Converting Azure Architecture PowerPoint Slides to diagrams.net/draw.io Platform

Having decided to go forward using diagrams.net (formerly draw.io) as our online drawing platform (Read more about that here) for all new Azure Architecture and Concept diagrams. However, now our PowerPoint (PPT) slide decks of over 70 diagrams of Azure Architecture and Concepts have to be converted into the diagrams.net format. Can all of these PPT diagrams/slides be converted, or does each diagram have to be completely re-drawn?

The fast way to move everything from PPT would be to turn each PPT slide into an SVG image to be imported into diagrams.net and then saved to a new online repository, for export as needed. However, an SVG image of a PPT slide is a ‘solid’ image – the individual elements – icons, shapes, texts etc. are not able to be changed. We want fully customizable images that can be used and shared with others via Google Drive sharing features, or exported as a PDF, PNG or SVG to drop into a document or slide presentation.

There IS a conversion process of steps to be able to do this without having to completely redraw every diagram or concept from scratch. Diagrams.net will import Visio .vsdx files and the drawing elements will all be available to change as needed. At this point, its not an instant conversion, but a process of steps. To me, this is still better than starting all over with each diagram. I end up with a framework to add icons and text back into – but sizing & placement is already done!

(more…)

Now Using ‘diagrams.net/draw.io’ for our Azure Architecture and Concept Drawings

Over the past few months we’ve reviewed 5 different online drawing platforms to determine which one would be best for us to begin using. Read more about all that here. Currently, we’ve been using locally installed PowerPoint as an alternative to Visio, to build up our repository of Azure Architecture and Concept diagrams for use with clients and for teaching presentations. Access those PPT drawings here.

We’ve decided to do all our Azure drawings with diagrams.net (formerly draw.io is now being moving to the new .net domain). In fact, over the next week or so, all of our Azure Architecture and Concept drawings will be converted over to the diagrams.net/draw.io platform. Read how that conversion happens, here.All our new Azure Architectural diagrams will be drawn in diagrams.net going forward.

(more…)

CloudSkew: An Online Drawing Platform for Azure Architecture and concepts?

Overview:

CloudSkew is a new free online Cloud architecture drawing platform, that is still in pre-lease status:

The  current and planned Features List outlines what to expect in features. Diagrams are auto-saved in CloudSkew cloud storage.  Its all a good start. This will be the only online platform that focuses just on being a drawing platform for Cloud Architecture and Concepts.

I created a simple Azure concept diagram and discovered a number of ‘still to be added’ needs before I could draw a more complex Azure architecture diagram, such as Tim Warner’s IaaS class diagram. (see 2nd drawing below)

(more…)

Resources for Azure Icon Sets

The first thing I do when starting an Azure architectural or concept drawing is to gather the most current Azure icons I’ll need for the project. This is a list of resources of Azure Icon Sets and Visio stencils to download. If you’re using an online draw program, you can search within these resources for any missing icons/symbols you need.

1. Microsoft Azure Cloud and AI Symbol / Icon Set – SVG:

  • This is a free download from Microsoft which includes icons (SVG format only) icons for almost all Azure services and Microsoft cloud related technologies
  • Microsoft no longer includes Visio stencils (since these are only in the subscription versions of Visio now) in the Azure Icon Set, so the Visio Stencils provided in resources #3-6 below are invaluable now!

2. Ben Coleman’s Azure Icon Collection:

  • Ben Coleman provides a preview thumbnail gallery for all of these icon sets, with options to search, view on various light & dark backgrounds, download as SVG or PNG formats!

(more…)

Review Cacoo as Online Drawing Platform for Azure Architecture Diagraming

Cacoo.com offers another online drawing platform that promotes itself as ready for collaborative use for creating Azure architectural drawings. As in the other online drawing programs that we’ve been reviewing, Tim Warner’s Azure IaaS drawing was used as the vehicle to test the ease of use, the pre-loaded current Azure Icon Set and other features noted here.

Cacoo.com UI with completed drawing:

NOTESource of diagram: https://github.com/timothywarner/azure-class-diagrams

This is Tim Warner’s Visio drawing done in Cacoo online. Replicating a detailed drawing like this helps to discover the platform’s functionality, ease of use, as well as the other review details outlined here.

