Fundamental of Azure:

10 January 2024 09:07

What is cloud computing:

Cloud computing is the delivery of computing services over the internet. Computing services include common IT infrastructure such as virtual machines,
storage, databases, and networking. Cloud services also expand the traditional IT offerings to include things like Internet of Things (IoT), machine
learning (ML), and artificial intelligence (AI).

The shared responsibility model

Cloud models:

Private cloud:
A private cloud is the natural evolution from a corporate datacenter. It’s a cloud (delivering IT services over the internet) that’s used by a single entity. Private cloud
provides much greater control for the company and its IT department. However, it also comes with greater cost and fewer of the benefits of a public cloud
deployment. Finally, a private cloud may be hosted from your on site datacenter. It may also be hosted in a dedicated datacenter offsite, potentially even by a third
party that has dedicated that datacenter to your company.

Public cloud:
A public cloud is built, controlled, and maintained by a third-party cloud provider. With a public cloud, anyone that wants to purchase cloud services can access and
use resources. The general public availability is a key difference between public and private clouds.

Hybrid cloud:
A hybrid cloud is a computing environment that uses both public and private clouds in an inter-connected environment. A hybrid cloud environment can be used to
allow a private cloud to surge for increased, temporary demand by deploying public cloud resources. Hybrid cloud can be used to provide an extra layer of security.
For example, users can flexibly choose which services to keep in public cloud and which to deploy to their private cloud infrastructure.

Multi-cloud:
A fourth, and increasingly likely scenario is a multi-cloud scenario. In a multi-cloud scenario, you use multiple public cloud providers. Maybe you use different features
from different cloud providers. Or maybe you started your cloud journey with one provider and are in the process of migrating to a different provider. Regardless, in a
multi-cloud environment you deal with two (or more) public cloud providers and manage resources and security in both environments.

The consumption-based model:

 There are two types of expenses to consider. Capital expenditure (CapEx) and operational expenditure (OpEx).

CapEx is typically a one-time, up-front expenditure to purchase or secure tangible resources. A new building, repaving the parking lot, building a
datacenter, or buying a company vehicle are examples of CapEx.

OpEx is spending money on services or products over time. Renting a convention center, leasing a company vehicle, or signing up for cloud services are
all examples of OpEx.

Benefits of using cloud services:

• High availability

• Scalability,

○ Vertical scaling,

○ Horizontal scaling

• Cost

• Performance

• Reliability: Reliability is the ability of a system to recover from failures and continue to function.

• Azure Accounts

• Azure physical infrastructure

• Region pairs: Most Azure regions are paired with another region within the same geography (such as US, Europe, or Asia) at least 300 miles away.

• Sovereign Regions:
Sovereign regions are instances of Azure that are isolated from the main instance of Azure. You may need to use a sovereign region for compliance or
legal purposes.
Azure sovereign regions include:
• US DoD Central, US Gov Virginia, US Gov Iowa and more: These regions are physical and logical network-isolated instances of Azure for U.S.
government agencies and partners. These datacenters are operated by screened U.S. personnel and include additional compliance certifications.
• China East, China North, and more: These regions are available through a unique partnership between Microsoft and 21Vianet, whereby Microsoft
 doesn't directly maintain the datacenters.

Cost management in Azure:

Azure shifts development costs from the capital expense (CapEx) of building out and maintaining infrastructure and facilities to an operational expense
(OpEx) of renting infrastructure as you need it, whether it’s compute, storage, networking, and so on.
That OpEx cost can be impacted by many factors. Some of the impacting factors are:
• Resource type
• Consumption
• Maintenance
• Geography
• Subscription type
• Azure Marketplace

Azure Marketplace: Azure Marketplace lets you purchase Azure-based solutions and services from third-party vendors.

Pricing calculator: The Pricing calculator is for information purposes only. The prices are only an estimate. Nothing is provisioned when you add resources to the
pricing calculator, and you won't be charged for any services you select.

TCO calculator: The TCO calculator is designed to help you compare the costs for running an on-premises infrastructure compared to an Azure Cloud
infrastructure.

