READING TIME -1 HOUR
Module 2 – Core Azure Services
- Lesson 1 – Core Azure Architectural components
- Lesson 2 – Core Azure Services and Products
- Lesson 3 – Azure Solutions
- Lesson 4 – Azure management tools
Learning Objective :
- Understand and describe core Azure architectural components.
- Understand and describe core Azure services and products.
- Understand and describe Azure solutions.
- Understand and describe Azure management tools
Lesson 1 – Core Azure Architectural components
- Microsoft Azure is made up of datacenters located around the globe.
- These datacenters are organized and made available to end users by region.
- A region is a geographical area on the planet containing at least one, but potentially multiple datacenters that are in close proximity and networked together with a low-latency network.
- For most Azure services, when you deploy a resource in Azure, you choose the region where you want your resource to be deployed. A few examples of regions are West US, Canada Central, West Europe, Australia East, and Japan West.
This provides customers the flexibility and scale needed to bring applications closer to users around the world, preserving data residency and offering comprehensive compliance and resiliency options for customer.
Azure is generally available in 42 regions around the world, with plans announced for 12 additional regions.
Special Azure regions
Azure also has some special regions that you might want to use when building out your applications for compliance or legal purposes. These special regions include:
- US DoD Central, US Gov Virginia, US Gov Iowa and more:
- These are physical and logical network-isolated instances of Azure for US government agencies and partners.
- They are operated by screened US persons. Includes additional compliance certifications.
- China East, China North and more:
- These regions are available through a unique partnership between Microsoft and 21Vianet, whereby Microsoft does not directly maintain the datacenters.
- Germany Central and Germany Northeast:
- These regions are available through a data trustee model whereby customer data remains in Germany under control of T-Systems, a Deutsche Telekom company, acting as the German data trustee.
- Any user or enterprise who needs their data to reside in Germany can use this service.
at least 300 miles away.
- Each Azure region is paired with another region within the same geography (such as US, Europe, or Asia).
- This approach allows for the replication of resources (such as virtual machine storage) across a geography that helps reduce the likelihood of interruptions due to events such as natural disasters, civil unrest, power outages, or physical network outages affecting both regions at once.
Additional advantages of region pairs include:
- In the event of a wider Azure outage, one region out of every pair is prioritized to help reduce the time it takes to restore them for applications.
- Planned Azure updates are rolled out to paired regions one region at a time to minimize downtime and risk of application outage.
- Data continues to reside within the same geography as its pair (except for Brazil South) for tax and law enforcement jurisdiction purposes.
Examples of region pairs would be West US paired with East US, and SouthEast Asia paired with East Asia.
Note: A full list of region pairs is avalable here.
- Finally, some services or virtual machine features are only available in certain regions, such as specific virtual machine sizes or storage types.
- There are also some global Azure services that do not require you to select a particular region, such as Microsoft Azure Active Directory, Microsoft Azure Traffic Manager, or Azure DNS.
- A geography is a discrete market typically containing two or more regions that preserves data residency and compliance boundaries.
- Geographies allow customers with specific data-residency and compliance needs to keep their data and applications close.
- Geographies ensure that data residency, sovereignty, compliance, and resiliency requirements are honored within geographical boundaries.
- Geographies are fault-tolerant to withstand complete region failure through their connection to dedicated high-capacity networking infrastructure.
- Geographies are broken up into Americas, Europe, Asia Pacific, Middle East and Africa.
Availability zones are physically separate locations within an Azure region.
- Each availability zone is made up of one or more datacenters equipped with independent power, cooling, and networking.
- It is set up to be an isolation boundary.
- If one availability zone goes down, the other continues working.
- The availability zones are typically connected to each other through very fast, private fiber-optic networks.
- Availability zones allow customers to run mission-critical applications with high availability and low-latency replication.
- Availability zones are offered as a service within Azure, and to ensure resiliency, there’s a minimum of three separate zones in all enabled regions.
Regions that support Availability Zones include Central US, North Europe, SouthEast Asia, and more.
Using Availability Zones in your apps
You can use Availability Zones to run mission-critical applications and build high-availability into your application architecture by co-locating your compute, storage, networking, and data resources within a zone and replicating in other zones.
Keep in mind that there could be a cost to duplicating your services and transferring data between zones.
Availability Zones are primarily for VMs, managed disks, load balancers, and SQL databases. Azure services that support Availability Zones fall into two categories:
- Zonal services – you pin the resource to a specific zone (for example, virtual machines, managed disks, IP addresses)
- Zone-redundant services – platform replicates automatically across zones (for example, zone-redundant storage, SQL Database).
- Availability sets are a way for you to ensure your application remains online if a high-impact maintenance event is required, or a hardware a failure occurs.
- An availability set is a logical grouping of two or more VMs that help keep your application available during planned or unplanned maintenance.
- A planned maintenance event is when the underlying Azure fabric that hosts VMs is updated by Microsoft
- Unplanned maintenance events involve a hardware failure in the data center, such as a power outage or disk failure
- Availability sets are made up of update domains and fault domains.
- Update domains (UD).
- When a maintenance event occurs (such as a performance update or critical security patch applied to the host), the update is sequenced through update domains.
- Sequencing updates using update domains ensures that the entire datacenter isn’t unavailable during platform updates and patching.
