This page has around many Awesome facts about Azure Cloud
-----------------------------------------------------------------------------------------1.A Domain Name Service (DNS) is responsible for translating a domain name to an IP address.
2.Redis is the preferred temporary data caching solution with Azure. There were other solutions in the past, but Microsoft has settled on Redis going forward.
Redis is based on an open-source project, and is used widely outside of Azure.
The product has a lot of features and is proven technology for temporary storage (but also supports persistence if needed).
3.The Azure Service Bus Relay is designed to allow applications to communicate with WCF services across a firewall. It does this by opening an outgoing connection to Azure, which allows the Azure application to communicate back over that open channel.
4.By default, what happens when a job fails in Azure Scheduler? The errorAction in the job definition will specify what to do with a failed job.
5.Using a jump box allows you to remotely connect into a virtual network, without having to assign public IP addresses to each of the nodes on that network. Assigning a public IP to each node of a scale set costs money, and requires you to track these non-sequential IP addresses.
6.Microsoft automatically assigns Virtual Machines across 3 fault domains (physical servers) and 5 update domains to minimize uptime during planned and unplanned outages.
7.Notification Hubs can be used to send messages tailored to individual users or targeted to a mass audience. It's flexible for that.
8.Role Based Access Control allows the assignment of permissions based on role. This allows fine-grained control over permissions by assigning users to roles, allowing hundreds or thousands of users to get only the permissions they need.
9.People have been predicting the weather for more than a century, and certainly computers can too. The use of machine learning within fraud detection has driven down the incidences of credit card fraud considerably. Netflix, Amazon and others have very successful algorithms that can predict if you will like something based on what you and others have liked in the past. And Google (and others) have reduced the visibility of spam considerably. But there may never be a way to predict the outcome of an election far in advance, because of the near-infinite number of factors that are at play.
10.Azure Table Storage is for storing large amounts of structured data. It uses a NoSQL datastore which is ideal for storing structured, non-relational data.
11.DocumentDB is specifically designed as a NoSQL data service that guarantees low-latency and quick response time. Perfect for storing small bits of JSON there.
12.Azure customers are limited to 20 static IP addresses per account by default. This limit can be increased on request.
13.Running through millions of protein and nucleotide sequences looking for a pattern seems to be the ideal scenario for using Azure Batch, which is a tool for creating defining each as a task, and having thousands or tens of thousands of computing resources to perform the work.
14.NSGs can only be applied to resources within the region it's created.
15.Azure Web Jobs are scheduled using either CRON jobs or Azure Scheduler. The web app only runs when a user is accessing the web app, so it cannot be relied upon to trigger the job.
16.Microsoft limits you to 10,000 VMs in a single subscription.
17.Azure AD B2B allows you to connect your Azure AD with an external partner, allowing them to assign permissions to applications you allow them to.
18.Deployment slots allow applications to warm up after deployment, before being swapped in as the main application. They also allow you to do testing and final validation which would allow you to catch obvious cosmetic problems like missing images.
19.Install the OMS agent on the Windows and Linux machines and it will feed data into OMS.
20.The A8-A11 series of Virtual Machines, as well as the H-series, are known as compute-intensive instances. The hardware that runs those sizes use high-performing Intel Xeon E5 processors, and come in 8- and 16- core configurations. They are designed to work in HPC clusters.
21.Point-to-site is only recommended for a development scenario. Site-to-site and ExpressRoute are both production options for connecting to Azure from on premises. WANs are more traditional network technology.
22.Endpoint Protection refers to anti-virus software being installed on all virtual machines.
23.TLS and TDE are the two main ways that Azure provides in-transit and at-rest encryption within the SQL Database. Azure also provides several other methods for encrypting data in-use, and masking sensitive data so that queries only return obfuscated values.
24.The 99.95% SLA is available for all tiers except Free and Shared.
25.Azure Application Gateway is a layer-7 load balancer, which is the application level. Azure Load Balancer is layer-4, transport level. Traffic Manager works at the DNS level.