(more…)

Perform a Customized Install of Office 2019 Programs on Azure VM Desktop

While it is straight forward to install the entire Office 2019 Suite using a downloaded ISO file to a PC desktop, this is how to install only select programs of the Office 2019 Suite.

Office 2019, like Office 2016, is a Click-To-Run installation process, with no customization allowed on a basic install. All of the programs in the Office 2019 Suite are installed – including Publisher, Access, Skype for Business etc. Once the installation is complete, the extra unnecessary programs cannot be uninstalled, since the option is no longer available in the Control Panel using the ‘Change’ option. Change is not active – it reverts to only giving the Repair options now.

Complete Installation of all ProPlusOffice 2019 Suite – 8 programs:

(more…)

Review of ‘Visual Paradigm Online’ for Azure Architectural Diagrams

Visual Paradigm Online is another online drawing platform in our series on reviewing various web apps as alternatives to Visio and PowerPoint, for creating Azure Architectural Diagrams. As in the other online drawing programs that we’ve been reviewing, Tim Warner’s Azure IaaS drawing was used as the vehicle to test the ease of use, the pre-loaded current Azure Icon Set and other features noted here.

VP Online UI with completed drawing:

NOTESource of diagram: https://github.com/timothywarner/azure-class-diagrams

This is Tim Warner’s Visio drawing re-done in VP Online. Replicating a detailed drawing like this helps to discover the platform’s functionality, ease of use, as well as some of  the other review details outlined here.

(more…)

Review LucidChart as Online Drawing Platform for Azure Architecture Diagrams

LucidChart is another online drawing platform in our series on reviewing various web apps as alternatives to Visio and PowerPoint, for creating Azure Architectural Diagrams. As in the other online drawing programs that we’ve been reviewing, Tim Warner’s Azure IaaS drawing was used as the vehicle to test the ease of use, the pre-loaded current Azure Icon Set and other features noted here.

LucidChart UI with completed drawing:

NOTE: Source of diagram: https://github.com/timothywarner/azure-class-diagrams

This is Tim Warner’s Visio drawing done in LucidChart. Replicating a detailed drawing like this helps to discover the platform’s functionality, ease of use, as well as the other review details outlined here.

(more…)

Review ‘draw.io’ as Online Drawing Platform for Azure Architecture Diagrams

Up to this point, we have been using locally installed PowerPoint successfully and efficiently to create all of the Azure concept and architectural diagrams used with clients (Read more about this here). There are a number of online drawing programs available now to create these and other technical drawings. There is no software to install; the diagrams are stored online (Although local copies of documents can also be saved).

Here we’ll review draw.io, the free single user version, as to how well it works to re-create this network diagram by Tim Warner:

draw.io with completed drawing:

NOTE: Source of diagram: https://github.com/timothywarner/azure-class-diagrams

This is Tim Warner’s Visio drawing done in draw.io… Replicating a detailed drawing like this helps to discover the platform’s functionality, ease of use, as well as the other review details outlined here.

(more…)

Online Drawing Platforms for Azure Architecture and Concept Diagrams

We use Cloudockit for generating Azure Subscription Account documentation for our enterprise clients. For Azure architectural drawings we have been using PowerPoint, for a number of reasons.

PowerPoint (PPT) was originally chosen as an easy, effective drawing platform alternative to Visio (Read more about that here) for creating Azure architectural diagrams or concepts for clients or training presentations. Drawing diagrams with PPT is very simple, with a flat learning curve!  Once a library of PPT is created, it is relatively easy to use any diagram as a template to be customized for the next client. Slides can easily be used as a separate drawing, or customized and added into a custom presentation, exported into Word or as a PDF. Collaboration is possible by saving a PPT slide or slide deck to a cloud location. However, there are some cons to using PowerPoint for drawing – a PowerPoint repository of commonly used Azure Icons must be built and maintained. Automatic versioning is not available. Connector styles are limited and its not possible to turn off the ‘snap-to-grid’ function making connecting easier in some cases.

There are a number of online drawing programs that will make drawing Azure architectural and concept diagrams even more efficient – and no software need be installed locally, although some of the programs do offer a desktop version for working off-line.

