As mentioned in the previous post, the AZ-900 exam covers four key areas described in Microsoft's AZ-900 skills outline. In this post we'll review the first two, Cloud Concepts and Core Azure Service.
- Understand terms such as high availability, scalability, elasticity, agility, fault tolerance, and disaster recovery
- availability: the % of time the application is available. High availability implies redundancy in your application stack with no single points of failure, typically 99.99% or higher.
- scalability: the ability of an application to support higher workload by adding additional resources
- elasticity: an application's ability to automatically expand and contract application resources based on the workload capacity required
- agility: the ability if a team to move quickly when building and deploying applications
- fault tolerance: the application's ability to continue functioning as required when dealing with outages or failures
- Understand the principles of economies of scale
- working with a larger scale of products or services allows them to be provided at a lower cost
- Understand the differences between Capital Expenditure (CapEx) and Operational Expenditure (OpEx)
- CapEx: upfront one time cost, for example purchasing an on-premise server. Cap-Ex means one time up-front cost with longer timeframe for tax write-offs. Fixed cost.
- OpEx: on-going expense related to operations (monthly lease cost of cloud). Variable cost.
- Understand the consumption-based model
- a pricing model based on what resources are consumed, instead of time-based or resource-based. For example, Azure functions are billed by number of executions, not based on how long they run or hardware required.
Describe the differences between Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) and Software-as-a-Service (SaaS)
- Describe Infrastructure-as-a-Service (IaaS)
- IaaS is a cloud computing model that allows a user to instantly deploy hardware and software in the cloud. For example, Azure provides the VM, and you own management, security, software patches, etc.
- Describe Platform-as-a-Service (PaaS)
- PaaS is a cloud computing model that provides a platform for developing apps. For example, Azure App Service allows you to publish your website to Azure. Azure manages the deployment and the hardware platform required. You focus on building the app without worrying about managing the infrastructure.
- Describe Software-as-a-Service (SaaS)
- SaaS is a cloud computing model that provides a centrally managed and controlled software product that is typically licensed monthly or annually. The user has no maintenance or management responsibilities. Office 365 is an example.
- Compare and contrast the three different service types
- Key differences between the 3 include level of user support required, freedom of customization, and out of the box functionality.
- Describe public cloud
- no local hardware, all hosted on the provider's hardware.
- Describe private cloud
- cloud infrastructure is deployed in your own data center. Allows more control, but also entails more responsibilities. Typically used when there are legal reasons that data must be stored privately.
- Describe hybrid cloud
- a combination of public and private, where infrastructure components that must be private are private, with everything else public.
- Compare and contrast the three different cloud models
- Key differences between the 3 include level of user support required freedom of customization, and cost (OpEx vs CapEx).
- Describe Regions
- a geographic area where data centers are deployed. Currently there are 58 total through the world, but not all are available to the public (i.e. Government regions)
- Describe Availability Zones
- areas within a region. Each AZ has one or more data centers that have their own power, networking, and air conditioning.
- Describe Resource Groups
- a user defined collection of related Azure resources.
- Describe Azure Resource Manager
- a deployment and management service for your Azure resources. ARM controls the management(add/change/delete) of all resources in Azure, and interacts with the portal, CLI, and ARM templates.
- Describe the benefits and usage of core Azure architectural components
- these are the core pieces used to deploy and secure solutions within Azure.
Describe products available for Compute such as Virtual Machines, Virtual Machine Scale Sets, App Service Functions, Azure Container Instances (ACI) and Azure Kubernetes Service (AKS)
- Virtual machine: a "virtual" computer system managed by a hypervisor which allocates the CPU, memory, network interface and storage.
- Virtual Machine Scale Sets: a set of identical virtual machines that can be scaled manually or auto-scaled based on rules such as CPU or memory utilization. Traffic is distributed to the machines via a load balancer.
- Azure App Service: categorized as Platform as a Service, provides a service that allows you to build, manage, and deploy enterprise-grade scaled web apps without managing the underlying infrastructure.
- Azure Container Instances (ACI): categorized as Platform as a Service, a service that allows developers to deploy container based solutions on Azure without managing the underlying infrastructure.
- Azure Kubernetes Service (AKS): allows you to deploy complex Kubernetes based application solutions and build CI/CD pipelines for the AKS clusters.
Describe products available for Networking such as Virtual Network, Load Balancer, VPN Gateway, Application Gateway and Content Delivery Network
- Virtual Network: like a physical on-prem network, allows computer resources on the network to communicate between each other and with the internet, and with other virtual networks.
- Load Balancer: provides a mechanism to route traffic among a set of computer resources based on rules such as CPU utilization, request response time, round robin, etc.
- VPN Gateway: facilitates secure communication between Azure and an on-prem private network via the internet.
