Azure Resource quick guide

In gernal,

load balancer distributes traffic evenly among each system in a pool. A load balancer can help you achieve both high availability and resiliency.

Say you start by adding additional VMs, each configured identically, to each tier. The idea is to have additional systems ready, in case one goes down, or is serving too many users at the same time.

Azure Load Balancer is a load balancer service that Microsoft provides that helps take care of the maintenance for you. Load Balancer supports inbound and outbound scenarios, provides low latency and high throughput, and scales up to millions of flows for all Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) applications. You can use Load Balancer with incoming internet traffic, internal traffic across Azure services, port forwarding for specific traffic, or outbound connectivity for VMs in your virtual network.

When you manually configure typical load balancer software on a virtual machine, there’s a downside: you now have an additional system that you need to maintain. If your load balancer goes down or needs routine maintenance, you’re back to your original problem.

Azure Application Gateway

If all your traffic is HTTP, a potentially better option is to use Azure Application Gateway. Application Gateway is a load balancer designed for web applications. It uses Azure Load Balancer at the transport level (TCP) and applies sophisticated URL-based routing rules to support several advanced scenarios.

Benefits

  • Cookie affinity. Useful when you want to keep a user session on the same backend server.
  • SSL termination. Application Gateway can manage your SSL certificates and pass unencrypted traffic to the backend servers to avoid encryption/decryption overhead. It also supports full end-to-end encryption for applications that require that.
  • Web application firewall. Application gateway supports a sophisticated firewall (WAF) with detailed monitoring and logging to detect malicious attacks against your network infrastructure.
  • URL rule-based routes. Application Gateway allows you to route traffic based on URL patterns, source IP address and port to destination IP address and port. This is helpful when setting up a content delivery network.
  • Rewrite HTTP headers. You can add or remove information from the inbound and outbound HTTP headers of each request to enable important security scenarios, or scrub sensitive information such as server names.

What is a Content Delivery Network (CDN)?

A content delivery network (CDN) is a distributed network of servers that can efficiently deliver web content to users. It is a way to get content to users in their local region to minimize latency. CDN can be hosted in Azure or any other location. You can cache content at strategically placed physical nodes across the world and provide better performance to end users. Typical usage scenarios include web applications containing multimedia content, a product launch event in a particular region, or any event where you expect a high-bandwidth requirement in a region.

DNS

DNS, or Domain Name System, is a way to map user-friendly names to their IP addresses. You can think of DNS as the phonebook of the internet.

How can you make your site, which is located in the United States, load faster for users located in Europe or Asia?

network latency in azure

Latency refers to the time it takes for data to travel over the network. Latency is typically measured in milliseconds.

Compare latency to bandwidth. Bandwidth refers to the amount of data that can fit on the connection. Latency refers to the time it takes for that data to reach its destination.

One way to reduce latency is to provide exact copies of your service in more than one region, or Use Traffic Manager to route users to the closest endpoint, One answer is Azure Traffic Manager. Traffic Manager uses the DNS server that’s closest to the user to direct user traffic to a globally distributed endpoint, Traffic Manager doesn’t see the traffic that’s passed between the client and server. Rather, it directs the client web browser to a preferred endpoint. Traffic Manager can route traffic in a few different ways, such as to the endpoint with the lowest latency.

Cheers

Osama

Migrating from MongoDB to Azure cosmos db, Using Mongorestore and mongodump manual/offline

In this post, i will discuss how to migrate from mongoDB (in my case the database was hosted on AWS) to Azure CosmosDB, i searched online about different articles how to do that, the problem i faced most of them were discussing the same way which is Online and using 3rd party software which is not applicable for me due to security reason, thefore i decided to post about it maybe it will useful for someone else.

Usually the easiet way which is use Azure Database Migration Service to perform an offline/online migration of databases from an on-premises or cloud instance of MongoDB to Azure Cosmos DB’s API for MongoDB.

There are some prerequisite before start the migration to know more about it read here, the same link explained different ways for migrations, however before you start you should create an instance for Azure Cosmos DB.

