Is a discrete market typically containing two or more regions that preserves data?
Useful docs for understanding Azure’s global infrastructure can be found here Show
Azure Regions A region is a set of datacenters deployed within a latency-defined perimeter and connected through a dedicated regional low-latency network. With more global regions than any other cloud provider, Azure gives customers the flexibility to deploy applications where they need to. Azure is generally available in 53 regions around the world, with plans announced for 7 additional regions. Geographies A geography is a discrete market, typically containing two or more regions, that preserves data residency and compliance boundaries. Geographies allow customers with specific data-residency and compliance needs to keep their data and applications close. Geographies are fault-tolerant to withstand complete region failure through their connection to our dedicated high-capacity networking infrastructure. Availability Zones Availability Zones are physically separate locations within an Azure region. Each Availability Zone is made up of one or more datacenters equipped with independent power, cooling, and networking. Availability Zones allow customers to run mission-critical applications with high availability and low-latency replication. What is resiliency in Azure? Comprehensive set of native business continuity solutions, providing high availability, disaster recovery, and backup to protect your mission critical applications and data. High availability Maintaining acceptable continuous performance despite temporary failures in services, hardware, datacenters, or fluctuations in load Disaster recovery Protection against loss of an entire region through asynchronous replication for failover of virtual machines and data using services such as Azure Site Recovery and geo-redundant storage (GRS) Backup Replication of virtual machines and data to one or more regions using Azure Backup. Blast radius The radius of protection for applications and data. For example, Availability Sets protect applications within a datacenter, and Availability Zones protect applications and data in an Azure region Data residency boundary Two regions that share the same regulatory requirements for data replication and storage for the country or region in which they operate. ISO-22301 Certification Azure is certified under the first international standard to demonstrate the ability to prevent, mitigate, respond to and recover from disruptive incidents. More Links for furthur reading Azure Architecture Center - Guidance for architecting solutions on Azure using established patterns and practices. Azure resiliency solutions - Build with confidence with high availability, disaster recovery, and backup Azure Availability Zones - High availability for your most demanding mission-critical applications and data Azure regions - Azure has more global regions than any other cloud provider—offering the scale needed to bring applications closer to users around the world, preserving data residency, and offering comprehensive compliance and resiliency options for customers. Skip to content
Azure fundamentals – part 1/4Azure FundamentalsPart 1/4 – Concepts, Introduction to Azure, Architecture and SLAs, Accounts and SubscriptionsConceptsMicrosoft’s view on the benefits of Cloud Computing;
Azure is NIST CSF, ISO/IEC 27018, SOC 1/2/3, HIPPA and GDPR compliant Management responsibility across different types of cloud services In azure, one server in each rack of servers runs a special piece of software called a Fabric Controller. Fabric Controllers are connected to the Orchestrator. Orchestrators are responsible for everything that happens in Azure, including user requests. Users make requests using Orchestrator’s web API. Azure: the big pictureAzure services are divided into ten main categories Compute services
Networking
Storage services
DevOps
Mobileenables developers to create mobile backend services for iOS, Android and Windows apps. Offers offline data synchronisation, connectivity to on-premises data, broadcasting push notifications and autoscaling to match business needs Databases
Web
Internet of Things
Big Data
Artificial Intelligence
Azure Cloud Shell: a browser-based command-line experience for managing and developing Azure resources. Think of Cloud Shell as an interactive console that you run in the cloud. Cloud Shell provides two experiences to choose from: Bash and PowerShell. Both include access to the Azure CLI, the command-line interface for Azure Azure Resource Group: Virtual machines and other cloud resources are grouped into logical containers called resource groups. Groups are typically used to organize sets of resources that are deployed together as part of an application or service. You refer to a resource group by its name. Normally, the first thing we’d do is to create a resource group to hold all the things that we need to create. This allows us to administer all the VMs, disks, network interfaces, and other elements that make up our solution as a unit. By default, Azure assigns a public IP address to your VM. You can configure a VM to be accessible from the Internet or only from the internal network Tools that are commonly used for day-to-day management and interaction include:
