fitness

Category: Uncategorized

  • Describe Azure virtual networking

    Azure virtual networks and virtual subnets enable Azure resources, such as VMs, web apps, and databases, to communicate with each other, with users on the internet, and with your on-premises client computers. You can think of an Azure network as an extension of your on-premises network with resources that link other Azure resources.

    Azure virtual networks provide the following key networking capabilities:

    • Isolation and segmentation
    • Internet communications
    • Communicate between Azure resources
    • Communicate with on-premises resources
    • Route network traffic
    • Filter network traffic
    • Connect virtual networks

    Azure virtual networking supports both public and private endpoints to enable communication between external or internal resources with other internal resources.

    • Public endpoints have a public IP address and can be accessed from anywhere in the world.
    • Private endpoints exist within a virtual network and have a private IP address from within the address space of that virtual network.

    Isolation and segmentation

    Azure virtual network allows you to create multiple isolated virtual networks. When you set up a virtual network, you define a private IP address space by using either public or private IP address ranges. The IP range only exists within the virtual network and isn’t internet routable. You can divide that IP address space into subnets and allocate part of the defined address space to each named subnet.

    For name resolution, you can use the name resolution service built into Azure. You also can configure the virtual network to use either an internal or an external DNS server.

    Internet communications

    You can enable incoming connections from the internet by assigning a public IP address to an Azure resource, or putting the resource behind a public load balancer.

    Communicate between Azure resources

    You want to enable Azure resources to communicate securely with each other. You can do that in one of two ways:

    • Virtual networks can connect not only VMs but other Azure resources, such as the App Service Environment for Power Apps, Azure Kubernetes Service, and Azure virtual machine scale sets.
    • Service endpoints can connect to other Azure resource types, such as Azure SQL databases and storage accounts. This approach enables you to link multiple Azure resources to virtual networks to improve security and provide optimal routing between resources.

    Communicate with on-premises resources

    Azure virtual networks enable you to link resources together in your on-premises environment and within your Azure subscription. In effect, you can create a network that spans both your local and cloud environments. There are three mechanisms for you to achieve this connectivity:

    • Point-to-site virtual private network connections are from a computer outside your organization back into your corporate network. In this case, the client computer initiates an encrypted VPN connection to connect to the Azure virtual network.
    • Site-to-site virtual private networks link your on-premises VPN device or gateway to the Azure VPN gateway in a virtual network. In effect, the devices in Azure can appear as being on the local network. The connection is encrypted and works over the internet.
    • Azure ExpressRoute provides a dedicated private connectivity to Azure that doesn’t travel over the internet. ExpressRoute is useful for environments where you need greater bandwidth and even higher levels of security.

    Route network traffic

    By default, Azure routes traffic between subnets on any connected virtual networks, on-premises networks, and the internet. You also can control routing and override those settings, as follows:

    • Route tables allow you to define rules about how traffic should be directed. You can create custom route tables that control how packets are routed between subnets.
    • Border Gateway Protocol (BGP) works with Azure VPN gateways, Azure Route Server, or Azure ExpressRoute to propagate on-premises BGP routes to Azure virtual networks.

    Filter network traffic

    Azure virtual networks enable you to filter traffic between subnets by using the following approaches:

    • Network security groups are Azure resources that can contain multiple inbound and outbound security rules. You can define these rules to allow or block traffic, based on factors such as source and destination IP address, port, and protocol.
    • Network virtual appliances are specialized VMs that can be compared to a hardened network appliance. A network virtual appliance carries out a particular network function, such as running a firewall or performing wide area network (WAN) optimization.

    Connect virtual networks

    You can link virtual networks together by using virtual network peering. Peering allows two virtual networks to connect directly to each other. Network traffic between peered networks is private, and travels on the Microsoft backbone network, never entering the public internet. Peering enables resources in each virtual network to communicate with each other. These virtual networks can be in separate regions. This feature allows you to create a global interconnected network through Azure.

    User-defined routes (UDR) allow you to control the routing tables between subnets within a virtual network or between virtual networks. This allows for greater control over network traffic flow.

    https://lernix.com.my/ibm-informix-training-courses-malaysia

  • Describe application hosting options

    If you need to host your application on Azure, you might initially turn to a virtual machine (VM) or containers. Both VMs and containers provide excellent hosting solutions. VMs give you maximum control of the hosting environment and allow you to configure it exactly how you want. VMs also may be the most familiar hosting method if you’re new to the cloud. Containers, with the ability to isolate and individually manage different aspects of the hosting solution, can also be a robust and compelling option.

    There are other hosting options that you can use with Azure, including Azure App Service.

