Databases

• Multiple database services to store a wide variety of data types and volumes.

• Have global connectivity and instant data availability

Azure Cosmos DB

• 📝 Globally distributed (= multiple regions) database service

• Supports schema-less data, stores JSON

• 💡 Good for Always On applications to support constantly changing data.

  • Helps with failover during regional disaster

  • Transparent multi-master replication, 99.999% high availability for both reads and writes

• 💡 Good for data used by & maintained by users around the globe.

Azure Cache for Redis

• Caches frequently used and static data to reduce data and application latency

Azure SQL Database Options

• Azure Database for MySQL: Fully managed and scalable MySQL

• Azure Database for PostgreSQL: Fully managed and scalable PostgreSQL

• Azure Database for MariaDB: Fully managed and scalable MariaDB

• SQL server on VMs: Host SQL servers in own VPNs

Azure SQL Database

• Relational database as a service (DaaS)

• Based on the latest stable version of the Microsoft SQL Server database engine.

• High-performance, reliable, fully managed and secure database

Azure Database Migration Service

• Allows to migrate existing SQL Server to Azure

• Performs all of the required steps.

• Minimal downtime

• Uses the Microsoft Data Migration Assistant

  • Generate assessment reports that provide recommendations

Azure Synapse Analytics

• Formerly SQL Data Warehouse

• 📝 A cloud data warehouse for the enterprise

• Characterized by high resiliency through automatic scaling.

• Massive parallel processing (MPP) to run complex queries quickly across petabytes of data

Azure HDInsight

• 📝 A big data and advanced analytics service providing open-source analytics, processing and integrations with big data frameworks, including:

  • Apache Hadoop

  • Apache Spark

  • Apache HBase

  • Apache Kafka

• Useful for big data tasks such as ETL (Extract, Transform, Load), data warehousing, machine learning, and IoT.

Networking

• Helps you optimize application performance & scalability

• Links compute resources and provides access to applications

• Configure & control traffic into and out of Azure efficiently e.g. from on-premises to Azure and vice versa.

Loosely Coupled Architecture

• Architecture behind Azure

• Different services/components that sends and receives data from one another

  • They have little to no knowledge about other components.

• See also micro-services.

• 💡 Recommended because:

  • Can be updated independently: Allows non-breaking changes as long as communication strategy is consistent.

  • Allows services to be changed without significant impact to the rest of the system.

  • Can be scaled proportionally.

    • Scale up/down, out/in only services that are relevant.

    • 💡 Take advantage of asynchronous messaging in Azure for communication for scalability.

N-tier architecture

• Can be used to build loosely coupled architectures.

• Divides an application into two or more logical tiers.

  • A higher tier can access services from a lower tier, but a lower tier should never access a higher tier.

• Tiers help separate concerns and are ideally designed to be reusable.

• Simplifies maintenance: Tiers can be updated or replaced independently, and new tiers can be inserted if needed.

• Three-tier refers to an n-tier application that has three e.g.

  • Web tier (front-end)

  • Application tier (back-end that runs application logic)

  • Data tier (database)

  • Observe that each tier can access services only from a lower tier.

• Read more

Concepts

Region

• One or more Azure data centers within a specific geographic location

• E.g. East US, West US, and North Europe

Azure Virtual Network

• Enable you to group and isolate related systems

• Logically isolated network on Azure

• Allows Azure resources to securely communicate with • each other • VPNS • the internet • on-premises networks

• ❗ Scoped to a single region

• 💡📝 Virtual networks, subnets, NICs (network interfaces) are free (no $$) resources

  • Public IP addresses, reserved IP, network appliances such as VPN Gateway & Application Gateway are charged.

• You choose which networks your virtual network can reach, whether that's the public internet or other networks in the private IP address space.

Subnet

• A virtual network can be segmented into one or more subnets.

• Help you organize and secure your resources in discrete sections.

• E.g. users interact with the web tier directly, so that VM has a public IP address along with a private IP address.

  • Users don't interact with the application or data tiers, so these VMs each have a private IP address only.

VPN Gateway

• 📝 Also called virtual network gateway

• 📝 Provide a secure connection between an Azure Virtual Network and an on-premises location over the internet.

• 📝 Your on-premises network is represented as Local network gateway object in Azure.

• E.g. enables you to keep your data tiers in on-premises network, and web tier in cloud.

• Azure manages the physical hardware for you, virtual networks & gateways are configured through software.

• 📝❗ Must be deployed in a subnet called gateway subnet.

Network security group (NSG)

• 📝 Control what traffic can flow through a virtual network.

• Allows or denies inbound network traffic to your Azure resources.

• Can be thought as a cloud-level firewall for your network.

• E.g. web tier allows inbound traffic on ports 22 (SSH) and 80 (HTTP).

  • Port 22 enables you to connect directly to Linux systems over SSH.

    • You might configure VPN access to your virtual network to increase security.

• 💡 Configure a NSG to accept traffic only from known sources, such as IP addresses that you trust.

Other services

• Azure ExpressRoute

  • Connects to Azure over high-bandwidth dedicated secure connections

• Azure Network Watcher

  • Monitors and diagnoses network issues using scenario-based analysis

• Azure Virtual WAN

  • Creates a unified wide area network (WAN), connecting local and remote sites

• Network protection services: • Azure DDoS Protection • Azure Firewall