Preparation of target Cosmos DB account

Create an Azure Cosmos DB account and select MongoDB as the API. Pre-create your databases through the Azure portal

The home page for azure Cloud

from the search bar just search for “Azure Cosmos DB”

Azure Cosomo DB

You have add new account for the new migration Since we are migrating from MongoDB then The API should be “Azure CosmosDB for MongoDB API”

Create cosmos db

The target is ready for migration but we have to check the connection string so we can use them in our migration from AWS to Azure.

Get the MongoDB connection string to customize

  • the Azure Cosmos DB blade, select the API.
  •  the left pane of the account blade, click Connection String.
  • The Connection String blade opens. It has all the information necessary to connect to the account by using a driver for MongoDB, including a preconstructed connection string.
Connection string

From MongoDB (Source server) you have to take backup for the database, now after the backup is completed, no need to move the backup for another server , mongo providing two way of backup either mongodump (dump) or mongoexport and will generate JSON file.

For example using monogdump

mongodump --host <hostname:port> --db <Databasename that you want to backup > --collection <collectionname> --gzip --out /u01/user/

For mongoexport

mongoexport --host<hostname:port> --db <Databasename that you want to backup > --collection <collectionname> --out=<Location for JSON file>

After the the above command will be finished, in my advice run them in the background specially if the database size is big and generate a log for the background process so you can check it frequently.

Run the restore/import command from the source server , do you remember the connection string, now we will use them to connect to Azure Cosmos DB using the following, if you used mongodump then to restore you have to use mongorestore like the below :-

mongorestore --host testserver.mongo.cosmos.azure.com --port 10255 -u testserver -p  w3KQ5ZtJbjPwTmxa8nDzWhVYRuSe0BEOF8dROH6IUXq7rJgiinM3DCDeSWeEdcOIgyDuo4EQbrSngFS7kzVWlg== --db test --collection test /u01/user/notifications_service/user_notifications.bson.gz  --gzip --ssl --sslAllowInvalidCertificates

notice the follwing :-

  • host : From Azure portal/connection string.
  • Port : From Azure portal/connection string.
  • Password : From Azure portal/connection string.
  • DB : The name of the database you want to be created in azure cosmo,this name will be created during the migration to azure.
  • Collection : The name of the collection you want to be created in azure cosmo,this name will be created during the migration to azure.
  • Location for the backup.
  • gzip because i compressed the backup
  • Migration required to use ssl authication otherwise it will fail.

using mongoimport.

mongoimport --host testserver.mongo.cosmos.azure.com:10255 -u testserver -p w3KQ5ZtJbjPwTmxa8nDzWhVYRuSe0BEOF8dROH6IUXq7rJgiinM3DCDeSWeEdcOIgyDuo4EQbrSngFS7kzVWlg== --db test --collection test --ssl --sslAllowInvalidCertificates --type json --file /u01/dump/users_notifications/service_notifications.json

Once you run the command

Note: if you migrating huge or big databases you need to increase the cosmosdb throughout and database level after the migration will be finished return everything to the normal situation because of the cost.

Cheers

Osama

Terraform for Oracle Cloud infrastructure

This post provide steps for downloading and installing both Terraform and the Oracle Cloud Infrastructure Terraform provider.

Terraform Overview

Terraform is “infrastructure-as-code” software that allows you to define your infrastructure resources in files that you can persist, version, and share. These files describe the steps required to provision your infrastructure and maintain its desired state; it then executes these steps and builds out the described infrastructure.

Infrastructure as Code is becoming very popular. It allows you to describe a complete blueprint of a datacentre using a high-level configuration syntax, that can be versioned and script-automated, Terraform can seamlessly work with major cloud vendors, including Oracle, AWS, MS Azure, Google, etc

Download and Install Terraform

In this section, i will show and explain how to download and install Terraform on  your laptop/PC Host Operating System, you can download using the below link :-

Terraform Download
  • After you download the terraform, Unzip the Terraform to whatever location you want to run it from. Then, add that location to your OS PATH.
    • Windows : By adding to Path –> environment variables
    • Linux : Profile –> export Path

