Module 2 - Core Azure Services

Core Azure Architectural Components

Regions

  • A region is a geographical area containing at least one, but potentially multiple, data centers that are in close proximity and connected through low latency network.
  • Azure has more global regions than any other cloud providers, 58 region in 140 countries.
  • Some services or features are only available in certain regions such as some VM sizes or storage types
  • Some services do not require to select a region such as AzureAD, Traffic Manager, DNS

Region Pairs

  • Region pair - Each region is paired with another region within the same geography (except Brazil South).
  • Physical isolation - Azure prefers at least 300 miles of separation between region pairs.
  • Platform-provided replication - Geo-redundant storage provide automatic replication to the paired region
  • Region recovery order - Recovery of one region is prioritized out of every pairs. Application should be deployed in both paired regions.
  • Sequential updates - rolled out to paired regions sequentially
  • Data residency - Region pairs reside in the same geography to both meet data residency requirements

Geographies

  • A geography is discrete market typically containing two or more regions that preserves data residency and compliance boundaries.
  • Americas, Europe, Asia Pacific, Middle East, and Africa

Availability Options

  • A single VM with premium storage has an SLA of 99.9%
  • Placing VM in an Availability Set protects against data center failure and increases SLA to 99.95%
  • Adding VM to Availability Zone protects from entire datacenter failures and increase SLA to 99.99% which is the highest protection

Availability Set

  • Ensure application remains online if a high-impact maintenance event is required, or a hardware failure occurs.
  • Update domains - Logical section of data center.
    • update is sequenced through update domains ensure entire data center isn't unavailable.
  • Fault domains - Physical separation across different h/w in the data center including power, cooling, and network h/w.
    • In case a hardware failure, only the rack that supported by that hardware would be affected by the outage.

Availability Zones

  • Availability Zones are Physically separate locations within an Azure region that use Availability Set
  • Each Availability Zone is an isolation boundary containing one or more datacenter with independent equipments
  • If one zone goes down, the other continues working
  • Availability Zones connect each other with very fast, private fiber-optic network
  • Allow customer to run highly-critical applications with high availability and low latency
  • To ensure resiliency, there are minimum 3 separated zones in all enabled regions e.g. Central US, North Europe, and Southeast Asia

Resource Group

  • A container that is a unit of management for Azure resources
    • Metering and billing
    • Policies
    • Monitoring and alerts
    • Quotas
    • Access control
  • Deleting a resource group will delete all resources contained
  • Each resource must exist in one and only one resource group
  • A resource group can contain resources that reside in different regions
  • Resources for the same application do not need to be in the same resource group but recommended to do so

Azure Resource Manager

  • Azure Resource Manager (ARM) is a management layer to create, configure, manage, delete resources and resource groups.
  • ARM provides consistent management layer for automation and scripting via PowerShell, CLI, Portal, REST API, or SDKs.

Core Azure Services and Products

Azure Compute

  • Azure Compute is an on-demand computing service for cloud-based applications.
  • It provides computing resources such as disks, processors, memory, networking, and OS.

Compute Services

  • or VMs are software emulations of physical computers.
  • Azure Virtual Machines provides IaaS when you want control over OS and environment
  • Virtual Machine Scale Sets is a set of identical VMs that configured the same.
    • Support auto-scale
    • Good for large-scale services for big compute, big data, and containerized workloads
  • App Services is a fully-managed platform (PaaS) that let you quickly build, deploy, and scale web, mobile, API apps.
  • Azure Functions let you run your codes without worrying about the underlying platform or infrastructure.
    • Suitable for works performed in response to events, timer, or messages and can be completed within seconds or less. 

Container Services

  • Containers are virtualization environment
    • reference the OS of the host so no need to manage OS
    • Containers are lightweight and designed to be easily created, scaled and stopped dynamically
  • Azure Container Instances
    • PaaS that is fastest and simplest to run containers without managing VMs
  • Azure Kubernetes Service
    • Complete orchestration service for containers
    • For distributed architecture and large volumes of container
    • Orchestration is the task of automating and managing a large number of containers and how that interact

Azure Network Services

  • Azure Networking allows you to connect infrastructure either on-cloud and on-premise
    • Components on cloud requires the same networking functionality as an on-premise deployment
    • Different networking components allows organization to design and build infrastructure services that meet requirements
  • Azure Virtual Network (VNet) enables Azure resources to securely communicate with each others, internet, and on-premise networks.
    • Scoped to a single region
    • VNets in different regions can inter-connected using virtual network peering.
    • VNet provides network isolation, segmentation, communication with other resources, routing and filtering of network traffic.
  • Azure Load Balancer can provide scalability and high availability
    • Supports both inbound and outbound scenarios
    • Low latency, high throughput, scales up to millions of TCP/UDP packets
    • Common use cases: incoming internet traffic, port forwarding, outbound connectivity for VMs
  • VPN Gateway is used to send encrypted traffic between Azure VNet and on-premise locations
  • Azure Application Gateway is a web traffic load balancer for your web applications
    • Route traffic based on source IP and port to destination IP and port
    • Can protect web application with firewall, redirection, session affinity (keep user routed to the same server)
  • Content Delivery Network is a distributed network of servers that can efficiently deliver web content to users.
    • Local to user to minimize latency
    • Cache content at strategically places across the world to provide better performance
    • Common user cases:
      • Multimedia content
      • Product launch event in a region
      • Event that you expect a high bandwidth in a region

