Describe Azure Compute and Networking Services

Question 1

What is Azure VM?

Answer 1

allows you to create VMs in the cloud which provide IaaS in the form of virtualised servers that can be used in many ways
- You can customise all software running on a Vm
- flexibility of virtualisation without having to buy hardware, but still IaaS so need to configure, update and maintain software that runs on VM

Question 2

When are VMs an ideal choice?

Answer 2

• you need to take control over OS
• you need ability to run custom software
• you need to use customer hosting configs

Question 3

What are VM images?

Answer 3

• allow you to create a VM in minuets
• template used to create a VM and may already include OS and other software like dev tools or web hosting environments

Question 4

What are VM scale sets?

Answer 4

• let you create and manage a group of identical, load-balanced, VMs
• azure automates the creation and allows you to centrally manage, configure and update a large number of VMs in mins
• number of VMs can scale up and down to respond to demand
• also use load balancing to ensure resources used efficiently
• you can build large-scle services for areas such as compute and big data

Question 5

What are VM availbility sets?

Answer 5

• Designed to ensure that VMs stagger updates and have varied power and network connectivity preventing losing all VMs with a single failure
  -They manage this by grouping VMs into update and fault domains
• No additional cost

Question 6

What is an update domain?

Answer 6

• groups Vms that can be rebooted at the same time allowing you to apply updates while knowing that only one update domain grouping will be offline at a time
• given 30 min recover time before next update domain starts

Question 7

What is a fault domain?

Answer 7

• groups VMs by common power source and network switch
• by default avability sets will be split VMs into three fault domains
• protects against physical power or networking failure

Question 8

Common VM examples?

Answer 8

• Testing and development
• Running apps in cloud
• extending datacenter to the cloud
• disaster recover

Question 9

How do VMs help with lift and shift?

Answer 9

• You can create an image of a physical server and host it within a VM with little or no changes

Question 10

What resources are required for VMs?

Answer 10

• compute size; number of cores and amount of RAM
• storage; HDD, SSD etc
• networking; virtual network, public IP and port config

Question 11

What is azure virtual desktop?

Answer 11

• desktop and application virtualisation service that runs on the cloud
• allows you to use a cloud-hosted version of windows from anywhere
• cross-platform
• and works with apps you can use to access RDP or most modern browsers

Question 12

how does azure virtual desktop enchance security?

Answer 12

• provides centralized security management for users’ desktops with AD
• you can enable MFA to secure sign-ins
• you can also secure access to data with role-based access controls
• data and apps are separate from local hardware meaning the risk of confidential info being left on personal devices is reduced`

Question 13

What are containers?

Answer 13

• virtualization environment that bundles a single app and dependancies
• you can run multiple containers on a single physical or VM host each with a different OS, unlike VMs that are limited to one OS
• you don’t manage OS and instead they are lightweight resources that are designed to be created, scaled out and stopped dynamically
• you can scale out VMs but containers offer a lighter more agile solution
• quick restart if there is a crash or hardware interruption
• e.g. docker
• VMs virtualize hardware, containers virtualize OS

Question 14

What are container instances?

Answer 14

• Paas offering to allow you to upload your containers and run them for you

Question 15

When would we chose VMs over containers and vise versa?

Answer 15

• Choose VMs when you want complete control
• Choose containers when portability and performance are more of a concern

Question 16

When are containers used?

Answer 16

• used to create solutions using microservice architecture
• break solutions into smaller, independent pieces
• e.g. split a website into a container hosting the front end, another hosting back end and another for storage
• allows you to separate app into logical divisions that can be maintained, scaled or updated independently

Question 17

What are azure functions?

Answer 17

• event-driven, serverless compute option that doesnt require maintaining VMs or containers
• event wakes the function, alleviating need to keep resources provisioned when there are no events

Question 18

benefits of azure functions?

Answer 18

• ideal when only concerned about the code running the service and not about the platform of infrastructure
• can be triggered by timer or message from another azure service and used when work can be completed within seconds or less
• auto-scale on demand
• deallocates resources when the function finished
• stateless (behave as if restarted every time) or stateful (passed context describing prior activity)
• allow for serverless computing

Question 19

What is Azure App Service?

Answer 19

• allows you to build and host web apps, mobile back-ends and APIs in multiple programming language without managing infrastructure
• auto scaling + high availability
• windows and linux
• auto deployment from GitHub, Azure DevOps or any Git repo
• lets you focus on building and maintaining the app while azure focuses on keeping environment up and running
• ideal choice to host web apps

Question 20

Types of app service?

