Module 8

Question 1

On prem data centre can cause latency for users that are geographically far away.

With this in Mind, using the cloud can save ____ and give you_______ ______ to customers in different GEOss

Answer 1

Cloud can save cost and give you local presence to customers in different GEOs

Question 2

Several strategies and patterns used by software architects to make complex systems easy to design/build/maintain etc

Loosely coupled architectures via:

N-Tier Architecture

An N-Tier Architecture divides an app into…

Answer 2

Divides app into 2 or more logical tiers

Question 3

How do the tiers access each other within an N-Tier Architecture

Answer 3

• Higher tier can access lower tier but not the other way round

Question 4

Tiers help separate concerns and are typically reusable

How does this arcitecture help maintanenace?

Answer 4

• This also helps maintenance, can be updated or replaced inderpendantly + new tiers can be added

Question 5

Give an example of a simple 3 Tier architecture

Answer 5

• 3 tiers referes to an N-Tier architecture with 3 tiers. e.g. Web (Interface), App (Business Logic), Data (DB or other storage) Tiers. This works as:
  
  • User clicks Place order and request is sent to web tier
  • Web tier passes fdata to app tier to validate payment and check inventory
  • App tier passes to data tier where data is stored

Question 6

What is an Azure Region

Answer 6

Azure Region

One or more data centers within a specific geographic location

Question 7

A vNet is a logically isolated network on Azure, similar to networks in HyperV, VMWare and other clouds.

What does a vNet allow for…

Answer 7

• Allows for secure comms between each other, intrernet and on prem networks

Question 8

How many regions are Azure vNets scoped to

Answer 8

Azure vNets are Scoped to a single region

Question 9

What can be used to connect vNets to different regions

Answer 9

• vNets from different regions can be connected using vNet peering.

Question 10

Segmenting a vNet into one or more subnets allows for

Answer 10

• Segmented into one or more subnets, this allows for organising + securing of resources in discrete sections

Question 11

How/Why could/would you keep some tiers on prem and others in the cloyd

Answer 11

• You can also keep some tiers on-prem, i.e. Web Tier in cloud keeping other tiers on-prem allowsing tighter control.
• A VPN gateway would provide a secure connection between Azure + On prem.
• Azure manages physical H/W, you config vNets and gateways enabling you to treat vNet like your own.
• You can choose which networks your vNet can reach (i.e. public internet or other networks in the private IP space)

Question 12

What are NSGs

Answer 12

• Allows or denies inbound traffic to Azure resources
• Essentially cloud level firewall
• You can config NSG to allow only traffic from known sources (IPs) you trust

Question 13

What does Azure Load Balancer help to ensure?

Answer 13

• Azure Load balancer helps ensure site runs 24/7, when you also want to do maintenance (and there is no “good” time for down time)
• Azure Load balancer can also alleviate performance issues with too many users

Question 14

What does availability refer to?

Answer 14

Availability = how long a service is up and running with out interruption

Question 15

What does High Availability refer to?

Answer 15

High Availability (HA) = services up and running for a long period of time

100% Availability is difficult to achieve - many teams strive for 5-9’s (99.999%)

Question 16

What does resiliency refer to?

Answer 16

Resiliency - Ability to stay operation during ab-normal conditions, these incl: Nat Disasters, Sys Maintenance, Spikes in traffic, Threats (DDoS attacks etc)

Question 17

A Load balancer distributes traffic amongst systems in a pool helping to achieve….

Answer 17

Helping to achieve High Availability and Resiliency

Question 18

Start with additional identical VMs so having additional system ready should one go down or get too many users.

A load balancer becomes the entry point allowing these VMs to have there own…

Answer 18

IP Addresses

Question 19

Does the user know which VM they are using

Answer 19

No

Question 20

At a high level how does the load balancer work

Answer 20

• The load balancer recieves the request from the user and directs them to a VM, if a VM is unavailable or not responsive the load balancer directs traffic elsewhere.

Question 21

How does a load balancer allow for maintenance without service disruption

Answer 21

• This allows for maintenance without service disruption if you stagger maintenance for each VM.

Question 22

Azure Load balancer supports inbound and Outbound scenerios, low latency, high throughput.