- Update domains are a logical section of the datacenter, and they are implemented with software and logic.
- Update domains indicate groups of VMs and underlying physical hardware that can be rebooted at the same time
- Fault domains (FD).
- Fault domains provide for the physical separation of your workload across different hardware in the datacenter.
- This includes power, cooling, and network hardware that supports the physical servers located in server racks.
- In the event the hardware that supports a server rack becomes unavailable, only that rack of servers would be affected by the outage.
- With an availability set, you get:
- Up to three fault domains that each have a server rack with dedicated power and network resources
- Five logical update domains which then can be increased to a maximum of 20
- A resource group is a unit of management for your resources in Azure.
- You can think of your resource group as a container that allows you to aggregate and manage all the resources required for your application in a single manageable unit.
- This allows you to manage the application collectively over its life cycle, rather than manage components individually.
You can manage and apply the following resources at resource group level:
- Metering and billing
- Monitoring and alerts
- Access control
Remember that when you delete a resource group you delete all resources contained within it.
When creating and placing resources within resource groups there are a few considerations to take into account:
- Each resource must exist in one, and only one, resource group.
- A resource group can contain resources that reside in different regions.
- You decide how you want to allocate resources to resource groups based on what makes the most sense for your organization.
- You can add or remove a resource to a resource group at any time.
- You can move a resource from one resource group to another.
- Resources for an application do not need to exist in the same resource group. However, it is recommended that you keep them in the same resource group for ease of management.
Azure Resource Manager
- Azure Resource Manager is a management layer in which resource groups and all the resources within it are created, configured, managed, and deleted.
- It provides a consistent management layer which allows you automate the deployment and configuration of resources using different automation and scripting tools, such as Microsoft Azure PowerShell, Azure Command-Line Interface (Azure CLI), Azure portal, REST API, and client SDKs.
With Azure Resource Manager, you can:
- Deploy Application resources. Update, manage, and delete all the resources for your solution in a single, coordinated operation.
- Organize resources. Manage your infrastructure through declarative templates rather than scripts. You can see which resources are linked by a dependency, and you can apply tags to resources to categorize them for management tasks, such as billing.
- Control access and resources. You can control who in your organization can perform actions on the resources. You manage permissions by defining roles, adding users or groups to the roles, and applying policies at resource group level. Examples of elements you may wish to control are: enforcing naming convention on resources, limiting which types and instances of resources can be deployed, or limiting which regions can host a type of resource.
Lesson 2 – Core Azure Services and Products
Azure Compute Service
There are four common techniques for performing compute in Azure:
- Virtual machines
- Azure App Service
- Serverless computing
- Azure compute is an on-demand computing service for running cloud-based applications.
- It provides computing resources such as disks, processors, memory, networking and operating systems.
- The resources are available on-demand and can typically be made available in minutes or even seconds.
- You pay only for the resources you use and only for as long as you’re using them.
- There are two common service types for performing compute in
- Azure: virtual machines and
- Virtual machines, (VMs), are software emulations of physical computers.
- They include a virtual processor, memory, storage, and networking resources.
- They host an operating system, and you’re able to install and run software just like a physical computer.
- When using a remote desktop client, you can use and control the virtual machine as if you were sitting in front it.
- Azure supports a wide range of computing solutions for development and testing, running applications, and extending your datacenter, including Linux, Windows Server, Microsoft SQL Server, Oracle, IBM, and SAP.
- Azure also has many services that can run virtual machines, each providing different options depending on your requirements.
- Some of the most prominent services are VM Scale Sets, App Services, and Azure Functions
- Azure VMs lets you create and use virtual machines in the cloud.
- It provides infrastructure as a service (IaaS) and can be used in a variety of different ways.
- When you need total control over an operating system and environment, Azure VMs are an ideal choice.
- Just like a physical computer, you’re able to customize all of the software running on the VM.
- This is particularly helpful when you are running custom software or custom hosting configurations.
- See Virtual Machines for more details.
Examples of when to use virtual machines
- During testing and development.
- VMs provide a quick and easy way to create different OS and application configurations.
- Test and development personnel can then easily delete the VMs when they no longer need them.
- When running applications in the cloud.
- The ability to run certain applications in the public cloud as opposed to creating a traditional infrastructure to run them can provide substantial economic benefits.
- For example, if an application needs to handle fluctuations in demand, being able to shut down VMs when you don’t need them or quickly start them up to meet a suddenly increased demand means you pay only for the resources you use.
- When extending your datacenter to the cloud.
- An organization can extend the capabilities of its own on-premises network by creating a virtual network in Azure and adding VMs to that virtual network. Applications like SharePoint can then run on an Azure VM instead of running locally, making it easier or less expensive to deploy than in an on-premises environment.
- During disaster recovery.
- As with running certain types of applications in the cloud and extending an on-premises network to the cloud, you can get significant costs savings by using an IaaS-based approach to disaster recovery.
- If a primary datacenter fails, you can create VMs running on Azure to run your critical applications and then shut them down when the primary datacenter becomes operational again
Scaling VMs in Azure
- You can run single VMs for testing, development, or minor tasks; or you can group VMs together to provide high availability, scalability, and redundancy.
