AZ-900: Compute

Written By Skylines Academy

In the previous posts in the series, we reviewed the various services Microsoft provides within the Azure platform for the management of resources and their availability. We are now moving on from the core architectural components to look at the core products available on the Azure platform.  

These products have been grouped into four categories. 

Compute – these products provide the computing power to your run your applications and services.  

Networking – these products allow for the inter-connectivity of Azure resources, connectivity, and availability to internet-facing requests and your on-premises hardware and applications.  

Storage – these products provide data storage within the cloud, providing you secure and highly available data storage for your applications and services.  

Database – these are the products that supply highly available and highly scalable hosted database services.  

In this post, we will review the Compute services available. These include but are not limited to Virtual Machines, App Services, Azure Container Instances (ACI), and Azure Kubernetes Services (AKS).  

Compute services allow you to deploy systems and services in an elastic and scalable manner, taking advantage of Azure’s economies of scale. Meaning you can deploy and manage infrastructure in a much quicker way than using on-premises infrastructure.  

Virtual Machines 

Overview 

The standard Compute Infrastructure as a Service offering Microsoft supplies in Azure is the Virtual Machine. Building on the same virtualization technologies from on-premises hypervisors, Azure allows you to create and deploy virtual machines in the cloud that can be utilized like a physical computer. Virtual Machines deployed on the Azure platform run on hardware configured and managed by Microsoft, allowing you to concentrate on the guest machine.  

One of the main benefits using the Virtual Machine host hardware supplied by Microsoft is when you have finished with the Virtual Machine, it can be deleted or stopped. With the resources deallocated, you stop paying for it immediately. There is no capital expenditure, just the operational costs of running the Virtual Machine.  

Virtual Machine Types 

Microsoft offers a range of different virtual machine types that have different ratios of resources for the potential types of workloads run on the virtual machines. These are the Compute (F Series), Storage (Ls Series), or Memory (M Series) optimized virtual machine series, which all have additional resources when compare to the general-purpose series (A and D Series).   Alongside resource optimized virtual machine series, there are also virtual machines designed for more specific scenarios.  

B Series – these are lower-cost burstable virtual machines that run at low CPU usage when demand is low, bursting to higher CPU utilization on-demand. Ideal for low traffic systems or proof of concept machines.  

H Series – The various H series options are designed for a range of high-performance computing workloads. These are used for complex computations, e.g., weather modeling and fluid dynamics. 

N Series – these are virtual machines, with graphic processing units that can be used for graphics rendering, video editing, and simulation.  

DC Series – these are premium virtual machines designed with a secure data enclave to bring enhanced data confidentiality and integrity. Ideal for multiparty data sharing and machine learning. 

VM Chart
VM Chart Continued

Virtual Machine Scale Set vs. Availability Sets vs. 
Availability Zones

There are underlying systems that Microsoft offers to help ensure Virtual Machine Uptime. During maintenance or downtime, the virtual machines can sometimes be migrated to new hosts or rebooted by Microsoft. These migrations can have a knock-on effect causing downtime of your virtual machine too. Using these additional services can increase the availability of your services.  

 
vmimpact.PNG
 

Availability Sets are the first of these features. These use Fault and Update Domains to help protect services from full outages. Fault Domains are a logical grouping of physical resources that are entirely separate and redundant; they can be used to mitigate against unplanned outages. The redundant domains mean that if an issue occurs in one domain, only machines in that domain are potentially impacted. Any virtual machines or services in the other fault domains will be unaffected. Update domains protect against planned maintenance where virtual machines need to be rebooted. Machines in individual update domains are updated, rebooted, or patched as a group. Once the machines in the update domain are stable again after any required maintenance steps, then the next update domain will be updated.  

When creating your availability set, depending on the Region you are deploying into; you can use up of a maximum of 3 Fault Domains and 20 Update Domains.  

Example of 3 Fault Domains and 3 Update Domains

Example of 3 Fault Domains and 3 Update Domains

Availability Zones are an extension of Availability Sets. Availability Zones use zones within a Region. Zones are unique physical locations within a single Region, and they consist of 1 or more datacenters with independent power, networking, and cooling. They take these independent zones and combine the concepts of Fault and Update Domain to them. Creating services within multiple Availability Zones allows for all the benefits of Availability Sets but also to benefit from your services getting spread between unique physical locations. 

