Implementing Azure Solutions

3.7 (3 reviews total)
By Florian Klaffenbach , Jan-Henrik Damaschke , Oliver Michalski
    What do you get with a Packt Subscription?

  • Instant access to this title and 7,500+ eBooks & Videos
  • Constantly updated with 100+ new titles each month
  • Breadth and depth in over 1,000+ technologies
  1. Free Chapter
    Getting Started with Azure Implementation

About this book

Microsoft Azure has numerous effective solutions that shape the future of any business. However, the major challenge that architects and administrators face are implementing these solutions appropriately.

Our book focuses on various implementation scenarios that will help overcome the challenge of implementing Azure’s solutions in a very efficient manner and will also help you to prepare for Microsoft Architect exam. You will not only learn how to secure a newly deployed Azure Active Directory but also get to know how Azure Active Directory Synchronization could be implemented.

To maintain an isolated and secure environment so that you can run your virtual machines and applications, you will implement Azure networking services. Also to manage, access, and secure your confidential data, you will implement storage solutions. Toward the end, you will explore tips and tricks to secure your environment.

By the end, you will be able to implement Azure solutions such as networking, storage, and cloud effectively.

Publication date:
May 2017


Chapter 1. Getting Started with Azure Implementation

Cloud services have come a long way in the last 5 to 10 years. Cloud was and still is one of the biggest trends in Information Technology (IT), with new topics still to be discovered.

In the early 2000s, cloud computing wasn't a widely used phrase, but the concept as well as data centers with massive computing power were already existent and used. Later in that decade, the word cloud became a buzzword for nearly anything that was not tangible or online. But the real rise of cloud computing with all its different service models happened before, when the big IT companies started their cloud offers. That was Amazon, Google, and Microsoft in particular. As the cloud offers developed, they enabled companies from startups to Fortune 500s to use cloud services, from web services to virtual machines with billing exact to the minute.

In this chapter, we'll explore the following topics:

  • Cloud service models
  • Cloud deployment models
  • Cloud characteristics
  • Azure services overview

Service models

Cloud computing the new trend model for enabling workloads, that use resources from a a normally extreme huge resource pool, that is operated by a cloud service provider. These resources include servers, storage, network resources, applications, services or even functions. These can be rapidly deployed, operated and automated with a low effort and the prices are calculated on a minute base. This cloud model is composed of five essential characteristics, three service models, and four deployment models.

Cloud offers are mainly categorized into the following service models:

  • The most popular IaaS resources in Azure contain virtual machines, virtual networks (internal and external), container services and storage.
  • Infrastructure as a Service (IaaS): Infrastructure as a Service describes a model in which the cloud provider gives the consumer the possibility to create and configure resources from the computing layer upwards. This includes virtual machines, networks, appliances, and many other infrastructure-related resources:
  • Platform as a Service (PaaS): Platform as a Service gives the consumer an environment from the operating system upwards. So, the consumer is not responsible for the underlying IaaS infrastructure. Examples are operating systems, databases, or development frameworks:
    • Microsoft Azure contains many PaaS resources such as SQL databases, Azure app services, or cloud services.
  • Software as a Service (SaaS): Software as a Service is the model with the lowest levels of control and required management. A SaaS application is reachable from multiple clients and consumers, and the owning consumer doesn't have any control over the backend, except for some application related management tasks.
  • Examples of SaaS applications are Office 365, Visual Studio Online, Outlook website, OneDrive, and even the Amazon website itself is a SaaS app with Amazon as its own consumer.

A comparison of service model responsibilities is as follows:

Cloud service models


Deployment models

Furthermore, there are a number of deployment models for cloud computing that need to be discussed. These deployment models cover nearly all common cloud computing provider scenarios. They describe the group of consumers that are able to use the services of the cloud service, rather than the institution or the underlying infrastructure:

  • Examples of a Public Cloud are Microsoft Azure and Amazon AWS.
  • Examples of a Community Cloud are Microsoft Azure Germany (location) or Microsoft Azure Government (organization and compliance) for US Government authorities.
  • Public Cloud: A Public Cloud describes a cloud computing offer that can be accessed by the public. This includes individuals as well as companies.
  • Community Cloud: A Community Cloud is only accessible by a specified group. These are, for example, connected by location, an organization membership, or by reasons of compliance.
  • Private Cloud: Private Cloud describes an environment/infrastructure built and operated by a single organization for internal use. These offers are specifically designed for the different units in the organization.
    • Examples are Microsoft Windows Azure Pack (WAP) or Microsoft Azure Stack, as well as OpenStack, if they are used for internal deployments.
  • Hybrid Cloud: The Hybrid Cloud combines the Private and Public Clouds. It is defined as a Private Cloud environment at the consumer's premises as well as Public Cloud infrastructure that the consumer uses. These structures are generally connected by site-to-site VPNs or Multiprotocol Label Switching (MPLS). A Hybrid Cloud could also exist as combination of any other models such as Community and Public Clouds.
    • Examples are Azure VMs connected to an on-premises infrastructure via ExpressRoute or site-to-site VPN.