- Azure has several features such that, no matter what your uptime requirements are, Azure can meet them. These features include:
- Availability sets
- Virtual Machine Scale Sets
- Azure Batch
- Virtual machine scale sets are an Azure compute resource that you can use to deploy and manage a set of identical VMs.
- With all VMs configured the same, VM scale sets are designed to support true auto-scale—no pre-provisioning of VMs is required—and as such makes it easier to build large-scale services targeting big compute, big data, and containerized workloads.
- So, as demand goes up more virtual machine instances can be added, and as demand goes down virtual machines instances can be removed.
- The process can be manual, automated, or a combination of both. See Virtual Machine Scale Sets for more details.
Azure Batch enables large-scale job scheduling and compute management with the ability to scale to tens, hundreds, or thousands of VMs.
When you’re ready to run a job, Batch does the following:
- Starts a pool of compute VMs for you
- Installs applications and staging data
- Runs jobs with as many tasks as you have
- Identifies failures
- Requeues work
- Scales down the pool as work completes
There may be situations in which you need raw computing power or supercomputer level compute power. Azure provides these capabilities.
Azure App Service
- With App services, you can quickly build, deploy, and scale enterprise-grade web, mobile, and API apps running on any platform.
- You can meet rigorous performance, scalability, security and compliance requirements while using a fully managed platform to perform infrastructure maintenance.
- App Services is a platform as a service (PaaS) offering. See App Service for more details.
- Azure App Service enables you to build and host web apps, background jobs, mobile backends, and RESTful APIs in the programming language of your choice without managing infrastructure.
- It offers automatic scaling and high availability.
- App Service supports both Windows and Linux, and enables automated deployments from GitHub, Azure DevOps, or any Git repo to support a continuous deployment model.
Types of web apps
With Azure App Service, you can host most common web app styles including:
- Web Apps
- API Apps
- Mobile Apps
- Azure App Service handles most of the infrastructure decisions you deal with in hosting web apps:
- deployment and management are integrated into the platform,
- endpoints can be secured,
- sites can be scaled quickly to handle high traffic loads, and
- the built-in load balancing and traffic manager provide high availability.
- All of these app styles are hosted in the same infrastructure and share these benefits. This flexibility makes App Service the ideal choice to host web-oriented applications.
- App Service includes full support for hosting web apps using ASP.NET, ASP.NET Core, Java, Ruby, Node.js, PHP, or Python.
- You can choose either Windows or Linux as the host operating system.
- Much like hosting a website, you can build REST-based Web APIs using your choice of language and framework.
- You get full Swagger support, and the ability to package and publish your API in the Azure Marketplace.
- The produced apps can be consumed from any HTTP(S)-based client.
- WebJobs allows you to run a program (.exe, Java, PHP, Python, or Node.js) or script (.cmd, .bat, PowerShell, or Bash) in the same context as a web app, API app, or mobile app.
- They can be scheduled, or run by a trigger.
- WebJobs are often used to run background tasks as part of your application logic.
Mobile app back-ends
Use the Mobile Apps feature of Azure App Service to quickly build a back-end for iOS and Android apps. With just a few clicks in the Azure portal you can:
- Store mobile app data in a cloud-based SQL database
- Authenticate customers against common social providers such as MSA, Google, Twitter, and Facebook
- Send push notifications
- Execute custom back-end logic in C# or Node.js
On the mobile app side, there is SDK support for native iOS & Android, Xamarin, and React native apps.
- Serverless computing is a cloud-hosted execution environment that runs your code but completely abstracts the underlying hosting environment.
- You create an instance of the service, and you add your code;
- no infrastructure configuration or maintenance is required, or even allowed.
- Serverless computing encompasses three ideas: the abstraction of servers, an event-driven scale, and micro-billing:
Some of the most common serverless service types in Azure are Azure Functions, Azure Logic Apps, and Azure Event Grid.
Azure has two implementations of serverless compute:
- Azure Functions, which can execute code in almost any modern language.
- Azure Logic Apps, which are designed in a web-based designer and can execute logic triggered by Azure services without writing any code.
- When you’re concerned only about the code running your service and not the underlying platform or infrastructure, Azure Functions are ideal.
- They’re commonly used when you need to perform work in response to an event (often via a REST request), timer, or message from another Azure service, and when that work can be completed quickly, within seconds or less.
- See Functions for more details.
- Azure Functions scale automatically based on demand, so they’re a solid choice when demand is variable.
- For example, you may be receiving messages from an IoT solution used to monitor a fleet of delivery vehicles. You’ll likely have more data arriving during business hours.
- Using a VM-based approach, you’d incur costs even when the VM is idle.
- With functions, Azure runs your code when it’s triggered and automatically deallocates resources when the function is finished.
- In this model, you’re only charged for the CPU time used while your function runs.
- Furthermore, Azure Functions can be either stateless (the default) where they behave as if they’re restarted every time they respond to an event), or stateful (called “Durable Functions”) where a context is passed through the function to track prior activity.
- Functions are a key component of serverless computing, but they’re also a general compute platform for running any type of code.
- If the needs of the developer’s app change, you can deploy the project in an environment that isn’t serverless, which provides the flexibility to manage scaling, run on virtual networks, and even completely isolate the functions.
Azure Logic Apps
- Azure Logic Apps are similar to Functions – both enable you to trigger logic based on an event.
- Where Functions execute code, Logic Apps execute workflows designed to automate business scenarios and built from predefined logic blocks.
