Hello and welcome back to Cyber Aires. Microsoft Azure Administrator Easy 103 Course, this is Episode 28
Windows, Virtual Machines. And my name is Will Carlson.
In today's episode, we're finally going to configure a Windows virtual machine here in Azure, and we're gonna show you how you can connect to that virtual machine as well.
Clearly, this is gonna be an episode that we do right in portal. So we're gonna jump right in,
and we're gonna come here to virtual machines.
Now you can see that I already have. Ah, couple of virtual machine workloads here and those are gonna be stopped. But we're gonna go ahead and add a new virtual machine.
And this is by far the most extensive configuration set up that we've seen so far in Azure. But there are gonna be a lot of similarities as well, so we still see the subscription.
We also still see the resource group, and I've got a number of resource groups here that I can convict your things in.
I can also go ahead and select and create a new resource group. Should I choose to
Now? There's also some naming conventions that air well served
to follow. Right now, all of my resource groups and an RG you could end this and dash RG You could come up with your own naming scheme. But when you're looking at all of your resource is in one location.
Take, for example, the all resource is it is nice to have your naming scheme call to your attention what this actually is.
Another concept that will see illustrated here, particularly with virtual machines, is that of resource groups and their ability to delete everything. So if I were to come over here into this I t Resource Group and delete the resource Group, it's going to delete everything that's contained in that resource group.
And to illustrate that point, we're gonna go ahead and create a new resource group
and call this virtual machine RG
we get the name. Our virtual machine
will select the region that we would like to deploy that in,
and we have some availability options here. Now we'll talk about these in an upcoming episode, so we're gonna leave this as default.
We can choose our image and clearly for this episode, we're going to choose a Windows workload. I'm gonna select Server 2016 Data center.
And then here is where we select the size of our virtual machine. If I click on change size, you'll see all of the different options that we have here based on this filter set. Now, you can change these, and there really are an extensive number of virtual machine options available to us here.
I'm gonna go ahead and select DSP, too.
And now I have the option of setting a user name and password, just like with any Windows deployment.
No. One thing I'll call your attention to is that the number of characters required for these passwords is 12 compared to the standard windows recommendation. So this is a little higher than you may be used to.
And once I've done that, I can come down to inbound port rules. Now, right now, there are no inbound ports aloud from the public Internet. But in order to connect to this virtual machine with the way my lab environment is set up, I'm gonna need to allow a port.
I can pull this down here and select the port that I want to use. I'm gonna go ahead and allow RTP over the public Internet, which is definitely a production. No, no. And Azure is nice enough toe warn us about doing this this way. But for now, we're gonna go ahead and do that
And this save money option. Here is
an interesting use case. If you already have Windows license is that you would liketo ultimately migrate those servers and those windows license is over in tow. Azure. It can save you a significant amount of money.
I'm gonna go ahead and leave this. No, because I don't want to migrate any of my production when those licenses
And that will include the windows licensing in the price of this virtual machine.
I could go ahead and select, review and create, but I'm not ready to do that. We're gonna walk through some more of these considerations. I'm gonna go ahead and select next on disks,
and I can see that I have some options here as the O esque disc type. No premium SS teas are going to be high IOP solid state drives standard are gonna be less high. IOP solid state drives. The S L. A is going to be different than for the premium SS D's
and standard hard disk drives are going to be mechanical spinning disk drives that you can run your production workloads on.
I'm gonna go ahead and leave this sent to standard hard. Just drive just for cost considerations in my demo environment.
And you also see that I can add a data disk. Now, remember, this disc option here is on Lee going to house the operating system. So if there are other things that I want to go ahead in store on this virtual machine, a data disk is a wise idea.
This use case right here, we're gonna go ahead and omit the data disk and move on to networking.
Now you can see that by default, Azure has gone ahead and created a new virtual machine Virtual Network group. It's also gone ahead and done some of the networking work for me. I can go ahead and select next, and I don't have to change any of this at this point in time. And it's even open this inbound port from the previous option that we have set.
