e. Windows, MacOS, Linux)
- 7. ©2018 Avanade Inc. All Rights Reserved. ARM Template Core Structure { "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": {}, "variables": {}, "resources": [], "outputs": {} }
- 8. ©2018 Avanade Inc. All Rights Reserved. https://github.com/Azure/azure-resource-manager-schemas Azure Resource Manager Templates Schemas
- 9. ©2018 Avanade Inc. All Rights Reserved. ARM Template Parameters "parameters": { "storageAccountType": { "type": "string", "defaultValue": "Standard_LRS", "allowedValues": [ "Standard_LRS", "Standard_GRS", "Standard_ZRS", "Premium_LRS" ], "metadata": { "description": "Storage Account type" } } , "storageAccountName": { "type": "string", "defaultValue": "azureglobalbootcamp2018", "maxlength": 24, "metadata": { "description":"The name of the Storage Account" } }
- 10. ©2018 Avanade Inc. All Rights Reserved. ARM Template Variables "variables": { "storageName": "[toLower(concat(parameters('storageAccountName'), parameters('storageAccountType'), '-sa'))]" },
- 11. ©2018 Avanade Inc. All Rights Reserved. ARM Template Resources "resources": [ { "type": "Microsoft.Storage/storageAccounts", "apiVersion": "2017-10-01", "name": "[parameters('storageAccountName')]", "location": "[resourceGroup().location]", "sku": { "name": "[parameters('storageAccountType')]" }, "kind": "StorageV2", "properties": { "supportsHttpsTrafficOnly": true, "accessTier": "Hot", "encryption": { "services": { "blob": { "enabled": true } }, ],
- 12. ©2018 Avanade Inc. All Rights Reserved. ARM Template Outputs "outputs": { "storageAccount": { "type": "string", "value": "[parameters('storageAccountName')]" } }
- 13. ©2018 Avanade Inc. All Rights Reserved. Demos 1. Simple ARM template deployment with PowerShell 2. Azure Quick Start Gallery 3. How to extract ARM template of existing resources 4. Adding a Template directly from Azure Portal
- 14. ©2018 Avanade Inc. All Rights Reserved. • Used across Public (Azure), Sovereign (Gov Cloud), and Private (Azure Stack) • Obtain more granularity, tagging, RBAC • Repeatable, templated deployments (including dependencies) • Remember the Best Practices • Metadata • Descriptive Names • pascalCasing • Impose restrictions (i.e. MinLength, AllowedValues, etc.) • Use Variables • Do not store sensitive information in the parameters file (i.e. the Local Admin password) Review / Q & A
- 15. ©2018 Avanade Inc. All Rights Reserved. Azure Resource Manager Overview: https://docs.microsoft.com/en-us/azure/azure-resource- manager/resource-group-overview Visual Studio Code: https://code.visualstudio.com/#alt-downloads Azure Resource Explorer: http://resources.azure.com/ Azure Quick Start Templates: https://azure.microsoft.com/en-us/resources/templates/ GitHub Quick Start Templates: https://github.com/Azure/azure-quickstart-templates Adin’s Resources: https://adinermie.com/resources/ Useful Links
- 16. ©2018 Avanade Inc. All Rights Reserved. Email: Adin.Ermie@outlook.com Twitter: @AdinErmie LinkedIn: https://www.linkedin.com/in/adinermie Blog: http://AdinErmie.com Thank You 16
Hinweis der Redaktion
- This is fundamentally different to the imperative form of PowerShell or Bash scripts, that tell the ARM layer exactly what to do. With the declarative form the ARM layer will interpret the template and the current configuration of resources within the resource group and will then make the required additions or modifications.
- Objective: To show an illustration of the core content/sections of an ARM template Notes: This simply shows the bare-bones key sections that each ARM template contains The key sections are : Schema – location of the schema file that describes the template language ContentVersion – Version of the template instance. Parameters – these are values that provided when deployment is executed in order to customize the deployment Variables – these are computed elements (often composed from Parameters) that can be reused by name throughout the template Resources – the definitions of the actual resources being deployed (or updated) Outputs – Values returned after deployment
- Parameter Best Practices: If possible, try to always provide Default Values Provide metadata to clearly indicate what the parameter is used for Provide complete descriptive names, no matter how long Use Pascal Casing to name your parameters (i.e. the First letter should be a small letter). Then every new word will have the first letter as a capital. Also, do not include spaces between words (i.e. windowsOSVersion) Use properties like minLength and allowedValues to impose restrictions, as this will help to reduce human error
- Variable Best Practices: Provide complete descriptive names, no matter how long. Use Pascal Casing to name your parameters (i.e. the First letter should be a small letter). Then every new word will have the first letter as a capital. Also, do not include spaces between words (i.e. storageAccountName) Use constructs to dynamically generate variables, as this will reduce human error If you have a field or property that is used more than once, and does not require input from the end-user, create a variable for it. This will minimize the number of places you need to update/change the value throughout your template as you iterate
- Points to Note: The dependencies between resources are evaluated and resources are deployed in their dependent order. When resources are not dependent on each other, they are attempted to be deployed in parallel. When developing an ARM template for a Production-ready environment, strive to have more tag options available at creation time. Always test your ARM templates prior to deploying. There is a cmdlet that you can use to do this: Test-AzureRmResourceGroupDeployment -ResourceGroupName TestResourceGroup01 -TemplateFile <PathToJsonTemplate> As a best practice, do not store sensitive information in the parameters file (i.e. the Local Admin password). Either provide it dynamically via inline parameters, or use and reference Azure Key Vault
- This is useful when using Nested Templates, to pass Resource IDs/Names back to a Master template.
- Demo #1 (Simple Template): Show the Simple - Azure Storage Account.json file Demo #2 (Gallery): URL: https://azure.microsoft.com/en-us/resources/templates/ Search for: 2 VMs in VNET - Internal Load Balancer and LB rules Demo #3 (Template Extraction): Navigate to the Azure Portal > Resource Groups > AdinErmieWebsiteRG > Settings: Automation Script (may take a minute to load)
- I’m calling out tagging because I see this missing in a lot of environments, and it’s a lot of work to go back and apply tagging after deployment It’s a huge help with trying to breakdown billing information