Azure平台本身有一個趨勢
從原先
面向服務的管理模式(Azure Service Management),ASM
漸漸要驅使人員轉到
面向資源的管理模式(Azure Resource Management),ARM
https://docs.microsoft.com/zh-tw/azure/virtual-machines/migration-classic-resource-manager-overview
何謂 Resource Manager?
• A deployment and management service for Azure.
• Provides a management layer that enables you to create, update, and delete resources in your Azure account.
• Provides management features, like access control, locks, and tags, to secure and organize your resources after deployment.
• Define the dependencies between resources so that they're deployed in the correct order
什麽是Resource(資源)
ARM模式下所有資源都是松耦合的組件(可配置,可擴展,可組合,獨立生命周期)
ARM模式下可使用基於JSON格式的模板文件
什麽是Resource Group (資源組)
為便於管理,將資源按照生命周期進行邏輯的組合
一個資源只能屬於一個資源組,但可以在資源組之間移動
資源組可以包含不同區域的資源
資源之間的互聯互通和資源組的劃分沒有關系
• An ARM resource can exist only in one resource group.
• A resource group is created in a region and it can have the resources from the other regions.
• Resources can be moved between resource groups.
• All resources with in resource group share the common lifecycle.
• A subscription can have up to 980 resource groups.
• A resource group can have up to 800 resources of same type, however some resource types can exceed the 800 limit
什麽是Subscription(訂閱)
訂閱定義了用戶可使用的Azure資源集合,並在賬單中合並費用
訂閱之間的資源相互不可見, 也無法相互調用
訂閱的規劃一般需考慮有效期、配額、對應帳戶等
一個Azure賬戶可對應多個訂閱,並可在多個訂閱間切換
什麽是RBAC (基於角色的訪問控制)
RBAC可實現用戶對Azure資源訪問及操作權限的精細化管理,以控制用戶職責僅限於對特定範圍內的特定操作
Azure中已內置了多個角色(如所有者、參與者、讀者等),管理員也可以進一步創建自定義的角色
情境:
➢ 允許一個用戶管理某個資源組中的所有資源,但不允許管理另一個資源組中的資源
➢ 允許一個用戶管理訂閱中的虛擬機,但不允許其管理訂閱中的SQL數據庫
➢ 允許一個用戶僅能查看資源不能操作
採用Azure 此類雲端服務優點
• Reduce the effort and costs of IT management
• Reduce the cost of building and extending on-premises resources
• Respond quickly to changes in your business & customer needs
• Choose on-premises or off-premises deployment model that suits you
• Scale your IT resources up and down based on your needs
• Consume computing resources ONLY when the needs arise
• Remove the need to manage hardware
• Use your existing development skills to build cloud applications
本篇以同步發表至個人blog
https://coolmandiary.blogspot.com/2022/09/azure01azure.html