What is a virtual machine?
A virtual machine (VMs) can be described as a solution that provides a virtual instance of a physical computer that runs on an isolated partition of a host computer, i.e., each virtual machine functions separately from other virtual machines despite running on the same host. These virtual machine servers allow multiple users to access the application resources at once, without affecting each other.
Benefits of Azure Virtual Machines
- Cost savings
- Easy provisioning
- Increased productivity
- Efficient DevOps
- Environment-friendly IT operations
- Full isolation means more security.
- Portability means that VMs can run old applications better.
- Better resource allocation means better ability to run resource-intensive applications.
How to create Azure virtual machines
To create a virtual machine in Azure, you need to:
Sign into the Azure portal at https://portal.azure.com.
Search for virtual machines in the search bar and select Virtual machine under Services.
- Select Create and then Azure virtual machine.
Fill in the required information for the virtual machine, such as name, region, image, size, authentication, disks, networking, management, and tags.
Create a new Resource Group for the Virtual Machine.
A Resource group in Azure is a logical container that holds related Azure resources, such as virtual machines, storage accounts, and networking components. It helps in organizing, managing, and monitoring resources collectively within a project or application.
- Assign a preferred name to the Resource Group and click ok.
- Assign a preferred name to the Virtual machine.
- Select a preferred Region for the Virtual Machine.
An Azure region is a geographic area containing multiple data centers across one or more availability zones that host Microsoft Azure cloud services, enabling efficient and reliable global access to computing resources and data storage.
Microsoft Azure has over 60 regions worldwide.
- Under availability option, you may deploy the Virtual machine in an Availability Zone or leave it on default (No infrastructure redundancy required).
An Azure availability zone is a physically separate data center within an Azure region, providing fault tolerance by ensuring applications remain available and resilient to failures within a region.
- Under images, click the images draw-down box then select the Windows 11 Pro, version 22H2 x64 Gen2
- Create the Administrator Account; with the username and password.
- Configure the inbound Port rules. Click on Allow select port under Public inbound ports.
In Azure, checking "Allow inbound port" under public inbound ports means that incoming network traffic to the specified port on a virtual machine (VM) or resource will be permitted. This setting allows external connections to reach the resource through the specified port, potentially exposing it to the internet. It's crucial to configure this carefully to ensure security by only allowing necessary and safe connections.
- Inbound port must be specified. Select the drop-down on the inbound ports box. Check the RDP(3389) and HTTP(80)
Implications of checking RDP and HTTP while spinning up a Virtual Machine.
Checking the ** RDP (Remote Desktop Protocol) port (3389)** and the ** HTTP port (80)** on the inbound settings of an Azure virtual machine has the following implications:
RDP (Port 3389): Enabling RDP allows remote access to the virtual machine. This is useful for administrators to manage and configure the virtual machine. However, it also presents a security risk if not properly secured. Unauthorized users could attempt to gain access to the virtual machine if security measures are not in place, potentially leading to data breaches or malicious activities.
HTTP (Port 80): Enabling port 80 allows incoming web traffic, commonly used for serving websites or web applications. It's crucial to ensure the hosted application is properly secured against common web vulnerabilities like cross-site scripting (XSS) or SQL injection, as well as data breaches or unauthorized access.
When enabling these ports, implement the following security practices:
Strong Credentials: Use strong or complex passwords.
Network Security Groups (NSGs): Configure NSGs to restrict access to only necessary IP addresses or ranges.
Firewalls: Set up firewalls on the virtual machine itself to allow only authorized IPs.
Regular Updates: Keep the virtual machine's operating system and applications updated with security patches.
HTTPS (for HTTP): If hosting a website, consider using HTTPS (port 443) to encrypt traffic and ensure data privacy.
Monitor Logs: Regularly monitor logs for any unusual activity.
It is very important to always prioritize security when exposing services to the internet, and consider using Azure services like Azure Bastion or VPNs for secure remote access.
- Check the Licensing box.
- Scroll up to the top, then click on "Monitoring" and disable boot diagnostics.
Incorporating monitoring during virtual machine creation establishes a proactive approach to maintenance, security, and performance, contributing to a more reliable and optimized IT environment.
Disabling boot diagnostics, a feature that captures screenshots and logs during a virtual machine's boot process, might be necessary in specific situations:
Security: Boot diagnostics can potentially capture sensitive information during the boot process, posing security risks if not managed properly.
Privacy: Sensitive data could be inadvertently captured in screenshots or logs, violating privacy regulations and policies.
Resource Usage: Enabling boot diagnostics consumes storage space and processing resources, impacting performance and incurring unnecessary costs.
Debugging: In some scenarios, boot diagnostics might not be needed for troubleshooting or debugging, making it redundant.
Customization: Boot diagnostics may interfere with custom boot processes or scripts that need to run without external interference.
Temporary Scenarios: For temporary instances or testing environments, boot diagnostics might not provide significant value.
- To organize your environment, add Tag.
- Click on Review and Create
- After Validation passed, click on Create to deploy the Virtual machine.
- Wait till deployment is completed, after deployment, click on Go to resource.
- Click on the "Connect" function.
In the context of Azure or virtual machines, the "Connect" function usually refers to connecting to a virtual machine (VM) for remote management and administration.
This can be achieved using technologies like Remote Desktop Protocol (RDP) for Windows VMs or SSH (Secure Shell) for Linux VMs.
The purpose of the "Connect" function is to provide users with a way to access and manage their virtual machines remotely.
This is particularly useful when you need to perform tasks on a VM without being physically present at the machine.
By utilizing the "Connect" feature, you can effectively manage and maintain your virtual machines in a convenient and secure manner.
- Download Remote Desktop Protocol (RDP) to connect the virtual machine (VM) for remote management and administration.
- Check your download folder on your computer's local PC
- Click the RDP file, click connect and input the Administrator's Account details then ok
- Finally Launch your Virtual machine.
Thanks for reading my article till end. I hope you learned something special today. If you enjoyed this article, then please share to your friends and if you have suggestions or thoughts to share with me then please write in the comment box.
Top comments (0)