    Azure App Service

    App Service enables you to build and host web apps, background jobs, mobile back-ends, and RESTful APIs in the programming language of your choice without managing infrastructure. It offers automatic scaling and high availability. App Service supports Windows and Linux. It enables automated deployments from GitHub, Azure DevOps, or any Git repo to support a continuous deployment model.

    Azure App Service is a robust hosting option that you can use to host your apps in Azure. Azure App Service lets you focus on building and maintaining your app, and Azure focuses on keeping the environment up and running.

    Azure App Service is an HTTP-based service for hosting web applications, REST APIs, and mobile back ends. Azure App Service supports multiple technologies, including programming languages like Java, PHP, Python, and JavaScript (via Node.js), as well as frameworks such as .NET and .NET Core. Azure App Service supports both Windows and Linux environments.

    Types of app services

    With App Service, you can host most common app service styles like:

    • Web apps
    • API apps
    • WebJobs
    • Mobile apps

    App Service handles most of the infrastructure decisions you deal with in hosting web-accessible apps:

    • Deployment and management are integrated into the platform.
    • Endpoints can be secured.
    • Sites can be scaled quickly to handle high traffic loads.
    • The built-in load balancing and traffic manager provide high availability.

    All of these app styles are hosted in the same infrastructure and share these benefits. This flexibility makes App Service the ideal choice to host web-oriented applications.

    Web apps

    App Service includes full support for hosting web apps by using ASP.NET, ASP.NET Core, Java, Ruby, Node.js, PHP, or Python. You can choose either Windows or Linux as the host operating system.

    API apps

    Much like hosting a website, you can build REST-based web APIs by using your choice of language and framework. You get full Swagger support and the ability to package and publish your API in Azure Marketplace. The produced apps can be consumed from any HTTP- or HTTPS-based client.

    WebJobs

    You can use the WebJobs feature to run a program (.exe, Java, PHP, Python, or Node.js) or script (.cmd, .bat, PowerShell, or Bash) in the same context as a web app, API app, or mobile app. They can be scheduled or run by a trigger. WebJobs are often used to run background tasks as part of your application logic.

    Mobile apps

    Use the Mobile Apps feature of App Service to quickly build a back end for iOS and Android apps. With just a few actions in the Azure portal, you can:

    • Store mobile app data in a cloud-based SQL database.
    • Authenticate customers against common social providers, such as MSA, Google, X, and Facebook.
    • Send push notifications.
    • Execute custom back-end logic in C# or Node.js.

    On the mobile app side, there’s SDK support for native iOS and Android, Xamarin, and React native apps.

    https://lernix.com.my/ibm-infosphere-datastage-training-courses-malaysia

  • Describe Azure functions

    Azure Functions is an event-driven, serverless compute option that doesn’t require maintaining virtual machines or containers. If you build an app using VMs or containers, those resources have to be “running” in order for your app to function. With Azure Functions, an event wakes the function, alleviating the need to keep resources provisioned when there are no events.

    Serverless computing in Azure

    https://learn-video.azurefd.net/vod/player?id=bd90a678-3c03-4e0f-9470-f6f0626373e0&locale=en-us&embedUrl=%2Ftraining%2Fmodules%2Fdescribe-azure-compute-networking-services%2F6-functions

    Benefits of Azure Functions

    Using Azure Functions is ideal when you’re only concerned about the code running your service and not about the underlying platform or infrastructure. Functions are commonly used when you need to perform work in response to an event (often via a REST request), timer, or message from another Azure service, and when that work can be completed quickly, within seconds or less.

    Functions scale automatically based on demand, so they may be a good choice when demand is variable.

    Azure Functions runs your code when it triggers and automatically deallocates resources when the function is finished. In this model, Azure only charges you for the CPU time used while your function runs.

    Functions can be either stateless or stateful. When they’re stateless (the default), they behave as if they restart every time they respond to an event. When they’re stateful (called Durable Functions), a context is passed through the function to track prior activity.

    Functions are a key component of serverless computing. They’re also a general compute platform for running any type of code. If the needs of the developer’s app change, you can deploy the project in an environment that isn’t serverless. This flexibility allows you to manage scaling, run on virtual networks, and even completely isolate the functions.

    https://lernix.com.my/ibm-lotus-notes-domino-datastage-training-courses-malaysia

  • Describe Azure containers

    While virtual machines are an excellent way to reduce costs versus the investments that are necessary for physical hardware, they’re still limited to a single operating system per virtual machine. If you want to run multiple instances of an application on a single host machine, containers are an excellent choice.

    What are containers?

