Understand Core Azure Services Flashcards
_____: geographical area on the planet containing at least one, but potentially multiple datacenters that are nearby and networked together with a low-latency network. Every Azure resource is assigned a _____. Used to identify the location of your resources.
Note: Some services or VM features are only available in certain _____, such as specific VM sizes or storage types. There are also some global Azure services that do not require you to select a particular _____, such as Microsoft Azure Active Directory, Microsoft Azure Traffic Manager, and Azure DNS
Regions
Special Azure Regions: _____, ______, _____, and _____: these are physical and logical network-isolated instances of Azure for US government agencies and partners. These datacenters are operated by screened US persons and include additional compliance certifications
US DoD Central, US Gov Virginia, US Gov Iowa, and More
Special Azure Regions: ______, _____, and _____: these regions are available through a unique partnership between Microsoft and 12Vianet, whereby Microsoft does not directly maintain the datacenters
China East, China North, and More
Special Azure Regions: _____ and _____: these regions are available through a data trustee model whereby customer data remains in Germany under control of T-Systems, a Deutsche Telekom company, acting as the German data trustee. Any user or enterprise who needs their data to reside in Germany can use this service
Germany Central and Germany Northeast
_____: Azure divides the world into _____ that are defined by geopolitical boundaries or country borders. Also a discrete market typically containing two or more regions that preserve data residency and compliance boundaries.
This division has several benefits:
- Allow customers with specific data residency and compliance needs to keep their data and applications close
- Ensure that data residency, sovereignty, compliance, and resiliency requirements are honored within geographical boundaries
- _____ are fault-tolerant to withstand complete region failure through their connection to dedicated high-capacity networking infrastructure.
_____ are broken up into the following areas:
- Americas
- Europe
- Asia Pacific
- Middle East and Africa
Geographies
_____: refers to the physical or geographic location of an organization’s data or information. It defines the legal or regulatory requirements imposed on data based on the country or region in which it resides
Data Residency
_____: physically separate datacenters within an Azure region connected through high-speed, private fiber-optic networks. This ensures Azure services and data are redundant so you can protect your information in case of failure. Each _____ is made up of one or more datacenters equipped with independent power, cooling, and networking. It is set up to be an isolation boundary. If one zone goes down, the other continues working.
Using _____ to run mission-critical applications and build high-availability into your application architecture by co-locating your compute, storage, networking, and data resources within a zone and replicating in other zones. Keep in mind that there could be a cost to duplicating your services and transferring data between zones.
Primarily for VMs, managed disks, load balancers, and SQL databases
Availability Zones
Azure services that support Availability Zones fill into two categories:
_____: you pin the resource to a specific zone (Ex. VMs, managed disks, IP addresses)
Zonal Services
Azure services that support Availability Zones fill into two categories:
_____: platform replicates automatically across zones (Ex. Zone-redundant storage, SQL database)
Zone Redundant Services
_____: logical containers for Azure resources. Typically used to organize sets of resources that are deployed together as a part of an application or service. All Azure resources must reside in a _____ and a resource can only be a member of a single _____ at any time. _____ cannot be nested. Before any resource can be provisioned, you need a _____ for it to be placed in
Resource Groups
Resource Group Concepts/Benefits: _____: Resource Groups exist to help manage and organize your Azure resources. By placing resources of similar usage, type, or location, you can provide some order and organization to resources you create in Azure
Logical Grouping
Resource Group Concepts/Benefits: _____: if you delete a resource group, all resources contained within are also deleted. Organizing resources by life cycle can be useful in non-production environments, where you might try an experiment, but then dispose of it when done. Resource groups make it easy to remove a set of resources at once
Life-Cycle
Resource Group Concepts/Benefits: _____: Resource Groups are also a scope for applying role-based access control (RBAC) permissions. By applying RBAC permissions to a resource group, you can ease administration and limit access to allow only what is needed
Authorization
Resource Groups can be created via: _____, _____, _____, _____, and _____
Azure Portal, Azure PowerShell, Azure CLI, Templates, Azure SDKs (.NET, Java, etc.)
_____: are name/value pairs of text data that you can apply to resources and resource groups. _____ allow you to associate custom details about your resource in addition to the standard Azure properties a resource has.
A resource can have up to 15 _____. The name is limited to 512 characters for all types of resources except storage accounts, which have a limit of 128 characters. The _____ value is limited to 256 characters for all types of resources.