Answer 20

• Web apps; includes full support for hosting web apps
• API apps; you can build REST-based web APIs by using your choice of language and framework and get full Swagger support plus ability to publish API in Azure Marketplace
• WebJobs; run a program or script in the same context as a web, API or mobile app and can be scheduled or run by a trigger
  -Mobile apps; store mobile app data in cloud SQL, auth customers using social sign in, send push notications and execute custom back-end logic

Question 21

What are azure virtual networks?

Answer 21

• enable resources such as VMs, web apps and DBs to communicate with one another and with users on the internet or with on-premises client computers

Question 22

What do azure virtual networks provide?

Answer 22

• isolation and segmentation
• internet comms
• comms between azure resources
• comms with on prem resources
• route network traffic
• filter network traffic
• connect virtual networks

Question 23

How do azure virtual networks support endpoints?

Answer 23

• support public and private endpoints to enable comms between external or internal resources with other internal resources
• public endpoints have public IP that can be accessed from anywhere in world
• private exist within a virtual network and have a private IP from within the address space of the network

Question 24

What is isolation and segmentation in terms of azure virtual network?

Answer 24

• when you set up a network you define a private IP space by using either public or private IP range
• the range only exists within the virtual network and is not internet routable but can be divided into subnets
• you can configure the network to use internal or external DNS server

Question 25

How can you enable internet communicated on azure virtual network?

Answer 25

assigning a resource to a public IP address or putting the resource behind a public load-balancer

Question 26

What is virtual network peering?

Answer 26

• allows two virtual networks to connect directly to each other meaning they can be linked together
• network traffic between peered networks is private and travels on Microsoft backbone, never entering the public internet
• enables resources in each virtual network to communicate with each other even in separate regions
• globe of interconnected networks can be created
• User Defined routes allow you to control the routing tables between subnets within or between virtual networks allowing for greater control of traffic

Question 27

What does the Azure VPN gateway enable?

Answer 27

Gateway instances are deployed in dedicated subnet of the virtual network enabling;
- connection of on-prem datacenters to virtual networks through site-site
-connection of devices to VNs through point-site
-connection of VNs to other VNs through network-network

Question 28

What are the benefits of Azure VPN gateway?

Answer 28

• all data transfer is encrypted
• you can deploy one gateway in each virtual network and then use one gateway to connect to multiple locations

Question 29

What is a policy-based VPN gateway?

Answer 29

• specify statically the IP address of packets that should be encrypted through each tunnel
• evaluates every data packet against those sets of addresses to choose the tunnel where that packet is sent through

Question 30

What is a Route-based VPN gateway?

Answer 30

• IPSec tunnels are modeled as a network interface or virtual tunnel interface
• IP routing decides which one of these tunnel interfaces to use when sending each packet
• preferred connection method for on-prem devices
• most resilient to topology changes such as the creation of new subnets
• used for point-site, multiple connections and connections between VNs

Question 31

What is Azure express route?

Answer 31

• lets you extend your on-prem networks into the Microsoft cloud over a private connection, with the help of a connectivity provider
• You can establish connections to services such as Azure and 365 allowing you to connect offices and datacenters to these services
• the connection is called an ExpressRoute circuit
• connection can be from wired or wireless network
• don’t go over public internet allowing for more reliability, faster speeds, consistent latencies and higher security

Question 32

Benefits of ExpressRoute?

Answer 32

• connectivity to Microsoft cloud services across all regions in the geopolitical region. You could use ER to connect two circuits across the globe without using public internet
• local connectivity to MS across all regions with the ExpressRoute global reach
• dynamic routing between your next work and Microsoft
• build in redundancy

Question 33

What are the four express route connectivity models?

Answer 33

• cloudExchange colocation
• point-point ethernet connection
• any-any connection
• directly from ExpressRoute sites

Question 34

What is Azure DNS?

Answer 34

• Hosting service for DNS comains that provides name resolution by using Azure infrastructure
• you manage DNS records using same creds, APIs, tools and billing as your other azure services

Question 35

Benefits of Azure DNS?

Answer 35

• Reliability and performance; azures global network of DNS servers provides resiliency and high availability
• Security; based on Azure Resource Manager which provides role based access control, activity logs and resource locking
• Ease of use; can manage it directly in Azure
• Cusomtizable virtual networks with private domains
• Alias records