    Containers are a virtualization environment. Much like running multiple virtual machines on a single physical host, you can run multiple containers on a single physical or virtual host. Unlike virtual machines, you don’t manage the operating system for a container. Virtual machines appear to be an instance of an operating system that you can connect to and manage. Containers are lightweight and designed to be created, scaled out, and stopped dynamically. It’s possible to create and deploy virtual machines as application demand increases, but containers are a lighter weight, more agile method. Containers are designed to allow you to respond to changes on demand. With containers, you can quickly restart if there’s a crash or hardware interruption. One of the most popular container engines is Docker, and Azure supports Docker.

    Compare virtual machines to containers

    The following video highlights several of the important differences between virtual machines and containers:

    https://learn-video.azurefd.net/vod/player?id=7aa48d3f-4304-4a18-9861-eaf9d4bebd26&locale=en-us&embedUrl=%2Ftraining%2Fmodules%2Fdescribe-azure-compute-networking-services%2F5-containers

    Azure Container Instances

    Azure Container Instances offer the fastest and simplest way to run a container in Azure; without having to manage any virtual machines or adopt any additional services. Azure Container Instances are a platform as a service (PaaS) offering. Azure Container Instances allow you to upload your containers and then the service runs the containers for you.

    Azure Container Apps

    Azure Container Apps are similar in many ways to a container instance. They allow you to get up and running right away, they remove the container management piece, and they’re a PaaS offering. Container Apps have extra benefits such as the ability to incorporate load balancing and scaling. These other functions allow you to be more elastic in your design.

    Azure Kubernetes Service

    Azure Kubernetes Service (AKS) is a container orchestration service. An orchestration service manages the lifecycle of containers. When you’re deploying a fleet of containers, AKS can make fleet management simpler and more efficient.

    Use containers in your solutions

    Containers are often used to create solutions by using a microservice architecture. This architecture is where you break solutions into smaller, independent pieces. For example, you might split a website into a container hosting your front end, another hosting your back end, and a third for storage. This split allows you to separate portions of your app into logical sections that can be maintained, scaled, or updated independently.

    Imagine your website back-end reaches capacity, but the front end and storage aren’t stressed. With containers, you could scale the back-end separately to improve performance. If something necessitated such a change, you could also choose to change the storage service or modify the front end without impacting any of the other components.

    https://lernix.com.my/ibm-websphere-training-courses-malaysia

  • Describe Azure virtual desktop

    Another type of virtual machine is the Azure Virtual Desktop. Azure Virtual Desktop is a desktop and application virtualization service that runs on the cloud. It enables you to use a cloud-hosted version of Windows from any location. Azure Virtual Desktop works across devices and operating systems, and works with apps that you can use to access remote desktops or most modern browsers.

    The following video gives you an overview of Azure Virtual Desktop:

    https://learn-video.azurefd.net/vod/player?id=04978efb-d8e5-4352-bcb4-45399a988a69&locale=en-us&embedUrl=%2Ftraining%2Fmodules%2Fdescribe-azure-compute-networking-services%2F4-virtual-desktop

    Enhance security

    Azure Virtual Desktop provides centralized security management for users’ desktops with Microsoft Entra ID. You can enable multifactor authentication to secure user sign-ins. You can also secure access to data by assigning granular role-based access controls (RBACs) to users.

    With Azure Virtual Desktop, the data and apps are separated from the local hardware. The actual desktop and apps are running in the cloud, meaning the risk of confidential data being left on a personal device is reduced. Additionally, user sessions are isolated in both single and multi-session environments.

    Multi-session Windows 10 or Windows 11 deployment

    Azure Virtual Desktop lets you use Windows 10 or Windows 11 Enterprise multi-session, the only Windows client-based operating system that enables multiple concurrent users on a single VM. Azure Virtual Desktop also provides a more consistent experience with broader application support compared to Windows Server-based operating systems.

    https://lernix.com.my/iot-internet-of-things-training-courses-malaysia

  • Describe Azure virtual machines

    With Azure Virtual Machines (VMs), you can create and use VMs in the cloud. VMs provide infrastructure as a service (IaaS) in the form of a virtualized server and can be used in many ways. Just like a physical computer, you can customize all of the software running on your VM. VMs are an ideal choice when you need:

    • Total control over the operating system (OS).
    • The ability to run custom software.
    • To use custom hosting configurations.

    An Azure VM gives you the flexibility of virtualization without having to buy and maintain the physical hardware that runs the VM. However, as an IaaS offering, you still need to configure, update, and maintain the software that runs on the VM.

