Day 15: Microsoft Module Core Cloud Services - Azure networking options

Important points:

• Azure Load Balancer distributes traffic within the same region to make your services more highly available and resilient. Traffic Manager works at the DNS level, and directs the client to a preferred endpoint. This endpoint can be to the region that's closest to your user.
• Load Balancer and Traffic Manager both help make your services more resilient, but in slightly different ways. When Load Balancer detects an unresponsive VM, it directs traffic to other VMs in the pool. Traffic Manager monitors the health of your endpoints.When Traffic Manager finds an unresponsive endpoint, it directs traffic to the next closest endpoint that is responsive.

Knowledge check:

1. What is an Azure region?

• One or more Azure data centers within a specific geographical location.

Azure regions help you deliver your apps and services closest to your users. West US and North Europe are examples.

• A way of breaking networks into smaller networks.
• Firewall rules which define the flow of traffic in and out of Azure.

2. Which of the following is true about virtual networks?

• You configure virtual networks through software.

Software enables you to treat a virtual network just like your own network. Azure maintains the physical hardware for you.

• A virtual network accepts network traffic on all ports. You configure the firewall through virtual machines.
• Virtual networks are always reachable from the internet.

3. Which is true about Azure Load Balancer?

• You must use Azure Load Balancer if you want to distribute traffic among your virtual machines running in Azure.
• Azure Load Balancer works with internet-facing traffic only.
• Azure Load Balancer distributes traffic among similar systems, making your services more highly available.

If one system is unavailable, Azure Load Balancer stops sending traffic to it. It then directs traffic to one of the responsive servers.

4. What is network latency?

• The amount of data that can fit on the connection.
• The distance data must travel to reach its destination.
• The time it takes for data to travel over the network.

Latency measures the time it takes for data to reach its destination. Latency is typically measured in milliseconds.

5. How does Azure Traffic Manager reduce latency?

• It chooses only the fastest networks between endpoints.
• It chooses the endpoint that's closest to the user's DNS server.

Choosing the server that's closest to the user is a good way to reduce latency.

• It caches content, similar to how content delivery networks work.

Day 14: Microsoft Module Core Cloud Services - Azure data storage options

What I learned today on this module,

Here are some of the important benefits of Azure data storage:

• Automated backup and recovery: mitigates the risk of losing your data if there is any unforeseen failure or interruption.
• Replication across the globe: copies your data to protect it against any planned or unplanned events, such as scheduled maintenance or hardware failures. You can choose to replicate your data at multiple locations across the globe.
• Support for data analytics: supports performing analytics on your data consumption.
• Encryption capabilities: data is encrypted to make it highly secure; you also have tight control over who can access the data.
• Multiple data types: Azure can store almost any type of data you need. It can handle video files, text files, and even large binary files like virtual hard disks. It also has many options for your relational and NoSQL data.
• Data storage in virtual disks: Azure also has the capability of storing up to 32 TB of data in its virtual disks. This capability is significant when you're storing heavy data such as videos and simulations.
• Storage tiers: storage tiers to prioritize access to data based on frequently used versus rarely used information.

There are three primary types of data that Azure Storage is designed to hold.

1. Structured data : SQL
2. Semi-structured data : NoSQL
3. Unstructured data : JPG, PDF, JSON, etc. 

Knowledge check:

1. Suppose you work at a startup with limited funding. Why might you prefer Azure data storage over an on-premises solution?

• To ensure you run on a specific brand of hardware, which will let you form a marketing partnership with that hardware vendor.
• The Azure pay-as-you-go billing model lets you avoid buying expensive hardware.

There are no large, up-front capital expenditures (CapEx) with Azure. You pay monthly for only the services you use (OpEx).

• To get exact control over the location of your data store.

2. Which of the following situations would yield the most benefits from relocating an on-premises data store to Azure?

• Unpredictable storage demand that increases and decreases multiple times throughout the year.