- Every logic app workflow starts with a trigger, which fires when a specific event happens or when newly available data meets specific criteria.
- Many triggers include basic scheduling capabilities, so developers can specify how regularly their workloads will run.
- Each time the trigger fires, the Logic Apps engine creates a logic app instance that runs the actions in the workflow.
- These actions can also include data conversions and flow controls, such as conditional statements, switch statements, loops, and branching.
- You create Logic App workflows using a visual designer on the Azure portal or in Visual Studio.
- The workflows are persisted as a JSON file with a known workflow schema.
- Azure provides over 200 different connectors and processing blocks to interact with different services – including most popular enterprise apps.
- You can also build custom connectors and workflow steps if the service you need to interact with isn’t covered.
- You then use the visual designer to link connectors and blocks together, passing data through the workflow to do custom processing – often all without writing any code.
As an example, let’s say a ticket arrives in ZenDesk. You could:
- Detect the intent of the message with cognitive services
- Create an item in SharePoint to track the issue
- If the customer isn’t in your database, add them to your Dynamics 365 CRM system
- Send a follow-up email to acknowledge their request
All of that could be designed in a visual designer making it easy to see the logic flow, which is ideal for a business analyst role.
Functions vs. Logic Apps
Functions and Logic Apps can both create complex orchestrations. An orchestration is a collection of functions or steps, that are executed to accomplish a complex task. With Azure Functions, you write code to complete each step, with Logic Apps, you use a GUI to define the actions and how they relate to one another.
You can mix and match services when you build an orchestration, calling functions from logic apps and calling logic apps from functions. Here are some common differences between the two.
|State||Normally stateless, but Durable Functions provide state||Stateful|
|Development||Code-first (imperative)||Designer-first (declarative)|
|Connectivity||About a dozen built-in binding types, write code for custom bindings||Large collection of connectors, Enterprise Integration Pack for B2B scenarios, build custom connectors|
|Actions||Each activity is an Azure function; write code for activity functions||Large collection of ready-made actions|
|Monitoring||Azure Application Insights||Azure portal, Log Analytics|
|Management||REST API, Visual Studio||Azure portal, REST API, PowerShell, Visual Studio|
|Execution context||Can run locally or in the cloud||Runs only in the cloud.|
Azure Event Grid
Azure Event Grid allows you to easily build applications with event-based architectures. It’s a fully-managed, intelligent event routing service that uses a publish-subscribe model for uniform event consumption. Event Grid has built-in support for events coming from Azure services, such as storage blobs and resource groups.
You can use Event Grid to support your own non-Azure-based events in near-real time, using custom topics. You can use filters to route specific events to different endpoints, and ensure your events are reliably delivered. See Event Grid for more details.
- Containers are a virtualization environment. However, unlike virtual machines they do not include an operating system.
- Instead, they reference the operating system of the host environment that runs the container.
- Containers are meant to be lightweight and are designed to be created, scaled out, and stopped dynamically.
- This allows you to respond to changes on demand and quickly restart in case of a crash or hardware interruption.
- Azure supports Docker containers, and there several ways to manage both Docker and Microsoft-based containers in Azure.
- Azure Container Instances offers the fastest and simplest way to run a container in Azure without having to manage any virtual machines or adopt any additional services.
- It is a PaaS offering that allows you to upload your containers, which it will run for you. See Container Instances for more details.
- The task of automating and managing a large number of containers and how they interact is known as orchestration.
- Azure Kubernetes Service (AKS) is a complete orchestration service for containers with distributed architectures and large volumes of containers.
- See Azure Kubernetes Service (AKS) for more details.
Using containers in your solutions
- Containers are often used to create solutions using a microservice architecture.
- This architecture is where you break solutions into smaller, independent pieces.
- For example, you may split a website into a container hosting your front end, another hosting your back end, and a third for storage.
- This split allows you to separate portions of your app into logical sections that can be maintained, scaled, or updated independently.
Azure Network Services
- Azure Virtual Network enables many types of Azure resources such as Azure VMs to securely communicate with each other, the internet, and on-premises networks.
- A virtual network is scoped to a single region; however, multiple virtual networks from different regions can be connected together using virtual network peering.
- With Azure Virtual Network you can provide isolation, segmentation, communication with on-premises and cloud resources, routing and filtering of network traffic. See Virtual Network for more details.
Availability refers to how long your service is up and running without interruption.
High availability, or highly available, refers to a service that’s up and running for a long period of time.
“five nines availability.” Five nines availability means that the service is guaranteed to be running 99.999 percent of the time. Although it’s difficult to achieve 100 percent availability, many teams strive for at least five nines.
Resiliency refers to a system’s ability to stay operational during abnormal conditions.
These conditions include:
- Natural disasters
- System maintenance, both planned and unplanned, including software updates and security patches.
- Spikes in traffic to your site
- Threats made by malicious parties, such as distributed denial of service, or DDoS, attacks
- A load balancer distributes traffic evenly among each system in a pool. A load balancer can help you achieve both high availability and resiliency.
- Azure Load Balancer can provide scale for your applications and create high availability for your services.
- Load Balancer supports inbound and outbound scenarios, provides low latency and high throughput, and scales up to millions of flows for all Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) applications.
