Interview: Azure Fundamentals_Part 2

7 min readNov 19, 2020

Azure Cosmos DB

Azure Cosmos DB supports schema-less data, which lets you build highly responsive and “Always On” applications to support constantly changing data.

Azure Cosmos DB is flexible.Your choices include SQL, MongoDB, Cassandra, Tables, and Gremlin. This level of flexibility means that as you migrate your company’s databases to Azure Cosmos DB, your developers can stick with the API that they’re the most comfortable with.

Azure SQL Database — (PaaS)

Azure SQL Database is a relational database based on the latest stable version of the Microsoft SQL Server database engine.

You can migrate your existing SQL Server databases with minimal downtime by using the Azure Database Migration Service(DMS).

Azure SQL Managed Instance — PaaS

Azure SQL Managed Instance provides several options that might not available to Azure SQL Database

Good to know: Explore big data and analytics

Azure Synapse Analytics / Azure SQL Data Warehouse

It is a analytics service that brings together enterprise data warehousing and big data analytics. You have a unified experience to ingest, prepare, manage, and serve data for immediate BI and machine learning needs.

Azure HDInsight

Analytics service for enterprises. You can run popular open-source frameworks and create cluster types such as Apache Spark , Apache Hadoop , Apache Kafka , Apache HBase , Apache Storm , and Machine Learning Services .

HDInsight also supports a broad range of scenarios such as extraction, transformation, and loading (ETL), data warehousing, machine learning, and IoT.

Azure Databricks

Azure Databricks helps you unlock insights from all your data and build artificial intelligence solutions.You can set up your Apache Spark environment in minutes.

Azure Databricks supports Python, Scala, R, Java, and SQL, as well as data science frameworks and libraries including TensorFlow, PyTorch, and scikit-learn.

Azure Data Lake Analytics

Azure Data Lake Analytics is an on-demand analytics job service that simplifies big data.

Azure compute services

Containers and Kubernetes

Containers are lightweight, virtualized application environments. They’re designed to be quickly created, scaled out, and stopped dynamically. If you want to run multiple instances of an application on a single host machine, containers are an excellent choice.

Azure Container Instances — PaSS

Azure Container Instances offers the fastest and simplest way to run a container in Azure without having to manage any virtual machines

Azure Kubernetes Service

Azure Kubernetes Service is a complete orchestration service for containers with distributed architectures. Orchestration is the task of automating and managing a large number of containers and how they interact.

App Service — Paas

With Azure App Service , you can quickly build, deploy, and scale enterprise-grade web, mobile, and API apps running on any platform.It offers automatic scaling and high availability.

Types of app services

Web apps
API apps — Much like hosting a website, you can build REST-based web APIs by using your choice of language and framework. You get full Swagger support and the ability to package and publish your API in Azure Marketplace.
WebJobs — You can use the WebJobs feature to run a program (.exe, Java, PHP, Python, or Node.js) or script (.cmd, .bat, PowerShell, or Bash) in the same context as a web app, API app, or mobile app.They can be scheduled or run by a trigger. WebJobs are often used to run background tasks as part of your application logic.
Mobile apps — Use the Mobile Apps feature of App Service to quickly build a back end for iOS and Android apps.

Functions

Event-driven scale: Serverless computing is an excellent fit for workloads that respond to incoming events.

Events include triggers by:

Timers, for example, if a function needs to run every day at 10:00 AM UTC.
HTTP, for example, API and webhook scenarios.
Queues, for example, with order processing.

In other words, for a large amount of time, your application is waiting for a particular input before it performs any processing. To reduce your costs, you want to avoid having to pay for the time that your application is waiting for input.

Functions can be either stateless or stateful.

When they’re stateless (the default), they behave as if they’re restarted every time they respond to an event.

When they’re stateful (called Durable Functions), a context is passed through the function to track prior activity.

Azure Logic Apps (Stateful)

Where functions execute code, logic apps execute workflows that are designed to automate business scenarios.

You create logic app workflows by using a visual designer on the Azure portal or in Visual Studio. The workflows are persisted as a JSON file with a known workflow schema.

What is Windows Virtual Desktop?

