AZ 900 – Part I – Microsoft Azure Cloud Concepts

Microsoft Azure Cloud Concepts

  1. Cloud Service Models
  2. Types of Cloud Computing
  3. Benefits of the Cloud

Fundamental characteristics of cloud computing

Cloud computing offers convenient, on-demand access to your computing resources online. This has facilitated the move to remote work and supports collaboration wherever you are located. For IT teams, cloud services also make technological provisioning simpler. This section will look in more detail at seven essential characteristics of cloud computing.  Computer Post Image

  • On-demand self-service – Before the cloud, an individual or business would need to buy, configure, and install an IT infrastructure to support their computing needs. With the advent of AWS, Microsoft Azure, Google Cloud, and other public cloud platforms, it is now possible to access the IT tools you need much more quickly. You also don’t need to provision the servers, databases, or other computing capabilities yourself, and you can get started without understanding the underlying technology.
  • Broad network access – Gone are the days when an individual needed to be onsite, in front of a desktop connected by a cable to the server, an internet connection, and other technology. The cloud provides broad network access, with resources available from anywhere with an internet connection.
  • Resource pooling – With the public cloud, you have access to resource pooling. Common resources are shared on a high-efficiency infrastructure maintained, monitored, secured, and updated by experts. Meanwhile, a small business can take advantage of economies of scale and only needs access to the internet to take advantage of the cloud resources.
  • Scalability – Since the actual computing resources are online, it is much easier to scale up or down as needed. For instance, If a business needs more data backup, it can contract with the cloud provider for more storage. It doesn’t have to shop around for its data storage technology, wait for that hardware to arrive, set it up, and secure it first. Or, if a business wants to scale back when a team shrinks, it can simply pay for fewer software licenses instead of having unused desktops and other technology taking up space and budget.
  • Pay-per-use availability – Expanding on this idea, cloud computing lets you pay only for the services you need. The cloud computing provider can measure your resource utilisation and charge per use. Providers may even be able to bill you down to the second. However, agreeing to a long-term commitment could see greater cost savings.
  • Resilience – Technology is vulnerable to security threats. Yet, because of online resources, your IT may be more secure if you access a cloud supported by a provider. Also, most cloud providers will build redundancy to ensure you can access the resources you want if something goes wrong. This would mean, for example, that your provider might have a data centre in Hyderabad and another in Bangalore in case something happened to one or the other.  This also means that if something happened to your own business (say a power outage), while your on-premises computers were down, your employees could continue to function by logging in to the cloud from off-site networks.

Cloud Service Models

Most cloud computing services fall into four broad categories: infrastructure as a service (IaaS), platform as a service (PaaS), serverless, and software as a service (SaaS). These are sometimes called the cloud computing “stack” because they build on top of one another.

IaaS

Infrastructure as a service (IaaS) is a cloud computing service model where a cloud services vendor provides computing resources such as storage, network, servers, and virtualization (which emulates computer hardware). This service frees users from maintaining their own data center,[1] but they must install and maintain the operating system and application software.  Iaas provides users high-level APIs to control details of underlying network infrastructure such as backup, data partitioning, scaling, security and physical computing resources. Services can be scaled on-demand by the user. According to the Internet Engineering Task Force (IETF), such infrastructure is the most basic cloud-service model. IaaS can be hosted in a public cloud (where users share hardware, storage, and network devices), a private cloud (users do not share resources), or a hybrid cloud (combination of both).

PaaS

Platform as a service (PaaS) or application platform as a service (aPaaS) or platform-based service is a cloud computing service model where users provision, instantiate, run and manage a modular bundle of a computing platform and applications, without the complexity of building and maintaining the infrastructure associated with developing and launching application(s), and to allow developers to create, develop, and package such software bundles.

SaaS

Software as a service (SaaS /sæs/) is a cloud computing service model where the provider offers use of application software to a client and manages all needed physical and software resources.  SaaS is usually accessed via a web application. Unlike other software delivery models, it separates “the possession and ownership of software from its use”.  SaaS use began around 2000, and by 2023 was the main form of software application deployment.

What is the shared responsibility model?

The shared responsibility model clearly defines the security roles of both the cloud service provider (CSP) and the customer in a cloud-computing environment. Typically, the CSP handles the security of the foundational infrastructure, whereas the customer is responsible for securing their data and applications within that cloud environment.

CSPs are responsible for the “security of the cloud,” which includes securing data centers, networking equipment, patching and updating operating systems, and ensuring the availability and reliability of their cloud services. In contrast, customers are responsible for “security in the cloud,” encompassing tasks like setting up secure access controls, encrypting data (both in transit and at rest), managing user accounts and credentials, and implementing application-specific security measures.