Azure data storage is flexible. You can quickly and easily add or remove capacity. You can increase performance to handle spikes in load or decrease performance to reduce costs. In all cases, you pay for only what you use.

• Long-term, steady growth in storage demand.
• Consistent, unchanging storage demand.

3. A newly released mobile app using Azure data storage has just been mentioned by a celebrity on social media, seeing a huge spike in user volume. To meet the unexpected new user demand, what feature of pay-as-you-go storage will be most beneficial?

• The ability to provision and deploy new infrastructure quickly

As the user demand increases, the agility to deploy new servers or services as needed can help scale to meet the increased user load.

• The ability to predict the service costs in advance
• The ability to meet compliance requirements for data storage

Day 13: Microsoft Module Core Cloud Services - Azure compute options

Four Azure Compute options,

• Virtual machines (IaaS) -> Greatest control and flexibility
• Containers
• Azure App Service (Paas)
• Serverless computing -> Lowet Control

Knowledge check:

1. Suppose you have an existing application running locally on your own server. You need additional capacity but prefer to move to Azure instead of buying upgraded on-premises hardware. Which compute option would likely give you the quickest route to getting your application running in Azure?

• Serverless computing
• Containers
• Virtual machines

You have full control over the VM setup, so you can configure it to match your on-premises server. This control will allow your existing application to run on the Azure VM with little or no change.

1. Imagine that you work on a photo-sharing application that runs on millions of mobile devices. Demand is unpredictable because you see a spike in usage whenever a locally or nationally significant event occurs. Which Azure compute resource is the best match for this workload?

• Serverless computing

The photo-sharing app is event driven and needs to handle unpredictable demand. Serverless computing is a good fit for this situation because it is event-based and can scale instantly to process spikes in traffic. It should also be a cost-effective choice because you will pay for compute time only when processing user data.

• Containers
• Virtual machines

1. The compute options give you different levels of control over the configuration of the environment in which your application runs. Which of the following lists the compute options in order of your control from "most control" to "least control"?

• Serverless computing, containers, virtual machines
• Containers, serverless computing, virtual machines
• Virtual machines, containers, serverless computing

Virtual machines give you full control over the environment. Containers give you limited control. Serverless computing does not allow you to do any infrastructure configuration.

Thats all for today.

Day 12: Microsoft Module Core Cloud Services - Manage services with the Azure portal

Knowledge check:

1. An Azure dashboard is stored as which type of file?

• XML
• JSON

Azure dashboards are stored as JSON files, which allow them to be uploaded and downloaded to share with other members of the Azure directory.

• PNG

2. Azure Advisor provides advice on which of these topics:

• Creating an Azure account
• Best practices and security for your services

Azure Advisor is a free service built into Azure that provides recommendations on high availability, security, performance, and cost.

• Using the Azure portal effectively

3. True or false: Azure Cloud Shell is an interactive, browser-accessible shell for managing Azure resources?

• True

Azure Cloud Shell is an interactive shell for managing Azure resources. You can control and administer all of your Azure resources in the current subscription through a command-line interface built right into the portal.

• False

1 out of 3 questions is incorrect. Please correct question 2.

Day 11: Microsoft Module Core Cloud Services - Introduction to Azure and Azure architecture and service guarantees

There are 3 exercises need to be done in this module.

Important points:

• Azure Advisor and Azure Cost Management are two services that help you optimize cloud spend. You can use these services to identify where you're using more than you need, and then scale back to the capacity you're actually using.

Knowledge check:

1. What is Azure?

• Microsoft's cloud computing platform, which provides compute power, storage, and services over the Internet using a pay-as-you-go pricing model.

Azure provides raw compute power and storage, as well as services to help you explore new software paradigms such as intelligent bots and mixed reality.

• A single data center located in Redmond, Washington.
• A hosting environment specifically for virtual machines

2. Which of the following is an example of an Azure application platform?

• Azure App Service

Azure App Service is an HTTP-based service that enables you to build and host many types of web-based solutions without managing infrastructure.

