In this lab you will learn how to transition a source environment to Azure.
Ensure you have completed the previous labs where the following is already configured:
-
Create a new azure internal DNS server which will host the DNS records and also do recursion to the on prem version ( this will be DNS server which you already have up and running)
-
Setup the monitoring solution for Azure DNS as well
Monitor Azure DNS https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-dns
-
Resolve names from the container to check that it's working
-
Now that we have an application up and running in a container on our Container host, the last step is you to finalize the migration. We will do that by simply cutting over the routing and DNS information
-
Update the DNS records by RDPing into the DNS/AD Server, in this case the server is 'dc1.contoso.com' and open DNS. Here we can see that the ibusyspy dns record is a cname pointing to 'aw-webapp.contoso.com'
-
Update the record to point to the Windows Container host, in this case 'host1.contoso.com'
-
Open a browser to verify that you can indeed get to the site.
-
internal DNS server configuration of the containers will be targetting the on prem DNS server
-
setup configuration to hit the azure dns server
Azure DNS delegation https://docs.microsoft.com/en-us/azure/dns/dns-delegate-domain-azure-dns
-
Deploy a new application gateway
-
Setup WAF and deploy a new self signed certificate to have SSL termination and enable OWASP
-
Enable monitoring for the application gateway
External endpoints are used for services hosted outside Azure, either on-premises or with a different hosting provider.
-
Setup a new traffic manager and target the WAF you've just created
-
The balancing method whilst everything is not configured will be having one of the endpoints disabled
-
Enable monitoring for traffic manager as well
-
Open the browser and validate that which you're reaching the new server
Let's verify the changes
- Setup NSG which will block all traffic: DC/DNS, Web server, IaaS SQL server
- Test the website
- Monitor the new resources through the dashboard
During these labs, you've explored deploying Windows Containers onto three services: Virtual Machines, App Service and AKS. You can also deploy to Azure Container Apps, but we did not cover that in these labs. Each of these platforms has a production ready reference implementation that includes a suggested infrastructure setup and guidance for configuring your application. Try deploying one of the reference architectures below with your legacy application.
AKS Windows Baseline Azure App Service Landing Zone Accelerator Azure Container Apps Landing Zone Accelerator
In this hands-on lab, you learned how to:
- Configure internal DNS
- Configure Azure DNS
- Cut over live traffic using Azure services
Copyright 2023 Microsoft Corporation. All rights reserved. Except where otherwise noted, these materials are licensed under the terms of the MIT License. You may use them according to the license as is most appropriate for your project. The terms of this license can be found at https://opensource.org/licenses/MIT.