Este é o repositório que contém os materiais de apoio do Workshop Day

Para realizar as atividades do Hands-on Lab estamos utilizando o Portal do Azure no idioma Inglês a fim de manter o padrão e não haver erros, e se necessário caso tenha alguma dificuldade no entendimento você pode abrir o Google Tradutor e traduzir para melhor entendimento.

1. In a browser, navigate to the Azure Pricing Calculator webpage.

2. Add the inventory data.

   

Important Notes

• Development environment licensing will be purchased by Marketplace
• Include Reserved instances and Azure Hybrid Benefit in the Production Environment
• Include VPN Gateway, Load Balancers, Public IP Address and 500 GB Outbound Data Transfer.

3. Scroll to the bottom of the Azure Pricing Calculator webpage to view total Estimated monthly cost.

4. Change the currency to Brazilian Real (R$), then select Export to download a copy of the estimate for offline viewing in Microsoft Excel (.xlsx) format.

1. Sign in to the Azure portal.

2. Search for and select Resource groups.

3. On the Resource groups blade, click + Create and create a resource group with the following settings:

   Setting	Value
   Subscription	the name of the Azure subscription you will use in this lab
   Resource Group	RG-IAE-VMs
   Region	East US 2
   Tags	project: azureexpert and costcenter: imersao

4. Repeat and create the Resources groups name "RG-IAE-Network" and "RG-IAE-Storage".

5. Click Review + Create and then click Create.

6. Explore properties to Resource groups.

1. In the Azure portal, search for and select Virtual networks, and, on the Virtual networks blade, click + Create.

2. Create a virtual network with the following settings (leave others with their default values):

   Setting	Value
   Subscription	the name of the Azure subscription you will be using in this lab
   Resource Group	the name of a resource group RG-IAE-Network
   Name	VNET-IAE-Hub
   Region	the name of any Azure region available in the subscription you will use in this lab
   IPv4 address space	10.1.0.0/16
   Subnet name	Default
   Subnet address range	10.1.1.0/24

3. Accept the defaults and click Review and Create. Let validation occur, and hit Create again to submit your deployment.

4. Once the deployment completes browse for Virtual Networks in the portal search bar. Within Virtual networks blade, click on the newly created virtual network.

5. On the virtual network blade, click Subnets and then click + Subnet.

6. Create a subnet with the following settings (leave others with their default values):

   Setting	Value
   Name	FrontEnd
   Address range (CIDR block)	10.1.100.0/24
   Network security group	None
   Route table	None

1. In the Azure portal, search for and select Virtual machines and, on the Virtual machines blade, click + Create.

2. On the Basics tab of the Create a virtual machine blade, specify the following settings (leave others with their default values):

   Setting	Value
   Subscription	the name of the Azure subscription you will be using in this lab
   Resource group	the name of a new resource group RG-IAE-VMs
   Virtual machine name	VMWEB01
   Region	select same region the Resouce group
   Availability options	Availability sets
   Availability set	AS-VM
   Image	Windows Server 2019 Datacenter - Gen1
   Azure Spot instance	No
   Size	Standard_B2s
   Username	admaz
   Password	Azur3Exp3rt*
   Public inbound ports	RDP (3389) and HTTP (80)
   Would you like to use an existing Windows Server license?	No

3. Click Next: Disks > and, on the Disks tab of the Create a virtual machine blade, specify the following settings (leave others with their default values):

   Setting	Value
   OS disk type	Standard SSD
   Enable Ultra Disk compatibility	No

4. Click OK and, back on the Networking tab of the Create a virtual machine blade, specify the following settings (leave others with their default values):

   Setting	Value
   Virtual Network	VNET-IAE-HUB
   Subnet	FrontEnd
   Public IP	VMWEB01-PI
   NIC network security group	Basic
   Inbound Ports	RDP (3389) and HTTP (80)
   Place this virtual machine behind an existing load balancing solution?	No

5. Click Next: Management > and, on the Management tab of the Create a virtual machine blade, specify the following settings (leave others with their default values):

   Setting	Value
   Boot diagnostics	Enable with custom storage account
   Diagnostics storage account	create new
   Properties storage account	Name: saiaediag###, Account kind: StorageV2, Performance: Standard, Replication: Locally-redundant-storage (LRS)
   Enable auto-shutdown	off

6. Click Next: Advanced >, on the Advanced tab of the Create a virtual machine blade, review the available settings without modifying any of them, and click Review + Create.

7. On the Review + Create blade, click Create.

8. Connect Virtual machine.

9. On the virtual machine blade, click Disks, Under Data disks click + Create and attach a new disk.

10. Create a managed disk with the following settings (leave others with their default values):

    Setting	Value
    Disk name	VMWEB01-DataDisk01
    Source type	None
    Account type	Standard HD
    Size	20 GiB

11. Connect Virtual machine and start disk.

12. Install the Web-Server feature in the virtual machine by running the following command in the Administrator Windows PowerShell command prompt. You can copy and paste this command.

    Install-WindowsFeature -name Web-Server -IncludeManagementTools

13. Back in the portal, navigate back to the Overview blade of myVM and, use the Click to clipboard button to copy the public IP address, open a new browser tab, paste the public IP address into the URL text box, and press the Enter key to browse to it.

14. Explore properties to Virtual machines.

1. In the Azure portal, search for and select Private DNS zones and, on the Private DNS zones blade, click + Create.

2. Create a private DNS zone with the following settings (leave others with their default values):

   Setting	Value
   Subscription	the name of the Azure subscription you are using in this lab
   Resource Group	RG-IAE-Network
   Name	azureexpert.corp

3. Click Review and Create. Let validation occur, and hit Create again to submit your deployment.

   Note: Wait for the private DNS zone to be created. This should take about 2 minutes.

4. Click Go to resource to open the azureexpert.corp DNS private zone blade.

5. On the azureexpert.corp private DNS zone blade, in the Settings section, click Virtual network links

6. Click + Add to create a virtual network link with the following settings (leave others with their default values):

   Setting	Value
   Link name	VNL-Hub
   Subscription	the name of the Azure subscription you are using in this lab
   Virtual network	VNET-IAE-Hub
   Enable auto registration	enabled

7. Click OK.

   Note: Wait for the virtual network link to be created. This should take less than 1 minute.

8. On the azureexpert.corp private DNS zone blade, in the sidebar, click Overview

9. Verify that the DNS records for VMWEB01 appear in the list of record sets as Auto registered.

   Note: You might need to wait a few minutes and refresh the page if the record sets are not listed.

