Skip to main content

Describe Azure compute and networking services

Describe Azure virtual machines

These are just virtual machines hosted remotely on Azure services. Azure provides preconfigured VM images so you can spin up a VM in minutes and hit the ground running.

One of the draws of having VMs in Azure is that you can have them in sets. Sets are groupings of identical load-balanced VMs. Azure handles all the hard work of ensuring the VMs in the set know how to talk to each other and when to spin up or scale down the number of VMs in the set.

Sets can be used as scale sets. The Azure VM scale set automatically increases or decreases the number of available VMs in response to demand (i.e., traffic to a webapp) or by the developer's defined schedule. The scale set is also deployed with a load balancer.

Sets can also be used as availability sets. These sets stagger updates and vary in power & network connectivity; in the event of a VMs failure, another VM in the availability set can take over. Availability sets group their VMs in two ways:

Update domains

VMs are placed in subgroups that can be rebooted independently of other VMs within the set. Each update domain has each VM within go through its update process and reboot. The update domains are given a 30 minute "rest" period when all VMs within are updated before the next domain is updated

Fault domains

This grouping pattern groups VMs by common power source and network switch. If a single power source in the area goes down or a network switch experiences trouble, the other VMs in the pool won't be affected. By default, an availability set will split your VMs across three different fault domains.
    
Most of the move to "the cloud" is just moving the apps running on physical servers with VMs to remote servers with VMs, but most companies can't do what cloud providers are doing with redundancy and backup like this. This move is often referred to as "lift and shift".

VMs have three resource categories:

  • Size (number of processor cores and RAM)
  • Storage (storage capacity, whether storage is on HDDs or SSDs)
  • Networking (virtual networks, public IP addresses, port configuration)

Describe Azure virtual desktop

Azure VD is Microsoft's way of hosting a Windows system on the cloud. This module is Microsoft's shill for their VD service; if you set up a VD for each of your users, they can bring their own device and not have to worry too deeply about security, and you won't have to buy them expensive laptops.

Describe Azure containers

Containers are a virtualization environment. A virtual or physical machine can run multiple containers, and each container can contain your app(s).

The big sells of containerized apps over putting everything on a series of VMs are:

  • Containers are much lighter than VMs in terms of resources
  • Containers don't require devs to manage their operating system
  • Containers start up and spin down faster than VMs, and thus have better ability to rapidly scale
  • Because containers have faster startup and spindown, they're easier to bring up after failures

Microsoft created several products for containers:

  • Container Instances, where you can upload a Docker image or other media and have Azure handle the rest
  • Container Apps, which expand on instances by adding load balancing and scaling and take care of managing individual containers
  • Kubernetes Service, which is Azure's implementation of K8S for managing a "fleet" of containers

You could use several Azure Container Apps for a project: one that hosts your frontend, another that hosts your backend, and another that's solely for storage (databases). In fact, this is how most modern companies are approaching making containerized apps: if a backend container is under heavy traffic & stress while other containers for different areas of the application are more stable, an extra backend container can be spun up separately. Projects can scale on demand faster and for less money.

Describe Azure functions

The official definition of Azure function is that it's "an event-driven serverless compute option that doesn't require maintaining virtual machines or containers".

You can think of it like having an on-demand console app that can be accessed via a REST endpoint.

Functions scale automatically based on demand, the code in functions runs on demand, and after the function completes running the code it deallocates resources.

Functions used to only be stateless but Microsoft introduced the concept of Durable Functions that pass along a context object during every invocation that tracks prior activity.

Describe application hosting options

The hype around Azure is mostly around containers and serverless functions, but there's still a need for semi-traditional hosting. Azure offers this via App Service, which is defined as a "HTTP-base service for hosting web applications, REST APIs, and mobile backends".

The standards like web apps, APIs, and mobile apps are there, but there's an additional service within App Services called "WebJobs". This service allows you to run programs (.exes, .jars, etc.) or scripting files (bash, PowerShell, etc.) in the same context of an API call where you can make a request and the app within WebJob will run.

Describe Azure virtual networking

Azure virtual networking is a service that you're experienced enough to know that you need. AVNs allow you to enable Azure resources to communicate with the internet, one another, and anything in your offices.

These are the big ticket capabilities that you'd be expected to be able to rattle off on an exam:

  • Isolation and segmentation
  • Internet communications
  • Communicate between Azure resources
  • Communicate with on-premises resources
  • Route network traffic
  • Filter network traffic
  • Connect virtual networks

Azure virtual networking supports both public and private endpoints to enable communication between external or internal resources with other internal resources.

  • Public endpoints have a public IP address and can be accessed from anywhere in the world.
  • Private endpoints exist within a virtual network and have a private IP address from within the address space of that virtual network.

Additionally, Azure has its own VPNs to support its virtual networking, so you can spin up a VPN Gateway for your virtual network.

The functionality for bringing your networks to Azure is built into a service called ExpressRoute; with it, you can connect directly to services in Azure and even Microsoft products like Microsoft 365.

To top it all off, Azure has its own DNS functionality where it can manage and interact with your DNS records for your network.

Back to top