- Application Gateway: a load balancer that allows you to manage traffic to your web application. Unlike a regular load balancer, an application gateway can make routing decisions based on characteristics of the requested HTTP route. This is known as layer 7 routing (application layer routing).
- Content Delivery Network: allows for efficient delivery of static files and images that are part of a web request by storing the files on a number of physically dispersed servers, allowing delivery to users with minimal latency.
Describe products available for Storage such as Blob Storage, Disk Storage, File Storage, and Archive Storage
- Blob Storage: a secure scalable cloud-based store for text and binary data
- Disk Storage: virtual disks typically associated with VMs
- File Storage: file shares that can be accessed on-prem or in the cloud
- Archive Storage: used to store data that is not accessed frequently. 3 tiers of storage, hot, cool, and archive. Archive is the cheapest for storage but most expensive for access. Categorize you data appropriately to minimize storage and access costs.
Describe products available for Databases such as Cosmos DB, Azure SQL Database, Azure Database for MySQL, Azure Database for PostgreSQL, Azure Database Migration service
- Cosmos DB - NoSQL database service managed by Azure (PaaS)
- Azure SQL Database - SQL server database solution managed by Azure (PaaS)
- Azure Database for MySQL - MySQL database solution managed by Azure (PaaS)
- Azure Database for PostgreSQL - PostgresSQL database solution managed by Azure (PaaS)
- Azure Database Migration service: a tool that allows you to manage the migration of your data from multiple sources to Azure.
Describe the Azure Marketplace and its usage scenarios
- an online store available via the Azure portal that allows you to leverage products and services from 3rd party vendors and deploy them to Azure.
Describe Internet of Things (IoT) and products that are available for IoT on Azure such as IoT Hub and IoT Central
- IoT Hub: a central messaging hub that facilitates communication between IoT devices and a central cloud-based application
- Azure IoT Central: a collection of industry specific templates to help speed development of secure IoT solutions
Describe Big Data and Analytics and products that are available for Big Data and Analytics such as SQL Data Warehouse, HDInsight, and Azure Databricks
- SQL Data Warehouse: In contrast to an OLTP database, SQL Data Warehouse is an analytical data warehouse that uses SQL server as its foundation, and allows uses have a long range view of data over time. Recently renamed to Azure Synapse Analytics.
- HDInsight: a cluster of managed Hadoop instances, used to process large data sets across a cluster of computers.
- Azure Databricks: a collaboration with Apache Spark to provide a workspace for data scientists. Azure Databricks can read data from multiple data sources such as Cosmos DB or Azure Data Lake and provides a platform for analyzing the data.
Describe Artificial Intelligence (AI) and products that are available for AI such as Azure Machine Learning Service and Studio
- Azure Machine Learning Service: a cloud based service that allows you to manage ML models.
- Machine Learning Studio: a drag and drop developer tool that allows you to build, test and deploy ML solutions. It is now referred to by Microsoft as "classic" and is being phased out in favor of Azure Machine Learning designer.
Describe Serverless computing and Azure products that are available for serverless computing such as Azure Functions, Logic Apps, and Event Grid
- serverless compute does require a server, but as an Azure customer, that is not your concern. You build your functions and publish to Azure. Azure manages the hardware that runs your function when it's triggered. You are billed based on the number of executions.
- Logic Apps: allows for the integration and orchestration of automated business flow. Very similar to BizTalk, except BizTalk is a product you buy and is typically installed on-prem. Logic Apps is an Azure SaaS that you pay for as you use it.
- Event Grid - provides SaaS infrastructure for event-driven solutions, allowing event to be triggered and consumed by your custom code.
Describe DevOps solutions available on Azure such as Azure DevOps and Azure DevTest Labs
- Azure DevOps: a SaaS offering that allows users access to code repositories, build pipelines, Agile boards, testing plans, and shared artifacts such as NuGet, Node, and Maven packages.
- Azure DevTest Labs: a service that allows you to manage VMs and reuse VM images within your team.
Describe the benefits and outcomes of using Azure solutions
- clearly this is pretty broad. In general the solutions are managed by Azure and allow you to focus on solving your business problems, and let Azure handle the management of the foundational architecture and tools.
- Understand Azure tools such as Azure Portal, Azure PowerShell, Azure CLI and Cloud Shell
- these are all ways to manage resources in Azure. The portal is the web portal, the CLI and PowerShell allow management via command line, and Cloud Shell is a browser based command shell.
- Understand Azure Advisor
- Azure Advisor looks at your solutions and resources and provides custom recommendations related to cost, security, performance, and availability.
And that completes the review for the first two subject areas. When you're ready, head over to Part 3 and check out out the final two subject areas, Security and Pricing.