Below is a comparison between a related example, in this case between Azure (Public Cloud) and Azure Pack (Private Cloud):

Comparison of Microsoft Azure (Stack) to Azure Pack


With Summer 2017 Microsoft will release the new version of the private cloud adoption from Azure Resource Manager. The new version will be named Azure Stack and will sooner or later be equal to the Azure Resource Manager Framework.


Cloud characteristics

Microsoft Azure is one of the biggest cloud service providers worldwide, offering a wide range of services from IaaS to PaaS to SaaS. It fulfills all the characteristics that the National Institute of Standards and Technology (NIST) describes for cloud computing. These are as follows:

  • On-demand self-service: An automated deployment of resources that a consumer orders through an interface such as a consumer portal.
  • Broad network access: Providing availability of cloud services through a standardized network interface that are, at best, accessible by several endpoint devices.
  • Resource pooling: This means that the automated assignment and reassignment of diverse resources from various resource pools for individual customers is possible.
  • Rapid elasticity: It is also known as rapid scaling, and describes the ability to scale resources in a massive way. The automatic and fast assignment and reassignment of resources, and rapid up- and down-scaling of single instances are keywords when talking about rapid elasticity. The adjustment of web server resources depending on the demand is an example of rapid elasticity.
  • Measured service: All usage data for consumer resources is monitored and reported to be available for consumers and the cloud provider. This is one of the requirements for minute-based billing.

Microsoft Azure

When Windows Azure came online to the general public in February 2010 there were solely database services, websites, and virtual machine hosting available. Over time, Microsoft constantly added features and new services to Azure, and, as there were more and more offers for Linux and other non-Windows services, Microsoft decided in April 2014 to rename Windows Azure as Microsoft Azure. This supported Microsoft's commitment to transform itself into a services company, which means that, in order to be successful, you have to offer as many services as possible to as many clients as possible. Since then, Microsoft has constantly improved and released new services. Additionally, it constantly builds and expand its data centers all over the world.


The service updates happen very frequently. That is the reason why you need to keep yourself informed. For example, the database offer you are using could have improved storage or performance capabilities. Information sources are the official Microsoft Azure Blog and the Azure Twitter channel. Furthermore, information can be found on the websites of several Azure MVPs.

Azure services overview

Azure offers many services in its cloud computing platform. These services include the following:

The service categories, differentiated between platform services and infrastructure services, are as follows:

  • Management: The management services include the management portal, the marketplace with the services gallery, and the components to automate things in Azure.
  • Services compute: Services compute are the Azure cloud services that are basically PaaS offers for developers to quickly build and deploy highly scalable applications. The service fabric and Azure RemoteApp are also in this category.
  • Security: Containing all the services that provide identity in Azure, such as the Azure Active Directory, multi-factor authentication, and the key vault that is a safe place for your certificates.
  • Integration: The integration services include interface services such as BizTalk and Azure Service Bus, but also message helpers such as storage queues.
  • Media and CDN: These are basically two services. One is the CDN that makes it possible to build your own content delivery network based on Azure. The other is the media services that make it very easy to use and process different media with the help of Azure.
  • Web and mobile: These include all the services that assist in creating apps or backend services for web and mobile; for example, web apps and API apps.
  • Developer services: These are cloud-based development tools for version control, collaboration, and other development-related tasks. The Azure SDK is a part of the developer services.
  • Data: The data services contain all the different database types that you can deploy in Azure (SQL, DocumentDB, MongoDB, Table storage and so on) and diverse tools to configure them.
  • Analytics and IoT: As the name suggests, analytics services are tools to analyze and process data. This offers a broad range of possibilities from machine learning to stream analytics. These can, but don't have to, build on certain data services. Internet of Things (IoT) services include the fundamental tools needed to work with devices used for the IoT such as the Raspberry Pi 2.
  • Hybrid operations: This category sums up all the remaining services that could not clearly be categorized. These include backup, monitoring, and disaster recovery as well as many others.
  • Platform Services:
  • Infrastructure services:
    • Operating system and server compute: This category consists of compute containers. It includes virtual machine containers and, additionally, the container services that are quite new to the product range.
    • Storage: Storage services are the two main storage types: BLOB and file storage. They have different pricing tiers depending on the speed and latency of the storage ordered. Storage is looked at in detail in Chapter 6, Planning and Deploying Virtual Machines in Azure.
    • Networking: This category consists of the basic networking resources. Examples are Load Balancer, ExpressRoute, and VPN Gateways.