10. Switch to the RDP session to VMWEB01.

11. In the Terminal console, run the following to test internal name resolution of the VMWEB01 DNS record set in the newly created private DNS zone:

    nslookup VMWEB01.azureexpert.corp

12. Verify that the output of the command includes the private IP address of VMWEB01.

1. In the Azure portal, search for and select Network security groups, and, on the Network security groups blade, click + Create.

2. Create a network security group with the following settings (leave others with their default values):

   Setting	Value
   Subscription	the name of the Azure subscription you are using in this lab
   Resource Group	RG-IAE-Network
   Name	NSG-WEB
   Region	the name of the Azure region where you deployed all other resources in this lab

3. On the deployment blade, click Go to resource to open the NSG-WEB network security group blade.

4. On the NSG-WEB network security group blade, in the Settings section, click Inbound security rules.

5. Add an inbound rule with the following settings (leave others with their default values):

   Setting	Value
   Source	Any
   Source port ranges	*
   Destination	Any
   Destination port ranges	80,443
   Protocol	TCP
   Action	Allow
   Priority	200
   Name	Allow-HTTPs

6. Go to the Azure portal to view your Network security groups. Search for and select Network security groups is created.

   Note: If another Network security groups rule is already attached to the Network interface, it is necessary to remove it.

7. On the NSG-WEB network security group blade, in the Settings section, click Network interfaces and then click + Associate.

8. Associate in the VMWEB01 network security group with the Network interface.

   Note: It may take up to 5 minutes for the rules from the newly created Network Security Group to be applied to the Network Interface Card.

9. In the menu bar of the network security group, under Settings, you can view the Inbound security rules, Outbound security rules, Network interfaces, and Subnets that the network security group is associated to.

10. Under Support + troubleshooting, you can view Effective security rules.

11. Navigate back to your computer.

12. In the Virtual Machine Connection window, start Windows PowerShell and, in the Administrator: Windows PowerShell window run the following to set connection test.

    Test-NetConnection -ComputerName PUBLICIPADDRESS-VMWEB01 -Port 80 -InformationLevel 'Detailed'

13. Examine the output of the command and verify that the connection was successful.

14. Within the computer, start Browser and navigate to PUBLICIPADDPRESS-VM.

15. Examine the navegate was successful.

1. In the Azure portal, search for and select Virtual networks, and, on the Virtual networks blade, click + Createt.

2. Create a virtual network with the following settings (leave others with their default values):

   Setting	Value
   Subscription	the name of the Azure subscription you will be using in this lab
   Resource Group	the name of a resource group RG-IAE-Spoke1
   Name	VNET-IAE-Spoke1
   Region	west us 2
   IPv4 address space	10.10.0.0/16
   Subnet name	Default
   Subnet address range	10.10.1.0/24

3. Accept the defaults and click Review and Create. Let validation occur, and hit Create again to submit your deployment.

4. Once the deployment completes browse for Virtual Networks in the portal search bar. Within Virtual networks blade, click on the newly created virtual network.

5. In the Azure portal, search for and select Virtual machines

6. On the Virtual machines, click Create and create a new Virtual machine, on the VMSPOKE01.

7. In the Azure portal, search for and select Virtual networks.

8. In the list of virtual networks, click VNET-IAE-Spoke1.

9. On the VNET-IAE-Spoke1 virtual network blade, in the Settings section, click Peerings and then click + Add.

10. Specify the following settings (leave others with their default values) and click Add:

    Setting	Value
    This virtual network: Peering link name	To-Hub
    This virtual network: Traffic to remote virtual network	Allow (default)
    This virtual network: Traffic forwarded from remote virtual network	Allow (default)
    Virtual network gateway	None
    Remote virtual network: Peering link name	To-Spoke1
    Virtual network deployment model	Resource manager
    I know my resource ID	unselected
    Subscription	the name of the Azure subscription you are using in this lab
    Virtual network	VNET-IAE-Hub
    Traffic to remote virtual network	Allow (default)
    Traffic forwarded from remote virtual network	None
    Virtual network gateway	None (default)

11. At the top of the Azure portal, enter the name of a VMSPOKE1 that is in the running state, in the search box. When the name of the VM appears in the search results, select it.

12. Under Settings on the left, select Networking, and navigate to the network interface resource by selecting its name. View network interfaces.

13. On the left, select Effective routes. The effective routes for a network interface are shown.

14. In the Azure portal, search for and select Virtual machines on the Virtual Network Hub.

15. On the Virtual machine blade, click Connect, in the drop-down menu, click RDP, on the Connect with RDP blade, click Download RDP File and follow the prompts to start the Remote Desktop session.

16. Within the Remote Desktop session to Virtual machine, right-click the Start button and, in the right-click menu, click Windows PowerShell (Admin).

17. In the Windows PowerShell console window, run the following to test connectivity to VMSPOKE01.

    Test-NetConnection -ComputerName IPADDRESS-VMWEB01 -Port 3389 -InformationLevel 'Detailed'

    Note: The test uses TCP 3389 since this is this port is allowed by default by operating system firewall.

18. Examine the output of the command and verify that the connection was successful.

19. In the Windows PowerShell console window, run the following to test connectivity to VMWEB01

    Test-NetConnection -ComputerName IPADDRESS-VMSPOKE01 -Port 3389 -InformationLevel 'Detailed'

20. Examine the output of the command and verify that the connection was successful.

Implement a Hub-spoke Network topology

Important Notes

• Three Virtual Networks;
• Virtual machines on the Spoke2 network running Ubuntu server;
• VNET Peering connection Hub to Spokes and vice verse;
• OPTIONAL: Azure VPN Gateway on the Hub network;
• Azure Firewall on the Hub network;
• OPTIONAL: Azure Bastion on the Hub network;
• Custom Route tables to address prefix "Address space Spoke 1 and Spoke 2" and next hop type to virtual applicance IP Azure Firewall;
• Network rule Azure Firewall all traffic.

