Describe Azure compute and networking services. Flashcards
Describe Azure Virtual Machines
With VMs you can create and use VMs in the cloud. VMs provide infrastructure as a service (IaaS). Just like a computer you can customize all of the software running on your VM. You can take total control of the operating system (OS). The ability to run custom software. To use custom hosting configurations.
You still need to configure, update, and maintain the software that runs on the VM. You can even create or use an already created image to rapidly provision VMs. Something that is already preconfigured.
What is a virtual machine scale set?
Virtual machine scale sets let you create and manage a group of identical, load-balanced VMs. Scale sets allow you to centrally manage, configure, and update a large number of VMs in minutes. The number of VM instances can automatically increase or decrease in response to demand, or you set it to scale based on a defined schedule.
What are virtual machine availability sets?
Virtual machine availability sets are another tool to help you build a more resilient, highly available environment. They are designed to ensure that VMs stagger updates and have varied power and network connectivity, preventing you from losing all your VMs with a single network or power failure.
They do this by grouping VMs in two ways: Update domain and fault domain.
Update domain: the update domains group VMs that can be rebooted at the same time.
Fault domain: The fault domain groups your VMs by a common power source and network switch. By default, an availability set will split your VMs across up to three fault domains.
Describe Azure Virtual Desktop.
Another type of virtual machine is the Azure Virtual Desktop (AVD). It is a desktop and application virtualization service that runs on the cloud. It enables you to use a cloud-hosted version of Windows from any location. AVD works across devices and operating systems and works with apps that you can use to access remote desktops.
What are containers?
Containers are a virtualization environment. Much like running multiple VMs on a single physical host, you can run multiple containers on a single physical or virtual host. Unlike VMs, you don’t manage the operating system for a container. One of the most popular container engines is Docker, which is supported by Azure.
Containers are lightweight.
VMs can only run one OS at a time and containers can have various
VMs virtualize the hardware and Containers virtualize the operating system.
containers are (PaaS)
Describe Azure Functions.
Azure Functions is an event-driven, serverless compute option that doesn’t require maintaining VMs or containers.
They do have servers but what it means is that the part of managing servers is already handled.
3 big benefits:
No infrastructure management….like installing a OS
Scalability -
Only pay for what you use. So the resources are only used when they are in use.
Use this for when you’re only concerned about the code running your service and not about the underlying platform or infrastucture.
What is the Azure App Service3?
App Service enables you to build and host web apps, background jobs, mobile back-ends, and RESTful APIs in the programming language of your choice without managing infrastructure. It offers automatic scaling and high availability.
Describe Azure Virtual Networking
Azure virtual networks and virtual subnets enable Azure resources, such as VMs, web apps, and databases, to communicate with each other, with users on the internet, and with your on-premise client computers.
They provide the following key networking capabilities:
Isolation and segmentation
Internet communications
Communicate between Azure resources
Communicate iwth on-premise resources
Route network traffic
Filter network traffic
Connect virtual networks.
Connect virtual networks
You can link virtual networks together by using virtual network peering. Peering allows two virtual networks to connect directly to each other. It is private, and travels on the Microsoft backbone network, never entering the public internet.
Describe Azure Virtual Private Networks (VPNs)
It uses an encrypted tunnel within another network. VPNs are typically deployed to connect two or more trusted private networks to one another over an untrusted network (typically the public internet). Traffic is encrypted while traveling over the untrusted network to prevent eavesdropping or other attacks. VPNs can enable networks to safely and securely share sensitive information.
VPN gateways
Azure VPN Gateway instances are deployed in a dedicated subnet of the virtual network and enable the following connectivity:
-Connect on-premise data centers to virtual networks through a site-to-site connection.
-Connect individual devices to virtual networks through a point-to-site connection.
-Connect virtual networks to other virtual networks through a network-to-network connection.
All data transfer is encrypted inside a private tunnel as it crosses the internet.
You can deploy only one VPN gateway in each virtual network. However, you can use one gateway to connect to multiple locations, which includes other virtual networks or on-premise data centers.
Describe Active/standby VPN Gateways
Active/standby. By default, VPN gateways are deployed as 2 instances in an active/standby configuration, even if you only see one VPN gateway resource in Azure. When planned maintenance or unplanned disruption affects the active instance, then the standby instance automatically assumes responsibility for connections without any user intervention.
Describe Active/active VPN gateway
With the introductions of support for the BGP routing protocol, you can also deploy VPN gateways in an active/active configuration. In this configuration, you assign a unique public IP address to each instance. You then create separate tunnels from the on-premise device to each IP address. You can extend the high availability by deploying an additional VPN device on premises.
Describe ExpressRoute failover
Another high availability option is to configure a VPN gateway as a secure failover path for ExpressRoute connections. ER circuits have resiliency built in. However, they aren’t immune to physical problems that affect the cables delivering connectivity or outages that affect the complete ER location.
Describe Zone-redundant gateways
In regions that support availability zones, VPN gateways and ExpressRoute gateways can be deployed in a zone-redundant configuration. This configuration brings resiliency, scalability, and higher availability to virtual network gateways. Deploying gateways in Azure availability zones physically and logically separates gateways within a region while protecting your on-premises network connectivity to Azure from zone-level failures.