The important thing is to remember that we are talking about a rapidly changing and very agile cloud computing platform. After this chapter, if you have not already done so, you should start using Azure by experimenting, exploring, and implementing your solutions, while reading the correlating chapters.

For testing purposes, you should use the Azure Free Trial (‎), Visual Studio Dev Essentials ( or the included Azure amount from a MSDN subscription.


Azure basics

In the following section, we will take a look at the basic Microsoft Azure key concepts. This should provide an overview and an idea of how to use Azure.

Azure Resource Manager

In the previous major version of Azure, a deployment backend model called Azure Service Manager (ASM) was used. With higher demand on scaling, being more flexible and more standardized a new model called the ARM was introduced and is now the standard way of using Azure.

This includes a new portal, a new way of looking at things as resources and a standardized API that every tool, including the Azure portal, that interacts with Azure uses.

With this API and architectural changes, it's possible to use such things as Azure Resource Manager templates for any size of deployment. ARM templates are written in JavaScript Object Notation (JSON) and are a convenient way to define one or more resources and their relationship to another programmatically. This structure is then deployed to a resource group. With this deployment model, it’s possible to define dependencies between resources as well as being able to deploy the exact same architecture again and again. The next part will dive a little deeper into resources.


Azure resources are the key to every service offering in Azure. Resources are the smallest building blocks and represent a single technical entity like a VM, a Network Interface Card, a storage account, database or a website.

When deploying a web app, a resource called App service will be deployed along with a service plan for billing.

When deploying a Virtual Machine from Azure Marketplace template a VM resource will be created as well as a storage account resource holding the virtual hard disks, a Public IP Address resource for initial access to the VM, a Network Interface card and a Virtual Network resource.

Every resource has to be deployed to one specific resource group. A resource group can hold multiple resources, while a single resource can only exist in one resource group. Resource groups also can't contain another resource group, what leads to a single layer of containers regarding resources.

One resource group can contain all resources of a deployment or multiple resources of different deployments. There are no strong recommendations on structuring resource groups, but it's recommended to organize either resource of one project/enrollment/deployment in separate resource groups or distribute resources based on their purpose (networking, storage, and so on) to resource groups.

Azure regions

Azure as a global cloud platform provides multiple regions to deploy resources at. One region consists of at least one highly available data center or data center complex.

The (at the time of writing) 34 regions are distributed all over the world and include community clouds like Azure Germany or government clouds like US Gov Virginia. Additionally, to the implicit high availability inside a region and a data center, it’s possible to select a region and creation of most resources. This region represents a set of data centers that are connected through Microsoft owned high-speed network to replicate the data in near real-time between the specific data centers.

Regions can also have an impact on the performance and availability of some resources. Some services may be not or only partially available in a specific region.

The costs of offered services also vary by region. For reduced latency, it's recommended to choose a region next to the physical location of the consumer. It might also be important which legal requirements must be met. This could, for example, result in a deployment only in EU regions or even regions in specific countries.

Azure Portal

The Azure Portal is a web application and the most straightforward way to view and manage most Azure resources. The Azure portal can also be used for identity management, to view billing information and to create custom dashboards for often used resources to get a quick overview of some deployments.

Although it’s easy to start with using and deploying services and resources, it’s highly recommended to use some Azure Automation technologies for larger and production environments.

The Azure portal is located at

Azure automation

Azure automation is a service and a resource as well an Azure concept in the context of cloud computing.

It’s very important to see automation as an essential concept when it comes to cloud computing. Automation is one of the key technologies to reduce operational costs and will also provide a consistent and replicable state. It also lays the foundation to any rapid deployment plans.

As Azure uses very much automation internally, Microsoft decided to make some of that technology available as a resource called automation account.

Azure Automation tools

Azure provides several ways of interacting and automating things. The two main ways to interact with Azure besides the portal are the Azure PowerShell and the Azure Command-Line Interface (CLI).

