Introducton to Cloud

Technologies
 Microsoft Azure
Azure: cloud computing platform, provides a wealth of cloud-based
services.

Cloud-based services:
• Remote storage
• Database hosting
• Centralized account management
• New capabilities like AI and Internet of Things (IoT)
 Cloud computing
It's the delivery of computing services over the internet, which is otherwise known as the
cloud.
These services include:
• servers,
• storage,
• databases,
• networking,
• software,
• analytics,
• Intelligence.
 Cloud computing
You typically pay only for the cloud services you use:
• Lower your operating costs
• Run your infrastructure more efficiently
• Scale as your business needs change.

Cloud computing is a way to rent compute power and storage from

someone else's datacenter.
 Advantages of cloud computing
• Reliability: Depending on the service-level agreement that you choose, your cloud-based
applications can provide a continuous user experience with no apparent downtime even when
things go wrong.

• Scalability: Applications in the cloud can be scaled in two ways, while taking advantage of
autoscaling:
• Vertically: Computing capacity can be increased by adding RAM or CPUs to a virtual machine.
• Horizontally: Computing capacity can be increased by adding instances of a resource, such as adding more
virtual machines to your configuration.

• Elasticity: Cloud-based applications can be configured to always have the resources they need.
 Advantages of cloud computing
• Agility: Cloud-based resources can be deployed and configured quickly as your
application requirements change.

• Geo-distribution: Applications and data can be deployed to regional datacenters

around the globe, so your customers always have the best performance in their region.

• Disaster recovery: By taking advantage of cloud-based backup services, data

replication, and geo-distribution, you can deploy your applications with the confidence
that comes from knowing that your data is safe in the event that disaster should occur.
 Cloud service models
• IaaS: A cloud provider keeps the hardware up to date, but operating system
maintenance and network configuration is left to the cloud tenant. Advantage: rapid
deployment of new compute devices, setting up a new virtual machine is considerably
faster.
• PaaS: The cloud provider manages the virtual machines and networking resources, and
the cloud tenant deploys their applications into the managed hosting environment.
• SaaS: In this cloud service model, the cloud provider manages all aspects of the
application environment, such as virtual machines, networking resources, data storage,
and applications. The cloud tenant only needs to provide their data to the application
managed by the cloud provider. For example: Office 365.
Cloud service models
 Cloud service models
The following chart illustrates the various levels of responsibility
between a cloud provider and a cloud tenant.
 Serverless computing
• It enables developers to build applications faster by eliminating the need for them to
manage infrastructure.
• The cloud service provider automatically provisions, scales, and manages the
infrastructure required to run the code.
• Serverless architectures are highly scalable and event-driven. They use resources only
when a specific function or trigger occurs.
• The serverless name comes from the fact that the tasks associated with infrastructure
provisioning and management are invisible to the developer.
 Deployment models for cloud
computing
Public cloud: Services are offered over the public internet and available to anyone who
wants to purchase them. Cloud resources like servers and storage are owned and
operated by a third-party cloud service provider and delivered over the internet.

Private cloud: Computing resources are used exclusively by users from one business or
organization. A private cloud can be physically located at your organization's on-site
datacenter. It also can be hosted by a third-party service provider.

Hybrid cloud: This computing environment combines a public cloud and a private cloud
by allowing data and applications to be shared between them.
Deployment models for cloud
computing
 Azure
• Azure provides more than 100 services that enable you to do
everything from running your existing applications on virtual
machines to exploring new software paradigms, such as intelligent
bots and mixed reality.
• Azure provides AI and machine-learning services that can naturally
communicate with your users through vision, hearing, and speech.
• It also provides storage solutions that dynamically grow to
accommodate massive amounts of data. Azure services enable
solutions that aren't feasible without the power of the cloud.
 Azure portal
• It is a web-based, unified console that provides an alternative to command-line
tools.

You can:
• Build, manage, and monitor everything from simple web apps to complex cloud deployments.
• Create custom dashboards for an organized view of resources.
• Configure accessibility options for an optimal experience.

The Azure portal is designed for resiliency and continuous availability. It updates
continuously and requires no downtime for maintenance activities.
Azure portal
 Azure marketplace
It helps connect users with Microsoft partners, independent software
vendors, and startups that are offering their solutions and services,
which are optimized to run on Azure.

All solutions and services are certified to run on Azure.