Data Categories

Structured Data Semi-structured Data Unstructured Data
  • data that has fixed schema, all data have the same fields or properties
  • stored in DB table rows and columns
  • Rely on keys for relationship between tables
  • a.k.a. Relational Data
  • Easy to enter, query, and analyze
  • Examples:
    • Sensor data
    • Financial data
  • less organized vs. structured data
  • not stored in relational format - fields not quite fit into tables, rows, and columns
  • contains tags to organize the hierarchy of data
  • a.k.a. Non-relational or NoSQL
  • Examples:
    • Books
    • Blogs
    • HTML documents
  • no designated structure
  • can hold any kind of data (free form)
  • More prominent these days
  • Examples:
    • PDF document
    • JPG image
    • JSON file
    • Video content

Azure Storage Services

  • Azure Storage is used to store files, messages, tables, and other information.
  • Disk Storage provides disks for VMs, applications, and other services
    • Accessible via virtual hard disk
    • Can be managed or unmanaged by Azure
    • Typical scenario: storing data that is not required to be accessed from outside the VMs where it is attached
    • Different sizes and performance levels such as spinning H/D, SSD
  • Containers (BLOB Storage) is Microsoft's objectivity  storage solution for the cloud
    • optimized for storing massive amounts of unstructured data e.g. image, documents
    • Distributed access
    • Typical scenarios: Streaming video and audio, Backup and restore, DR, archiving 
  • Azure Files is high availability network file shares that can be accessed via standard Server Message Block (SMB) protocol.
    • Multiple VMs can share the same files with both R/W access
    • Can read using REST API or client libraries
    • Can be accessed from anywhere in the world using URL endpoint with Shared Access Signature (SAS) token.
    • Common scenarios:
      • Migrate on-premise application that using file shares with minimum effort
      • Multiple developer in a group with multiple VMs sharing the same files
      • Diagnostic logs, metrics, crash dumps to be processed or analyzed later
  • Azure Queues is used to store and retrieve messages
    • Message is up to 64 KB in size
    • Queue can contain millions of messages to be processed asynchronously
    • Sample use cases: Create thumbnails for uploaded pictures without making user waiting
  • Azure Tables stores large amount of structured data
    • NoSQL data store behind the scene
    • Common uses:
      • Storing tables for web scale application
      • Storing datasets that don't require complex joins, foreign keys or stored procedures, can be denormalized for faster access
      • Quickly query using clustered index
      • Scale as demand increases

Azure Database Services

  • Fully managed PaaS database services.
  • Enterprise-grade performance with built-in high availability 
  • Azure Cosmos DB is a globally distributed database service that can elastically and independently scale across regions.
    • Support schema-less data that constantly changing by users around the world
  • Azure SQL Database is a relational DBaaS based on Microsoft SQL Server DB engine for data-driven applications
  • Azure Database Migration Service is a fully-managed service to enable seamless migrations from multiple DB sources to Azure
    • Microsoft Data Migration Assistant is used to generate assessment reports that provide recommendations on remediation prior migration
  • Other DB services can be further explored here

Azure Marketplace

  • Service on Azure that connect end users with Microsoft partners, independent software vendors (ISVs), and start-up that are offering their solution and services which are optimized to run on Azure.
  • Allow customers to find, try, and purchase applications and services that certified to run on Azure
  • Including open-source container platforms, VM images, databases, application build and deployment software, developer tools, threat detection, and blockchain.
  • Microsoft partners also use as a launch point for all joint Go-To-Market activities

Azure Solutions

Internet of Things

  • Internet of Things (IoT) is the ability for devices to garner and then relay information for data analysis
  • IoT Central is a fully managed global IoT SaaS to connect, monitor, and manage IoT assets at scale
  • Azure IoT Hub is a managed service acts as a central message hub for bi-directional communication between IoT application and the devices it manages.