References: Hub-spoke network topology

1. End of day 1.

1. Sign in to the Azure portal.

2. In the Azure portal, search for and select Virtual machines and, on the Virtual machines blade, click + Create.

3. On the Basics tab of the Create a virtual machine blade, specify the following settings (leave others with their default values):

   Setting	Value
   Subscription	the name of the Azure subscription you will be using in this lab
   Resource group	the name of a new resource group RG-IAE-HA
   Virtual machine name	VMWEB01 and VMWEB02
   Region	select one of the regions that support availability zones and where you can provision Azure virtual machines
   Availability options	Availability zone
   Availability zone	1 and 2 or 3
   Image	Windows Server 2019
   Azure Spot instance	No
   Size	Standard B1ms
   Username	admaz
   Password	Azur3Expert!
   Public inbound ports	RDP (3389)
   Would you like to use an existing Windows Server license?	No

4. Click Next: Disks > and, on the Disks tab of the Create a virtual machine blade, specify the following settings (leave others with their default values):

   Setting	Value
   OS disk type	Standard SSD
   Enable Ultra Disk compatibility	No

5. Click OK and, back on the Networking tab of the Create a virtual machine blade, specify the following settings (leave others with their default values):

   Setting	Value
   Virtual Network	the name of a virtual network VNET-IAE-Hub
   Subnet	Default
   Public IP	VMWEB01-PI and VMWEB02 (None)
   NIC network security group	None
   Accelerated networking	Off
   Place this virtual machine behind an existing load balancing solution?	No

6. Click Review + Create.

7. On the Review + Create blade, click Create.

8. Repeat a new Virtual Machine VMWEB02

9. Check two Virtual machines create successful.

10. Connect the Virtual machines.

Note Test open Browser to IP Address the Virtual machines.

1. In the Azure portal, search and select Load balancers and, on the Load balancers blade, click + Create.

2. Create a load balancer with the following settings (leave others with their default values):

   Setting	Value
   Subscription	the name of the Azure subscription you are using in this lab
   Resource group	RG-IAE-HA
   Name	ALBWEB
   Region	name of the Azure region into which you deployed all other resources in this lab
   Type	Public
   SKU	Standard
   Public IP address	Create new
   Public IP address name	ALBWEB-PI
   Availability zone	Zone-redundant
   Add a public IPv6 address	No

   Note: Wait for the Azure load balancer to be provisioned. This should take about 2 minutes.

3. On the deployment blade, click Go to resource.

4. On the ALBIAEWEB load balancer blade, click Backend pools and click + Add.

5. Add a backend pool with the following settings (leave others with their default values):

   Setting	Value
   Name	BP-WEB
   Virtual network	VNET-IAE-Hub
   IP version	IPv4
   Virtual machine	VMWEB01
   Virtual machine IP address	associate IP address
   Virtual machine	VMWEB02
   Virtual machine IP address	associate IP address

6. Wait for the backend pool to be created, click Health probes, and then click + Add.

7. Add a health probe with the following settings (leave others with their default values):

   Setting	Value
   Name	HP-WEB
   Protocol	TCP
   Port	80
   Interval	5
   Unhealthy threshold	2

8. Wait for the health probe to be created, click Load balancing rules, and then click + Add.

9. Add a load balancing rule with the following settings (leave others with their default values):

   Setting	Value
   Name	LBR-WEB
   IP Version	IPv4
   Protocol	TCP
   Port	80
   Backend port	80
   Backend pool	BP-WEB
   Health probe	HP-WEB
   Session persistence	None
   Idle timeout (minutes)	4
   TCP reset	Disabled
   Floating IP (direct server return)	Disabled
   Use outbound rules to provide backend pool members access to the internet.	Enabled

10. Wait for the load balancing rule to be created, click Overview, and note the value of the Public IP address.

11. In the Azure portal, search for and select Network security groups, and, on the Network security groups blade, click + Add.

12. Create a network security group with the following settings (leave others with their default values):

    Setting	Value
    Subscription	the name of the Azure subscription you are using in this lab
    Resource Group	RG-IAE-Network
    Name	NSG-ALB-WEB
    Region	the name of the Azure region where you deployed all other resources in this lab

13. On the deployment blade, click Go to resource to open the NSG-ALB-WEB network security group blade.

14. On the NSG-ALB-WEB network security group blade, in the Settings section, click Inbound security rules.

15. Add an inbound rule with the following settings (leave others with their default values):

    Setting	Value
    Source	Any
    Source port ranges	*
    Destination	Any
    Destination port ranges	80,443
    Protocol	TCP
    Action	Allow
    Priority	100
    Name	Allow-HTTP

16. On the NSG-ALB-WEB network security group blade, in the Settings section, click Network interfaces and then click + Associate.

17. Associate the NSG-ALB-WEB network security group with the Network interfaces VMWEB01 and VMWEB02.

    Note: It may take up to 5 minutes for the rules from the newly created Network Security Group to be applied to the Network Interface Card.

18. Go to the Azure portal to view your Network security groups. Search for and select Network security groups.

19. Select the name of your Network security group.

20. Connect the Virtual machines.

21. Install the Web-Server feature in the virtual machine by running the following command in the Administrator Windows PowerShell command prompt. You can copy and paste this command.

    Install-WindowsFeature -name Web-Server -IncludeManagementTools
    Remove-item  C:\inetpub\wwwroot\iisstart.htm
    Add-Content -Path "C:\inetpub\wwwroot\iisstart.htm" -Value $("Azure Expert - Web Server is running " + $env:computername)

22. Test open Browser to IP Address the Virtual machines.

23. Verify that the browser window displays the message Static page and servername.

24. In Virtual machines, select VMIAEWEB01 or VMIAEWEB02 and click Stop.

25. Open another browser window but this time by using InPrivate mode and verify whether the target vm changes (as indicated by the message).

1. Log in to the Azure portal at https://portal.azure.com.

2. Type Scale set in the search box. In the results, under Marketplace, select Virtual machine scale sets. Select Create on the Virtual machine scale sets page, which will open the Create a virtual machine scale set page.

3. In the Basics tab, under Project details, make sure the correct subscription is selected and then choose to Create new resource group. Type RG-IAE-VMSS for the name and then select OK.

4. Type VMSSIAEWEB as the name for your scale set.

5. In Region, select a region that is close to your area.

6. Leave the default value of Uniform for Orchestration mode.

7. Select a marketplace image Windows Server 2019 Datacenter - Gen1 for Image.

8. Enter your desired username, and password.

9. Select Next to move the the other pages.

10. Leave the defaults for the Instance and Disks pages.

11. On the Networking page, under Load balancing, select Yes to put the scale set instances behind a load balancer.

12. In Load balancing options, select Azure load balancer.

13. In Select a load balancer, create a new Azure Load Balancer ALBIAEVMSSWEB.

14. For Select a backend pool, select Create new, type BP-VMSSWEB, then select Create.

15. On the Scaling page, under Instance, select 2 and Scaling policy, select Manual.

16. On the Management page, under Monitoring, select Enable with custom storage account.

17. When you are done, select Review + create.

18. After it passes validation, select Create to deploy the scale set.

    Note: You might need to wait a few minutes.