You can check by run the CMD and check the version:-

Check Terraform commands

Download the OCI  Terraform Provider

Prerequisites:-

  • OCI User credentials that has  sufficient permission to  execute a Terraform plan.
  • Required keys and Oracle Cloud Infrastructure IDs (OCIDs).
  • The correct Terraform binary file for your operating system

Installing and Configuring the Terraform Provider

In my personal opioion about this section (The title of the section same as Oracle Documentation) I found it wrong, i worked with Terraform in different cloud vendor, AWS, Azure and OCI so Terraform will recognize it and automatically install the provider for you.

to do that, all of you have to do is create folder , then create file “variables.tf” that only contains

provider "oci" {<br>}

and run terraform command

terraform init

Now Let’s Talk small examples about OCI and Terraform, First you have to read “Creating Module” to understand the rest of this post here.

I will upload to my Github here Small Sample for OCI Terraform to allow you underatand how we can use it instead of the GUI and make it easy for you.

I upload to my github example of Terraform for OCI Proiver, In the this example i will create autonomous database but not using the GUI,

to work with Terraform, you have to understand what is the OCI Provider and the parameters of it.

The Terraform configuration resides in two files: variables.tf (which defines the provider oci) and main.tf (which defines the resource).

For more terraform examples here

Configuration File Requirements

Terraform configuration (.tf) files have specific requirements, depending on the components that are defined in the file. For example, you might have your Terraform provider defined in one file (provider.tf), your variables defined in another (variables.tf), your data sources defined in yet another.

Some of the examples for Terraform files here

Provider Definitions

The provider definition relies on variables so that the configuration file itself does not contain sensitive data. Including sensitive data creates a security risk when exchanging or sharing configuration files.

To understand more about provider read here

provider "oci" {
   tenancy_ocid = "${var.tenancy_ocid}"
   user_ocid = "${var.user_ocid}"
   fingerprint = "${var.fingerprint}"
   private_key_path = "${var.private_key_path}"
   region = "${var.region}"
}

Variable Definitions

Variables in Terraform represent parameters for Terraform modules. In variable definitions, each block configures a single input variable, and each definition can take any or all of three optional arguments:

  • Type (Optional): Defines the variable type as one of three allowed values: string, list, and map. If this argument is not used, the variable type is inferred based on default. If no default is provided, the type is assumed to be string
  • Default (Optional) : Sets the default value for the variable. If no default value is provided, the caller must provide a value or Terraform throws an error.
  • Description (Optional) : A human-readable description of the variable.

More information here

For example

variable "AD" {
    default     = "1"
    description = "Availability Domain"
}

Output Configuration

Output variables provide a means to support Terraform end-user queries. This allows users to extract meaningful data from among the potentially massive amount of data associated with a complex infrastructure.

More information here

Example

output "InstancePublicIPs" {
value = ["${oci_core_instance.TFInstance.*.public_ip}"]
}

Resource Configuration

Resources are components of your Oracle Cloud Infrastructure. These resources include everything from low-level components such as physical and virtual servers, to higher-level components such as email and database providers, your DNS record.

For more information here

One of the example :-

resource "oci_core_virtual_network" "vcn1" {
   cidr_block = "10.0.0.0/16"
   dns_label = "vcn1"
   compartment_id = "${var.compartment_ocid}"
   display_name = "vcn1"
}

Data Source Configuration

Data sources represent read-only views of existing infrastructure intended for semantic use in Terraform configurations, for example Get DB node list

data "oci_database_db_nodes" "DBNodeList" {
  compartment_id = "${var.compartment_ocid}"
  db_system_id = "${oci_database_db_system.TFDBNode.id}"
}

Another example, Gets the OCID of the first (default) vNIC


data "oci_core_vnic" "DBNodeVnic" {
  vnic_id = "${data.oci_database_db_node.DBNodeDetails.vnic_id}"
}

Follow me on GitHub here

Cheers

Osama

How to be Azure Solutions Architect Expert

Many of you knows that i have been working on different cloud vendor, oracle cloud infrastructure , Amazon AWS, and MS Azure, and I had chance to work on many of them with hands-on experience and implement projects on all of them.

Now i am working on 2nd book that will include different topics about the 3 of them, DevOps, and comparison between all the three cloud vendor and more.