Big Data and Analytics

  • Open source cluster technologies have been developed over time to deal with large data sets
  • Azure SQL Data Warehouse (now called Azure Synapse Analytics) is a cloud-based Enterprise Data Warehouse (EDW) that can run complex queries quickly across petabytes of data
    • Can import big data into the warehouse using PolyBase Transact-SQL (T-SQL)
    • Use MPP to run high-performance analytics
  • Azure HDInsight is a fully-managed, open-source analytics service for enterprises
  • Azure Data Lake Analytics is an on-demand analytics job service that simplifies big data.
    • Can handle jobs of any scale and you pay only when it is running
  • Visit Analytics page for full list of available services

Artificial Intelligence

  • Core is Machine Learning = a data science technique that allows computers to use existing data to forecast future behaviors, out comes, and trends.
  • Azure Machine Learning Service provides cloud-based environment  that can develop, train, test, deploy, manage, and track ML models.
    • Supports open-source technologies with thousands of Python packages including TensorFlow, scikit-learn
    • Jupytor notebooks and Visual Studio Code Tools for AI can be used to interact with
    • The service can auto-generate a model and auto-tune it.
  • Azure Machine Learning Studio is a collaborative , drag-and-drop visual workspace without needing to write code.
    • Pre-built and pre-configured ML algorithms and modules
    • However, it does not provide as much control as ML Service
  • See this page for full list of available AI and ML services

Serverless Computing

  • Serverless Computing is an execution environment on the cloud that runs your code without infrastructure configuration and maintenance
  • Serverless applications usually response to events e.g. REST endpoint, periodic timer, or message received
  • Runs only when it's triggered by an event
  • Billed only for the exact resources you use
  • Azure Functions runs your code in response to events
    • Can be completed quickly, within seconds or less
    • Scale automatically and charged only when the function is triggered
    • Stateless. They behave as if they're restarted every time they response to an event. Use Storage to persist states.
  • Azure Logic Apps helps to automate and orchestrate tasks, business processes, and work flows to integrate systems
    • Supports both enterprise application integration (EAI) and business-to-business (B2B)
    • Designed in web-based designer without writing any code
    • over 200 connectors including SAP, Salesforce, Oracle DB, and file shares
  • Azure Event Grid allows you to build applications with event-based architectures
    • intelligent event routing service using pub/sub model
    • Built-in support for events coming from Azure services such as BLOB storage
    • Also support non-Azure-based events in near-real time using custom topics

DevOps

  • DevOps (Development and Operations) brings together people, processes, and technology automating software delivery to provide continuous value to users
  • Azure DevOps Services provides development collaboration tools such as Git repositories, Kanban boards
    • Formerly known as Visual Studio Team Services (VSTS)
  • Azure Lab Services quickly create environments in Azure for developers and testers
    • Support both Windows and Linux with reusable templates and artifacts
    • Easily integrate with deployment pipeline to provision on-demand environment
    • Scale up your load testing
    • Pre-provisioned environments for training and demos
    • Formerly known as DevOps Test

Azure App Service

  • Azure App Service can quickly and easily build web or mobile app with programming language of your choice without managing infrastructure.
  • Multiple languages and frameworks - i.e. ASP.NET, AST.NET Core, Java, Ruby, Node.js, PHP, Python.
    • You can even run PowerShell or other scripts or executables as background services
  • DevOps optimization - CI/CD pipeline with PowerShell or CLI
  • Global scale with high availability
  • 50 connectors to enterprise systems e.g. SAP, Salesforce, Internet service (e.g. Facebook).
  • Security and compliance - ISO, SOC, and PCI compliant
  • Application template e.g. WordPress, Joomla. Drupal
  • Visual Studio integration - for creating, deploying, and debugging
  • APIs and mobile features - turn-key CORS support, authentication, offline data sync, push notifications
  • Serverless code - run code snippet or script on-demand

Azure Management Tools

Azure Management Tools

  • Azure Portal
    • Wizards and tooltips available
    • Dashboard visualizes high-level details
    • Does not provide ways to automate repetitive tasks
  • Azure PowerShell
    • A module runs within Windows PowerShell or PowerShell Core (that can run on Linux or Mac)
    • Use command Connect-AzureRMAccount to sign in your Azure account
  • Azure CLI
      • Cross-platform command line interface
      • Sign in Azure account using command az login
  • Azure Cloud Shell
    • Browser-based scripting environment 
    • Two options available: Bash or PowerShell
    • A storage account is required to use Cloud Shell
  • Azure Mobile App
    • Check status and important metrics 
    • Notifications and alerts
    • Start, stop, restart VMs or web app
    • Manage permissions using RBAC
    • Azure Cloud Shell is used ti run saved script or perform ad doc admin tasks
  • Azure REST API
    • Sets of HTTP operations on Azure resources

Azure Advisor

  • Azure Advisor is a free service that provide recommendations (with proposed actions) on:
    • high availability
    • security
    • perfromance
    • cost
  • It analyzes your deployed services and looks for ways to improve

Revision #5
Created Sat, May 16, 2020 12:41 PM by Chairat (Par)
Updated Thu, May 21, 2020 4:36 AM by Chairat (Par)