- Azure Load Balancer, there’s no infrastructure or software for you to maintain. You define the forwarding rules based on the source IP and port to a set of destination IP/ports.
- You can use Load Balancer with incoming internet traffic, internal traffic across Azure services, port forwarding for specific traffic, or outbound connectivity for VMs in your virtual network. See Load Balancer for more details.
- A VPN gateway, can also be referred to as a virtual network gateway, but a VPN gateway is a specific type of virtual network gateway that is used to send encrypted traffic between an Azure Virtual Network and an on-premises location over the public internet.
- It provides a more secure connection from on-premises to Azure over the internet. See VPN Gateway for more details.
- Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications.
- It is the connection through which users connect to your application.
- With Application Gateway you can route traffic based on source IP address and port to a destination IP address and port.
- You also can help protect a web application with a web application firewall, redirection, session affinity to keep a user on the same server, and many more configuration options. See Application Gateway for more details.
- A content delivery network (CDN) is a distributed network of servers that can efficiently deliver web content to users.
- It is a way to get content to users in their local region to minimize latency. CDN can be hosted in Azure or any other location.
- You can cache content at strategically placed physical nodes across the world and provide better performance to end users.
- Typical usage scenarios include web applications containing multimedia content, a product launch event in a particular region, or any event where you expect a high bandwidth requirement in a region. See Content Delivery Network for more details.
Azure Storage Services
- Cost effectiveness
- Storage types
- Azure Storage is a service that you can use to store files, messages, tables, and other types of information.
- You can use Azure Storage on its own (for example as a file share), but developers also often use it as a store for working data.
- Such stores can be used by websites, mobile apps, desktop applications, and many other types of custom solutions.
- Azure Storage is also used by IaaS virtual machines, and PaaS cloud services.
Benefits of using Azure to store data
Here are some of the important benefits of Azure data storage:
- Automated backup and recovery: mitigates the risk of losing your data if there is any unforeseen failure or interruption.
- Replication across the globe: copies your data to protect it against any planned or unplanned events, such as scheduled maintenance or hardware failures. You can choose to replicate your data at multiple locations across the globe.
- Support for data analytics: supports performing analytics on your data consumption.
- Encryption capabilities: data is encrypted to make it highly secure; you also have tight control over who can access the data.
- Multiple data types: Azure can store almost any type of data you need. It can handle video files, text files, and even large binary files like virtual hard disks. It also has many options for your relational and NoSQL data.
- Data storage in virtual disks: Azure also has the capability of storing up to 32 TB of data in its virtual disks. This capability is significant when you’re storing heavy data such as videos and simulations.
- Storage tiers: storage tiers to prioritize access to data based on frequently used versus rarely used information.
You can generally think of Azure Storage in categories.
- Structured data is data that adheres to a schema, so all of the data has the same fields or properties.
- Structured data can be stored in a database table with rows and columns.
- Structured data relies on keys to indicate how one row in a table relates to data in another row of another table.
- Structured data is also referred to as relational data, as the data’s schema defines the table of data, the fields in the table, and the clear relationship between the two.
- Structured data is straightforward in that it’s easy to enter, query, and analyze.
- All of the data follows the same format. Examples of structured data include, sensor data or financial data.
- Semi-structured data is less organized than structured data, and is not stored in a relational format, meaning the fields do not neatly fit into tables, rows, and columns.
- Semi-structured data contains tags that make the organization and hierarchy of the data apparent.
- Semi-structured data is also referred to as non-relational or NoSQL data.
- Unstructured data encompasses data that has no designated structure to it.
- This also means that there are no restrictions on the kinds of data it can hold.
- For example, a blob can hold a PDF document, a JPG image, a JSON file, video content, etc.
- As such, unstructured data is becoming more prominent as businesses try to tap into new data sources.
- Some of the most common storage service types in Azure are blob, disk, file, and archive.
- Azure Blob Storage is unstructured, meaning that there are no restrictions on the kinds of data it can hold.
- Blobs are highly scalable and apps work with blobs in much the same way as they would work with files on a disk, such as reading and writing data.
- Blob Storage can manage thousands of simultaneous uploads, massive amounts of video data, constantly growing log files, and can be reached from anywhere with an internet connection.
- Blobs aren’t limited to common file formats.
- A blob could contain gigabytes of binary data streamed from a scientific instrument, an encrypted message for another application, or data in a custom format for an app you’re developing.
Azure offers three storage tiers for blob object storage:
- Hot storage tier: optimized for storing data that is accessed frequently.
- Cool storage tier: optimized for data that are infrequently accessed and stored for at least 30 days.
- Archive storage tier: for data that are rarely accessed and stored for at least 180 days with flexible latency requirements.
- See Blob Storage for more details.
- Disk storage provides disks for virtual machines, applications, and other services to access and use as they need, similar to how they would in on-premises scenarios.
- Disk storage allows data to be persistently stored and accessed from an attached virtual hard disk.
- The disks can be managed or unmanaged by Azure, and therefore managed and configured by the user.
- Typical scenarios for using disk storage are if you want to lift and shift applications that read and write data to persistent disks, or if you are storing data that is not required to be accessed from outside the virtual machine to which the disk is attached.
- Disks come in many different sizes and performance levels, from solid-state drives (SSDs) to traditional spinning hard disk drives (HDDs), with varying performance abilities. Details on pricing are available on the Managed Disks pricing page.
- Managed Disks pricing page. Also, see Disk Storage for more general details.
- Azure Files offers fully managed file shares in the cloud that are accessible via the industry standard Server Message Block (SMB) protocol.
- Azure file shares can be mounted concurrently by cloud or on-premises deployments of Windows, Linux, and MacOS. Applications running in Azure virtual machines or cloud services can mount a file storage share to access file data, just as a desktop application would mount a typical SMB share.
- Any number of Azure virtual machines or roles can mount and access the file storage share simultaneously.
- Typical usage scenarios would be to share files anywhere in the world, diagnostic data, or application data sharing.
- See Azure Files for more details.
- Archive storage provides a storage facility for data that is rarely accessed.
- It allows you to archive legacy data at low cost to what it would traditionally have cost to create and maintain archives. Archive storage is available as a tier of Blob Storage, object data in the most cost-effective manner.
- It is stored offline and offers the lowest storage costs.
- However, it also has the highest access cost, hence it is suited for archival data that is rarely accessed.
- Archive storage is intended for data that can tolerate several hours of retrieval latency and will remain archived for at least 180 days. See Azure Archive Storage for more details.
Azure Database Services
Azure SQL Database
- Azure SQL Database is a relational database as a service (DaaS) based on the latest stable version of the Microsoft SQL Server database engine.
- SQL Database is a high-performance, reliable, fully managed and secure database.
- You can use it to build data-driven applications and websites in the programming language of your choice without needing to manage infrastructure.
- You can migrate your existing SQL Server databases with minimal downtime using the Azure Database Migration Service.
- The service uses the Microsoft Data Migration Assistant to generate assessment reports that provide recommendations to help guide you through required changes prior to performing a migration.
- Once you assess and perform any remediation required, you’re ready to begin the migration process.
- The Azure Database Migration Service performs all of the required steps. You just change the connection string in your apps.
Azure Cosmos DB
- Azure Cosmos DB is a globally distributed database service.
- It supports schema-less data that lets you build highly responsive and Always On applications to support constantly changing data.
- You can use this feature to store data that is updated and maintained by users around the world.
- The following illustration shows a sample Azure Cosmos DB database that’s used to store data that’s accessed by people located across the globe.
Azure Data Lake Storage
- The Data Lake feature allows you to perform analytics on your data usage and prepare reports.
- Data Lake is a large repository that stores both structured and unstructured data.
- Azure Data Lake Storage combines the scalability and cost benefits of object storage with the reliability and performance of the Big Data file system capabilities.
- The following illustration shows how Azure Data Lake stores all your business data and makes it available
- Azure Queue storage is a service for storing large numbers of messages that can be accessed from anywhere in the world.
- Azure Queue Storage can be used to help build flexible applications and separate functions for better durability across large workloads.
- When application components are decoupled, they can scale independently.
- Queue storage provides asynchronous message queueing for communication between application components, whether they are running in the cloud, on the desktop, on-premises, or on mobile devices.
- Typically, there are one or more sender components and one or more receiver components.
- Sender components add messages to the queue, while receiver components retrieve messages from the front of the queue for processing.
- The following illustration shows multiple sender applications adding messages to the Azure Queue and one receiver application retrieving the messages
You can use queue storage to:
- Create a backlog of work and to pass messages between different Azure web servers.
- Distribute load among different web servers/infrastructure and to manage bursts of traffic.
- Build resilience against component failure when multiple users access your data at the same time.
Azure Database Migration
- The Azure Database Migration Service is a fully-managed service designed to enable seamless migrations from multiple database sources to Azure data platforms with minimal downtime (online migrations).
- The service uses the Microsoft Data Migration Assistant to generate assessment reports that provide recommendations to help guide you through required changes prior to performing a migration.
- Once you assess and perform any remediation required, you’re ready to begin the migration process.
- The Azure Database Migration Service performs all of the required steps. See Azure Database Migration Service for more details.
- Azure Marketplace is a service on Azure that helps connect end users with Microsoft partners, independent software vendors (ISVs), and start-ups that are offering their solutions and services, which are optimized to run on Azure.
- Azure Marketplace allows customers—mostly IT professionals and cloud developers—to find, try, purchase, and provision applications and services from hundreds of leading service providers, all certified to run on Azure.
- The solution catalog spans several industry categories, including but not limited to: open-source container platforms, virtual machine images, databases, application build and deployment software, developer tools, threat detection, and blockchain. Using Azure Marketplace, you can provision end-to-end solutions quickly and reliably, hosted in your own Azure environment. At the time of writing, this includes over 8,000 listings.
Lesson 3 – Azure Solutions
Internet of Things
- Ability for devices to garner and then relay information for data analysis is referred to as the Internet of Things (IoT).
- There are a number of services that can assist and drive end-to-end solutions for IoT on Azure.
- Two of the core Azure IoT service types are IoT Central, and Azure IoT Hub.
- IoT Central is a fully-managed global IoT software as a service (SaaS) solution that makes it easy to connect, monitor, and manage your IoT assets at scale.
- No cloud expertise is required to use IoT Central.
- As a result, you can bring your connected products to market faster while staying focused on your customers. See Azure IoT Central for more details.
Azure IoT Hub
- Azure IoT Hub is a managed service hosted in the cloud that acts as a central message hub for bi-directional communication between your IoT application and the devices it manages.
- You can use Azure IoT Hub to build IoT solutions with reliable and secure communications between millions of IoT devices and a cloud-hosted solution backend.
- You can connect virtually any device to your IoT Hub.
- IoT Hub supports communications both from the device to the cloud and from the cloud to the device.
- It also supports multiple messaging patterns such as device-to-cloud telemetry, file upload from devices, and request-reply methods to control your devices from the cloud.
- IoT Hub monitoring helps you maintain the health of your solution by tracking events such as device creation, device failures, and device connections.
- IoT Hub’s capabilities help you build scalable, full-featured IoT solutions such as managing industrial equipment used in manufacturing, tracking valuable assets in healthcare, and monitoring office building usage. See Azure IoT Hub for more general details.
Big Data and Analytics
- Data comes in all types of forms and formats.
- When we talk about Big Data, we’re referring to large volumes of data.
- Data from weather systems, communications systems, imaging platforms, and many other scenarios generate large amounts of data.
- This amount of data becomes increasingly hard to make sense of, and make decisions around.
- The volumes are so large that traditional forms of processing and analysis are no longer appropriate.
- Open source cluster technologies have been developed, over time, to try to deal with these large data sets.
- Microsoft Azure supports a broad range of technologies and services to provide big data and analytic solutions.
- Some of the most common big data and analytic service types in Azure are Azure SQL Data Warehouse, HDInsight, and Data Lake Analytics.
Azure SQL Data Warehouse
- Azure SQL Data Warehouse is a cloud-based Enterprise Data Warehouse (EDW) that leverages MPP to run complex queries quickly across petabytes of data.
- You can use SQL Data Warehouse as a key component of a big data solution by importing big data into SQL Data Warehouse with simple PolyBase Transact-SQL (T-SQL) queries, and then use the power of MPP to run high-performance analytics.
- Once data is stored in SQL Data Warehouse, you can run analytics at massive scale. Compared to traditional database systems, analysis queries finish in seconds instead of minutes, or hours instead of days.
- See SQL Data Warehouse for more details.
- Azure HDInsight is a fully managed, open-source analytics service for enterprises.
- It is a cloud service that makes it easier, faster, and more cost-effective to process massive amounts of data.
- HDInsight allows you run popular open-source frameworks and create cluster types such as Apache Spark, Apache Hadoop, Apache Kafka, Apache HBase, Apache Storm, Machine Learning Services.
- HDInsight also supports a broad range of scenarios such as extraction, transformation, and loading (ETL); data warehousing; machine learning; and IoT.
- See HDInsight for more general details.
Azure Data Lake Analytics
- Azure Data Lake Analytics is an on-demand analytics job service that simplifies big data.
- Instead of deploying, configuring, and tuning hardware, you write queries to transform your data and extract valuable insights.
- The analytics service can handle jobs of any scale instantly by setting the dial for how much power you need.
- You only pay for your job when it is running, making it more cost-effective. See Data Lake Analyticsfor more details.
Hybrid data integration at enterprise scale, made easy
Hybrid data integration service that simplifies ETL at scale
- Artificial Intelligence, in the context of cloud computing, is based around a broad range of services, the core of which is Machine Learning.
- Machine Learning is a data science technique that allows computers to use existing data to forecast future behaviors, outcomes, and trends.
- Using machine learning, computers learn without being explicitly programmed.
- Forecasts or predictions from machine learning can make apps and devices smarter. For example, when you shop online, machine learning helps recommend other products you might like based on what you’ve purchased.
- Or when your credit card is swiped, machine learning compares the transaction to a database of transactions and helps detect fraud.
- And when your robot vacuum cleaner vacuums a room, machine learning helps it decide whether the job is done.
Some of the most common Artificial Intelligence and Machine Learning service types in Azure are:
Azure Machine Learning Service
- The Azure Machine Learning service provides a cloud-based environment you can use to develop, train, test, deploy, manage, and track machine learning models.
- It fully supports open-source technologies, so you can use tens of thousands of open-source Python packages with machine learning components such as TensorFlow and scikit-learn.
- Rich tools, such as Jupyter notebooks or the Visual Studio Code Tools for AI, make it easy to interactively explore data, transform it, and then develop, and test models.
- Azure Machine Learning service also includes features that automate model generation and tuning to help you create models with ease, efficiency, and accuracy.
- The Azure Machine Learning service can auto-generate a model and auto-tune it for you.
- It will let you start training on your local machine, and then scale out to the cloud.
- When you have the right model, you can easily deploy it in a container such as Docker in Azure.
- Use Machine Learning service if you work in a Python environment, you want more control over your machine learning algorithms, or you want to use open-source machine learning libraries.
- See Azure Machine Learning service for more details.
Azure Machine Learning Studio
- Azure Machine Learning Studio is a collaborative, drag-and-drop visual workspace where you can build, test, and deploy machine learning solutions without needing to write code.
- It uses pre-built and pre-configured machine learning algorithms and data-handling modules.
- Use Machine Learning Studio when you want to experiment with machine learning models quickly and easily, and the built-in machine learning algorithms are sufficient for your solutions.
- It does not provide as much control over machine learning algorithms as the Machine Learning Service we discussed earlier.
