Author: Vipin V.K

Azure Fundamentals (AZ900) certification preparation – short notes-IV

Leave a comment

Thanks for reading our first, second and third posts in this series. Let’s get into the 4th post of the series Azure Fundamentals (AZ900) certification preparation short notes.

The intention of this series is to help your preparation for the AZ900 certification, or for your revision before taking the exam.

[ Disclaimer : This is not a complete training material for the certification. This is just random (short) notes which we captured from course curricula, which will help the readers for their final revision/rewind before appearing for the exam. We do not offer any guarantee in passing the exam with this content ]

So, let’s get into the contents…

IoT Services
IoT Central – Connects your IoT devices to cloud
IoT Hub – Secure communication between the IoT apps and their managed devices
IoT Edge – allows processing and analysis of IoT devices data. A service built on Azure IoT Hub.
Windows 10 IoT Core Services – A cloud services subscription

Read more

——————- advertisements ——————-

———————————————————

Bigdata services

Azure Synapse analytics (SQL datawarehouse -formerly) : intended to run SQL queries against large DBs.
HDInsight : Run Open-sourced analytics software such as Hadoop,Kafka and Spark
Azure databricks : An apache Spark-based for Azure. Third-part databricks services within Azure.
DataLake analytics : Large storage for Raw data for bigdata. Analytics and reporting

AI/ML services
Azure Meachine learning service : Service for simplifying and running AI/ML related workflows in Azure. Python,R or Deep Learning workloads such as TensorFlow
Azure machine learning studio : Older service for AI/ML workloads
——————- advertisements ——————-

———————————————————

AI Services
Personalizer : personlized experience for every user.
Translator : real-time multi-language translator
Anomaly detector : detect anomalies in data and troubleshoot
Azure bot service : serverless bot service on-demand
Form recognizer : auto extraction of key/value, text, table etc.. from data
Computer vision : Content analysis from images
Language understanding : natural language understanding for apps,chat bots etc…
QnA maker : QnA bot. helps to create a question-answer structure over the data
Text analysis : helps in sentiment analysis. identifying names, phrases etc…
Content moderator : helps to detect potentially offensive content
Face : helps to identify the people and the emotions from images etc…
Ink recognizer : digital ink recognizer, such as handwriting, shapes etc…

Serverless services
Functions : serverless compute. No need to provision/manage any servers.
Azure blob storage : blob storage service
Logic apps : allows you to build serverless workflows composed of Azure functions, building a state machine for serverless compute
Event grid : Pub/sub type. Allowing to react to events and trigger other services like Functions

Visual studio code : code editor
——————- advertisements ——————-

———————————————————

Regulation and compliance
Azure trust center : Online portal where we can check the security and regulatory compliance info (example GDPR – General Data protection Regulation)
Azure security compliance programs (2:16:30) :
– CJIS (Criminal Justice Information Services) – has to be compliant to access FBI’s CJIS Database
– Cloud Security Alliance (Star Certification) – Third party
– GDPR – European law, against anyone (org) collects and analyzes data tied to EU residents
– EU Model clause – transfers of data outside of EU.
– HIPPA (Health insurance portability and accountability act) – patient protected health info.
– ISO 27018 – processing of personal info by cloud service providers

Azure Active Directory
AD comes in four flavors
free – MFA, SSO, and basic security settings
Office 365 Apps – company branding, two-sync between on-prem and cloud
Premium 1 – Hybrid architecture,
Premium 2 – identity protection and identity governance.

Azure security Center : Infrastructure security management system – A UI with lots of options.
Azure key vault : Stores and manages tokens/keys etc…
– Secret management – keys,tokens,certificates etc…
– Key management – Encryption key creation and management
– Certificate management – manages SSL certificates
– HSM – Keys and secrets managed by FIPS compliant Hardware-Security-Module (FIPS 140-2 compliance for multi-tenant and FIPS 140-3 for single tenant)

——————- advertisements ——————-

———————————————————

Protection
Azure DDoS Protection : basic protection is always on and is free. Advanced version is paid and has more features including reporting, Expert support, SLAs.
Azure firewall : Network protection. High availability built-in no load balancers required.
Azure information protection : in our outlook. Protects sensitive data by encryption,restricted access etc…
RBAC (role-based ac)
– Security principal : identities requesting access to an azure resource.
— User, group, Service principal (a security identity used to access azure resources),Managed identity (an identity in Azure AD managed by Azure)- Scope : Defines a scope of a role. Controls at Management,subscription or resource group level.
– Role definition : Set of roles. R/W/Delete etc..