(more…)

Azure Icons: Enable SVG Thumbnail Preview in File Explorer

While creating Azure architectural and concepts drawings, my first step is to gather the most current Azure Icons that I will be using in the diagram(s).

I prefer using SVG format icons/symbols for drawings, because their image quality is maintained no matter how they’re resized or moved. The problem is, having extracted a downloaded a zip file of the latest Azure icons/symbol set, the SVG format of all the icons cannot be previewed as thumbnails in Windows File Explorer. You can only see the name, as in the screen-shot below – I need to be able to see preview/overview thumbnails of all the SVG files – as I can for .PNG files! A thumbnail viewer will save a lot of time choosing the correct set of SVG icons needed for a drawing!

Go from this view in Windows File Explorer….

To This – Seeing Thumbnails of the Same SVG folder!

(more…)

Security with Azure and NGINX

NGINX Management with NGINX Controller

NGINX Controller is a separate and optional product from NGINX, Inc. that manages the NGINX data plane and the entire lifecycle of NGINX Plus under these configurations:

  • Load Balancer
  • API Gateway
  • Proxy in a service mesh environment

This optional and separate NGINX product is fully functional within Azure and provides an additional or exclusive way to manage NGINX without the use of Azure Security Center, Azure Monitor or the Azure Portal or PowerShell.

(more…)

Monitoring NGINX in Azure

Azure Security Center with NGINX

Azure Security Center (ASC) is a service that comes in a free tier with limited functionality and a fee-based standard tier with a complete set of security capabilities for organizations that need enhanced functionality. The free tier monitors compute, network, storage, and application resources in Azure. It also provides security policy, security assessment, security recommendations, and the ability to connect with other security partner solutions. The standard tier includes all the capabilities of the free tier for on-prem environments (private cloud) as well as other public clouds such as AWS and Google Cloud Platform (GCP). The standard tier also includes many more security features along with the following critical security controls:

  • Built-in and custom alerts
  • Security event collection and advanced search
  • Just-in-time VM access
  • Application white listing

(more…)

NGINX Plus and Microsoft Azure Load Balancers

Microsoft Azure have three options for load balancing:

  • NGINX Plus,
  • the Azure load balancing services, or
  • NGINX Plus in conjunction with the Azure load balancing services.

The following aims to give you enough information to decide which best works for you and shows you how using NGINX Plus with Azure Load Balancer can give you a highly available HTTP load balancer with rich Layer 7 functionality.

(more…)

Installing NGINX via ARM and PowerShell

Azure Resource Manager is the deployment and management service for Azure. It provides a consistent management layer that enables you to create, update, and delete resources in your Azure subscription. You can use its access control, auditing, and tagging features to secure and organize your resources after deployment.

There are no prebuilt ARM templates or PowerShell scripts available from NGINX currently. However, there is nothing preventing the creation of an ARM template and PowerShell script based on your custom deployment requirements for Azure using your custom VM images previously created.

The following provides an example of creating an Ubuntu 16.04 LTS marketplace image from Canonical along with the NGINX web server using the Azure Cloud Shell and the Azure PowerShell module.

(more…)

Installing NGINX via Azure Marketplace

The Azure Marketplace is a software repository for pre-built and configured Azure resources from independent software vendors (ISVs). You will find open source and enterprise applications that have been certified and optimized to run on Azure.

NGINX, Inc. provides the latest release of NGINX Plus in the Azure Marketplace as a virtual machine (VM) image. NGINX OSS is not available from NGINX, Inc. but there are several options available from other ISVs in the Azure Marketplace.

Searching for “NGINX” in the Azure Marketplace will produce several results as shown below:

(more…)

NGINX Plus on Azure

NGINX Open Source Software (OSS) is free while NGINX Plus is a commercial product that offers advanced features and enterprise-level support as licensed software by NGINX, Inc.

NGINX Plus combines the functionality of a high-performance web server, a powerful front-end load balancer and a highly-scalable accelerating cache to create the ideal end-to-end platform for your web applications. NGINX Plus is built on top of NGINX open source.

For organizations currently using NGINX open source, NGINX Plus eliminates the complexity of managing a “do-it-yourself” chain of proxies, load balancers and caching servers in a mission-critical application environment.

