MICROSOFT AZURE FUNDAMENTALS

Dang Nhat Microsoft Azure Fundamentals

MỤC LỤC
1. CLOUD COMPUTING..................................................................................
1.1. Introduction to Microsoft Azure Fundamentals..................................................
1.2. Introduction to cloud computing........................................................................
1.3. The shared responsibility model.........................................................................
1.4. Define cloud models..........................................................................................
1.4.1. Private cloud.....................................................................................................
1.4.2. Public cloud.......................................................................................................
1.4.3. Hybrid cloud.....................................................................................................
1.4.4. Multi-cloud.......................................................................................................
1.4.5. The consumption-based model..........................................................................
2. THE BENEFITS OF USING CLOUD SERVICES......................................
2.1. Benefits of high availability and scalability in the cloud.....................................
2.1.1. High availability................................................................................................
2.1.2. Scalability.........................................................................................................
2.2. Benefits of reliability and predictability in the cloud...........................................
2.2.1. Reliability..........................................................................................................
2.2.2. Predictability.....................................................................................................
2.3. Benefits of security and governance in the cloud................................................
2.4. Benefits of manageability in the cloud...............................................................
3. CLOUD SERVICE TYPES............................................................................
3.1. Infrastructure as a Service..................................................................................
3.2. Platform as a Service.........................................................................................
3.3. Software as a Service.........................................................................................
4. AZURE COMPUTE AND NETWORKING SERVICES............................
4.1. Azure Virtual Machines.....................................................................................
4.1.1. Scale VMs in Azure...........................................................................................
4.1.2. Examples of when to use VMs...........................................................................
4.1.3. VM resources....................................................................................................
4.2. Create an Azure Virtual Machine.......................................................................
4.2.1. Create a Linux virtual machine and install Nginx...............................................
4.3. Azure Virtual Desktop.....................................................................................
4.4. Azure Containers.............................................................................................
4.5. Azure functions...............................................................................................
5. THE CORE ARCHITECTURAL COMPONENTS OF AZURE..............

Trang 1-i
Dang Nhat Microsoft Azure Fundamentals

1. CLOUD COMPUTING
1.1. Introduction to Microsoft Azure Fundamentals
Microsoft Azure is a cloud computing platform with an ever-expanding set of
services to help you build solutions to meet your business goals.
 Azure has simple web services for hosting your business presence in the cloud.
 Azure supports running fully virtualized computers managing your custom
software solutions.
 Azure provides a wealth of cloud-based services like remote storage, database
hosting, and centralized account management.
 Azure offers new capabilities like artificial intelligence (AI) and Internet of Things
(IoT) focused services.
1.2. Introduction to cloud computing
Cloud computing is the delivery of computing services over the internet.
Computing services include common IT infrastructure such as virtual machines,
storage, databases, and networking.
Because cloud computing uses the internet to deliver these services, it doesn’t have to
be constrained by physical infrastructure the same way that a traditional datacenter is.
1.3. The shared responsibility model
The company is responsible for maintaining the physical space, ensuring security,
and maintaining or replacing the servers if anything happens.
The IT department is responsible for maintaining all the infrastructure and software
needed to keep the datacenter up and running. They’re also likely to be responsible
for keeping all systems patched and on the correct version.
With the shared responsibility model, these responsibilities get shared between the
cloud provider and the consumer.
 Physical security, power, cooling, and network connectivity are the responsibility
of the cloud provider.
 The the consumer is responsible for the data and information stored in the cloud.
(You wouldn’t want the cloud provider to be able to read your information.) The
consumer is also responsible for access security, meaning you only give access to
those who need it.
If you’re using a cloud SQL database
 The cloud provider would be responsible for maintaining the actual database.
 You’re still responsible for the data that gets ingested into the database. If you
deployed a virtual machine and installed an SQL database on it, you’d be
responsible for database patches and updates, as well as maintaining the data and
information stored in the database.

Trang 1-1
Dang Nhat Microsoft Azure Fundamentals

With an on-premises datacenter, you’re responsible for everything.

