Objective
(ii) Establishing a virtual network environment, as well as a domain-controlled and DNS server
- ?
1 Building a virtual network environment
Create a virtual network on Azure. This example selects the Southeast Asian data Center. This data center is also selected when creating a virtual machine.
VNet Name: [Email protected]
IP address count:???? 128,
IP Range:???????? 10.0.0.0–10.0.0.127
* Sea:south East Asia, Southeast Asian data Center
and create 4 subnets
- CTRL Subnet : 32 Ip,ip Range 10.0.0.0–10.0.0.31 for core servers such as domain control, DNS, and SQL Server. The server that is used for DNS, when created later, needs to specify its static IP address, in this case 10.0.0.8.
- WAP subnets : 32 IP, IP range 10.0.0.32–10.0.0.63, server cluster installation for Windows Azure Pack. Although in this case, because the standalone mode is used, only one server is needed, the formal Windows Azure Pack is made up of a number of different services, and each service needs to consider high availability redundancy, so more machines are needed than one. For details, please refer to the installation of WAP on MSDN
- WAP site Subnet , 32 IP, IP range 10.0.0.64–10.0.0.95, server cluster installation for website service. When high availability is not considered, the Website service has 6 role, each role at least one. The Web Worker role prepares 1 units per mode, which requires another 3.
- Reserved subnet, 32 IP. Not used temporarily.
After the virtual network is built, add the custom DNS server address, 10.0.0.8. The installation and configuration of this DNS server is specified later in this article.
About Domain name resolution: Azure defaults to using its own name resolution service. The default name resolution in Azure works well if you are only need name resolution between virtual machines within the same Cloud Service |
?
Azure-provided Name resolution Along with resolution of public DNS names, Azure provides internal name resolution for VMs and role instances that reside Within the same virtual network or cloud service. Vms/instances in a cloud service share the same DNS suffix (so the hostname alone are sufficient) but in classic virtual NE Tworks different cloud services has different DNS suffixes so the FQDN are needed to resolve names between different cloud Services. In arm-based virtual networks, the DNS suffix are consistent across the virtual network (so the FQDN is not needed) and DNS Names can assigned to both NICs and VMs. Although azure-provided name resolution does not require any configuration, it isn't the appropriate choice for all Deplo Yment scenarios, as seen on the table above Reference from: https://azure.microsoft.com/en-us/documentation/articles/ virtual-networks-name-resolution-for-vms-and-role-instances/#azure-provided-name-resolution |
?
2 Setting up domain, ad, and DNS servers
Prepare a virtual machine to act as a domain-controlled server, and also as a DNS server with the following configuration
A2:2 Core 4GB Memory
Use the following PowerShell script
#install Domaincontrol and DNS ? $imgName="A699494373c04fc0bc8f2bb1389d6106__windows-server-2012-r2-20160126-en.us-127gb.vhd" $vnetName="[email protected]"# @SouthEast Asia $wapLabSubNet="Ctrl"#{ctrl, Wapsubnet, Sitesubnet, reservedsubnet} ? $cloudServiceName = "Waplabcloudservice2016feb" $affinityGroupName = "Southeastasiagroup" $admin="Vmadmin" $pwd = "[Your password]" ? $sizeLarge = "Large" #Allowed values are ' extrasmall,small,medium,large,extralarge,a5,a6,a7,a8,a9 $sizeMedium = "Medium" $sizeSmall = "Small" ? $vmDCName = "WAPLABDC" ? ? $AFFGROUPOBJ = Get-azureaffinitygroup -name $affinityGroupName -erroraction Ignore ? if (! $affGroupObj) { New-azureaffinitygroup -name $affinityGroupName -location $location } ? # DC $vmDC = New-azurevmconfig -name $vmDCName -instancesize $sizeMedium -imagename $imgName $vmDC | Add-azureprovisioningconfig –§cwindows -adminusername $admin -password $pwd $vmDC | set-azuresubnet -subnetnames $wapLabSubNet $vmDC | Set-azurestaticvnetip -ipaddress "10.0.0.8" # specify static IP"10.0.0.8" $vmDC | NEW-AZUREVM -servicename $cloudServiceName -affinitygroup $affinityGroupName -vnetname $vnetName ? |
Since the server also acts as a DNS server, it requires a fixed IP (intranet IP), so when provision (supply), you need to specify its static IP. If the supply is not specified, it can also be updated by the UPDATE-AZUREVM command.
Although a static IP is specified, the IP is dynamically assigned from the network configuration of the virtual machine (Nic-Properties->ip v4), and the DNS server is not specified. This means that both the IP and DNS servers are set up in Azure's virtual network.
If the DNS server in the previously mentioned virtual network is configured after virtual machine creation, the virtual machine needs to be restarted to apply the DNS service.
For information on how to get the name of the image, please refer to my other essay Find the image you want in the VM Image Library on Azure |
?
3 Configuring Domain control and DNS services
?
Now the server role, the ad Domain service and the DNS service
?
(This picture is wrong, re-)
Set the root domain to???? Waplab.com
NetBios:???? Waplab
Domain control of the specific installation process, you can refer to article http://social.technet.microsoft.com/wiki/contents/articles/12370. Windows-server-2012-set-up-your-first-domain-controller-step-by-step.aspx
?
When the installation is complete, open the console for DNS
You can see the forward parsing of the default existing Waplab.
Try to Ping
Point to Domain control current server
?
4 adding domain accounts and organizational units (OUs)
After the domain control installation is complete, the currently used Vmadmin has become a domain account, that is, waplab\vmadmin. For ease of management, you can add another domain administrator account, such as Waplab\domainadmin.
To facilitate the use of organizational policies later, you can add an organizational unit (OU) and put the domain's virtual machine into this OU when you create a virtual machine later
Create Ou:azurevms
All subsequent servers need to be joined to the domain. Can I use add-azureprovisioningconfig at the time of creation ? command to specify information about the domain to be added. See later chapters.
5 Configuring DNS Resolution
Create a DNS server and add the following domain name resolution (a record)
Host Name ? |
record type |
IP Address for ? |
* ? |
c Name |
front End Server (s) ? |
*.SCM ? |
c Name |
front End Server (s) ? |
FTP ? |
c Name |
publishing Server (s) ? |
publish? |
C Name |
Publishing Server (s)? |
Deploy private cloud on public Cloud Azure Azurepack and website Cloud (ii)