Scribd
Upload
149 views192 pages

AZ-900+Slides Skylines+Academy v2

The document discusses cloud computing concepts including cloud services, scalability, high availability, disaster recovery, and cloud economics. It covers topics such as compute, storage, networking, analytics services, vertical and horizontal scaling, elasticity, service level agreements, fault tolerance, and examples of high availability configurations.

Uploaded by

sushainkapoor photo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
149 views192 pages

AZ-900+Slides Skylines+Academy v2

The document discusses cloud computing concepts including cloud services, scalability, high availability, disaster recovery, and cloud economics. It covers topics such as compute, storage, networking, analytics services, vertical and horizontal scaling, elasticity, service level agreements, fault tolerance, and examples of high availability configurations.

Uploaded by

sushainkapoor photo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 192

© 2019 Skylines Academy, LLC. All rights reserved.

AZ-900: Azure Fundamentals


© 2019 Skylines Academy, LLC. All rights reserved.

Understand Cloud Concepts


© 2019 Skylines Academy, LLC. All rights reserved.

Traditional Datacenter
Cloud Computing Overview
What is Cloud Computing?
© 2019 Skylines Academy, LLC. All rights reserved.

• Cloud computing is about “renting” resources vs purchasing


hardware
• Pay for what you use
• Run your applications in someone else’s datacenter
• Cloud provider is responsible for the physical hardware and
facilities necessary to execute your work
• Cloud provider responsible for keeping the services they
provide up-to-date
Core Cloud Services
© 2019 Skylines Academy, LLC. All rights reserved.

Compute Storage Networking

Application
Analytics
Services
Scalability
© 2019 Skylines Academy, LLC. All rights reserved.

• Increase or decrease resources based on


workload demand
• Vertical Scaling
• Also known as scaling up
• Add additional resources to increase the
power of the workload
• E.g. Add additional CPUs to a Virtual
Machine
• Horizontal Scaling
• Also known as scaling out
© 2019 Skylines Academy, LLC. All rights reserved.
Scalability

Vertical Scaling
Horizontal Scaling
Elastic
© 2019 Skylines Academy, LLC. All rights reserved.

• Major pattern which benefits from cloud computing


• As your workload changes, resources can be changed to compensate (up
or down)
• Example: Seasonal demand for retail web site
© 2019 Skylines Academy, LLC. All rights reserved.

High Availability (HA)


What is an SLA?
© 2019 Skylines Academy, LLC. All rights reserved.

“A Service Level Agreement (SLA) is an


agreement with the business and
application teams on the expected
performance and availability of a
specific service.”
General SLA Practices
© 2019 Skylines Academy, LLC. All rights reserved.

• Define SLA’s for each workload


• Dependency mapping
• Make sure to include internal/external dependencies
• Identify single points of failure
• Example – workload requires 99.99% but depends on a service that is
only 99.9%
Key Terms
© 2019 Skylines Academy, LLC. All rights reserved.

Mean Time To Mean Time Recovery Point Recovery Time


Recovery Between Objective Objective
(MTTR) Failures (MTBF) (RPO) (RTO)

• Average time to • Average time between • Interval of time in • Time requirement for
recover service from outages which data could be recovery to be
an outage lost during a recovery. completed in before
E.g. 5 minute RPO there is business
means up to 5 minutes impact.
of data could be lost.
Disaster Recovery and Fault Tolerance
© 2019 Skylines Academy, LLC. All rights reserved.

Fault Tolerance Disaster Recovery


• Redundancy is built into • Planning for catastrophic
services so that if one failure of workload
component fails, another • Region to region Failover
takes its place. • On-Premises to cloud
• Reduces impact when failover
disasters occur. • Automation and
Orchestration
HA Examples
© 2019 Skylines Academy, LLC. All rights reserved.

Host Outage Cross Region Deployment


• When an underlying host • An application is deployed in
has a catastrophic failure, a configuration to be highly
the virtual machine will available across regions.
automatically be restarted • When a service in one
on another host. region has an outage, traffic
• Availability Sets and Zones can continue to run in the
further increase the second region.
availability.
© 2019 Skylines Academy, LLC. All rights reserved.

Cloud Service Models


© 2019 Skylines Academy, LLC. All rights reserved.
X as a Service…
© 2019 Skylines Academy, LLC. All rights reserved.
Cloud Service Models
© 2019 Skylines Academy, LLC. All rights reserved.

Cloud Economics
Economies of Scale
© 2019 Skylines Academy, LLC. All rights reserved.

Cloud Benefits
• Cloud providers can pass on
economies of scale to
consumers
• Acquire hardware at lower
Economies of scale is the ability to do costs
things more efficiently or at a lower-
cost per unit when operating at a • Local Government deals
larger scale.
• Datacenter efficiencies
Capex vs Opex

Capital Expenditure Operational Expenditure


© 2019 Skylines Academy, LLC. All rights reserved.

(CapEx) (OpEx)
• Spending on infrastructure is • No up-front cost
completed upfront • Pay for service as you
• Cost written off over a consume it
period of time • Deduct from tax bill in same
year as expense occurs
Typical On-Premises CapEx Costs
© 2019 Skylines Academy, LLC. All rights reserved.

Server Costs Storage Costs Network Costs

Backup and Datacenter Costs


Archive Costs (including DR)
Typical Opex Costs for Cloud Computing
© 2019 Skylines Academy, LLC. All rights reserved.

Server Lease Software and Usage/Demand


Costs Feature Leases Cost Scaling
CapEx vs OpEx Benefits
© 2019 Skylines Academy, LLC. All rights reserved.

CapEx Benefits OpEx Benefits


• Predictability • Try and buy
• Cost effective when you can • Low initial costs
consume the infrastructure • Demand fluctuation
quickly
© 2019 Skylines Academy, LLC. All rights reserved.

Cloud Deployment Models


© 2019 Skylines Academy, LLC. All rights reserved.

• Common Deployment Model


• Azure, AWS, GCP are examples of
Public Cloud providers
Public Cloud • Everything runs on your cloud
providers hardware
Public Cloud

Advantages Disadvantages
© 2019 Skylines Academy, LLC. All rights reserved.