• Azure Load Balancer
• Azure Table Storage
• Azure Cache for Redis

3. When should you scale out your deployment?

• When your application or service requires a more powerful CPU or more memory to run faster.
• When you need additional virtual machines to speed up your application.

Scaling out means adding additional systems, such as virtual machines. For example, you might create many virtual machines configured in the same way and use a load balancer to distribute work across them.

• When you're using excess capacity that you don't need.

Knowledge check:

1. Deploying an app can be done directly to what level of physical granularity?

• Region

Correct. Azure organizes infrastructure around regions, which include multiple datacenters. You can pick the region you want resources deployed into. You can't select a specific datacenter or location within a datacenter.

• Datacenter
• Server rack

2. To use Azure datacenters that are made available with power, cooling, and networking capabilities independent from other datacenters in a region, choose a region that supports _________?

• Geography distribution
• Service-Level Agreements (SLAs)
• Availability Zones

Availability Zones are datacenters set up to be an isolation boundary from others in the region, with their own power, cooling, and networking. If one zone in a region goes down, other Availability Zones in the region continue to work.

3. Application availability refers to what?

• The service level agreement of the associated resource.
• Application support for an availability zone.
• The overall time that a system is functional and working.

Correct. The time that a system is working is referred to as the application availability.

That's for today.

Day 10: Microsoft Module: Cloud Concepts - Principles of cloud computing and Module Sign up for Azure

Yesterday, I finished with modules from dicoding. Today, I will start learn from Microsoft modules. This module is similar to dicosing module 1. Hence, I do not put any important points here. 

Knowledge check:

1. Which term from the list below would be viewed as benefits of using cloud services?

• Unpredictable costs
• Elasticity
• Local reach only

2. Suppose you have two types of applications: legacy applications that require specialized mainframe hardware and newer applications that can run on commodity hardware. Which cloud deployment model would be best for you?

• Public cloud
• Private cloud
• Hybrid cloud

3. You're developing an application and want to focus on building, testing, and deploying. You don't want to worry about managing the underlying hardware or software. Which cloud service type is best for you?

• Infrastructure as a Service (IaaS)
• Platform as a Service (PaaS)
• Software as a Service (SaaS)

I study module Sign up for Azure, but not yet registered for Azure. I will register it when needed in the future, I heard that in this Learn platform we can access Azure on the exercise modules straight away.

Knowledge check:

1. Which of the following is true about an Azure subscription?

• Using Azure does not require a subscription
• An Azure subscription is a logical unit of Azure services
• You can't have more than one subscription

2. Your billing is based on your usage of Azure resources and is invoiced ______________

• Annually
• Monthly
• Daily

3. When you create an Azure resource like a virtual machine, you select the ______________ it belongs to.

• Billing account
• Billing profile
• Azure subscription

4. Which Azure support plan is best for business-critical workloads?

• Azure Developer
• Azure Professional Direct
• Azure Standard

That is for today.

Day 9: Quizes from dicoding

Today, I skip the hands on exercise. I will make the summary for the quizes.

1. Hybrid cloud is a combination of private and public cloud. It is possible to run legacy applications together with new application in the cloud.
2. We scale out when we need additional VMs to increase the speed of our applications.
3. Azure Blob Storage is storage services for unstructured data that can store and manage thousands of files at the same time.
4. Imagine you have photo sharing application that has thousands of users. Users cannot be predicted since it can increate at any time on every new local or national events. In this case, serverless computing is the based to be used.
5. Virtual machines, containers, serverless computing are from higher control and flexibility to lower ones.
6. Microsoft Privacy Statement gives the detail of personal data that is processed by Microsoft, how they process and what for.
7. Latency is time to transfer data over the network.
8. Azure Resource Locks is used to make sure that resources are not accidentally deleted or modified.
9. Azure Application Gateway is load balancing from Azure that works on  application layer (OSI layer 7) for HTTP application.
10. Azure key vault is service to store certificates centrally in Azure.
11. Load balancer is not solution to reduce cost.
12. The ability to provide and deploy new infrastructure will be important when we host an application that can have sudden increase of users.
13. DDoS Protection is the solution to DDoS attack.
14. Example of Resource Lock usage is for production database.
15. Azure subscription is logical place to attach Azure services to the Azure accounts.

