Azure Services

Question 1

App Service Plans

Answer 1

containers for the apps that you deploy in App Service. App Service plans are offered in different tiers, with more functionality provided by higher, more expensive tiers

Question 2

App Service Plan Tiers

Answer 2

Free (Windows only): Run a small number of apps for free
Shared (Windows only): Run more apps and provides support for custom domains
Basic: Run unlimited apps and scale up to three instances with built-in load balancing
Standard: The first tier recommended for production workloads. It scales up to ten (10) instances with Autoscaling support and VNet integration to access resources in your Azure virtual networks without exposing them to the internet
Premium: Scale up to 20 instances and additional storage over the standard tier
Isolated: Scale up to 100 instances, runs inside of an Azure Virtual Network isolated from other customers, and supports private access use cases

Question 3

Azure App Service

Answer 3

Azure App Service Web Apps, or simply Web Apps, are the instances of your websites and web applications hosted in Azure App Service. For most scenarios, Web Apps is the best choice for hosting websites and web applications in Azure. Each Web App is deployed into an App Service plan. Web Apps are DevOps-ready, and can be deployed using a variety of continuous deployment tools.

Question 4

App Service Advisor

Answer 4

can make recommendations based on your application’s CPU, memory, and connections history

Question 5

Deployment slots

Answer 5

allow you to have separate instances of your application that have their own hostnames. This is useful for several reasons:

You can organize your workflow by having dedicated testing and staging slots in addition to the default production slot.
Once you have vetted a new release in the staging slot, you can swap it into production to avoid having to warm up the production application.
By swapping releases into production, the previous release remains in a slot where it can easily be swapped back into production if an issue is found in the new release.
Each deployment slot maintains its own configuration and application settings. Deployment slots are available with the standard and premium App Service plans.

Question 6

Facets of Web Apps in Azure

Answer 6

Metrics: Metrics are collected for Web Apps and measured by server-level information, such as the number of failed requests, average response time, and data in/out. You have seen metrics at work in the charts visible on Web Apps overview blades. Metrics is a global service that is part of Azure Monitor.

Diagnostic Logs: Collect logs from your application and/or from the web server hosting your application. The level of detail of the logs can be configured.

Resource health: Monitors your App Services for Azure service issues that may be impacting your Web Apps.

Service health: Service health is a general service that reports broad service outages, and not individual resource health. If a complete App Service outage is being experienced, Service health will report the outage, but because the outage affects the individual health of individual resources,

Question 7

Application Insights

Answer 7

application performance management (APM) service. Some of the features of Application Insights include the ability to:

Find and diagnose performance issues
Find and diagnose runtime exceptions
Monitor and alert on application health
Analyze customer usage
Create custom key performance indicator (KPI) dashboards

Application Insights can collect data from applications in Azure, running on-prem, or on other clouds. The integration with Azure Web Apps makes it exceptionally easy to use in Azure.

Question 8

Azure Service Bus

Answer 8

cloud-based publish/subscribe messaging service from Microsoft. It’s used to facilitate communication between applications and services. By communicating with each other through a messaging service, the applications and services can be decoupled. Decoupling is desirable because it results in solutions that scale easily and are more robust against failures.

Question 9

Azure Service Bus Pricing Tiers

Answer 9

Basic: Allows you to use Queues, but not Topics.

Standard: In addition to Topics, you can make use of message Deduplication and Sessions.

Premium: Similar to Standard, but includes Availability Zone support, Resource Isolation, and larger maximum message size of 1MB.

Question 10

Steps of Creating Azure Service Bus

Answer 10

1. Create globally unique namespace
2. Create a storage account to run cloudshell
3. Create a Topic
4. Create a Subscription

Question 11

Azure CLI command to display list of Azure Service Bus namespaces

Answer 11

az servicebus namespace list

Question 12

Topic in Azure Service Bus

Answer 12

enables one-to-many communication

Question 13

Queue in Azure Service Bus

Answer 13

only allow processing by a single consumer

Question 14

Azure CLI command to create Topic in Azure Service Bus

Answer 14

az servicebus topic create \

• -resource-group $(az group list –query ‘[0].name’ –output tsv) \
• -namespace-name $(az servicebus namespace list –query ‘[0].name’ –output tsv) \
• -name lab-topic

the name of the resource group and the namespace are fetched in subshells. Notice that you have specified the –output option to be tab-separated values (tsv). The default output is JSON, which would quote the string and cause errors.

