Exploring Azure Networking (VNet)
Like Azure VMs, Azure VNet is another core component of Azure that we should be aware of. A VNet ties all resources, such as VMs, stores, and databases, together securely in a private network. It is used to encapsulate the cloud or on-premises services together within a secure boundary by controlling who can access these services and from which endpoints.
Azure Networking provides the following four main services:
- Secure connectivity within Azure resources using the basic VNet, VNet Peering, and Service Endpoints.
- Networking beyond the Azure Cloud and into the internet and hybrid clouds using Express Routers, Private Endpoints, and Point-to-Site and Site-to-Site VPNs.
- Network filtering or, in other words, Firewall Rules that can be implemented either via the Network or App Security Groups. There are options to implement the same using network appliances, which are ready-made servers available for specialized networking scenarios.
- Network routing abilities that allow you to configure network routes using Route Tables and Border Gateway Protocols.
Now, let's learn how to create a VNet using the Azure CLI.
Creating an Azure VNet using the CLI
Let's look at a simple example of how to create a VNet and assign a VM to it. We will reuse the IACRG resource group that we used in the examples earlier in this chapter:
- First, we need to create a VNET by specifying the necessary IP ranges and subnet prefixes. The following command creates a VNET named
iacvnetunder theIACRGresource group.az network vnet create --address-prefixes 10.20.0.0/16 --name iacvnet --resource-group IACRG --subnet-name iacsubnet --subnet-prefixes 10.20.0.0/24
- Then, we need to create a public IP so that we can access our VM from the internet:
az network public-ip create --resource-group IACRG --name iacpubip --allocation-method dynamic
- Next, we must create a network interface card (NIC), which will be the network interface between the VM and the outside world, with the previously created VNet and public IP:
az network nic create --resource-group IACRG --vnet-name iacvnet --subnet iacsubnet --name iacnic --public-ip-address iacpubip
- We now have all the components required to create a VM within our new VNet,
iacvnet. We can reuse theUbuntuLTSimage that we used in the earlier virtual machine creation example to create a new VM within the new VNet:az vm create --resource-group IACRG --name sampleVMwithinVNET --nics iacnic --image UbuntuLTS --generate-ssh-keys
We hope that has given you a good understanding of how to create networking components such as VNets, public IPs, and more.
You can learn more about Azure networking here: https://azure.microsoft.com/en-in/product-categories/networking/.
Next, we'll look at Azure Compute.