_____ are not inherited from parent resources.
Not all resource types support _____, and _____ cannot be applied to classic resources.
Can be added and manipulated through the Azure Portal, Azure CLI, Azure PowerShell, Resource Manager Templates, and through the REST API.
You can use Azure Policy to automatically add or enforce _____ for resources your organization creates based on policy conditions that you define
Tags
_____: the deployment and management service for Azure. It provides a consistent management layer that enables you to create, update, and delete resources in your Azure subscription. You can use its access control, auditing, and tagging features to secure and organize your resources after deployment
Azure Resource Manager
_____: primarily used for performing calculations, executing logic, and running applications
Compute Services
_____: hosted in Azure (IaaS). An emulation of a Windows or Linux physical computer. They include a virtual processor, memory, storage, and networking resource. They host an operating system and you are able to install and run software just like a physical computer. A snapshot of a running _____ is called an image. An image is also a template used to create a _____, these templates already include an OS and often other software such as development tools or web hosting environments
Virtual Machine (VM)
_____: a logical grouping of two or more VMs that ensure your application remains available during planned or unplanned outage.
There is no cost for an _____; you only pay for the VMs within the set. It is highly recommended to place each workload in an _____ to ensure you don’t have a single point of failure in your VM architecture.
Azure creates two fault domains (two racks each having dedicated power and network resources), and five logical update domains. Your VMs are then sequentially placed across the created domains
Availability Sets
Availability Set Concepts: _____: is when the underlying Azure fabric that hosts VMs is updated by Microsoft. This is done to patch security vulnerabilities, improve performance, and add or update features. Most of the time these updates can be performed without any impact to the guest VMs. However, sometimes it requires a reboot to complete an update. When the VM is part of an Available Set, the Azure fabric will ensure updates are sequenced so not all of the associated VMs are rebooted at the same time. This grouping is referred to as an Update Domain, a logical part of each datacenter and are implemented with software and logic
Planned Maintenance Event
Availability Set Concepts: _____: involve a hardware failure in a datacenter such as a power outage or disk failure. VMs that are part of an availability set will automatically switch to a working physical server so the VM continues to run. This group is referred to as a fault domain. A Fault Domain is essentially a rack of servers. It provides the physical separation of your workload across different hardware in the datacenter. This includes power, cooling, and network hardware that supports the physical servers loaded in server racks. In the even the hardware that supports a server rack becomes unavailable, only that rack of servers would be affected by the outage
Unplanned Maintenance Event
_____: scaling for Windows or Linux VMs hosted in Azure. _____ let you create and manage a group of identical, load balanced VMs. _____ allow you to centrally manage, configure, and update a large number of VMs in minutes to provide highly available applications. The number of VM instances can automatically increase or decrease in response to demand or a defined schedule
Virtual Machine Scale Sets
_____: enables management of a cluster of VMs that run containerized services. _____ is a complete orchestration services for containers with distributed architectures with multiple containers
Azure Kubernetes Service (AKS)
_____: combines container management automation with an extensible API to create a cloud-native application management powerhouse. At its core, _____ manages the placement of pods, which can consist of one or more containers, on a _____ cluster node. If one of these pods crashes, _____ can create a new instance of it. If a cluster node is removed, it can move any affected workload to a different node in the cluster, etc.
Kubernetes
_____: distributed systems platform. Runs in Azure or on-premises
Azure Service Fabric
_____: managed service for parallel and high-performance computing applications. _____ enables large-scale job scheduling and compute management with the ability to scales to tens, hundreds, or thousands of VMs. When you’re ready to run a job, _____ starts a pool of compute VMs for you, installing applications and staging data, running jobs with as many tasks as you have, identifying failures and re-queuing work, and scaling down the pool as work completes
Azure Batch
_____: provides containers without requiring VM provision or higher services. Offers the fastest and simplest way to run a container in Azure. You don’t have to manage any VMs or configure any additional services. It is a PaaS offering that allows you to upload your containers and execute them directly
Azure Container Instances (ACI)
_____: virtualization environment for running applications. Unlike VMs, they do not include an operating system. Instead, they include the libraries and components needed to run the application and reference the operating system of the host environment that runs the container. When using _____, applications and all dependencies are packaged into what is know as a container image. Ultra portable. Almost instantaneous creation. _____ are good for:
- If you wish to run multiple instances of an application on a single VM
- Webservers (workload)
- Burstable processing
- Modern distributed architecture
- On demand scaling
A _____ bundles a single app and its dependencies and deploys it to a _____ host. The _____ host provides a standardized runtime environment which abstracts away the operating system and infrastructure requirements allowing the _____ized application to run side-by-side with other _____ized apps.