(more…)

The OSI Model and Load Balancing

The Open System Interconnection (OSI) model defines a networking framework to implement protocols in seven layers:

  • Layer 7: The application layer
  • Layer 6: The presentation layer
  • Layer 5: The session layer
  • Layer 4: The transport layer
  • Layer 3: The network layer
  • Layer 2: The data-link layer
  • Layer 1: The physical layer

The OSI model doesn’t perform any functions in the networking process. It is a conceptual framework to better understand complex interactions that are happening.

(more…)

Introduction to Azure Load Balancing

Load balancers have evolved considerably since they were introduced in the 1990s as hardware-based servers or appliances. Cloud load balancing, also referred to as Load Balancing as a Service (LBaaS), is an updated alternative to hardware load balancers. Regardless of the implementation of a load balancer, scalability is still the primary goal of load balancing, even though modern load balancers can do so much more.

Optimal load distribution reduces site inaccessibility caused by the failure of a single server while assuring consistent performance for all users. Different routing techniques and algorithms ensure optimal performance in varying load-balancing scenarios.

Modern websites must support concurrent connections from clients requesting text, images, video, or application data, all in a fast and reliable manner, while scaling from hundreds of users to millions of users during peak times. Load balancers are a critical part of this scalability.

  • Problems Load Balancers Solve
  • The Solutions Load Balancers Provide
  • The OSI Model and Load Balancing

Problems Load Balancers Solve

In cloud computing, load balancers solve three issues that fall under:

  • Cloud Bursting
  • Local Load Balancing
  • Global Load Balancing

Cloud bursting is a configuration between a private cloud (i.e. on-prem compute environment) and a public cloud that uses a load balancer to redirect overflow traffic from a private cloud that has reached 100% of resource capacity to a public cloud to avoid decreases in performance or an interruption of service.

(more…)

Windows Azure Website – Create CSR from W10!

It happened – an expired SSL certificate broke https security for the website! The Azure Web Job to automatically renew the quarterly LetsEncrypt SSL Certificate did not work (for a number of reasons, one being that an old subscription and deleted unused service principal’s information were still registered in the Application Settings for LetsEncrypt) and the website was now only avaible via http. Yikes!

(more…)

Load Balancing In Microsoft Azure Series

Overview:

This series of 9 blog posts are suitable for cloud solution architects and software architects looking to integrate NGINX (pronounced en-juhn-eks) with Azure-managed solutions to improve load balancing, performance, security, and high availability for workloads. Software developers and technical managers will also understand how these technologies in the cloud have a direct impact on application development and application architecture for more cloud-native solutions. Load balancing provides scalability and a higher level of availability by distributing incoming network traffic efficiently across a group of backend servers, also known as a server pool or server cluster.

This series of blog posts provides a meaningful description of load-balancing options available natively from Microsoft Azure and the role NGINX can play in a comprehensive solution.

Even though the examples used are specific to Azure, these load balancing concepts and implementations using NGINX apply equally to other large public cloud providers such as Amazon Web Services (AWS), Google Cloud Platform, Digital Ocean, and IBM Cloud along with their respective cloud platform–native load balancers.

(more…)

Speed Up Your Azure hosted WordPress site with Caching Plugin

A year ago, we had unsuccessfully tested a number of caching plugins on this Azure hosted WordPress blog. Because of ongoing frustrations with slow page loading speed, we tried installing WP Super Cache again – this time to a resounding YES! IT WORKS! While more work is still needed, the page load speed has dropped from 5.8 sec to 3.0 sec with the basic plugin install.

The caching plugin creates cached php files of website pages

WP Super Cache Setup – Quick and Easy!

  • Install the plugin > Easy tab > Caching On That’s all that’s needed to get started!
  • Check that the plugin is working > Test Cache The green text means go!

(more…)

SSL Verification Tools for Azure Web Apps

In a recent blog post, we discussed how we discovered that an SSL Certificate that was not accepted by all browsers had been inadvertently installed months ago on a publicly accessible WordPress DEV site hosted on Azure Web Apps. Only while checking on page load performance, was this discovered by an SSL Checker!

These are some of the free online versions of the tools that we use for testing SSL certificates. Its important to use them!!

