Architecting Microsoft Azure Solutions – Exam Guide 70-535 E-Book

Architecting Microsoft Azure Solutions – Exam Guide 70-535

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Vijin BorichaAcquisition Editor:Rahul NairContent Development Editor:Ron MathewTechnical Editor:Aditya KhadyeCopy Editors: Dipti Mankame, Safis EditingProject Coordinator:Judie JoseProofreader: Safis EditingIndexer:Tejal Daruwale SoniGraphics:Tom ScariaProduction Coordinator: Shantanu Zagade

First published: April 2018

Production reference: 1250418

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78899-173-5

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

PacktPub.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Foreword

It's such an amazing time to be a software architect.  We live in a time where there is an infinite number of virtual machines available at our fingertips. The rise of software-based networking allows us to model and create complex networks, firewalls, DMZs, and more in minutes, whereas in the past, it might take months or more even to conceive of such networks!

However, with these new tools come new complexities. There is a huge cafeteria of choices, and it can become extremely overwhelming for even the savviest of architects. Fortunately, Sjoukje Zaal has written the book you're reading right now, as a light to guide you through Architecting Microsoft Azure Solutions! She will walk you through all the exam objectives and enable you to pass 70-535, but more importantly, she'll make you a better software architect. 

By the time you're done, you'll understand the full stack, from virtual machines and infrastructure as a service to designing and configuring compute-intensive applications. You'll move up the stack to designing web applications and implementing serverless systems, including microservices. 

We will connect these applications and look at how to create robust networking implementations, then connect to data implementations and secure them. We'll explore artificial intelligence and the IoT, and tie it all together with monitoring and alerting strategies.

There's a ton of information out there, and I'm thrilled that someone as experienced as Sjoukje has written such a complex book on the topic! I hope you appreciate her attention to detail and technical insights as much as I do!

We're looking forward to seeing what you build with Azure, and wish you the best of luck in passing the 70-535 exam. You're on your way to architecting your own Microsoft Azure Solutions!

Scott Hanselman@shanselmanPrincipal Program Manager - .NET and Azure Web Tools

Contributors

About the author

Sjoukje Zaal is a Microsoft Azure MVP and a Microsoft Principal Expert with over 15 years of experience providing architecture, development, consultancy, and design expertise in Microsoft-related technologies. She works at Ordina, a System Integrator in the Netherlands. She is an MCSE Cloud Platform and Infrastructure, MCSD Azure Solutions Architect-, MCSE Productivity-, and MCSD App Builder- certified professional.

Sjoukje is active in the Microsoft Community as a cofounder of SP&C NL and the Mixed Reality User Group, a writer, public speaker, and on MSDN/TechNet.

About the reviewers

Chervine Bhiwoo is a Microsoft MVP, Solutions Architect, and software developer from Mauritius.

He discovered the world of programming at the age of 15, and since then has not been able to stop learning more about it. Today, he uses this knowledge to design and build software solutions that helps to solve business problems and make people's lives easier.

Chervine also actively contributes to several technical communities, both online and offline.

Stephane Eyskens is a freelance consultant who works as a pure DevOps Architect between infrastructure, development, and security teams. He turned to Microsoft technologies about 15 years ago. Having a background as a .NET and SharePoint architect, he quickly focused on Azure. He specializes in security, cloud and hybrid architectures.

Stephane holds a Bachelor's Degree in Computer Sciences, a Master's Degree in ICT Sciences and is also a graduate of Solvay Business School.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

Architecting Microsoft Azure Solutions – Exam Guide 70-535

Packt Upsell

Why subscribe?

