官术网_书友最值得收藏!

Let's talk IaaS

When looking at migrating an existing application to Azure, most people fall back on what they know, which is to move the virtual machines or use the lift and shift model.  While lift and shift appear to be the easiest way to move your legacy application in the least cost-effective way, this can be very useful and fast when moving legacy applications to Azure that have not been modernized or have dependencies on third-party resources that may not have been modernized as well. With on-premise Active Directory services being synchronized with Azure Active Directory, help and virtual machine management are provided through an already established process, helping you ease into the Azure model.  This means that the virtual machine and services you move to Azure can still leverage their service accounts to function, as well as the data access service accounts, to your databases. Databases and AD services can also be moved out as managed services, meaning you can use domain joining within Active Directory domain services and move existing SQL databases as they are. This can be used to help bridge gaps when modernizing your applications.

Virtual machines in Azure are part of the IaaS. This would also refer to the infrastructure needed to support the virtual machines, like firewalls, gateways, routers, and so on. These will still need to be managed in a traditional way, such as patching.

A hybrid setup for sharing services generally requires a permanent connection to Azure, like a Virtual Private Network (VPN) or Express route, so as to expose the internal corporate network to Azure securely. At the beginning of this chapter, links were provided to configure a VPN or ExpressRoute to Azure. Because of network complications and devices, I would suggest you use the links for these configurations. 

When considering using a VPN or Express Route solution for your hybrid solution, there are some things to note. First, Express Routes are bound to a subscription, so keeping a simplified subscription model helps with not having to manage too many VNET to VNET connections. Second, it leverages dynamic routing and does not support static routing.

The following diagram shows moving virtual machines into Azure and leveraging a VPN/Express Route to access on-premise services, as you can see:

Simple VM move and on-premise services access

As we discussed in the previous chapter, Azure resources are deployed via ARM templates using PowerShell or Azure DevOps deployment services to deploy the resources.  ARM templates allow you to create, update, or delete all resources within the template. The templates use a parameters file that can be used to point at different environments and use a declarative syntax to define what resources are getting deployed, as we will see in a moment. Let's save the Azure DevOps version for our deployment chapter and focus on the PowerShell version. Let's discuss this structure before I show you a script that I use to deploy a virtual machine, which is modified from the standard one.

主站蜘蛛池模板: 汶川县| 安阳县| 昆明市| 林周县| 河源市| 宁晋县| 永泰县| 铜陵市| 马尔康县| 涪陵区| 修文县| 乌兰察布市| 沙田区| 南投市| 灵丘县| 青浦区| 临沧市| 昭觉县| 永嘉县| 纳雍县| 彰化县| 贵港市| 巴马| 罗城| 麟游县| 资阳市| 丹巴县| 大冶市| 济南市| 西华县| 达尔| 苍溪县| 乐昌市| 开化县| 抚远县| 高雄市| 阆中市| 上高县| 汉源县| 章丘市| 岳池县|