• High scalability/agility • There may be specific security


• Pay-as-you-go pricing – you pay only requirements that cannot be met by
for what you use, no CapEx costs using public cloud
• You’re not responsible for • There may be government policies,
maintenance or updates of the industry standards, or legal
hardware requirements which public clouds
• Minimal technical knowledge required cannot meet
to get started • You don’t own the hardware
• Unique business requirements
© 2019 Skylines Academy, LLC. All rights reserved.

• You create a cloud like environment


in your own datacenter
• You are responsible for the hardware
and software services you provide
Private Cloud • Characteristics include:
• Self Service
• Automation
• Agility
• Financial Transparency
Private Cloud

Advantages Disadvantages
© 2019 Skylines Academy, LLC. All rights reserved.

• Complete control over all resources • Large upfront costs


and can support legacy scenarios • High skillset required
• Complete security control • Owning equipment adds a lag into the
• May be able to meet strict compliance provisioning process
requirements Public Cloud cannot • Datacenter management
© 2019 Skylines Academy, LLC. All rights reserved.

• Combines Public and Private Clouds


• Allows flexibility to run in the most
appropriate location
• Consume Public Cloud services as
Hybrid Cloud needed and potentially keep legacy
workloads running on-premises
Hybrid Cloud

Advantages Disadvantages
© 2019 Skylines Academy, LLC. All rights reserved.

• Flexibility • Complicated to maintain and setup


• Support for Legacy systems while • Can be more expensive than simply
enabling modern application selecting one model
workloads to move to Public Cloud
• Continue to use your own equipment
and investments
© 2019 Skylines Academy, LLC. All rights reserved.

Understanding Azure Core Services


© 2019 Skylines Academy, LLC. All rights reserved.
© 2019 Skylines Academy, LLC. All rights reserved.

Regions and Availability Zones


Azure Regions
© 2019 Skylines Academy, LLC. All rights reserved.

• Location for your


resources
• Area containing at least
one datacenter
• Usually need to select a
region when deploying
a resource
• Examples: East US, West
US, Central India, East
Asia, Germany Central
© 2019 Skylines Academy, LLC. All rights reserved.
Why Regions Matter?
© 2019 Skylines Academy, LLC. All rights reserved.

• More regions = scalable and redundant


• Azure has the most to date
• You might need a specialized region for compliance purposes: E.g.
US Gov regions or Chinese regions which are run by 21Vianet due
to regulations
Geographies
© 2019 Skylines Academy, LLC. All rights reserved.

• Boundaries, often country borders


• Normally 2+ regions for data preservation
• Meets compliance needs
• Data requirements met in boundaries:
• Fault tolerant
• Geographies: Americas, Asia Pacific, Europe, Middle East, Africa
• Each region belongs to a single geography
© 2019 Skylines Academy, LLC. All rights reserved.
Region Pairs
© 2019 Skylines Academy, LLC. All rights reserved.

Resource Groups
Resource Group Overview
© 2019 Skylines Academy, LLC. All rights reserved.

DESTROYED
Web App Virtual Machines Database
Why Resource Groups?
© 2019 Skylines Academy, LLC. All rights reserved.

• Organization
• Easy de-provisioning
• Security Boundary
– RBAC
• Apply Policies
© 2019 Skylines Academy, LLC. All rights reserved.

Azure Resource Manager (ARM)


Resource Manager Overview
© 2019 Skylines Academy, LLC. All rights reserved.

Resource
Resource Resource Group ARM Templates
Provider

Individual manageable item Container where you can Provider of services you Files used to define
available to you in Azure house your resources for can deploy in Azure resources you wish to
management e.g. Microsoft.Compute deploy to a resource
group
ARM Templates Overview
© 2019 Skylines Academy, LLC. All rights reserved.

{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",

• Apply Infrastructure as
"parameters": {
},
"variables": {
},
"resources": [
{
"name": "[concat('storage', uniqueString(resourceGroup().id))]",
Code
"type": "Microsoft.Storage/storageAccounts",

• Download templates
"apiVersion": "2016-01-01",
"sku": {
"name": "Standard_LRS"
},
"kind": "Storage",
"location": "North Central US",
"tags": {},
from Azure Portal
"properties": {}

• Author new templates


}
],
"outputs": { }
}

• Use Quickstart
templates, provided by
Resource
(E.g. Storage Account)
Microsoft
Quickstart Templates
© 2019 Skylines Academy, LLC. All rights reserved.

https://azure.microsoft.com/en-us/resources/templates/

https://github.com/Azure/azure-quickstart-templates
ARM File Types
© 2019 Skylines Academy, LLC. All rights reserved.

ARM Template ARM Template Deployment


File Parameter File Scripts

Describe the configuration Separate your parameters E.g. PowerShell for


of your infrastructure via a (optional) Deployment
JSON file
ARM Template Constructs
© 2019 Skylines Academy, LLC. All rights reserved.

Parameters Variables Resources Outputs

Define the inputs you want Values that you can use Define the resources you Specify values that are
to pass into the ARM throughout your template. wish to deploy or update. returned after the ARM
template during Used to simplify your deployment is completed.
deployment. template by creating reuse
of values.
© 2019 Skylines Academy, LLC. All rights reserved.

Azure Virtual Machines


Introduction to Virtual Machines
© 2019 Skylines Academy, LLC. All rights reserved.

App App App

Application OS OS OS

Operating System Hypervisor

Hardware Hardware

CPU Memory Disk CPU Memory Disk


VM Types
Type Purpose
© 2019 Skylines Academy, LLC. All rights reserved.

A – Basic Basic version of the A series for testing and development.

A – Standard General-purpose VMs.

Burstable instances that can burst to the full capacity of the


B – Burstable
CPU when needed.
D – General Built for enterprise applications. DS instances offer
Purpose premium storage.
E – Memory High memory-to-CPU core ratio. ES instances offer
Optimized premium storage.
High CPU core-to-memory ratio. FS instances offer
F – CPU Optimized
premium storage.
Very large instances ideal for large databases and big data
G – Godzilla
use cases.
VM Types (continued)
© 2019 Skylines Academy, LLC. All rights reserved.

Type Purpose
H – High High performance compute instances aimed at very high-
performance end computational needs such as molecular modelling and
compute other scientific applications.
L – Storage Storage optimized instances which offer a higher disk
optimized throughput and IO.
M – Large memory Another large-scale memory option that allows for up to
3.5 TB of RAM.
N – GPU enabled GPU-enabled instances.
SAP HANA on Specialized instances purposely built and certified for
Azure Certified running SAP HANA.
Instances
VM Specializations
© 2019 Skylines Academy, LLC. All rights reserved.

S M R
Premium Storage Larger memory Supports remote
options available configuration of direct memory
instance type access (RDMA)
Example: DSv2 Example: Standard A2m_v2 Example: H16mr
© 2019 Skylines Academy, LLC. All rights reserved.

Module:
VM Availability
Availability Sets
© 2019 Skylines Academy, LLC. All rights reserved.

Potential for VM Impact Availability Sets


• Planned maintenance • Group two or more
• Unplanned hardware machines in a set
maintenance • Separated based on Fault
• Unexpected downtime Domains and Update
Domains
© 2019 Skylines Academy, LLC. All rights reserved.

FD 0
FD 1
Fault Domains and Update Domains

FD 2
Fault Domains and Update Domains
© 2019 Skylines Academy, LLC. All rights reserved.

FD 0 FD 1 FD 2

UD 0 UD 1

UD 2
Planning for Availability
© 2019 Skylines Academy, LLC. All rights reserved.

Web Tier App Tier Data Tier


Availability Set Availability Set Availability Set
© 2019 Skylines Academy, LLC. All rights reserved.

Availability Zones
Availability Zones
© 2019 Skylines Academy, LLC. All rights reserved.

• Offer 99.99% availability


• Minimize impact of
planned and unplanned
downtime
• Enforce them like
Availability Sets, but now
you choose your specific
zone in Azure
© 2019 Skylines Academy, LLC. All rights reserved.

App Services
Introduction to Web Apps
© 2019 Skylines Academy, LLC. All rights reserved.

Azure App Services consist of the following:

Web Apps Mobile Apps Logic Apps API Apps


App Service Environments (ASEs)
© 2019 Skylines Academy, LLC. All rights reserved.

• Fully isolated environment


• For high-performing apps – high CPU and/or memory
• Individual or multiple service plans
• 2 ways to deploy: Internal or External
• Created in a subnet via a VNet, which achieves isolation
• Note: May take a few hours to spin up
© 2019 Skylines Academy, LLC. All rights reserved.

Compute Services - Containers


Containers
© 2019 Skylines Academy, LLC. All rights reserved.

• Standardized packaging for


software and dependencies
• A way to isolate apps from
each other
• Works with Linux and
Windows Servers
• Allows separate apps to share
the same OS kernel
Application Modernization
© 2019 Skylines Academy, LLC. All rights reserved.

Application Code
Monolithic App Issues:
• Minor code changes required
full recompile and testing
• Application becomes a single
point of failure
• Application is difficult and
often expensive to scale
Application Modernization
© 2019 Skylines Academy, LLC. All rights reserved.

Individual service
Microservices:
• Break application out into
separate services

12-Factor Apps:
• Make the app independently
scalable, stateless, highly
availably be design.
Comparing Monolithic and Microservices
© 2019 Skylines Academy, LLC. All rights reserved.

Monolithic Microservices

Simple deployments Partial deployments


Inter-module refactoring Strong module boundaries
Vertical scaling Horizontal scaling
Technology monoculture Technology diversity
Three Keys to Microservices
1. Functional Decomposition 2. Horizontal Scale 3. Data Decoupling
© 2019 Skylines Academy, LLC. All rights reserved.

This… Becomes This Scale what you need to, not what you don’t Now I can pick the best database for the
service

Service 1 Service 1 Scaling Options Service 1


Service 1
Service 1

Service 2 Service 2
All services Service 2
tightly coupled
and error
prone
Service 3 Service 3 Service 3
Service 3

Service 4 Service 4 Service 4


Service 4
Containers vs.Virtual Machines
© 2019 Skylines Academy, LLC. All rights reserved.

App App App

App D
App C
App A

App B

App E
OS OS OS

Hypervisor
Docker
OS
Hardware
Server
© 2019 Skylines Academy, LLC. All rights reserved.

Serverless Computing
What is Serverless Computing?
© 2019 Skylines Academy, LLC. All rights reserved.

• Fully-managed services
• Only pay for what you use
• Flexibility to scale, as needed
• Stitch together applications
and services seamlessly
Azure Serverless Computing Services
© 2019 Skylines Academy, LLC. All rights reserved.

Azure Functions Logic Apps Event Grid


Azure Functions –
Key Features
© 2019 Skylines Academy, LLC. All rights reserved.

• Program Languages C#, F#, JavaScript, Java


(Preview)
• Pay-per-use Pricing
• Consumption Plan
• App Service Plan
(Run on the same plan as other services)
• Integrated Security with OAUTH providers
(Azure AD, Facebook etc.)
• Code in the portal or deploy via DevOps
tools
Logic Apps –
Key Features
© 2019 Skylines Academy, LLC. All rights reserved.

• Workflow Engine
• Used to orchestrate and
stitch together functions
and services (Just like
regular orchestration
tools)
• Visualize, Design, Build,
Automate
© 2019 Skylines Academy, LLC. All rights reserved.

Triggers
Logic Apps – Key Constructs

Action
© 2019 Skylines Academy, LLC. All rights reserved.

Comparing Compute Options


© 2019 Skylines Academy, LLC. All rights reserved.
Comparing Compute Options
© 2019 Skylines Academy, LLC. All rights reserved.

Networking Overview
Networking Overview
© 2019 Skylines Academy, LLC. All rights reserved.

Source: https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview
Networking Overview (continued)
© 2019 Skylines Academy, LLC. All rights reserved.

Core VNet
VNet
Subnet A Subnet B Capabilities:
• Isolation
• Internet Access
• Azure Resources (VMs
and Cloud Services)
• VNet Connectivity
• On-Premises
Connectivity
• Traffic Filter
• Routing
VNets: Key Points
© 2019 Skylines Academy, LLC. All rights reserved.

• Primary building block for Azure networking


• Private network in Azure based on an address space prefix
• Create subnets in your VNet with your own IP ranges
• Bring your own DNS or use Azure-provided DNS
• Choose to connect the network to on-premises or the
internet
© 2019 Skylines Academy, LLC. All rights reserved.

Hybrid Connectivity
Hybrid Connectivity Options
© 2019 Skylines Academy, LLC. All rights reserved.

Point-to-Site
Site-to-Site (S2S) ExpressRoute
(P2S)
S2S
© 2019 Skylines Academy, LLC. All rights reserved.

S2S

Multi-Site

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways
S2S (continued)
© 2019 Skylines Academy, LLC. All rights reserved.

• S2S VPN gateway connection is a connection over IPsec/IKE


(IKEv1 or IKEv2) VPN tunnel
• Requires a VPN device in enterprise datacenter that has a
public IP address assigned to it
• Must not be located behind a NAT
• S2S connections can be used for cross-premises and hybrid
configurations
P2S
© 2019 Skylines Academy, LLC. All rights reserved.

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-about-vpngateways
P2S (continued)
© 2019 Skylines Academy, LLC. All rights reserved.

• Secure connection from an individual computer. Great for


remote worker situations.
• No need for a VPN device or public IP. Connect wherever user
has internet connection.
• OS Support: Windows 7, 8, 8.1 (32 and 64bit), Windows 10,
Windows Server 2008 R2, 2012, 2012 R2 64-bit.
• Throughput up to 100 Mbps (unpredictable due to internet).
• Doesn’t scale easily, so only useful for a few workstations.
VPN Gateway SKUs
© 2019 Skylines Academy, LLC. All rights reserved.

Aggregate
S2S/VNet-to-VNet P2S Throughput
SKU Tunnels Connections Benchmark
VpnGw1 Max. 30 Max. 128 650 Mbps

VpnGw2 Max. 30 Max. 128 1 Gbps

VpnGw3 Max. 30 Max. 128 1.25 Gbps

Basic Max. 10 Max. 128 100 Mbps


Gateway Recommendations
© 2019 Skylines Academy, LLC. All rights reserved.

Workload SKUs
Production, critical workloads VpnGw1,VpnGw2,VpnGw3

Dev-test or proof of concept Basic

SKU Features
Basic Route-based VPN: 10 tunnels with P2S; no
RADIUS authentication for P2S; no IKEv2 for P2S
Policy-based VPN: (IKEv1): 1 tunnel; no P2S

VpnGw1,VpnGw2, and VpnGw3 Route-based VPN: up to 30 tunnels (*), P2S,


BGP, active-active, custom IPsec/IKE policy,
ExpressRoute/VPN co-existence
ExpressRoute
© 2019 Skylines Academy, LLC. All rights reserved.

https://docs.microsoft.com/en-us/azure/expressroute/expressroute-introduction
ExpressRoute Key Benefits
© 2019 Skylines Academy, LLC. All rights reserved.

Layer 3 Connectivity Global Dynamic Built-In


Connectivity in all Regions Connectivity Routing Redundancy

Between your on- To Microsoft cloud To Microsoft services Between your In every peering
premises network and services across all across all regions with network and location for higher
the Microsoft Cloud regions in the ExpressRoute Microsoft over reliability
through a connectivity geopolitical region. premium add-on. industry standard
provider. Connectivity protocols (BGP).
can be from an any-
to-any (IPVPN)
network, a point-to-
point Ethernet
connection, or
through a virtual
cross-connection via
an Ethernet exchange.
ExpressRoute Provisioning
© 2019 Skylines Academy, LLC. All rights reserved.

ORDER
START USING
EXPRESS
EXPRESSROUTE
• Azure subscription ROUTE • Provide service key (s-key) CIRCUIT
created/exists CIRCUIT to connectivity provider
• Connectivity provider • Provide additional
identified and • Select service provider information needed by • Link VNets to Azure
relationship set up • Select peering location connectivity provider private peering
• Physical connectivity • Select bandwidth (VPN ID) • Connect to Auzre services
with provider set up • Select billing model • If provider manages on public IPs through
• Select standard or routing, provide details Azure pubic peering
premium add-on • Connect to Microsoft
SERVICE cloud Services through
ENSURE THAT
PROVIDER Microsoft peering
PREREQUISITES
PROVISIONS
ARE MET CONNECTIVITY

https://docs.microsoft.com/en-us/azure/expressroute/expressroute-workflows
Peering – Data to Collect
• Peering subnet for path 1 (/30)
© 2019 Skylines Academy, LLC. All rights reserved.

• Peering subnet for path 2 (/30)


• VLAN ID for peering
Azure Private Peering • ASN for peering
• ExpressRoute ASN = 12076
• MD5 Hash (optional)

• Peering subnet for path 1 (/30) – must be public IP


• Peering subnet for path 2 (/30) – must be public IP
• VLAN ID for peering
Azure Public Peering • ASN for peering
• ExpressRoute ASN = 12076
• MD5 Hash (optional)

• Peering subnet for path 1 (/30) – must be public IP


• Peering subnet for path 2 (/30) – must be public IP
• VLAN ID for peering
Microsoft Peering •

ASN for peering
Advertised prefixes – must be public IP prefixes
• Customer ASN (optional if different from peering ASN)
• RIR/IRR for IP and ASN validation
• ExpressRoute ASN = 12076
• MD5 Hash (optional)
Unlimited versus Metered
© 2019 Skylines Academy, LLC. All rights reserved.

Unlimited
• Speeds from 50 Mbps to 10 Gbps
• Unlimited Inbound data transfer
• Unlimited Outbound data transfer
• Higher monthly fee

Metered
• Speeds from 50 Mbps to 10 Gbps
• Unlimited Inbound data transfer
• Outbound data transfer charged at a predetermined rate per GB
• Lower monthly fee
ExpressRoute Considerations
© 2019 Skylines Academy, LLC. All rights reserved.

Understand the models


• Differences between Unlimited Data and Metered Data
• Understand what model you are using today to accelerate adoption
• Understand the differences in available port speeds, locations and approach
• Understand the limits that drive additional circuits
Understand the providers
• Each offer a different experience based on ecosystem and capabilities
• Some provide complete solutions and management
Understand the costs
• Connection costs can be broken out by the service connection costs (Azure) and the
authorized carrier costs (telco partner)
• Unlike other Azure services, look beyond the Azure pricing calculator
© 2019 Skylines Academy, LLC. All rights reserved.

Load Balancers
© 2019 Skylines Academy, LLC. All rights reserved.
Azure Load Balancing Services
Azure Load Balancer
© 2019 Skylines Academy, LLC. All rights reserved.

Key Features:

• Layer 4
• Basic and standard (preview)
SKUs
• Service monitoring
• Automated reconfiguration
• Hash-based distribution
• Internal and public options
© 2019 Skylines Academy, LLC. All rights reserved.
Azure Load Balancer: Internal Example
© 2019 Skylines Academy, LLC. All rights reserved.
Azure Load Balancer: Public Example
© 2019 Skylines Academy, LLC. All rights reserved.
Azure Load Balancer: Multi-Tier Example
Load Balancing: App Gateway
© 2019 Skylines Academy, LLC. All rights reserved.

Key Features:

• Layer 7 application load


balancing
• Cookie-based session affinity
• SSL offload
• End-to-end SSL
• Web application firewall
• URL-based content routing
• Requires its own subnet
App Gateway Sizes
© 2019 Skylines Academy, LLC. All rights reserved.

Page Response Small Medium Large


6K 7.5 Mbps 13 Mbps 50 Mbps
100K 35 Mbps 100 Mbps 200 Mbp
Load Balancer Comparison
© 2019 Skylines Academy, LLC. All rights reserved.

Service Azure Load Balancer Application Gateway Traffic Manager


Technology Transport level (Layer 4) Application level (Layer 7) DNS-level
Any (An HTTP endpoint is
Application Protocols
Any HTTP, HTTPS, and WebSockets required for endpoint
Supported
monitoring)
Any Azure internal IP address,
Azure VMs, Cloud Services,
Azure VMs and Cloud Services public internet IP address,
Endpoints Azure Web Apps, and
role instances Azure VM, or Azure Cloud
external endpoints
Service
Can be used for both Can be used for both Internet-
Only supports Internet-
VNet support Internet- facing and internal facing and internal (VNet)
facing applications
(VNet) applications applications
Supported via HTTP/HTTPS
Endpoint Monitoring Supported via probes Supported via probes
GET
© 2019 Skylines Academy, LLC. All rights reserved.

CDN
© 2019 Skylines Academy, LLC. All rights reserved.
CDN

Theodore
Source
© 2019 Skylines Academy, LLC. All rights reserved.
CDN

Theodore

Other Users
Edge
Source
Azure CDN Offerings
© 2019 Skylines Academy, LLC. All rights reserved.

Standard Akamai Standard Verizon Premium Verizon

https://docs.microsoft.com/en-us/azure/cdn/cdn-overview
© 2019 Skylines Academy, LLC. All rights reserved.
Azure CDN Offerings
© 2019 Skylines Academy, LLC. All rights reserved.

Types of Data
Types of Data
© 2019 Skylines Academy, LLC. All rights reserved.

Semi-Structured Unstructured
Structured Data
Data Data
Structured Data
© 2019 Skylines Academy, LLC. All rights reserved.

• Adheres to a schema
• All the data has the same field or
properties
• Stored in a database table with rows
and columns
• Relies on keys to indicate how one
row in a table relates to data in
another row of another table
• Referred to as “relational data”
Semi-Structured Data
© 2019 Skylines Academy, LLC. All rights reserved.

• Doesn’t fit neatly into tables, rows and


columns.
• Uses tags or keys to organize and
provide a hierarchy for the data.
• Often referred to as NoSQL or non-
relational data
Unstructured Data
© 2019 Skylines Academy, LLC. All rights reserved.

• No designated structure
• No restrictions on the kinds of data it
can hold
• Example a blob can hold a PDF, JPEG,
JSON, videos etc.
• Enterprises are struggling to manage
and tap into the insights from their
unstructured data
© 2019 Skylines Academy, LLC. All rights reserved.

Azure SQL Services


Azure SQL
© 2019 Skylines Academy, LLC. All rights reserved.

• Relational database-as-a-service
• Uses latest stable version of
Microsoft SQL
• Create NEW or…
• Migrate Existing databases using the
Microsoft Data Migration Assistant
Azure SQL Database – Key Features
© 2019 Skylines Academy, LLC. All rights reserved.

Predictable High Simplified


Performance Compatibility Management

Measured in database Supporting existing SQL This includes SQL Server-


throughput units (DTUs) client applications via specific Azure tools
tubular database stream
(TDS) endpoint
Azure SQL Database Tiers
© 2019 Skylines Academy, LLC. All rights reserved.

Basic Standard Premium

Small database with single Medium-sized database that Large databases that must
concurrent user must support multiple support a large number of
concurrent connections concurrent connections and
operations

• Small dbs • Good option for cloud apps • High transaction volumes
• Single active operation • Multiple operations • Large number of users
• Dev / Test • Workgroup or web apps • Multiple operations
• Small scale apps • 10-100 DTU • Mission critical apps
• 5 DTU • 100-800 DTU
NEW – Azure SQL Managed Instances
© 2019 Skylines Academy, LLC. All rights reserved.

• Managed SQL Servers


• More compatible with legacy
workloads
Third-party Databases in Azure – Managed
© 2019 Skylines Academy, LLC. All rights reserved.

• Managed database options:


– Build-in HA at no additional cost
– Predictable performance
– Pay-as-you-go
– Auto-scaling
– Encryption at-rest and in-transit
– Automatic backups with point-in-
time-restore for up to 35 days
– Enterprise-grade security and
compliance
Third-party Databases in Azure – Non-managed
© 2019 Skylines Academy, LLC. All rights reserved.

• Non-managed database options:


– Windows Azure VMs hosting MySQL
installations
– Linux Azure VMs hosting MySQL
installations
– ClearDB offering managed MySQL
instance
© 2019 Skylines Academy, LLC. All rights reserved.

Cosmos DB
Azure Cosmos DB
© 2019 Skylines Academy, LLC. All rights reserved.

• Globally Distributed Database


Service
• Supports schema-less data
• Used to build highly responsive
Always On applications with
constantly changing data
© 2019 Skylines Academy, LLC. All rights reserved.
© 2019 Skylines Academy, LLC. All rights reserved.
Azure Cosmos DB APIs
© 2019 Skylines Academy, LLC. All rights reserved.

• Accessible via various APIs e.g:


– Document DB (SQL) API
– MongoDB API
– Graph (Gremlin) API
– Tables (Key/Value) API
• Automatically partitioned for:
– Performance
– Storage capacity
© 2019 Skylines Academy, LLC. All rights reserved.

Azure Storage
Azure Blob Storage
© 2019 Skylines Academy, LLC. All rights reserved.

• Unstructured storage for storing


objects
• Store images, video, and files of
any type
• Use cases:
• Streaming video and images direct to
user
• Backup/DR of data
• Archiving
SMB File Storage – Azure File Services

Benefits
© 2019 Skylines Academy, LLC. All rights reserved.

• Easy way to create file shares


• Supports SMB 2.1 (unsecured) and 3.0
(secured)
• Mount on Windows, Linux, or Mac
• Azure File Sync can be utilized to sync file
servers on-premises with Azure Files
Azure Table Storage

Table Storage
© 2019 Skylines Academy, LLC. All rights reserved.

• A NoSQL key-value store Account Table Entity Object


• Schemaless design
• Structured or Unstructured CONTACT CONTACT
NAME

Data TABLE DATA MODEL


ADDRESS

• Access using the Odata ACCOUNT


SPECIES
protocol and LINQ queries ANIMAL
TABLE
ANIMAL

WCF Data Service .NET LOCATION

Libraries
Azure Queue Storage

Queue Storage
© 2019 Skylines Academy, LLC. All rights reserved.

• Provides a reliable mechanism Accounts Queues Messages


for storage and delivering
messages for applications …

• A single queue message can be …
up to 64 KB in size, and a SALLY

queue can contain millions of …



messages, up to the total …
capacity limit of a storage
account
© 2019 Skylines Academy, LLC. All rights reserved.

VM Storage
VM Storage Types
© 2019 Skylines Academy, LLC. All rights reserved.

Standard Storage Premium Storage


Backed by traditional
Backed by SSD drives
HDD

Most cost effective Higher performance

Max throughput – Max throughput –


60MB/S per disk 250MB/S per disk
Max IOPS – Max IOPS –
500 IOPS per disk 7500 IOPS per disk
Managed Disk – Standard Storage Sizes
© 2019 Skylines Academy, LLC. All rights reserved.

S4 S6 S10 S20 S30 S40 S50


Disk size 32 64 128 512 1024 2048 4095
(GB)
• Max IOPS for all sizes above is 300 IOPS/Disk
• Max throughput for all sizes is 60MB/s
Managed Disk – Premium Storage Sizes
© 2019 Skylines Academy, LLC. All rights reserved.

P4 P6 P10 P15 P20 P30 P40 P50


Disk 32 64 128 256 512 1024 2048 4095
size
(GB)
Max 120 240 500 1100 2300 5000 7500 7500
IOPS
Max 25 50 100 125 150 200 250 250
through MB/s MB/s MB/s MB/s MB/s MB/s MB/s MB/s
Managed vs. Unmanaged Disks
© 2019 Skylines Academy, LLC. All rights reserved.

Unmanaged Disks Managed Disks

DIY option Simplest option

Management overhead Lower management


(20000 IOPS per storage overhead as Azure manages
account limit) the storage accounts

Supports all replication


Only LRS replication mode
modes
currently available
(LRS, ZRS, GRS, RA-GRS)
Replication Options
© 2019 Skylines Academy, LLC. All rights reserved.

Logically Zone Read Only


Geographically
Geographically
Replicated Replicated Replicated
Replicated
Storage Storage Storage
Storage
(LRS) (ZRS) (GRS)
(RA-GRS)
Replicated three times within Replicated three times across Replicates your data to a Same replication as per GRS
a storage scale unit one or two datacenters in second region that is but also provides read access
(collection of racks of addition to storing three hundreds of miles away from to the data in the other
storage nodes) hosted in a replicas similar to LRS. Data the primary region.Your data region.
datacenter in the same stored in ZRS is durable even is curable even in the event
region as your storage in the event that the primary of a complete region outage.
account was created. datacenter is unavailable or
unrecoverable.
Replication Strategies
© 2019 Skylines Academy, LLC. All rights reserved.

Replication Strategy LRS ZRS GRS RA-GRS

Data is replicated across No Yes Yes Yes


multiple datacenters?

Data can be read from a No No No Yes


secondary location and the
primary location?

Number of copies of data 3 3 6 6


maintained on separate nodes:
© 2019 Skylines Academy, LLC. All rights reserved.

Storage Account Overview


Azure Blob Storage Overview
© 2019 Skylines Academy, LLC. All rights reserved.

Storage Account

Container Container

IMAGE.JPG VIDEO.AVI IMAGE.JPG VIDEO.AVI


Storage Account Types
© 2019 Skylines Academy, LLC. All rights reserved.

General Purpose General Purpose


v1 Blob Account v2
(GPV1) (GPV2)
Block Blobs vs. Page Blobs

Block Blob Page Blob


© 2019 Skylines Academy, LLC. All rights reserved.

• Ideal for storing text or • Efficient for read/write


binary files operations
• A single block blob can • Used by Azure VMs
contain up to 50,000 blocks • Up to 8 TB in size
of up to 100 MB each, for a
total size of 4.75 TB
• Append blobs are optimized
for append operations (e.g.
logging)
Storage Tiers
© 2019 Skylines Academy, LLC. All rights reserved.