Question 15

Azure CLI command to create Subscription to Topic in Azure Service Bus

Answer 15

RESOURCE_GROUP=$(az group list –query ‘[0].name’ –output tsv)
NAMESPACE_NAME=$(az servicebus namespace list –query ‘[0].name’ –output tsv)
TOPIC_NAME=$(az servicebus topic list –namespace-name $NAMESPACE_NAME –resource-group $RESOURCE_GROUP –query ‘[0].name’ –output tsv)

az servicebus topic subscription create \

• -resource-group $RESOURCE_GROUP \
• -namespace-name $NAMESPACE_NAME \
• -topic-name $TOPIC_NAME \
• -name lab-subscription

This command is making use of variables in Bash. The resource group, namespace name, and topic name are fetched and stored in variables prior to creating the Subscription. This has two benefits, it makes the command easier to read, and it means that the resource group and namespace name are only fetched once, making the command faster to execute.

Question 16

Azure Functions

Answer 16

Microsoft’s primary serverless compute service. With Azure Functions you gain development agility by focusing on your code and not worrying about maintaining servers.

Question 17

Steps of creating Azure Function

Answer 17

1. Create Azure Function App
2. Create a Azure Function (may need to create other resources before doing this, eg: Blob Storage Container before using BlobTrigger)
3. Go to “Code + Test” to do the actual coding

Question 18

Remote Desktop Protocol (RDP)

Answer 18

protocol developed by Microsoft that enables a remote connection to a Windows host. Remote Desktop uses a client/server model, whereby the initiating computer runs Remote Desktop client software to connect to the remote computer, which must run Remote Desktop server software. Remote Desktop server software is built into the Windows operating system. Windows also ships with a Remote Desktop client. Many free Remote Desktop clients exist for Linux and macOS, including those from Microsoft and Apple

Question 19

Azure Resource Manager (ARM) templates

Answer 19

allow you to specify groups of resources to be deployed together. ARM templates provide infrastructure as code allowing for quick and reproducible deployments.

Question 20

Log Azure session to Azure from PowerShell

Answer 20

Add-AzAccount

Question 21

View the storage account that contains your VMs virtual hard drive

Answer 21

Get-AzStorageAccount

Question 22

Make a storage account the default for current powershell session

Answer 22

Set-AzCurrentStorageAccount -ResourceGroupName -StorageAccountName

Question 23

Azure Blob storage

Answer 23

store unstructured data in Microsoft’s Azure cloud. Blobs can be any sort of data. Containers are used to organize blobs within a Storage Account. You can store up to 500TB of data in a single container.

Question 24

Block blobs

Answer 24

made up of individual blocks that can be up to 100MB in size. A block blob can include up to 50,000 blocks, giving a maximum blob size of 4.75TB

Question 25

Powershell command to create a container called images in Storage account

Answer 25

New-AzStorageContainer -Name images -Permission Off

Question 26

Powershell command to upload an image

Answer 26

Set-AzStorageBlobContent -Container images -File C:\Users\student\Desktop\image.png`

Question 27

Powershell command to get the details of an image

Answer 27

Get-AzStorageBlob -Container images -Blob image.png

Question 28

Powershell command to get the URI of a blob

Answer 28

$blob = Get-AzStorageBlob -Container images -Blob image.png

$blob.ICloudBlob.StorageUri

Question 29

Powershell command to generate a SAS token

Answer 29

New-AzStorageBlobSASToken -CloudBlob $blob.ICloudBlob -Permission r

Question 30

Powershell command to Get a list of blobs in the container and filter out only those with Type set to Wallpaper

Answer 30

$Wallpaper = Get-AzStorageBlob -Container images | Where-Object {$_.ICloudBlob.Metadata[“Type”] -eq “Wallpaper”}
Get-AzStorageBlobContent -CloudBlob $Wallpaper.ICloudBlob

Question 31

Powershell command to Create a new container called Wallpapers with anonymous read and list permissions

Answer 31

New-AzStorageContainer -Name wallpapers -Permission Container

Question 32

Powershell command to copy a blob from one container to another

Answer 32

Start-AzStorageBlobCopy -CloudBlob $Wallpaper.ICloudBlob -DestContainer wallpapers

Question 33

Powershell command to delete a blob

Answer 33

Remove-AzStorageBlob -CloudBlob $Wallpaper.ICloudBlob

Question 34

Azure Table Storage

Answer 34

used for storing unstructured data in a NoSQL datastore. Azure Tables is made up of tables that store entities. Entities must contain three properties:

PartitionKey: A string to determine the table partition an entity belongs to
RowKey: A string to uniquely identify an entity in a partition
Timestamp: A timestamp automatically generated by the Azure Table Service to indicate the last time an entity was modified

Each partition is stored on a single server. If you have a lot of entities but a small number of PartitionKey values, the table will not scale well since the partitions cannot be divided across servers. That is why it is important to plan how you will partition your table entities. Within a partition, the entities are indexed by the RowKey. If you plan to make use of range queries or queries that return more than one entity, careful selection of the RowKey can provide significant performance benefits. Each entity can have up to 252 additional properties.

Question 35

Powershell command to create a new Azure table called blobFiles:

Answer 35

$TblName = “blobFiles”

New-AzStorageTable -Name $TblName

Question 36

Powershell command to get the table you just created and store it in a variable:

Answer 36

$Tbl = Get-AzStorageTable -Name $TblName

Question 37

Power shell command to query to list all of the entities in the table

Answer 37

$Query = New-Object Microsoft.Azure.Cosmos.Table.TableQuery

$Tbl.CloudTable.ExecuteQuery($Query)

Question 38

Powershell command to execute a query that finds all entities with a Type of wallpaper

Answer 38

$Query.FilterString = “Type eq ‘wallpaper’”
$Entity = $Tbl.CloudTable.ExecuteQuery($Query)
$Entity

Question 39

Powershell command to Print the entity Type value:

Answer 39

$Entity.Current.Item(“Type”)

Question 40

Powershell command to Specify to return only the StorageUri property and not the Type property:

Answer 40

$Columns = New-Object System.Collections.Generic.List[string]
$Columns.Add(“StorageUri”)
$Query.SelectColumns = $Columns
$Entity = $Tbl.CloudTable.ExecuteQuery($Query)
$Entity

Using the SelectColumns query property is especially useful when dealing with large entities. If you don’t require all of the entity data this can be a significant bandwidth savings. The PartitionKey, RowKey, and Timestamp are always returned, regardless of the selected columns.

Question 41

Azure Queue storage

Answer 41

process messages asynchronously using a highly available and durable queue. Queues are great for decoupling application components and building scalable systems. The message content can be up to 64KB.

Question 42

Powershell command to create a new queue named thumbnail-queue

Answer 42

$QueueName = "thumbnail-queue" 
$Queue = New-AzStorageQueue –Name $QueueName

Question 43

Powershell command to Add a message to the queue for each blob

Answer 43

Add-Message -Queue $Queue -Blob $Logo
$Wallpaper = Get-AzStorageBlob -Container wallpapers
Add-Message -Queue $Queue -Blob $Wallpaper

Question 44

Powershell command to confirm queue has messages

Answer 44

$Queue = Get-AzStorageQueue -Name $QueueName

$Queue.ApproximateMessageCount

Question 45

Powershell command to List the two storage account access keys by entering

Answer 45

Get-AzStorageAccountKey -ResourceGroupName -Name

Question 46

Powershell command to Regenerate key1 by entering

Answer 46

New-AzStorageAccountKey -ResourceGroupName -Name -KeyName key1

Question 47

Azure Cosmos DB

Answer 47

fully-managed, globally-distributed, multi-model database. The different types of models supported by Cosmos DB are:

Key-value
Graph
Column-family
Document

Databases in Cosmos DB are highly-available and offer up to 99.999% SLA. Latency, throughput, and consistency are also guaranteed with SLAs. Cosmos DB offers you a variety of consistency models to choose from to satisfy a variety of application requirements.

SQL
MongoDB (document)
Gremlin (graph)
Cassandra (column-family)
Azure Table Storage (key-value)

Question 48

Steps to create Azure Cosmos DB

Answer 48

1. Create Azure Cosmos DB Account

2. Create Container/Database

Question 49

What are Cosmos DB levels of consistency?

Answer 49

Azure Cosmos DB offers five well-defined levels. From strongest to weakest, the levels are:

Strong
Bounded staleness
Session
Consistent prefix
Eventual

https://docs.microsoft.com/en-us/azure/cosmos-db/consistency-levels

Question 50

What is write and read regions in Cosmos DB?

Answer 50

Write regions are regions containing data centers that will accept write operations to your database. Read regions contain read-only Cosmos DB instances for your database. Write vs. read regions effect your consistency and latency as well

Question 51

Multi-master replication

Answer 51

having more than one Cosmos DB write location, which is a great option if low latency is your priority. You can’t have strong consistency with it.

Question 52

Azure Resource Manager

Answer 52

deployment and management service for Azure. It allows you to manage resources using JSON code. One of the benefits of using JSON code to represent Azure resources is that it makes your deployments much more easily replicable than if you were to use the Azure Portal to deploy the same resources. Additionally, because you can include things like parameters, variables, and functions in your template, you have the ability to deploy multiple resources using the same template and have them resemble one another or retain different features if necessary. Finally, ARM templates allow you to use declarative syntax, meaning you are only declaring your desired end state. It is up to Azure to make the changes for you.

