Virtual Machines can be pretty complex little beast. They can have multiple disks, multiple NICs in different subnets, can be exposed on the public internet either directly or through a load balancer, etc. .
In this article, we’ll look at the anatomy of a Virtual Machine (VM): what are the components it relates to.
We look at the Azure Resource Model (ARM) version of Virtual Machine, as opposed to Classic version. In ARM, Virtual Machines have a very granular model. Most components that relate to a VM are often assimilated to the VM itself when we conceptualize them (e.g. NIC).
Internal Resource Model
Here is component diagram. It shows the different components, their relationship and the cardinality of the relationships.
Of course, the Virtual Machine is at the center of this diagram. We look at the other resources in relationship to a Virtual Machine.
A Virtual Machine can optionally be part of an availability set.
Availability Set is a reliability construct. We discuss it here.
A Virtual Machine has at least one disk: the Operating System (OS) disk. It can optionally have more disks, also called data disks, as much as the Virtual Machine SKU allows.
Network Interface Controller (NIC)
NIC is the Networking bridge for the Virtual Machine.
A Virtual Machine has at least one (and typical VMs have only one) but can have more. Network Virtual Appliances (NVAs) are typical cases where multiple NICs are warranted.
We often say that a Virtual Machine is in a subnet / virtual network and we typically represent it that way in a diagram: a VM box within a subnet box. Strictly speaking though, the NIC is part of a subnet. This way a Virtual Machines with multiple NICs could be part of multiple subnets which might be from different Virtual Networks in the same Virtual Network.
UPDATE (26-10-2017): I previously wrote that multiple NICs from different Virtual Network was possible. It isn’t. If a VM has multiple NICs, they can be from different subnets but they must be from the same Virtual Network.
A NIC can be load balanced (in either a private or public load balancer) or can also be exposed directly on a Public IP.
Subnet / Virtual Network
Azure Virtual Network are the Networking isolation construct in Azure.
A Virtual Network can have multiple subnets.
A NIC is part of a subnet and therefore has a private IP address from that subnet. The private IP address can be either static (fixed) or dynamic.
Public Azure Load Balancer
On the diagram we distinguish between Public & Private Load Balancers but they are the same Azure resource per se although used differently.
A Public Load Balancer is associated with a Public IP. It is also associated to multiple NICs to which it forwards traffic.
A public IP is exposed on the public internet. The actual IP address can be either static or dynamic.
A public IP routes traffic to NICs either through a public load balancer or directly to a NIC (when the NIC exposes a public IP directly).
Private Azure Load Balancer
A private load balancer forwards traffic to multiple NICs like a public load balancer.
A private load balancer isn’t associated to a public IP though. It has a private IP address instead and is therefore part of a subnet.
Cast in stone
Another interesting aspect is the dynamic nature of a VM. What can change and what cannot?
For better or worse we can’t change everything about a VM once it’s created. So let’s mention the aspect we can’t change after a VM is created.
The primary NIC of a VM is permanent. We can add, remove or change secondary NICs but the primary must stay there.
Similarly, the primary disk, or OS disk, can’t be changed after creation while secondary disks, or data disks, can be changed.
The availability set of a VM is set at creation time and can’t be changed afterwards.
We did a quick lap around the different resources associated to a Virtual Machine.
It is useful to keep that mental picture when we contemplate different scenarios.