Azure 開發人員開始使用指南Get started guide for Azure developers

何謂 Azure?What is Azure?

Azure 是一個完整雲端平台,可裝載現有應用程式、簡化新應用程式的開發,甚至加強內部部署應用程式。Azure is a complete cloud platform that can host your existing applications, streamline the development of new applications, and even enhance on-premises applications. Azure 會整合您需要開發、測試、部署和管理應用程式的雲端服務,同時利用雲端運算效率。Azure integrates the cloud services that you need to develop, test, deploy, and manage your applications—while taking advantage of the efficiencies of cloud computing.

在 Azure 中裝載應用程式,即可從小規模著手,並隨著客戶需求的成長,輕鬆地調整應用程式。By hosting your applications in Azure, you can start small and easily scale your application as your customer demand grows. Azure 也會提供高可用性應用程式所需的可靠性,甚至包括不同地區之間的容錯移轉。Azure also offers the reliability that’s needed for high-availability applications, even including failover between different regions. Azure 入口網站可讓您輕鬆地管理您的所有 Azure 服務。The Azure portal lets you easily manage all your Azure services. 您也可以使用服務特定 API 和範本,以程式設計方式管理服務。You can also manage your services programmatically by using service-specific APIs and templates.

閱讀對象:本指南是適用於應用程式開發人員的 Azure 平台簡介。Who should read this: This guide is an introduction to the Azure platform for application developers. 它會提供下列作業所需的指引和指示:開始在 Azure 中建置新應用程式,或將現有應用程式移轉至 Azure。It provides guidance and direction that you need to start building new applications in Azure or migrating existing applications to Azure.

我該從哪裡開始?Where do I start?

有了 Azure 提供的所有服務後,了解支援解決方案架構所需的服務可能會是令人怯步的工作。With all the services that Azure offers, it can be a daunting task to figure out which services you need to support your solution architecture. 本節著重於開發人員常用的 Azure 服務。This section highlights the Azure services that developers commonly use. 如需所有 Azure 服務的清單,請參閱 Azure 文件For a list of all Azure services, see the Azure documentation.

首先,您必須決定如何在 Azure 中裝載應用程式。First, you must decide on how to host your application in Azure. 您需要以虛擬機器 (VM) 形式管理整個基礎結構嗎?Do you need to manage your entire infrastructure as a virtual machine (VM). 您可以使用 Azure 所提供的平台管理功能嗎?Can you use the platform management facilities that Azure provides? 您只需要使用無伺服器架構來裝載程式碼執行嗎?Maybe you need a serverless framework to host code execution only?

您的應用程式需要 Azure 提供數個選項的雲端儲存體。Your application needs cloud storage, which Azure provides several options for. 您可以利用 Azure 的企業驗證。You can take advantage of Azure's enterprise authentication. 另外還有工具可進行雲端式開發和監視,而且大部分的裝載服務提供 DevOps 整合。There are also tools for cloud-based development and monitoring, and most hosting services offer DevOps integration.

現在,請查看我們建議您針對應用程式所調查的某些特定服務。Now, let's look at some of the specific services that we recommend investigating for your applications.

應用程式裝載Application hosting

Azure 提供數個雲端式運算供應項目來執行您的應用程式,讓您不需要擔心基礎結構詳細資料。Azure provides several cloud-based compute offerings to run your application so that you don't have to worry about the infrastructure details. 隨著您應用程式使用的成長,您可以輕鬆地向上延展或向外延展資源。You can easily scale up or scale out your resources as your application usage grows.

Azure 提供可支援應用程式開發和裝載需求的服務。Azure offers services that support your application development and hosting needs. Azure 提供基礎結構即服務 (IaaS),讓您完全控制應用程式裝載。Azure provides Infrastructure as a Service (IaaS) to give you full control over your application hosting. Azure 的平台即服務 (PaaS) 供應項目提供強化應用程式所需的完全受控服務。Azure's Platform as a Service (PaaS) offerings provide the fully managed services needed to power your apps. Azure 中甚至會有真正的無伺服器裝載,在其中,您只需要撰寫程式碼。There is even true serverless hosting in Azure where all you need to do is write your code.

Azure 應用程式裝載選項

Azure App ServiceAzure App Service

當您想要發佈 Web 專案的最快速路徑時,請考慮使用 Azure App Service。When you want the quickest path to publish your web-based projects, consider Azure App Service. App Service 可讓您更輕鬆地擴充 Web 應用程式來支援行動用戶端,以及發佈方便使用的 REST API。App Service makes it easy to extend your web apps to support your mobile clients and publish easily consumed REST APIs. 此平台提供驗證的方式是使用社交提供者、流量自動調整,在生產環境中測試,以及持續的容器部署。This platform provides authentication by using social providers, traffic-based autoscaling, testing in production, and continuous and container-based deployments.

您可以建立 Web 應用程式、行動應用程式後端和 API 應用程式。You can create web apps, mobile app back ends, and API apps.

因為所有三種應用程式類型都共用 App Service 執行階段,所以您可以架設網站、支援行動用戶端,並在 Azure 中公開 API,而全部都是來自相同的專案或解決方案。Because all three app types share the App Service runtime, you can host a website, support mobile clients, and expose your APIs in Azure, all from the same project or solution. 若要深入了解 App Service,請參閱什麼是 Azure Web AppsTo learn more about App Service, see What is Azure Web Apps.