With cloud computing, those responsibilities shift. The shared responsibility model is
heavily tied into the cloud service types: infrastructure as a service (IaaS), platform
as a service (PaaS), and software as a service (SaaS).
 IaaS places the most responsibility on the consumer, with the cloud provider being
responsible for the basics of physical security, power, and connectivity.
 SaaS places most of the responsibility with the cloud provider.
 PaaS, being a middle ground between IaaS and SaaS, rests somewhere in the
middle and evenly distributes responsibility between the cloud provider and the
consumer.

You’ll always be responsible for:

 The information and data stored in the cloud
 Devices that are allowed to connect to your cloud (cell phones, computers, and so
on)
 The accounts and identities of the people, services, and devices within your
organization
The cloud provider is always responsible for:
 The physical datacenter
 The physical network
 The physical hosts

Trang 1-2
Dang Nhat Microsoft Azure Fundamentals

Your service model will determine responsibility for things like:

 Operating systems
 Network controls
 Applications
 Identity and infrastructure
1.4. Define cloud models
1.4.1. Private cloud
It’s a cloud that’s used by a single entity. Private cloud provides much greater
control for the company and its IT department.
Comes with greater cost and fewer of the benefits of a public cloud deployment.
A private cloud may be hosted from your on site datacenter. It may also be hosted
in a dedicated datacenter offsite, potentially even by a third party that has
dedicated that datacenter to your company.
1.4.2. Public cloud
A public cloud is built, controlled, and maintained by a third-party cloud provider.
Anyone that wants to purchase cloud services can access and use resources.
1.4.3. Hybrid cloud
A hybrid cloud is a computing environment that uses both public and private
clouds in an inter-connected environment.
 Allow a private cloud to surge for increased, temporary demand by deploying
public cloud resources.
 Provide an extra layer of security.

Public cloud Private cloud Hybrid cloud

Organizations have
No capital expenditures Provides the most
complete control over
to scale up flexibility
resources and security

Applications can be Data is not collocated Organizations

quickly provisioned and with other organizations’ determine where to run
deprovisioned data their applications

Hardware must be Organizations control

Organizations pay only
purchased for startup security, compliance, or
for what they use
and maintenance legal requirements

Trang 1-3
Dang Nhat Microsoft Azure Fundamentals

Organizations don’t have Organizations are

complete control over responsible for hardware
resources and security maintenance and updates

1.4.4. Multi-cloud
You use multiple public cloud providers. Maybe you use different features from
different cloud providers. Or maybe you started your cloud journey with one
provider and are in the process of migrating to a different provider.
In a multi-cloud environment you deal with two (or more) public cloud providers
and manage resources and security in both environments.
1.4.5. The consumption-based model
When comparing IT infrastructure models, there are two types of expenses to
consider.
 CapEx is typically a one-time, up-front expenditure to purchase or secure
tangible resources. A new building, repaving the parking lot, building a
datacenter, or buying a company vehicle are examples of CapEx.
 OpEx is spending money on services or products over time. Renting a
convention center, leasing a company vehicle, or signing up for cloud services
are all examples of OpEx.
Cloud computing falls under OpEx because cloud computing operates on a
consumption-based model. You don’t pay for the physical infrastructure, the
electricity, the security, or anything else associated with maintaining a datacenter.
You pay for the IT resources you use. If you don’t use any IT resources this
month, you don’t pay for any IT resources.
This consumption-based model has many benefits, including:
 No upfront costs.
 No need to purchase and manage costly infrastructure that users might not use
to its fullest potential.
 The ability to pay for more resources when they're needed.
 The ability to stop paying for resources that are no longer needed.

2. THE BENEFITS OF USING CLOUD SERVICES

2.1. Benefits of high availability and scalability in the cloud
2.1.1. High availability
When you’re deploying an application, a service, or any IT resources, it’s
important the resources are available when needed. High availability focuses on
ensuring maximum availability, regardless of disruptions or events that may occur.

