Microsoft Azure Services and Concepts


 
 In Cloud you/Client upload and download data and using services you can manipulate that data. These data is stored in data center( physical server with network, cooling). MS is thinking of having DC below oceans. MS makes it cost effective by using something called ITPacs (IT Pre Assembled Components). 

This implemented as shipping containers so if they have issue can replace shipping container.


Focus areas are Datacenter security/ Cost. There is Virtual/physical security/Biometric/ Approvals to make the data center secure. Azure follows various security standard ISO 27001, HIPAA, FedRAMP, SOC 1 & 2. There is region specific standard and third party Audit. MS focus on Energy Efficacy, infect MS is Carbon neutral by using green energy. Project Natick (40 feet) long underwater data center deployed of cost of Scotland.



Concepts of Region and availability. We need to choose a data center, that is a based on where most users are based so request response does not take time. One more reason is Azure services are available only in specific reason. Some specific high intensive resources for example High performance Compute VM is not available in Central US. Regulatory and compliance/Data residency/Data Sovernity is also reason for selecting the region. 


Similar to data sovereignty, data residency also refers to the legal or regulatory requirements imposed on data based on the country or region in which it resides.

Organizations that handle international data must ensure that data privacy is not put at risk when shared across borders. Likewise, understanding the legal requirements of storing data in a certain country is fundamental to meeting data privacy and security standards. 

What is data residency?

Data residency refers to where a business, industry body or government specifies that their data is stored in a geographical location of their choice, usually for regulatory or policy reasons. A typical example of a data residency requirement in action is where a company wishes to take advantage of a better tax regime. 

What is data sovereignty?

Data sovereignty differs from data residency in that not only is the data stored in a designated location, but is also subject to the laws of the country in which it is physically stored. This difference is crucial, as data subjects (any person whose personal data is being collected, held or processed) will have different privacy and security protections according to where the data centers housing their data physically sit.


So in Azure even if you choose a region with some services your data may end up in other region for example logs.


Region Pair: Data center which are generally 300 miles away from each other to reduce impact on availability due to natural disaster or electricity issue. region pair allows client to configure automatic replication and failover for certain Azure services. Even if services don't provide automatic fail over so you can design your own solution for disaster recovery and avaialbitly by consdiering RP.


Availability Zone: Unique physical location within Azure region which is made up of multiple data center equipped with own independent power cooling and network. So in case of data it can be copied in different availability zone but for VM we need to create in different Availability zone and then use load balancer to make sure availability.

Resource Group


Resource is just a manageable item in Azure example VM, Storage account db etc.

Resource group is a container that contains resources that contains same life cycle. You add/remove resource from RG. 


Resource can communicate across RG means there can be multiple websites in different RG pointing to same DB which is in a RG. We can control rights as well in RG for example dev can view the resources but only admin can add/edit it. We can import resources using Resource template this is helpful when we move from Dev to Prod. Resources in a Resource Group can be in different region than in region of RG. You can create resource group and specify when creating a Resource. Generally a resource group is crated in same region like for example when creating VM.


Azure Resource Manager  (ARM)




Client can sent request to create/edit resource via various ways but all request first gets authenticated via Azure AD. Azure PowerShell and Azure CLI can be at client machine or can be used from Cloud Shell on Azure portal which allows to use the CLI from browser. 

There are various SDK as well for Java .net and few other which can be used to call ARM. 


Some CLI commands are

>az --version


>az group list

>az resource list --resource-group  VMTest (Provide list of all resources)

>az resource list --response-group  VMTestRG --out table or --query "[].{Name:name,Type:type}"

Same command can be done in Cloud Shell





With this simple command we careated a website and we can even access that in ARM when we look at resource and click on Browse.


Infrastructure as Code in ARM




CI Continuous Integration, 
CD Continuous Deployment. 



To implement Infrastructure as code Azure has Azure resource manager Template. 


