Azure Fundamentals and Certification [AZ-900] Series-Part(3)

In previous articles ,we have seen the basic concepts & benefits of cloud computing in Azure. Now in this article we will see  basic infrastructure components of Microsoft Azure. This series is based on Microsoft Learning path specifically designed for Azure fundamentals.

Part-1C : Basic infrastructure components

To create and use Azure services, you need an Azure subscription. For this you need to create an Azure account, and a subscription will be created for you. After you’ve created an Azure account, you’re free to create additional subscriptions. If you’re new to Azure, you can sign up for a free account on the Azure website to start exploring at no cost to you.

The Azure free account is an excellent way for new users to get started and explore. To sign up, you need a phone number, a credit card, and a Microsoft or GitHub account. The credit card information is used for identity verification only. You won’t be charged for any services until you upgrade to a paid subscription.

The Azure free account includes:

• Free access to popular Azure products for 12 months.
• A credit to use for the first 30 days.
• Access to more than 25 products that are always free.

The Azure free student account offer includes:

• Free access to certain Azure services for 12 months.
• A credit to use in the first 12 months (You can also sign up without credit card)
• Free access to certain software developer tools.
• $100 free credit

Microsoft Learn sandbox

A temporary subscription allows you to create Azure resources during a Learn module. It will automatically cleans up all temporary resources after completing the module. The sandbox is the preferred method to use because it allows you to create and test Azure resources at no cost.

Azure physical infrastructure

The physical infrastructure for Azure starts with datacenters. The datacenters are the same as large corporate buildings. Here resources are arranged in racks, with dedicated power, cooling, and networking infrastructure. Datacenters are grouped into Azure Regions or Azure Availability Zones that are designed to help you achieve resiliency and reliability for your business-critical workloads.

Regions
A region is a geographical area on the planet that contains at least one datacenter. Azure intelligently assigns and controls the resources within each region to ensure workloads are appropriately balanced.

Availability Zones

Availability zones are physically separate datacenters within an Azure region. Each availability zone is made up of one or more datacenters. An availability zone is set up to be an isolation boundary. If one zone goes down, the other continues working. Availability zones are connected through high-speed, private fiber-optic networks.

Availability zones are primarily for VMs, managed disks, load balancers, and SQL databases. Azure services that support availability zones fall into three categories:

• Zonal services: You pin the resource to a specific zone (for example, VMs, managed disks, IP addresses).
• Zone-redundant services: The platform replicates automatically across zones (for example, zone-redundant storage, SQL Database).
• Non-regional services: Services are always available from Azure geographies and are resilient to zone-wide outages as well as region-wide outages.

Note: You can use availability zones to run mission-critical applications and build high-availability into your application architecture by co-locating your compute, storage, networking, and data resources within an availability zone and replicating in other availability zones (additional cost may apply).

Region pairs

In case of larger event which may impacts multiple availability zones in a single region. For further resilience, Azure has Region Pairs. Most Azure regions are paired with another region within the same geography (such as US, Europe, or Asia) at least 300 miles away.

This approach allows for the replication of resources across a geography that helps reduce the likelihood of interruptions because of events such as natural disasters, civil unrest, power outages, or physical network outages that affect an entire region. One more advantage of Regional Pairs is that in case Planned Azure updates are rolled out to paired regions one region at a time to minimize downtime and risk of application outage.

Note: Most regions are paired in two directions which means that they backup each other (West US and East US back each other up). However, some regions, such as West India and Brazil South, are paired in only one direction. In a one-direction pairing, the Primary region does not provide backup for its secondary region.

Sovereign Regions
Azure also has sovereign regions. Sovereign regions are instances of Azure that are isolated from the main instance of Azure. You may use a sovereign region for compliance or legal purposes.

Azure resources and resource groups
A resource is the basic building block of Azure. Anything you create, provision, deploy, etc. is a resource Examples- Virtual Machines (VMs), virtual networks, databases, cognitive services, etc.

• Resource groups are simply groupings of resources.
• resource groups can’t be nested, meaning you can’t put resource group B inside of resource group A.
• When you apply an action to a resource group, that action will apply to all the resources within the resource group.
• If you delete a resource group, all the resources will be deleted.
• If you grant or deny access to a resource group, you’ve granted or denied access to all the resources within the resource group.

Azure subscriptions
In Azure, subscriptions are a unit of management, billing, and scale. Subscriptions allow you to logically organize your resource groups and facilitate billing. A subscription provides you with authenticated and authorized access to Azure products and services. An account can have multiple subscriptions in which you can use the subscriptions to configure different billing models and apply different access-management policies.

Azure subscriptions can be used to define boundaries around Azure products, services, and resources. There are two types of subscription boundaries:

• Billing boundary: This subscription type determines how an Azure account is billed for using Azure. You can create multiple subscriptions for different types of billing requirements. Azure generates separate billing reports and invoices for each subscription so that you can organize and manage costs.
• Access control boundary: Azure applies access-management policies at the subscription level, and you can create separate subscriptions to reflect different organizational structures. This billing model allows you to manage and control access to the resources that users provision with specific subscriptions. Example- Different departments with distinct Azure subscription policies.

Azure management groups
Resources are gathered into resource groups, and resource groups are gathered into subscriptions. Azure management groups provide a level of scope above subscriptions. You organize subscriptions into containers called management groups and apply governance conditions to the management groups. All subscriptions within a management group automatically inherit the conditions applied to the management group.

Facts about management groups:

• 10,000 management groups can be supported in a single directory.
• A management group tree can support up to six levels of depth. This limit doesn’t include the root level or the subscription level.
• Each management group and subscription can support only one parent.

Question for AZ-900:

1.For each of the following statements, select Yes if the statement is true. Otherwise, select No.

2.For each of the following statements, select Yes if the statement is true. Otherwise, select No.

3.For each of the following statements, select Yes if the statement is true. Otherwise, select No.

In the next part, We will cover Azure Compute and networking services  related concept.

Thank You!!!

Gopenly