Last updated on February 22, 2024
Azure Virtual Machines Cheat Sheet
- Linux-based and Windows-based virtual machines
Features
- Server environments are called virtual machines.
- A package OS and additional installations in a reusable template are called VM Images.
- Supports various configurations of CPU, memory, storage, and networking capacity for your virtual machines, known as virtual machine series.
- A, Bs, D, and DC-Series for general purpose
- F-Series for compute optimized
- E and M-Series for memory optimized
- Ls-Series for storage optimized
- G-series for memory and storage optimized
- H-series for high-performance computing
- N-series for GPU optimized
- Contain the virtual machines using a resource group.
- Secure login information for your virtual machines using key pairs.
- Persistent storage volumes for your data using Azure Disk.
- Multiple physical locations for deploying your resources, such as virtual machines and Azure disk, known as Regions and Availability Zones.
- You can replicate your data in Availability Zones or Availability Sets
- Azure VMs have one operating system disk and a temporary disk for short-term storage
- Metadata, known as tags, that you can create and assign to your VM resources.
- Virtual networks that you can create are logically isolated from the rest of the Azure environment and can optionally connect to your own network, known as Azure Virtual Network or VNet.
- Add a script that will be run into the virtual machine while it is being provisioned called custom data.
- A firewall allows you to specify the protocols, ports, and source IP ranges that can reach your virtual machines using network security groups.
- You can create an automation runbook that automatically starts/stops virtual machines based on user-defined schedules for cost efficiency.
VM Status
- Start – run your virtual machines. You are continuously billed while your VM is running.
- Restart – some updates do require a reboot. In such cases, the VMs are shut down while Azure patches the infrastructure, and then the VMs are restarted.
- Stop – is just a normal shutdown. If the VM is in a deallocated status, you will continue to be charged for the storage needed for the operating system disk.
- You can also directly delete the virtual machines/resources. Deleting the selected virtual machines is irreversible.
- You can redeploy a VM if you’re having difficulties connecting to your Linux/Windows server. When the redeployment is in progress, the VM will be unavailable because the status of the VM changes to Updating (as the VM prepares to redeploy).
- If the VM is currently running, changing its size will cause it to be restarted and will result in system downtime.
Disks
- Select an OS disk type using Standard HDD, Standard SSD, and Premium SSD
- Every virtual machine has one attached operating system disk
- The OS disk has a maximum capacity of 4,095 GiB.
- Every VM contains a temporary disk that provides short-term storage only for page or swap files.
- Data on the temporary disk may be lost during a maintenance event or when you redeploy a VM
- You can enable ultra disk compatibility for high throughput, high IOPS, and consistent low latency disk storage
- A VM with an enabled Ultra Disk capability will result in a reservation charge even without attaching an Ultra Disk
- An Availability zone supports managed disks.
- You get lower read/write latency to the OS disk with Ephemeral OS disk, and faster reimage of VM. You incur no storage cost with ephemeral OS disks.
Dedicated Host
- Provide physical servers that can host multiple virtual machines.
- Allows you to achieve compliance and regulatory requirements that require you to be the only customer to use the physical server that will host your virtual machines.
- You have control of the scheduled maintenance events of Azure, wherein you can opt-in to maintenance windows.
- Bring your existing Windows licenses with Software Assurance to reduce costs.
- A Host group consists of one or more dedicated hosts.
- When you create a host, it will automatically be mapped to a physical server and is created within a host group. A host can consist of multiple virtual machines.
Azure Virtual Machines Pricing
- Pay as you go – pay for the instances that you use by the second, with no long-term commitments or upfront payments.
- Reserved – make a low, one-time up-front payment for an instance, reserve it for a one-or three-year term.
- Spot – request unused compute capacity, which can lower your costs significantly. Spot pricing gives you up to 90 percent compared to pay as you go prices.
Backup and Recovery
- A snapshot is a full copy of a virtual machine’s OS or data disk. Snapshots are useful for backup, disaster recovery, and troubleshooting.
- To store the backups and recovery points, you need to create a Recovery Services vault.
- With the enabled backup option, your VM will be backed up to Recovery Services vault with default backup policy, or your custom backup policy and will be charged as per backup pricing.
- A backup policy allows you to create a backup schedule with a retention period of daily, weekly, monthly, and yearly backup points.
- Azure Site Recovery allows organizations to meet their business continuity and disaster recovery (BCDR) requirements by having your virtual machines’ data replicated to a secondary region and failover in the event of a downtime.
- You can set up disaster recovery of Azure VMs from a primary region to a secondary region using Azure Site Recovery.
Concepts
- To protect your resources from an entire data center failure, you need to deploy the VMs to a minimum of three Availability Zones to ensure resiliency.
- To protect from hardware failures within a data center, you can deploy the virtual machine to an availability set. Each VM in an availability set is assigned to an update domain and fault domain.
- Update domains (planned maintenance)
- A logical group of virtual machines that can undergo maintenance at the same time.
- By default, it has five non-user-configurable update domains. It can be increased up to 20 update domains.
- Given 30 minutes to recover before maintenance is initiated on a different update domain.
- Fault domains (unplanned maintenance)
- A logical group of virtual machines that share a common power source and network switch.
- By default, VMs within an availability set are separated up to three fault domains.
- Quota is based on the total number of cores used in both allocated and deallocated.