    You can even create or use an already created image to rapidly provision VMs. You can create and provision a VM in minutes when you select a preconfigured VM image. An image is a template used to create a VM and may already include an OS and other software, like development tools or web hosting environments.

    Scale VMs in Azure

    You can run single VMs for testing, development, or minor tasks. Or you can group VMs together to provide high availability, scalability, and redundancy. Azure can also manage the grouping of VMs for you with features such as scale sets and availability sets.

    Virtual machine scale sets

    Virtual machine scale sets let you create and manage a group of identical, load-balanced VMs. If you simply created multiple VMs with the same purpose, you’d need to ensure they were all configured identically and then set up network routing parameters to ensure efficiency. You’d also have to monitor the utilization to determine if you need to increase or decrease the number of VMs.

    Instead, with virtual machine scale sets, Azure automates most of that work. Scale sets allow you to centrally manage, configure, and update a large number of VMs in minutes. The number of VM instances can automatically increase or decrease in response to demand, or you can set it to scale based on a defined schedule. Virtual machine scale sets also automatically deploy a load balancer to make sure that your resources are being used efficiently. With virtual machine scale sets, you can build large-scale services for areas such as compute, big data, and container workloads.

    Virtual machine availability sets

    Virtual machine availability sets are another tool to help you build a more resilient, highly available environment. Availability sets are designed to ensure that VMs stagger updates and have varied power and network connectivity, preventing you from losing all your VMs with a single network or power failure.

    Availability sets accomplish these objectives by grouping VMs in two ways: update domain and fault domain.

    • Update domain: The update domain groups VMs that can be rebooted at the same time. This setup allows you to apply updates while knowing that only one update domain grouping is offline at a time. All of the machines in one update domain update. An update group going through the update process is given a 30-minute time to recover before maintenance on the next update domain starts.
    • Fault domain: The fault domain groups your VMs by common power source and network switch. By default, an availability set splits your VMs across up to three fault domains. This helps protect against a physical power or networking failure by having VMs in different fault domains (thus being connected to different power and networking resources).

    Best of all, there’s no additional cost for configuring an availability set. You only pay for the VM instances you create.

    Examples of when to use VMs

    Some common examples or use cases for virtual machines include:

    • During testing and development. VMs provide a quick and easy way to create different OS and application configurations. Test and development personnel can then easily delete the VMs when they no longer need them.
    • When running applications in the cloud. The ability to run certain applications in the public cloud as opposed to creating a traditional infrastructure to run them can provide substantial economic benefits. For example, an application might need to handle fluctuations in demand. Shutting down VMs when you don’t need them or quickly starting them up to meet a sudden increase in demand means you pay only for the resources you use.
    • When extending your datacenter to the cloud: An organization can extend the capabilities of its own on-premises network by creating a virtual network in Azure and adding VMs to that virtual network. Applications like SharePoint can then run on an Azure VM instead of running locally. This arrangement makes it easier or less expensive to deploy than in an on-premises environment.
    • During disaster recovery: As with running certain types of applications in the cloud and extending an on-premises network to the cloud, you can get significant cost savings by using an IaaS-based approach to disaster recovery. If a primary datacenter fails, you can create VMs running on Azure to run your critical applications and then shut them down when the primary datacenter becomes operational again.

    Move to the cloud with VMs

    VMs are also an excellent choice when you move from a physical server to the cloud (also known as lift and shift). You can create an image of the physical server and host it within a VM with little or no changes. Just like a physical on-premises server, you must maintain the VM: you’re responsible for maintaining the installed OS and software.

    VM Resources

    When you provision a VM, you’ll also have the chance to pick the resources that are associated with that VM, including:

    • Size (purpose, number of processor cores, and amount of RAM)
    • Storage disks (hard disk drives, solid state drives, etc.)
    • Networking (virtual network, public IP address, and port configuration)

    https://lernix.com.my/isaca-certification-training-courses-malaysia

  • Identify Azure file movement options

    In addition to large scale migration using services like Azure Migrate and Azure Data Box, Azure also has tools designed to help you move or interact with individual files or small file groups. Among those tools are AzCopy, Azure Storage Explorer, and Azure File Sync.

    AzCopy

    AzCopy is a command-line utility that you can use to copy blobs or files to or from your storage account. With AzCopy, you can upload files, download files, copy files between storage accounts, and even synchronize files. AzCopy can even be configured to work with other cloud providers to help move files back and forth between clouds.

     Important

    Synchronizing blobs or files with AzCopy is one-direction synchronization. When you synchronize, you designate the source and destination, and AzCopy will copy files or blobs in that direction. It doesn’t synchronize bi-directionally based on timestamps or other metadata.

