Get started with Microsoft Azure
All the basic concepts to get started with azure
What is Microsoft Azure?
Azure is a frequently expanding set of cloud services that help you meet current and future business challenges.
Many organizations/businesses migrate from a traditional approach(managing everything on their own) to the cloud for "running their existing applications on the cloud". This is the primary reason for to shift. Then they start exploring other services too.
Azure Management Infrastructure
Firstly, you cannot use any service without creating an account. So, your first step should be creating an azure account. Go to this link to create an account.
After you've created an Azure account, you're free to create multiple subscriptions. Now, what is a subscription?
For example, if you want to use Netflix, you have to purchase a plan/subscription.
Photo by Netflix
Mobile: ₹149 INR/month
Basic: ₹199 INR/month
Standard: ₹499 INR/month
Premium: ₹649 INR/month
There are multiple plans you can choose from. If you purchase a Mobile plan you will only be able to watch Netflix on one phone or tablet at a time. One thing you should note is that you are paying a fixed amount to watch unlimited movies and stuff along with some other restrictions.
In Azure, the meaning of subscription is different. A subscription is just a logical container to hold resource groups (groups of azure resources). Generally, you are charged on an hourly basis. For example, if you create an azure VM you will be charged 9.876 Rs per hour. Pricing for VM depends on multiple factors like disk space, OS image and even the region you choose to deploy your VM. We will discuss this while creating an Azure virtual machine. It is a unit of management, billing, and scale.
For all the resources you create under a subscription, you will be billed for those based on a pay-as-you-go model.
A billing account is created when you sign up to use Azure. You use your billing account to manage your invoices, payments, and track costs. You can have access to multiple billing accounts. If you have multiple billing accounts, you can set a payment method for each of them.
After you've created an Azure account, you're free to create additional subscriptions. For example, your company might use a single Azure account for your business and separate subscriptions for development, marketing, and sales departments. After you've created an Azure subscription, you can start creating Azure resources within each subscription.
Photo by Microsoft Learn
You can create unlimited subscriptions under an azure account.
An Azure subscription links to an Azure account, which is an identity in Azure Active Directory (Azure AD) or in a directory that Azure AD trusts.
Resource group: You can think of it as a logical folder. You can put your resources in a group to easily manage them. If you want to delete all resources, you don't have to do it one by one, you can delete a group instead. You can apply policies to a group so that they will be inherited by all the resources present in that group.
Resource groups are limited to 980 per subscription.
Referring to the above image, I created a Resource group called Gayatri. I just created a virtual machine called "vm1" and choose "Gayatri" as my resource group. It shows 6 records means there are 6 resources in that group. Some resources are automatically created for you such as a virtual network (Gayatri-vent), network security group (nsg rules) and other stuff.
Resource: A resource is the basic building block of Azure. Anything you create, provision, deploy, etc. is a resource. Virtual Machines (VMs), virtual networks, databases, cognitive services, etc. are all considered resources within Azure.
Resources aren't limited by resource groups. Instead, they're limited by resource type in a resource group. You can create 800 instances of a resource type, not more than that, but some resource types can exceed the 800 limits. For example, you can create more than 800 virtual machines in a resource group. Check out Resources not limited to 800 instances per resource group. Some resources have a limit on the number of instances per region. This limit is different than the 800 instances per resource group.
Now I hope, you understand the hierarchy shown in the above figure.
Azure management groups
If you’re just starting in Azure that might seem like enough hierarchy to keep things organized. But imagine if you’re dealing with multiple applications, and multiple development teams, in multiple geographies.
You organize subscriptions into containers called management groups and apply governance conditions to the management groups. All subscriptions within a management group automatically inherit the conditions applied to the management group, the same way that resource groups inherit settings from subscriptions and resources inherit from resource groups.
Photo by Microsoft Learn
Important facts about management groups:
10,000 management groups can be supported in a single directory.
A management group tree can support up to six levels of depth. This limit doesn't include the root level or the subscription level.
Each management group and subscription can support only one parent.
What is the Azure free account?
The Azure free account includes:
Free access to popular Azure products for 12 months.
A credit(money, will get used to bill used services) to use for the first 30 days.
Access to more than 25 products that are always free.
What is the Azure free student account?
The Azure free student account offer includes:
Free access to certain Azure services for 12 months.
A credit to use in the first 12 months.
Free access to certain software developer tools.
Azure physical infrastructure
The physical infrastructure for Azure starts with data centers. As a global cloud provider, Azure has data centers around the world.
Region
A region is a geographical area on the planet that contains at least one, but potentially(means it can contain) multiple data centers that are nearby and networked/connected with a low-latency(least delay) network.
When you deploy a resource in Azure, you'll often need to choose the region where you want your resource deployed. For example, I deployed the virtual machine "vm1" in region East US 2. But some global Azure services don't require you to select a particular region, such as Azure Active Directory, Azure Traffic Manager, and Azure DNS.
Availability Zones
Availability zones are physically separate data centers within an Azure region. Each availability zone is made up of one or more data centers equipped with independent power, cooling, and networking because if they will use power from the same power source then they all will go down together, which we are not a fan of. But as I said stated earlier, they use independent power, cooling, and networking so if one zone goes down, the other continues working. Availability zones are connected through high-speed, private fiber-optic networks.