While using Availability Sets and Zones protects your workloads from downtime, there are some downsides to using them. Each copy of your application or service you deploy, you need to pay for that service that is running, whether it is fully utilized or not. You also need to deploy and configure each copy of the application and ensure the networking and load balancers are also configured and working correctly.  

availzone.PNG

If you have a variable load on your application, you can use a third service offered by Microsoft Virtual Machine Scale Sets (VMSS). Using VMSS removes some of the downsides of Availability Sets and Zones. A VMSS allows you to specify how many virtual machines you want to deploy initially. Afterward, you can scale the number of machines manually or even use auto-scaling based on performance metrics, to scale up or down when CPU usage or network usage. 

App Services 

Microsoft also offers several Platform as a Service resources, these services are hosted and managed by Microsoft, with you only having to take ownership of the application deployment and configuration. One of these services is the Azure App Service, and it is designed to host a range of web and API applications on either Linux or Windows operating. Azure App Services can be configured to use continuous deployment systems to deploy updates to the applications automatically. They can also use auto-scaling and high-availability features to ensure your services can cope with peaks in traffic and region outages.  

App Service Plans are used to determine the level of compute resources allocated to the App Services. The hardware used by the App Service Plan can be shared or dedicated. You can associate multiple App Services with a single App Service Plan, and they will share that compute resource.  

 
azureapp.PNG
 

Containers 

Overview  

Containers Image

Containers are a recent development in application development that allows you to package up all that is needed to run the code in a single package called an image. An image can then be deployed into any environment and will run in a standard and predictable manner due to environment configuration being part of the image. Containers are fast becoming the preferred method to package, deploy, and manage cloud applications.  

Microsoft offers various methods to host containers within Azure, which will be discussed now.  

ACI 

Azure Container Instances (ACI) is a Platform as a Service resource offered by Microsoft. It is a service designed for running simple applications, build jobs, and automation tasks.  

ACI is ideal for small tasks that you need to run, but do not want to have dedicated hardware to host the applications. The pricing model is based around per second costs of memory and CPU usage—ideal for transient workloads.  

aci.PNG

AKS 

AKS Logo

While ACI is ideal for smaller docker applications, Microsoft also offers the Azure Kubernetes Service (AKS), which is used for more complex use cases that require multiple containers, full orchestration, and automatic scaling.   Kubernetes has fast become the de facto container orchestration service, used for monitoring and managing deployments and the containers deployed. While Kubernetes is a popular orchestration service, deploying and managing the infrastructure needed for a full cluster can be difficult and complex. This has led to cloud providers like Azure to offer managed Kubernetes services.  

Using the AKS service allows you to continue to manage and define the number of worker nodes within the Kubernetes cluster. Worker nodes are used to run and host your various pods/containers and services. But using AKS also takes away the responsibility of running and managing the master nodes. Microsoft does this on your behalf.  

App Service 

In an extension to the information previously discussed in the App Services section, Azure also offers the option to host Containers within WebApps, so you can gain all the benefits of App Services PaaS offering but with the additional ability to host container images. When using Containers, their versatility means there are numerous options for hosting and running depending on their use case. If your applications use Containers, this versatility, and variability in hosting options need to be considered when designing and developing the correct environments.  

Window Virtual Desktop 

Another version of virtualization Microsoft offers on Azure is Windows Virtual Desktop. This is a virtualization service that allows users to access Windows Desktop services over the internet either via a native application or the web client.  

The Virtual Desktop service can be used to provide personal desktops management via role-based access and Azure Active Directory. These personal desktops are ideal for a number of use cases, including keeping sensitive data within the organization, to provide for specialist applications, or allowing remote users to access systems from personal devices.  

Further Reading 

See the series from Skylines by Richard Hooper for more information on Containers and how they work within Azure.  https://www.skylinesacademy.com/blog/2020/8/26/getting-started-with-aks 
https://www.skylinesacademy.com/blog/2020/6/4/what-is-azure-kubernetes-service 

Previous Post about Availability Zones: 
https://www.skylinesacademy.com/blog/2020/5/5/az900-azure-availability-zones 

All AZ-900 Posts
https://www.skylinesacademy.com/blog/tag/AZ-900

—Matt Boyd

Skylines Academy https://www.skylinesacademy.com/
Previous

Building PowerShell Functions
Next

PowerShell Error Handling