Regardless of your device type (Windows, Mac, iOS, Android or any other device with an HTML5 web client) bring-your-own-device (BYOD) and remote connect to your enterprise experience with Windows Virtual Desktop.

Azure Storage account

A storage account provides a unique namespace for your Azure Storage data, that’s accessible from anywhere in the world over HTTP or HTTPS.

Disk storage (External Drive)

Disk Storage provides disks for Azure virtual machines.

Azure Blob storage

Azure Blob Storage is an object storage solution for the cloud.

Blob Storage is ideal for:

Serving images or documents directly to a browser.
Storing files for distributed access.
Streaming video and audio.
Storing data for backup and restore, disaster recovery, and archiving.
Storing data for analysis by an on-premises or Azure-hosted service.
Storing up to 8 TB of data for virtual machines.

You store blobs(files) in containers(folders), which helps you organize your blobs depending on your business needs.

Azure Files

Azure Files offers fully managed file shares in the cloud that are accessible via the industry standard Server Message Block and Network File System (preview) protocols.

Store configuration files on a file share and access them from multiple VMs.

Understanding Blob access tiers

Hot access tier: Optimized for storing data that is accessed frequently (for example, images for your website).
Cool access tier: Optimized for data that is infrequently accessed and stored for at least 30 days (for example, invoices for your customers).
Archive access tier: Appropriate for data that is rarely accessed and stored for at least 180 days, with flexible latency requirements (for example, long-term backups).

Azure Virtual Network

Azure virtual networks provides networking capabilities —

Isolation and segmentation

Virtual Network allows you to create multiple isolated virtual networks.

When you set up a virtual network, you define a private IP address space by using either public or private IP address ranges. You can divide that IP address space into subnets.

Internet communications

A VM in Azure can connect to the internet by default. You can enable incoming connections from the internet by defining a public IP address or a public load balancer.

Communicate between Azure resources

You’ll want to enable Azure resources to communicate securely with each other. You can do that in one of two ways:

Virtual networks — Virtual networks can connect not only VMs but other Azure resources, such as the App Service Environment for Power Apps, Azure Kubernetes Service, and Azure virtual machine scale sets.
Service endpoints — You can use service endpoints to connect to other Azure resource types, such as Azure SQL databases and storage accounts. This approach enables you to link multiple Azure resources to virtual networks to improve security and provide optimal routing between resources.

Communicate with on-premises resources

Point-to-site VPN— The client computer initiates an encrypted VPN connection to Azure to connect that computer to the Azure virtual network.
Site-to-site VPN — links your on-premises VPN device or gateway to the Azure VPN gateway in a virtual network. In effect, the devices in Azure can appear as being on the local network.
Azure ExpressRoute — For environments where you need greater bandwidth and even higher levels of security. ExpressRoute provides dedicated private connectivity to Azure that doesn’t travel over the internet.

Route network traffic

Route tables — You can create custom route tables that control how packets are routed between subnets.

Filter network traffic

Network security groups — is an Azure resource that can contain multiple inbound and outbound security rules. You can define these rules to allow or block traffic, based on factors such as source and destination IP address, port, and protocol.
Network virtual appliances — is a specialized VM which carries out a particular network function, such as running a firewall or performing wide area network (WAN) optimization.

Connect virtual networks

Peering enables resources in each virtual network to communicate with each other

UDR is user-defined Routing or UDR is a significant update to Azure’s Virtual Networks as this allows network admins to control the routing tables between subnets within a subnet as well as between VNets thereby allowing for greater control over network traffic flow.

Azure VPN Gateway fundamentals

10 minutes

A virtual private network (VPN) is a type of private interconnected network. VPNs use an encrypted tunnel within another network. They’re typically deployed to connect two or more trusted private networks to one another over an untrusted network (typically the public internet). Traffic is encrypted while traveling over the untrusted network to prevent eavesdropping or other attacks.

VPN gateways

A VPN gateway is a type of virtual network gateway. Azure VPN Gateway instances are deployed in Azure Virtual Network instances and enable the following connectivity:

Connect on-premises data-centers to virtual networks through a site-to-site connection.
Connect individual devices to virtual networks through a point-to-site connection.
Connect virtual networks to other virtual networks through a network-to-network connection.