Hot Cold Archive

• Higher storage costs • Lower storage costs • Lowest storage costs


• Lower access costs • Higher access costs • Highest retrieval costs
• Intended for data that • When a blob is in
will remain cool for 30 archive storage it is
days or more offline and cannot be
read
Choosing Between Blobs, Files, and Disks
© 2019 Skylines Academy, LLC. All rights reserved.

• Access application data from anywhere


Blobs • Large amount of objects to store, images, videos etc.

• Access files across multiple machines


Files • Jumpbox scenarios for shared development scenarios

• Do not need to access the data outside of the VM


Disks • Lift-and-shift of machines from on-premises
• Disk expansion for application installations
© 2019 Skylines Academy, LLC. All rights reserved.

IoT Services
Azure IoT
© 2019 Skylines Academy, LLC. All rights reserved.

• Collection of Microsoft managed


cloud services focused on
connecting, monitoring and
controlling IoT assets
• IoT solutions are made up of 1 or
more IoT devices and 1 or more
back end services running in the
cloud.
IoT Device Examples
© 2019 Skylines Academy, LLC. All rights reserved.

• Water sensors for farming


• Pressure sensors on a remote oil
pump
• Temperature and humidity
sensors in an air-conditioning unit
IoT Services in Azure
© 2019 Skylines Academy, LLC. All rights reserved.

IoT Solution
IoT Central IoT Hub
Accelerators

SaaS solution to help you Underlying service needed Complete ready to deploy
connect and manage your to facilitate messages solutions that implement
devices between your IoT common IoT scenarios
application and devices
© 2019 Skylines Academy, LLC. All rights reserved.

Big Data Services


© 2019 Skylines Academy, LLC. All rights reserved.
Big Data Solution
SQL Data Warehouse
© 2019 Skylines Academy, LLC. All rights reserved.

• Key component of a Big Data solution


• Cloud based Enterprise Data
Warehouse (EDW) that uses Massive
Parallel Processing (MPP) to run
complex queries across petabytes of
data.
• Stores data in relational tables
reducing storage costs and improves
performance
SQL DW Architecture
© 2019 Skylines Academy, LLC. All rights reserved.

Control Node

Compute Node

DMS – Data Movement


Service

Azure Storage
HD Insight
© 2019 Skylines Academy, LLC. All rights reserved.

• Fully managed open-source analytics


service for enterprises
• Use the most popular frameworks like
Hadoop, Spark, Hive etc.
• Scenarios:
– Batch Processing (ETL)
– Data Warehousing
Data Lake Analytics
© 2019 Skylines Academy, LLC. All rights reserved.

• On-Demand job service that simplifies


big data
• Pay only for your job when it is running
• You write queries to transform your
data and extract insights
Which service?
IF YOU WANT... USE THIS
© 2019 Skylines Academy, LLC. All rights reserved.

A fully managed, elastic data warehouse with security at every level of scale at no extra SQL Data Warehouse
cost
A fully managed, fast, easy and collaborative Apache® Spark™ based analytics platform Azure Databricks
optimized for Azure
A fully managed cloud Hadoop and Spark service backed by 99.9% SLA for your HDInsight
enterprise
A data integration service to orchestrate and automate data movement and Data Factory
transformation
Open and elastic AI development spanning the cloud and the edge Machine Learning
Real-time data stream processing from millions of IoT devices Azure Stream Analytics
A fully managed on-demand pay-per-job analytics service with enterprise-grade Data Lake Analytics
security, auditing, and support
Enterprise grade analytics engine as a service Azure Analysis Services
A hyper-scale telemetry ingestion service that collects, transforms, and stores millions Event Hubs
of events
Fast and highly scalable data exploration service Azure Data Explorer
© 2019 Skylines Academy, LLC. All rights reserved.

Machine Learning
Azure Machine Learning
© 2019 Skylines Academy, LLC. All rights reserved.

• Machine learning is a data science


technique that allows computers to use
existing data to forecast future behaviors,
outcomes, and trends. By using machine
learning, computers learn without being
explicitly programmed.
• Azure Machine Learning service provides
a cloud-based environment you can use to
prep data, train, test, deploy, manage, and
track machine learning models.
• Automated ML and DevOps capabilities
Machine Learning Studio

• Collaborative, drag-and-drop visual


© 2019 Skylines Academy, LLC. All rights reserved.

workspace where you can build,


test, and deploy machine learning
solutions without needing to write
code.
• Uses prebuilt and preconfigured
machine learning algorithms and
data-handling modules as well as a
proprietary compute platform
© 2019 Skylines Academy, LLC. All rights reserved.

Accounts and Subscriptions Overview


Azure Account Hierarchy
Azure Enterprise http://ea.azure.com
© 2019 Skylines Academy, LLC. All rights reserved.

Departments

Accounts http://account.azure.com

Subscriptions http://portal.azure.com

Resources Groups

Resources
© 2019 Skylines Academy, LLC. All rights reserved.
Account to Subscription Relationships
© 2019 Skylines Academy, LLC. All rights reserved.
Enterprise Hierarchy Example
© 2019 Skylines Academy, LLC. All rights reserved.
Common Scenarios
EA Breakdown
Enterprise Department Service
© 2019 Skylines Academy, LLC. All rights reserved.

Admin Admin Account Owner Admin


Add other admins Enterprise Admins, Account Owners Add Service Admins No
Department Admins,
and Account Owners

Departments Add/Edit Departments Edit Department X X

Add or associate Yes Yes – to the No No


accounts to the department
enrollment

Add Subscriptions No – but can add No Yes No


themselves as AO

View usage and Across all Accounts Across Department Across Account No
charges data and Subscriptions

View remaining Yes No No No


balances
© 2019 Skylines Academy, LLC. All rights reserved.

Domain Services
Domain Services Overview
© 2019 Skylines Academy, LLC. All rights reserved.

Azure Active
Active Directory
Azure AD Directory
Domain Services
(AAD) Domain Services
(ADDS)
(AADDS)
Azure Active Directory
AAD
© 2019 Skylines Academy, LLC. All rights reserved.

