Azure Geographies

This is Part 3 of Azure tutorial. In our previous article we discussed Azure Datacenters. In this article we will discuss Azure Geographies.

Azure Geographies

An Azure geography is an area of the world that contains at least one Azure region. For example, India is a geography. Similarly United States and United Kingdom are geographies. 

As of this writing, the following are the Azure geographies available. Azure is growing at a very rapid pace, so by the time you watch this course there might be a lot more geographies available. 

1. India
2. United States
3. United Kingdom
4. Canada
5. Africa
6. Australia
7. Europe
8. Asia Pacific
9. Azure Government
10. Austria
11. Brazil
12. China
13. France
14. Germany
15. Greece
16. Israel
17. Italy
18. Japan
19. Korea
20. Mexico
21. New Zealand
22. Norway
23. Poland
24. Qatar
25. Spain
26. Switzerland
27. Taiwan
28. United Arab Emirates

Most geographies correspond to countries like India, United States, United Kindgom, Canada etc. Some geographies like Africa, Australia and Europe correspond to continents. Some geographies like Asia Pacific for example correspond to a specific region. 

Azure Government

We also have a geography called Azure Government. This geography is only available to the United States federal, state, local, and tribal governments and their partners. It's not available for general public use. Azure Government offers the broadest level of certifications, so even the most critical government compliance requirements are met. This geography is specifically for US government use, so all of it's operations are controlled by screened and cleared US citizens.

Why are Azure Geographies important

Well, regulated data like financial, health care or credit data may not be allowed to leave the country. Legally your organisation is required to store such data in the same country where the operations are being carried out. So, if you select a geography like India for example, Azure ensures your data is not stored outside of India. Similarly if you select United States, the data stays inside the states. You have complete control on which geographies you want your data and applications to be deployed. You can be assured, Microsoft will not store customer data outside the geography you specify, except for certain non-regional services.

You can find all the available Azure geographies on the following web page

In simple terms, an Azure geography is an area of the world that contains one or more Azure regions. Azure region is a very important concept because every time you create an azure resource like a virtual machine for example, you need to specify the region where you want the resource, in this case, the virtual machine to be created. An azure region may also be paired-up with another azure region and there are several benefits of this paring. An azure region may also have availability zones.

 

What are Azure Data Centers

To understand Azure better, we need to understand Azure global infrastrcuture specific terms like 

1. Datacenters
2. Regions
3. Region Pairs
4. Availability Zones and
5. Geographies

In this article we will discuss Data Centers and the rest in our next article.

What are Azure Data Centers

When we provision a resource from Azure cloud, like a Virtual Machine or an Azure SQL Database for example.

These resources obviously require a physical server space to be created. A datacenter is simply a building that contains the physical server. Not just one server, many many physical servers which are connected over a network. It also has it's own power, and cooling.

So, in simple terms, an Azure data center is a unique physical building that contains many many physical servers with it's own power, cooling and networking infrastructure. These data ceneters are located all over the globe. As of this course recording, there are over 160+ Azure datacenters worldwide. The exact location of these datacenters is not published by Microsoft for obvious security reasons. It is these dataceneters that are the building blocks of gloabl Azure infrastructure.

Microsoft Datacenters at the bottom of the ocean

To power and maintain all these dataceneters lot of energy is required. Micrsofot has been actively researching to source clean-energy. As part of this initiative, Microsoft has been experimenting placing Datacenters at the bottom of the ocean. They called this Project Natick. In spring 2018, Microsoft’s Project Natick team deployed a shipping-container-sized datacenter on the sea-floor in Scotland. It stayed underwater, for almost over 2 years. During these 2 years, the underwater datacenter servers are extensively tested and monitored for performance and reliability.

With this experiment, the team concluded that a sealed datacenter on the ocean floor could provide ways to improve the overall reliability of datacenters. On land, corrosion from oxygen and humidity, temperature fluctuations and bumps and jostles from people who replace broken components are all variables that can contribute to equipment failure.

If you want to learn more about Microsoft underwater datacenter, you have more details on their news website - https://news.microsoft.com/innovation-stories/project-natick-underwater-datacenter/

With this experiment, Microsoft finds underwater datacenters are reliable, practical and use energy sustainably. Hopefully we will soon see underwater dataceneters. As of this course recording though, all azure dataceneters are still on Land and it is these dataceneters that are the building blocks of azure global infrastrcuture

An Azure data center is a unique physical building that contains thousands of physical servers with it's own power, cooling and networking infrastructure. These data ceneters are located all over the globe. As of this course recording, there are over 160+ Azure datacenters. These dataceneters are organised into Azure Regions.

 

Azure tutorials for beginners

This is Part 1 of Azure tutorial for beginners. In this course, we will discuss everything you need to know to build, deploy and scale applications using Microsoft Azure.

Before continuting with this course please learn the basics of cloud computing from our cloud computing tutorial for beginners course.

Cloud is everywhere. It has completely changed the way businesses think about IT resources and software solutions. Organizations of every type, size, and industry are using the cloud for a wide variety of use cases. Even individuals like you and me are using cloud and cloud services on a daily basis.

Azure is a cloud computing platform from Microsoft. Initially it was called Windows Azure. Later renamed to Microsoft Azure. It is an ever expanding set of services to help you build solutions to meet your business goals. It offers a wide variety of services. For example, we have

1. Virtual machines running in the cloud for you to host and run your software.
2. Storage services to store all sorts of data - relational, non-relational etc.
3. Software development and deployment services.
4. Networking and Data analysis services.
5. Artificial Intelligence, Machine learning, Internet of Things etc. The list goes on.

When we think about moving to a cloud from an on-permise datacenter, 2 immediate things that come to our mind are security and availability. 

Data Security

How secure is my data. If you are thinking, your applications and data are more secure in your own data center than in the cloud, you are almost certainly mistaken. Security and privacy are foundational for Azure. Microsoft is committed to the highest levels of trust, transparency, standards and regulatory compliance. In fact, if you compare Azure with other cloud service providers, it has the most comprehensive set of compliance offerings. As of this recording, Azure has over 90+ compliance offerings - the largest portfolio in the industry.

Every year, Microsoft invests over $1 billion dollars in security to protect customers' data and apps from cyberthreats. 95% of fortune 500 companies trust their business and data on Azure.

Availability

As far as availability is concerned, for most services, Azure promises 99.9% uptime and connectivity. Even with our own on-premise data center, it's very difficult to achieve such a high availability and uptime.

Azure supports open source technologies

Many people think Azure is only for Windows apps and services. That's not true. Azure supports open source technologies, so you can use the tools and technologies you prefer. As of this recording, 1 in 4 Azure virtual machines run Linux. Why? Because Azure supports the open-source technologies millions of us already rely on and trust. With Azure, we have choices. We can develop, deploy and test open-source components end-to-end in Azure. As an example, Azure offers Enterprise-grade support for all popular Linux distributions. Run new and even existing business-critical workloads in the cloud with Azure Marketplace.

Almost anything that can be done with a conventional on-premise data center can be accomplished using Azure. Actually it opens a world of possibilities and help us build solutions that we wouldn't be able to build with our own on-premise datacenter. Azure has series of data centers across the globe. So we are able to take advantage of that global reach, massive scale and build solutions that otherwise are practically impossible.

In this course we will start with the basics of Azure and discuss everything you need to know to build, deploy and scale applications using Microsoft Azure.

Before you start this course, I strongly recomend to watch our cloud computing tutorial for beginners course. In this course we have covered all the basics of cloud computing.

Microsoft Azure Virtual Network Explained

 Virtual Network aka VNet is a simplified version of the internet. This allows to provision and management of different virtual private networks (VPN) to make an isolated and highly secured network. It also allows configuring to link different VNets. This can resemble a set of connected systems and servers which can communicate with each other but it cannot be accessed via the Internet. The resources like virtual machines inside a virtual network can only respond to requests that initiate from that virtual network. A Special VPN key is required to access the VMs or web applications that are deployed in virtual private networks. Ready to dive in? Explore our Free Demo Content through Azure Tutorial and join our Microsoft Azure Certification trusted by many scholars!

What is Azure Virtual Network

Azure Virtual Network is a cloud service offering from Microsoft which is a representation of a virtual network in the cloud. In general, Azure Virtual Networks are used to secure development and deployment environments with any kind of network attacks and data leaks. Virtual machines, web apps, database, load balancer etc. should always be kept inside the Virtual network. With Azure, it is very easy to create and configure highly secure private networks with the help of network security groups.

Read More: Top 50 Azure Interview Questions and Answers

Azure Virtual Network Architecture

 source https://docs.microsoft.com

The above is a typical architecture of a virtual Network for n-tier application architecture. The entire virtual network has been subdivided into different subnets based on workloads like web tier that contains the User interface, the Business tier that operates the business logic and data tier that hosts the data source. The idea to create and bind each group of Virtual machines into different subnet is useful in a way that we can assign one Network Security Group (NSG) to each subnet and can control the traffic flows between the tiers. For example, an HTTP request from the internet should not directly reach to data tier subnet. We can assign access policy to the Network Security Group of Subnet attached with data tier which only allows incoming requests from business tier subnet. Any other requests trying to reach data tier with any protocol other than business tier will be denied. Similarly, we can assign an access policy on NSG of business tier subnet that the incoming request source IP address should fall in the range of web tier subnet. Additionally, we can also control the traffic requests to the Active Directory by putting that in a separate Subnet inside a Virtual Network.

Before we go ahead and create a Virtual Network, there are a couple of terms to understand :

Resource Group

A Resource Group is a logical container for all related resources. Generally, all the Azure resources created for a particular environment like test environment can be put in a single resource group and assign access to users as per need. For any application architecture all resources (like VMs, VNets, IP, App Service, Azure Functions etc.) which combine make a complete system need to be replicated for each environment like Dev, Test, UAT, Pre-Prod, and Prod. So, we can have different resource group for each environment and create all required resources within the corresponding resource group. Then, we can provide access to the test team to the test resource group only and dev team to the dev resource group only.

Public IP

Resources like websites, API apps, Load balancers, Application gateways will require a public IP address in order to receive requests from the internet and that is achieved by a public IP address. We can also have a public IP address for the Virtual Machines but it is not recommended as it can allow malicious attacks. Subnet: A subnetwork or simply subnet is a range of IP addresses within a Virtual Network. It can be considered as all the machines in a particular project of an organization are having a separately identifiable IP addresses corresponding to a particular range. Now, we can assign a network security group to this range of IP addresses (Subnet) in order to allow some RDP connection to Project specific machines. Different tiers of an application architecture are also placed in different subnets to isolate them from each other.

Network Security Group

A network security group is a set of rules or policies for incoming and outgoing requests. A network security group is generally attached at the subnet level. The advantage of applying network security groups to Subnets is that we can control the data flow. This is important in terms of network security. With an NSG, we can define the IP range for the source of incoming requests.

Advantages of Using Azure Virtual Network

There are many benefits of using Azure Virtual Network which are as follows:

1. Connectivity Options- There are many connectivity options in Azure Virtual Network like site-to-site VPN, point-to-site VPN, Azure ExpressRoute, and virtual network peering.
2. Scalability- Azure Virtual Network is scalable enough to handle large workloads and growing infrastructure requirements.
3. Isolation and Segmentation- It gives total control of the resources and enhanced security by creating an isolated and segmented network environments.
4. Network Security- The security of Azure virtual network is much more enhanced due to its features like Network Security Groups (NSGs).
5. Traffic Routing and Load Balancing- The network performance can be highly optimized and workloads are evenly distributed with the help of advanced traffic routing and load balancing techniques.
6. Hybrid Cloud Integration- Using Azure Virtual Network, it becomes easy to connect on-premises network with the help of cloud. Large workloads can also be easily moved between your servers and Azure.

Read More: How to Build a Career with Microsoft Azure Fundamentals Certification?

Create a Virtual Network using the Azure Portal

1. Login to the Azure portal portal.azure.com and click on Create a resource.

2. On the Marketplace select Networking tab and click on Virtual network as shown below.



3. In the Create VNet screen, provide a name to the virtual network and an address space. Choose subscription, resource group and location.

4. Additionally, also provide a subnet name and address space which should fall within the range of address space of virtual network and click on Create button.



5. From the top right corner notification tab, click on Go to resource button.



6. Let’s create a network security group. Click on Create a resource and select Networking tab and click on Network Security group.



7. Provide name, subscription, resource group and location.

8. Click on create button.



9. Go back to the virtual network and click on subnets.



10. Select the subnet and open its details.



11. We can attach the network security group to the subnet and save.



12. Go to the network security group and click on Inbound security rules.



13. We can add/ delete more security rules to enhance network security.

Creating a Virtual Network using PowerShell

1. Launch cloud shell from the top on the portal.

   

2. Alternatively, open PowerShell command prompt locally on the system. Check for the latest version of AzureRM module. To continue, the version should be 5.4.1 or later. Run the below command to check for version

   Get-Module -ListAvailable AzureRM
   

3. Login to Azure with the following command :

   Connect-AzureRmAccount
   

4. Create a resource group by running the following command :

   New-AzureRmResourceGroup -Name DNTResourceGroup -Location EastUS
   

5. Create a Virtual Network in the same location where resource group is and attach the Vnet with the resource group

   $virtualNetwork = New-AzureRmVirtualNetwork `
    -ResourceGroupName DNTResourceGroup `
    -Location EastUS `
    -Name DNTVirtualNetwork `
    -AddressPrefix 10.10.0.0/16
   

6. Create a subnet within the virtual network

   $subnetConfig = Add-AzureRmVirtualNetworkSubnetConfig `
    -Name default `
    -AddressPrefix 10.10.0.0/24 `
    -VirtualNetwork $virtualNetwork
   

7. Now that our Virtual Network is ready, we can assign this virtual network to Virtual machines. Let’s create a VM with the following command :

   New-AzureRmVm `
    -ResourceGroupName " DNTResourceGroup " `
    -Location "East US" `
    -VirtualNetworkName "DNTVirtualNetwork" `
    -SubnetName "default" `
    -Name "DNTVm1" `
    -AsJob
    

8. Get the IP address of VM with the help of following command

    
   Get-AzureRmPublicIpAddress 
    -Name DNTVm1
    -ResourceGroupName DNTResourceGroup | Select IpAddress
   

9. Using the IP from the above command, run the below command to download the RDP file and use it to connect the VM.

   mstsc /v:<publicIpAddress>
   

Summary

A virtual network is a network of IP addresses in a range connected together. It is an important aspect of consideration while designing solutions in the cloud. In order to secure each layer of application architecture inside a highly secured network, it is recommended to create different subnets for different tiers of an application and attach each subnet with a network security group with limited inbound and outbound security rules.

If you want to learn more about Azure cloud by implementing step-by-step Azure services you can choose an unlimited Azure online training program to enhance your skills by 10x to earn azure certification.

Azure DevOps Course Overview

 

Azure DevOps Course Overview

Azure DevOps Certification Training empowers participants with comprehensive knowledge of DevOps principles, encompassing Continuous Integration (CI), Continuous Deployment or Continuous Delivery (CD), and Continuous Monitoring, all leveraging the capabilities of Azure DevOps. The training covers various aspects, including Sprint Planning and Tracking, Azure Repos, Azure Pipelines, Configuring Infrastructure using Terraform, Azure Test Plans, Azure Artifacts, and Extensions for Azure DevOps.

The curriculum, thoughtfully crafted by Microsoft MVPs and DevOps experts, provides hands-on experience in mastering Azure DevOps.