    Azure Storage Explorer

    Azure Storage Explorer is a standalone app that provides a graphical interface to manage files and blobs in your Azure Storage Account. It works on Windows, macOS, and Linux operating systems and uses AzCopy on the backend to perform all of the file and blob management tasks. With Storage Explorer, you can upload to Azure, download from Azure, or move between storage accounts.

    Azure File Sync

    Azure File Sync is a tool that lets you centralize your file shares in Azure Files and keep the flexibility, performance, and compatibility of a Windows file server. It’s almost like turning your Windows file server into a miniature content delivery network. Once you install Azure File Sync on your local Windows server, it will automatically stay bi-directionally synced with your files in Azure.

    With Azure File Sync, you can:

    • Use any protocol that’s available on Windows Server to access your data locally, including SMB, NFS, and FTPS.
    • Have as many caches as you need across the world.
    • Replace a failed local server by installing Azure File Sync on a new server in the same datacenter.
    • Configure cloud tiering so the most frequently accessed files are replicated locally, while infrequently accessed files are kept in the cloud until requested.

    https://lernix.com.my/iso-iec-20000-certification-training-courses-malaysia

  • Identify Azure data migration options

    Now that you understand the different storage options within Azure, it’s important to also understand how to get your data and information into Azure. Azure supports both real-time migration of infrastructure, applications, and data using Azure Migrate as well as asynchronous migration of data using Azure Data Box.

    Azure Migrate

    Azure Migrate is a service that helps you migrate from an on-premises environment to the cloud. Azure Migrate functions as a hub to help you manage the assessment and migration of your on-premises datacenter to Azure. It provides the following:

    • Unified migration platform: A single portal to start, run, and track your migration to Azure.
    • Range of tools: A range of tools for assessment and migration. Azure Migrate tools include Azure Migrate: Discovery and assessment and Azure Migrate: Server Migration. Azure Migrate also integrates with other Azure services and tools, and with independent software vendor (ISV) offerings.
    • Assessment and migration: In the Azure Migrate hub, you can assess and migrate your on-premises infrastructure to Azure.

    Integrated tools

    In addition to working with tools from ISVs, the Azure Migrate hub also includes the following tools to help with migration:

    • Azure Migrate: Discovery and assessment. Discover and assess on-premises servers running on VMware, Hyper-V, and physical servers in preparation for migration to Azure.
    • Azure Migrate: Server Migration. Migrate VMware VMs, Hyper-V VMs, physical servers, other virtualized servers, and public cloud VMs to Azure.
    • Data Migration Assistant. Data Migration Assistant is a stand-alone tool to assess SQL Servers. It helps pinpoint potential problems blocking migration. It identifies unsupported features, new features that can benefit you after migration, and the right path for database migration.
    • Azure Database Migration Service. Migrate on-premises databases to Azure VMs running SQL Server, Azure SQL Database, or SQL Managed Instances.
    • Azure App Service migration assistant. Azure App Service migration assistant is a standalone tool to assess on-premises websites for migration to Azure App Service. Use Migration Assistant to migrate .NET and PHP web apps to Azure.
    • Azure Data Box. Use Azure Data Box products to move large amounts of offline data to Azure.

    Azure Data Box

    Azure Data Box is a physical migration service that helps transfer large amounts of data in a quick, inexpensive, and reliable way. The secure data transfer is accelerated by shipping you a proprietary Data Box storage device that has a maximum usable storage capacity of 80 terabytes. The Data Box is transported to and from your datacenter via a regional carrier. A rugged case protects and secures the Data Box from damage during transit.

    You can order the Data Box device via the Azure portal to import or export data from Azure. Once the device is received, you can quickly set it up using the local web UI and connect it to your network. Once you’re finished transferring the data (either into or out of Azure), simply return the Data Box. If you’re transferring data into Azure, the data is automatically uploaded once Microsoft receives the Data Box back. The entire process is tracked end-to-end by the Data Box service in the Azure portal.

    Use cases

    Data Box is ideally suited to transfer data sizes larger than 40 TBs in scenarios with no to limited network connectivity. The data movement can be one-time, periodic, or an initial bulk data transfer followed by periodic transfers.

    Here are the various scenarios where Data Box can be used to import data to Azure.

    • Onetime migration – when a large amount of on-premises data is moved to Azure.
    • Moving a media library from offline tapes into Azure to create an online media library.
    • Migrating your VM farm, SQL server, and applications to Azure.
    • Moving historical data to Azure for in-depth analysis and reporting using HDInsight.
    • Initial bulk transfer – when an initial bulk transfer is done using Data Box (seed) followed by incremental transfers over the network.
    • Periodic uploads – when large amount of data is generated periodically and needs to be moved to Azure.