Both Azure CLI and PowerShell can be leveraged to build automated scripts that work against the Azure Resource Manager and these scripts are considered as Infrastructure as Code (IaC) ARM Templates, Terraform, Ansible, Jenkins and Cloud-init are also some of the tools available to deploy and manage your work environment in Azure Custom Script Extension: An easy way to download and run scripts on your Azure VMs. You can store your scripts in Azure storage or in a public location such as GitHub. Azure Advisor and Azure Cost Management are two services that help you optimize cloud spend. You can use these services to identify where you’re using more than you need, and then scale back to the capacity you’re actually using. Azure architecture and service guaranteesA region is a geographical area on the planet containing at least one, but potentially multiple datacenters that are nearby and networked together with a low-latency network. Azure intelligently assigns and controls the resources within each region to ensure workloads are appropriately balanced. There are some global Azure services that do not require you to select a particular region, such as Microsoft Azure Active Directory, Microsoft Azure Traffic Manager, and Azure DNS. Azure divides the world into geographies that are defined by geopolitical boundaries or country borders. An Azure geography is a discrete market typically containing two or more regions that preserve data residency and compliance boundaries. Geographies are fault-tolerant to withstand complete region failure through their connection to dedicated high-capacity networking infrastructure. Geographies are broken up into the following areas:
Availability Zones are physically separate datacenters within an Azure region. Each Availability Zone is made up of one or more datacenters equipped with independent power, cooling, and networking. AZs are connected through high-speed, private fiber-optic networks. Azure services that support Availability Zones fall into two categories:
Availability zones are created using two datacenters within a single region. However, it’s possible that a large enough disaster could cause an outage big enough to affect even two datacenters. That’s why Azure also creates region pairs. Region Pairs: Each Azure region is always paired with another region within the same geography at least 300 miles away. This approach allows for the replication of resources (such as virtual machine storage) across a geography that helps reduce the likelihood of interruptions. Additional advantages of region pairs include:
There are three key characteristics of SLAs for Azure products and services:
Service Credits: SLAs also describe how Microsoft will respond if an Azure product or service fails to perform to its governing SLA’s specification. For example, customers may have a discount applied to their Azure bill, as compensation for an under-performing Azure product or service. When combining SLAs across different service offerings, the resultant SLA is a called a Composite SLA. The resulting composite SLA can provide higher or lower uptime values, depending on your application architecture. By creating your own SLAs, you can set performance targets to suit your specific Azure application. This approach is known as an Application SLA. Azure accounts and subscriptionsAn Azure account is what you use to sign in to the Azure website and administer or deploy services. Every Azure account is associated with one or more subscriptions and is a globally unique entity. Authentication for your account is performed using Azure Active Directory (Azure AD). An Azure subscription is a logical container used to provision resources in Microsoft Azure. It holds the details of all your resources like virtual machines, databases, etc. You can create multiple subscriptions under a single Azure account. This is particularly useful for businesses because access control and billing occur at the subscription level, not the account level. Subscriptions are also bound to some hard limitations. For example, the maximum number of Express Route circuits per subscription is 10. Those limits should be considered as you create subscriptions on your account. Azure offers free and paid subscription options. The most commonly used subscriptions are:
Azure AD is partitioned into separate tenants. A tenant is a dedicated, isolated instance of the Azure Active Directory service, owned and managed by an organisation. When you sign up for a Microsoft cloud service subscription such as Microsoft Azure, Microsoft Intune, or Office 365, a dedicated instance of Azure AD is automatically created for your organisation. The email address you use to sign in to Azure can be associated with more than one tenant. Azure AD tenants and subscriptions have a many-to-one trust relationship: A tenant can be associated with multiple Azure subscriptions, but every subscription is associated with only one tenant. This structure allows organisations to manage multiple subscriptions and set security rules across all the resources contained within them. Notice that each Azure AD tenant has an account owner. This is the original Azure account that is responsible for billing. You can add additional users to the tenant, and even invite guests from other Azure AD tenants to access resources in subscriptions Microsoft offers four paid Azure support plans for customers who require technical and operational support:
share this postIs a discrete market typically containing two or more regions that preserves data residency and compliance boundaries?An Azure geography is a discrete market typically containing two or more regions that preserve data residency and compliance boundaries.
Which option preserves data residency and offers comprehensive compliance and resiliency options?Datacenter infrastructure
The infrastructure is designed to bring applications closer to users around the world, preserving data residency, and offering comprehensive compliance and resiliency options for customers.
Which of the following is used when someone is only concerned about the code running the service instead of the underlying platform or infrastructure?Which of the following should you use when you are concerned only about the code running your service and not the underlying platform or infrastructure? Azure Functions. Azure Functions are ideal when you're concerned only about the code running your service and not the underlying platform or infrastructure.
|