Describe Azure architecture and services Flashcards
What is Microsoft Azure?
Azure is a continually expanding set of cloud services that help you meet current and future business challenges. Azure gives you the freedom to build, manage, and deploy applications on a massive global network using your favorite tools and frameworks.
Physical infrastructure
The physical infrastructure for Azure starts with datacenters. Conceptually, the datacenters are the same as large corporate datacenters. They’re facilities with resources arranged in racks, with dedicated power, cooling, and networking infrastructure.
Datacenters are grouped into Azure Regions or Azure Availability Zones that are designed to help you achieve resiliency and reliability for your business-critical workloads.
Regions
A region is a geographical area on the planet that contains at least one, but potentially multiple datacenters that are nearby and networked together with a low-latency network. Azure intelligently assigns and controls the resources within each region to ensure workloads are appropriately balanced.
Availability Zones
- Availability zones are physically separate datacenters within an Azure region.
- Each availability zone is made up of one or more datacenters equipped with independent power, cooling, and networking.
- An availability zone is set up to be an isolation boundary. If one zone goes down, the other continues working.
- Availability zones are connected through high-speed, private fiber-optic networks.
Availability Zones - Important
To ensure resiliency, a minimum of three separate availability zones are present in all availability zone-enabled regions. However, not all Azure Regions currently support availability zones.
Azure services that support availability zones fall into three categories
- Zonal services: You pin the resource to a specific zone (for example, VMs, managed disks, IP addresses).
- Zone-redundant services: The platform replicates automatically across zones (for example, zone-redundant storage, SQL Database).
- Non-regional services: Services are always available from Azure geographies and are resilient to zone-wide outages as well as region-wide outages.
Region pairs
Most Azure regions are paired with another region within the same geography (such as US, Europe, or Asia) at least 300 miles away.
This approach allows for the replication of resources across a geography that helps reduce the likelihood of interruptions because of events such as natural disasters, civil unrest, power outages, or physical network outages that affect an entire region.
Sovereign Regions
Sovereign regions are instances of Azure that are isolated from the main instance of Azure. You may need to use a sovereign region for compliance or legal purposes.
Azure sovereign regions include:
- US DoD Central, US Gov Virginia, US Gov Iowa
- China East, China North, and more: These regions are available through a unique partnership between Microsoft and 21Vianet, whereby Microsoft doesn’t directly maintain the datacenters.
Azure resources
A resource is the basic building block of Azure. Anything you create, provision, deploy, etc. is a resource. Virtual Machines (VMs), virtual networks, databases, cognitive services, etc. are all considered resources within Azure.
Azure resource groups - definitions
Resource groups are simply groupings of resources.
Azure resource groups characteristics
- When you create a resource, you’re required to place it into a resource group.
- A single resource can only be in one resource group at a time.
- Some resources may be moved between resource groups, but when you move a resource to a new group, it will no longer be associated with the former group.
- Resource groups can’t be nested, meaning you can’t put resource group B inside of resource group A.
Azure resource groups - hiearchy
When you apply an action to a resource group, that action will apply to all the resources within the resource group. If you delete a resource group, all the resources will be deleted.
If you grant or deny access to a resource group, you’ve granted or denied access to all the resources within the resource group.
Azure subscriptions - def
Subscriptions are a unit of management, billing, and scale. Similar to how resource groups are a way to logically organize resources, subscriptions allow you to logically organize your resource groups and facilitate billing.
Azure subscriptions - characteristics
- Using Azure requires an Azure subscription.
- A subscription provides you with authenticated and authorized access to Azure products and services.
- It also allows you to provision resources.
Azure subscriptions boundaries
- Billing boundary: This subscription type determines how an Azure account is billed for using Azure.
- Access control boundary: Azure applies access-management policies at the subscription level, and you can create separate subscriptions to reflect different organizational structures.
Azure management groups
Azure management groups provide a level of scope above subscriptions. You organize subscriptions into containers called management groups and apply governance conditions to the management groups.
Azure management groups - characteristics
- All subscriptions within a management group automatically inherit the conditions applied to the management group, the same way that resource groups inherit settings from subscriptions and resources inherit from resource groups. - - Management groups give you enterprise-grade management at a large scale, no matter what type of subscriptions you might have.
- Management groups can be nested.
Azure virtual machines
You can create and use VMs in the cloud. VMs provide infrastructure as a service (IaaS) in the form of a virtualized server and can be used in many ways.
Only 1 OS per VM
Virtual machine scale sets
- Virtual machine scale sets let you create and manage a group of identical, load-balanced VMs.
- Scale sets allow you to centrally manage, configure, and update a large number of VMs in minutes.
- The number of VM instances can automatically increase or decrease in response to demand, or you can set it to scale based on a defined schedule.
Azure virtual desktop
Azure Virtual Desktop is a desktop and application virtualization service that runs on the cloud. It enables you to use a cloud-hosted version of Windows from any location. Azure Virtual Desktop works across devices and operating systems, and works with apps that you can use to access remote desktops or most modern browsers.
Containers
- Containers are a virtualization environment.
- You can run multiple containers on a single physical or virtual host.
- Containers are lightweight and designed to be created, scaled out, and stopped dynamically.
- It’s possible to create and deploy virtual machines as application demand increases, but containers are a lighter weight, more agile method.
Azure Container Instances
- Azure Container Instances offer the fastest and simplest way to run a container in Azure; without having to manage any virtual machines or adopt any additional services.
- Azure Container Instances are a platform as a service (PaaS) offering.
- Azure Container Instances allow you to upload your containers and then the service will run the containers for you.
Azure Container Apps
- Azure Container Apps are similar in many ways to a container instance.
- They allow you to get up and running right away, they remove the container management piece, and they’re a PaaS offering.
- Container Apps have extra benefits such as the ability to incorporate load balancing and scaling. These other functions allow you to be more elastic in your design.
Azure Kubernetes Service
Azure Kubernetes Service (AKS) is a container orchestration service.
An orchestration service manages the lifecycle of containers.
When you’re deploying a fleet of containers, AKS can make fleet management simpler and more efficient.
Azure functions
Azure Functions is an event-driven, serverless compute option that doesn’t require maintaining virtual machines or containers.
With Azure Functions, an event wakes the function, alleviating the need to keep resources provisioned when there are no events.
Azure functions - benefits
- Functions scale automatically based on demand, so they may be a good choice when demand is variable.
- Only charged for the CPU time used while your function runs.
- Functions can be either stateless or stateful.
- Flexibility
Azure App Service
Azure App Service is an HTTP-based service for hosting web applications, REST APIs, and mobile back ends. It supports multiple languages, including .NET, .NET Core, Java, Ruby, Node.js, PHP, or Python. It also supports both Windows and Linux environments.
Azure App Service - Benefits
Handles most of the infrastructure decisions you deal with in hosting web-accessible apps:
- Deployment and management are integrated into the - platform.
- Endpoints can be secured.
- Sites can be scaled quickly to handle high traffic loads.
- The built-in load balancing and traffic manager provide high availability.
offers automatic scaling and high availability