• Modern AD service built directly for


the cloud
• Often the same as O365 directory
service
• Can sync with On-premises
directory service
Active Directory Domain Services
ADDS
© 2019 Skylines Academy, LLC. All rights reserved.

• Legacy Active Directory since


Windows 2000
• Traditional Kerberos and LDAP
functionality
• Deployed on Windows OS usually
on VMs
Azure Active Directory Domain Services
AADDS
© 2019 Skylines Academy, LLC. All rights reserved.

• Provides managed domain services


• Allows you to consume domain
services without the need to patch
and maintain domain controllers on
IaaS
• Domain Join, Group Policy, LDAP,
Kerberos, NTLM; all supported
© 2019 Skylines Academy, LLC. All rights reserved.

Azure AD
Azure AD Overview
© 2019 Skylines Academy, LLC. All rights reserved.

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-whatis
Azure AD Features
© 2019 Skylines Academy, LLC. All rights reserved.

Multifactor
Enterprise
Single Sign-On Authentication Self Service
Identity Solution
(MFA)

Create a single identity for Provide single sign-on Enhance security with Empower your users to
users and keep them in access to applications and additional factors of complete password resets
sync across the enterprise. infrastructure services. authentication. themselves, as well as
request access to specific
apps and services.
© 2019 Skylines Academy, LLC. All rights reserved.

Role-based Access Control (RBAC)


RBAC Overview
© 2019 Skylines Academy, LLC. All rights reserved.

• Create Users, Apps,


Groups
• Assign them to objects
in Azure with a specific
Role
Azure RBAC Built-in Roles
© 2019 Skylines Academy, LLC. All rights reserved.

Owner Contributor Reader Other Roles

Full access to all resources, Can create and manage all Can view existing Azure https://docs.microsoft.com
including the right to types of Azure resources, resources, but cannot /en-us/azure/active-
delegate access to others but cannot grant access to perform any other actions directory/role-based-
others against them access-built-in-roles
Azure RBAC Built-in Roles (continued)

Role Name Description


© 2019 Skylines Academy, LLC. All rights reserved.

API Management Service Contributor Can manage API Management service and the APIs
API Management Service Operator Role Can manage API Management service, but not the APIs
themselves
API Management Service Reader Role Read-only access to API Management service and APIs
Application Insights Component Contributor Can manage Application Insights components
Automation Operator Able to start, stop, suspend, and resume jobs
Backup Contributor Can manage backup in Recovery Services vault
Backup Operator Can manage backup except moving backup in Recovery
Services vault
Backup Reader Can view all backup management services

https://docs.microsoft.com/en-us/azure/active-directory/role-based-access-built-in-roles
Azure RBAC Built-in Roles (continued)
© 2019 Skylines Academy, LLC. All rights reserved.

• Roles include various actions


• Action defines what type of operations you can perform on a
given resource type
– Write enables you to perform PUT, POST, PATCH, and DELETE
operations
– Read enables you to perform GET operations
• Use PowerShell to get latest roles
Get latest roles Get-AzureRMRoleDefinition
© 2019 Skylines Academy, LLC. All rights reserved.
User Rights

Users
Resulting Rights

Roles
RBAC Custom Roles
© 2019 Skylines Academy, LLC. All rights reserved.

Assignable
Create if none of Each tenant can
Use “Actions” scopes:
the built-in roles have to 2000 - Subscriptions
and “NotActions”
work for you roles - Resource Groups
- Individual Resources
© 2019 Skylines Academy, LLC. All rights reserved.

Azure Policy
Azure Policies
© 2019 Skylines Academy, LLC. All rights reserved.

Assigned to
Enforce Built-in or
Subscriptions or Create > Assign
Governance Custom Code
Resource Groups
© 2019 Skylines Academy, LLC. All rights reserved.

Resource Locks
Azure Resource Locks
© 2019 Skylines Academy, LLC. All rights reserved.

• Mechanism for locking down


resources you want to ensure
have an extra layer of protection
before they can be deleted
• 2 options available:
– CanNotDelete: Authorized users can
read and modify but not delete the
resource
– ReadOnly: Authorized users can read
the resource but cannot update or delete
© 2019 Skylines Academy, LLC. All rights reserved.

Compliance and Security Requirements


Shared Responsibility Model
© 2019 Skylines Academy, LLC. All rights reserved.

• Security is a joint responsibility

• Cloud computing clearly provides many


benefits over on-premises

• As you move from IaaS > PaaS > SaaS you


can offload more of the controls to
Microsoft
You are always responsible for…
© 2019 Skylines Academy, LLC. All rights reserved.

Access
Data Endpoints Account
Management

https://gallery.technet.microsoft.com/Shared-Responsibilities-81d0ff91
Microsoft Trust Center
© 2019 Skylines Academy, LLC. All rights reserved.

• In-depth information Access to


FedRAMP, ISO, SOC audit
reports, data protection white
papers, security assessment
reports, and more

• Centralized resources around


security, compliance, and privacy
for all Microsoft Cloud services

• Powerful assessment tools

https://servicetrust.microsoft.com/
Compliance Manager
© 2019 Skylines Academy, LLC. All rights reserved.

• Manage compliance from a


central location

• Proactive risk assessment

• Insights and recommended


actions

• Prepare compliance reports


for audits
© 2019 Skylines Academy, LLC. All rights reserved.

Azure Security Center Overview


Azure Security Center Overview
© 2019 Skylines Academy, LLC. All rights reserved.

Continuous
Centralized Policy Actionable
Security
Management Recommendations
Assessment

Advanced Cloud Prioritized Alerts Integrated


Defenses and Incidents Security Solutions
Security Center Pricing Tiers
© 2019 Skylines Academy, LLC. All rights reserved.

Free (Azure Resources Only) Standard

• Security assessment • All features in free tier plus


• Security recommendations • Just in time VM access
• Basic security policy • Network threat detection
• Connected partner solutions • VM threat detection
© 2019 Skylines Academy, LLC. All rights reserved.

You might also like