SSL Labs:

(more…)

Azure Policies Listed in an Excel Worksheet

In my work with Enterprise clients as an Azure Consultant, I’ve created a few tools to help me communicate efficiently and clearly with  team members in various levels of management that need to understand and implement specific Azure concepts.

I’ve already shared one of those helpful tools that I use repeatedly to customize and deliver during conference calls and presentations. Read about and download the ever evolving series of PowerPoint decks of diagrams and icons for your own customizations.

This post is about another helpful tool in my work – a sortable Excel file of all the current and ‘in-preview’ Azure Policies by category that are found in the Azure Portal.

Download Azure Policy Workbook

There is  an Index of Azure Policy Samples online of 56 Policies in 9 different categories. At the time of writing this, there are also 73 ‘in-preview’ policies in various categories on the Azure portal, with 192 Azure pre-built policies in 22 categories! See them here at:

(more…)

Performance Testing Tools for Azure Web Apps

We’ve been working at speeding up page loading and general performance of our Azure hosted WordPress websites.  Of course, because these are Azure hosted IIS websites, we can’t make changes to the underlying IIS structures, but it is good to know of any vulnerabilities. (An EXCELLENT Security Protocol software that we use on all of our Azure IaaS web servers/browsers is IIS Crypto)

These are some of the free online versions of the tools that we use for measuring performance changes.

GTMetrix.com

  • For example – this is the Page Loading Speed ‘BEFORE’ any changes:

(more…)

Adding a Root Domain to Azure CDN endpoint

We have a static website running from an Azure storage account, using Azure CDN to deliver with a custom domain name and HTTPS. (https://www.alvarnet.com) We need the root custom domain (alvarnet.com) to also be resolvable.

It wasn’t clear in online documentation how to add the root domain to an Azure CDN endpoint, or if it was even possible yet – sub-domains only for CDN endpoints seem to be the standard. In fact, CDN Allow Root Domain for Custom Domains is an Azure ‘feature request’ that has been under review for over a year!

Unsuccessful Trial:

  • I created a new CDN endpoint but the CNAME of the root domain name wasn’t recognized
  • Our DNS provider, EasyDNS, allows for CNAME/Alias records of root domains – but mapping the root domain as a Custom hostname to the alvarnet.azureedge.net CDN endpoint still wouldn’t work. The error message when trying to ‘Add a custom domain‘ basically said it didn’t recognize the CNAME mapping between the root domain and the CDN endpoint.

(more…)

Add HTTP Rules to an Azure Content Delivery Network

We are in the process of setting up a static custom domain website with SSL being hosted from an Azure storage account.

After getting HTTPS protocol to work, it is necessary to set up HTTP Rules for the CDN endpoint to be able to serve up the proper landing page of the website, plus force redirecting of all http traffic to https.

Previous steps in Setting up a custom domain website being hosted from an Azure storage account:

In order to be able to configure the Azure CDN’s Rules Engine, the Azure CDN Profile must be the Premium Verizon pricing tier. This is the only one of the 4 Azure CDN products that have the Rule Engine feature:

(more…)

Migrate a Custom Domain & Add SSL to an Azure Content Delivery Network endpoint

We are in the process of setting up a static custom domain website being hosted from an Azure storage account. While an Azure Storage Account can have a custom domain added to it, it doesn’t support the HTTPS protocol. Using an Azure CDN will allow both a custom domain, work with an SSL certificate giving HTTPS security.

Previous steps in Setting up a custom domain website being hosted from an Azure storage account:

These are the steps to migrate the custom domain which has already been added to a Storage Account hosting the website assets, to an Azure CDN endpoint.

(more…)

Azure PowerPoint Diagrams – Icons (#9/9)

From PowerPoint Diagrams of Azure Concepts & Architecture:
While working with multiple Enterprise teams as an Azure Consultant, I repeatedly use, modify and add to a deck of PowerPoint slides that I customize for communicating Azure concepts to team members in various departments. Some of the slides are combinations of elements and/or concepts from all the Diagram Sources below. Links are provided for original diagrams where possible.
Diagram Sources:

  • Azure Architecture Center and Azure Solution Architectures
  • Screen shots of Microsoft Documents diagrams
  • Microsoft event presentation slides and photos
  • Valued technical blog writers
  • Unique customized Azure concepts providing clarity for the Enterprise teams I work with

9. Icons – 5 slides

Download Icons PPT deck

I use, and update this deck of slides to view, copy and paste the Azure icons and symbols into PowerPoint diagrams. While the Microsoft Azure Cloud and Enterprise Symbol set can be downloaded here, I also use this “Amazing Icon Downloader” Chrome Extension to gather svg files of the latest symbols from the Azure Portal.

