AZ-900 Certification | Quick Notes | Part 2

In continuation with the Quick Notes series for Azure -900 certification here is part 2 for reference.

Azure Virtual Machine

• Infrastructure as a service , similar to physical datacentre hosted in cloud.
• Provides virtualised server and is ideal to be used when you want full control over operating system, ability to run custom software and use custom host configuration.
• Can be provisioned by using already created VM image or template.

Virtual Machine Scale Set

• Manage group of identical load balanced VMs.
• Allows centrally manage, create and monitor large sets of similar VMs.
• Can increase or decrease based on the demand.
• Deploys load balancer to equally distribute resources.

Virtual Machine Availability Sets

• Helps prevent loosing all VMs in single power and network.
• Groups VMs into two domains.
  - Update Domain : Groups VMs that can be rebooted at the same time.
  - Fault Domain : Groups VMs by network power source and network switch.
• When to use VMs :
  - Testing and development
  - When running application to cloud
  - Extending datacentre to cloud
  - During disaster recovery

Azure Virtual Desktop

• Cloud hosted version of windows that can be used from anywhere.
• Provides centralized security management using Entra ID.
• More granular roles using RBAC can be assigned to secure data.
• Data and apps are separated from local hardware and put in cloud.
• Allows multiple concurrent users on single VM.

Azure Containers

• Best option if you want to run multiple instances of an application on single host machine.
• Handles single app and its dependencies , deploys it as a unit into container host.
• Containers virtualises the OS while VM virtualises the hardware.
• Can be spinned up quickly than VMs.
• Can be orchestrated using Container cluster orchestration.

Azure Container Instance

• Platform as a service , used to run upload and run containers in Azure.

Azure Container Apps

• Also a PaaS and used to run application.
• Provide load balancing and scaling.

Azure Kubernetes Service

• Orchestration service for containers.
• Manages the lifecycle of containers.

Where to use Containers -

• When your solution can be broken into pieces which can be managed , scaled and updated independently.
• Used to create solution by using microservice architecture.

Azure Functions

• Event-driven , serverless compute option.
• Useful when running code is all that matters without intervening in the infrastructure and platform.
• Scale up on demand and are charged only for the CPU time when the function runs.
• Can be stateless or stateful; stateless(default) refers to acting as if they are restarted everytime an event happens and stateful(durable function) makes uses of context that trackes prior activities.

Azure Virtual Networking

• Helps in providing communication between Azure resources as well as on-premise.
• Route and filter network traffic.
• Provides isolation and segmentation between the virtual networks .
• Point to site virtual network , site-to-site virtual network and Azure Expressroute are the three ways to achieve connectivity using virtual network.

- Route Network Traffic

• Route table : Table that controls how packets are routed over subnet.
• Border Gateway protocol : Works with Azure VPN gateways, Azure Route Server, or Azure ExpressRoute to propagate on-premises BGP routes to Azure virtual networks.

-Filter Network

• Network security groups filters the outbound and inbound traffic.
• Network Virtual appliance performs network function like running firewall or wide area network optimisation.

-Peering

• Allows connection between virtual networks.
• Network between peered network is private and never entering the public internet.

Azure Virtual Private Network

• Allows communication between private networks over the untrusted network (internet) using traffic encryption.
  - VPN Gateways
  - Deployed in dedicated subnet and enable connectivity.
• Policy based VPN — IP address of the packets are specified statically that are to be routed.
• Route based gateways — Preferred for on-premise devices or which are more resilient to topology changes.

Azure Express Route

• Helps extend on premise connection to cloud using express circuit.
• ExpressRoute connections don’t go over the public Internet. This allows ExpressRoute connections to offer more reliability, faster speeds, consistent latencies, and higher security than typical connections over the Internet.
• Express route uses BGP , that helps exchange routs between on premise and Azure.

Azure DNS

• Provides name resolution .
• Use anycast networking so that each DNS query is answered by closest available DNS server which provides performance and high availability.