Networking Basics in Microsoft Azure

    All warming spring greetings from the Lord of Fire!

    Our weather is cloudless - but this does not affect my love and craving for IT cloud stories.
    And in fact, I continue my stories about Microsoft Azure - and today I want to highlight the situation regarding communications in the cloud - namely, aspects of the operation of virtual networks.

    So - everyone who wants to carry out the demystification process in terms of the capabilities of Microsoft Azure in the field of networking - I ask for cat.

    What networks are there and what do they have?

    Networks are needed for communication - this is clear and obvious, I have not discovered America by this. In our case, the networks are virtual. And they are used, as a rule, for communication between virtual machines that are hosted in Microsoft Azure.
    If you look at this from the point of view of applications, they can be distributed and can include various components that are more likely to be placed on separate virtual machines or services provided by Microsoft Azure: these can be web servers, these can be SQL DBMS themselves application server. And the service itself, represented by such a set of virtual machines, must be scalable - we are talking about the cloud with you. And the virtual network infrastructure described above is an internal network, since it is used only for internal communications between VMs inside Azure. The only thing you need to do for reliable and familiar communication is to host a DNS server in Azure. This can be done in the old, good way - deploy a VM and take up the appropriate role within it,

    There are situations when the service should be hybrid, that is, interact with the local network infrastructure - either your entire organization, or directly from a specific device. Usually VPN tunnels are used for such connections - and in our case they are also used - in the first case it is S2S-VPN (Site-to-site VPN) , and in the second it is P2S-VPN (Point-to-site VPN) .

    As for the network-to-network VPN connection, the ExpressRoute option is also available here - this is a guaranteed direct access channel directly to Microsoft Azure provided by telecom operators. This service is also available in the Russian Federation.

    In real computer networks of the enterprise level, VPN devices are not only software based on Windows Server 2012R2 (well, how can it be without it), but also based on special hardware solutions from vendors such as Cisco or Juniper, and Microsoft Azure provides the ability to download special scripts with the parameters of your network to configure such devices.

    Also, the network configuration can be described in an XML file - and such a configuration file can be imported into Microsoft Azure to create a network.

    Well, the last component of the Microsoft Azure network stack is the traffic manager. This component is used to optimize the network load from the user to services located in Microsoft Azure. There are 3 optimization options: performance, round robin (aka round robin) and failover.

    Well, here everything is traditional and similar with the models used in traditional infrastructure. Performance refers to a wide and fast channel from a user to a service hosted in Azure (but ExpressRoute will be faster and more reliable in this regard).

    This concludes my review of network capacity management capabilities in Azure. There is nothing supernatural and super-unusual in the network capabilities of the platform. Use for the benefit of infrastructure and solving your problems!


    George A. Gadzhiev

    Also popular now: