AZ‐204 - Imtiaz211/interviews GitHub Wiki

AZ-204

Introduction

Azure Storage

  • Blob ( - Unstructured, - Large, -Page/Block)
  • Table ( - Key/Value, -Small)
  • Queue (-Queue, - Reliable, -MSMQ)
  • File (- File share, -Legacy, -SMB)
  • Disk (- Premium, -High i/O, VM Disk)

Top Azure PaaS Services:- One of the core Azure PaaS services is Azure App Services. Azure App Services provide multiple service types.

  • Web Apps
  • Mobile Apps
  • Logic Apps
  • Azure Functions
  • Azure WebJobs

Respnsibility and control

  • IaaS (Typical Iaas service are Container service and Virtual Machines. These allow you to have a lot of control over how you run them but alo requie you to be responsible for things like the OS, Antivirus and Load Balancing.)
    • App Configuration
    • Application
    • Server Configuration
    • Operating System
    • Antivirus
    • Networks
  • Paas (Paas services are App service. Azure search and Azure CDN. You don't have to worry about hte OS or even the server)
    • App Configuration
    • Application
    • Server Configuration
  • Saas (Saas Services are things like Azure IoT Suit and office 365. SaaS is the highest abstraction level and allows you to just use the application. you don't have to build it. You just configure it.)
    • App configuration

Describe Azure App Service key components and value.

Explain how Azure App Service manages authentication and authorization.

Identify methods to control inbound and outbound traffic to your web app.

Deploy an app to App Service using Azure CLI commands.

The ability to scale up/down or scale out/in is baked into the Azure App Service. Depending on the usage of the web app

Resources include the number of cores or the amount of RAM available. Scaling out/in is the ability to increase, or decrease, the number of machine instances that are running your web app.

With Azure App Service, you can deploy and run containerized web apps on Windows and Linux

You can pull container images from a private Azure Container Registry or Docker Hub. Azure App Service also supports multi-container apps, Windows containers, and Docker Compose for orchestrating container instances. App Service will do the rest for you by auto-syncing code and any future changes on the code into the web app. Continuous integration and deployment for containerized web apps is also supported using either Azure Container Registry or Docker Hub. When you deploy your web app you can use a separate deployment slot instead of the default production

Deployment slots are live apps with their own host names.

App content and configurations elements can be swapped between two deployment slots, including the production slot.

App Service on Linux isn't supported on Shared pricing tier.

In App Service, an app always runs in an App Service plan.

In App Service plan defines a set of compute resources for a web app to run.

Shared compute: Free and Shared, the two base tiers, runs an app on the same Azure VM as other App Service apps,

If you have multiple deployment slots for an app, all deployment slots also run on the same VM instances. If you enable diagnostic logs, perform backups, or run WebJobs, they also use CPU cycles and memory on these VM instances.

You can potentially save money by putting multiple apps into one App Service plan

Every development team has unique requirements that can make implementing an efficient deployment pipeline difficult on any cloud service. App Service supports both automated and manual deployment.

Automated deployment, or continuous deployment, is a process used to push out new features and bug fixes in a fast and repetitive pattern with minimal effect on end users.

Azure App Service provides built-in authentication and authorization support,so you can sign in users and access data by writing minimal, or no code in your web app, RESTful API, mobile back end, and Azure Functions.

You're not required to use App Service for authentication and authorization. Many web frameworks are bundled with security features, and you can use them if you like. If you need more flexibility than App Service provides, you can also write your own utilities.

Azure App Service allows you to integrate various auth capabilities into your web app or API without implementing them yourself.

The authentication and authorization module runs in the same sandbox as your application code. When it's enabled, every incoming HTTP request passes through it before being handled by your application code.

The authentication flow is the same for all providers, but differs depending on whether you want to sign in with the provider's SDK.

In the Azure portal, you can configure App Service with many behaviors when an incoming request isn't authenticated.

App Service provides a built-in token store, which is a repository of tokens that are associated with the users of your web apps, APIs, or native mobile apps.

If you enable application logging, authentication and authorization traces are collected directly in your log files.If you see an authentication error that you didn't expect, you can conveniently find all the details by looking in your existing application logs.

By default, apps hosted in App Service are accessible directly through the internet and can reach only internet-hosted endpoints. But for many applications, you need to control the inbound and outbound network traffic.

There are two main deployment types for Azure App Service. The multitenant public service hosts App Service plans in the Free, Shared, Basic, Standard, Premium, PremiumV2, and PremiumV3 pricing SKUs. There's also the single-tenant App Service Environment (ASE) hosts Isolated SKU App Service plans directly in your Azure virtual network.

Azure App Service is a distributed system The roles that handle incoming HTTP or HTTPS requests are called front ends. The roles that host the customer workload are called workers. All the roles in an App Service deployment exist in a multi-tenant network.

Azure App Service scale units support many customers in each deployment

Infrastructure as a service (IaaS) and platform as a service (PaaS) are cloud service models.

IaaS offers access to computing resources like servers, storage, and networks. The IaaS provider hosts and manages this infrastructure.

PaaS provides a framework for developing and running apps

When your workload doesn't require the control granted by IaaS, use PaaS instead. IaaS is like having a box of parts. You can build anything, but you have to assemble it yourself. PaaS options are easier to configure and administer.

Azure App Service is a fully managed platform as a service (PaaS) for hosting web applications.

Platform as a service (PaaS) is a complete development and deployment environment in the cloud,

PaaS is designed to support the complete web application lifecycle: building, testing, deploying, managing, and updating.

PaaS allows you to avoid the expense and complexity of buying and managing software licenses, the underlying application infrastructure and middleware, container orchestrators such as Kubernetes, or the development tools and other resources. You manage the applications and services you develop, and the cloud service provider typically manages everything else.

PaaS provides all of the capabilities that you need to support the complete web application lifecycle: building, testing, deploying, managing, and updating within the same integrated environment.

Azure App Service and Azure Kubernetes Service (AKS).

Azure apps service function and how to create and update an app. Explore App service authentication and authorization, configuring app settings, scalse apps, and how to use deployment slots.

  • At least one year of experience developing scalable solutions through all phases of software developmnet.
  • Have a base understanding of Azure and cloud concepts, services, and the Azure portal.
  • Learning objectives
    • After completing this module, you’ll be able to:
    • Define cloud computing.
    • Describe the shared responsibility model.
    • Define cloud models, including public, private, and hybrid.
    • Identify appropriate use cases for each cloud model.
    • Describe the consumption-based model.
    • Compare cloud pricing models

What is cloud computing Cloud computing is the delivery of computing services over the internet. Computing services include common IT infrastructure such as virtual machines, storage, databases, and networking. Cloud services also expand the traditional IT offerings to include things like Internet of Things (IoT), machine learning (ML), and artificial intelligence (AI).

When using a cloud provider, you’ll always be responsible for:

  • The information and data stored in the cloud
  • Devices that are allowed to connect to your cloud (cell phones, computers, and so on)
  • The accounts and identities of the people, services, and devices within your organization

The cloud provider is always responsible for:

  • The physical datacenter
  • The physical network
  • The physical hosts

Your service model will determine responsibility for things like:

  • Operating systems
  • Network controls
  • Applications
  • Identity and infrastructure

The cloud models define the deployment type of cloud resources. The three main cloud models are: private, public, and hybrid.

Private cloud:- A private cloud is, in some ways, the natural evolution from a corporate datacenter. It’s a cloud (delivering IT services over the internet) that’s used by a single entity. Private cloud provides much greater control for the company and its IT department. However, it also comes with greater cost and fewer of the benefits of a public cloud deployment. Finally, a private cloud may be hosted from your on site datacenter. It may also be hosted in a dedicated datacenter offsite, potentially even by a third party that has dedicated that datacenter to your company.

Public cloud:- A public cloud is built, controlled, and maintained by a third-party cloud provider. With a public cloud, anyone that wants to purchase cloud services can access and use resources.

Hybrid cloud:- A hybrid cloud is a computing environment that uses both public and private clouds in an inter-connected environment. A hybrid cloud environment can be used to allow a private cloud to surge for increased, temporary demand by deploying public cloud resources. Hybrid cloud can be used to provide an extra layer of security. For example, users can flexibly choose which services to keep in public cloud and which to deploy to their private cloud infrastructure.