- See Azure Machine Learning Studio for more general details.
- DevOps (Deployment and Operations) brings together people, processes, and technology, automating software delivery to provide continuous value to your users.
- Azure DevOps Services allows you to create, build, and release pipelines that provide continuous integration, delivery, and deployment for your applications.
- You can integrate repositories and application tests, perform application monitoring, and work with build artifacts.
- You can also work with and backlog items for tracking, automate infrastructure deployment, and integrate a range of third-party tools and services such as Jenkins and Chef.
- All of these functions and many more are closely integrated with Azure to allow for consistent, repeatable deployments for your applications to provide streamlined build and release processes.
- Some of the main DevOps services available with Azure are Azure DevOps Services, and Azure DevTest Labs.
Azure DevOps Services
- Azure DevOps Services (formerly known as Visual Studio Team Services (VSTS)), provides development collaboration tools including high-performance pipelines, free private Git repositories, configurable Kanban boards, and extensive automated and cloud-based load testing.
- See Azure DevOps for more details.
Azure DevTest Labs
- Azure DevTest Labs is a service that helps developers and testers quickly create environments in Azure, while minimizing waste and controlling cost.
- Users can test their latest application versions by quickly provisioning Windows and Linux environments using reusable templates and artifacts.
- You can easily integrate your deployment pipeline with DevTest Labs to provision on-demand environments.
- With DevTest Labs you can scale up your load testing by provisioning multiple test agents, and create pre-provisioned environments for training and demos.
- See Azure DevTest Labs for more general details.
Lesson 4 – Azure management tools
Azure Management Tools
You can configure and manage Azure using a broad range of tools and platforms. There are tools available for the command line, language-specific Software Development Kits (SDKs), developer tools, tools for migration, and many others.
Tools that are commonly used for day-to-day management and interaction include:
- Azure portal for interacting with Azure via a Graphical User Interface (GUI)
- Azure PowerShell and Azure Command-Line Interface (CLI) for command line and automation-based interactions with Azure
- Azure Cloud Shell for a web-based command-line interface
- Azure mobile app for monitoring and managing your resources from your mobile device
- You can configure and manage Azure using a broad range of tools and platforms.
- There are tools available for the command line, language-specific Software Development Kits (SDKs), developer tools, tools for migration, and many others.
- Tools that are commonly used for day-to-day management and interaction include:
- Azure Portal, for interacting with Azure via a Graphical User Interface (GUI);
- Azure PowerShell, Azure Command-Line Interface (CLI), and Azure Cloud Shell, for command line and automation-based interactions with Azure.
- Creating administration scripts and using automation tools is a powerful way to optimize your work flow.
- You can automate common repetitive tasks, and once a script has been verified it will run consistently, thereby reducing errors.
- Azure Portal is a website that you can access with a web browser, by going to the URL https://portal.azure.com. From here you can interact manually with all the Azure services.
- You can identify a service you are looking for, obtain links for help and more learning on particular topics, and deploy, manage and delete resources.
- It also guides you through complex administrative tasks by providing wizards and tooltips.
- The dashboard view provides high-level details about your Azure environment.
- You can customize the portal view as you need by moving and resizing tiles, displaying just particular services of interest, accessing links for help and support, and providing feedback.
- The portal does not provide any way to automate repetitive tasks.
- For example, to set up multiple VMs, you would need to create them one at a time by completing the wizard for each VM.
- This can be time-consuming and error-prone for complex tasks.
- Azure PowerShell is a module that you add to Windows PowerShell or PowerShell Core that enables you to connect to your Azure subscription and manage resources.
- Azure PowerShell requires Windows PowerShell to function.
- PowerShell provides services such as the shell window and command parsing.
- Azure PowerShell then adds the Azure-specific commands.
- For example, Azure PowerShell provides the New-AzureRmVM command that creates a virtual machine for you inside your Azure subscription.
- To use it, you would launch PowerShell, sign in to your Azure account using the command
Connect-AzureRMAccount, and then issue a command such as:
- Azure CLI is a cross-platform command-line program that connects to Azure and executes administrative commands on Azure resources.
- Cross platform means that it can be run on Windows, Linux, or macOS.
- For example, to create a VM, you would open a command prompt window, sign in to Azure using the command
az login, create a resource group, then use a command such as:
Azure Cloud Shell
- Azure Cloud Shell is a browser-based scripting environment in your portal.
- It provides the flexibility of choosing the shell experience that best suits the way you work.
- Linux users can opt for a Bash experience, while Windows users can opt for PowerShell.
- A storage account is required to use the cloud shell and you will be prompted to create one when accessing the Azure cloud shell.
- Azure Advisor is a free service built into Azure that provides recommendations on high availability, security, performance, and cost.
- Advisor analyzes your deployed services and looks for ways to improve your environment across those four areas.
With Azure Advisor, you can:
- Get proactive, actionable, and personalized best practices recommendations.
- Improve the performance, security, and high availability of your resources as you identify opportunities to reduce your overall Azure costs.
- Get recommendations with proposed actions inline.
- You can access Azure Advisor through the Azure portal.
- After you sign in to the portal, either select Advisor from the navigation menu, or search for it in the All services menu.
You can download recommendations from Azure Advisor in PDF or CSV format, which you can then share.