Azure marketplace
 Azure marketplace
Using Azure Marketplace, you can provision end-to-end solutions
quickly and reliably, hosted in your own Azure environment. At the time
of writing, there are more than 8,000 listings.
Azure services
 Azure services
Compute services: Azure Virtual Machines, Azure Kubernetes Service, Azure Container Instances,
Azure Functions
Networking services: Azure Virtual Network, Azure Firewall, Azure VPN Gateway
Storage services: Azure Blob Storage, Azure File Storage, Azure Queue Storage, Azure Table
Storage
Mobile back-end services
Database services: Azure Cosmos DB, Azure SQL Database
HTTP-based web services: Azure App Service, Azure Notification Hubs, Azure API Management
IoT: IoT Central, Azure IoT Hub, IoT Edge
Big Data: Azure Synapse Analytics, Azure HDInsight, Azure Databricks
AI: Azure Machine Learning szolgáltatás, Azure-ML Studio
Cognitive services: Vision, Speech, Knowledge mapping
DevOps: Azure DevOps, Azure DevTest Labs
 Azure account
Azure subscription is needed.
 Azure free acount
• Free access to popular Azure products for 12 months
• A credit to spend for the first 30 days
• Access to more than 25 products that are always free
 Azure free acount
1. Which of the following statements is not true about cloud computing?

• IaaS, PaaS, and SaaS are examples of cloud computing service models.

• Cloud computing resources are usually limited to specific geographic regions.

• Cloud computing typically decreases your operating expenses.

• Three cloud computing deployment models are public cloud, private cloud, and hybrid cloud.
2. True or false: You need to purchase an Azure account before you can use any Azure resources.

• False

• True
3. True or false: In an IaaS environment, the cloud tenant is responsible for routine hardware maintenance.

• True

• False
 Consumption-based model
End users only pay for the resources that they use. Whatever they use is
what they pay for.

Advantages:
• No upfront costs.
• No need to purchase and manage costly infrastructure that users
might not use to its fullest.
• The ability to pay for additional resources when they are needed.
• The ability to stop paying for resources that are no longer needed.
 Costs
Capital Expenditure (CapEx) is the up-front spending of money on
physical infrastructure, and then deducting that up-front expense over
time. The up-front cost from CapEx has a value that reduces over time.

Operational Expenditure (OpEx) is spending money on services or

products now, and being billed for them now. You can deduct this
expense in the same year you spend it. There is no up-front cost, as you
pay for a service or product as you use it.
 IaaS
It aims to give you complete control over the hardware that runs your application.
Instead of buying hardware, with IaaS, you rent it.
Advantages:
• No CapEx.
• Applications can be made accessible quickly, and deprovisioned whenever needed.
• The shared responsibility model applies; the user manages and maintains the services they have
provisioned, and the cloud provider manages and maintains the cloud infrastructure.
• Organizations pay only for what they use and operate under an Operational Expenditure (OpEx)
model.
• No deep technical skills are required to deploy, use, and gain the benefits of a public cloud.
• IaaS is the most flexible cloud service because you have control to configure and manage the
hardware running your application.
 PaaS
It aims to give you complete control over the hardware that runs your application. Instead
of buying hardware, with IaaS, you rent it.
Advantages:
• No CapEx.
• PaaS is more agile than IaaS, and users don't need to configure servers for running applications.
• Users pay only for what they use, and operate under an OpEx model.
• No deep technical skills are required to deploy, use, and gain the benefits of PaaS.
• Users can focus on application development only, because the cloud provider handles all platform
management. Working with distributed teams as services is easier because the platform is accessed
over the internet. You can make the platform available globally more easily.
Disadvantage: Platform limitations.
 SaaS
SaaS is software that's centrally hosted and managed for you and your users or customers.
Usually one version of the application is used for all customers, and it's licensed through a
monthly or annual subscription.
SaaS provides the same benefits as IaaS, but again there are some additional benefits to be
aware of too.
Advantages:
• No CapEx.
• Users can provide staff with access to the latest software quickly and easily.
• Users pay for the software they use on a subscription model, typically monthly or yearly, regardless of
how much they use the software.
• No deep technical skills are required to deploy, use, and gain the benefits of SaaS.
• Users can access the same application data from anywhere.
Disadvantage: Software limitations.
 Top-down hierarchy of
organization
Management groups, subscriptions, resource groups, and resources.
 Top-down hierarchy of
organization
• Resources: Resources are instances of services that you create, like virtual machines,
storage, or SQL databases.
• Resource groups: Resources are combined into resource groups, which act as a logical
container into which Azure resources like web apps, databases, and storage accounts are
deployed and managed.
• Subscriptions: A subscription groups together user accounts and the resources that have
been created by those user accounts. For each subscription, there are limits or quotas on
the amount of resources that you can create and use. Organizations can use
subscriptions to manage costs and the resources that are created by users, teams, or
projects.
• Management groups: These groups help you manage access, policy, and compliance for
multiple subscriptions. All subscriptions in a management group automatically inherit the
conditions applied to the management group.
 Azure subscription
A subscription provides you with authenticated and authorized access to
Azure products and services.