請注意,已使用 DevOps 設計 App Service。App Service has been designed with DevOps in mind. 它支援各種用於發佈和持續整合部署的工具,包括 GitHub Webhook、Jenkins、Azure DevOps、TeamCity 等。It supports various tools for publishing and continuous integration deployments, including GitHub webhooks, Jenkins, Azure DevOps, TeamCity, and others.

您可以使用線上移轉工具,將現有應用程式移轉至 App Service。You can migrate your existing applications to App Service by using the online migration tool.

使用時機:當您要將現有 Web 應用程式移轉至 Azure 時,以及當您需要適用於 Web 應用程式的完整受控裝載平台時,請使用 App Service。When to use: Use App Service when you’re migrating existing web applications to Azure, and when you need a fully managed hosting platform for your web apps. 當您需要支援行動用戶端或是使用應用程式公開 REST API 時,也可以使用 App Service。You can also use App Service when you need to support mobile clients or expose REST APIs with your app.

開始使用:App Service 可讓您輕鬆地建立和部署您的第一個 Web 應用程式行動應用程式API 應用程式Get started: App Service makes it easy to create and deploy your first web app, mobile app, or API app.

立即試用:App Service 可讓您佈建短期應用程式來試用平台,而不需要註冊 Azure 帳戶。Try it now: App Service lets you provision a short-lived app to try the platform without having to sign up for an Azure account. 請嘗試平台,並建立 Azure App Service 應用程式Try the platform and create your Azure App Service app.

Azure 虛擬機器Azure Virtual Machines

身為基礎結構即服務 (IaaS) 提供者,Azure 可讓您將應用程式部署或移轉至 Windows 或 Linux VM。As an Infrastructure as a Service (IaaS) provider, Azure lets you deploy to or migrate your application to either Windows or Linux VMs. Azure Virtual Machines 與 Azure Virtual Network 搭配使用,可支援將 Windows 或 Linux VM 部署至 Azure。Together with Azure Virtual Network, Azure Virtual Machines supports the deployment of Windows or Linux VMs to Azure. 使用 VM,您可以完整控制電腦的設定。With VMs, you have total control over the configuration of the machine. 使用 VM 時,您負責所有伺服器軟體安裝、設定、維護和作業系統修補程式。When using VMs, you’re responsible for all server software installation, configuration, maintenance, and operating system patches.

基於您對 VM 的控制等級,您可以在 Azure 上執行不符合 PaaS 模型的各種不同伺服器工作負載。Because of the level of control that you have with VMs, you can run a wide range of server workloads on Azure that don’t fit into a PaaS model. 這些工作負載包含資料庫伺服器、Windows Server Active Directory 和 Microsoft SharePoint。These workloads include database servers, Windows Server Active Directory, and Microsoft SharePoint. 如需詳細資訊,請參閱 LinuxWindows 的 Virtual Machines 文件。For more information, see the Virtual Machines documentation for either Linux or Windows.

使用時機:當您想要完整控制應用程式基礎結構,或將內部部署應用程式工作負載移轉至 Azure 而不需進行變更時,請使用「虛擬機器」。When to use: Use Virtual Machines when you want full control over your application infrastructure or to migrate on-premises application workloads to Azure without having to make changes.

開始使用:從 Azure 入口網站建立 Linux VMWindows VMGet started: Create a Linux VM or Windows VM from the Azure portal.

Azure Functions (無伺服器)Azure Functions (serverless)

不需要擔心建置和管理整個應用程式或基礎結構,即可執行程式碼。Rather than of worrying about building out and managing a whole application or the infrastructure to run your code. 如果您只撰寫程式碼,並執行它來回應事件或依排程執行它,則要怎麼辦?What if you could just write your code and have it run in response to events or on a schedule? Azure Functions 是「無伺服器」樣式供應項目,可讓您只撰寫所需的程式碼。Azure Functions is a "serverless"-style offering that lets you write just the code you need. 使用 Functions,程式碼執行是由 HTTP 要求、Webhook、雲端服務事件或依排程觸發。With Functions, code execution is triggered by HTTP requests, webhooks, cloud service events, or on a schedule. 您也可以使用選擇的開發語言編寫程式碼,例如 C#、F#、Node.js、Python 或 PHP。You can code in your development language of choice, such as C#, F#, Node.js, Python, or PHP. 使用耗用型計費時,您只需要支付程式碼執行時間的費用,而且 Azure 會視需要調整。With consumption-based billing, you pay only for the time that your code executes, and Azure scales as needed.

使用時機:當您的程式碼會由其他 Azure 服務、Web 型事件或依排程觸發時,請使用 Azure Functions。When to use: Use Azure Functions when you have code that is triggered by other Azure services, by web-based events, or on a schedule. 當您不需要整個託管專案的額外負荷時,或只想要支付程式碼執行時間的費用時,也可以使用 Functions。You can also use Functions when you don't need the overhead of a complete hosted project or when you only want to pay for the time that your code runs. 若要深入了解,請參閱 Azure Functions 概觀To learn more, see Azure Functions Overview.

開始使用:依照 Functions 快速入門教學課程,從入口網站建立第一個函式Get started: Follow the Functions quickstart tutorial to create your first function from the portal.

立即試用:Azure Functions 可讓您執行程式碼,而不需要註冊 Azure 帳戶。Try it now: Azure Functions lets you run your code without having to sign up for an Azure account. 請立即試用,並建立您的第一個 Azure 函式Try it now at and create your first Azure Function.