The purpose of tags:

One way to organize related resources is to place them in their own subscriptions. You can also use resource groups to manage related resources.
Resource tags are another way to organize resources. Tags provide extra information, or metadata, about your resources. This metadata is useful for:
• Resource management Tags enable you to locate and act on resources that are associated with specific workloads, environments, business units,
and owners.
• Cost management and optimization Tags enable you to group resources so that you can report on costs, allocate internal cost centers, track
budgets, and forecast estimated cost.
• Operations management Tags enable you to group resources according to how critical their availability is to your business. This grouping helps you
formulate service-level agreements (SLAs). An SLA is an uptime or performance guarantee between you and your users.
• Security Tags enable you to classify data by its security level, such as public or confidential.
• Governance and regulatory compliance Tags enable you to identify resources that align with governance or regulatory compliance requirements,
such as ISO 27001. Tags can also be part of your standards enforcement efforts. For example, you might require that all resources be tagged with
an owner or department name.
 • Workload optimization and automation Tags can help you visualize all of the resources that participate in complex deployments. For example, you
might tag a resource with its associated workload or application name and use software such as Azure DevOps to perform automated tasks on
those resources.

Azure Policy: Azure Policy is a service in Azure that enables you to create, assign, and manage policies that control or audit your resources. These policies enforce
different rules across your resource configurations so that those configurations stay compliant with corporate standards.

Azure Policies can be set at each level, enabling you to set policies on a specific resource, resource group, subscription, and so on. Additionally, Azure Policies are
inherited, so if you set a policy at a high level, it will automatically be applied to all of the groupings that fall within the parent. For example, if you set an Azure Policy
on a resource group, all resources created within that resource group will automatically receive the same policy.

Resource locks: A resource lock prevents resources from being accidentally deleted or changed.
There are two types of resource locks, one that prevents users from deleting and one that prevents users from changing or deleting a resource.

Service Trust portal: The Service Trust Portal contains details about Microsoft's implementation of controls and processes that protect our cloud services and the
customer data therein. To access some of the resources on the Service Trust Portal, you must sign in as an authenticated user with your Microsoft cloud services
account (Microsoft Entra organization account). You'll need to review and accept the Microsoft non-disclosure agreement for compliance materials.

Service Trust Portal reports and documents are available to download for at least 12 months after publishing or until a new version of document becomes
available.

Describe tools for interacting with Azure

• Azure portal
• Azure PowerShell
• Azure Command Line Interface (CLI)

Azure Arc:

Azure Arc provides a centralized, unified way to:

• Manage your entire environment together by projecting your existing non-Azure resources into ARM.
• Manage multi-cloud and hybrid virtual machines, Kubernetes clusters, and databases as if they are running in Azure.
• Use familiar Azure services and management capabilities, regardless of where they live.
 • Continue using traditional ITOps while introducing DevOps practices to support new cloud and native patterns in your environment.
• Configure custom locations as an abstraction layer on top of Azure Arc-enabled Kubernetes clusters and cluster extensions.

Azure Advisor:

Azure Advisor evaluates your Azure resources and makes recommendations to help improve

The recommendations are divided into five categories:

• Reliability is used to ensure and improve the continuity of your business-critical applications.
• Security is used to detect threats and vulnerabilities that might lead to security breaches.
• Performance is used to improve the speed of your applications.
• Operational Excellence is used to help you achieve process and workflow efficiency, resource manageability, and deployment best practices.
• Cost is used to optimize and reduce your overall Azure spending.

Azure Service Health:

• Azure Status is a broad picture of the status of Azure globally. Azure status informs you of service outages in Azure on the Azure Status page. The
page is a global view of the health of all Azure services across all Azure regions. It’s a good reference for incidents with widespread impact.
• Service Health provides a narrower view of Azure services and regions. It focuses on the Azure services and regions you're using. This is the best
place to look for service impacting communications about outages, planned maintenance activities, and other health advisories because the
authenticated Service Health experience knows which services and resources you currently use. You can even set up Service Health alerts to notify
you when service issues, planned maintenance, or other changes may affect the Azure services and regions you use.
• Resource Health is a tailored view of your actual Azure resources. It provides information about the health of your individual cloud resources, such
as a specific virtual machine instance. Using Azure Monitor, you can also configure alerts to notify you of availability changes to your cloud
resources.