An Azure subscription is a logical unit of Azure services that links to an

Azure account, which is an identity in Azure Active Directory (Azure AD)
or in a directory that Azure AD trusts.
 Azure subscription
An account can have one subscription or multiple subscriptions that have different billing
models and to which you apply different access-management policies.
There are two types of subscription boundaries that you can use:
• Billing boundary: This subscription type determines how an Azure account is billed for using Azure. You
can create multiple subscriptions for different types of billing requirements. Azure generates separate
billing reports and invoices for each subscription so that you can organize and manage costs.
• Access control boundary: Azure applies access-management policies at the subscription level, and you
can create separate subscriptions to reflect different organizational structures. An example is that within
a business, you have different departments to which you apply distinct Azure subscription policies. This
billing model allows you to manage and control access to the resources that users provision with specific
subscriptions.
 Create additional Azure
subscriptions
• Environments: When managing your resources, you can choose to create subscriptions to
set up separate environments for development and testing, security, or to isolate data for
compliance reasons. This design is particularly useful because resource access control
occurs at the subscription level.
• Organizational structures: You can create subscriptions to reflect different organizational
structures. For example, you could limit a team to lower-cost resources, while allowing the
IT department a full range. This design allows you to manage and control access to the
resources that users provision within each subscription.
• Billing: You might want to also create additional subscriptions for billing purposes.
Because costs are first aggregated at the subscription level, you might want to create
subscriptions to manage and track costs based on your needs. For instance, you might
want to create one subscription for your production workloads and another subscription
for your development and testing workloads.
• Subscription limits: Subscriptions are bound to some hard limitations. For example, the
maximum number of Azure ExpressRoute circuits per subscription is 10.
 Customize billing to meet your
needs
• Multiple subscriptions -> invoice sections.
• Each invoice section is a line item on the invoice that shows the
charges incurred that month.
• You can set up multiple invoices within the same billing account.
 Azure management groups
• You organize subscriptions into containers called management groups
and apply your governance conditions to the management groups.
• For example, you can apply policies to a management group that limits the
regions available for VM creation. This policy would be applied to all
management groups, subscriptions, and resources under that management
group by only allowing VMs to be created in that region.
 Hierarchy of management
groups and subscriptions
You can build a flexible structure of management groups and
subscriptions to organize your resources into a hierarchy for unified
policy and access management.
 Important facts about
management groups
• 10,000 management groups can be supported in a single directory.
• A management group tree can support up to six levels of depth. This
limit doesn't include the root level or the subscription level.
• Each management group and subscription can support only one
parent.
• Each management group can have many children.
• All subscriptions and management groups are within a single
hierarchy in each directory.
 Azure resource groups
• A resource group is a logical container for resources deployed on Azure. These
resources are anything you create in an Azure subscription like VMs, Azure Application
Gateway instances, and Azure Cosmos DB instances.
• All resources must be in a resource group, and a resource can only be a member of a
single resource group.
• Many resources can be moved between resource groups with some services having
specific limitations or requirements to move.
• Resource groups can't be nested. Before any resource can be provisioned, you need a
resource group for it to be placed in.
 Logical grouping
• Resource groups exist to help manage and organize your Azure
resources. By placing resources of similar usage, type, or location in a
resource group, you can provide order and organization to resources
you create in Azure. Logical grouping is the aspect that you're most
interested in here, because there's a lot of disorder among our
resources.
 Life cycle
• If you delete a resource group, all resources contained within it are
also deleted.
• Resource groups make it easy to remove a set of resources all at
once.
 Authorization
• Resource groups are also a scope for applying role-based access
control (RBAC) permissions. By applying RBAC permissions to a
resource group, you can ease administration and limit access to allow
only what's needed.
 Azure Resource Manager
• Azure Resource Manager is the deployment and management service
for Azure. It provides a management layer that enables you to create,
update, and delete resources in your Azure account.
• When a user sends a request from any of the Azure tools, APIs, or
SDKs, Resource Manager receives the request.
 The benefits of using Resource
Manager
• Manage your infrastructure through declarative templates rather than scripts. A
Resource Manager template is a JSON file that defines what you want to deploy to Azure.
• Deploy, manage, and monitor all the resources for your solution as a group, rather than
handling these resources individually.
• Redeploy your solution throughout the development life cycle and have confidence your
resources are deployed in a consistent state.
• Define the dependencies between resources so they're deployed in the correct order.
• Apply access control to all services because RBAC is natively integrated into the
management platform.
• Apply tags to resources to logically organize all the resources in your subscription.
• Clarify your organization's billing by viewing costs for a group of resources that share the
same tag.
 Azure regions
• Resources are created in regions
• different geographical locations around the globe that contain Azure datacenters.
• These specific datacenters aren't exposed to users directly. Instead, Azure organizes them
into regions.