Azure Service FabricAzure Service Fabric

Azure Service Fabric 是分散式系統平台,可讓您輕鬆建置、封裝、部署和管理可調整和可信賴的微服務。Azure Service Fabric is a distributed systems platform that makes it easy to build, package, deploy, and manage scalable and reliable microservices. 還提供完整的應用程式管理功能,以佈建、部署、監視、升級/修補及刪除所部署的應用程式。It also provides comprehensive application management capabilities for provisioning, deploying, monitoring, upgrading/patching, and deleting deployed applications. 在共用電腦集區上執行的應用程式可以從小規模著手,然後視需要調整為成千上萬部電腦。Apps, which run on a shared pool of machines, can start small and scale to hundreds or thousands of machines as needed.

Service Fabric 支援具有 Open Web Interface for .NET (OWIN) 和 ASP.NET Core 的 WebAPI。Service Fabric supports WebAPI with Open Web Interface for .NET (OWIN) and ASP.NET Core. 它提供在 Linux 上建置服務的 .NET Core 和 Java SDK。It provides SDKs for building services on Linux in both .NET Core and Java. 若要深入了解 Service Fabric,請參閱 Service Fabric 文件To learn more about Service Fabric, see the Service Fabric documentation.

使用時機: 當您要建立應用程式或重新撰寫現有的應用程式以使用微服務架構時,Service Fabric 是不錯的選擇。When to use: Service Fabric is a good choice when you’re creating an application or rewriting an existing application to use a microservice architecture. 當您需要更充分地控制或直接存取基礎結構時,請使用 Service Fabric。Use Service Fabric when you need more control over, or direct access to, the underlying infrastructure.

開始使用: 建立第一個 Azure Service Fabric 應用程式Get started: Create your first Azure Service Fabric application.

使用 Azure 服務增強應用程式Enhance your applications with Azure services

除了應用程式裝載之外,Azure 還會提供服務供應項目,以增強雲端和內部部署中應用程式的功能、開發和維護。In addition to application hosting, Azure provides service offerings that can enhance the functionality, development, and maintenance of your applications, both in the cloud and on-premises.

託管儲存體和資料存取Hosted storage and data access

大部分應用程式都必須儲存資料,因此無論您決定如何在 Azure 中裝載應用程式,請考慮下列一或多個儲存體和資料服務。Most applications must store data, so regardless of how you decide to host your application in Azure, consider one or more of the following storage and data services.

  • Azure Cosmos DB:全域分散式的多模型資料庫服務,可讓您透過全方位的 SLA,彈性地調整任何數量之地理區域的輸送量及儲存體。Azure Cosmos DB: A globally distributed, multi-model database service that enables you to elastically scale throughput and storage across any number of geographical regions with a comprehensive SLA.

    使用時機: 當您的應用程式需要具有多個已完善定義之一致性模型的文件、資料表或圖表資料庫 (包括 MongoDB 資料庫) 時。When to use: When your application needs document, table, or graph databases, including MongoDB databases, with multiple well-defined consistency models.

    開始使用建置 Azure Cosmos DB Web 應用程式Get started: Build an Azure Cosmos DB web app. 如果您是 MongoDB 開發人員,請參閱使用 Azure Cosmos DB 建置 MongoDB Web 應用程式If you’re a MongoDB developer, see Build a MongoDB web app with Azure Cosmos DB.

  • Azure 儲存體:提供 Blob、佇列、檔案及其他類型之非關聯式資料的持久性高可用性儲存體。Azure Storage: Offers durable, highly available storage for blobs, queues, files, and other kinds of nonrelational data. 儲存體提供 VM 的儲存體基礎。Storage provides the storage foundation for VMs.

    使用時機:當您的應用程式會儲存非關聯式資料 (例如鍵值組 (資料表)、Blob、檔案共用或訊息 (佇列)) 時。When to use: When your app stores nonrelational data, such as key-value pairs (tables), blobs, files shares, or messages (queues).

    開始使用:選擇下列其中一種類型的儲存體:Blob資料表佇列檔案Get started: Choose from one of these types storage: blobs, tables, queues, or files.

  • Azure SQL Database:Azure 版本的 Microsoft SQL Server 引擎,可將關聯式的表格式資料儲存在雲端中。Azure SQL Database: An Azure-based version of the Microsoft SQL Server engine for storing relational tabular data in the cloud. SQL Database 提供可預測的效能、無停機時間的延展性、商務持續性和資料保護功能。SQL Database provides predictable performance, scalability with no downtime, business continuity, and data protection.

    使用時機:當您的應用程式需要具有參考完整性、交易支援和 TSQL 查詢支援的資料儲存體時。When to use: When your application requires data storage with referential integrity, transactional support, and support for TSQL queries.

    開始使用使用 Azure 入口網站在幾分鐘內建立 SQL DatabaseGet started: Create a SQL database in minutes by using the Azure portal.

您可以使用 Azure Data Factory,將現有內部部署資料移至 Azure。You can use Azure Data Factory to move existing on-premises data to Azure. 如果您尚未準備好將資料移至雲端,則 BizTalk 服務中的混合式連線可讓您將 App Service 託管應用程式裝載連線至內部部署資源。If you aren't ready to move data to the cloud, Hybrid Connections in BizTalk Services lets you connect your App Service hosted app to on-premises resources. 您也可以從內部部署應用程式連接至 Azure 資料和儲存體服務。You can also connect to Azure data and storage services from your on-premises applications.

