Azure Must Know Features
Azure Must know Features:
In this segment we will explore all features and Services, provided by Azure. Below are some Azure Services described in nutshell.
- Azure Active Directory & Security
- Azure Networking
- Azure Virtual Machine
- Azure Functions
- Azure API management
- Azure Monitor
- Azure SQL
- Azure Cosmos DB
- Azure Storage
- Azure Service Bus
- Azure Site recovery
We will discuss these features one by one in very brief manner.
Azure Active Directory and Security
Azure Active Directory also called Tenant, is to store corporate user credentials, user Policies, Permissions in global location. It is also used to provide domain name to first time Azure Subscription Setup. This name must be unique in Azure and is prefixed with *.onmicrosoft.com, where * = unique name provided by creator.
Azure Active Directory is also used to link and authenticate software as service (SaaS) like Bing, Office 365, Dynamics CRM.
AAD can also be synchronized with on-Premises Active Directory, so that users inside an internal corporate network can use same credentials to access Azure Cloud Resources. The tool which is used for this synchronization is said to be Azure AD connect.
Services which AAD provides are mentioned as below:
- Azure AD Connect
- Custom Domain name
- RBAC & Key vault
- AAD for Domain Services
- Managed Services identity
- Storage Access Signature
- AAD Conditional access policies
- AAD Domain Services
- MFA & SSO
- Certificate Authentication, SSL/TLS, CA
Azure Networking feature is used to create a network platform in Azure, in order to build and IaaS, PaaS, or SaaS infrastructure. Below are some Products and features which Azure provides in Azure Networking.
- Azure DNS
- Azure Virtual Network and VNET peering
- Azure Availability Zones
- Azure Load balancer
- Azure Application Gateway
- Azure Content Delivery Network
- Web Application Firewall
- Azure DDoS Protection
- Azure Express Routes
- Azure VPN feature
- Azure Network Performance Monitor
- Azure Log Analytics
- Azure monitor
- Azure Network Watcher
Azure Virtual Machine
It is the Azure IaaS Service, which is highly scalable and enterprise ready compute platform. While Choosing Azure VM, below are some features that needs to be considered:
- OS Disks, data Disks, Managed Disk
- Availability Sets
- Disaster recovery and backup.
- Update management
- Configuration Alert and Monitoring
Below are some tools available in Azure for planning, configuring, deploying, Securing and Maintaining VM on Azure.
- Azure Migrate
- Azure Site Recovery
- Azure backup
- Azure Automation
Azure App Service
Azure APP Service is a PaaS service of Azure, which comes in five flavors:
- Azure Web Apps / WebJobs
- Azure APP Service web App for containers
- Azure Mobile Apps
- Azure API Apps
- Azure App Service Environment ( ASE)
Azure App Service work for both Windows and Linux OS and supports large number of coding languages like .NET , Java , Ruby , Node.js .
All Flavors of Azure APP service support built-in auto-scaling, Load Balancing , AAD integration , GIT , DevOps, GitHub.
Azure App Service provides following products and features:
- Application Insights
- Custom domains
- Managed Identity
- SSL/TLS App Service Certificates
- Cross-Origin Resources Sharing ( CORS)
It is as Serverless offering from Azure , means when an application is not in use , it is not allocated to any server /compute resource.
There are two plan, under which you can take Azure Function
Consumption Plan and App Service Plan.
In Consumption Plan After every 20 mints of nonuse, resources will be deallocated and placed back in to pool of compute resources, and application gets shutdown.
In Consumption plan following Limitation is applied:
- The combined consumption is limited to 1.5 GB of Memory per function APP
- Scaling is handled by a scale controller and no provision of auto-Scaling
It is the Azure Virtual gateway , that sits between consumers and actual API. It acts as a Proxy or gateway in front of other API , that reroutes the request to proper API based on parameters and signature of the URI.
APIM provides the following benefits :
- It Exposes separate API to external and internal consumers
- It controls usage and Limits consumption
- It includes Monitoring capabilities and error detection
- It allow group based access to API
Below are scenarios , where APIM is more beneficial
- Hybrid Solution
Below are the Azure API management Supported API types:
- Open API: Non-language specific but standard interface to REST API
- WADL: XML based, for an HTTP based Web Service, RESTFul.
- WSDL: XML based, for an HTTP based Web Service. SOAP.
- Logic APP: Scalable and Hybrid workflow Management, Visual
Azure Monitor provides Log Analytics and Application Insights functions. It provided end to end Monitoring of application that can identify how a customer consumes a product, identify the bottlenecks, and recommend some action to improve the experiences using recommendation analyzer.
