Azure Virtual Machines: Complete Implementation Guide

Azure Virtual Machines (VMs) provide scalable computing resources on-demand. This guide covers everything you need to know about implementing and managing Azure VMs effectively.

VM Types and Sizing

Available VM Series

• General Purpose (B, D): Balanced CPU-to-memory ratio
• Compute Optimized (F): High CPU-to-memory ratio
• Memory Optimized (E, M): High memory-to-CPU ratio
• GPU (N): Specialized for graphics and visualization
• High Performance Compute (H): Fastest CPU with high-throughput network interfaces

Sizing Best Practices

# List available VM sizes in a region
az vm list-sizes --location eastus

# Get VM size details
az vm list-sizes --location eastus --query "[?contains(name, 'Standard_D2s_v3')]"

Creating and Managing VMs

Basic VM Creation

# Create a resource group
az group create --name myResourceGroup --location eastus

# Create a VM
az vm create \
    --resource-group myResourceGroup \
    --name myVM \
    --image Ubuntu2204 \
    --admin-username azureuser \
    --generate-ssh-keys \
    --size Standard_D2s_v3

Advanced Configuration

{
  "vmSize": "Standard_D2s_v3",
  "storageProfile": {
    "osDisk": {
      "createOption": "FromImage",
      "managedDisk": {
        "storageAccountType": "Premium_LRS"
      }
    },
    "dataDisks": [
      {
        "diskSizeGB": 100,
        "lun": 0,
        "createOption": "Empty"
      }
    ]
  },
  "networkProfile": {
    "networkInterfaces": [
      {
        "id": "[resourceId('Microsoft.Network/networkInterfaces', 'myNIC')]"
      }
    ]
  }
}

Networking Configuration

Virtual Network Setup

# Create a virtual network
az network vnet create \
    --resource-group myResourceGroup \
    --name myVNet \
    --address-prefix 10.0.0.0/16 \
    --subnet-name mySubnet \
    --subnet-prefix 10.0.0.0/24

# Create a network security group
az network nsg create \
    --resource-group myResourceGroup \
    --name myNSG

# Add security rules
az network nsg rule create \
    --resource-group myResourceGroup \
    --nsg-name myNSG \
    --name allow-ssh \
    --protocol tcp \
    --priority 1000 \
    --destination-port-range 22 \
    --access allow

Storage Options

Managed Disks

# Add a data disk
az vm disk attach \
    --resource-group myResourceGroup \
    --vm-name myVM \
    --name myDataDisk \
    --size-gb 100 \
    --sku Premium_LRS \
    --new

Storage Configuration

{
  "diskConfigurations": {
    "osDisk": {
      "caching": "ReadWrite",
      "managedDisk": {
        "storageAccountType": "Premium_LRS"
      }
    },
    "dataDisks": [
      {
        "caching": "None",
        "managedDisk": {
          "storageAccountType": "Premium_LRS"
        },
        "writeAcceleratorEnabled": false
      }
    ]
  }
}

High Availability and Scaling

Availability Sets

# Create an availability set
az vm availability-set create \
    --resource-group myResourceGroup \
    --name myAvailabilitySet \
    --platform-fault-domain-count 2 \
    --platform-update-domain-count 5

Scale Sets

# Create a scale set
az vmss create \
    --resource-group myResourceGroup \
    --name myScaleSet \
    --image Ubuntu2204 \
    --upgrade-policy-mode automatic \
    --admin-username azureuser \
    --generate-ssh-keys \
    --instance-count 3

Monitoring and Diagnostics

Azure Monitor Integration

# Enable boot diagnostics
az vm boot-diagnostics enable \
    --name myVM \
    --resource-group myResourceGroup

# Configure metrics collection
az monitor metrics alert create \
    --name cpu-alert \
    --resource-group myResourceGroup \
    --scopes /subscriptions/mySubscriptionId/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM \
    --condition "avg Percentage CPU > 80" \
    --window-size 5m \
    --evaluation-frequency 1m

Security Best Practices

1. Network Security

   • Use Network Security Groups
   • Implement Just-in-Time VM Access
   • Enable Azure Firewall

2. Access Control

   • Use Managed Identities
   • Implement RBAC
   • Regular key rotation

3. Data Protection

   • Enable disk encryption
   • Use Azure Backup
   • Implement disaster recovery

Cost Optimization

Resource Optimization

# Convert to spot instance
az vm update \
    --resource-group myResourceGroup \
    --name myVM \
    --priority Spot \
    --max-price -1

# Enable auto-shutdown
az vm auto-shutdown \
    --resource-group myResourceGroup \
    --name myVM \
    --time 1730

Cost Management

{
  "budgets": {
    "amount": 1000,
    "timeGrain": "Monthly",
    "filters": {
      "resources": [
        "/subscriptions/{subscription-id}/resourceGroups/myResourceGroup"
      ]
    },
    "notifications": {
      "actual_gt_90": {
        "enabled": true,
        "threshold": 90,
        "operator": "GreaterThan"
      }
    }
  }
}

Maintenance and Updates

Update Management

# Enable update management
az vm update-management enable \
    --resource-group myResourceGroup \
    --name myVM \
    --location eastus

# Schedule updates
az vm update-management deployment create \
    --resource-group myResourceGroup \
    --name myUpdateDeployment \
    --duration PT2H \
    --schedule-time "2024-03-15 03:00" \
    --reboot-setting IfRequired

Backup and Disaster Recovery

Azure Backup Configuration

# Create a Recovery Services vault
az backup vault create \
    --resource-group myResourceGroup \
    --name myVault \
    --location eastus

# Enable backup
az backup protection enable-for-vm \
    --resource-group myResourceGroup \
    --vault-name myVault \
    --vm myVM \
    --policy-name DefaultPolicy

Conclusion

Azure Virtual Machines provide a flexible and powerful infrastructure solution. By following this guide's best practices for implementation, security, and management, you can build robust and efficient VM-based solutions in Azure.