Docker 支援Docker support

Docker 容器是一種 OS 虛擬化,可讓您透過更有效率且可預測的方式部署應用程式。Docker containers, a form of OS virtualization, let you deploy applications in a more efficient and predictable way. 容器化應用程式在生產環境中的運作方式與在開發和測試系統上相同。A containerized application works in production the same way as on your development and test systems. 您可以使用標準 Docker 工具來管理容器。You can manage containers by using standard Docker tools. 您可以在 Azure 上使用現有技能和熱門開放原始碼工具來部署和管理容器應用程式。You can use your existing skills and popular open-source tools to deploy and manage container-based applications on Azure.

Azure 提供數種方式,以在應用程式中使用容器。Azure provides several ways to use containers in your applications.

  • Azure Docker VM 延伸模組:可讓您使用 Docker 工具,將 VM 設定為 Docker 主機。Azure Docker VM extension: Lets you configure your VM with Docker tools to act as a Docker host.

    使用時機:當您想要在 VM 上產生應用程式的一致容器部署時,或當您想要使用 Docker Compose 時。When to use: When you want to generate consistent container deployments for your applications on a VM, or when you want to use Docker Compose.

    開始使用使用 Docker VM 延伸模組在 Azure 中建立 Docker 環境Get started: Create a Docker environment in Azure by using the Docker VM extension.

  • Azure Container Service:可讓您建立、設定和管理虛擬機器的叢集,這些虛擬機器已預先設定為執行容器化應用程式。Azure Container Service: Lets you create, configure, and manage a cluster of virtual machines that are preconfigured to run containerized applications. 若要深入了解 Container Service,請參閱 Azure Container Service 簡介To learn more about Container Service, see Azure Container Service introduction.

    使用時機:當您需要建置提供其他排程和管理工具的生產就緒、可調整環境時,或當您部署 Docker Swarm 叢集時。When to use: When you need to build production-ready, scalable environments that provide additional scheduling and management tools, or when you’re deploying a Docker Swarm cluster.

    開始使用部署容器服務叢集Get started: Deploy a Container Service cluster.

  • Docker 機器:可讓您使用 docker-machine 命令來安裝和管理虛擬主機上的「Docker 引擎」。Docker Machine: Lets you install and manage a Docker Engine on virtual hosts by using docker-machine commands.

    使用時機:當您需要建立單一 Docker 主機來快速設定應用程式的原型時。When to use: When you need to quickly prototype an app by creating a single Docker host.

  • App Service 的自訂 Docker 映像:可讓您在於 Linux 上部署 Web 應用程式時,使用來自容器登錄或客戶容器中的 Docker 容器。Custom Docker image for App Service: Lets you use Docker containers from a container registry or a customer container when you deploy a web app on Linux.

    使用時機:在 Linux 上將 Web 應用程式部署至 Docker 映像時。When to use: When deploying a web app on Linux to a Docker image.

    開始使用針對 Linux 上的 App Service 使用自訂 Docker 映像Get started: Use a custom Docker image for App Service on Linux.

驗證Authentication

重要的不只是知道誰正在使用您的應用程式,還可以防止未經授權的資源存取。It's crucial to not only know who is using your applications, but also to prevent unauthorized access to your resources. Azure 提供數種方式,以驗證應用程式用戶端。Azure provides several ways to authenticate your app clients.

  • Azure Active Directory (Azure AD) :Microsoft 多租用戶雲端式身分識別和存取管理服務。Azure Active Directory (Azure AD): The Microsoft multitenant, cloud-based identity and access management service. 您可以透過與 Azure AD 整合,將單一登入 (SSO) 新增至應用程式。You can add single-sign on (SSO) to your applications by integrating with Azure AD. 您可以直接使用 Azure AD Graph API 或使用 Microsoft Graph API,來存取目錄內容。You can access directory properties by using the Azure AD Graph API directly or the Microsoft Graph API. 您可以使用原生 HTTP/REST 端點和多平台 Azure AD 驗證程式庫,以與 OAuth2.0 授權架構和 Open ID Connect 的 Azure AD 支援整合。You can integrate with Azure AD support for the OAuth2.0 authorization framework and Open ID Connect by using native HTTP/REST endpoints and the multiplatform Azure AD authentication libraries.

    使用時機:當您想要提供 SSO 體驗、使用 Graph 型資料,或驗證網域型使用者時。When to use: When you want to provide an SSO experience, work with Graph-based data, or authenticate domain-based users.

    開始使用:若要深入了解,請參閱 Azure Active Directory 開發人員指南Get started: To learn more, see the Azure Active Directory developer's guide.

  • App Service 驗證:當您選擇 App Service 來裝載應用程式時,除了社交識別提供者 (包括 Facebook、Google、Microsoft 和 Twitter) 之外,您也會取得 Azure AD 的內建驗證支援。App Service Authentication: When you choose App Service to host your app, you also get built-in authentication support for Azure AD, along with social identity providers—including Facebook, Google, Microsoft, and Twitter.

    使用時機:當您想要使用 Azure AD 和 (或) 社交識別提供者在 App Service 應用程式中啟用驗證時。When to use: When you want to enable authentication in an App Service app by using Azure AD, social identity providers, or both.

    開始使用:若要深入了解 App Service 中的驗證,請參閱 Azure App Service 中的驗證和授權Get started: To learn more about authentication in App Service, see Authentication and authorization in Azure App Service.

若要深入了解 Azure 中的安全性最佳做法,請參閱 Azure 安全性最佳做法與模式To learn more about security best practices in Azure, see Azure security best practices and patterns.

監視Monitoring

在 Azure 中開始使用應用程式時,您需要可以監視效能、監看問題,以及查看客戶如何使用應用程式。With your application up and running in Azure, you need to be able to monitor performance, watch for issues, and see how customers are using your app. Azure 提供數個監視選項。Azure provides several monitoring options.