Trang 1-4
Dang Nhat Microsoft Azure Fundamentals

When you’re architecting your solution, you’ll need to account for service
availability guarantees. These guarantees are part of the service-level agreements
(SLAs).
2.1.2. Scalability
Scalability refers to the ability to adjust resources to meet demand.
If demand drops off, you can reduce your resources and thereby reduce your costs.
1. Vertical scaling
Vertical scaling is focused on increasing or decreasing the capabilities of
resources.
If you were developing an app and you needed more processing power, you could
vertically scale up to add more CPUs or RAM to the virtual machine.
2. Horizontal scaling
Horizontal scaling is adding or subtracting the number of resources.
If you suddenly experienced a steep jump in demand, your deployed resources
could be scaled out (either automatically or manually).
You could add additional virtual machines or containers, scaling out.
If there was a significant drop in demand, deployed resources could be scaled in.
2.2. Benefits of reliability and predictability in the cloud
2.2.1. Reliability
Reliability is the ability of a system to recover from failures and continue to
function.
With a decentralized design, the cloud enables you to have resources deployed in
regions around the world. With this global scale, even if one region has a
catastrophic event other regions are still up and running.
In some cases, your cloud environment itself will automatically shift to a different
region for you, with no action needed on your part.
2.2.2. Predictability
Predictability in the cloud lets you move forward with confidence. Predictability
can be focused on performance predictability or cost predictability.
1. Performance
Performance predictability focuses on predicting the resources needed to deliver a
positive experience for your customers.
Autoscaling, load balancing, and high availability are just some of the cloud
concepts that support performance predictability.
You suddenly need more resources, autoscaling can deploy additional resources
to meet the demand, and then scale back when the demand drops.

Trang 1-5
Dang Nhat Microsoft Azure Fundamentals

If the traffic is heavily focused on one area, load balancing will help redirect
some of the overload to less stressed areas.
2. Cost
Cost predictability is focused on predicting or forecasting the cost of the cloud
spend.
You can track your resource use in real time, monitor resources
2.3. Benefits of security and governance in the cloud
Whether you’re deploying infrastructure as a service or software as a service, cloud
features support governance and compliance.
Things like set templates help ensure that all your deployed resources meet corporate
standards and government regulatory requirements.
You can update all your deployed resources to new standards as standards change.
If you want maximum control of security, infrastructure as a service provides you
with physical resources but lets you manage the operating systems and installed
software, including patches and maintenance.
If you want patches and maintenance taken care of automatically, platform as a
service or software as a service deployments may be the best cloud strategies for you.
Cloud providers are typically well suited to handle things like distributed denial of
service (DDoS) attacks, making your network more robust and secure.
2.4. Benefits of manageability in the cloud
Management of the cloud speaks to managing your cloud resources. In the cloud, you
can:
 Automatically scale resource deployment based on need.
 Deploy resources based on a preconfigured template, removing the need for
manual configuration.
 Monitor the health of resources and automatically replace failing resources.
 Receive automatic alerts based on configured metrics, so you’re aware of
performance in real time.
Management in the cloud speaks to how you’re able to manage your cloud
environment and resources. You can manage these:
 Through a web portal.
 Using a command line interface.
 Using APIs.
 Using PowerShell.

Trang 1-6
Dang Nhat Microsoft Azure Fundamentals

3. CLOUD SERVICE TYPES

3.1. Infrastructure as a Service
The cloud provider is responsible for maintaining the hardware, network connectivity
(to the internet), and physical security.
You’re responsible for everything else: operating system installation, configuration,
and maintenance; network configuration; database and storage configuration; and so
on.
Some common scenarios where IaaS might make sense include:
 Lift-and-shift migration: You’re standing up cloud resources similar to your on-
prem datacenter, and then simply moving the things running on-prem to running
on the IaaS infrastructure.
 Testing and development: You have established configurations for development
and test environments that you need to rapidly replicate. You can stand up or shut
down the different environments rapidly with an IaaS structure, while maintaining
complete control.
3.2. Platform as a Service
The cloud provider maintains the physical infrastructure, physical security, and
connection to the internet. They also maintain the operating systems, middleware,
development tools, and business intelligence services that make up a cloud solution.
In a PaaS scenario, you don't have to worry about the licensing or patching for
operating systems and databases.
Some common scenarios where PaaS might make sense include:
 Development framework: PaaS provides a framework that developers can build
upon to develop or customize cloud-based applications. Similar to the way you
create an Excel macro, PaaS lets developers create applications using built-in
software components. Cloud features such as scalability, high-availability, and
multi-tenant capability are included, reducing the amount of coding that
developers must do.
 Analytics or business intelligence: Tools provided as a service with PaaS allow
organizations to analyze and mine their data, finding insights and patterns and
predicting outcomes to improve forecasting, product design decisions, investment
returns, and other business decisions.
3.3. Software as a Service
SaaS is the model that places the most responsibility with the cloud provider and the
least responsibility with the user.
In a SaaS environment you’re responsible for the data that you put into the system,
the devices that you allow to connect to the system, and the users that have access.