Types of Cloud Computing

  • Computer Post ImagePublic cloud
    • The most common type of cloud deployment. The servers and storage are owned and operated by a third-party provider and delivered over the internet.
    • With a public cloud, all hardware, software, and other supporting infrastructure are owned and managed by the cloud provider. Microsoft Azure is an example of a public cloud.
  • Private cloud
    • Consists of cloud computing resources used exclusively by one business or organization.
    • The private cloud can be located at your data center, or it can be hosted by a third-party provider.
    • The services and infrastructure are always maintained on a private network and the hardware and software are dedicated solely to your organization.
  • Hybrid clouds
    • A hybrid cloud is a type of cloud computing that combines on-premises infrastructure—or a private cloud—with a public cloud.
    • Hybrid clouds allow data and apps to move between the two environments.

Cloud Elasticity

Cloud elasticity is the ability of a cloud environment to automatically adjust infrastructure resources (like compute, storage, and networking) in response to fluctuating workload demands, ensuring efficient management and minimizing costs. This dynamic scaling is particularly beneficial for applications experiencing temporary spikes or drops in resource needs, unlike environments with consistently high workloads. Elasticity contrasts with the need for always-available resources crucial for mission-critical applications where performance dips can lead to significant business losses. In such cases, flexibility involves proactively provisioning extra resources to guarantee performance. Cloud elasticity operates by automatically scaling resources up during peak demand and down during lulls, often associated with scale-out architectures in public cloud environments with pay-as-you-go pricing. It optimizes resource utilization and reduces overall infrastructure expenses. The specific resources subject to elastic scaling (hardware, software, network, QoS, etc.) depend on the environment. While generally advantageous, elasticity might not be suitable for applications requiring guaranteed, consistent performance. Its pay-per-use nature makes it a popular feature in public clouds, allowing IT managers to pay only for the resources they consume.

Cloud Scalability

Cloud scalability addresses the need to manage increasing workloads while maintaining good performance for software and applications. Unlike elasticity, scalability involves the persistent allocation of resources to handle a consistently growing workload. For instance, if a company’s database expands over time due to business growth, scalability allows them to request their cloud provider to permanently increase their database capacity. This contrasts with cloud elasticity, which handles temporary fluctuations in demand. While both are often pay-per-use services, scalability caters to static, long-term increases in workload. There are different approaches to achieving scalability, including vertical (scale-up), horizontal, and diagonal scaling.

Fault Tolerance

Cloud fault tolerance empowers cloud computing systems to maintain effective operation despite component failures. This resilience is achieved through strategies such as redundancy, replication, and automatic failover, which minimize service disruptions and uphold reliability for users.

Disaster Recovery

Microsoft Azure’s cloud disaster recovery (CDR) solutions, primarily centered around Azure Site Recovery (ASR) and Azure Backup, enable organizations to protect their data and applications by automating the replication of virtual machines and physical servers to Azure or a secondary site. ASR facilitates seamless failover and failback processes, allowing for quick recovery during disasters, while Azure Backup provides reliable data protection with features like incremental backups and long-term retention. With geo-redundancy, integration with other Azure services, and robust monitoring capabilities, Azure ensures business continuity and minimizes downtime, making it a comprehensive solution for disaster recovery needs.

Security in the cloud

Microsoft Azure implements security in the cloud through a multi-layered approach that includes physical, operational, and software security measures. It employs advanced threat protection and security management tools, such as Azure Security Center, which provides continuous monitoring and security assessments. Azure also incorporates identity and access management through Azure Active Directory, enabling secure user authentication and role-based access control. Data encryption is enforced both at rest and in transit, ensuring that sensitive information is protected. Additionally, Azure complies with various global standards and regulations, providing customers with the assurance that their data is handled securely. This comprehensive security framework helps safeguard applications and data against evolving threats in the cloud environment.

Management & Governance

Microsoft Azure enables IT departments to manage resources and ensure governance through a combination of tools and services designed for visibility, control, and compliance. Azure Resource Manager allows for the organization and management of resources using resource groups, enabling efficient deployment and monitoring. Azure Policy helps enforce governance by allowing IT teams to define and apply rules that ensure resources comply with organizational standards and regulatory requirements. Additionally, Azure Blueprints facilitate the creation of repeatable environments with built-in compliance controls. The Azure Portal and Azure Monitor provide dashboards and insights for tracking resource usage and performance, ensuring that IT departments can effectively manage resources while adhering to governance requirements.

 

Study Guide TOC

Leave a Reply

Your email address will not be published. Required fields are marked *