Azure Fundamentals (AZ-900)

Last Updated: 12/9/2022

Azure Physical Infrastructure

Azure core architectural components may be broken down into two main groupings: the physical infrastructure, and the management infrastructure.

Physical infrastructure

  • The physical infrastructure for Azure starts with datacenters.
  • They’re facilities with resources arranged in racks, with dedicated power, cooling, and networking infrastructure.
  • Azure has datacenters around the world. However, these individual datacenters aren’t directly accessible. Datacenters are grouped into Azure Regions or Azure Availability Zones

Regions

  • A region is a geographical area on the planet that contains at least one, but potentially multiple datacenters that are nearby and networked together with a low-latency network.
  • Azure intelligently assigns and controls the resources within each region to ensure workloads are appropriately balanced.
  • When you deploy a resource in Azure, you'll often need to choose the region where you want your resource deployed.
  • Some services or virtual machine (VM) features are only available in certain regions, such as specific VM sizes or storage types.
  • There are also some global Azure services that don't require you to select a particular region, such as Azure Active Directory, Azure Traffic Manager, and Azure DNS.

Regions with Availability Zones

  • Availability zone-enabled regions is made up of minimum of three separate availability zones.
  • Each availability zone is made up of one or more datacenters equipped with independent power, cooling, and networking.
  • An availability zone is set up to be an isolation boundary. If one zone goes down, the other continues working.
  • Availability zones are connected through high-speed, private fiber-optic networks.
  • Availability Zones that are designed to help you achieve resiliency and reliability for your business-critical workloads.

Use availability zones in your apps

  • You want to ensure your services and data are redundant so you can protect your information in case of failure.
  • Azure can help make your app highly available through availability zones.
  • You can use availability zones to run mission-critical applications and build high-availability into your application architecture by co-locating your compute, storage, networking, and data resources within an availability zone and replicating in other availability zones. Keep in mind that there could be a cost to duplicating your services and transferring data between availability zones.
  • Azure services that support availability zones fall into three categories:
    • Zonal services: You pin the resource to a specific zone (for example, VMs, managed disks, IP addresses).
    • Zone-redundant services: The platform replicates automatically across zones (for example, zone-redundant storage, SQL Database).
    • Non-regional services: Services are always available from Azure geographies and are resilient to zone-wide outages as well as region-wide outages.

Region pairs

Most Azure regions are paired with another region within the same geography (such as US, Europe, or Asia) at least 300 miles away.

  • This approach allows for the replication of resources across a geography that helps reduce the likelihood of interruptions because of events such as natural disasters, civil unrest, power outages, or physical network outages that affect an entire region.
  • For example, if a region in a pair was affected by a natural disaster, services would automatically fail over to the other region in its region pair.
  • Not all Azure services automatically replicate data from a failed region to cross-replicate to another enabled region. In these scenarios, recovery and replication must be configured by the customer.
  • Examples of region pairs in Azure are West US paired with East US and South-East Asia paired with East Asia.
  • Most regions are paired in two directions, meaning they are the backup for the region that provides a backup for them (West US and East US back each other up). However, some regions, such as West India and Brazil South, are paired in only one direction.
  • West India's secondary region is South India, but South India's secondary region is Central India. Brazil South is unique because it's paired with a region outside of its geography. Brazil South's secondary region is South Central US. The secondary region of South Central US isn't Brazil South.

Additional advantages of region pairs:

  • If an extensive Azure outage occurs, one region out of every pair is prioritized to make sure at least one is restored as quickly as possible for applications hosted in that region pair.
  • Planned Azure updates are rolled out to paired regions one region at a time to minimize downtime and risk of application outage.
  • Data continues to reside within the same geography as its pair (except for Brazil South) for tax- and law-enforcement jurisdiction purposes.

Sovereign Regions

  • Sovereign regions are instances of Azure that are isolated from the main instance of Azure. You may need to use a sovereign region for compliance or legal purposes

Azure sovereign regions include:

  • US DoD Central, US Gov Virginia, US Gov Iowa and more: These regions are physical and logical network-isolated instances of Azure for U.S. government agencies and partners. These datacenters are operated by screened U.S. personnel and include additional compliance certifications. -China East, China North, and more: These regions are available through a unique partnership between Microsoft and 21Vianet, whereby Microsoft doesn't directly maintain the datacenters.
Previous
Next