Day 8: Module 11 and 12 from dicoding

Module 11 is about managing resources in Azure. The important points are tagging, Azure policy, RBAC and Resource Locks (avoid accidentally delete resources).

Knowledge check: Resource Group cannot be nested.

Module 12 is all about pricing and how to save cost. I will allocate 1 day special to learn about costing later.

Knowledge check: Cost calculation in Azure based on resources, services and location. But number of subscription will not affect the cost calculation.

Day 7: Review day

Re read and review module 1-10 from dicoding.

Day 6: Module 9 and 10 from dicoding

In module 9, the important points are

• Azure Security Centre, monitor the security of the system by Detect, Assess, Diagnose, Stabilize, and Close.
• Azure Active Directory (Support SSO and Role Base Access Control)
• Encryption including database encryption
• Securing Network using Azure Firewall, Azure Application Gateway and Network Virtual Appliances
• Azure Information Protection (AIP) is cloud base solution to help securing files by categorizing the files using labels.
• Azure Advanced Threat Protection (ATP) consist of Azure ATP portal, Azure ATP Sensor and Azure ATP Cloud Service

Knowledge check:

1. SSO helps in centrally activate or disable accounts easily and faster.

While in module 10,

• Azure Policy
• Azure Blueprint can be used to implement and adhere to policies in our organization.
• Azure Compliance Manager based on 
• Microsoft Privacy Statement
• Microsoft Trust Center
• Service Trust Portal
• Compliance Manager
• Azure Monitor & Service Health

Knowledge check:

1. Azure Policy is used to define, implement and managing the standar usages of resources in our environment.

Day 5: Module 7 and 8 from dicoding

Today, module 7 is talking about Azure Storage.

Important points:
a. The advantage of using Azure Storage:

• Automatic backup and recovery
• Replication all over the world
• Support for data analytics (Azure Data Lake Storage)
• Support for encryption and data control (Azure File like SMB on cloud, Azure Queue and Azure Storage Service Encryption (SSE))
• Support for many data types including relational data (Azure SQL), NoSQL (Azure Cosmos DB) and images (Azure Blob Storage)
• Store into virtual disc
• Storage tiers. Priority to access data stored:
• Hot storage for frequently accessed data
• Cold storage for last accessed is more than 30 days
• Archive storage for last accessed is more than 180 days

b. Data types that can be stored in Azure

1. Structured data like Relational data
2. Semi structured data like NoSQL
3. Non structured data like images, pdf 

c. Azure storage is better than on premise in term of

• Cost effective
• Reliability
• Type of storage (need more type of servers for on premise solution)
• Agility (flexibility caused by technology changed)

Knowledge check

1. With pay-as-you-go we do need to invest on the software and hardware.

While in Module 8:

Important points:

• Azure region is one or more data centre in a specific geographical sites. For example, East Us, West US, and Southeast Asia.
• Virtual network is an logaically isolated network in Azure.
• Network Security Group is like firewall.
• Load balancer is distributing traffic equally between resources in a system. It will help for high availability and high resiliency (disasters or temporary spike on our resources).
• Azure Application Gateway is a load balancer for web, It is utilize Azure Load Balancer in TCP level. It can
• Cookie affinity, stored cookie in the same backend server.
• SSL termination. Application Gateway can manage your SSL and forward the unencrypted connection to the backend server to avoid encryption overhead. It also support end-to-end encryptions.
• Web application firewall. 
• URL rule-based routes.
• Rewrite HTTP headers. Add or remove indormation from http headers.
• Content Delivery Network, distributing contents to the users efficiently.
• Azure Traffic Manager, forward the request to the nearest resources based on the latency. Different from Azure Load Balancer. Azure Load Balancer is detecting the unresponsive VM then route to other responsive VM, while Azure Traffic Manager is detecting unresponsive endpoint and route to the nearest responsive end point.