I'm gonna leave all of these options on default for now
and move on into the management tab. Now boot diagnostics is relatively interesting. It's going to save the bios, boots, screens or the post screens as images to a storage account that you would select. And we can see here that this is currently on, and it's going to store those in a new storage account that it creates.
I could pull this down
and select any one of the storage accounts that I wanted to create to use. Or I can go ahead and turn this off completely. And for now, for storage sake, I'm gonna go ahead and turn boot diagnostics off OS Diagnostics is very similar, except it's going to be those screenshots from the OS and its post screens
system to signed identities are a really interesting concept here in the azure environment, and it essentially is a service account for your computer that allows this machine to communicate with various other azure service is the example given here is a great one, and they talk about Ki Volt. So instead of having to save
user names and passwords or service accounts here in the virtual machine itself to allow the interconnectivity,
you can go ahead and set this option toe on an azure handles all of this transparently
Naval auto shutdown is a fairly self explanatory option, but we're gonna leave all these things turned off for now and go ahead and hit next to Advanced.
Advanced gives us some options for linen space workloads, which we're not dealing with right now. And we also have a little bit of a warning about generation to virtual machines coming to azure but not currently being supported. They're currently in preview.
We could go ahead and select next to Tax, which you talked about before, but instead we're gonna go ahead and select review, create
as you're gonna validate all of my settings, past validation, and I'm ready to create my first virtual machine here in Azure.
Now you will find that this virtual machine deployment is the longest deployment that we've done so far in the azure environment. We're looking at the deployment screen right now, and we can refresh this as it goes along Now, Although this will be the slowest deployment, I can already see that four of my assets were re sources have already been created and we're now on to
the virtual machine being created itself and this is the magic of the army, a P I, and the way resource groups handle these resource is
all of these resources air contained in one resource group for ease of management, for ease of deletion later. So when we're done with this test of'em, I could just delete the resource group and all of these resource is go away.
The armed template has also gone in and created all of these things for me because it knows they're all required for my virtual machine to run. I didn't have to create these one at a time individually to get my virtual machine up and running. I simply went through the wizard. I configured it, how I wanted it and I stepped Deploy.
Another thing I'll remind you of while we're waiting for this deployment to complete is the fact that this is all done via an arm, a p I, or an arm template. And we can see that template here
and know exactly all of the steps that were done to configure my virtual machine. And all of the resource is that it requires to operate.
Now that that's complete, I can go to resource
and I can see a whole host of information here about the virtual machine, but for today's episode, I want to call your attention to this connect. But we're gonna click on that,
and that's gonna bring me to Ann RTP. In our case, the one we're interested in an SS H screen, the Lenox side
and all I have to do to connect to this virtual machine is download the Rdp file
and then I can connect. Now. One thing to remember here, this is just like any other machines, not domain joined. I have to make sure I'm logging into the machine locally with the user name and password that I set in the setup or configuration wizard for the virtual machine itself.
And that's all there is to configuring our very first virtual machine workload here in Azure and logging in and connecting to that machine.
Now, obviously, production and public access to Artie PBIA 33 89 is highly not recommended, particularly now, with all of the most recent breaches that target 33 89 vulnerabilities there.
So there are a number of things that we can do to secure that, and we'll talk about those things as we go forward with the networking section of this course.
But today, very quickly we've managed to deploy our very first Windows virtual machine in Azure, and we've seen firsthand the benefit of the arm template and how it does the lion's share of the work for us.
We've also seen and step through most of the options available to us when we're deploying a Windows virtual machine here in Azure
and we went through the connect button and how simple it can be to go ahead and connect to that virtual machine in the azure environment.
Coming up next, we're going to move on from Windows. For those of you that may be allergic, and we're going to do the same process. But for a Lennox workload, Thank you for joining me today. I'm looking forward to the Lenox event