19. In Virtual Machine Scale Sets, select Instances and connect on Virtual machines.

20. Back in the portal, navigate back to the Overview blade of Virtual Machine Scale Sets and, use the Click to clipboard button to copy the public IP address.

21. In a Browser, navigate to the Public IP Address the VMSS.

    Note: You didn't notice that you won't connect because you don't have a Web Server.

22. Sign in to the Azure portal and open Azure Cloud Shell.

23. In the Azure portal, open the Azure Cloud Shell by clicking on the icon in the top right of the Azure Portal.

24. If prompted to select either Bash or PowerShell, select PowerShell.

    Note: If this is the first time you are starting Cloud Shell and you are presented with the You have no storage mounted message, select the subscription you are using in this lab, and click Create storage.

25. In Cloud Shell, start the code editor and run the following command code Add-CustomExtension-VMSS.ps1.

26. Add the following text to the script file:

  # Set Script 
$customConfig = @{ 
"fileUris" = (,"https://raw.githubusercontent.com/maiaacademy/azureexpert/master/Mod06-AllFiles/VMSS-Install-IIS_v1.ps1"); 
"commandToExecute" = "powershell -ExecutionPolicy Unrestricted -File VMSS-Install-IIS_v1.ps1" 
} 

  # Set VMSS variables
$rgname = "rg-iae-vmss"
$vmssname = "vmssiaeweb"

  # Get VMSS object 
$vmss = Get-AzVmss -ResourceGroupName $rgname -VMScaleSetName $vmssname

  # Add VMSS extension 
$vmss = Add-AzVmssExtension -Name "CustomScript" -VirtualMachineScaleSet $vmss -Publisher "Microsoft.Compute" -Type "CustomScriptExtension" -TypeHandlerVersion "1.9" -Setting $customConfig

  # Update VMSS 
Update-AzVmss -ResourceGroupName $rgname -Name $vmssname -VirtualMachineScaleSet $vmss

1. Press Ctrl+S to save the file. Then press Ctrl+Q to close the code editor.

2. Run the following command ./Add-CustomExtension-VMSS.ps1.

3. In VMSSIAESWEB, select Extensions and check a new extension.

4. Select Instances in VMSSIAEWEB, click Upgrade for all instances.

   Note: You might need to wait a few minutes.

5. Test the Public IP address in Browser.

   Note: You will need to open port 80 (HTTP) internet access in Network Security Groups in Virtual Machine Scale Sets "VMSSIAEWEB"

6. In the Azure portal, navigate to the Virtual Machine Scale Sets entry, and on the VMSSWEB blade, select Scaling.

7. On the Scaling blade, select the Custom autoscale option.

8. In the Custom autoscale section, specify the following settings (leave others with their default values):

   Setting	Value
   Scaling mode	Scale based on a metric
   Instance limits Minimum	1
   Instance limits Maximum	3
   Instance limits Default	1

9. Select + Add a rule.

10. On the Scale rule blade, specify the following settings and select Add (leave others with their default values):

    Setting	Value
    Time aggregation	Maximum
    Metric namespace	Virtual Machine Host
    Metric name	Network In Total
    VMName Operator	=
    Operator	Greater than
    Metric threshold to trigger scale action	10
    Duration (in minutes)	1
    Time grain statistics	Maximum
    Operation	Increase count by
    Instance count	1
    Cool down (minutes)	5

11. Back on the Scaling blade, select + Add a rule.

12. On the Scale rule blade, specify the following settings and select Add (leave others with their default values):

    Setting	Value
    Time aggregation	Average
    Metric namespace	Virtual Machine Host
    Metric name	Network In Total
    VMName Operator	=
    Operator	Less than
    Metric threshold to trigger scale action	1
    Duration (in minutes)	1
    Time grain statistics	Minimum
    Operation	Decrease count by
    Instance count	1
    Cool down (minutes)	5

13. Back on the Scaling blade, select Save.

14. In the Azure portal, start a new Bash session in the Cloud Shell pane.

15. From the Cloud Shell pane, run the following to trigger autoscaling of the Azure VM Scale Set instances in the backend pool of the Azure Application Gateway (replace the <lb_IP_address> placeholder with the IP address of the front end of the gateway you identified earlier):

    for (( ; ; )); do curl -s <lb_IP_address>?[1-10]; done

16. In the Azure portal, on the VMSSWEB blade, review the CPU (average) chart and verify that the CPU utilization of the Application Gateway increased sufficiently to trigger scaling out.

    Note: You might need to wait a few minutes.

1. In the Azure portal, search for and select Storage accounts and, on the Storage accounts blade, select + Create.

2. On the Basics tab of the Create storage account blade, specify the following settings (leave others with their default values):

   Setting	Value
   Subscription	the name of the Azure subscription you are using in this lab
   Resource group	the name of a new resource group RG-IAE-Storage
   Storage account name	any globally unique name between 3 and 24 in length consisting of letters and digits saiaeblob###
   Location	the name of an Azure region where you can create an Azure Storage account
   Performance	Standard
   Account kind	StorageV2 (general purpose v2)
   Replication	Locally redundant storage (LRS)

3. Select Next: Networking >, on the Networking tab of the Create storage account blade, review the available options, accept the default option Public endpoint (all networks} and select Next: Data protection >.

4. On the Data protection tab of the Create storage account blade, review the available options, accept the defaults, select Next: Advanced >.

5. On the Advanced tab of the Create storage account blade, review the available options, accept the defaults, select Review + Create, wait for the validation process to complete and select Create.

6. On the Storage account blade, in the Blob service section, click Containers.

7. Select Create Blob Container, and use the empty text box to set the container name to azureexpert.

8. Select azureexpert, in the azureexpert pane, select Upload, and in the drop-down list, select Upload Files.

9. In the Upload Files window, select the ellipsis button next to the Selected files label, in the Choose files to upload window, select files select random files your computer, and select Open.

10. Back in the Upload Files window, select Upload

11. Within the Remote Desktop session to Virtual machine, in the Server Manager window, select Local Server, select the On link next to the IE Enhanced Security Configuration label, and, in the IE Enhanced Security Configuration dialog box, select both Off options.