It can scale to _____ of flows for all ___/___ applications

Answer 22

• Scales to millions of flows for all TCP/UDP applications
• Use with incoming internet traffic, inbound azure services traffic, port forwarding for specific traffic, outbound connectivity for VMs in vNet

Question 23

What advantages does Azure Load Balancer have over a traditional on prem one

Answer 23

Traditional Load balancers require extra H/W and Maintenance, and failure can take you back to the original issue

Question 24

What situations is better to use Azure Application Gateway?

Answer 24

• For traffic exclusively HTTP this is potentially a better option.

It is a load balancer designed for Web Apps

Question 25

Azure Application gateway uses Azure Load Balancer at transport level (TCP) but applies URL based routing to support advanced scenerios. This means it runs at which OSI Layer and understands what?

Answer 25

OSI Layer 7 - The application layer and understands the structure of the HTTP messge

Question 26

What Benefits does Azure Application Gateway have over Azure Load balancer

Answer 26

- Cookie affinity - user session on same backend server - SSL Termination - Manage SSL Certs + Pass unecrypted traffic to backend servers. Supports full end to end encryption. - Web App Firewall - Supprots sophisticated firewall (WAF) incl detailed monitoring/logging to detect malicious activity. - URL Based Routes - Route based on, URL patterns, source IP/Port, Destination IP/Port, helpful with content delivery network (CDN). - Rewrite HTTP headers - add or remove info from inbound and outbound HTTP headers, security scenerio or secret server names

Question 27

What is, and what is the Purpose of Content Delivery Network (CDN)

Answer 27

- Distributed network of servers to efficiently deliver web content. - Get content to users in local region to minimize latency

Question 28

Where is CDN hosted

Answer 28

Can be hosted in Azure or elsewhere

Question 29

CDN allows you to cache content strategically around the globe, what would be an example usage of this

Answer 29

- Usage: Web Apps with multi media content with high bandwidth requirements.

Question 30

What does DNS do

Answer 30

Maps user friendly names to IPs

Question 31

What options do you have for DNS in Azure

Answer 31

Bring your own DNS Server or use Azure DNS

Question 32

What is Azure DNS

Answer 32

Hosting service for DNS domains in Azure

Question 33

True or False - Azure DNS can route traffic to load balancer

Answer 33

True

Question 34

Load balancer can distribute traffic to an alternate system when performing maintenance or if you see a spike in traffic this increases what to a solution

Answer 34

High Availability and Resiliency

Question 35

What is latency?

Answer 35

Time for data to travel on the network

Question 36

What is Bandwidth?

Answer 36

Amount of data that can fit on connection

Question 37

The type of connection and app design can effect latency but what is typically the biggest factor?

Answer 37

Distance

Question 38

How can you reduce latency when delivering content to different regions

Answer 38

Scale out to different regions

Question 39

What is the negative around replicating your data center to different locations around the globe and how does Azure mitigate this

Answer 39

- Prohibitively expensive to replicate your entire DC, but in Azure doing so can cost much less as Azure already has the equipment and personnel in place.

Question 40

One way to reduce latency is to provide exact copies of your service in more than one region, This causes seperate DNS names so to connect users to closest geographic service using one domain name we use:

Answer 40

Azure Traffic Manager

Question 41

Azure Traffic manager can route traffic in different ways (i.e. least latency). How does Azure Traffic Manager direct traffic to globally distributed end point

Answer 41

Uses DNS server closest to user to direct traffic to globally distributed endpoint

Question 42

What does Traffic manager see and do

Answer 42

Traffic manager does not see traffic, it just directs clients web browser to preferred end point.

Question 43

How can Azure Traffic manager work with both Azure and On Prem Data centers

Answer 43

- Can connect traffic manager to on prem DCs to maintain existing investments or shift entirely to cloud

Question 44

What are the standout differences between Load balancer and Traffic Manager

Answer 44

- Load balancer - Distributes traffic within a region - Traffic Manager - Works at DNS level directing to preferred end point - Load Balancer - will direct traffic to different VM if one is unresponsive - Traffic Manager - directs to closest endpoint that is responsive - **Both help to make servers more resilient**