    Here are the various scenarios where Data Box can be used to export data from Azure.

    • Disaster recovery – when a copy of the data from Azure is restored to an on-premises network. In a typical disaster recovery scenario, a large amount of Azure data is exported to a Data Box. Microsoft then ships this Data Box, and the data is restored on your premises in a short time.
    • Security requirements – when you need to be able to export data out of Azure due to government or security requirements.
    • Migrate back to on-premises or to another cloud service provider – when you want to move all the data back to on-premises, or to another cloud service provider, export data via Data Box to migrate the workloads.

    Once the data from your import order is uploaded to Azure, the disks on the device are wiped clean in accordance with NIST 800-88r1 standards. For an export order, the disks are erased once the device reaches the Azure datacenter.

    https://lernix.com.my/istqb-software-testing-certification-training-courses-malaysia

  • Describe Azure storage services

    The Azure Storage platform includes the following data services:

    • Azure Blobs: A massively scalable object store for text and binary data. Also includes support for big data analytics through Data Lake Storage Gen2.
    • Azure Files: Managed file shares for cloud or on-premises deployments.
    • Azure Queues: A messaging store for reliable messaging between application components.
    • Azure Disks: Block-level storage volumes for Azure VMs.
    • Azure Tables: NoSQL table option for structured, non-relational data.

    Benefits of Azure Storage

    Azure Storage services offer the following benefits for application developers and IT professionals:

    • Durable and highly available. Redundancy ensures that your data is safe if transient hardware failures occur. You can also opt to replicate data across data centers or geographical regions for additional protection from local catastrophes or natural disasters. Data replicated in this way remains highly available if an unexpected outage occurs.
    • Secure. All data written to an Azure storage account is encrypted by the service. Azure Storage provides you with fine-grained control over who has access to your data.
    • Scalable. Azure Storage is designed to be massively scalable to meet the data storage and performance needs of today’s applications.
    • Managed. Azure handles hardware maintenance, updates, and critical issues for you.
    • Accessible. Data in Azure Storage is accessible from anywhere in the world over HTTP or HTTPS. Microsoft provides client libraries for Azure Storage in a variety of languages, including .NET, Java, Node.js, Python, PHP, Ruby, Go, and others, as well as a mature REST API. Azure Storage supports scripting in Azure PowerShell or Azure CLI. And the Azure portal and Azure Storage Explorer offer easy visual solutions for working with your data.

    Azure Blobs

    Azure Blob storage is an object storage solution for the cloud. It can store massive amounts of data, such as text or binary data. Azure Blob storage is unstructured, meaning that there are no restrictions on the kinds of data it can hold. Blob storage can manage thousands of simultaneous uploads, massive amounts of video data, constantly growing log files, and can be reached from anywhere with an internet connection.

    Blobs aren’t limited to common file formats. A blob could contain gigabytes of binary data streamed from a scientific instrument, an encrypted message for another application, or data in a custom format for an app you’re developing. One advantage of blob storage over disk storage is that it doesn’t require developers to think about or manage disks. Data is uploaded as blobs, and Azure takes care of the physical storage needs.

    Blob storage is ideal for:

    • Serving images or documents directly to a browser.
    • Storing files for distributed access.
    • Streaming video and audio.
    • Storing data for backup and restore, disaster recovery, and archiving.
    • Storing data for analysis by an on-premises or Azure-hosted service.

    Accessing blob storage

    Objects in blob storage can be accessed from anywhere in the world via HTTP or HTTPS. Users or client applications can access blobs via URLs, the Azure Storage REST API, Azure PowerShell, Azure CLI, or an Azure Storage client library. The storage client libraries are available for multiple languages, including .NET, Java, Node.js, Python, PHP, and Ruby.

    Blob storage tiers

    Data stored in the cloud can grow at an exponential pace. To manage costs for your expanding storage needs, it’s helpful to organize your data based on attributes like frequency of access and planned retention period. Data stored in the cloud can be handled differently based on how it’s generated, processed, and accessed over its lifetime. Some data is actively accessed and modified throughout its lifetime. Some data is accessed frequently early in its lifetime, with access dropping drastically as the data ages. Some data remains idle in the cloud and is rarely, if ever, accessed after it’s stored. To accommodate these different access needs, Azure provides several access tiers, which you can use to balance your storage costs with your access needs.