Trang 1-7
Dang Nhat Microsoft Azure Fundamentals

Everything else falls to the cloud provider. The cloud provider is responsible for
physical security of the datacenters, power, network connectivity, and application
development and patching.
Some common scenarios for SaaS are:
 Email and messaging.
 Business productivity applications.
 Finance and expense tracking.

4. AZURE COMPUTE AND NETWORKING SERVICES

4.1. Azure Virtual Machines
With Azure Virtual Machines (VMs), you can create and use VMs in the cloud. VMs
provide infrastructure as a service (IaaS) in the form of a virtualized server and can
be used in many ways.
You can customize all of the software running on your VM. VMs are an ideal choice
when you need:
 Total control over the operating system (OS).
 The ability to run custom software.
 To use custom hosting configurations.
However, as an IaaS offering, you still need to configure, update, and maintain the
software that runs on the VM.
You can even create or use an already created image to rapidly provision VMs. You
can create and provision a VM in minutes when you select a preconfigured VM
image. An image is a template used to create a VM and may already include an OS
and other software, like development tools or web hosting environments.
4.1.1. Scale VMs in Azure
1. Virtual machine scale sets
Virtual machine scale sets let you create and manage a group of identical, load-
balanced VMs.
If you simply created multiple VMs with the same purpose, you’d need to ensure
they were all configured identically and then set up network routing parameters to
ensure efficiency. You’d also have to monitor the utilization to determine if you
need to increase or decrease the number of VMs.
Azure automates most of that work. Scale sets allow you to centrally manage,
configure, and update a large number of VMs in minutes. The number of VM
instances can automatically increase or decrease in response to demand, or you
can set it to scale based on a defined schedule. VM scale sets automatically
deploy a load balancer to make sure that your resources are being used efficiently.

Trang 1-8
Dang Nhat Microsoft Azure Fundamentals

2. Virtual machine availability sets

Availability sets are designed to ensure that VMs stagger updates and have varied
power and network connectivity, preventing you from losing all your VMs with a
single network or power failure.
Availability sets do this by grouping VMs:
 Update domain: The update domain groups VMs that can be rebooted at the
same time. This allows you to apply updates while knowing that only one
update domain grouping will be offline at a time. All of the machines in one
update domain will be updated. An update group going through the update
process is given a 30-minute time to recover before maintenance on the next
update domain starts.
 Fault domain: The fault domain groups your VMs by common power source
and network switch. By default, an availability set will split your VMs across
up to three fault domains. This helps protect against a physical power or
networking failure by having VMs in different fault domains (thus being
connected to different power and networking resources).
4.1.2. Examples of when to use VMs
During testing and development. VMs provide a quick and easy way to create
different OS and application configurations. Test and development personnel can
then easily delete the VMs when they no longer need them.
When running applications in the cloud. The ability to run certain applications in
the public cloud as opposed to creating a traditional infrastructure to run them can
provide substantial economic benefits. For example, an application might need to
handle fluctuations in demand. Shutting down VMs when you don't need them or
quickly starting them up to meet a sudden increase in demand means you pay only
for the resources you use.
When extending your datacenter to the cloud: An organization can extend the
capabilities of its own on-premises network by creating a virtual network in Azure
and adding VMs to that virtual network. Applications like SharePoint can then run
on an Azure VM instead of running locally. This arrangement makes it easier or
less expensive to deploy than in an on-premises environment.
During disaster recovery: As with running certain types of applications in the
cloud and extending an on-premises network to the cloud, you can get significant
cost savings by using an IaaS-based approach to disaster recovery. If a primary
datacenter fails, you can create VMs running on Azure to run your critical
applications and then shut them down when the primary datacenter becomes
operational again.
4.1.3. VM resources
When you provision a VM, you’ll also have the chance to pick the resources that
are associated with that VM, including:
 Size (purpose, number of processor cores, and amount of RAM)

Trang 1-9
Dang Nhat Microsoft Azure Fundamentals

 Storage disks (hard disk drives, solid state drives, etc.)

