A Guide To Cloud

View Original

Azure Networking

You can download the Azure Networking Bootcamp hands-on lab step-by-step instructions here

In this video, we will go through Azure Networking hands-on lab bootcamp exercises.

Hands-on Labs Scenario

Consider the fictional organization Contoso Ltd, which is in the process of migrating infrastructure and applications to Azure. In your role as network engineer, you must plan and implement three virtual networks and subnets to support resources in those virtual networks.

The CoreServicesVnet virtual network is deployed in the East US region. This virtual network will have the largest number of resources. It will have connectivity to on-premises networks through a VPN connection. This network will have web services, databases, and other systems that are key to the operations of the business. Shared services, such as domain controllers and DNS also will be located here. A large amount of growth is anticipated, so a large address space is necessary for this virtual network.

The ManufacturingVnet virtual network is deployed in the West Europe region, near the location of your organization's manufacturing facilities. This virtual network will contain systems for the operations of the manufacturing facilities. The organization is anticipating a large number of internal connected devices for their systems to retrieve data from, such as temperature, and will need an IP address space that it can expand into.

The ResearchVnet virtual network is deployed in the Southeast Asia region, near the location of the organization's research and development team. The research and development team uses this virtual network. The team has a small, stable set of resources that is not expected to grow. The team needs a small number of IP addresses for a few virtual machines for their work.

Lab 1: Design and implement a Virtual Network in Azure

In this exercise, you will:

  • Task 1: Create the Contoso resource group

  • Task 2: Create the CoreServicesVnet virtual network and subnets

  • Task 3: Create the ManufacturingVnet virtual network and subnets

  • Task 4: Create the ResearchVnet virtual network and subnets

  • Task 5: Verify the creation of VNets and Subnets

Lab 2: Configure DNS settings in Azure

In this exercise, you will:

  • Task 1: Create a private DNS Zone

  • Task 2: Link subnet for auto registration

  • Task 3: Create Virtual Machines to test the configuration

  • Task 4: Verify records are present in the DNS zone

Lab 3: Connect two Azure Virtual Networks using global virtual network peering

In this unit, you will:

  • Task 1: Create a Virtual Machine to test the configuration

  • Task 2: Connect to the Test VMs using RDP

  • Task 3: Test the connection between the VMs

  • Task 4: Create VNet peerings between CoreServicesVnet andManufacturingVnet

  • Task 5: Test the connection between the VMs

  • Task 6: Clean up resources

Lab 4: Create and configure a virtual network gateway

In this exercise, you will:

  • Task 1: Create CoreServicesVnet and ManufacturingVnet

  • Task 2: Create CoreServicesVM

  • Task 3: Create ManufacturingVM

  • Task 4: Connect to the Test VMs using RDP

  • Task 5: Test the connection between the VMs

  • Task 6: Create CoreServicesVnet Gateway

  • Task 7: Create ManufacturingVnet Gateway

  • Task 8: CoreServicesVnet to ManufacturingVnet

  • Task 9: Connect ManufacturingVnet to CoreServicesVnet

  • Task 10: Verify that the connections connect

  • Task 11: Test the connection between the VMs

Lab 5: Create a Virtual WAN by using Azure Portal

In this exercise, you will:

  • Task 1: Create a Virtual WAN

  • Task 2: Create a hub by using Azure Portal

  • Task 3: Connect a VNet to the Virtual Hub

  • Task 4: Clean up resources

Lab 6: Configure an ExpressRoute Gateway

In this exercise, you will:

  • ●  Task 1: Create the VNet and gateway subnet

  • ●  Task 2: Create the virtual network gateway

Lab 7: Provision an ExpressRoute circuit

In this exercise, you will:

  • Task 1: Create and provision an ExpressRoute circuit

  • Task 2: Retrieve your Service key

  • Task 3: Deprovisioning an ExpressRoute circuit

  • Task 4: Clean up resources

Lab 8: Create and configure an Azure load balancer

In this exercise, you will:

  • Task 1: Create the virtual network

  • Task 2: Create backend servers

  • Task 3: Create the load balancer

  • Task 4: Create load balancer resources

  • Task 5: Test the load balancer

Lab 9: Create a Traffic Manager profile using the Azure portal

In this exercise, you will:

  • Task 1: Create the web apps

  • Task 2: Create a Traffic Manager profile

  • Task 3: Add Traffic Manager endpoints

  • Task 4: Test the Traffic Manager profile

  • Task 5: Clean up resources

Lab 10: Deploy Azure Application Gateway

In this exercise, you will:

  • Task 1: Create an application gateway

  • Task 2: Create virtual machines

  • Task 3: Add backend servers to backend pool

  • Task 4: Test the application gateway

Lab 11: Create a Front Door for a highly available web application using the Azure portal

In this exercise, you will:

  • Task 1: Create two instances of a web app

  • Task 2: Create a Front Door for your application

  • Task 3: View Azure Front Door in action

  • Task 4: Clean up resources

Lab 12: Configure DDoS Protection on a virtual network using the Azure portal

In this exercise, you will:

  • Task 1: Create a resource group

  • Task 2: Create a DDoS Protection plan

  • Task 3: Enable DDoS Protection on a new virtual network

  • Task 4: Configure DDoS telemetry

  • Task 5: Configure DDoS diagnostic logs

  • Task 6: Configure DDoS alerts

  • Task 7: Submit a DDoS service request to run a DDoS attack

  • Task 8: Clean up resources

Lab 13: Deploy and configure Azure Firewall using the Azure portal

In this exercise, you will:

  • Task 1: Create a resource group

  • Task 2: Create a virtual network and subnets

  • Task 3: Create a virtual machine

  • Task 4: Deploy the firewall and firewall policy

  • Task 5: Create a default route

  • Task 6: Configure an application rule

  • Task 7: Configure a network rule

  • Task 8: Configure a Destination NAT (DNAT) rule

  • Task 9: Change the primary and secondary DNS address for the server's network interface

  • Task 10: Test the firewall

  • Task 11: Clean up resources

Lab 14: Secure your virtual hub using Azure Firewall Manager

In this exercise, you will:

  • Task 1: Create two spoke virtual networks and subnets

  • Task 2: Create the secured virtual hub

  • Task 3: Connect the hub and spoke virtual networks

  • Task 4: Deploy the servers

  • Task 5: Create a firewall policy and secure your hub

  • Task 6: Associate the firewall policy

  • Task 7: Route traffic to your hub

  • Task 8: Test the application rule

  • Task 9: Test the network rule

  • Task 10: Clean up resources

Lab 15: Create an Azure private endpoint using Azure PowerShell

In this exercise, you will:

  • Task 1: Create a resource group

  • Task 2: Create a virtual network and bastion host

  • Task 3: Create a test virtual machine

  • Task 4: Create a Private Endpoint

  • Task 5: Configure the private DNS zone

  • Task 6: Test connectivity to the Private Endpoint

  • Task 7: Clean up resources

Lab 16: Monitor a load balancer resource using Azure Monitor

In this exercise, you will:

  • Task 1: Create the virtual network

  • Task 2: Create the load balancer

  • Task 3: Create a backend pool

  • Task 4: Create a health probe

  • Task 5: Create a load balancer rule

  • Task 6: Create backend servers

  • Task 7: Add VMs to the backend pool

  • Task 8: Install IIS on the VMs

  • Task 9: Test the load balancer

  • Task 10: Create a Log Analytics Workspace

  • Task 11: Use Functional Dependency View

  • Task 12: View detailed metrics

  • Task 13: View resource health

  • Task 14: Configure diagnostic settings

  • Task 15: Clean up resources