(more…)

Add a Custom Domain to an Azure Storage Account

We are in the process of setting up a static custom domain website being hosted from an Azure storage account.
Previous step in Setting up a custom domain website being hosted from an Azure storage account:

A custom domain for accessing blob data in an Azure storage account can be mapped to either the blob storage endpoint (<your-storage-account-name>.blob.core.windows.net) or the web endpoint (<your-storage-account-name>.zone.web.core.windows.net) that is generated when the static websites feature of the storage account is activated. We are going to setup a custom domain name for the web endpoint of a storage account. The process is the same for the blob storage contents using the blob storage endpoint.

1. In our DNS provider, we setup a new CName record for a custom domain name (demo.alvarnet.com) that points to the Azure storage account’s web endpoint (drsitebackups.z19.web.core.windows.net):

(more…)

Create an Azure Content Delivery Network Endpoint

We are setting up the hosting of a static website within an Azure Storage Account that will use an Azure CDN to add a custom domain with SSL connectivity to the static website. A CDN endpoint must be created to connect to the Azure Storage Account’s (containing the static website’s assets) primary endpoint URL.

Previous steps in Setting up a custom domain website being hosted from an Azure storage account:

1. To find and save the Storage Account’s Primary web endpoint URL, navigate to the Azure Portal > Storage Account > Settings > Static Website > Primary endpoint

(more…)

Azure PowerPoint Diagrams – Miscellaneous (#8/9)

From PowerPoint Diagrams of Azure Concepts & Architecture:
While working with multiple Enterprise teams as an Azure Consultant, I repeatedly use, modify and add to a deck of PowerPoint slides that I customize for communicating Azure concepts to team members in various departments. Some of the slides are combinations of elements and/or concepts from all the Diagram Sources below. Links are provided for original diagrams where possible.
Diagram Sources:


8. Miscellaneous – 4 slides

Download Miscellaneous PPT deck

(more…)

Create an Azure Content Delivery Network (CDN) Profile

We are in the process of setting up a static custom domain website being hosted from an Azure storage account. While an Azure Storage Account can have a custom domain added to it, it doesn’t support the HTTPS protocol. Using an Azure CDN will allow both a custom domain and work with an SSL certificate providing HTTPS security for website users.

Previous steps in Setting up a custom domain website being hosted from an Azure storage account:

“A content delivery network (CDN) is a distributed network of edge servers that can efficiently deliver web content to users. CDNs store cached content on edge servers in point-of-presence (POP) locations that are close to end users, to minimize latency. A CDN profile, belonging to one Azure subscription, can have multiple CDN endpoints.”

-Microsoft Documents What is a content delivery network on Azure?

We’re using the Azure CDN endpoint we’ll create in the next step, to deliver static website assets stored in an Azure storage account. Because we will need to add HTTP Rules to the endpoint(s) in the CDN profile, we’ve chosen the Verizon Premium pricing tier. The Premium Verizon CDN is the the only one of the 4 Azure CDN products that have the Rule Engine feature:

(more…)

Hosting an SSL Custom Domain Static Website in Azure Storage Account

It is possible to host a small (less than 1 GB) static website with a custom domain name and SSL access, for pennies a month, from Azure Blob Storage and using Azure CDN!

This blog post outlines the first 6 steps for setting up a static website within an Azure GPv2 storage account. SSL and custom domain name are provided via an endpoint to the storage account from Azure CDN. While a custom domain name could be assigned to the new static website at the storage account level,  we need to use Azure Content Delivery Network (CDN) to provide the https functionality/security, so the website’s custom domain will be pointed to the CDN endpoint.