VMs virtualize hardware, _____ virtualize the OS.
Azure supports several _____ variations, the most popular being Docker
Containers
_____ is the task of automating and managing and interacting with a large number of containers.
Another advantage of containers is that they can be orchestrated with container cluster _____
Orchestration
_____: this is where you break solutions into smaller, independent pieces. Example: you may split a website into a container hosting your front end, another hosting your backed, and a third for storage. This allows you to separate portions of you app into logical sections that can be maintained, scaled, or updated independently.
Containers are often used to create solutions using a _____
Microservice Architecture
_____: a web service that is a small, well-defined scope and is loosely coupled from any other web service. Intended to be completely autonomous with no cross-service dependency. Good for:
- When you have an app that requires High Release Velocity
- You have complex applications that need to be highly scalable
- You have applications with rich domains and many sub-domains
- You have an organization that consists of small development teams
Microservice
_____: an event-driven, serverless compute service
Azure Functions
_____: a platform-as-a-service (PaaS) offering in Azure that is designed to host enterprise-grade web-oriented applications. You can meet rigorous performance, scalability, security, and compliance requirements while using a fully managed platform to perform infrastructure maintenance. _____ enables you to build and host web apps, background jobs, mobile backends, and RESTful APIS in the programming language of your choice without managing infrastructure. It offers auto-scaling and high availability, supports both Windows and Linux, and enables automated deployments from GitHub, Azure DevOps, or any Git repo to support a continuous deployment model. You pay for the Azure compute resources you app uses while it processes requests based on the App Service Plan you choose. The App Service Plan determines how much hardware is devoted to your host
Azure App Service
_____: App Service includes full support for hosting web apps using ASP.NET, ASP.NET Core, Java, Ruby, Node.js, PHP, or Python. You can choose either Windows or Linux as the host OS
Web Apps
_____: much like hosting a website, you can build REST-based _____ using your choice of language and framework. You get full Swagger support, and the ability to package and publish your API in the Azure Marketplace. The produced apps can be consumed from any HTTP(S) based client
API Apps
_____: allows you to run a program (.exe, Java, PHP, Python, of Node.js) or script (.cmd, .bat,. PowerShell, or Bash) in the same context as a web app, API app, or mobile app. They can be scheduled, or run by a trigger. This is often used to run background tasks as part of your application logic
Web Jobs
_____: quickly build a back-end for iOS and Android apps. There is SDK support for native iOS & Android, Xamarin, and React native apps. With you a few clicks in the Azure Portal you can:
- Store mobile app data in a cloud-based SQL database
- Authenticate customers against common social providers such as MSA, Google, Twitter, and Facebook
- Send push notifications
- Execute custom back-end logic in C# or Node.js
Mobile Apps
_____: send push notifications to any platform from any back end
Azure Notification Hub
_____: publish APIs to developers, partners, and employees securely and at scale
Azure API Management
_____: fully managed search as a service
Azure Search
_____: create and deploy mission-critical web apps at scale
Web Apps feature of Azure App Service
_____: add real-time web functionalities easily
Azure SignalR Service
_____: each of the individual components in your solution has little to no knowledge of the definitions of the other components. These components simply need to send and receive data, they don’t need to know about how that data is created or processed by the rest of the system. However, these components do need to agree on a standard for communication, so they need to be _____. Why is _____ your Azure services so important:
- They can be updated independently
- Allows services to be replaced without significant impact to the rest of the system
- Allows you to add to your solution with ease
- Can be scaled proportionally to the amount of data traffic, you can scale up/out only the services that need it
Loosely Coupled Architectures
_____: an architectural pattern that divides an application into two or more logical tiers. Architecturally, a higher tier can access services from a lower tier but lower tier should never access a higher tier. Tiers help separate concerns and are ideally designed to be reusable. Using a tiered architecture also simplifies maintenance. Tiers can be updated or replaced independently, and new tiers can be inserted if needed
N-Tier Architecture