12. Within the Remote Desktop session, start Browser and navigate to the download page of Azure Storage Explorer

13. Within the Remote Desktop session, download and install Azure Storage Explorer with the default settings.

14. Navigate to the Azure portal, and sign-in by providing credentials of the user account with the Owner role in the subscription you are using in this lab.

15. Navigate to the blade of the newly created storage account, select Access keys and review the settings of the target blade.

16. On the storage account blade, select Shared access signature and review the settings of the target blade.

17. On the resulting blade, specify the following settings (leave others with their default values):

    Setting	Value
    Allowed services	Blob
    Allowed resource types	Service, Container and Object
    Allowed permissions	Read, List
    Blob versioning permissions	disabled
    Start	24 hours before the current time in your current time zone
    End	24 hours after the current time in your current time zone
    Allowed protocols	HTTPS only
    Signing key	key1

18. Select Generate SAS and connection string.

19. Copy the value of Blob service SAS URL into Clipboard.

20. Within the Remote Desktop session, start Azure Storage Explorer.

21. In the Azure Storage Explorer window, in the Connect to Azure Storage window, select Use a shared access signature (SAS) URI and select Next.

22. In the Attach with SAS URI window, in the Display name text box, type saIAEblob###, in the URI text box, paste the value you copied into Clipboard, and select Next.

    Note: This should automatically populate the value of Blob endpoint text box.

23. In the Connection Summary window, select Connect.

24. Select Storage account and "Blob containers", Open and download uploaded files

25. Leave the Azure Storage Explorer window open.

1. In the Azure portal, search for and select Storage accounts and, on the Storage accounts blade and create a new Storage account saIAEfiles, in the File service section, click File shares.

2. Click + File share and create a file share with the following settings:

   Setting	Value
   Name	fs-azureexpert
   Quota	1024
   Tiers	hot

3. Click the newly created file share and click Connect.

4. On the Connect blade, ensure that the Windows tab is selected, and click Copy to clipboard.

5. In the Azure portal, search for and select Virtual machines, and, in the list of virtual machines.

6. In the Virtual Machine Connection window, start Windows PowerShell and, in the Administrator: Windows PowerShell window run the following to set map share.

7. Verify that the script completed successfully.

8. Connect share and upload files.s

1. Sign in to the Azure portal.

2. In the Azure portal, search for and select App services, and, on the App Services blade, click + Add.

3. On the Basics tab of the Web App blade, specify the following settings (leave others with their default values):

   Setting	Value
   Subscription	the name of the Azure subscription you are using in this lab
   Resource group	the name of a new resource group RG-IAE-App
   Web app name	any globally unique name
   Publish	Code
   Runtime stack	PHP 7.4
   Operating system	Windows
   Region	the name of an Azure region where you can provision Azure web apps
   App service plan	accept the default configuration

4. Click Next : Monitoring >, on the Monitoring tab of the Web App blade, set the Enable Application Insights switch to No, click Review + create, and then click Create.

   Note: Typically, you would want to enable Application Insights, however, its functionality is not used in this lab.

   Note: Wait until the web app is created before you proceed to the next task. This should take about a minute.

5. On the deployment blade, click Go to resource.

6. On the blade of the newly deployed web app, click the URL link to display the default web page in a new browser tab.

7. Close the new browser tab and, back in the Azure portal, in the Deployment section of the web app blade, click Deployment slots.

   Note: The web app, at this point, has a single deployment slot labeled PRODUCTION.

8. Click + Add slot, and add a new slot with the following settings:

   Setting	Value
   Name	staging
   Clone settings from	Do not clone settings

9. Back on the Deployment slots blade of the web app, click the entry representing the newly created staging slot.

   Note: This will open the blade displaying the properties of the staging slot.

10. Review the staging slot blade and note that its URL differs from the one assigned to the production slot.

11. On the staging deployment slot blade, in the Deployment section, click Deployment Center.

    Note: Make sure you are on the staging slot blade (rather than the production slot).

12. In the Continuous Deployment (CI/CD) section, select Local Git, and then click Save.

13. Copy the resulting Git Clone Url to Notepad.

    Note: You will need the Git Clone Url value in the next task of this lab.

14. Click Local Git/FTPS credentials toolbar icon to display Deployment Credentials pane.

15. Click User scope.

16. Complete the required information, and then click Save Credentials.

    Setting	Value
    User name	any unique name (must not contain @ character)
    Password	any password that satisfies complexity requirements

    Note: The password must be at least eight characters long, with two of the following three elements: letters, numbers, and non-alphanumeric characters.

    Note: You will need these credentials in the next task of this lab.

17. In the Azure portal, open the Azure Cloud Shell by clicking on the icon in the top right of the Azure Portal.

18. If prompted to select either Bash or PowerShell, select PowerShell.

    Note: If this is the first time you are starting Cloud Shell and you are presented with the You have no storage mounted message, select the subscription you are using in this lab, and click Create storage.

19. From the Cloud Shell pane, run the following to clone the remote repository containing the code for the web app.

    git clone https://github.com/Azure-Samples/php-docs-hello-world

20. From the Cloud Shell pane, run the following to set the current location to the newly created clone of the local repository containing the sample web app code.

    Set-Location -Path $HOME/php-docs-hello-world/
    

21. From the Cloud Shell pane, run the following to add the remote git (make sure to replace the [deployment_user_name] and [git_clone_url] placeholders with the value of the Deployment Credentials user name and Git Clone Url, respectively, which you identified in previous task):

    git remote add [deployment_user_name] [git_clone_url]
    

    Note: The value following git remote add does not have to match the Deployment Credentials user name, but has to be unique

22. From the Cloud Shell pane, run the following to push the sample web app code from the local repository to the Azure web app staging deployment slot (make sure to replace the [deployment_user_name] placeholder with the value of the Deployment Credentials user name, which you identified in previous task):

    git push [deployment_user_name] master
    

23. If prompted to authenticate, type the [deployment_user_name] and the corresponding password (which you set in the previous task).

24. Close the Cloud Shell pane.

25. On the staging slot blade, click Overview and then click the URL link to display the default web page in a new browser tab.

26. Verify that the browser page displays the Hello World! message and close the new tab.

In this task, you will swap the staging slot with the production slot

1. Navigate back to the blade displaying the production slot of the web app.

2. In the Deployment section, click Deployment slots and then, click Swap toolbar icon.

3. On the Swap blade, review the default settings and click Swap.

4. Click Overview on the production slot blade of the web app and then click the URL link to display the web site home page in a new browser tab.

