Virtual machines and containers

Introduction
In the networking and computing world, virtual machines and containers are two
powerful technologies that have revolutionized how software applications are
managed and deployed. Both technologies provide a way to isolate and run multiple
applications on a single physical host. However, they achieve this isolation
differently, each with its benefits. In this reading, you will explore virtual machines
and containers, learn their differences, tools to manage them, and how they can
assist in networking and security testing.
Virtual machines and containers
A virtual machine, or virtual server is as its name suggests, a software system that
works like an individual virtual computer. Using software like hypervisors, you can
split a physical machine into multiple virtual machines that share the physical
server resources like ram, storage, processing power and network. As indicated in
the image below, these virtual machines have their own operating system and work
totally independently from each other. Working in an isolated environment or
sandboxed environment, VMs do not interfere with each other.
In contrast, a container is a lightweight software package that provides an isolated
environment for running applications. As demonstrated in the image below,
containers share the underlying operating system with the host machine, but each
container has its own file system, networking, and application space. They are more
lightweight and portable than VMs, making them popular for deploying and scaling
applications in cloud environments.

In virtualization, the host machine is the physical computer that runs the
virtualization software, also known as the hypervisor. The hypervisor allows the host
machine to create and manage one or more virtual machines or guest machines.
The image below demonstrates the difference between virtual machines and
containers as explained above.
Tools for virtual machines and containers
Several tools are available to create virtual machines, such as VMware Workstation,
VirtualBox, and Hyper-V. VMware Workstation is a popular virtual machine software
that provides a paid virtualization solution for Windows and Linux. VirtualBox, on
the other hand, is an open-source virtualization software that is available for
Windows, macOS, and Linux. Hyper-V is a native virtualization software created by
Microsoft for Windows that enables users to create and run multiple operating
systems on a single host machine.
To create containers, Docker is a popular containerization platform that allows
developers to build, ship, and run applications as containers. Kubernetes is an open-
source software for automating container deployment, scaling, and management.
This process is called container orchestration. Podman is another container engine
that runs on Linux and can manage containers. These tools allow users to create
and manage containers and orchestrate containerized applications in a distributed
environment.
How virtual machines and containers can help in networking and security
testing
Virtual machines and containers are powerful tools for networking professionals to
simulate and experiment with virtual networks, infrastructure, and security tools in
an isolated environment.
By creating virtual machines, you can simulate and experiment with different
network configurations and protocols. Virtual machines can create a virtual network
with multiple subnets, routers, switches, and servers and test the communication
process between different devices. This is useful for testing different network
configurations and protocols and ensuring your network is optimized for
performance and security.
Virtualization can also simulate an entire infrastructure, including servers,
databases, applications, and services. By creating multiple virtual machines and
configuring them to work together, you can create a complete infrastructure that
can be used for testing and development purposes. This is useful for testing new
software releases, security patches, and upgrades in a controlled environment
before deploying them to production.
Virtual machines and containers can also run network security tools in isolation. By
running security tools in a virtual environment, you can isolate them from the host
machine and other applications, reducing the risk of any damage and security risks
exposed to the outside world. This is useful for testing the effectiveness of different
security tools, such as intrusion detection systems (IDS) and web application
firewalls (WAF), against various types of attacks.
Another way virtual machines can be used for security testing is by creating
honeypots. A honeypot is a virtual machine or network intentionally designed to
attract attackers. Creating a virtual machine that looks like a vulnerable system or
service can attract attackers and gather information about their tactics and
techniques. You can also simulate network attacks, such as denial-of-service attacks
or malware infections and test your network's resilience against these threats.
Virtual machines and containers can be used to test how secure your own network
is. To simulate network attacks, you can use tools like Kali Linux, a popular Linux
distribution specifically designed for penetration testing and digital forensics. Kali
Linux comes pre-loaded with a wide range of tools for network scanning,
vulnerability analysis, password cracking, and other attack techniques. By running
Kali Linux on a virtual machine, you can isolate it from the host machine and other
applications, reducing the risk of interference or damage.
Conclusion
In this reading, you learned about the fascinating world of virtual machines and
containers, two essential technologies that can be used in networking. You learned
the main differences between these technologies and how they can be used to
simulate a network infrastructure, test network security vulnerabilities, and increase
the strength of a network.
Exemplar: Virtual network simulation
Introduction
In the Virtual network simulation exercise, you were given a scenario and asked to
construct a virtual network diagram on Figma using provided icons. Review the
steps in this exemplar as it provides a solution to this exercise.
Step 1 and 2
Start by creating a new file in Figma. Unzip the provided folder with the icons and
add the icons to your Figma file.