During the Lockdown, i was working to sharp my skills and test them in the cloud, therefore i decided to go for azure first and trust me when i say “it’s on of the hardest exam i ever did”.

The exam itself it’s totally different from what i used to, real case scenario that you should be aware of azure features, all of them, and configure them.

To be “Azure Solutions Architect Expert”, there are some of the conditions you should go thru, first you need to apply for two exams, AZ-301 & AZ-300

  • AZ-301 Microsoft Azure Architect Design
  • AZ-300 Microsoft Azure Architect Technologies

Both are Part of the requirements for: Microsoft Certified: Azure Solutions Architect Expert, the first exam which AZ-301, disccused the following secure, scalable, and reliable solutions. Candidates should have advanced experience and knowledge across various aspects of IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data management, budgeting, and governance. This role requires managing how decisions in each area affects an overall solution. Candidates must be proficient in Azure administration, Azure development, and DevOps, and have expert-level skills in at least one of those domains.

Learning Objectives

  • Determine workload requirements
  • Design for identity and security
  • Design a data platform solution
  • Design a business continuity strategy
  • Design for deployment, migration, and integration
  • Design an infrastructure strategy

For the AZ-300

Learning Objectives

  • Deploy and configure Azure infrastructure
  • Implement workloads and security on Azure
  • Create and deploy apps on Azure
  • Implement Azure authentication and secure data
  • Develop for the cloud

After you completed the both exams successfully you will receive your badge for the three exams, durtation for the exams around 3 hours and trust me you will need it.

Enjoy

Osama

Apply for Oracle exam extension

As we already know oracle has been providing free exam and materials for siz track like the following till 15 May 2020: –

and because of the high demand since there are not available slot anymore, Oracle now providing extension BUT you have to apply for this

Follow this Video :-

How to ask for extension

Enjoy

Osama

How to study for Oracle Cloud Infrastructure Developer 2020 Associate

Many of you knows that Oracle annouced before one month, the six track from Oracle university included the exams for free, so far i completed four of them and looking for the other two.

in this post i will discuss how to preapre for exam 1z0-1084-20, in my opioion, this exam it’s more DevOps exam, so if you know the knowledge with Docker and Kubernetes and worked on them, working with OCI (Oracle Cloud Infrastrcuture) before, go ahead and apply for this exam.

The funny thing when you pass one exam and post about it on the social media directly i start recieving multiple messages from different people i don’t know, asking “could you please provide us with the dumps ?” first of all, how did you assume i am using dump, i failed mulitple times in different Oracle exam, second, i am aganist the dumps for various reasons, the exam is prove that you are ready to go thru this track and work on it, imagine you put this on your resume and someone asked you question about it, it will not be professional for you.

However, i would like to discuss 1z0-1084-20 specially this one, because i didn’t feel it’s only related to Oracle, you should have knowledge with different criteria,

  • Docker
  • Kubernetes
  • Microservices
  • software architect patterns
  • Testing patterns
  • For sure OCI

When you are study for this exam, you should follow Lucas Jellema Blog here and you can follow him on twitter also.

This blog saved me alot of time and explained everything you need to know in details.

Exam TitleOracle Cloud Infrastructure Developer
2020 Associate
FormatMultiple Choice
Duration105 Minutes
Number of
Questions:
60
Passing Score:70%
Exam Details

Exam Preparation

you need to focus on the following topics if you want to pass this exam :-

  • Develop application using OCI Developer tools, such as, APIs, SDKs and CLI
  • Develop a serverless application
  • Develop high performing applications & API
  • Manage & store the application code runtimes
  • Oracle Function
  • OCI container engine for kubernetes.
  • OCIR – Oracle Cloud Infrastructure Registry.

Wish you all the best

Osama

Moving resource to another subscription or another resource group

In this post i will discuss how to move your Azure resource to another account, subscruiption or even another resource group.

when we are talking about resource we mean by that, disk, vm, IP, interface .. etc let’s say everything you create it, it’s consider as resource.