5. Verify the default web page has been replaced with the Hello World! page.

1. Sign in to the Azure portal.

2. In the Azure portal, search for locate Container instances and then, on the Container instances blade, click + Add.

3. On the Basics tab of the Create container instance blade, specify the following settings (leave others with their default values):

   Setting	Value
   Subscription	the name of the Azure subscription you are using in this lab
   Resource group	the name of a new resource group RG-IAE-Containers
   Container name	aciiaeweb
   Region	the name of a region where you can provision Azure container instances
   Image Source	Quickstart images
   Image	microsoft/aci-helloworld (Linux)

4. Click Next: Networking > and, on the Networking tab of the Create container instance blade, specify the following settings (leave others with their default values):

   Setting	Value
   DNS name label	any valid, globally unique DNS host name

   Note: Your container will be publicly reachable at dns-name-label.region.azurecontainer.io. If you receive a DNS name label not available error message, specify a different value.

5. Click Next: Advanced >, review the settings on the Advanced tab of the Create container instance blade without making any changes, click Review + Create, and then click Create.

   Note: Wait for the deployment to complete. This should take about 3 minutes.

   Note: While you wait, you may be interested in viewing the code behind the sample application. To view it, browse the \app folder.

6. On the deployment blade, click the Go to resource link.

7. On the Overview blade of the container instance, verify that Status is reported as Running.

8. Copy the value of the container instance FQDN, open a new browser tab, and navigate to the corresponding URL.

9. Verify that the Welcome to Azure Container Instance page is displayed.

10. Close the new browser tab, back in the Azure portal, in the Settings section of the container instance blade, click Containers, and then click Logs.

11. Verify that you see the log entries representing the HTTP GET request generated by displaying the application in the browser.

1. In the Azure portal, search for and select Azure Active Directory.

2. Click + Create a tenant and specify the following setting:

   Setting	Value
   Directory type	Azure Active Directory
   Organization name	Azure Expert
   Initial domain name	any valid DNS name consisting of lower case letters and digits and starting with a letter
   Country/Region	United States

   Note: The green check mark in the Initial domain name text box will indicate that the domain name you typed in is valid and unique.

3. Click Review + create and then click Create.

4. Display the blade of the newly created Azure AD tenant by using the Click here to navigate to your new directory: Contoso Lab link or the Directory + Subscription button (directly to the right of the Cloud Shell button) in the Azure portal toolbar.

Navigate back to the Users - All users blade, and then click + New user.

1. Create a new user with the following settings (leave others with their defaults):

   Setting	Value
   User name	AzureExpert
   Name	Azure Expert
   Let me create the password	enabled
   Initial password	Azur3Exp3rt*
   Usage location	United States
   Job title	Azure Expert
   Department	Cloud

   Note: Copy to clipboard the full User Principal Name (user name plus domain). You will need it later in this task.

2. In the list of users, click the newly created user account to display its blade.

3. Review the options available in the Manage section and note that you can identify the Azure AD roles assigned to the user account as well as the user account's permissions to Azure resources.

4. In the Manage section, click Assigned roles, then click + Add assignment button and assign the User administrator role to user.

   Note: You also have the option of assigning Azure AD roles when provisioning a new user.

5. Open an InPrivate browser window and sign in to the Azure portal using the newly created user account. When prompted to update the password, change the password for the user.

   Note: Rather than typing the user name (including the domain name), you can paste the content of Clipboard.

6. In the InPrivate browser window, in the Azure portal, search for and select Azure Active Directory.

7. In the InPrivate browser window, on the Azure AD blade, scroll down to the Manage section, click User settings, and note that you do not have permissions to modify any configuration options.

8. In the Azure portal, navigate back to the Azure AD tenant blade and click Groups.

9. Use the + New group button to create a new group with the following settings:

   Setting	Value
   Group type	Security
   Group name	GS-AzureExpert
   Group description	Azure Expert Team
   Membership type	Assigned

10. Click No members selected.

11. From the Add members blade, search and select the AzureExpert appears in the list of user members.

1. In the Azure portal, search for and select Azure Active Directory, on the Azure Active Directory blade, click Users, and then click + New user.

2. Create a new user with the following settings (leave others with their defaults):

   Setting	Value
   User name	azure-support
   Name	Azure-Support
   Let me create the password	enabled
   Initial password	Pa55w.rd124

   Note: Copy to clipboard the full User name. You will need it later in this lab.

3. In the Azure portal, navigate back to the Subscritions and display its details.

4. Click Access control (IAM), click + Add followed by Role assignment, and assign the Support Request Contributor (Custom) role to the newly created user account.

5. Open an InPrivate browser window and sign in to the Azure portal using the newly created user account. When prompted to update the password, change the password for the user.

   Note: Rather than typing the user name, you can paste the content of Clipboard.

6. In the InPrivate browser window, in the Azure portal, search and select Resource groups to verify that the user can see all resource groups.

7. In the InPrivate browser window, in the Azure portal, search and select All resources to verify that the user cannot see any resources.

8. In the InPrivate browser window, in the Azure portal, search and select Help + support and then click + New support request.

9. In the InPrivate browser window, on the Basic tab of the Help + support - New support request blade, select the Service and subscription limits (quotas) issue type and note that the subscription you are using in this lab is listed in the Subscription drop-down list.

   Note: The presence of the subscription you are using in this lab in the Subscription drop-down list indicates that the account you are using has the permissions required to create the subscription-specific support request.

   Note: If you do not see the Service and subscription limits (quotas) option, sign out from the Azure portal and sign in back.

10. Do not continue with creating the support request. Instead, sign out as the user from the Azure portal and close the InPrivate browser window.

1. In the Azure portal, search for and select Recovery Services vaults and, on the Recovery Services vaults blade, click + Create.

2. On the Create Recovery Services vault blade, specify the following settings:

   Settings	Value
   Subscription	the name of the Azure subscription you are using in this lab
   Resource group	the name of a new resource group RG-IAE-Backup
   Name	RSV-IAE-Backup
   Region	the name of a region where you deployed the two virtual machines in the previous task

   Note: Make sure that you specify the same region into which you deployed virtual machines.

3. Click Review + Create and then click Create.

   Note: Wait for the deployment to complete. The deployment should take less than 1 minute.

