In this unit, you will implement three virtual networks and subnets to support resources in those virtual networks.

The CoreServicesVnet virtual network is deployed in the US West region. This virtual network will have the largest number of resources. It will have connectivity to on-premises networks through a VPN connection. This network will have web services, databases, and other systems that are key to the operations of the business. Shared services, such as domain controllers and DNS also will be located here. A large amount of growth is anticipated, so a large address space is necessary for this virtual network.

The ManufacturingVnet virtual network is deployed in the North Europe region, near the location of your organization's manufacturing facilities. This virtual network will contain systems for the operations of the manufacturing facilities. The organization is anticipating a large number of internal connected devices for their systems to retrieve data from, such as temperature, and will need an IP address space that it can expand into.

The ResearchVnet virtual network is deployed in the West India region, near the location of the organization's research and development team. The research and development team uses this virtual network. The team has a small, stable set of resources that is not expected to grow. The team needs a small number of IP addresses for a few virtual machines for their work.

You will create the following resources:

These virtual networks and subnets are structured in a way that accommodates existing resources yet allows for projected growth. Let's create these virtual networks and subnets to lay the foundation for our networking infrastructure.

Create the CoreServicesVnet virtual network

1. In Azure Cloud Shell, run the following command to create the CoreServicesVnet virtual network:

   Azure CLICopy

   az network vnet create \
       --resource-group [sandbox resource group name] \
       --name CoreServicesVnet \
       --address-prefix 10.20.0.0/16 \
       --location westus
   

2. Now, let's create the subnets that we need for the planned resources in the virtual network:

   Azure CLICopy

   az network vnet subnet create \
       --resource-group [sandbox resource group name] \
       --vnet-name CoreServicesVnet \
       --name GatewaySubnet \
       --address-prefixes 10.20.0.0/27
   
   az network vnet subnet create \
       --resource-group [sandbox resource group name] \
       --vnet-name CoreServicesVnet \
       --name SharedServicesSubnet \
       --address-prefixes 10.20.10.0/24
   
   az network vnet subnet create \
       --resource-group [sandbox resource group name] \
       --vnet-name CoreServicesVnet \
       --name DatabaseSubnet \
       --address-prefixes 10.20.20.0/24
   
   az network vnet subnet create \
       --resource-group [sandbox resource group name] \
       --vnet-name CoreServicesVnet \
       --name PublicWebServiceSubnet \
       --address-prefixes 10.20.30.0/24
   

3. Let's take a look at what we have created. Run this command to show all the subnets that we configured:

   Azure CLICopy

   az network vnet subnet list \
       --resource-group [sandbox resource group name] \
       --vnet-name CoreServicesVnet \
       --output table
   

   You should see the following subnets listed:

   OutputCopy

   AddressPrefix    Name                    ProvisioningState    ResourceGroup
   ---------------  ----------------------  -------------------  -------------------------------------------
   10.20.0.0/27     GatewaySubnet           Succeeded            [sandbox resource group name]
   10.20.10.0/24    SharedServicesSubnet    Succeeded            [sandbox resource group name]
   10.20.20.0/24    DatabaseSubnet          Succeeded            [sandbox resource group name]
   10.20.30.0/24    PublicWebServiceSubnet  Succeeded            [sandbox resource group name]
   

Create the ManufacturingVnet virtual network

1. In Cloud Shell, run the following command to create the ManufacturingVnet virtual network:

   Azure CLICopy

   az network vnet create \
       --resource-group [sandbox resource group name] \
       --name ManufacturingVnet \
       --address-prefix 10.30.0.0/16 \
       --location northeurope
   

2. Now, let's create the subnets that we need for the planned resources in the virtual network:

   Azure CLICopy

   az network vnet subnet create \
       --resource-group [sandbox resource group name] \
       --vnet-name ManufacturingVnet \
       --name ManufacturingSystemSubnet \
       --address-prefixes 10.30.10.0/24
   
   az network vnet subnet create \
       --resource-group [sandbox resource group name] \
       --vnet-name ManufacturingVnet \
       --name SensorSubnet1 \
       --address-prefixes 10.30.20.0/24
   
   az network vnet subnet create \
       --resource-group [sandbox resource group name] \
       --vnet-name ManufacturingVnet \
       --name SensorSubnet2 \
       --address-prefixes 10.30.21.0/24
   
   az network vnet subnet create \
       --resource-group [sandbox resource group name] \
       --vnet-name ManufacturingVnet \
       --name SensorSubnet3 \
       --address-prefixes 10.30.22.0/24
   

3. Let's take a look at what we have created. Run this command to show all the subnets that we configured:

   Azure CLICopy

   az network vnet subnet list \
       --resource-group [sandbox resource group name] \
       --vnet-name ManufacturingVnet \
       --output table
   

   You should see the following subnets listed:

   Azure CLICopy

   AddressPrefix    Name                       ProvisioningState    ResourceGroup
   ---------------  -------------------------  -------------------  -------------------------------------------
   10.30.10.0/24    ManufacturingSystemSubnet  Succeeded            [sandbox resource group name]
   10.30.20.0/24    SensorSubnet1              Succeeded            [sandbox resource group name]
   10.30.21.0/24    SensorSubnet2              Succeeded            [sandbox resource group name]
   10.30.22.0/24    SensorSubnet3              Succeeded            [sandbox resource group name]
   

Create the ResearchVnet virtual network

1. In Cloud Shell, run the following command to create the ResearchVnet virtual network:

   Azure CLICopy

   az network vnet create \
       --resource-group [sandbox resource group name] \
       --name ResearchVnet \
       --address-prefix 10.40.40.0/24 \
       --location westindia
   

2. Now, let's create the subnets that we need for the planned resources in the virtual network:

   Azure CLICopy

   az network vnet subnet create \
       --resource-group [sandbox resource group name] \
       --vnet-name ResearchVnet \
       --name ResearchSystemSubnet \
       --address-prefixes 10.40.40.0/24
   

3. Let's take a look at the final virtual network. Run this command to show all the subnets that we configured:

   Azure CLICopy

   az network vnet subnet list \
       --resource-group [sandbox resource group name] \
       --vnet-name ResearchVnet \
       --output table
   

   You should see the following subnets listed:

   Azure CLICopy

   AddressPrefix    Name                  ProvisioningState    ResourceGroup
   ---------------  --------------------  -------------------  -------------------------------------------
   10.40.40.0/24    ResearchSystemSubnet  Succeeded            [sandbox resource group name]
   

Now that you have created the virtual networks and subnets, you have the infrastructure on which you can deploy resources.

These networks can be further integrated through virtual network peering and through Azure VPN Gateway to connect to on-premises networks. You can use network security groups to filter traffic and control access within and between virtual networks.

Source: Microsoft Learn