Log Analytics stores applications and diagnostic logs in to a query-able data source based on Azure Data Explorer, which is a highly scalable service for logging and storing telemetry data.
Applications insights presents data in graphical calculation over a given time frame. In the metric Explorer section, it provides good charting capabilities, which monitors the availability, Performance, usage of web applications. Application insights monitor applications hosted on Azure and On-Premises.
Azure SQL is Microsoft Database as Service (DaaS) offering. It is used to perform following functions
- Creating Database
- Configuring Security
- Migrating the data
- Monitoring Database
Below are two flavors of SQL Server database on Azure Platform
- Azure SQL Database
- SQL server on Azure Virtual machine
Azure SQL Database provides following three options
- Single Database
- Elastic Pool
- Managed Instance
For Security, Azure SQL provides firewall-setting feature and is enabled by default. By default, all Azure resources pass through the firewall, and all other resources external to Azure are not allowed through.
Once database required has been provisioned, we need to select the tool to migrate data. For both Single pool and an elastic pool, you should use the Data Migration Assistant (DMS) to confirm the source database, compatible to destination database. Once this confirmation is done, export the source database, which creates a BACPAC file. Import this file into destination database using Azure portal or a SqlPackage.
In order to move the production database and reduce downtime, use Data Migration Service (DMS). Once database is provisioned, Secure and populated with data monitoring/optimizing is the next and final step. There are numerous products and tool capable of monitoring an Azure SQL database are as follows:
- Query Performance Insights
- Query Store
Azure Cosmos DB:
Azure Cosmos DB is NoSQL database. Cosmos DB includes database, containers and items exposed by numerous APIs. When choosing a data Store for an application, if the following scenarios match the data storage requirements, then Azure Cosmos DB would be an optimal decision:
- Utilizes Key/value pairs
- Needs documents storage capability
- Graphs data stores
- Globally replicates data
- Provides results in JSON format
- Exposes data using a RESTFul API
When Cosmos DB is provisioned from Azure, one required attribute to select is the API, which also dictates which database type to implement. Below are some supported Cosmos DB types:
- Core (SQL)
- Azure table
- Gremlin (Graph)
It provides features for storing content which is globally accessible, Secure , scalable and durable. Below are some Azure Storage Services:
- Azure Blob Storage: Scalable Object for binary and text data
- Azure File Storage: Manages File shares
- Azure Queue Storage: Messaging store and queuing
- Azure table Storage: NoSQL data store .
A blob storage is used to store a file like an image , a video , or audio. Below are some use case for Azure Blobs:
- A large file from any website can be uploaded
- Backup , restore , Archival and data recovery
- Storage for writing logs.
Azure File storage is like file share that uses the Server Message block (SMB) protocol. We can map drive to an Azure file share, supported on Windows and Linux, macOS. This Azure File share is globally accessible via *.file.core.windows.net, where * is name of your storage account.
Azure Queue Storage provides features like messaging /Queuing. It is specifically designed for storing a message (small message of 64KB size accessible via HTTP or HTTPS calls).
Azure table Storage in now part of Cosmos DB. It is a NoSQL datastore, and most useful for storing procedures, joins, foreign keys.
Azure Service BUS:
It is Azure Messaging service, and more focused on Azure Storage. Below are some features related to Azure Service Bus.
- Consumes Message in batches
- Requires AMQP 1.0 support
- It Guarantees FIFO
- Restrict the message size: greater than 64KB and less than 256 KB
- Supports high throughput and parallel processing
- Restrict Queue size to less than 80 GB
Below are Azure Messaging Service provided:
- Service bus: For Financial processing and Order Processing and High valued Messaging
- Event Grid: For Status change reactions
- Events Hubs: For Data streaming and telemetry
Azure Site Recovery:
Azure Site recovery is referred to as a Business Continuity and Disaster recovery (BCDR) Strategy.
Disaster recovery protects IaaS solution in the following Scenarios:
- Azure VM
- Physical Servers
- VMware Virtual Machines
- Hyper-V Virtual Machine
From a BCDR perspective, below are two types of configurations used in Site Recovery
- Used as a BCDR Solution for your On-Premises Solution and Servers
- Used as a BCDR solution for your Azure hosted IaaS Solution and servers.
A tool called Site recovery development planner (SRDP), is used in planning for building of a BCDR instances or for migrating an IaaS virtual machine from one region to another.
SDRP provides assessment report on following attributes:
- Number of disks, disk Size , IOPS, and OS versions
- Storage types, Number of cores , Virtual Machine size recommendation
- Estimated costs.