PacktPub.com

Foreword

Contributors

About the author

About the reviewers

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Reviews

Working with Azure Virtual Machines

Technical requirements

Designing solutions for virtual machines

Virtual machine series and sizes

Available VM series and sizes

Availability Sets

Fault domains and update domains

Managed Disks

Creating highly available virtual machines

Creating highly available virtual machines from the Azure Portal

Creating highly available virtual machines from PowerShell

VM Scale Sets

Creating a VM Scale Set from the Azure Portal

Accessing your VM Scale Sets

VM Scale Set templates

Disaster recovery

Backup and recovery

Replication

Summary

Questions

Further reading

Configuring Compute-Intensive Applications

High-performance compute virtual machines

Microsoft HPC Pack

Cloud-native HPC solutions

Hybrid HPC architecture

Azure Batch

Creating an Azure Batch service

Stateless components

Containers on Azure Batch

Summary

Questions

Further reading

Designing Web Applications

Technical requirements

Azure Web Apps

App Service plans

The App Service Environment (ASE)

Creating an ASE

Web Apps for Containers

Getting started with Web App for Containers

Designing Web Apps for high availability, scalability, and performance

High availability and performance

Using a CDN

Using Redis Cache

Using Azure Traffic Manager

Scalability

Scaling out

Scaling up

Designing and securing custom Web APIs

Designing your Web API

Securing your Web API

Summary

Questions

Further reading

Implementing Serverless and Microservices

Technical requirements

Event-driven actions using Azure Functions

Consumption App Service plan

Designing application solutions using Azure Functions

Durable Functions

Workflow-driven applications using Logic Apps

Designing application solutions using Logic Apps

Designing for serverless computing using Azure Container Instances

Creating containers

Container orchestrations

Azure Service Fabric

Life cycle management

API Management

API Gateway

API Management portal 

Developer portal

Cloud-native deployments versus migrating assets

Summary

Questions

Further reading

Robust Networking Implementations

Technical requirements

Azure Virtual Network

IP addresses

Public IP address

Private IP address

Creating a public IP address

DNS

Creating a VNet with two subnets

Azure Load Balancer

Probes

Azure Traffic Manager

Azure Application Gateway

External connectivity for Azure Virtual Networks

Azure VPN

Site-to-site VPN

VNet-to-VNet VPN

Point-to-site VPN

ExpressRoute 

Network security strategies

DMZ

Network Security Groups

Creating a NSG

User Defined Routes

Creating User Defined Routes

Virtual network service tunneling

Web Application Firewall 

Summary

Questions

Further reading

Connecting Hybrid Applications

Azure Relay service

Hybrid connections

WCF Relays

Azure Data Management Gateway for Data Factory

Azure On-premises Data Gateway

Azure App Service Hybrid Connections

Azure App Service Virtual Network Integration

Azure AD Application Proxy

Joining VMs to domains

Enabling Azure AD Domain Services

Adding the VM to the managed domain

Summary

Questions

Further reading

Using Storage Solutions

Technical requirements

Azure Storage and replication types

Storage account types

General-purpose v1 (GPv1)

Blob storage

General-purpose v2 (GPv2)