 Networking (virtual network, public IP address, and port configuration)
4.2. Create an Azure Virtual Machine
4.2.1. Create a Linux virtual machine and install Nginx
From Cloud Shell, run the following az vm create command to create a Linux VM:
az vm create \
--resource-group learn-b68edc95-f812-43d7-9f28-66369b212f40 \
--name my-vm \
--image UbuntuLTS \
--admin-username azureuser \
--generate-ssh-keys
Run the following az vm extension set command to configure Nginx on your VM:
az vm extension set \
--resource-group learn-b68edc95-f812-43d7-9f28-66369b212f40 \
--vm-name my-vm \
--name customScript \
--publisher Microsoft.Azure.Extensions \
--version 2.1 \
--settings
'{"fileUris":["https://raw.githubusercontent.com/MicrosoftDocs/mslearn-
welcome-to-azure/master/configure-nginx.sh"]}' \
--protected-settings '{"commandToExecute": "./configure-nginx.sh"}'
This command uses the Custom Script Extension to run a Bash script on your VM.
The script is stored on GitHub. o summarize, the script:
 Runs apt-get update to download the latest package information from the
internet. This step helps ensure that the next command can locate the latest
version of the Nginx package.
 Installs Nginx.
 Sets the home page, /var/www/html/index.html, to print a welcome message
that includes your VM's host name.
Result:

Trang 1-10
Dang Nhat Microsoft Azure Fundamentals

Trang 1-11
Dang Nhat Microsoft Azure Fundamentals

4.3. Azure Virtual Desktop

Azure Virtual Desktop is a desktop and application virtualization service that runs on
the cloud. It enables you to use a cloud-hosted version of Windows from any
location.
Azure Virtual Desktop provides centralized security management for users' desktops
with Azure Active Directory (Azure AD).
 Enable multifactor authentication to secure user sign-ins.
 Secure access to data by assigning granular role-based access controls (RBACs) to
users.
4.4. Azure Containers
Containers are a virtualization environment.
 You can run multiple containers on a single physical or virtual host.
 You don't manage the operating system for a container.

Trang 1-12
Dang Nhat Microsoft Azure Fundamentals

Virtual machines appear to be an instance of an operating system that you can

connect to and manage.
Containers are lightweight and designed to be created, scaled out, and stopped
dynamically.
It's possible to create and deploy virtual machines as application demand increases,
but containers are a lighter weight, more agile method. Containers are designed to
allow you to respond to changes on demand.
You can quickly restart if there's a crash or hardware interruption. One of the most
popular container engines is Docker.
Azure Container Instances offer the fastest and simplest way to run a container in
Azure; without having to manage any virtual machines or adopt any additional
services. Azure Container Instances are a platform as a service (PaaS) offering.
Containers are often used to create solutions by using a microservice architecture.
This architecture is where you break solutions into smaller, independent pieces. For
example, you might split a website into a container hosting your front end, another
hosting your back end, and a third for storage.
4.5. Azure functions
Azure Functions is an event-driven, serverless compute option that doesn’t require
maintaining virtual machines or containers.
The goal of serverless computing is to help you by taking care off those tiresome
types of server management tasks.
Serverless computing - there are in fact servers being used, the responsibility of
managing servers is already handled for you
 No infrastructure management, you don’t have to focus administrative tasks
(install OS), you simply deploy your code and it automatically runs with high
availability
 Scalability
 Only pay for what you use
Functions are commonly used when you need to perform work in response to an
event (often via a REST request), timer, or message from another Azure service, and
when that work can be completed quickly, within seconds or less.
Functions scale automatically based on demand, so they may be a good choice when
demand is variable.

5. THE CORE ARCHITECTURAL COMPONENTS OF AZURE

Many teams start exploring the cloud by moving their existing applications to virtual
machines (VMs) that run in Azure. Migrating your existing apps to VMs is a good
start, but the cloud is much more than a different place to run your VMs.

Trang 1-13
Dang Nhat Microsoft Azure Fundamentals

Azure provides artificial intelligence (AI) and machine-learning (ML) services that can
naturally communicate with your users through vision, hearing, and speech. It also
provides storage solutions that dynamically grow to accommodate massive amounts of
data. Azure services enable solutions that aren't feasible without the power of the
cloud.

Trang 1-14