Photo by Microsoft Learn
To ensure resiliency(the capacity to recover quickly from difficulties), a minimum of three separate availability zones are present in all availability zone-enabled regions. However, not all Azure Regions currently support availability zones.
It means there can be a region where there is just one data center. Not all regions need to be availability zone enabled. We cannot count the number of regions as well. As of now, there are 60+ azure regions but the numbers can change without any notice.
Check this out Azure Global Infrastructure
Region pairs
Most Azure regions are paired with another region within the same geography (such as US, Europe, or Asia) at least 300 miles away. It helps to reduce the likelihood of interruptions because of events such as natural disasters, civil unrest, power outages, or physical network outages that affect an entire region.
Advantage: For example, if a region in a pair was affected by a natural disaster, services would automatically failover(the ability to switch to a backup system, in this case, it is another region) to the other region in its region pair.
Examples of region pairs in Azure are West US paired with East US and South-East Asia paired with East Asia. Region pairs provide reliable services and data redundancy.
Photo by Microsoft Learn
Important Note: In a region pair, one of the regions is called a primary region and another is called a secondary region. Some region pair is paired in two directions meaning they are the backup for the region that provides a backup for them (West US and East US back each other up). In a one-direction pairing, the Primary region does not provide backup for its secondary region. For example, even though West India’s secondary region is South India, South India does not rely on West India.
Sovereign Regions
In addition to regular regions, Azure also has sovereign regions. You may need to use a sovereign region for compliance or legal purposes.
An azure sovereign region is independent and not under the authority of Microsoft Azure.
Azure sovereign regions include:
US DoD Central, US Gov Virginia, US Gov Iowa and more: These regions are physical and logical network-isolated instances of Azure for U.S. government agencies and partners. These data centers are operated by screened U.S. personnel and include additional compliance certifications.
China East, China North, and more: These regions are available through a unique partnership between Microsoft and 21Vianet (data center service provider in China), whereby Microsoft doesn't directly maintain the data center.
Azure Storage Redundancy
Azure Storage always stores multiple copies of your data so that it's protected from planned and unplanned events such as transient hardware failures, network or power outages, and natural disasters. Redundancy ensures that your storage account meets its availability and durability targets even in the face of failures.
Region pair has a primary region and a second region.
Redundancy in the primary region
Data in an Azure Storage account is always replicated three times in the primary region. Azure Storage offers two options for how your data is replicated in the primary region, locally redundant storage (LRS) and zone-redundant storage (ZRS).
Locally redundant storage
Locally redundant storage (LRS) replicates your data three times within a single data center in the primary region. LRS provides at least 11 nines of durability (99.999999999%) of objects over a given year.
99.999999999% (11 nines) durability means that if you store 10 million objects, then you expect to lose an object of your data every 10,000 years.
Photo by Microsoft Learn
LRS is the lowest-cost redundancy option and offers the least durability compared to other options.
LRS protects your data against server rack and drive failures.
However, if a disaster such as fire or flooding occurs within the data center, all replicas of a storage account using LRS may be lost or unrecoverable.
To mitigate this risk, you are recommended zone-redundant storage (ZRS), geo-redundant storage (GRS), or geo-zone-redundant storage
Zone-redundant storage
Zone-redundant storage (ZRS) replicates your Azure Storage data synchronously across three Azure availability zones in the primary region. ZRS offers durability for Azure Storage data objects of at least 12 nines (99.9999999999%) over a given year.
Photo by Microsoft Learn
Redundancy in a secondary region
Azure Storage offers two options for copying your data to a secondary region: geo-redundant storage (GRS) and geo-zone-redundant storage. GRS is similar to running LRS in two regions, and geo-zone-redundant storage is similar to running ZRS in the primary region and LRS in the secondary region.
Geo-redundant storage
GRS copies your data synchronously three times within a single physical location in the primary region using LRS. It then copies your data asynchronously to a single physical location in the secondary region (the region pair) using LRS. GRS offers durability for Azure Storage data objects of at least 16 nines (99.99999999999999%) over a given year.
Photo by Microsoft Learn
Geo-zone-redundant storage
Data in a GZRS storage account is copied across three Azure availability zones in the primary region (similar to ZRS) and is also replicated to a secondary geographic region, using LRS, for protection from regional disasters.GZRS is designed to provide at least 16 nines (99.99999999999999%) of the durability of objects over a given year.
Photo by Microsoft Learn
To understand the nines of durability concept in deep check this out
Important: Because data is replicated to the secondary region asynchronously, the interval between the most recent writes to the primary region and the last write to the secondary region is known as the recovery point objective (RPO). The RPO indicates the point in time at which data can be recovered. Azure Storage typically has an RPO of fewer than 15 minutes, although there's currently no SLA on how long it takes to replicate data to the secondary region.
Read access to data in the secondary region
Geo-redundant storage replicates your data to another physical location in the secondary region to protect against regional outages. However, that data is available to be read-only if the customer or Microsoft initiates a failover from the primary to the secondary region. However, if you enable read access to the secondary region, your data is always available, even when the primary region is running optimally.
Important: Remember that the data in your secondary region may not be up-to-date due to RPO.
That's all for this tutorial. Stay tuned for the azure computing services tutorial. Happy Reading!!🥳