26.Azure ExpressRoute is a private high-speed connection between a company, a network provider, and Microsoft Azure. There are many options for speed, at different price points.
27.Resiliency. Long-running applications have an increased chance of needing to be able to recover from unexpected failures without needing to start over. You should design your application, if possible, to operate in a way where it occasionally saves important state information so that it can recover where it left off. The nature of Microsoft Azure (and all cloud platforms) is that sometimes you cannot control when updates happen, or unexpected downtimes.
28.ARM Templates are a way to define the configuration of resources in a consistent and easy-to-use way. You can define parameters, and even embed some logic using functions to ensure your network topology is deployed consistently every time.
29.ExpressRoute offers up to 10 Gbps bandwidth connection into it's datacenter. Other options travel over the open Internet at regular speeds.
30.It's clear that manual solutions would be ineffective here. It could take a long time for an alert to be received and acted on. Similarly, it's inefficient to provision a cluster of high-performing servers that would be idle most of the time from a cost perspective. And monitoring the CPU usage of the application server may not be an accurate reflection of the amount of time users are spending waiting for responses to their in-app requests. The only options are automated monitoring of the queue length - be it using custom programmed scripts or utilizing the diagnostics functions to trigger an action.
31.AD Connect is what Microsoft recommends to synchronize AD and AAD. AAD Sync and Dirsync are deprecated, and no longer officially supported.
32.Block blobs are idea for large binary (or text) file storage that don't need to be frequently read from or accessed to. Page blobs are better for Virtual machine VHD files, but block blobs suit the needs of Acme Inc the best for this situation. Block blobs support up to 50,000 blocks of up to 100MB each, or approximately 4.75 TB.
33.Azure throttling IO per second limits are based on the account level, so in order to exceed them you will need to create multiple accounts. There is no automated way to shard blobs into separate accounts. That must be done by the application.
34.LRS and ZRS storage stores 3 copies of your data in a single region, while GRS and RA-GRS stores 6 copies across two regions.
35.Azure Web Jobs supports ASP.NET, PHP, Java, Node.js
36.The DS-series, DSv2-series, Fs-series, and GS-series VMs support Premium Storage.
37.Azure B2C supports all four authentication providers listed.
38.Azure Site Recovery allows you to automate the replication of virtual machines data whether they are in Azure, or on prem.
39.The SLA applies to VMs with two or more instances in the same availability set.
40.SSE works by encrypting the data when it is written to Azure Storage, and can be used for Azure Blob Storage and File Storage (Preview).
41.You need to register with Facebook as a developer, create an application, and tell it how to connect with ACS.
42.Azure Application Gateway can send HTTP and HTTPS traffic to any IP address - internal or external. Azure Load Balancer directs traffic only on Azure Virtual Networks. Traffic Manager supports any IP endpoint.
43.The standard pricing tier allows unlimited number of apps. Limited only by CPU, Storage and RAM. In fact, all tiers at Basic or above are unlimited.
44.Azure has a large collection of Linux distros it supports, but it does not support Ubuntu Core at the current time. Migrating the application into a full server version of Ubuntu probably reduces it's effectiveness for development and testing purposes.
45.Hybrid Connections only require outbound internet access from the WCF application, and not open inbound access. It is a more secure way of connecting to an on-prem service, and reduces the number of open connections. Neither approach requires coding changes.
46. You can use API Management to act as a portal for any HTTP endpoint you give it.
47.The Shared Access Signature (SAS) allows you to specific and limited access to a storage account without having to hand over the keys to the account. You can only do this at the account level, and not limit access to individual blobs or containers. If you do need to specify access to only certain blobs or containers, you may need a separate account for those.
48.Scaling up an application involves moving to a higher pricing tier, which can be done in the Azure portal in a few minutes
49.Column Encryption Key: It is used to encrypt sensitive data stored in table’s columns. Column Master Key: It is used to protect the keys used to encrypt the column encryption keys.
50.You should grant a db_owner fixed database role to a database user so that it will perform actions like can perform all configuration maintenance activities on the database and also drop the database.