Sometimes you asked to moved your resource to another subscruiption but in my case i need to orgazine the infrastrcutre and make it much more easier to manage by create different resource group, do this it’s very simple step, you can do it either using Azure CLI, Powershell or GUI.

To do this just follow the screenshot :-

  • Login to Azure portal here.
  • From the Dashboard as you see below choose from the left panel –> Resource group

As you see from the below

  • new windows will be opened which the resource group that you have, just choose which one you want by pressing on it, choose from the list , export template
  • Once you choose this option, Azure will start Generating the template, but it will take some time depends on your resource group and how much resource it has, once it’s finished press Download.
  • Congrats, now you are having your resource as JSON file.

Thanks

Osama

Free Online Learning and Certifications for Oracle Cloud Infrastructure and Oracle Autonomous Database

Yes what you read it’s true …

Oracle now providing Free Online courses from Oracle University and not only this After complete the course you will be able to take the certficate for free,

Thank you Oracle for providing this and allow people to learn something new during this hard time for the whole world #CoronaVirus and quarantine.

Try to use your time wisely during these times, it will not come again and trust me when i am saying you will regret it.

The tracks :-

Note: Don’t Send me a message here or Linkedin Asking me about Dumps, if you ready to have the certificate apply for the exam otherwise don’t cheat.

Enjoy

Thanks

Osama

Create Your First VM with Azure Cloud In different ways

To create your first server/VM on Azure cloud, you have different ways to do that :-

  • Azure Resource Manager
  • Azure PowerShell
  • Azure CLI
  • Azure REST API
  • Azure Client SDK
  • Azure VM Extensions
  • Azure Automation Services

The Azure portal is the easiest way to create resources such as VMs, i will describe each one of them,

The first way which is The Portal here, to do this it’s very simple :-

  • Click on the Create a resource option in the top-left corner of the portal page.
  • Use the Search the Marketplace search bar to find “Ubuntu Server” for example.
  • Press on Create , then new page will be open.
  • Configure the VM, by enter the name, the region, The Subscription,Availability options
  • There are several other tabs you can explore to see the settings you can influence during the VM creation. Once you’re finished exploring, click Review + create to review and validate the settings.
  • On the review screen, Azure will validate your settings. You might need to supply some additional information based on the requirements of the image creator.


This is was the first way to create the VM which is consider the easiet one also.

Azure Resource Manager

assumig you want to create a copy of a VM with the same settings. You could create a VM image, upload it to Azure, and reference it as the basis for your new VM,Azure provides you with the option to create a template from which to create an exact copy of a VM.

You can do this, after create the VM –> Setting –> export template.

Azure PowerShell

Azure PowerShell is ideal for one-off interactive tasks and/or the automation of repeated tasks, note that PowerShell is a cross-platform shell that provides services like the shell window and command parsing.

New-AzVm  -ResourceGroupName "TestResourceGroup"  -Name "test-wp1-eus-vm"  -Location "East US"  -VirtualNetworkName "test-wp1-eus-network"  -SubnetName "default"  -SecurityGroupName "test-wp1-eus-nsg"  -PublicIpAddressName "test-wp1-eus-pubip"  -OpenPorts 80,3389

Azure CLI

The Azure CLI is Microsoft’s cross-platform command-line tool for managing Azure resources such as virtual machines and disks from the command line. It’s available for macOS, Linux, and Windows, this is also found in Different cloud vendor for example For Amazon it’s called aws cli, for Oracle it’s Called OCI-CLI and Google it’s called GCP-CLI.

az vm create --resource-group TestResourceGroup --name test-wp1-eus-vm --image win2016datacenter --admin-username osama --admin-password anything

Programmatic (APIs)

This is no my expertise so i will no go deep dive with it, But we were talking about Azure CLI and powershell, you can install something called Azure REST API and start using differen programing language to deal with Azure, i did this with python for AWS using Boto3 module, i post about it before here.

The same can be done for Azure or any Cloud vendor.

Azure VM Extensions

Azure VM extensions are small applications that allow you to configure and automate tasks on Azure VMs after initial deployment. Azure VM extensions can be run with the Azure CLI, PowerShell, Azure Resource Manager templates, and the Azure portal.

Thank you

Osama Mustafa