    Azure Storage offers different access tiers for your blob storage, helping you store object data in the most cost-effective manner. The available access tiers include:

    • Hot access tier: Optimized for storing data that is accessed frequently (for example, images for your website).
    • Cool access tier: Optimized for data that is infrequently accessed and stored for at least 30 days (for example, invoices for your customers).
    • Cold access tier: Optimized for storing data that is infrequently accessed and stored for at least 90 days.
    • Archive access tier: Appropriate for data that is rarely accessed and stored for at least 180 days, with flexible latency requirements (for example, long-term backups).

    The following considerations apply to the different access tiers:

    • Hot, cool, and cold access tiers can be set at the account level. The archive access tier isn’t available at the account level.
    • Hot, cool, cold, and archive tiers can be set at the blob level, during or after upload.
    • Data in the cool and cold access tiers can tolerate slightly lower availability, but still requires high durability, retrieval latency, and throughput characteristics similar to hot data. For cool and cold data, a lower availability service-level agreement (SLA) and higher access costs compared to hot data are acceptable trade-offs for lower storage costs.
    • Archive storage stores data offline and offers the lowest storage costs, but also the highest costs to rehydrate and access data.

    Azure Files

    Azure File storage offers fully managed file shares in the cloud that are accessible via the industry standard Server Message Block (SMB) or Network File System (NFS) protocols. Azure Files file shares can be mounted concurrently by cloud or on-premises deployments. SMB Azure file shares are accessible from Windows, Linux, and macOS clients. NFS Azure Files shares are accessible from Linux or macOS clients. Additionally, SMB Azure file shares can be cached on Windows Servers with Azure File Sync for fast access near where the data is being used.

    Azure Files key benefits:

    • Shared access: Azure file shares support the industry standard SMB and NFS protocols, meaning you can seamlessly replace your on-premises file shares with Azure file shares without worrying about application compatibility.
    • Fully managed: Azure file shares can be created without the need to manage hardware or an OS. This means you don’t have to deal with patching the server OS with critical security upgrades or replacing faulty hard disks.
    • Scripting and tooling: PowerShell cmdlets and Azure CLI can be used to create, mount, and manage Azure file shares as part of the administration of Azure applications. You can create and manage Azure file shares using Azure portal and Azure Storage Explorer.
    • Resiliency: Azure Files has been built from the ground up to always be available. Replacing on-premises file shares with Azure Files means you don’t have to wake up in the middle of the night to deal with local power outages or network issues.
    • Familiar programmability: Applications running in Azure can access data in the share via file system I/O APIs. Developers can therefore use their existing code and skills to migrate existing applications. In addition to System IO APIs, you can use Azure Storage Client Libraries or the Azure Storage REST API.

    Azure Queues

    Azure Queue storage is a service for storing large numbers of messages. Once stored, you can access the messages from anywhere in the world via authenticated calls using HTTP or HTTPS. A queue can contain as many messages as your storage account has room for (potentially millions). Each individual message can be up to 64 KB in size. Queues are commonly used to create a backlog of work to process asynchronously.

    Queue storage can be combined with compute functions like Azure Functions to take an action when a message is received. For example, you want to perform an action after a customer uploads a form to your website. You could have the submit button on the website trigger a message to the Queue storage. Then, you could use Azure Functions to trigger an action once the message was received.

    Azure Disks

    Azure Disk storage, or Azure managed disks, are block-level storage volumes managed by Azure for use with Azure VMs. Conceptually, they’re the same as a physical disk, but they’re virtualized – offering greater resiliency and availability than a physical disk. With managed disks, all you have to do is provision the disk, and Azure will take care of the rest.

    Azure Tables

    Azure Table storage stores large amounts of structured data. Azure tables are a NoSQL datastore that accepts authenticated calls from inside and outside the Azure cloud. This enables you to use Azure tables to build your hybrid or multicloud solution and have your data always available. Azure tables are ideal for storing structured, non-relational data.

    https://lernix.com.my/itil-certification-training-courses-malaysia

  • Describe Azure storage redundancy

    Azure Storage always stores multiple copies of your data so that it’s protected from planned and unplanned events such as transient hardware failures, network or power outages, and natural disasters. Redundancy ensures that your storage account meets its availability and durability targets even in the face of failures.

    When deciding which redundancy option is best for your scenario, consider the tradeoffs between lower costs and higher availability. The factors that help determine which redundancy option you should choose include:

    • How your data is replicated in the primary region.
    • Whether your data is replicated to a second region that is geographically distant to the primary region, to protect against regional disasters.
    • Whether your application requires read access to the replicated data in the secondary region if the primary region becomes unavailable.

