Azure compute and networking services Flashcards
T or F
VMs provide infrastructure as a service (IaaS) in the form of a virtualized server and can be used in many ways
True
When are VMs a good choice?
When you need :
total control over the OS
the ability to run custom software
to use custom hosting configurations
T or F
An Azure VM gives you the flexibility of virtualization without having to buy and maintain the physical hardware that runs the VM
True
T or F
You need to configure, update, and maintain the software on a VM
True
What is an image for the creation of a VM?
an image is a template used to create a VM that may already include an OS and other software, such as development tools, or web hosting environments.
T or F
You can create and provision a VM within minutes by using a preconfigured VM image?
True
T or F
You cannot group VMs together
False
You can group VMs together to provide high availability, scalability, and redundancy.
T or F
Azure can manage the grouping of VMs for you
True
Azure can uses scale sets and availability sets to manage the grouping of VMs
Virtual machine scale sets
allow you to create and manage a group of identical, load balanced VMs
What do scale sets allow you to do?
centrally manage, configure, and update a large number of VMs in minutes
T or F
With virtual machine scale sets, the number of VM instances can automatically increase or decrease in response to demand
True
Or you can set to it scale based on a defined schedule
Virtual machine availability sets
- another tool to help you build a more resilient, highly available environment.
- designed to ensure that VMs stagger updates and have a varied power and network connectivity
Availability sets work by group VMs in two ways
Update domain: groups VMs that can be rebooted at the same time. only one domain grouping will be offline at a time. plus a 30 min gap before next domain starts to update
Fault domain: groups VMs by common power source and network switch. by default, and availability set will spilt your VMs across up to three fault domains
T or F
There is no additional cost for configuring an availability set
True
Examples of when to use VMs
During testing and development
When running applications in the cloud
When extending your datacenter to the cloud
During disaster recovery
T or F
VMs are an excellent choice when you move from a physical server to the cloud (also known as lift and shift)
True.
By using an image of the physical server and host it within a VM with little or no changes. — you are responsible for maintaining VM
VM Resources
Size (purpose, number of processor cores, and amount of RAM)
Storage disks (hard disk drives, solid state drives, etc)
Networking (virtual, public IP address, and port configuration)
Azure Virtual Desktop
another type of VM
- is a desktop and application virtualization service that runs on the cloud
- enables you to use a cloud hosted version of windows from any location
- works with all apps
Role based access controls (RBAC)
extra level of security for user sign ins
T or F
With Azure Virtual Desktop the data and apps are separate from the local hardware
True.
the actual desktop and apps are running in the cloud
T or F
Windows 10 and 11 allows multiple concurrent users on a single VM
True
T or F
VMs are redistricted to a single operating system per virtual machine
True
What is the solution for wanting to run multiple instance of an application on a single host machine?
Containers
What are containers?
virtualization environment
you can run multiple containers on a single physical or virtual host
T or F
You need to manage the OS in a container
False.
You do not have to manage the OS
containers are lightweight & designed to be created, scaled out, and stopped dynamically.
What is one of the most popular container engines?
Docker
T or F
With containers you can respond to changes on demand, quickly restarting if there is a crash or hardware interruption
True
Azure Container Instances
are PaaS - platform as a service
- upload your containers and then the service will run the containers for you
If you need full control of the enviornment what is the better option VM or Container?
VM
Azure Container Apps
similar to container instances.
-easy to get up and running right away
-PaaS
-extra benefits - the ability to incorporate load balancing and scaling.
Azure Kubernetes Service (AKS)
container orchestration service
- manages the lifecycle of containers.
when deploying a fleet of containers, AKS can make fleet management simpler and more efficient
Containers in solutions
-using micro service architecture.
- break solutions into smaller independent pieces.
ex. split a website into a container hosting your front end, another for the back end, and another for storage. the split allows for the sections to be maintained, scaled, or updated independently
Azure Functions
event driven, serves compute option that doesn’t require maintaining VMs or containers.
Severless computing in Azure
Responsibility on managing servers is already handled for you
benefits
no infrastructure management
scalability
only pay for what you use
T or F
Azure Functions runs your codes when its triggered and automatically deallocates resources when the function is finished
True
Functions can either be stateless or stateful. What’s the difference?
