Azure virtual networks provide isolation and security for your environment within the cloud. Virtual networks allow control over IP addressing, DNS settings, and subnets. Virtual networks can be isolated to Azure or an extension of the on-premise environment. In this video Sharon will cover these topics in detail.
- [Instructor] Azure Virtual Networks are very similar to our on-premise networks. Virtual networks in Azure provide isolation between the different virtual networks in Azure. For example, you may want to separate your production environment from your test and dev environment. Azure Virtual Networks connect to the on-premise networks for a hybrid deployment. This also enables remote users to access the Cloud resources. Your on-premise IP address and scheme can also be extended into the Azure Virtual Network enabling users to access resources from either the on-premise or the Azure network and this is done seamlessly.
The users do not know where they're pulling their data from. Azure can handle DNS for you or you can bring your own DNS if you wish. Every virtual machine must be associated with an Azure Virtual Network and every Azure Virtual Network must be associated with a Resource group. Therefore, adding your virtual networks to a Resource group before adding the virtual machine will ensure a smooth deployment. For our demo I'll be recreating an example of a production environment with both a Front End and a Back End Network.
This would be a standard deployment. To add a network we are simply going to click Add. I'm going to go ahead and search for Virtual Network, I'm going to select the Virtual network and because we're working within the Resource Manager I'm going to go ahead and use the default Resource Manager and click Create. Now we're going to go ahead and create our network. For simplicity I'm just going to call it Mscloud. I am going to change your IP address in the scheme. I'm going to provide a Subnet name. In our case because we're doing a Front End and Back End, I'm going to go ahead and start with the Front End Subnet.
I'm going to change my address in the scheme. I'm going to go with the default Subscription and because I created the virtual network from within the Resource group my Resource group is already pre-populated for me as is my Location. I'm going to go ahead and click Create. This will take a few moments. After a few moments your network will have been created. We want to go ahead and modify this network a little bit. What I'm going to do is pop into Subnets because I want to add in that Back End Subnet.
To add another Subnet simply click the Subnet plus, provide a name, your IP range, and click OK. After a few moments, you'll notice our BackEnd has been created. If I wanted to look into the details, I could go ahead click on the Subnet itself and I can see the Address range. If I wanted to delete the Subnet I could simply click Delete. Now that we have some data for our network we can actually start adding a few additional settings. The one thing I want to show you is how we add DNS servers.
You're going to have a couple of options for DNS in Azure. You can allow Azure to handle your DNS and Azure will keep track of all your virtual machines and Resources within that Resource group or you can bring your own DNS. And most likely this is what you're going to do. You're going to want to bring in your own DNS so you can authenticate to your server Active Directory. You may need this for SharePoint, or SQL, or any other applications that require Active Directory authentication. In this case I 'm going to go ahead, click Custom DNS.
In our case I'm going to go ahead and add in the IP address of our DNS server. This will be our DNS server that could either be on-premise or it could be a DNS server within Azure itself. If you forget to enter in the IP address of the DNS server Azure will not be able to direct those requests to that specific DNS server. My suggestion is you create your network, you add in your Active Directory domain controller, configure your DNS, and then add in all your subsequent servers after that that way all the new servers will pick up the DNS IP address for you.
Go ahead click Save. If you had a Secondary DNS server you could add it in here. Another little trick, you can have up to 10 DNS servers here and it will start with the top one and work its way down. And the last thing I want to show you in virtual networks is how do we start to create our Gateways. Gateways are required to connect to our on-premise environment. We do this in our Subnet setting so I've clicked into Subnets. I'm going to go ahead and enter in the Gateway subnet. This is already populated for us.
We don't really have to do anything else here. You cannot assign any virtual machines to this Subnet as well. This Subnet is for connectivity to our on-premise environment. Without configuring this you will not be able to connect to your on-premise environment. I'm just going to go ahead and click OK. This Subnet will now be created for us. This is one of those settings you're all excited, you're building it, and then all of a sudden it's like, "Why is this not connecting?" "What have I forgotten?" and this is the setting that you forgot to turn on. For the most part that is it for virtual networks.
- Understanding cloud technologies
- Why Azure?
- Creating virtual networks and storage
- Using Azure Active Directory for identity management and protection
- Disaster recovery with Azure Backup and Azure Site Recovery
- Working with virtual machines