Azure DevOps Course objectives

Participants in the Azure DevOps training will have the following skills after completing this course:

1. Understand DevOps Ecosystem.
2. Understand Agile, Scrum and DevOps Process
3. Do sprint planning and tracking.
4. Use Kanban and task boards for tracking progress.
5. Use git for source code management.
6. Configure automatic source code Management and Continuous Integration (CI).
7. Configure CI/CD Pipeline.
8. Configure Infrastructures using Terraform.
9. Maintain Code Quality using Unit testing and get Code coverage
10. Azure DevOps Tools

Azure Developer Certification Course Overview

 Azure Developer Certification Training is a great way to learn the ins and outs of Azure development and earn a valuable certification. This learning path starts with the basics of cloud computing and then moves on to cover topics such as Azure storage, networking, and computing services. Azure Developer Training also covers how to develop Azure applications using different Azure services.

After completing Azure developer course, students will be able to take the Microsoft Developer Certification exam and earn their certification. In addition to the certification, azure developer associate Certification will also give you the skills and knowledge you need to become a successful Azure developer.

Enrol now and get started on your path to becoming a certified Azure developer!

Azure Developer Certification Course Objectives

Participants of this course will have the following skills after completing this course:

1. Understand the Microsoft Azure Cloud platform
2. Create, Configure and Scale Virtual Machines
3. Create and Manage SQL database on Azure
4. Create and Manage Cosmos DB, Azure Search and Redis Cache
5. Create and Publish ASP.NET Web application on Web App
6. Implement Serverless Architecture Using Azure Function
7. Storage and Manage data using Azure Storage: Blobs, Files, Tables, Disks
8. Implement Azure Messaging Services: Services Bus, Event Hub, Notification Hub
9. Use Azure Active Directory to Implement Single SignOn
10. Monitoring App on Azure

Outcomes of the Training

1. Knowledge and skills to develop, deploy, and manage cloud solutions on Microsoft Azure.
2. Implementing Serverless Architecture and Azure Messaging Services
3. Develop real-time applications like ePizzaHub
4. Chance to get into product-based companies.
5. Opportunities to career paths in cloud development
6. Staying updated with the latest developments in Azure development

Why Learn Azure Developer Associate?

1. High Demand: As businesses increasingly migrate their applications and infrastructure to the cloud, there is a growing demand for skilled Azure developers.
2. Career Opportunities: Azure developers are in demand across various sectors, including software development, IT consulting, finance, healthcare, e-commerce, and more.
3. Comprehensive Training: The Azure Developer Associate certification curriculum covers topics relevant to Azure development, including Azure services, cloud-native application development, Azure SDKs, APIs, and tools.
4. Cloud Computing Trends: By learning Azure development, you position yourself at the forefront of cloud computing trends and technologies, ensuring your skills remain relevant in today's digital economy.
5. Hands-on Learning Experience:  The process of preparing for the AZ-204 exam often involves working with Azure directly.

Microsoft Azure Certification Course Overview

 Microsoft Azure certifications are highly sought after as the market for cloud computing technology expands. Cloud computing is one of the industries that is growing the fastest, and more companies are looking for certified Azure administrators, solution architects, developers, and security engineers. Azure Certification (Az-104) training course leads to learning Azure and thus the learner can achieve the badge.

During this azure training, the learner will be following the Azure certifications path to learning the configuration of numerous services such as Virtual Machines and Networking, Azure Application Services, Scripting and Automation, Azure Active Directory, and Managing Azure Storage.

Microsoft Azure Online Training Objectives

Participants of this Microsoft Azure Online Training course will have the following skills after completing this course:

1. Configure and deploy virtual machines
2. Manage virtual machine workloads, networks, disks and storage
3. Configure and deploy virtual machines through scripts.
4. Configure, deploy and manage application services.
5. Manage Azure storage offerings - blobs, Azure files and recovery services.
6. Integrate Azure Active Directory.
7. Implement recovery services.
8. Monitoring Azure services on Azure.
9. Prepare you for Microsoft Azure Administrator Associate (AZ-104 Exam)