We can use Resource manager template for repeatable deployment. These are json files consist of two main things, 1) parameters (website name, app service name etc)  
2) resources (resource list ZBS VM, DB etc) 

We can export these template with or without parameters and then reuse it. We can even save it as template. 





Azure Service Health

This is a service 
Azure status shows overall health. But with Azure service health you can see client specific details and set specific alert for them. 
You can find about planned maintenance so can plan accordingly.
Health Advisories are related to services we are using or for example our web application uses a .net version that is upgraded.
Security advisories Notification or  violation which may affect availability of azure web services.


refer to Resource Health for each resource health.



You can create rules/alerts for any of the events. You can select the action group and type of alert (SMS, call, App push notification) 



Azure Monitor

is a tool for collecting and monitoring telemetry from Azure services. we can even monitor on premises resources too. Azure monitor collect different metrics all the time for the resources. Different resource have different metrics.

This also provide analytics logs. 
With application Monitor you can watch internal and external(traffic) details of your application (web app)




Azure Advisor 
Performance Security and availability for Azure resources can be optimized by personalized Azure Advisor. This also recommend ways to save cost. Azure advisor is a service. 

Advisor consider the resources and telemetry that has been collected to suggest. 

Recommendations are on 

Cost Security 
Reliability 
Operation Excellence 
Performance.

we can download it in pdf or csv to share. 

For example when we have VM underutilized we get advised as that is costly to run VM. 
WE can remediate to fix some of the problems.
You can pospone or dismiss the recommendation 
User can filter the Resource group for which we need recommendation, you can even set alert or digest.







Comments

Post a Comment

Popular posts from this blog

Azure Platform Solutions (Machine Learning and Cognitive Services)

Machine Learning: Machine learning is about using existing data to forecast future behaviors outcome and  trends.  Here you without programming you are making computer to learn by training the model (using known data). Based on Model Model can take unknown data and makes prediction. For ML we have Azure Machine learning Studio  Demo Create a machine learning workspace. Launch ML Studio. There are three ways to learn experiment.  Notebook: are jupiter notebook where you can write Python code.  here you load data from data set, You  create experiment, train model and run experiment on computer code.  You see result of experiment on Experiments tab Automated ML :   This is another way to create experiments. This help you find best matching ml alogrithm without even programming it. It's using AI to do Machine learning. Example shown if client will opt for fixed term load. So you can load the data and based on data you get result for Model/Algori...
Read more

Azure Platform Solutions (BigData)

Image
Azure have many platform solution related to Machine learning AI, BigData and IOT and solution Azure offers. Devices and sensors that are connected to each other and to internet are called IOT(internet of things). Below are some example of IOT. Issues with IOT IOT Services in Azure Azure IOT Central Azure IOT Hub  Azure Sphere Azure IOT Hub is a platform service which provide the building blocks for connecting devices to cloud, managing devices and ingesting data in to service. You can program solution which can enable secure bidirectional communication with million of devices.  You don't have to provision the object that represent the devices in Azure either There is service in IOT hub that can automatically provision devices when they connect to the services so you can deploy devices out in world with less effort.  Example when temperature reaches threshold start the fan. Delivery truck share the traffic data. IOT hub is a platform and it has a different API and SDK for...
Read more

Azure Core Product: Data Storage

Image
 As companies are producing more data than before there is need to store this data and access it anytime from any location. Azure had storage services for various data types. There are many benefits of storing this data in Azure Automated backup and recovery  Replication across world  Encryption option  Security and platform integration  Development feature and support. Managed Relational database in Azure SQL Server With VM You can host a SQL server on a VM that gives you full control. Or you can provision from Azure marketplace by using existing image.  Flexible pricing options are there. You can configure automated backup and automated updates scheduling.  Azure SQL DB Then there is another version of this i.e. platform as a service where you always have a latest version of SQL server running. Flexible pricing model in based on Virtual core or Distributed transaction unit (DTU) i.e. based on usage.  For deployment you can either have single DB ...
Read more