Some of the key attributes of the custom HTTPS feature are:

  • No additional cost: There are no costs for certificate acquisition or renewal and no additional cost for HTTPS traffic. You pay only for GB egress from the CDN.
  • Simple enablement: One-click provisioning is available from the Azure portal. You can also use REST API or other developer tools to enable the feature.
  • Complete certificate management is available: All certificate procurement and management is handled for you. Certificates are automatically provisioned and renewed prior to expiration, which removes the risks of service interruption due to a certificate expiring.

– Microsoft Docs: Tutorial: Configure HTTPS on an Azure CDN custom domain

(more…)

Azure PowerPoint Diagrams – Nginx (#7/9)

From PowerPoint Diagrams of Azure Concepts & Architecture:
While working with multiple Enterprise teams as an Azure Consultant, I repeatedly use, modify and add to a deck of PowerPoint slides that I customize for communicating Azure concepts to team members in various departments. Some of the slides are combinations of elements and/or concepts from all the Diagram Sources below. Links are provided for original diagrams where possible.
Diagram Sources:


7.  Nginx – 7 slides

Download Nginx PPT deck

(more…)

How to Kill and Restore an Azure VM

This is the process we use to kill and restore vms that have customized configurations and installed applications. We will keep snapshot copies of both the OS and Data drives to be able to use again.

A. Kill VM Process

1. Take snapshots of OS and Data Disks

  • Portal > Resource Group > Select OS Disk > Create Snapshot > Save in different Resource Group, Save as Standard HDD
  • This Resource Group and all of its contents will be deleted after snapshots of the disks are taken.

(more…)

Azure PowerPoint Diagrams – Tools (#6/9)

From PowerPoint Diagrams of Azure Concepts & Architecture:
While working with multiple Enterprise teams as an Azure Consultant, I repeatedly use, modify and add to a deck of PowerPoint slides that I customize for communicating Azure concepts to team members in various departments. Some of the slides are combinations of elements and/or concepts from all the Diagram Sources below. Links are provided for original diagrams where possible.
Diagram Sources:


6. Tools – 11 slides

Download Tools PPT deck

(more…)

Fine Tuning an Azure hosted WordPress site

While struggling to get a plugin working on a DEV copy of the blog site, and responding to suggestions from the plugin developer on changes that could be implemented based on the log file error results – we did some fine tuning of the DEV website’s Azure App Service Application Settings. Since the DEV site worked well with the changes (but not the plugin yet – that’s another story to follow!) the changes were done on the PROD website too.

Application General Settings Before the fine tuning:

  • PHP version = 5.6
  • Platform = 64-bit
  • Always On = Off
  • ARR Affinity = Off

Update Process:

(more…)

Azure PowerPoint Diagrams – DevTest Labs (#5/9)

From PowerPoint Diagrams of Azure Concepts & Architecture:
While working with multiple Enterprise teams as an Azure Consultant, I repeatedly use, modify and add to decks of PowerPoint slides that I customize for communicating Azure concepts to team members in various departments. Some of the slides are combinations of elements and/or concepts from all the Diagram Sources below. Links are provided for original diagrams where possible.
Diagram Sources:


5. DevTest Labs – 4 slides

Download DevTest Labs PPT deck

(more…)

Register For Moving Azure Managed Disks and VMs – PowerShell

Being able to move Managed Disks and Images, VMs and Snapshots in Azure across Resource Groups and Subscriptions is a MAJOR organizational improvement and time saver.

To get this new functionality in your Azure subscription, you’ll need to register the feature via PowerShell – be sure to do BOTH registrations – once for the feature, and register again for the Computer RP:

For example, we’ve been able to easily reorganize important but aged snapshots all into one resource group, cleaning up unnecessary Resource Group sprawl and consolidating some vital resources. The snapshots can still be moved across subscriptions and resource groups via PowerShell, but it helps to visually have them  all in the same container.