Lock Resources : Locking to avoid unexpected deletion etc… CanNotDelete(Delete), Read-Only are types of locks.
Management groups : Adding subscriptions (accounts) to a management group will have all the permissions on it. Accounts under “Finance” group will have permissions required for that team/group/dept (example)
That’s it for part-4. You can find the next section in this series here. For the complete series click here .

Azure Fundamentals (AZ900) certification preparation – short notes-III

One comment

In continuation to our previous 2 posts, here is the third post in the Azure fundamentals certification preparation series. As mentioned in our first post, we recommend you to read the complete documentation from the Microsoft Docs page.

We recommend you to go thru the first post and the second post before starting with this post.

[ Disclaimer : This is not a complete training material for the certification. This is just random (short) notes which we captured from course curricula, which will help the readers for their final revision/rewind before appearing for the exam. We do not offer any guarantee in passing the exam with this content ]

So, here’s are the part-3 contents.

App integration services
Azure notifications hub : Pub/send – send push notifications to any platform from any backend
Azure API Apps : API Gateway- for building and consuming the APIs in cloud.Route APIs to Azure services
Azure Service Bus : Service Bus – A reliable MaaS (Messaging-as-a-S) and simple hybrid integration
Azure Stream analytics : Serverless Real-time analytics, from cloud to edge
Azure Logic Apps : Schedule,Automate and Orchestrate tasks, business processes and workflows. Ent Saas and Ent apps integration
Azure API Management : Hybrid, Multi-cloud. Put in front of existing APIs to add additional functionality.
Azure Queue storage : Messaging queue – data store for queuing an delivering messages between apps.

Read more

——————- advertisements ——————-

———————————————————

Dev and Mobile tools
Azure SignalR service : Easily adding real-time web functionality to apps. Kind of PUSHER for Azure
Azure App Service : Easy to use service for deploying web apps using .net,node.js, Java, Python, pHP. No need to worry about underlying infra. like HEROKU
Visual Studio : IDE designed for creating apps for Azure. Not visual studio code on laptops.
Xamarin : Mobile-App Framework – Create mobile apps with .Net and Azure.
Azure DevOps services
Azure boards : Similar to Kanban boards. Faster delivery using agile tools (to plan, track and discuss work across teams)
Azure pipelines : CI/CD (contin Integration/Cont Delivery) pipelines (build,test and deploy) with GitHub or any other Git provider
Azure Repos : Unlimited Cloud hosted Private Git Repos for developement
Azure Test plans : Extraordinary testing tools for Test and ship
Azure Artifacts :
Azure DevTest Labs : Easy way to create devtest environments for your devtest requirements
ARM (Azure Resource Manager) : Is an example of IaC (Infrastrucre as Code). Allows programmatically create Azure resources via JSON template.
Azure Quickstart Templates : A library of pre-made ARM templates. Community driven.

——————- advertisements ——————-

———————————————————

Networking services
vNet and Subnet : You have to have a vNet, a broader network CIDR range and that is divided into multiple subnets (private and public for example).
vNet can be 10.0.0.0/16 and 2 subnets can be 10.0.1.0/24 and 10.0.10.0/24 for example
Cloud-Native networking services : Azure DNS, vNet, Azure Load balancer (Transport layer), Azure application load balancer (web apps), Network security groups (firewall)
Enterprise/Hybrid networking service :
Azure Front door : Secure entry point for fast delivery of your global apps
Azure Express route : A superfast connection between on-prem and Azure (50Mbps to 10Gbps)
Virtual WAN : Single operation interface which brings many networking, security and routing functionalities together
Azure Connection : A VPN connecting 2 azure local networks
Virtual Network Gateway : Site to Site VPN between Azure and Local network
Azure Traffic Manager : routing the incoming traffic based on the parameters set.
Weighted, Performance, Priority, Geographic,Mutlivalue, Subnet etc… To which server instance the application request should go.
Azure DNS : allows to create and manage the DNS records (does not allow purchasing the domain names). We can create A record, C-name, SOA, NS record etc…
Azure Load balancer : Operates at transport layer. Can be public facing network or internal network.
Scale Set : allows a group of identical VMs to be added or removed automatically.
More details in the next post. You can find the next section in this series here. For the complete series click here .

