官术网_书友最值得收藏!

Let's talk IaaS

When looking at migrating an existing application to Azure, most people fall back on what they know, which is to move the virtual machines or use the lift and shift model.  While lift and shift appear to be the easiest way to move your legacy application in the least cost-effective way, this can be very useful and fast when moving legacy applications to Azure that have not been modernized or have dependencies on third-party resources that may not have been modernized as well. With on-premise Active Directory services being synchronized with Azure Active Directory, help and virtual machine management are provided through an already established process, helping you ease into the Azure model.  This means that the virtual machine and services you move to Azure can still leverage their service accounts to function, as well as the data access service accounts, to your databases. Databases and AD services can also be moved out as managed services, meaning you can use domain joining within Active Directory domain services and move existing SQL databases as they are. This can be used to help bridge gaps when modernizing your applications.

Virtual machines in Azure are part of the IaaS. This would also refer to the infrastructure needed to support the virtual machines, like firewalls, gateways, routers, and so on. These will still need to be managed in a traditional way, such as patching.

A hybrid setup for sharing services generally requires a permanent connection to Azure, like a Virtual Private Network (VPN) or Express route, so as to expose the internal corporate network to Azure securely. At the beginning of this chapter, links were provided to configure a VPN or ExpressRoute to Azure. Because of network complications and devices, I would suggest you use the links for these configurations. 

When considering using a VPN or Express Route solution for your hybrid solution, there are some things to note. First, Express Routes are bound to a subscription, so keeping a simplified subscription model helps with not having to manage too many VNET to VNET connections. Second, it leverages dynamic routing and does not support static routing.

The following diagram shows moving virtual machines into Azure and leveraging a VPN/Express Route to access on-premise services, as you can see:

Simple VM move and on-premise services access

As we discussed in the previous chapter, Azure resources are deployed via ARM templates using PowerShell or Azure DevOps deployment services to deploy the resources.  ARM templates allow you to create, update, or delete all resources within the template. The templates use a parameters file that can be used to point at different environments and use a declarative syntax to define what resources are getting deployed, as we will see in a moment. Let's save the Azure DevOps version for our deployment chapter and focus on the PowerShell version. Let's discuss this structure before I show you a script that I use to deploy a virtual machine, which is modified from the standard one.

主站蜘蛛池模板: 泸溪县| 罗源县| 伊春市| 宜兴市| 博罗县| 蒙山县| 潍坊市| 五台县| 保德县| 昔阳县| 贺兰县| 永寿县| 淮阳县| 永和县| 鹤庆县| 岳阳市| 安平县| 巴青县| 衡南县| 太仓市| 辰溪县| 凌云县| 乌兰浩特市| 丰镇市| 云南省| 湘乡市| 建阳市| 分宜县| 嵊泗县| 南溪县| 双江| 安图县| 鹤壁市| 资溪县| 建昌县| 承德县| 宜春市| 卓资县| 牡丹江市| 竹溪县| 武义县|