Compute Flashcards
What is Azure Key Vault?
A service that safeguards encryption keys and secrets
What does an access policy in an Azure Key Vault define?
What operations can be done on the secrets and who can perform these operations
What is best practice for storing passwords in ARM templates?
Using Azure Key Vault with an access policy, so it is not stored in plaintext
What does a custom script extension do?
- Downloads and executes scripts on Azure VMs
- Useful for configuration/management tasks like software installation
How would you apply a custom script extension in an ARM template?
Modify the extension Profile portion of the template
What are the steps involved in setting up Azure Automation State Configuration to manage VM configs?
Step 1: Create and upload a configuration to Azure Automation
Step 2: Compile a configuration into a node configuration
Step 3: Register a VM to be managed by State Configuration
Step 4: Specify configuration mode settings
Step 5: Assign a node configuration to a managed node
Step 6: Check the compliance status of a managed node
Why and when would you use a spot VM instance?
Ideal for workloads that can be interrupted, providing scalability while reducing costs
What is SKU?
- Stock Keeping Unit
- A specific version or offering of a resource that is available in Azure
What is the Compute Gallery used for?
Enabled versioning and replication of images and apps
What’s the difference between uniform and flexible VMSS?
- In uniform and flexible VMSS, you define a template and capacity
- Flexible VMSS additionally supports auto-scale, adding other VMs, and full control over VMs
What is a benefit of using a container over a VM?
Less resources consumed
Smaller size
Faster startup
In Azure CLI, what command would you use to apply your YAML manifests in an AKS cluster?
kubectl apply -f <filename>.yaml</filename>
In Azure CLI, what command is used for AKS cluster configuration?
az aks
How would you move a VM to another network?
- Delete VM
- Recreate VM and add network interface
What OS can ASP.NET apps run on?
Windows only
What OS can ASP.NET Core apps run on?
Windows and Linux
To run an App, what must be true about the associated App Service plan?
Must be in same region the app is running in
Must have a compatible OS
Why might you be unable to create a staging slot?
- Your app may be running in too low a tier
- Scale up to Standard, Premium, or Isolated to enable multiple deployment slots
During Azure planned maintenance, what is the maximum percentage of machines in a VMSS that will upgrade at any time?
20%
What could you do if you wanted to move your VM so it wouldn’t be affected by a planned maintenance?
Redeploy the VM so it moves to a new node
How many OS can you have per app service plan?
1
How would you add a custom domain name to a web app?
Create a DNS record
Can you change the VNet of a VM after creation?
No, you can only change the subnet
What is required in order to access applications on Kubernetes?
An application Load Balancer created by Azure with a public IP
What is the best way to deploy 10 Azure web apps?
App Service plan (Standard supports 10 web apps)
What changes to a VM would cause downtime?
Resizing
What steps are needed to deploy a web app update after testing?
- Deploy the update to the staging deployment slot
- Test
- Swap to the production deployment slot
What is a quicker way to deploy multiple VMs
Use ARM template
VMSS
What are the prerequisites for creating a recovery services vault to protect virtual machines?
The vault must be in the same region as the VM
What is the difference between a container and a VM?
- VMs virtualize an entire machine (hardware)
- Containers only virtualize software layers above the OS level (software)
How would you configure cluster autoscaler for AKS nodes?
az aks
Scale the nodes in the Azure portal
How would you configure Horizontal pod autoscaling?
kubectl
What are Azure proximity placement groups?
- A logical grouping capability for Azure VMs
- VMs assigned to a proximity placement group are placed in the same data center, so the VMSS should share the same region
What port does DNS use?
53
What port does HTTP/web server use?
80
What is the difference between an availability set and an availability zone?
Set - Within data center - Configure update and fault domains
Zone - Within region - Protect from data center failures
What must you specify when deploying a VM from a template?
Resource group
Password
What VM property can you modify via scheduled runbook?