  • Visual Studio Application Insights:Azure 裝載的可延伸分析服務,可與 Visual Studio 整合以監視即時 Web 應用程式。Visual Studio Application Insights: An Azure-hosted extensible analytics service that integrates with Visual Studio to monitor your live web applications. 它會提供持續改善應用程式效能和可用性所需的資料,而不論它們是否裝載於 Azure 上。It gives you the data that you need to continuously improve the performance and usability of your apps, whether they’re hosted on Azure or not.

    開始使用:依照 Application Insights 教學課程進行操作。Get started: Follow the Application Insights tutorial.

  • Azure 監視器:一種服務,可協助您以視覺化方式檢視、查詢、路由傳送、封存以及處理 Azure 基礎結構與資源所產生的計量和記錄。Azure Monitor: A service that helps you to visualize, query, route, archive, and act on the metrics and logs that are generated by your Azure infrastructure and resources. 監視器提供您在 Azure 入口網站中看到的資料檢視,而且是用於監視 Azure 資源的單一來源。Monitor provides the data views that you see in the Azure portal and is a single source for monitoring Azure resources.

    開始使用開始使用 Azure 監視器Get started: Get started with Azure Monitor.

DevOps 整合DevOps integration

不論使用持續整合佈建 VM 還是發佈 Web 應用程式,Azure 都會與大部分的熱門 DevOps 工具整合。Whether it's provisioning VMs or publishing your web apps with continuous integration, Azure integrates with most of the popular DevOps tools. 有的對 Jenkins、GitHub、Puppet、Chef、TeamCity、Ansible、Azure DevOps 等這類工具的支援之後,您便可以使用您既有的工具進行工作,並將現有的體驗發揮到極致。With support for tools like Jenkins, GitHub, Puppet, Chef, TeamCity, Ansible, Azure DevOps, and others, you can work with the tools that you already have and maximize your existing experience.

立即試用: 試用數個 DevOps 整合Try it now: Try out several of the DevOps integrations.

開始使用:若要查看 App Service 應用程式的 DevOps 選項,請參閱持續部署至 Azure App ServiceGet started: To see DevOps options for an App Service app, see Continuous Deployment to Azure App Service.

Azure 區域Azure regions

Azure 是在全球各地許多地區正式推出的全域雲端平台。Azure is a global cloud platform that is generally available in many regions around the world. 當您在 Azure 中佈建服務、應用程式或 VM 時,系統會要求您選取區域,而區域代表執行應用程式或儲存資料的特定資料中心。When you provision a service, application, or VM in Azure, you are asked to select a region, which represents a specific datacenter where your application runs or where your data is stored. 這些區域對應到在 Azure 區域頁面上發佈的特定位置。These regions correspond to specific locations, which are published on the Azure regions page.

選擇您應用程式和資料的最佳區域Choose the best region for your application and data

使用 Azure 的其中一個優點是您可以將應用程式部署至全球各地的各種資料中心。One of the benefits of using Azure is that you can deploy your applications to various datacenters around the globe. 您選擇的區域可能會影響應用程式的效能。The region that you choose can affect the performance of your application. 例如,最好選擇較接近大多數客戶的區域,以減少網路要求延遲。For example, it's better to choose a region that’s closer to most of your customers to reduce latency in network requests. 您也可以選取區域,以符合在某些國家/地區散發應用程式的法律需求。You might also want to select your region to meet the legal requirements for distributing your app in certain countries/regions. 最好一律將應用程式資料儲存在相同的資料中心內,或儲存在最接近裝載應用程式之資料中心的資料中心內。It's always a best practice to store application data in the same datacenter or in a datacenter as near as possible to the datacenter that is hosting your application.

多區域應用程式Multi-region apps

雖然不可能,但是整個資料中心不可能因天然災害或網際網路失敗等事件而離線。Although unlikely, it’s not impossible for an entire datacenter to go offline because of an event such as a natural disaster or Internet failure. 最好將重要商務應用程式裝載在多個資料中心,以提供最大的可用性。It’s a best practice to host vital business applications in more than one datacenter to provide maximum availability. 使用多個區域也可以減少全域使用者的延遲,並在更新應用程式時提供彈性的其他機會。Using multiple regions can also reduce latency for global users and provide additional opportunities for flexibility when updating applications.

某些服務 (例如 Virtual Machine 和 App Services) 使用 Azure 流量管理員來啟用具有區域間之容錯移轉的多區域支援,以支援高可用性企業應用程式。Some services, such as Virtual Machine and App Services, use Azure Traffic Manager to enable multi-region support with failover between regions to support high-availability enterprise applications. 例如,請參閱 Azure 參考架構:在多個區域中執行 Web 應用程式For an example, see Azure reference architecture: Run a web application in multiple regions.

使用時機:當您有受益於容錯移轉和複寫的企業和高可用性應用程式時。When to use: When you have enterprise and high-availability applications that benefit from failover and replication.

如何管理我的應用程式和專案?How do I manage my applications and projects?

Azure 提供一組豐富的體驗,讓您建立和管理 Azure 資源、應用程式和專案,方法是透過程式設計以及在 Azure 入口網站中進行。Azure provides a rich set of experiences for you to create and manage your Azure resources, applications, and projects—both programmatically and in the Azure portal.