4. When the deployment is completed, click Go to Resource.

5. On the RSV-IAE-Backup Recovery Services vault blade, in the Settings section, click Properties.

6. On the RSV-IAE-Backup - Properties blade, click the Update link under Backup Configuration label.

7. On the Backup Configuration blade, note that you can set the Storage replication type to either Locally-redundant or Geo-redundant. Leave the default setting of Geo-redundant in place and close the blade.

   Note: This setting can be configured only if there are no existing backup items.

8. Back on the RSV-IAE-Backup - Properties blade, click the Update link under Security Settings label.

9. On the Security Settings blade, note that Soft Delete (For Azure Virtual Machines) is Enabled.

10. Close the Security Settings blade and, back on the RSV-IAE-Backup Recovery Services vault blade, click Overview.

11. On the RSV-IAE-Backup Recovery Services vault blade, click + Backup.

12. On the Backup Goal blade, specify the folowing settings:

    Settings	Value
    Where is your workload running?	Azure
    What do you want to backup?	Virtual machine

13. On the Backup Goal blade, click Backup.

14. On the Backup policy, review the DefaultPolicy settings and select Create a new policy.

15. Define a new backup policy with the following settings (leave others with their default values):

    Setting	Value
    Policy name	BP-VMS
    Frequency	Daily
    Time	22:00 PM
    Timezone	the name of your local time zone
    Retain instant recovery snapshot(s) for	2 Days(s)

16. Click OK to create the policy and then, in the Virtual Machines section, select Add.

17. On the Select virtual machines blade, select VMIAEHUB01, click OK, and, back on the Backup blade, click Enable backup.

    Note: Wait for the backup to be enabled. This should take about 2 minutes.

18. Navigate back to the RSV-IAE-Backup Recovery Services vault blade, in the Protected items section, click Backup items, and then click the Azure virtual machines entry.

19. On the Backup Items (Azure Virtual Machine) blade of VMIAEHUB01, review the values of the Backup Pre-Check and Last Backup Status entries, and click the VMIAEHUB01 entry.

20. On the VMIAEHUB01 Backup Item blade, click Backup now, accept the default value in the Retain Backup Till drop-down list, and click OK.

Note: Do not wait for the backup to complete but instead proceed.

1. From the Cloud Shell pane, run the following to register the Microsoft.Insights resource providers.

   Register-AzResourceProvider -ProviderNamespace Microsoft.Insights

2. In the Azure portal, search for and select Log Analytics workspaces and, on the Log Analytics workspaces blade, click + Add.

3. On the Basics tab of the Create Log Analytics workspace blade, the following settings, click Review + Create and then click Create:

   Settings	Value
   Subscription	the name of the Azure subscription you are using in this lab
   Resource group	the name of a new resource group RG-TA-Monitor
   Log Analytics Workspace	any unique name lawIAEmon
   Region	the name of the Azure region into which you deployed the virtual machine in the previous task

   Note: Wait for the deployment to complete. The deployment should take about 1 minute.

4. In the Azure portal, search for and select Virtual machines, and on the Virtual machines blade, click VMIAEHUB01.

5. On the VMIAEHUB01 blade, in the Monitoring section, click Metrics.

6. On the VMIAEHUB01 | Metrics blade, on the default chart, note that the only available Metrics Namespace is Virtual Machine Host.

   Note: This is expected, since no guest-level diagnostic settings have been configured yet. You do have, however, the option of enabling guest memory metrics directly from the Metrics Namespace drop down-list. You will enable it later in this exercise.

7. In the Metric drop-down list, review the list of available metrics.

   Note: The list includes a range of CPU, disk, and network-related metrics that can be collected from the virtual machine host, without having access into guest-level metrics.

8. In the Metric drop-down list, select Percentage CPU, in the Aggregation drop-down list, select Avg, and review the resulting chart.

9. On the VMIAEHUB01 blade, in the Monitoring section, click Diagnostic settings.

10. On the Overview tab of the VMIAEHUB01 | Diagnostic settings blade, click Enable guest-level monitoring.

    Note: Wait for the operation to take effect. This might take about 3 minutes.

11. Switch to the Performance counters tab of the VMIAEHUB01 | Diagnostic settings blade and review the available counters.

    Note: By default, CPU, memory, disk, and network counters are enabled. You can switch to the Custom view for more detailed listing.

12. Switch to the Logs tab of the VMIAEHUB01 | Diagnostic settings blade and review the available event log collection options.

    Note: By default, log collection includes critical, error, and warning entries from the Application Log and System log, as well as Audit failure entries from the Security log. Here as well you can switch to the Custom view for more detailed configuration settings.

13. On the VMIAEHUB01 blade, in the Monitoring section, click Logs and then click Enable.

14. On the VMIAEHUB01 - Logs blade, ensure that the Log Analytics workspace you created earlier in this lab is selected in the Choose a Log Analytics Workspace drop-down list and click Enable.

    Note: Do not wait for the operation to complete but instead proceed to the next step. The operation might take about 5 minutes.

15. On the VMIAEHUB01 | Logs blade, in the Monitoring section, click Metrics.

16. On the VMIAEHUB01 | Metrics blade, on the default chart, note that at this point, the Metrics Namespace drop-down list, in addition to the Virtual Machine Host entry includes also the Guest (classic) entry.

    Note: This is expected, since you enabled guest-level diagnostic settings. You also have the option to Enable new guest memory metrics.

17. In the Metrics Namespace drop-down list, select the Guest (classic) entry.

18. In the Metric drop-down list, review the list of available metrics.

    Note: The list includes additional guest-level metrics not available when relying on the host-level monitoring only.

19. In the Metric drop-down list, select Memory\Available Bytes, in the Aggregation drop-down list, select Max, and review the resulting chart.

20. In the Azure portal, search for and select Monitor and, on the Monitor | Overview blade, click Metrics.

21. On the Select a scope blade, on the Browse tab, navigate to the Virtual machine.

22. In the Metric drop-down list, select Percentage CPU, in the Aggregation drop-down list, select Avg, and review the resulting chart.

In the Azure portal, navigate back to the Monitor blade, click Logs.

>**Note**: You might need to click **Get Started** if this is the first time you access Log Analytics.

1. If necessary, click Select scope, on the Select a scope blade, select the Recent tab, select VMNAME, and click Apply.

2. In the query window, paste the following query, click Run, and review the resulting chart:

   // Virtual Machine available memory
   // Chart the VM's available memory over the last hour.
   InsightsMetrics
   | where TimeGenerated > ago(1h)
   | where Name == "AvailableMB"
   | project TimeGenerated, Name, Val
   | render timechart
   

3. Click Queries in the toolbar, on the Queries pane, locate the Track VM availability tile, click the Run command button in the tile, and review the results.