Question 53

Azure CLI Command to deploy resources from ARM Template`

Answer 53

az deployment group create –resource-group $resource_group –template-file template.json –parameters @template.parameters.json

Question 54

BitLocker Encryption Key (BEK)

Answer 54

secret used to encrypt a VM disk

Question 55

Key Encryption Key (KEK)

Answer 55

wraps the BitLocker encryption key in yet another passphrase in order to protect it

Question 56

Azure virtual machine extensions

Answer 56

small applications that provide post-deployment configuration and automation on Azure VMs. The Azure platform hosts many extensions covering VM configuration, monitoring, security, and utility applications. Publishers take an application, wrap it into an extension, and simplify the installation. All you need to do is provide mandatory parameters.

Question 57

Log Analytics workspaces

Answer 57

unique environments used to collect and interact with several Azure Monitor data sources in Azure. Companies use Log Analytics workspaces in part because it allows them to import data from a variety of sources and query it using a robust query language that you’ll cover in another lab step. You can also manage alerts, view the health of your resources and more from your workspace.

Question 58

Kusto Query Language (KQL)

Answer 58

powerful query language used in Log Analytics. KQL is a pipeline-driven, read-only query language that will look very familiar if you’ve ever worked with a structured query language (SQL)

Question 59

API Management (APIM)

Answer 59

Azure’s API gateway service allowing you to create consistent, modern APIs for a variety of backend services. APIM provides powerful capabilities, such as rate-limiting, quotas, and security. These capabilities can be applied to existing backend services without requiring any additional code.

Question 60

Policies in API Management

Answer 60

allow you to change the behavior of APIs using configuration. Policies can be used to achieve a wide variety of objectives including rate-limiting and data transformation. Policies can be applied at different scopes to simplify configuration. The following scopes are supported:

Global
Product
API
Operation
Policies are inherited from containing scopes by default. As an example, if you want a policy for all operations in an API, it is most convenient and manageable to apply that policy at the API scope.

Question 61

Azure Kubernetes Service (AKS)

Answer 61

offers serverless Kubernetes, an integrated continuous integration and continuous delivery (CI/CD) experience, and enterprise-grade security and governance. AKS is free; you only pay for the agent nodes within your clusters, not for the masters.

Question 62

Azure Service Fabric

Answer 62

distributed systems platform that makes it easy to package, deploy, and manage scalable and reliable microservices and containers. Service Fabric also addresses the significant challenges in developing and managing cloud native applications.

A key differentiator of Service Fabric is its strong focus on building stateful services. You can use the Service Fabric programming model or run containerized stateful services written in any language or code. You can create Service Fabric clusters anywhere, including Windows Server and Linux on premises and other public clouds, in addition to Azure.

Question 63

Dockerfile patterns

Answer 63

1. Builder Pattern (old and inefficient)
2. Multi-stage build
   - Multiple From
   - Aliases are used
   - Only a build stage can be build

Question 64

Dockerfile Multistage Best practices

Answer 64

1. Adopting container modularity
2. Avoiding unnecessary packages
3. Choosing an appropriate base
4. Avoiding inclusion of app data

Question 65

Azure Databrics

Answer 65

• Analytical platform
• Spark based
• Environments: 1. Databricks SQL 2. Databricks Data Science & Engineering and 3. Databricks Machine Learing

Question 66

Databricks SQL

Answer 66

easy-to-use platform for analysts who want to run SQL queries on their data lake, create multiple visualization types to explore query results from different perspectives, and build and share dashboards.

Question 67

Databricks Data Science & Engineering

Answer 67

interactive workspace that enables collaboration between data engineers, data scientists, and machine learning engineers. For a big data pipeline, the data (raw or structured) is ingested into Azure through Azure Data Factory in batches, or streamed near real-time using Apache Kafka, Event Hub, or IoT Hub. This data lands in a data lake for long term persisted storage, in Azure Blob Storage or Azure Data Lake Storage.

Question 68

Databricks Machine Learning

Answer 68

integrated end-to-end machine learning environment incorporating managed services for experiment tracking, model training, feature development and management, and feature and model serving.

Question 69

Azure Bot Services

Answer 69

• Chatbots

- serverless

Question 70

Azure Search

Answer 70

Search-as-a-service

Question 71

stored access policies

Answer 71

provides an additional level of control over service-level shared access signatures (SAS) on the server side. Establishing a stored access policy serves to group shared access signatures and to provide additional restrictions for signatures that are bound by the policy. You can use a stored access policy to change the start time, expiry time, or permissions for a signature, or to revoke it after it has been issued.

Question 72

shared access signatures (SAS)

Answer 72

a URI that grants restricted access rights to Azure Storage resources. You can provide a shared access signature to clients who should not be trusted with your storage account key but to whom you wish to delegate access to certain storage account resources