Navigation :

MOV

1. Dockerizing a PHP Web Application

🎯 Goal

Learn how to containerize a PHP web application using Docker, deploy it to Docker Hub, and share it with others for seamless deployment across different environments.

πŸ“‹ Prerequisites

Before beginning this exercise, you should:

  • Have PHP installed on your local machine (version 7.4 or higher)
  • Have Docker Desktop installed and currently running
  • Have a Docker Hub account (free at https://hub.docker.com)
  • Have basic understanding of command line operations
  • Have the PHP application source files ready (either copy from the Appendix at the end of this tutorial or use your own PHP files)

πŸ“š Learning Objectives

By the end of this exercise, you will:

»

1. Develop PHP Contact Form on LEMP Stack

🎯 Goal

Learn to manually install and configure a LEMP stack (Linux, Nginx, MySQL, PHP) on Ubuntu and create a simple PHP contact form application with database storage.

πŸ“‹ Prerequisites

Before beginning this tutorial, you should:

  • Have an Ubuntu 24.04 VM running on Azure
  • Have SSH access to your VM
  • Understand basic Linux command line operations
  • Be familiar with basic HTML and PHP concepts

πŸ“š Learning Objectives

By the end of this tutorial, you will:

»

1. Creating a Virtual Network (vNet)

Overview

The objective of this exercise is to create a Virtual Network (vNet) with a default subnet using the Azure Portal, laying the foundation for a secure network architecture. You will also provision three servers having the roles Web Server, Reverse Proxy and Bastion Host respectively. Finally, firewall rules will be created to secure the network using Azure Network Security Groups (NSG)

NetworkOverview

Step 1: Log in to Azure Portal

  1. Open https://portal.azure.com.
  2. Sign in with your Azure account credentials.

Step 2: Create a Virtual Network

  1. In the Azure Portal, use the search bar at the top to search for “Virtual Networks”.
  2. Select Virtual Networks from the search results or from the left menu
  3. Click the + Create button at the top of the Virtual Networks page.
  4. On the Basics tab, fill in the following information:
    • Subscription: Select your subscription.
    • Resource Group: Choose an existing resource group or create a new one (e.g., DemoRG).
    • Name: Enter DemoVNet.
    • Region: Choose a region close to your location (e.g., North Europe).
  5. Click Review + Create and then click Create to deploy the Virtual Network.

πŸ’‘ Information

»

1. Provisioning a VM via Azure Portal

Overview

This exercise introduces the Azure Portal, guiding you through the creation of a Virtual Machine (VM). You will configure an Ubuntu Linux VM with a username/password for access and verify that the VM is running successfully by logging into the VM from Azure Cloud Shell.

Step 1: Log in to Azure Portal

  1. Open a web browser and navigate to the Azure Portal.
  2. Sign in using your Azure account credentials.

Step 2: Create a Resource Group

  1. In the Azure Portal, search for “Resource groups” in the search bar.
  2. Click “Create” and fill in the following:
    • Subscription: Choose your subscription.
    • Resource Group Name: LabResourceGroup
    • Region: Choose a region (e.g. North Europe).
  3. Click Review + Create and then Create.

πŸ’‘ Information

»

1. Provision a Virtual Machine on Azure and Install an Nginx Web Server

Video

Introduction

This tutorial is designed for individuals with a basic understanding of cloud concepts and who are interested in learning how to set up a virtual machine (VM) on Azure and deploy an Nginx web server. We will go step-by-step through the process, emphasizing best practices and troubleshooting.

Method

  • We will use the Azure web console to manually provision a VM running the Linux distribution Ubuntu as Operating System (OS)
  • We will deploy an Nginx web server by using the Ubuntu package manager running cloud-init.
  • We will use a locally installed terminal to access the server (GitBash on Windows)

Prerequisites

  • An Azure account. If you don’t have one, sign up here.
  • Basic knowledge of cloud computing and familiarity with command-line interfaces (CLI).
  • For Windows users: GitBash or similar terminal (Mac and Linux users can use the pre-installed terminal)

Provision a Virtual Machine

  1. Log into Azure Portal

    »

2. Deploy Docker Containers from Docker Hub to Azure VM

🎯 Goal

Learn how to provision an Azure Virtual Machine with Docker pre-installed, then deploy containers from Docker Hub including both public images (nginx) and your own containerized applications from the previous exercise.