Step 3
Draw a rectangle by pressing the R key and label it as physical server. You can
press the T key to type text.
Step 4
Take two VM icons and place them inside the rectangle.
Step 5
Take another VM and place it inside the rectangle but a farther away from the first
two.
Step 6
Place two containers close to this third VM icon and connect them with lines to this
VM, because they are hosted inside it. You can press the L key to draw a line on
Figma.
Step 7
Place that firewall icon inside the rectangle. Connect the firewall with the three
VPNs.
Step 8
Place a virtual switch inside this rectangle. Connect the virtual switch to the firewall.
Step 9
Place the internet icon on the canvas and connect it to the physical server that is
represented by the rectangle.
Conclusion
By completing this exercise, you practiced designing a virtual network that
incorporates various components such as switches, routers, firewalls, servers, and
VPN connections. This hands-on experience will help you understand how these
components interact and work together to create a secure and efficient network
infrastructure for a small company with remote workers.

Additional resources: Virtual environments

Congratulations on making it this far and finishing another lesson! In this lesson,
you were introduced to several important concepts related to virtualization, which is
about creating virtual machines and hosting applications on the cloud. And you
learned about different types of virtual machines, their pricing models and also
about Microsoft Azure Virtual Desktop.
You now know that servers can be classified by their resource allocations on Azure;
here is a detailed article on different types of servers and their sizes. From there,
you can check all available types of virtual machines on the Azure platform. And
this Introduction to Azure virtual machines will help you get some good ideas about
creating virtual machines on the Azure platform.
Remember you learned about different types of virtual server series on the Azure
platform? You can find detailed information about those in this article about the
Azure Virtual Machine series.
A new type of VM, burstable VMS, was introduced by Azure Platform. To learn more
about burstable VMS, you can read Introducing B-Series, new burstable VM size.
Users with an active Visual Studio subscription get free credits to use on Azure
Platform. If you’d like, you can find more about this at Dev/test pricing option for
individual Visual Studio subscribers.
What is Azure Virtual Desktop? gives you details on what a virtual desktop on the
Azure Platform is. If you feel a little adventurous you can also find out more about
how Azure Virtual Desktop works. And finally, you can learn more about use cases
and when to use Azure Virtual Desktop.
In this reading, you learned more about Microsoft Azure virtual environments.
Remember that using additional to help deepen your knowledge is a great strategy.

Introducing B-Series, our new burstable VM size

By Corey Sanders, Corporate Vice President, Microsoft Cloud for Industry
Share


 Audience
 Developers
 IT decision makers
more
Today I am excited to announce the preview of the B-Series, a new Azure VM family
that provides the lowest cost of any existing size with flexible CPU usage. For many
workloads that run in Azure, like web servers, small databases, and development
and test environments, the CPU performance is very bursty. These workloads will
run for a long time using a small fraction of the CPU performance possible and then
spike to needing the full power of the CPU due to incoming traffic or required work.
With our current sizes, while running in these low points, you are still paying for the
full CPU, so that you can handle the high and bursty points.
The B-Series offers a cost effective way to deploy these workloads that do not need
the full performance of the CPU continuously and burst in their performance. While
B-Series VMs are running in the low-points and not fully utilizing the baseline
performance of the CPU, your VM instance builds up credits. When the VM has
accumulated enough credit, you can burst your usage, up to 100% of the vCPU for
the period of time when your application requires the higher CPU performance.
These VM sizes allow you to pay and burst as needed, using only a fraction of the
CPU when you don’t need it and burst up to 100% of the CPU when you do need it
(using Intel® Haswell 2.4 GHz E5-2673 v3 processors or better). This level control
gives you extreme cost flexibility and flexible value.
The B-Series comes in the following 6 VM sizes during preview:

Size vCPU's Memory: GiB Local SSD: GiB Baseline CPU Max CPU
Performance Performance
of VM VM

Standard_B1s 1 1 4 10% 100%

Standard_B1ms 1 2 4 20% 100%

Standard_B2s 2 4 8 40% 200%

Standard_B2ms 2 8 16 60% 200%

Standard_B4ms 4 16 32 90% 400%

Standard_B8ms 8 32 64 135% 800%

Get more information on the Burstable VM sizes. To participate in this

preview, request quota in the supported region that you would like. After your quota
has been approved, you can use the portal or the API’s to do your deployment as
you normally would.
Available today in most regions.
See ya around,
Corey