Storage replication types

Locally Redundant Storage

Zone Redundant Storage

Geo-redundant Storage

Azure Blob Storage

Access tiers

Hot 

Cool

Archive

Azure Table Storage

Creating a storage account

Uploading data to Azure Table Storage

Azure Queue Storage

Azure File Storage

Azure Disk Storage

Standard Disk Storage

Premium Disk Storage

Unmanaged versus Managed Disks

StorSimple

StorSimple Virtual Array

StorSimple 8000 Series

Cosmos DB Storage

Azure Search

Summary

Questions

Further reading

Scalable Data Implementations

Technical requirements

Azure Data Catalog

Azure Data Factory

Azure SQL Data Warehouse

Azure Data Lake

Azure Data Lake Store

Azure Data Lake Analytics

Analyzing your data using Data Lake Analytics

Azure HDInsight

Azure Analysis Services

Azure SQL Database 

SQL Server Stretch Database

High availability

Active geo-replication 

Failover groups

Configuring active geo-replication and failover groups

Backup and recovery

Azure Database for MySQL

Azure Database for PostgreSQL

Summary

Questions

Further reading

Securing Your Resources

Technical requirements

Azure Active Directory

Microsoft Graph

Azure AD Connect

Azure Active Directory password hash synchronization

Azure Active Directory pass-through authentication

Active Directory Federation Services

Multi-Factor Authentication

Enabling MFA in the Azure Portal

Enabling MFA in Office 365

Azure Active Directory Business to Business

Azure Active Directory Business to Consumer

Leveraging Azure AD B2C in your application

Summary

Questions

Further reading

Securing Your Data

Technical requirements

Azure Key Vault 

Creating an Azure Key Vault in the Azure Portal

Azure Key Vault secrets in ARM templates

Azure Storage Service Encryption

Azure Disk Encryption

Azure SQL Database Security

Azure Active Directory Managed Service Identity

Summary

Questions

Further reading

Governance and Policies

Technical requirements

Azure Role-Based Access Control

Built-in Roles

Custom Roles

Creating a Custom Role

Azure Resource Policies

Azure AD Privileged Identity Management

Azure AD Identity Protection

Azure Security Center

Advanced Threat Detection

Azure Endpoint Protection

Operations Management Suite - Security and Compliance

Summary

Questions

Further reading

Artificial Intelligence, IoT, and Media Services

Technical requirements

Azure Cognitive Services

Available services and APIs

Using the Computer Vision API

Azure Bot Service

Creating a Bot from the Azure Portal

Azure Machine Learning

Azure IoT Hub

Azure Event Hub 

Azure IoT Edge

Azure Stream Analytics

Azure Time Series Insights

Azure Media Services

Azure Media Analytics

Using the Azure Media Analytics Indexer

Summary

Questions

Further reading

Implementing Messaging Solutions

Technical requirements

Azure Queue Storage

Azure Service Bus

Azure Event Grid

Routing Events with Azure Event Grid

Notification Hubs

Designing an effective messaging architecture

Summary

Questions

Further reading

Application Monitoring and Alerting Strategies

Azure Log Analytics

Creating a Log Analytics Workspace

Azure Monitor

Application Insights

Azure Service Health

Azure Advisor

Address Recommendation from Azure Advisor

Azure Network Watcher

Summary

Questions

Further reading

Exploring Operations Automation Strategies

Designing an Operations Automation Strategy

Azure PowerShell

Desired State Configuration

Azure Automation

Creating an Azure Automation Runbook

Chef

Puppet

Azure Event Grid

Azure Logic Apps

Visual Studio Team Services

Designing an autoscaling strategy

Summary

Questions

Further reading

Appendix A – Assessments

Appendix B – Mock Test Questions

Appendix C – Mock Test Answers

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

Azure is an ever-evolving platform. It offers an environment on the cutting edge of technology that suits different industry requirements. New capabilities and features are coming out fast, which makes it difficult to stay up to date. This book will give you a complete overview of all the current features and capabilities that Azure has to offer, and is a complete guide to preparing for the 70-535 exam.

This book will cover all the exam objectives. It will start with designing compute infrastructures, where you will learn about designing solutions with virtual machines, web applications, serverless and microservices, high-performance computing (HPC), and other compute-intensive applications. You will learn how to design effective networking implementations using Azure Virtual Networks and how to design connectivity for hybrid applications. You will learn about designing data implementations using different data services, relational database storage, and NoSQL storage. You will also learn how to keep your solutions and applications secure and how and when to use the different platform services in Azure, such as platforms and services for IoT and artificial intelligence. Finally, you will learn about all the monitoring capabilities and solutions that Azure has to offer.

Each chapter will conclude with a Further reading section, which is a very important part of the book as well, because it will give you extra and sometimes crucial information for passing the 70-535 exam. As the questions of the exam will change slightly over time and this book will become outdated soon, the further reading section will be the place that will provide you with all the updates.