stateless (the default) - they behave as if they’re restarted every time they respond to an event
stateful (called durable functions) - a context is passed through the function to track prior activity
Azure App Service
another hosting option other than VMs or containers
- can build and host web apps, background jobs, mobile back ends, and RESTful APIs in the programming language of your choice
T or F
Azure App Service supports Windows and Linux
True
T or F
Azure App Service does not offer automatic scaling and high availability
False
It does offer automatically scaling and high availability
T or F
App Service enables automated deployments from GitHub, azure DevOps, or any Git repo
True
T or F
Azure App Service is an HTTP based service for hosting web applications, REST APIs, and mobile backends
True
T or F
Azure App Service supports multiple languages
True
It supports
.NET
.NET Core
Java
Ruby
Node.js
PHP
Python
Type of App Services that you can host
Web apps
API apps
WebJobs
Mobile apps
App Services handle these infrastructure decisions
deployment and management
endpoints can be secured
sites can be scaled quickly
built in load balancing and traffic manager
T or F
Azure virtual networks and virtual subnets enable Azure resources to communicate with each other, with users on the internet, and with your on premises client computers
True
Azure virtual networks provide the following key networking capabilities:
isolation and segmentation
internet communications
communicate between azure resources
communicate with on premises resources
route network traffic
filter network traffic
connect virtual networks
T or F
Azure virtual networking supports both public and private endpoints to communicate between external or internal resource with other internal resources
True
T or F
Azure virtual network allows you to create multiple isolated virtual networks
True
T or F
The IP address created in the virtual network only exists in the virtual network and isn’t internet routable
True
How can you enable incoming connections from the internet?
by assigning a public IP address to an Azure resource or putting the resource behind a public load balancer
How to ensure Azure resources communicate securely with each other?
VMs
Service endpoints
3 ways to communicate with on premises resources
Point to site
Site to site
Azure ExpressRoute
3 ways to control route network traffic
by default - routes traffic between subnets on any connect virtual networks, on premises networks, and the internet
other 2 ways :
route table - can create custom tables & define rules
border gateway protocol (BGP) - routes to Azure virtual networks
How to filter network traffic between subnets
Network security groups - multiple inbound and outbound security rules
can define these rules
network virtual appliances - carries out a particular network function. such as a firewall or WAN
How to connect virtual networks together?
Virtual network peering.
this allows two virtual networks to connect directly to each other.
private, never entering the public internet
Descrive Azure virtual private networks
a VPN uses an encrypted tunnel within another network
-typically deployed to connect two or more trusted private networks to one another over an untrusted network (public internet)
T or F
With a VPN traffic is encrypted while traveling over the untrusted network
True
T or F
VPNs can enable networks to safely and securely share sensitive information
True
VPN gateway
type of virtual network gateway
deployed in a dedicated subnet of the virtual network
What to VPN gateways enable
connect on premises datacenters to virtual networks through site to site connection
connect individual devices to virtual networks through point to site connection
connect virtual networks to other virtual networks through a network to network connection
T or F - VPN gateways
All data transfer is encrypted inside a private tunnel as it crosses the internet
True
T or F
You can deploy only one VPN gateway in each virtual network
True
True or False
You can can use one gateway to connect multiple locations, which includes other virtual networks or on premises datacenters
True
T or F
When setting up a VPN you must specify the type of VPN
True
What are the two types of VPNs?
policy based
route based
Policy based VPN
specify statically the IP address of packets that should be encrypted through each tunnel
Route based VPN
IPSec tunnels are modeled as a network interface or virtual interface. IP routing (either static or dynamic routing) decides which one of the tunnel interfaces to use
T or F
Route based VPNs are the preferred connection method for on premises devices
True
they’re more resilient to topology changes
Use a route based VPN gateway for the following connectivity
connections between virtual networks
point to site connections
multisite connections
coexistence with an Azure ExpressRoute gateway
4 ways to maximize the resiliency of your VPN gateway
Active/standby - default
Active/active
ExpressRoute failover
Zone redundant gateways
Azure ExpressRoute
lets you extend your on premises networks into the Microsoft cloud over a private connection with the help from ExpressRoute Circuit
T or F
ExpressRoute connections don’t go over the internet
True
Features and benefits of ExpressRoute
connectivity to Microsoft cloud services across all regions in the geopolitical region
global connectivity to Microsoft services across all regions with the ExpreeRoute Global Reach
dynamic routing between your network and Microsoft via Border Gateway Protocol (BGP)
built in redundancy
ExpressRoute enables direct access to the following services in all regions:
Microsoft office 365
Microsoft dynamics 365
azure compute services
azure cloud services
T or F
You can enable ExpressRoute Global Reach to exchange data without transferring over the public internet
True
T or F
ExpressRoute uses BGP which uses dynamic routing
True
ExpressRoute supports four models that you can use to connect your on premises network to the Microsoft cloud
CloudExchange colocation
Point to point Ethernet connection
Any to any connection
Directly from ExpressRoute sites
Azure DNS
a hosting service for DNS domains
Benefits of Azure DNS
reliability and performance
security
ease of use
customizable virtual networks
alias records
T or F
Azure DNS allows your to use your own custom domain names in your private virtual networks
True
T or F
Azure DNS supports alias record sets
True
T or F
You can use Azure DNS to buy a domain name
False.
for an annual fee you can buy a domain name by using App Service domains or a third party
which Azure Virtual machine feature staggers updates across VMs based on their update domain and fault domain?
Availability sets
Which Azure service allows users to use a cloud hosted version of Windows from any location and connect from most modern browsers?
Azure Virtual Desktop
