Module 8 Flashcards
On prem data centre can cause latency for users that are geographically far away.
With this in Mind, using the cloud can save ____ and give you_______ ______ to customers in different GEOss
Cloud can save cost and give you local presence to customers in different GEOs
Several strategies and patterns used by software architects to make complex systems easy to design/build/maintain etc
Loosely coupled architectures via:
N-Tier Architecture
An N-Tier Architecture divides an app into…
Divides app into 2 or more logical tiers
How do the tiers access each other within an N-Tier Architecture
- Higher tier can access lower tier but not the other way round
Tiers help separate concerns and are typically reusable
How does this arcitecture help maintanenace?
- This also helps maintenance, can be updated or replaced inderpendantly + new tiers can be added
Give an example of a simple 3 Tier architecture
- 3 tiers referes to an N-Tier architecture with 3 tiers. e.g. Web (Interface), App (Business Logic), Data (DB or other storage) Tiers. This works as:
- User clicks Place order and request is sent to web tier
- Web tier passes fdata to app tier to validate payment and check inventory
- App tier passes to data tier where data is stored
What is an Azure Region
Azure Region
One or more data centers within a specific geographic location
A vNet is a logically isolated network on Azure, similar to networks in HyperV, VMWare and other clouds.
What does a vNet allow for…
- Allows for secure comms between each other, intrernet and on prem networks
How many regions are Azure vNets scoped to
Azure vNets are Scoped to a single region
What can be used to connect vNets to different regions
- vNets from different regions can be connected using vNet peering.
Segmenting a vNet into one or more subnets allows for
- Segmented into one or more subnets, this allows for organising + securing of resources in discrete sections
How/Why could/would you keep some tiers on prem and others in the cloyd
- You can also keep some tiers on-prem, i.e. Web Tier in cloud keeping other tiers on-prem allowsing tighter control.
- A VPN gateway would provide a secure connection between Azure + On prem.
- Azure manages physical H/W, you config vNets and gateways enabling you to treat vNet like your own.
- You can choose which networks your vNet can reach (i.e. public internet or other networks in the private IP space)
What are NSGs
- Allows or denies inbound traffic to Azure resources
- Essentially cloud level firewall
- You can config NSG to allow only traffic from known sources (IPs) you trust
What does Azure Load Balancer help to ensure?
- Azure Load balancer helps ensure site runs 24/7, when you also want to do maintenance (and there is no “good” time for down time)
- Azure Load balancer can also alleviate performance issues with too many users
What does availability refer to?
Availability = how long a service is up and running with out interruption
What does High Availability refer to?
High Availability (HA) = services up and running for a long period of time
100% Availability is difficult to achieve - many teams strive for 5-9’s (99.999%)
What does resiliency refer to?
Resiliency - Ability to stay operation during ab-normal conditions, these incl: Nat Disasters, Sys Maintenance, Spikes in traffic, Threats (DDoS attacks etc)
A Load balancer distributes traffic amongst systems in a pool helping to achieve….
Helping to achieve High Availability and Resiliency
Start with additional identical VMs so having additional system ready should one go down or get too many users.
A load balancer becomes the entry point allowing these VMs to have there own…
IP Addresses
Does the user know which VM they are using
No
At a high level how does the load balancer work
- The load balancer recieves the request from the user and directs them to a VM, if a VM is unavailable or not responsive the load balancer directs traffic elsewhere.
How does a load balancer allow for maintenance without service disruption
- This allows for maintenance without service disruption if you stagger maintenance for each VM.
Azure Load balancer supports inbound and Outbound scenerios, low latency, high throughput.
It can scale to _____ of flows for all ___/___ applications
- Scales to millions of flows for all TCP/UDP applications
- Use with incoming internet traffic, inbound azure services traffic, port forwarding for specific traffic, outbound connectivity for VMs in vNet
What advantages does Azure Load Balancer have over a traditional on prem one
Traditional Load balancers require extra H/W and Maintenance, and failure can take you back to the original issue
What situations is better to use Azure Application Gateway?
- For traffic exclusively HTTP this is potentially a better option.
It is a load balancer designed for Web Apps
Azure Application gateway uses Azure Load Balancer at transport level (TCP) but applies URL based routing to support advanced scenerios.
This means it runs at which OSI Layer and understands what?
OSI Layer 7 - The application layer and understands the structure of the HTTP messge
What Benefits does Azure Application Gateway have over Azure Load balancer
- Cookie affinity - user session on same backend server
- SSL Termination - Manage SSL Certs + Pass unecrypted traffic to backend servers. Supports full end to end encryption.
- Web App Firewall - Supprots sophisticated firewall (WAF) incl detailed monitoring/logging to detect malicious activity.
- URL Based Routes - Route based on, URL patterns, source IP/Port, Destination IP/Port, helpful with content delivery network (CDN).
- Rewrite HTTP headers - add or remove info from inbound and outbound HTTP headers, security scenerio or secret server names
What is, and what is the Purpose of Content Delivery Network (CDN)
- Distributed network of servers to efficiently deliver web content.
- Get content to users in local region to minimize latency
Where is CDN hosted
Can be hosted in Azure or elsewhere
CDN allows you to cache content strategically around the globe, what would be an example usage of this
- Usage: Web Apps with multi media content with high bandwidth requirements.
What does DNS do
Maps user friendly names to IPs
What options do you have for DNS in Azure
Bring your own DNS Server or use Azure DNS
What is Azure DNS
Hosting service for DNS domains in Azure
True or False - Azure DNS can route traffic to load balancer
True
Load balancer can distribute traffic to an alternate system when performing maintenance or if you see a spike in traffic this increases what to a solution
High Availability and Resiliency
What is latency?
Time for data to travel on the network
What is Bandwidth?
Amount of data that can fit on connection
The type of connection and app design can effect latency but what is typically the biggest factor?
Distance
How can you reduce latency when delivering content to different regions
Scale out to different regions
What is the negative around replicating your data center to different locations around the globe and how does Azure mitigate this
- Prohibitively expensive to replicate your entire DC, but in Azure doing so can cost much less as Azure already has the equipment and personnel in place.
One way to reduce latency is to provide exact copies of your service in more than one region, This causes seperate DNS names so to connect users to closest geographic service using one domain name we use:
Azure Traffic Manager
Azure Traffic manager can route traffic in different ways (i.e. least latency).
How does Azure Traffic Manager direct traffic to globally distributed end point
Uses DNS server closest to user to direct traffic to globally distributed endpoint
What does Traffic manager see and do
Traffic manager does not see traffic, it just directs clients web browser to preferred end point.
How can Azure Traffic manager work with both Azure and On Prem Data centers
- Can connect traffic manager to on prem DCs to maintain existing investments or shift entirely to cloud
What are the standout differences between Load balancer and Traffic Manager
- Load balancer - Distributes traffic within a region
- Traffic Manager - Works at DNS level directing to preferred end point
- Load Balancer - will direct traffic to different VM if one is unresponsive
- Traffic Manager - directs to closest endpoint that is responsive
- Both help to make servers more resilient