Size
What extensions can you use to ensure a particular service offering is available on all deployed VMs?
- Custom script extension
- DSC extension
Where do containers live?
Inside pods
What does the service CIDR assign IP addresses for?
Internal services in the AKS cluster
For Windows Server, what is the temporary disk?
D:\
What type of disk does Azure support for migration from on-premises to Azure?
VHD file format with a fixed size disk
What is the advantage of using deployment slots?
You can validate app changes in a staging deployment slot before swapping to production
What are your options for restoring a VM?
Create new
Replace existing
What is a requirement for Azure Backup to work correctly?
The latest version of the Azure VM Agent
What is the maximum number of update domains you can have?
20
What is the maximum number of fault domains you can have?
3 for most regions
How many app service plans can you have per region?
10 free, 100 premium
What command allows you to use a custom ARM template file to deploy resources to a RG?
New-AzResourceGroupDeployment
What does Microsoft Azure Recovery Services Agent (MARS) do?
Restore data for entire volume or just individual folders and files
Why would you add a copy loop to the resource section of your template?
- So you can dynamically set the number of items for a property during deployment
- Copy - copyindex
What do you need to connect a VM to different subnets?
- Multiple NICS
- Each NIC attached to a VM must exist in the same location and subscription as the VM
What’s the difference between New-AzResource and New-AzResourceGroupDeployment?
- New-AzResource creates an Azure resource in a RG
- New-AzResourceGroupDeployment adds a deployment to an existing RG
What do you backup an app service to?
An Azure storage account
What can you backup with a Recovery service vault?
VMs
File Shares
What types of storage can you backup in a Backup vault?
Azure disks
Azure blobs
When backing up an app service, how do you exclude folders/files from being stored in future backups?
Create a _backup.filter file
What “type”: command is needed to install an extension on a VM when deploying an ARM template?
Microsoft.Compute/virtualMachines/extensions
What is required to run an AKS cluster that supports node pools for Windows Server containers?
A network policy that uses Azure CNI (advanced) network plugin
What must be enabled if you want to integrate an AKS cluster with an Azure container registry?
AKS-managed Azure Active Directory setting
When configuring AKS clusters, when would you use the “max surge” command?
Extra nodes used to speed up upgrade
What deployment modes are available when using ARM templates?
Complete
Incremental
What does deploying an ARM template in complete mode do?
Resource Manager deletes resources that exist in the RG but are not specified in the template
What does deploying an ARM template in incremental mode do?
Resource Manager leaves unchanged resources that exist in the resource group but are not specified in the template
What does the Cooldown parameter define when configuring autoscaling?
How much time has to pass before the next autoscale operation triggers
What OS supports multi-container groups?
Linux only
What IP address does Azure Firewall support?
Standard SKU public IPv4 addresses
What does ImageReference specify in an ARM template?
Which image to use, whether it be a platform, marketplace, or VM image
What kind of record does Azure use to verify a custom domain?
CNAME or TXT
For Azure App Services, why might you need to use a Standard plan over a Basic plan?
- If you need 4-10 instances
- Standard supports up to 10, basic supports up to 3
For web apps, what runtime stacks are ONLY supported by Windows?
ASP.NET
For web apps, what runtime stacks are ONLY supported by Linux?
Python
What OS does Azure Container Apps support?
Linux only
At what level would you deploy a template that creates a RG?
Subscription
What does virtual network integration do for your app?
- Gives your app access to resources in your VNet
- Used only to make outbound calls from your app into your VNet
How would you sign in as an admin user into a container registry?
Username: Name of container registry
Password: Admin user access key
What is required to ensure a VM can be created in an Availability Zone?
- VM should use managed disks if you want to move them to an Availability Zone using Site Recovery
- You should select a zone in the High Availability section during VM creation
Does the location of a RG influence the choice of the location of a VM?
No
Can you restore a test slot from a production slot backup?
No