πŸ“‹ Prerequisites

Before beginning this exercise, you should:

  • Have an Azure subscription with credits available
  • Have Azure CLI installed locally (version 2.0 or higher)
  • Have completed the previous Docker exercise (PHP application pushed to Docker Hub with multi-architecture support)
  • Have basic understanding of Linux command line
  • Have SSH client available (built-in on Mac/Linux, use PowerShell on Windows)

⚠️ Note: If you haven’t built your Docker image with multi-architecture support, refer to Step 3 in the previous tutorial for instructions using docker buildx

»

2. Security Hardening for LEMP Stack Applications

🎯 Goal

Learn essential security practices to harden your LEMP stack application, transforming the basic educational setup into a more production-ready deployment with proper security measures.

πŸ“‹ Prerequisites

Before beginning this tutorial, you should:

  • Have completed Tutorial 1: Manual LEMP Stack Installation
  • Have a working LEMP stack with the contact form application
  • Understand basic Linux system administration
  • Be familiar with web application security concepts

πŸ“š Learning Objectives

By the end of this tutorial, you will:

»

2. Creating a Virtual Network with Enhanced Security

Overview

The objective of this exercise is to create a Virtual Network (vNet) with a subnet secured by a Network Security Group (NSG) attached to the subnet itself. You will also provision three servers with specific roles: Web Server, Reverse Proxy, and Bastion Host. Application Security Groups (ASGs) will be configured for the Reverse Proxy and Bastion Host, and all server configurations will be automated using cloud-init.

NetworkOverview

Step 1: Log in to Azure Portal

  1. Open https://portal.azure.com.
  2. Sign in with your Azure account credentials.

Step 2: Create a Virtual Network

  1. In the Azure Portal, use the search bar at the top to search for “Virtual Networks”.
  2. Select Virtual Networks from the search results or from the left menu
  3. Click the + Create button at the top of the Virtual Networks page.
  4. On the Basics tab, fill in the following information:
    • Subscription: Select your subscription.
    • Resource Group: Choose an existing resource group or create a new one (e.g., DemoRG).
    • Name: Enter DemoVNet.
    • Region: Choose a region close to your location (e.g., North Europe).
  5. Click Review + Create and then click Create to deploy the Virtual Network.

Step 3: Create Application Security Groups

  1. In the Azure Portal, search for Application Security Groups.

    »

2. Provisioning a VM with SSH Keys and Exploring Linux

Overview

This exercise introduces secure SSH authentication using Azure Portal’s Generate Key Pair feature. You will also connect to the VM using SSH from your local (your laptop) Terminal. While logged in we will explore the Linux filesystem with basic command-line utilities.

Step 1: Log in to Azure Portal

  1. Open a web browser and navigate to the Azure Portal.
  2. Sign in using your Azure account credentials.

Step 2: Create a Virtual Machine with SSH Key Pair

  1. Navigate to Virtual Machines and click Create > Azure Virtual machine.
  2. Configure the VM:
    • Subscription: Select your subscription.
    • Create a new Resource Group: LabSSHResourceGroup. (You can create a new resource group here if you donΒ΄t have one already)
    • Virtual Machine Name: LabSSHVM.
    • Region: Same as the resource group.
    • Zone options: Select Azure-selected zone
    • Image: Select Ubuntu Server 24.04 LTS.
    • Size: Choose Standard_B1s.
    • Authentication Type: Select SSH Public Key.
    • Username: azureuser.
  3. Under SSH Public Key Source, select Generate new key pair.
  4. Configure inbound ports:
    • Check Allow selected ports and select HTTP (80) and SSH (22).
  5. Note the name for your key pair (e.g., LabSSHKey) and click Download private key and create resource.

πŸ’‘ Information

»

2. Provision a Virtual Machine on Azure using an ARM template

Introduction

This tutorial is designed to give a basic understanding of cloud concepts to those who are interested in learning how to set up a virtual machine (VM) on Azure using an ARM template. We will go through the process step-by-step deploying an Ubuntu 22.04 LTS VM, creating a minimalistic solution that can be used as a foundation for further development.

Method

  • We will use an ARM template to define and provision the Azure resources required for our VM, including network configurations and security settings.
  • The ARM template will be launched using the Azure CLI, having a code-first approach to cloud infrastructure.
  • Access to the deployed VM will be via password (in order to adhere to the minimalistic approach).

Prerequisites

  • An Azure account. If you don’t have one, sign up here.
  • Basic familiarity with JSON and the Azure Command-Line Interface (CLI).
  • For Windows users: GitBash or similar terminal (Mac and Linux users can use the pre-installed terminal)

Provision a Virtual Machine Using ARM Template

Prepare Your ARM Template

»