4. On the New Query 1 tab, select the Tables header, and review the list of tables in the Virtual machines section.

   Note: The names of several tables correspond to the solutions you installed earlier in this lab.

5. Hover the mouse over the VMIAEHUB01 entry and click the Preview data icon.

6. If any data is available, in the Update pane, click See in query editor.

   Note: You might need to wait a few minutes before the update data becomes available.

Kubernetes architecture.

1. Sign in to the Azure portal.

2. In the Azure portal, open the Azure Cloud Shell by clicking on the icon in the top right of the Azure Portal.

3. If prompted to select either Bash or PowerShell, select PowerShell.

   Note: If this is the first time you are starting Cloud Shell and you are presented with the You have no storage mounted message, select the subscription you are using in this lab, and click Create storage.

4. From the Cloud Shell pane, run the following to register the Microsoft.Kubernetes and Microsoft.KubernetesConfiguration resource providers.

   Register-AzResourceProvider -ProviderNamespace Microsoft.Kubernetes
   
   Register-AzResourceProvider -ProviderNamespace Microsoft.KubernetesConfiguration

5. Close the Cloud Shell pane.

1. In the Azure portal, search for locate Kubernetes services and then, on the Kubernetes services blade, click + Add, and then click + Add Kubernetes cluster.

2. On the Basics tab of the Create Kubernetes cluster blade, specify the following settings (leave others with their default values):

   Setting	Value
   Subscription	the name of the Azure subscription you are using in this lab
   Resource group	the name of a new resource group RG-IAE-AKS
   Kubernetes cluster name	aksiaecl
   Region	the name of a region where you can provision a Kubernetes cluster
   Kubernetes version	accept the default
   Node size	accept the default
   Node count	1

3. Click Next: Node Pools > and, on the Node Pools tab of the Create Kubernetes cluster blade, specify the following settings (leave others with their default values):

   Setting	Value
   Virtual nodes	Disabled
   VM scale sets	Enabled

4. Click Next: Authentication > and, on the Authentication tab of the Create Kubernetes cluster blade, specify the following settings (leave others with their default values):

   Setting	Value
   Service principal	accept the default
   Enable RBAC	Yes

5. Click Next: Networking > and, on the Networking tab of the Create Kubernetes cluster blade, specify the following settings (leave others with their default values):

   Setting	Value
   Network configuration	kubenet
   DNS name prefix	any valid, globally unique DNS host name

6. Click Next: Integration >, on the Integration tab of the Create Kubernetes cluster blade, set Container monitoring to Disabled, click Review + create and then click Create.

   Note: In production scenarios, you would want to enable monitoring. Monitoring is disabled in this case since it is not covered in the lab.

   Note: Wait for the deployment to complete. This should take about 10 minutes.

1. On the deployment blade, click the Go to resource link.

2. On the aksiaecl Kubernetes service blade, in the Settings section, click Node pools.

3. On the aksIAEcl - Node pools blade, verify that the cluster consists of a single pool with one node.

4. In the Azure portal, open the Azure Cloud Shell by clicking on the icon in the top right of the Azure Portal.

5. Switch the Azure Cloud Shell to Bash (black background).

6. From the Cloud Shell pane, run the following to retrieve the credentials to access the AKS cluster:

   az aks get-credentials --resource-group rg-iae-aks --name aksiaecl

7. From the Cloud Shell pane, run the following to verify connectivity to the AKS cluster:

   kubectl get nodes

8. In the Cloud Shell pane, review the output and verify that the one node which the cluster consists of at this point is reporting the Ready status.

9. From the Cloud Shell pane, run the following to deploy the nginx image from the Docker Hub:

   kubectl create deployment nginx-deployment --image=nginx

   Note: Make sure to use lower case letters when typing the name of the deployment (nginx-deployment)

10. From the Cloud Shell pane, run the following to verify that a Kubernetes pod has been created:

    kubectl get pods

11. From the Cloud Shell pane, run the following to identify the state of the deployment:

    kubectl get deployment

12. From the Cloud Shell pane, run the following to make the pod available from Internet:

    kubectl expose deployment nginx-deployment --port=80 --type=LoadBalancer

13. From the Cloud Shell pane, run the following to identify whether a public IP address has been provisioned:

    kubectl get service

14. Re-run the command until the value in the EXTERNAL-IP column for the nginx-deployment entry changes from <pending> to a public IP address. Note the public IP address in the EXTERNAL-IP column for nginx-deployment.

15. Open a browser window and navigate to the IP address you obtained in the previous step. Verify that the browser page displays the Welcome to nginx! message.

1. From the Cloud Shell pane, run the following to scale the deployment by increasing of the number of pods to 2:

   kubectl scale --replicas=2 deployment/nginx-deployment

2. From the Cloud Shell pane, run the following to verify the outcome of scaling the deployment:

   kubectl get pods

   Note: Review the output of the command and verify that the number of pods increased to 2.

3. From the Cloud Shell pane, run the following to scale out the cluster by increasing the number of nodes to 2:

   az aks scale --resource-group rg-iae-aks --name aksiaecl --node-count 2

   Note: Wait for the provisioning of the additional node to complete. This might take about 3 minutes. If it fails, rerun the az aks scale command.

4. From the Cloud Shell pane, run the following to verify the outcome of scaling the cluster:

   kubectl get nodes

   Note: Review the output of the command and verify that the number of nodes increased to 2.

5. From the Cloud Shell pane, run the following to scale the deployment:

   kubectl scale --replicas=10 deployment/nginx-deployment
   

6. From the Cloud Shell pane, run the following to verify the outcome of scaling the deployment:

   kubectl get pods
   

   Note: Review the output of the command and verify that the number of pods increased to 10.

7. From the Cloud Shell pane, run the following to review the pods distribution across cluster nodes:

   kubectl get pod -o=custom-columns=NODE:.spec.nodeName,POD:.metadata.name
   

   Note: Review the output of the command and verify that the pods are distributed across both nodes.

8. From the Cloud Shell pane, run the following to delete the deployment:

   kubectl delete deployment nginx-deployment
   

9. Close the Cloud Shell pane.

10. Delete all Azure resources created in support of this Hands-on lab.

11. End of day 2 and Imersao Azure Azure Expert.

12. Continue in the Mentoria Arquiteto Cloud.