51.SQL Server supports three custom roles: Application roles, User-defined Database roles, User-defined Server Roles.
52.Dynamic Data Masking (DDM) is not applicable to all of the following: - Always Encrypted Columns - COLUMN_SET or a Sparse Column that is a part of a column set - Computed column (if computed column depends on a masked column the computed column will return masked data) - FILESTREAM data
53.You should use master system database for creating custom User-defined server role. You create it using the statements like: Use master; CREATE SERVER ROLE role_name
54.Azure A8,A9,A10,A11 virtual machines sizes are tailored specifically for HPC workload. They combine high-speed,multicore CPUs and large amounts of memory, and they are connected by extremely fast networks.
55.When you back up data in Azure, you store that data in an Azure resource called a Recovery Services vault.
The Recovery Services vault resource is available from the Settings menu of most Azure services. The benefit of having the Recovery Services vault integrated into the Settings menu of most Azure services makes it very easy to back up data. However, individually working with each database or virtual machine in your business is tedious. What if you want to back up the data for all virtual machines in one department, or in one location? It is easy to back up multiple virtual machines by creating a backup policy and applying that policy to the desired virtual machines.
A Recovery Services vault is a storage entity in Azure that houses data. The data is typically copies of data, or configuration information for virtual machines (VMs), workloads, servers, or workstations. You can use Recovery Services vaults to hold backup data for various Azure services such as IaaS VMs (Linux or Windows) and Azure SQL databases. Recovery Services vaults support System Center DPM, Windows Server, Azure Backup Server, and more. Recovery Services vaults make it easy to organize your backup data, while minimizing management overhead.
Within an Azure subscription, you can create up to 500 Recovery Services vaults per subscription per region.
56. By default, your vault has geo-redundant storage. If you use Azure as a primary backup storage endpoint, continue to use Geo-redundant. If you don't use Azure as a primary backup storage endpoint, then choose Locally-redundant, which reduces the Azure storage costs. Read more about geo-redundant and locally redundant storage options in this Storage redundancy overview.
56. Your company has an on-premises Active Directory Domain Services (AD DS) domain and an established Azure Active Directory (Azure AD) environment Your company would like users to be automatically signed in when they are on their corporate desktops that are connected to the corporate network.
You need to enable single sign-on (SSO) for company users.
You have to Install and configure an Azure AD Connect server to use pass-through authentication and select the Enable single sign-on option.
57.Azure Active Directory Identity Protection is a feature of the Azure AD Premium P2 edition that enables you to:
A.Detect potential vulnerabilities affecting your organization’s identities
B.Configure automated responses to detected suspicious actions that are related to your organization’s identities
C.Investigate suspicious incidents and take appropriate action to resolve them
58. Traffic Manager has 3 different load balancing methods (PWP)
1. Priority - When we use this method all traffic is directed to a specific end point but a backup endpoint is available if the primary fails.
2. Weighted - which distributes traffic among apps equally, or we can distribute it based on a weight that we define
3. Performance - Traffic is directed to the app that is closest to the client, and it don't necessarily mean closest as in physical geography, but as in closest as the shortest return time back to the client
59. In Deployment slots & Rollback
These general settings are swapped.
are not swapped
58. Traffic Manager has 3 different load balancing methods (PWP)
1. Priority - When we use this method all traffic is directed to a specific end point but a backup endpoint is available if the primary fails.
2. Weighted - which distributes traffic among apps equally, or we can distribute it based on a weight that we define
3. Performance - Traffic is directed to the app that is closest to the client, and it don't necessarily mean closest as in physical geography, but as in closest as the shortest return time back to the client
59. In Deployment slots & Rollback
These general settings are swapped.
- The connection strings
- handler mappings
- The monitor settings
- diagnostic settings
- app settings
- the web jobs content.
what is not swapped when you swap out your deployment slots.
- custom names are not swapped.
- scale settings
- SSL certificates and bindings.
- The publishing endpoints
- web job schedulers.