Azure Fundamentals (AZ900) certification preparation – short notes-II

2 comments

Second post from our Azure Fundamentals (AZ900) certification preparation notes. If you haven’t gone through the first post in this series, you can find it here.

This series intents to helps those who are preparing for the AZ900 certification, so that you don’t have to go through the complete documentation. This also helps in your revision if you have already prepared for your exam.

[ Disclaimer : This is not a complete training material for the certification. This is just random (short) notes which we captured from course curricula, which will help the readers for their final revision/rewind before appearing for the exam. We do not offer any guarantee in passing the exam with this content ]

So, let’s get into the contents in this section.

Azure Regions, AZs, Geography and Datacenters

AZ – one ore more DCs. Better practice is to have workload running in 3 AZs for HA. 99.99% SLA
Availability Set : Ensures that the resources are in different racks in same DC. 99.95% SLA

Read more

Fault domain : Grouping of hardware considering to avoid single point of failure
Update domain : Grouping of hardware considering to avoid single point of failure during software update
Region – AZ – Geography (is the data residency and compliance boundary – data will be within the country boundary), a geography will have minimum 2 regions at a far physical distance
Recommended Region : broadest service capabilities. Supports AZs.
Alternate (other) Region : A region within the data residency boundary (Geography) having recommended region as well. Not designed to support AZs.

——————- advertisements ——————-

———————————————————

Special Regions : for legal and compliance requirements basically for governments. China and US are having a few special regions (US DoD Central, US Gov Virginia, US Gov Iowa, China East etc…) .
Three categories of services
Foundational : Once the service is GA, it will be immediately (or in 12 months) be available in all (recommended and Alternate) regions
Mainstream : Once the service is GA, it will be immediately (or in 12 months) be available in recommended regions. Available in Alternate regions based on customer request
Specialized : Available in any region as per customer request.
Compute services
Azure VMs : Most common type of Compute service. Choose your own OS and hardware requirements. Underlying hardware will be shared with other customers.
Azure container service : Docker as a service. Run containers without having any servers or VMs.
Azure Kubernetes Service (AKS) : K8s as a service. to deploy,manage scale cotinerized apps. Open source K8 software.
Azure Service Fabric : Tier-1 Enterprise container as a service. Distributed systems platform. On Azure or On-premises.
– Easy to package, deploy and manage scalable and reliable microservices (A Cont service or AKS instance maybe)
Azure functions : serverless compute. No need to provision/manage any servers.
Azure batch : plans,schedules and executes batch computer workloads.

——————- advertisements ——————-

———————————————————

Storage Services
Azure Blob storage : Object storage
Azure Disk storage : Block storage
Azure File storage : NAS
Azure Queue storage: Messaging queue for apps (SNS in AWS)
Azure Table storage: NoSQL database table storage
Azure databox/databox heavy : For moving TB/PBs of storage. Snowball example
Azure Archive storage: Cheap long-term cold storage. (Glacier example)
Azure datalake storage: Centralized repo for all structured/unstructured data at any scale (bigdata)
Database services
Azure Cosmos DB : Fully managed NoSQL DB
Azure SQL DB : Fully managed MS SQL DB
Azure DB for MySQL/PSQL/MariaDB : Fully managed MySQL,PostgreSQL,MariaDB scalable and high available.
SQL server on VMs : MS SQL engine on VMs. Lift-n-shift MS SQL servers from on-prem to cloud
Azure synapse analytics (Azure SQL data warehouse) : fully managed data warehouse on cloud. security and scale
Azure DB migration service : to migrate your DB to cloud without any changes.
Azure cache for Redis : (Open-source) Redis caching for your DBs for performance.
Azure table storage : Wide column NoSQL DB – A NoSQL store that hosts unstructured data independant of schemas
More details in the next section. You can find the next section in this series here. Click here for the complete series.

Azure Fundamentals (AZ900) certification preparation – short notes-I

2 comments

Azure certifications are of high industry demand right now and Azure Fundamentals (AZ-900) is the right starting point for the certifications. You can see here how you can get a free Azure training and an exam voucher you can use for the certification.

