I have some troubles in understanding the capabilities of the Azure virtual machine scale set agents.
Let's assume I have X vm's for which at the moment I have X corresponding Self hosted agents configured.
I use those self hosted agents in order to execute some PowerShell scripts on the vm's.
Now, I want to understand, if there is a way in which I could replace those Self hosted agents by Azure virtual machine scale set agents.
Basically, if from the virtual scale agents, I could connect to those vm's and execute the before mentioned PowerShell scripts.
I can't really find anything on this topic, is it because that's why the self hosted exists?
Anyone have any experience on something similar?
Thank you!
Related
I have deployed Azure Migrate appliance but it seems it can only connect to vCenter server and not a standalone ESXi host. The same seems to be the case with Azure Vmware Solutions by Cloud Simple.
Are there any other simple ways of migrating workloads to Azure ?
Treat it like a physical server and migrate. I have done thousands of VMs this way for a large customer.
https://learn.microsoft.com/en-us/azure/migrate/tutorial-migrate-physical-virtual-machines
Azure at this time only supports Azure Migrate through a VCSA and not a standalone ESXi host.
We have an application running in Azure that consists of the following:
A Web App front end, which talks to…
A WebApi running as a Web App as well, which can (as well as a couple other services) talk to…
A Cloud Service load balanced set of VMs which Are hosting an Elasticsearch cluster.
Additionally we have the scenario were dev’s whitelist their IPs so that their localhost version of the API can hit the VMs as well.
We have locked down our Elasticsearch VM’s by adding ACLs to the exposed end point. I whitelisted the outbound IPs that were listed on my App Services. I was under the mistaken impression that these were unique to my Api. It turns out that these are shared across the scale unit in Azure. Other services running in the same scale unit, could, if they knew the endpoint, access the data exposed on the endpoint in my cluster. I need to lock this down, and I am trying to find the easiest way. These are the things I am looking at, and I would appreciate advice and/or redirection.
Elastic Shield: Not being considered. This is a product by Elastic
that is designed to secure ES. This is ideal, but at the moment it
is out of scope (due to the cost and overhead)
List item
Elastic plugins: Not being considered. The main plugins (such as
Jetty) appear to be abandoned.
Azure VPN. I originally tried to set this up, but ran into too many
difficulties. The ACLs seemed to give me what I need without much
difficulty. I am not sure if I can set this up now. The things I
don’t know are:
I don’t think I can move existing VMs into a new VPN.
I think you have to recreate the VMs in that VPN from the get go
Could I move my Web App into the VPN? How does that work?
This would prob break my developer scenario as the localhost API
would not be able to access the VPN, right?
Add a certificate to requests: It would be ideal if I could have
requests require a cert or a header token. I assume to do this I
would need to create a proxy that would run on the VMs and do the
validation before forwarding the request on to my Elasticsearch.
Anything else? Is there another option I have not thought of?
Thanks!
~john
You can create a VPN point-to-site connecting your Web App with your IaaS VMs. This is the best solution because you will be able to use just internal IPs on your IaaS.
The easiest way to do that using Azure Portal is create a Web App and, create a new VPN and VNet using "setup" option at "Your Web App" -> Settings -> Networking -> VNET Integration -> Setup -> Create New Virtual Network.
After that, create your IaaS inside this new VNet.
You also can create a ARM template to create Web App, IaaS, VPN and everything that you need. Take a look at my ARM template to create PHP+MySQL using Web App and MariaDB Cluster connected by VPN: https://github.com/juliosene/azure-webapp-php-mariadb
I have a PHP application which runs on Ubuntu.
I am looking for Cloud service on Azure which has Ubuntu OS so I can deploy my application over there.
I am able to find WAMP (Windows + Apache + My SQL + PHP) Cloud service on Azure but I am looking for LAMP (Linux + Apache + My SQL + PHP).
Appreciate for Any help.
I assume you're talking about Azure Virtual Machines rather than Azure Cloud Services, which are two different compute options. You can check this article to get the details about the different compute options on Azure. Cloud Services are a Platform-as-a-Service (PaaS) concept and only run on Windows Server. Azure Virtual Machines are basically hosting of VMs and these come in both Linux and Windows Server.
You can find ready-made Ubuntu-based VM images containing the LAMP stack in the Azure Marketplace or you can check the VM Depot, which contains community-provided VM images.
Alternatively, you can prep your own Virtual Machine and save it as a VM image, which you can then use to create new VMs off of it.
Azure Cloud Services (worker and web roles) are Windows only. Virtual Machines can be Windows or Linux.
However, if you are just looking to host your web front end you could use an Azure Web App (previously named Azure Websites) which has first class support for PHP, but the underling OS is still Windows.
In addition to the answer from Nick Trough you might want to try an ARM Template, e.g. https://github.com/Azure/azure-quickstart-templates/tree/b1908e74259da56a92800cace97350af1f1fc32b/lamp-app
This allows you to deploy a simple LAMP server (like marketplace or VM Depot) but has the added benefit of providing the configuration as an ARM Template (i.e. code) so you can easily modify it.
I need server to setup Zumero Sync on it , I already used azure free trail now I need to upgrade but don't know if I need only to buy VM or Cloud service with it , it's not clear how to use the VM , is it like VPS ?
You can upgrade to Pay as you go subscription model which means you have to pay for what you use so in your case you have to pay for the VM and storage for storing the VHD of the VM. Cloud Service is basically a shell under which you deploy a VM so you don't need to pay for it.You can minimize the cost by shutting down the VM when not in use.
If you're not using Azure Resource Managed (announced recently by MS: IaaS Just Got Easier) the portal (and PowerShell) forces you to create a Cloud Service otherwise there's no way for you to assign an external DNS to connect to your VM. You won't need to do anything with it other than set it up if you're using a VM, but it will need to be there.
If you're not using a VM, your Cloud Service is the container for your deployment, which means you don't need to worry about maintaining IIS or Windows (which your app still runs on in the background).
Does anyone know if one can host a website using the VMRole in Windows Azure?
If I have IIS running on the VM can I access that from the outside?
Also, if I scale to multiple instances of the same VM, will that endpoint be automatically load balanced, just like a WebRole?
Note: There are some requirements that I have that cannot be accomplished with the WebRole, so that is why I am not using it. (if you were wondering)
Thanks in advance!
Yes, you can host a web site in an VM Role. The VM Role must be Windows 2008 R2, which has IIS, so you should have everything you need to support your website. You'll just need to work with HyperV locally to construct the VHD, then prep it with Windows Azure tools, etc.
Just curious: What specific requirements do you have that cannot be accomplished with a Web Role? There are three core use cases for VM Role:
The setup process cannot be automated
The setup process is not 100% reliable (e.g. installers periodically fail)
The setup process takes too long (maybe more than 5 minutes or so)
With startup tasks, you shouldn't have any restrictions on installing software, registering COM controls, modifying the registry, etc.