命令列介面和 PowerShellCommand-line interfaces and PowerShell

Azure 提供兩種方式,使用 Bash、終端機、命令提示字元或您選擇的命令列工具,從命令列管理應用程式和服務。Azure provides two ways to manage your applications and services from the command line by using Bash, Terminal, the command prompt, or your command-line tool of choice. 通常,您可以從命令列執行的工作與在 Azure 入口網站中執行的工作相同,例如建立和設定虛擬機器、虛擬網路、Web 應用程式和其他服務。Usually, you can perform the same tasks from the command line as in the Azure portal—such as creating and configuring virtual machines, virtual networks, web apps, and other services.

  • Azure 命令列介面 (CLI):可讓您連接到 Azure 訂用帳戶,並從命令列對 Azure 資源設計各種工作的程式。Azure Command-Line Interface (CLI): Lets you connect to an Azure subscription and program various tasks against Azure resources from the command line.

  • Azure PowerShell:提供一組含 Cmdlet 的模組,可讓您使用 Windows PowerShell 來管理 Azure 資源。Azure PowerShell: Provides a set of modules with cmdlets that enable you to manage Azure resources by using Windows PowerShell.

Azure 入口網站Azure portal

Azure 入口網站是一種 Web 應用程式,可用來建立、管理和移除 Azure 資源和服務。The Azure portal is a web-based application that you can use to create, manage, and remove Azure resources and services. Azure入口網站位於 https://portal.azure.comThe Azure portal is located at https://portal.azure.com. 它會包含可自訂的儀表板、用於管理 Azure 資源的工具,以及訂用帳戶設定和計費資訊的存取權。It includes a customizable dashboard, tools for managing Azure resources, and access to subscription settings and billing information. 如需詳細資訊,請參閱 Azure 入口網站概觀For more information, see the Azure portal overview.

REST APIREST APIs

Azure 是以支援 Azure 入口網站 UI 的一組 REST API 所建置。Azure is built on a set of REST APIs that support the Azure portal UI. 也支援其中的大部分 REST API,讓您以程式設計方式從任何啟用網際網路的裝置佈建和管理 Azure 資源和應用程式。Most of these REST APIs are also supported to let you programmatically provision and manage your Azure resources and applications from any Internet-enabled device. 如需一組完整 REST API 文件,請參閱 Azure REST SDK 參考For the complete set of REST API documentation, see the Azure REST SDK reference.

APIAPIs

除了 REST API 之外,許多 Azure 服務也可讓您以程式設計方式從應用程式使用平台特定 Azure SDK 來管理資源,包括下列開發平台的 SDK:In addition to REST APIs, many Azure services also let you programmatically manage resources from your applications by using platform-specific Azure SDKs, including SDKs for the following development platforms:

Mobile AppsAzure 媒體服務 這類服務提供用戶端 SDK,讓您可以從 Web 和行動用戶端應用程式存取服務。Services such as Mobile Apps and Azure Media Services provide client-side SDKs to let you access services from web and mobile client apps.

Azure Resource ManagerAzure Resource Manager

在 Azure 上執行應用程式可能包含使用多個 Azure 服務,而這些都遵循相同的生命週期,並且可以視為一個邏輯單元。Running your app on Azure likely involves working with multiple Azure services, all of which follow the same life cycle and can be thought of as a logical unit. 例如,Web 應用程式可能使用 Web Apps、SQL Database、「儲存體」、「Azure Redis 快取」及「Azure 內容傳遞網路」服務。For example, a web app might use Web Apps, SQL Database, Storage, Azure Cache for Redis, and Azure Content Delivery Network services. Azure Resource Manager 可讓您將應用程式中的資源當成群組使用。Azure Resource Manager lets you work with the resources in your application as a group. 您可以透過單一的協調作業來部署、更新或刪除所有資源。You can deploy, update, or delete all the resources in a single, coordinated operation.

除了以邏輯方式分組和管理相關資源之外,Azure Resource Manager 還會包含部署功能,以讓您自訂相關資源的部署和設定。In addition to logically grouping and managing related resources, Azure Resource Manager includes deployment capabilities that let you customize the deployment and configuration of related resources. 例如,使用 Resource Manager,即可部署和設定將多個虛擬機器、一個負載平衡器和 Azure SQL 資料庫當成一個單位處理的應用程式。For example, by using Resource Manager, you can deploy and configure an application that consists of multiple virtual machines, a load balancer, and an Azure SQL database as a single unit.

透過使用本身為 JSON 格式化文件的 Azure Resource Manager 範本,即可開發這些部署。You develop these deployments by using an Azure Resource Manager template, which is a JSON-formatted document. 範本可讓您定義部署,以及使用宣告式範本而非指令碼來管理應用程式。Templates let you define a deployment and manage your applications by using declarative templates, rather than scripts. 您的範本可以用於測試、預備和生產這類不同環境。Your templates can work for different environments, such as testing, staging, and production. 例如,使用範本,即可新增 GitHub 存放庫的按鈕,而且只要按一下,就可以將存放庫中的程式碼部署至一組 Azure 服務。For example, by using templates, you can add a button to a GitHub repo that deploys the code in the repo to a set of Azure services with a single click.

使用時機:當您想要可使用 REST API、Azure CLI 和 Azure PowerShell 以程式設計方式管理之應用程式的範本型部署,請使用 Resource Manager 範本。When to use: Use Resource Manager templates when you want a template-based deployment for your app that you can manage programmatically by using REST APIs, the Azure CLI, and Azure PowerShell.

開始使用:若要開始使用範本,請參閱製作 Azure Resource Manager 範本Get started: To get started using templates, see Authoring Azure Resource Manager templates.