In these series of posts, we are sharing a certification preparation notes for you. Instead of going thru the detailed content over internet, you can refer these short notes in your exam preparation.

[ Disclaimer : This is not a complete training material for the certification. This is just random (short) notes which we captured from course curricula, which will help the readers for their final revision/rewind before appearing for the exam. We do not offer any guarantee in passing the exam with this content ]

We recommend referring to the Microsoft Docs page for the detailed notes.

Types of compute

Read more

Virtual machines : Emulating a computer system without having dedicated hardware. It can run the guest operating system on shared hardware. Consumers can deploy multiple virtual machines on the physical hardware as they need (depending on the hardware limitation also).
——————- advertisements ——————-

———————————————————

containers : containers serves the execution environments for applications without a guest operating system. A container will have the application and all the dependencies packaged in it. example : Docker
serverless computing : Lets you to build and run applications without worrying about the underlying server/host.Cloud provider runs the server for you.
Cloud computing benefits
Cost-effective : Consumer doesn’t have to pay for and maintain the hardware and infrastructure for their needs. Cloud provider allows a pay-as-you-go pricing.
Scalable : Lets the consumer scale their environment (both scaling up and scaling out) as per the demand
Elastic : Based on the needs, the cloud can automatically allocate more resources and can be de-allocated automatically once the requirement is completed.
Global : You can provision your resources in any region across the globe, totally redundant.
Reliable : reliability via redundancy, backups and disaster recovery solutions all inbuilt.
Secure : Physical (to the physical infrastrucure) and digital (relevent authentication for data access) security assured.
CapEx and OpEx
CapEx : all the expenditures in (initially) setting up the environment. Upfront expense.
examples include the Server, Storage, Networking, DataCenter infrastructure and Technical resources expense etc…
Benefits : Fixed expense and consumer can plan the budget.
——————- advertisements ——————-

———————————————————

OpEx : With Cloud Computing the consumers has to worry about on the operation expenses (the billing for the infra and services) which involves limited upfront payment.
Benefits : You do not have to pay full amount upfront.
Cloud deployment models
Private Cloud : Cloud environment within your data center. Complete control on the hardware/physical infrastructure and the physical security.
Public Cloud : Hardware is being managed completely by the cloud provider and the consumers use the required infra and services.
Hybrid Cloud : A combined model of private and public cloud models, adding the benefits of both the models to the consumer.
——————- advertisements ——————-

———————————————————

Types of cloud services
IaaS (Infrastructure as a Service) : A computing infrastructure for the consumer without having hardware with them. Consumer has the maximum control of the infra in this model compared to the other services.
PaaS (Platform as a Service) – For running/testing an application on the required platform without worrying about the infrastructure.
SaaS (Software as a Service) – Consumer can avail the software services from cloud without being concerned about the infra and the platform running it. Office365 is an example.

Hope this section will help you in your certification journey. You can find the next section in this series here. For the complete series click here.

COVID-19 : Let’s fight this battle, together

Leave a comment

We are going thru such a difficult situation right now and the numbers keep on coming are horrible. COVID-19, started from a small district in China has now spread to almost everywhere (6 continents) around the globe.

Image courtesy : WHO

Let’s not be panic, but let’s be more vigilant and careful.We have to fight against this pandemic, together.

Make sure you are, Read more

  • Keeping yourself clean always. Sanitize your hands frequently, especially after any contact with others.
  • Covering your mouth and nose while coughing and sneezing
  • Avoiding gatherings, travel etc… as much as possible.
  • Using face masks whenever required
  • Getting yourself checked by medical practitioner if you have any of the listed symptoms of the disease
  • Being indoor with minimum contact with others, if you have recently traveled to any of the affected areas.
  • Following the instructions from the local government bodies and the medical team

The Symptoms of COVID-19 include :

  • Sore throat
  • (dry) Cough
  • Fever
  • Diarrhea, vomiting
  • Muscle pain and Headache along with Fever
  • etc…

Take care of yourself, take care of everyone. Our prayers are with everyone affected, globally. We will recover faster and better.

 

VMware vSAN – Understanding Fault Domains

Leave a comment

VMware vSAN is one of the leading enterprise class software defined storage from VMware. It helps in leveraging the server based storage for enterprise applications. Advantages, as you might have already known – cost reduction, ease of administration and more…

In this post we are discussing one of the characteristic of vSAN, Fault Domains. Read more

What ?