(more…)

Azure PowerPoint Diagrams – S2S P2S & Express Route (#4/9)

From PowerPoint Diagrams of Azure Concepts & Architecture:
While working with multiple Enterprise teams as an Azure Consultant, I repeatedly use, modify and add to a deck of PowerPoint slides that I customize for communicating Azure concepts to team members in various departments. Some of the slides are combinations of elements and/or concepts from all the Diagram Sources below. Links are provided for original diagrams where possible.
Diagram Sources:


3. Security – 2 slides

Download S2S P2S Express Route PPT deck

(more…)

Azure PowerPoint Diagrams – Security (#3/9)

From PowerPoint Diagrams of Azure Concepts & Architecture:
While working with multiple Enterprise teams as an Azure Consultant, I repeatedly use, modify and add to decks of PowerPoint slides that I customize for communicating Azure concepts to team members in various departments. Some of the slides are combinations of elements and/or concepts from all the Diagram Sources below. Links are provided for original diagrams where possible.
Diagram Sources:


3. Security – 10 slides

Download Security PPT deck

(more…)

Azure PowerPoint Diagrams – Hub and Spoke Networks (#2/9)

From PowerPoint Diagrams of Azure Concepts & Architecture:
While working with multiple Enterprise teams as an Azure Consultant, I repeatedly use, modify and add to decks of PowerPoint slides that I customize for communicating Azure concepts to team members in various departments. Some of the slides are combinations of elements and/or concepts from all the Diagram Sources below. Links are provided for original diagrams where possible.
Diagram Sources:


2. Hub and Spoke Networks – 7 slides

 Download Hub and Spoke Network PPT deck

(more…)

Azure PowerPoint Diagrams – Governance (#1/9)

From PowerPoint Diagrams of Azure Concepts & Architecture:
While working with multiple Enterprise teams as an Azure Consultant, I repeatedly use, modify and add to decks of PowerPoint slides that I customize for communicating Azure concepts to team members in various departments. Some of the slides are combinations of elements and/or concepts from all the Diagram Sources below. Links are provided for original diagrams where possible.
Diagram Sources:


1. Governance – 3 Slides 

 Download Governance PPT deck

I use these 3 slides to give an overview explanation of Azure Account and Subscription Management to new clients:

(more…)

Register an Azure Active Directory Security Principal – ARM Portal

An Azure service principal is a security identity used by applications, services, and automation tools to access designated Azure resources. The service principal is a ‘user identity’ (username and password) with an assigned role/permissions in Azure Active Directory (AAD). The service principal should only need to do specific things, unlike a general user identity. In this example, a new Service Principal will be created in AAD and assigned to an Azure Resource Group. Read here for the steps to register a new Service Principal using PowerShell.

Using the Azure Portal

Adding a service principal in the Azure Portal is very straight forward.

Go to Azure Active Directory > App registrations > Add New application registration > create a Display Name > Save

(more…)

Register an Azure Active Directory Security Principal – PowerShell

An Azure service principal is a security identity used by applications, services, and automation tools to access designated Azure resources. The service principal is a ‘user identity’ (username and password) with an assigned role/permissions in Azure Active Directory (AAD). The service principal should only need to do specific things, unlike a general user identity. In this example, a new Service Principal will be created in AAD and assigned to an Azure Resource Group. Read here for the steps to register a new Service Principal using the Azure ARM Portal

Using PowerShell

1. #Login to Azure Subscription

2. #Declare Variables

(more…)

Install and Configure Azure Let’s Encrypt Extension for Azure WordPress Web App

Check the completion of all 8 preparation steps outlined in Preparations for adding Lets Encrypt SSL Certificate to Azure WordPress Web App

  1. Update App Service Plan
  2. Update Web.config for Certificate Renewal
  3. Delete binding of any currently installed SSL certificates
  4. Assign or create a storage account for the process
  5. Add 2 Application settings to website
  6. Register an Azure Service Principle
  7. Permissions added to Resource Group/Subscription
  8. Gather config info & paste text file for configuring the Lets Encrypt Extension

Now the Azure Let’s Encrypt Extension can be installed & Configured

1. Portal > Web App > Development Tools > Extensions > +Add > Choose Extension > Azure Let’s Encrypt > OK

(more…)

Swap the OS Disk of an Azure VM – PowerShell

Being able to quickly swap out the OS disk of an Azure VM is a feature that means VMs don’t have to be ‘killed’ and rebuilt when there is a problem or a need for major revisioning of the VM. A backup OS managed disk, or a new OS managed disk, or an ‘earlier’ OS managed disk version can be applied in situ to the provisioned VM. We keep a repository of key versions of OS and Data disk snapshots that can be quickly turned into unattached managed disks when needed for fixing a VM.

#1. Login to Azure

(more…)