- vCPU quotas tiers:
- Total Regional vCPUs
- VM size family cores
- You can’t deploy a VM if the quotas exceeded the limit for each region.
- vCPU quotas tiers:
- You can move a virtual machine to a new subscription or resource group that is under the same subscription.
- When you move a virtual machine to a new resource group or subscription, the location of the VM will not change.
Scale Sets
- Create and manage a group of load-balanced VMs to provide high availability to your applications.
- Automatically scale your application as demand changes.
- Orchestration modes:
- Uniform Orchestration – Suitable for large-scale stateless workloads with identical VM instances.
- Flexible Orchestration – Recommended for workloads that require high availability at scale with identical or multiple Azure machine types
- Support up to 1,000 VM instances. But if you create and upload your own custom VM images, the limit is 600.
- You can use a custom script extension if you need to download and execute scripts on multiple virtual machines. The extension is used for post-deployment configuration, software installation, or any management tasks.
- Use Azure Monitor to automate the collection of information from the VMs in your scale set.
- No additional cost to scale sets. You only pay for the underlying computing services, such as virtual machines, load balancers, or managed disk storage.
Scenario |
Manual group of VMs |
Virtual Machine Scale Set |
Add additional VM instances |
To create, configure, and ensure compliance with the manual process. |
Create automatically from a central configuration. |
Traffic balancing and distribution |
Manual process in creating and configuring the Load Balancer or Application Gateway. |
Automatically create and integrate the Load Balancer or Application Gateway. |
High availability and redundancy |
Create Availability Set or distribute and track virtual machines across Availability Zones manually. |
Distribute virtual machines across Availability Zones or Availability Sets automatically. |
Scaling of VMs |
Manual monitoring and Azure Automation. |
Autoscale based on metrics, Application Insights, or by schedule. |
Azure Virtual Machines Monitoring
- Azure Resource Health helps you diagnose problems that affect your resources
- Capture serial console output and screenshots of the virtual machine with boot diagnostics
- Enable OS guest diagnostics to get the metrics every minute
- You can configure your virtual machine to automatically shutdown with enable auto-shutdown option
- With Linux Diagnostic Extension, you can collect system performance metrics and log events.
Microsoft Azure Boost
- Improves performance of your guest virtual machines by freeing up the CPU resources by offloading server virtualization processes that are traditionally performed by the hypervisor
- Reinforces the security foundation of your computing capacity using several components such as Cerberus hardware security chip, Rust memory safety, FIPS certification, Security Enhanced OS, and many more.
- Boosts the network performance via the Microsoft Azure Network Adapter (MANA), which is a network interface card (NIC) providing a consistent driver interface and performance.
Hibernation
- A feature in Azure Virtual Machines that enables companies to save on costs by pausing their VMs that are not being utilized.
- Suitable for virtual desktops and VMs running on development or test environments that don’t require to run 24 hours a day, 7 days a week
- Useful for enterprise systems with long boot times due to memory-intensive programs. With Hibernation, these applications can be initialized on VMs and “prewarmed” to be quickly started when required.
Azure Compute Gallery
- Allows you to store and share Azure VM images
- Enable you to share your Azure resources with everyone or to a specific set of users, service principals, or Entra ID groups within your company.
- Provides a capability for your Azure Resources to be replicated to multiple regions for faster deployment.
Network
- You can provision a virtual machine that has a static public IP address.
- Enable accelerated networking for low latency and high throughput on the network interface
- Distribute traffic among virtual machines using Load Balancer
Azure Virtual Machines Security
- By default, access to the VM is restricted to sources in the same virtual network
- You can control ports, inbound and outbound connectivity with security group rules
- With system assigned managed identity, all necessary permissions can be granted via Azure role-based access control
- Encrypt your data at rest with a platform-managed key or customer-managed key
- By default, encryption at-rest uses a platform-managed key
- Encrypt the OS and Data disks with Azure Disk Encryption.
- The temporary disk is not encrypted by server-side encryption unless you enable encryption at the host
Azure Scale Set vs Availability Set:
https://tutorialsdojo.com/azure-scale-set-vs-availability-set/
How to Create a Virtual Machine in Azure
Want to learn more about Azure? Watch the official Microsoft Azure YouTube channel’s video series called Azure Tips and Tricks.
Validate Your Knowledge
Question 1
Question Type: Single choice
You deployed a legacy application in a single Azure virtual machine. Due to its tightly-coupled dependencies, the application cannot be hosted on multiple virtual machines.
At the end of each month, the CPU Utilization of the virtual machine reaches its peak when the application processes the month-end data. To resolve this problem, you need to schedule a monthly runbook to improve the vCPU performance of the virtual machine.
Which of the following should you add to the runbook?
- Add the virtual machine to a scale set.
- Add the Azure Performance Diagnostics VM Extension.
- Set the Desired State Configuration Extension.
- Scale up the virtual machine by changing its VM size property.
For more Azure practice exam questions with detailed explanations, check out the Tutorials Dojo Portal:
Azure Virtual Machines Cheat Sheet Resources:
https://docs.microsoft.com/en-us/learn/paths/azure-fundamentals/
https://docs.microsoft.com/en-us/azure/virtual-machines/windows/overview/
https://azure.microsoft.com/en-us/pricing/details/virtual-machines/series//
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/overview