了解帳戶、訂用帳戶和計費Understanding accounts, subscriptions, and billing

身為開發人員,我們要深入了解程式碼,並嘗試盡快開始讓我們的應用程式執行。As developers, we like to dive right into the code and try to get started as fast as possible with making our applications run. 當然,我們想要鼓勵您盡可能輕鬆地開始使用 Azure。We certainly want to encourage you to start working in Azure as easily as possible. 為了協助您更輕鬆地進行,Azure 提供免費試用To help make it easy, Azure offers a free trial. 某些服務甚至具有「免費試用」功能,例如 Azure App Service,而且您甚至不需要建立帳戶。Some services even have a "Try it for free" functionality, like Azure App Service, which doesn't require you to even create an account. 深入了解程式碼並將應用程式部署至 Azure 雖然十分有趣,但是花點時間從使用者帳戶、訂用帳戶和計費觀點了解 Azure 運作方式也十分重要。As fun as it is to dive into coding and deploying your application to Azure, it's also important to take some time to understand how Azure works from a standpoint of user accounts, subscriptions, and billing.

什麼是 Azure 帳戶?What is an Azure account?

若要可以建立或使用 Azure 訂用帳戶,您必須擁有 Azure 帳戶。To be able to create or work with an Azure subscription, you must have an Azure account. Azure 帳戶就是 Azure AD 或目錄 (例如公司或學校組織) 中 Azure AD 所信任的身分識別。An Azure account is simply an identity in Azure AD or in a directory, such as a work or school organization, that is trusted by Azure AD. 如果您不屬於這類組織,則一律會使用 Azure AD 所信任的 Microsoft 帳戶來建立訂用帳戶。If you don't belong to such an organization, you can always create a subscription by using your Microsoft Account, which is trusted by Azure AD. 若要深入了解整合內部部署 Windows Server Active Directory 與 Azure AD,請參閱整合您的內部部署身分識別與 Azure Active DirectoryTo learn more about integrating on-premises Windows Server Active Directory with Azure AD, see Integrating your on-premises identities with Azure Active Directory.

每個 Azure 訂用帳戶都會與 Azure AD 執行個體有信任關係。Every Azure subscription has a trust relationship with an Azure AD instance. 這表示它信任該目錄來驗證使用者、服務和裝置。This means that it trusts that directory to authenticate users, services, and devices. 多個訂用帳戶可以信任相同的目錄,但是一個訂用帳戶只能信任一個目錄。Multiple subscriptions can trust the same directory, but a subscription trusts only one directory. 若要深入了解,請參閱 Azure 訂用帳戶與 Azure Active Directory 建立關聯的方式To learn more, see How Azure subscriptions are associated with Azure Active Directory.

除了定義個別 Azure 帳戶身分識別 (也稱為「使用者」 ) 之外,您還可以在 Azure AD 中定義「群組」 。In addition to defining individual Azure account identities, also called users, you can also define groups in Azure AD. 建立使用者群組是使用角色型存取控制 (RBAC) 管理訂用帳戶中資源存取權的好方法。Creating user groups is a good way to manage access to resources in a subscription by using role-based access control (RBAC). 若要了解如何建立群組,請參閱在 Azure Active Directory Preview 中建立群組To learn how to create groups, see Create a group in Azure Active Directory preview. 您也可以使用 PowerShell 建立和管理群組。You can also create and manage groups by using PowerShell.

管理訂用帳戶Manage your subscriptions

訂用帳戶是連結至 Azure 帳戶之 Azure 服務的邏輯分組。A subscription is a logical grouping of Azure services that is linked to an Azure account. 單一 Azure 帳戶可以包含多個訂用帳戶。A single Azure account can contain multiple subscriptions. Azure 服務是根據訂用帳戶計費。Billing for Azure services is done on a per-subscription basis. 如需依類型的可用訂用帳戶供應項目清單,請參閱 Microsoft Azure 供應項目詳細資料For a list of the available subscription offers by type, see Microsoft Azure Offer Details. Azure 訂用帳戶有可完全掌控訂用帳戶的「帳戶管理員」,以及可控制訂用帳戶中所有服務的「服務管理員」。Azure subscriptions have an Account Administrator, who has full control over the subscription, and a Service Administrator, who has control over all services in the subscription. 如需有關傳統訂用帳戶管理員的資訊,請參閱新增或變更 Azure 訂用帳戶管理員For information about classic subscription administrators, see Add or change Azure subscription administrators. 除了系統管理員之外,也可以使用角色型存取控制 (RBAC) 對個別帳戶授與 Azure 資源的細部控制權。In addition to administrators, individual accounts can be granted detailed control of Azure resources using role-based access control (RBAC).

資源群組Resource groups

當您佈建新的 Azure 服務時,即可在指定的訂用帳戶中這麼做。When you provision new Azure services, you do so in a given subscription. 個別 Azure 服務 (也稱為資源) 是在資源群組的內容中建立。Individual Azure services, which are also called resources, are created in the context of a resource group. 資源群組可讓您更輕鬆地部署和管理應用程式資源。Resource groups make it easier to deploy and manage your application's resources. 資源群組應該包含您想要當成一個單位使用之應用程式的所有資源。A resource group should contain all the resources for your application that you want to work with as a unit. 您可以在資源群組之間移動資源,甚至移至不同的訂用帳戶。You can move resources between resource groups and even to different subscriptions. 若要了解如何移動資源,請參閱將資源移動到新的資源群組或訂用帳戶To learn about moving resources, see Move resources to new resource group or subscription.