Fault Domains helps an administrator to design the failure scenarios that may occur in a vSAN cluster. If a customer want to avoid data inaccessibility during a chassis failure or power failure in a rack etc… customer can do so by setting the right fault domains.

There should be a minimum of 3 fault domains for having this enabled on a cluster.

——————- advertisements ——————-

———————————————————

How ?

In a vSAN cluster, writes will be send to multiple hosts/drives depending on the Storage policy and the Failures To Tolerate (FTT) settings. If the FTT=1, the write will be send to 2 hosts at the same time. Even if one of the host fails, the data will be still accessible as the replica will be available on the host and thus IO operation continues. We will discuss the IO operation in vSAN, in a separate post.

In case of Failure Domain configuration, the replicas will be saved in different Failure Domains. We can define all the hosts in the same rack to be part of one Failure Domain and thus data and its replica will never be in the same (host in the same) rack. Thus the administrator can plan for any maintenance activities at the rack level without any disruption of the services running on the vSAN.

Same applies for the chassis level or any other level protection. We can define all the fault domains at the chassis level, so that replicas will not reside in the same chassis.

Additional reading :

 

Hope you enjoyed reading this post and was helpful for you. Please share your thoughts in the comments section.

Introducing Beginner’s Forum TV

Leave a comment

Introducing our YouTube channel – Beginner’s Forum TV. A new platform from the team as promised, to share more of our contents from the technology world. 

We have been posting contents here in the blog in different categories around the Data Center including Networking, Servers, Storage, Cloud and a bit of programming stuff. Our channel will have contents from all these areas but will not be limited to these. We will be adding more tech stuff – on electronics and gadgets, Application and Web development and anything technical of your interest.

Read more

Subscribe (by clicking the above button) to Beginner’s Forum TV so that you will not be missing any updates on our latest contents. 

 
Thank You for all your support and keep doing the same. Follow/Subscribe us, share our contents and keep sharing feedback (comments) as you always did. 

HAPPY nEW YEAR

Leave a comment

We wish all our readers, a very happy New Year 2019..!!

We had a wonderful year 2018, a year we achieved many milestones and were able to do some amazing stuff on and off our page here.

Now we are into this New Year and we hope to cover even further this year. We assure you excellent and innovative content and we have ‘things’ planned for this New Year. 🙂

Once again we wish all our readers a Happy New Year, 2019..!

Keep reading..!

Vembu BDR Suite v4.0 is now GA

Leave a comment

Vembu’s BDR Suite v4.0 is now GA.

Vembu announced the latest version – 4.0 – recently and is now Generally Available for customers. Vembu BDR 4.0 is only available now for fresh installations. An upgrade package will soon be available for existing customers to upgrade their environment to 4.0.

There are a lot of exciting new features available with 4.0 including backup of VM’s running on Hyper-V cluster etc… You can click here to read more about the new features in Vembu BDR 4.0.  Read more

You can download the installer here for your environment today.

Also, Vembu is giving away up to 40% discount on their products till the 24th of December. Hurry and enjoy the Thanksgiving-Christmas discount from Vembu and grab your your piece of software. Please refer to the Vembu blog here for more details.

IT Blog Awards by Cisco – Vote now..!

Leave a comment

Hurry, vote now for the best IT Blogs in the IT Blogs awards hosted by Cisco..!

About the program:

This is the first ever IT Blogs awards from Cisco for recognizing the contribution by the blogger community, in various categories.

(about the program) from the Cisco website :

The first-ever IT Blog Awards, hosted by Cisco, is our way of recognizing the great community of independent tech bloggers for the passion, creativity, and expertise shared throughout the year. We appreciate your impact on the tech community.
Voting is now open through January 4, 2019.  Winners will receive a Cisco Live US pass.

You can vote for the blogs in different categories and the voting ends on 4th Jan, 2019. Make sure to consider the value, credibility and the consistency of the content while you select a blog as the best in that category.

It is your opportunity now to recognize the bloggers/blogs who are helping the community by providing excellent contents. Do not wait, Vote Now.

We are proud to announce that, we have been chosen as one of the finalists in the Best Group Effort Category. If you feel our contents were of quality, helping the community and at the same time meeting the program guidelines, you can select our blog in best group effort category.

1 2 3 4