Region: is a geographical area on the planet that contains at least one but potentially
multiple datacenters that are nearby and networked together with a low-latency network.

• Some services or VM features are only available in certain regions, such as specific VM
sizes or storage types.
• There are also some global Azure services that don't require you to select a particular
region, such as Azure Active Directory, Azure Traffic Manager, and Azure DNS.
Azure regions
 Special Azure regions
Azure has specialized regions that you might want to use when you build out your
applications for compliance or legal purposes.

• US DoD Central, US Gov Virginia, US Gov Iowa and more: These regions are physical
and logical network-isolated instances of Azure for U.S. government agencies and
partners. These datacenters are operated by screened U.S. personnel and include
additional compliance certifications.
• China East, China North, and more: These regions are available through a unique
partnership between Microsoft and 21Vianet, whereby Microsoft doesn't directly
maintain the datacenters.
 Azure availability zones
• You want to ensure your services and data are redundant so you can protect your
information in case of failure -> create duplicate hardware environments.

• Azure can help make your app highly available through availability zones.

Availability zones are physically separate datacenters within an Azure region. Each
availability zone is made up of one or more datacenters equipped with independent
power, cooling, and networking.
• An availability zone is set up to be an isolation boundary. If one zone goes down, the other continues
working. Availability zones are connected through high-speed, private fiber-optic networks.
Availability zones
 Availability zones
• Availability zones are primarily for VMs, managed disks, load balancers, and SQL
databases.
Azure services that support availability zones fall into two categories::
• Zonal services: You pin the resource to a specific zone (for example, VMs, managed
disks, IP addresses).
• Zone-redundant services: The platform replicates automatically across zones (for
example, zone-redundant storage, SQL Database).
 Azure region pairs
• Availability zones are created by using one or more datacenters. There's a minimum
of three zones within a single region. It's possible that a large disaster could cause an
outage big enough to affect even two datacenters. That's why Azure also creates
region pairs.
Each Azure region is always paired with another region within the same geography
(such as US, Europe, or Asia) at least 300 miles away. This approach allows for the
replication of resources (such as VM storage) across a geography that helps reduce the
likelihood of interruptions because of events such as natural disasters, civil unrest,
power outages, or physical network outages that affect both regions at once.
 Azure region pairs
Examples of region pairs in Azure are West US paired with East US and
SouthEast Asia paired with East Asia
 Azure region pairs
The pair of regions is directly connected and far enough apart to be isolated from regional
disasters.

Additional advantages of region pairs:

• If an extensive Azure outage occurs, one region out of every pair is prioritized to make
sure at least one is restored as quickly as possible for applications hosted in that region
pair.
• Planned Azure updates are rolled out to paired regions one region at a time to
minimize downtime and risk of application outage.
• Data continues to reside within the same geography as its pair (except for Brazil South)
for tax- and law-enforcement jurisdiction purposes.
Azure-terminology and concepts
App Service: is an HTTP-based service that enables you to build and
host many types of web-based solutions without managing
infrastructure.
Azure Marketplace: is an online store that hosts applications that are
certified and optimized to run in Azure. Many types of applications are
available, ranging from AI and machine learning to web applications.