    Redundancy in the primary region

    Data in an Azure Storage account is always replicated three times in the primary region. Azure Storage offers two options for how your data is replicated in the primary region, locally redundant storage (LRS) and zone-redundant storage (ZRS).

    Locally redundant storage

    Locally redundant storage (LRS) replicates your data three times within a single data center in the primary region. LRS provides at least 11 nines of durability (99.999999999%) of objects over a given year.

    Diagram showing the structure used for locally redundant storage.

    LRS is the lowest-cost redundancy option and offers the least durability compared to other options. LRS protects your data against server rack and drive failures. However, if a disaster such as fire or flooding occurs within the data center, all replicas of a storage account using LRS may be lost or unrecoverable. To mitigate this risk, Microsoft recommends using zone-redundant storage (ZRS), geo-redundant storage (GRS), or geo-zone-redundant storage (GZRS).

    Zone-redundant storage

    For Availability Zone-enabled Regions, zone-redundant storage (ZRS) replicates your Azure Storage data synchronously across three Azure availability zones in the primary region. ZRS offers durability for Azure Storage data objects of at least 12 nines (99.9999999999%) over a given year.

    Diagram showing ZRS, with a copy of data stored in each of three availability zones.

    With ZRS, your data is still accessible for both read and write operations even if a zone becomes unavailable. No remounting of Azure file shares from the connected clients is required. If a zone becomes unavailable, Azure undertakes networking updates, such as DNS repointing. These updates may affect your application if you access data before the updates have completed.

    Microsoft recommends using ZRS in the primary region for scenarios that require high availability. ZRS is also recommended for restricting replication of data within a country or region to meet data governance requirements.

    Redundancy in a secondary region

    For applications requiring high durability, you can choose to additionally copy the data in your storage account to a secondary region that is hundreds of miles away from the primary region. If the data in your storage account is copied to a secondary region, then your data is durable even in the event of a catastrophic failure that prevents the data in the primary region from being recovered.

    When you create a storage account, you select the primary region for the account. The paired secondary region is based on Azure Region Pairs, and can’t be changed.

    Azure Storage offers two options for copying your data to a secondary region: geo-redundant storage (GRS) and geo-zone-redundant storage (GZRS). GRS is similar to running LRS in two regions, and GZRS is similar to running ZRS in the primary region and LRS in the secondary region.

    By default, data in the secondary region isn’t available for read or write access unless there’s a failover to the secondary region. If the primary region becomes unavailable, you can choose to fail over to the secondary region. After the failover has completed, the secondary region becomes the primary region, and you can again read and write data.

     Important

    Because data is replicated to the secondary region asynchronously, a failure that affects the primary region may result in data loss if the primary region can’t be recovered. The interval between the most recent writes to the primary region and the last write to the secondary region is known as the recovery point objective (RPO). The RPO indicates the point in time to which data can be recovered. Azure Storage typically has an RPO of less than 15 minutes, although there’s currently no SLA on how long it takes to replicate data to the secondary region.

    Geo-redundant storage

    GRS copies your data synchronously three times within a single physical location in the primary region using LRS. It then copies your data asynchronously to a single physical location in the secondary region (the region pair) using LRS. GRS offers durability for Azure Storage data objects of at least 16 nines (99.99999999999999%) over a given year.

    Diagram showing GRS, with primary region LRS replicating data to LRS in a second region.

    Geo-zone-redundant storage

    GZRS combines the high availability provided by redundancy across availability zones with protection from regional outages provided by geo-replication. Data in a GZRS storage account is copied across three Azure availability zones in the primary region (similar to ZRS) and is also replicated to a secondary geographic region, using LRS, for protection from regional disasters. Microsoft recommends using GZRS for applications requiring maximum consistency, durability, and availability, excellent performance, and resilience for disaster recovery.

    Diagram showing GZRS, with primary region ZRS replicating data to LRS in a second region.

    GZRS is designed to provide at least 16 nines (99.99999999999999%) of durability of objects over a given year.

    Read access to data in the secondary region

    Geo-redundant storage (with GRS or GZRS) replicates your data to another physical location in the secondary region to protect against regional outages. However, that data is available to be read only if the customer or Microsoft initiates a failover from the primary to secondary region. However, if you enable read access to the secondary region, your data is always available, even when the primary region is running optimally. For read access to the secondary region, enable read-access geo-redundant storage (RA-GRS) or read-access geo-zone-redundant storage (RA-GZRS).

     Important

    Remember that the data in your secondary region may not be up-to-date due to RPO.

    https://lernix.com.my/java-ee-enterprise-edition-training-courses-malaysia