Knowledge check:

1. Load Balancer will route to the active VM to maintain high availability.

Day 4: Module 5 and 6 from dicoding

Today, I continue to module 5 and 6.

Module 5:
Important points:

• Azure Portal. GUI to interact with Azure.
• Azure PowerShell and Azure Command-Line Interface (CLI). Interact with Azure through command line.
• Azure Cloud Shell. Web based CLI .
• Azure Mobile App. Mobile app

Knowledge check:

• Dashboard configs will be stored as JSON.

Module 6:
Important points:

• 4 types of  Azure Compute:

• Virtual machines
• Containers
• Azure App Service. Azure App Service is Platform as a Service (PaaS).
• Serverless Computing

Knowledge check:

• You have full control on VM as if the server is on premise. You can create the same configuration as servers on premise.

Day 3: Module 3 and 4 from dicoding

Today, I continue to study from dicoding module 3.

Important points:

• Region adalah sebuah wilayah geografis yang terdiri dari satu atau beberapa data center yang berdekatan dan saling terhubung dalam koneksi dengan latensi rendah.
• Availability Zones adalah data center yang terpisah secara fisik di dalam region Azure.
• Availability zones terdiri dari satu atau beberapa data center, di mana ada minimal tiga zone dalam satu region. Namun, ada kemungkinan terjadi bencana alam yang cukup besar yang dapat menyebabkan kerusakan yang cukup besar untuk mempengaruhi bahkan dua data center. Untuk itulah Azure membuat region pairs.

Knowledge check:

• Ketahanan atau resiliency adalah kemampuan sistem untuk pulih dari kegagalan dan terus berfungsi.

Module 4:

Important points:

• Azure AD adalah penyedia identitas modern yang mendukung banyak protokol autentikasi untuk mengamankan aplikasi dan layanan di cloud.

Knowledge check:

• Tagihan (Billing) setiap bulan untuk setiap langganan Azure berdasarkan penggunaan.

Day 2: Module 1 and 2 from dicoding

On the second day, I would start study from the dicoding materials. I have study this material before but re-study to pick up and refresh the knowledge in these chapters.

Important points:

• Module 1: capex vs opex, capex is traditional way to have servers on site while opex is renting cloud solutions.
• Module 1: public cloud, private cloud and hybrid. Differences are mostly on the security, scalability, cost and flexibility.
• Module 1: type of cloud services: IaaS, PaaS and SaaS. Differences in complexity and flexibility.
• Module 2: Categories of services in Azure: Compute, Networking, Storage, Mobile, Database, Web, Internet of Things, Big Data, Artificial Intelligence, DevOps.
• Module 2: 

Knowledge check:

1. Software as a Service (SaaS) -> Cloud provider is fully responsible for the services and infrastructure.
2. Azure Load Balancer  is used to balance the incoming and outgoing connections to the applications or other endpoint services.

Day 1: Pledge and Preparation Day

This story started last month when I got the scholarship from dicoding  I finished the class and then received the exam voucher. Thank you dicoding.

I was waiting for some free time for the test. The workload from my office was high at that moment and as usual in early days of the year, familly matters were keeping me busy as well. The dicoding team keeps remind me to register for the test. Hence, I decide to do the test on 7 of February 2020.

In order to prepare for the test, I will learn from dicoding materials and Microsoft Learn materials. In addition, I will record my study journey in a blog.

Dicoding Materials : https://www.dicoding.com/academies/144
Microsoft Materials : https://docs.microsoft.com/en-us/learn/paths/azure-fundamentals/

First day, what I have done are

1. Register for the exam.
2. Setup the blog
3. Search the material in Microsoft Learn

Thats it for today and see you tomorrow.