Azure 資源總管是很棒的工具,可用來以視覺化方式檢視您已經在訂用帳戶中建立的資源。The Azure Resource Explorer is a great tool for visualizing the resources that you've already created in your subscription. 若要深入了解,請參閱使用 Azure 資源總管來檢視及修改資源To learn more, see Use Azure Resource Explorer to view and modify resources.

授與對資源的存取Grant access to resources

當您允許存取 Azure 資源時,最好一律為使用者提供執行指定工作所需的最低權限。When you allow access to Azure resources, it’s always a best practice to provide users with the least privilege that’s required to perform a given task.

  • 角色型存取控制 (RBAC) :在 Azure 中,您可以將存取權授與指定範圍的使用者帳戶 (主體):訂用帳戶、資源群組或個別資源。Role-based access control (RBAC): In Azure, you can grant access to user accounts (principals) at a specified scope: subscription, resource group, or individual resources. RBAC 可讓您將一組資源部署至資源群組,並將權限授與特定使用者或群組。RBAC lets you deploy a set of resources into a resource group and grant permissions to a specific user or group. 它也可讓您限制只有隸屬於目標資源群組資源的存取權。It also lets you limit access to only the resources that belong to the target resource group. 您也可以授與對單一資源的存取,例如虛擬機器或虛擬網路。You can also grant access to a single resource, such as a virtual machine or virtual network. 若要授與存取權,請將角色指派給使用者、群組或服務主體。To grant access, you assign a role to the user, group, or service principal. 有許多預先定義的角色,而且您也可以定義自己的自訂角色。There are many predefined roles, and you can also define your own custom roles. 若要深入了解,請參閱什麼是角色型存取控制 (RBAC)?To learn more, see What is role-based access control (RBAC)?.

    使用時機:當您需要使用者和群組的更細緻存取管理時,或當您需要將使用者設定為訂用帳戶的擁有者時。When to use: When you need fine-grained access management for users and groups or when you need to make a user an owner of a subscription.

    開始使用:若要深入了解,請參閱使用 RBAC 和 Azure 入口網站來管理存取權Get started: To learn more, see Manage access using RBAC and the Azure portal.

  • 服務主體物件:除了提供存取權給使用者主體和群組之外,您還可以將相同的存取權授與服務主體。Service principal objects: In addition to providing access to user principals and groups, you can grant the same access to a service principal.

    使用時機:當您以程式設計方式管理 Azure 資源或授與應用程式的存取權時。When to use: When you’re programmatically managing Azure resources or granting access for applications. 如需詳細資訊,請參閱建立 Active Directory 應用程式和服務主體For more information, see Create Active Directory application and service principal.

TagsTags

Azure Resource Manager 可讓您將自訂標記指派給個別資源。Azure Resource Manager lets you assign custom tags to individual resources. 當您需要組織資源以進行計費或監視時,標記 (即鍵值組) 可能特別有用。Tags, which are key-value pairs, can be helpful when you need to organize resources for billing or monitoring. 標記提供一種方法來追蹤多個資源群組的資源。Tags provide you a way to track resources across multiple resource groups. 您可以使用 REST API、Azure CLI 或 PowerShell,以程式設計方式在入口網站中於 Azure Resource Manager 範本中指派標記。You can assign tags in the portal, in the Azure Resource Manager template, or programmatically, by using the REST API, the Azure CLI, or PowerShell. 您可以將多個標記指派給每個資源。You can assign multiple tags to each resource. 若要深入了解,請參閱使用標記來組織 Azure 資源To learn more, see Using tags to organize your Azure resources.

計費Billing

從內部部署運算移至雲端託管服務時,追蹤和預估服務使用和相關成本十分重要。In the move from on-premises computing to cloud-hosted services, tracking and estimating service usage and related costs are significant concerns. 請務必預估每月執行新資源的成本。It’s important to be able to estimate what new resources cost to run on a monthly basis. 您也需要可以預測計費如何根據目前消費來尋找指定的月份。You also need to be able to project how the billing looks for a given month based on the current spending.

取得資源使用量資料Get resource usage data

Azure 提供一組計費 REST API,可存取 Azure 訂用帳戶的資源使用和中繼資料資訊。Azure provides a set of Billing REST APIs that give access to resource consumption and metadata information for Azure subscriptions. 這些計費 API 可讓您更妥善地預測和管理 Azure 成本。These Billing APIs give you the ability to better predict and manage Azure costs. 您可以追蹤和分析每小時增加的花費、建立消費警示,並根據目前使用趨勢來預測未來計費。You can track and analyze spending in hourly increments, create spending alerts, and predict future billing based on current usage trends.

開始使用:若要深入了解如何使用「計費 API」,請參閱 Azure 計費使用和 RateCard API 概觀Get started: To learn more about using the Billing APIs, see Azure Billing Usage and RateCard APIs overview.

預測未來成本Predict future costs

雖然事先預估成本極具挑戰,但是 Azure 具有您可在預估已部署資源成本時使用的定價計算機Although it's challenging to estimate costs ahead of time, Azure has a pricing calculator that you can use when you estimate the cost of deployed resources. 您也可以使用入口網站中的 [計費] 刀鋒視窗和計費 REST API,以根據目前耗用量來預估未來成本。You can also use the Billing blade in the portal and the Billing REST APIs to estimate future costs, based on current consumption.

開始使用:請參閱 Azure 計費使用和 RateCard API 概觀Get started: See Azure Billing Usage and RateCard APIs overview.