Understand Core Azure Services Flashcards
_____: geographical area on the planet containing at least one, but potentially multiple datacenters that are nearby and networked together with a low-latency network. Every Azure resource is assigned a _____. Used to identify the location of your resources.
Note: Some services or VM features are only available in certain _____, such as specific VM sizes or storage types. There are also some global Azure services that do not require you to select a particular _____, such as Microsoft Azure Active Directory, Microsoft Azure Traffic Manager, and Azure DNS
Regions
Special Azure Regions: _____, ______, _____, and _____: these are physical and logical network-isolated instances of Azure for US government agencies and partners. These datacenters are operated by screened US persons and include additional compliance certifications
US DoD Central, US Gov Virginia, US Gov Iowa, and More
Special Azure Regions: ______, _____, and _____: these regions are available through a unique partnership between Microsoft and 12Vianet, whereby Microsoft does not directly maintain the datacenters
China East, China North, and More
Special Azure Regions: _____ and _____: these regions are available through a data trustee model whereby customer data remains in Germany under control of T-Systems, a Deutsche Telekom company, acting as the German data trustee. Any user or enterprise who needs their data to reside in Germany can use this service
Germany Central and Germany Northeast
_____: Azure divides the world into _____ that are defined by geopolitical boundaries or country borders. Also a discrete market typically containing two or more regions that preserve data residency and compliance boundaries.
This division has several benefits:
- Allow customers with specific data residency and compliance needs to keep their data and applications close
- Ensure that data residency, sovereignty, compliance, and resiliency requirements are honored within geographical boundaries
- _____ are fault-tolerant to withstand complete region failure through their connection to dedicated high-capacity networking infrastructure.
_____ are broken up into the following areas:
- Americas
- Europe
- Asia Pacific
- Middle East and Africa
Geographies
_____: refers to the physical or geographic location of an organization’s data or information. It defines the legal or regulatory requirements imposed on data based on the country or region in which it resides
Data Residency
_____: physically separate datacenters within an Azure region connected through high-speed, private fiber-optic networks. This ensures Azure services and data are redundant so you can protect your information in case of failure. Each _____ is made up of one or more datacenters equipped with independent power, cooling, and networking. It is set up to be an isolation boundary. If one zone goes down, the other continues working.
Using _____ to run mission-critical applications and build high-availability into your application architecture by co-locating your compute, storage, networking, and data resources within a zone and replicating in other zones. Keep in mind that there could be a cost to duplicating your services and transferring data between zones.
Primarily for VMs, managed disks, load balancers, and SQL databases
Availability Zones
Azure services that support Availability Zones fill into two categories:
_____: you pin the resource to a specific zone (Ex. VMs, managed disks, IP addresses)
Zonal Services
Azure services that support Availability Zones fill into two categories:
_____: platform replicates automatically across zones (Ex. Zone-redundant storage, SQL database)
Zone Redundant Services
_____: logical containers for Azure resources. Typically used to organize sets of resources that are deployed together as a part of an application or service. All Azure resources must reside in a _____ and a resource can only be a member of a single _____ at any time. _____ cannot be nested. Before any resource can be provisioned, you need a _____ for it to be placed in
Resource Groups
Resource Group Concepts/Benefits: _____: Resource Groups exist to help manage and organize your Azure resources. By placing resources of similar usage, type, or location, you can provide some order and organization to resources you create in Azure
Logical Grouping
Resource Group Concepts/Benefits: _____: if you delete a resource group, all resources contained within are also deleted. Organizing resources by life cycle can be useful in non-production environments, where you might try an experiment, but then dispose of it when done. Resource groups make it easy to remove a set of resources at once
Life-Cycle
Resource Group Concepts/Benefits: _____: Resource Groups are also a scope for applying role-based access control (RBAC) permissions. By applying RBAC permissions to a resource group, you can ease administration and limit access to allow only what is needed
Authorization
Resource Groups can be created via: _____, _____, _____, _____, and _____
Azure Portal, Azure PowerShell, Azure CLI, Templates, Azure SDKs (.NET, Java, etc.)
_____: are name/value pairs of text data that you can apply to resources and resource groups. _____ allow you to associate custom details about your resource in addition to the standard Azure properties a resource has.
A resource can have up to 15 _____. The name is limited to 512 characters for all types of resources except storage accounts, which have a limit of 128 characters. The _____ value is limited to 256 characters for all types of resources.
_____ are not inherited from parent resources.
Not all resource types support _____, and _____ cannot be applied to classic resources.
Can be added and manipulated through the Azure Portal, Azure CLI, Azure PowerShell, Resource Manager Templates, and through the REST API.
You can use Azure Policy to automatically add or enforce _____ for resources your organization creates based on policy conditions that you define
Tags
_____: the deployment and management service for Azure. It provides a consistent management layer that enables you to create, update, and delete resources in your Azure subscription. You can use its access control, auditing, and tagging features to secure and organize your resources after deployment
Azure Resource Manager
_____: primarily used for performing calculations, executing logic, and running applications
Compute Services
_____: hosted in Azure (IaaS). An emulation of a Windows or Linux physical computer. They include a virtual processor, memory, storage, and networking resource. They host an operating system and you are able to install and run software just like a physical computer. A snapshot of a running _____ is called an image. An image is also a template used to create a _____, these templates already include an OS and often other software such as development tools or web hosting environments
Virtual Machine (VM)
_____: a logical grouping of two or more VMs that ensure your application remains available during planned or unplanned outage.
There is no cost for an _____; you only pay for the VMs within the set. It is highly recommended to place each workload in an _____ to ensure you don’t have a single point of failure in your VM architecture.
Azure creates two fault domains (two racks each having dedicated power and network resources), and five logical update domains. Your VMs are then sequentially placed across the created domains
Availability Sets
Availability Set Concepts: _____: is when the underlying Azure fabric that hosts VMs is updated by Microsoft. This is done to patch security vulnerabilities, improve performance, and add or update features. Most of the time these updates can be performed without any impact to the guest VMs. However, sometimes it requires a reboot to complete an update. When the VM is part of an Available Set, the Azure fabric will ensure updates are sequenced so not all of the associated VMs are rebooted at the same time. This grouping is referred to as an Update Domain, a logical part of each datacenter and are implemented with software and logic
Planned Maintenance Event
Availability Set Concepts: _____: involve a hardware failure in a datacenter such as a power outage or disk failure. VMs that are part of an availability set will automatically switch to a working physical server so the VM continues to run. This group is referred to as a fault domain. A Fault Domain is essentially a rack of servers. It provides the physical separation of your workload across different hardware in the datacenter. This includes power, cooling, and network hardware that supports the physical servers loaded in server racks. In the even the hardware that supports a server rack becomes unavailable, only that rack of servers would be affected by the outage
Unplanned Maintenance Event
_____: scaling for Windows or Linux VMs hosted in Azure. _____ let you create and manage a group of identical, load balanced VMs. _____ allow you to centrally manage, configure, and update a large number of VMs in minutes to provide highly available applications. The number of VM instances can automatically increase or decrease in response to demand or a defined schedule
Virtual Machine Scale Sets
_____: enables management of a cluster of VMs that run containerized services. _____ is a complete orchestration services for containers with distributed architectures with multiple containers
Azure Kubernetes Service (AKS)
_____: combines container management automation with an extensible API to create a cloud-native application management powerhouse. At its core, _____ manages the placement of pods, which can consist of one or more containers, on a _____ cluster node. If one of these pods crashes, _____ can create a new instance of it. If a cluster node is removed, it can move any affected workload to a different node in the cluster, etc.
Kubernetes