Both are basically just wrappers around the Azure API to enable everyone not familiar with REST APIs, but their specific scripting language to use and automate Azure.The Azure PowerShell module provides cmdlets for managing Azure services and resources through the Azure API. Azure PowerShell cmdlets are used to handle Account management and Environment management like creating, updating and deleting resources.

These cmdlets work completely the same on Azure, Azure Pack and Azure stack, Microsoft's private cloud offerings.

Azure PowerShell open source and maintained by Microsoft. The project is available on GitHub at the following link: Azure CLI is a tool that you can use to create, manage, and remove Azure resources from the command-line. The Azure CLI was created for administrators and operators that are not that experienced with Microsoft technologies, but with other Server technologies like Unix or Linux.

The Azure CLI is an open source project as well and is available for Linux, macOS, and Windows here:


All Azure Services, including the Azure Management Portal, provide their own REST APIs for their functionality. They can, therefore, be accessed by any application that RESTful Services can process.

In order for software developers to write applications in the programming language of their choice, Microsoft offers wrapper classes for the REST APIs.

These are available as a so-called Azure SDK for numerous programming languages (for example, .NET, Java, Node.js) here:



In the last chapter, we learned that the classic model had changed a lot. In the classic world, you had complete control over the hardware and software that is deployed. This has led to hardware decisions that focus on massive scaling. An example is purchasing a server with more cores to satisfy peak performance needs. Unfortunately, this infrastructure might be underutilized outside the demand window. With Azure, you can deploy only the infrastructure that you need, and adjust this up or down at any time. This leads to a focus on scaling out through the deployment of additional compute nodes to satisfy a performance need. Although this has consequences for designing an appropriate software architecture. These days it's sure that scaling out cloud services is more cost-saving than scaling up through racks and servers.

Microsoft has built many Azure datacenters around the globe. There are even more planned, especially sovereign clouds in regions like China and Germany. Only the largest global enterprises can deploy datacenters in this manner, so using Azure makes it easy for enterprises of any size to deploy their services close to their customers.

For small businesses, Azure allows for a low-cost entry point, with the ability to scale on demand. This prevents a large capital investment in infrastructure and provides the flexibility to architect and re-architect systems as needed. Using cloud technologies supports the startup mentality of growing fast and failing fast.

In the next chapter, we will take a look at Azure Resource Manager and the Azure resource manager tools.

About the Authors

  • Florian Klaffenbach

    Florian Klaffenbach is currently working as a technology solutions professional at Microsoft. He is a well-known expert when it comes to hybrid cloud scenarios, cloud connectivity, and cloud environment optimization. Before he started at Microsoft, he worked at several companies in different roles, such as technical community manager and solution expert at Dell, and solutions architect at CGI Germany. He is also one of Packt's authors and has worked on books such as Multi-Cloud for Architects and Implementing Azure Solutions, first and second edition. He spends his free time with his wife and his two little sons.

    Browse publications by this author
  • Jan-Henrik Damaschke

    Jan-Henrik Damaschke is an IT Consultant for Security, Network, and Infrastructure from Germany. He was MVP awarded in the categories of Enterprise Security, PowerShell, and AzureStack. PKI implementation and management is one of his core competencies as well as cloud-related security. He writes articles on security-related topics and is involved in many community events as a speaker as well as an organizer. He is passionate about sharing knowledge with others. For this purpose, he is member of the Microsoft Student Partner program and is engaged on forums and on other platforms. He was also the author on the first edition of this book Implementing Azure Solutions.

    Browse publications by this author
  • Oliver Michalski

    Oliver Michalski started in 1999 with his IT carrier as a Web Developer. Now, he is a Senior Software Engineer for Microsoft .NET and an SOA Architect. He also works as an Independent Enterprise Consultant in the field Microsoft Azure. When he started in 2011 with Microsoft Azure, there was no Azure Community on the German market. Therefore, Oliver founded the Azure Community Germany (ACD). Oliver is Chairman of the Azure Community Germany, and since April 2016 and July 2017, he has been a Microsoft Most Valuable Professional for Microsoft Azure. Oliver is author (co-author) of Implementing Azure Solutions and Implementing Azure Cloud Design Patterns, both available from Packt Publishing.

    Browse publications by this author

Latest Reviews

(3 reviews total)
Die Abwicklung lief problemlos.
Packt reduced the price of the ebook i purchased to 50% within two days after i bought it. I was hoping to make use of the price slash to get the printed version and the customer support never helped until th e price went back to its full !!!! They just need your money
Good reading, excellent .
Implementing Azure Solutions
Unlock this book and the full library FREE for 7 days
Start now