Who this book is for

This book targets experienced developers and architects who want to pass the Exam 70-535: Architecting Microsoft Azure Solutions and broaden their knowledge of Azure from an architecture perspective

What this book covers

Chapter 1, Working with Azure Virtual Machines, will cover how to design solutions using Azure virtual machines. This includes designing VM deployments using availability sets, fault and update domains, and backup and recovery.

Chapter 2, Configuring Compute-Intensive Applications, covers how to design HPC and other compute-intensive applications using Azure Services, such as Azure Batch.

Chapter 3, Designing Web Applications, will cover how to design web applications and custom web APIs, how design for business continuity, scalability and performance, and more.

Chapter 4, Implementing Serverless and Microservices, will teach you how to design serverless and microservice-based solutions. This chapter will cover Azure Service Fabric, Azure Functions, Logic Apps, and more.

Chapter 5, Robust Networking Implementations, will cover all the networking features and capabilities that Azure has to offer and how to design effective networking solutions.

Chapter 6, Connecting Hybrid Applications, will teach you how to design connectivity to on-premises data from Azure applications using Azure Data Management Gateway for Data Factory, Azure On-Premises Data Gateway, and more. 

Chapter 7, Using Storage Solutions, will cover how to design storage solutions using Azure Blob Storage, blob tiers, Azure Files, disks, and StorSimple. It will cover NoSQL and CosmosDB.

Chapter 8, Scalable Data Implementations, will cover how to design solutions using Azure Data Services. This includes determining when to use Data Catalog, Azure Data Factory, SQL Data Warehouse, Azure Data Lake Analytics, Azure Analysis Services, and Azure HDInsight.

Chapter 9, Securing Your Resources, covers how to secure your Azure resources and applications using Azure Active Directory, multi-factor authentication, and more.

Chapter 10, Securing Your Data, will cover data security solutions and capabilities, such as Azure Key Vault, Azure Storage Encryption, and Azure Disk Encryption.

Chapter 11, Governance and Policies, will cover designing a mechanism of governance and policies for administering Azure resources, such as determining when to use Azure RBAC standard roles and custom roles, when to use Azure resource policies, and more.

Chapter 12, Artificial Intelligence, IoT, and Media Services, will discuss the different features and capabilities that Azure has to offer for designing artificial intelligence and IoT solutions. It will also cover how to design solutions using Azure Media Services.

Chapter 13, Implementing Messaging Solutions, will cover how to design an effective messaging architecture using Azure Storage Queues, Azure Service Bus, Azure Event Hubs, Event Grid, and more.

Chapter 14, Application Monitoring and Alerting Strategies, will cover how to design an application monitoring and alerting strategy and how to design a platform-monitoring and alerting strategy using the different Microsoft products and services for monitoring Azure platform solutions.

Chapter 15, Exploring Operations Automation Strategies, will cover different solutions and methods for designing an operations automation strategy and designing an autoscaling strategy.

Appendix A, Assessments, will contain the answers for all the questions given at the end of each chapter.

Appendix B, Mock Test Questions, will consist of mock questions for you to test your knowledge. It tries to cover all the topics from the scope of the exam and challenges your understanding of the topics.

Appendix C, Mock Test Answers, will have the answers to the questions present in Appendix B, Mock Test Questions.

To get the most out of this book

This book assumes that readers are already familiar with the basics of networking, security, databases, integration, developing and administering applications, and solutions on the Azure platform.

Download the example code files

You can download the example code files for this book from your account at www.packtpub.com. If you purchased this book elsewhere, you can visit www.packtpub.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

Log in or register at

www.packtpub.com

.

Select the

SUPPORT

tab.

Click on

Code Downloads & Errata

.

Enter the name of the book in the

Search

box and follow the onscreen instructions.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR/7-Zip for Windows

Zipeg/iZip/UnRarX for Mac

7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Architecting-Microsoft-Azure-Solutions-Exam-Guide-70-535. In case there's an update to the code, it will be updated on the existing GitHub repository.

We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/ArchitectingMicrosoftAzureSolutionsExamGuide70535_ColorImages.pdf.

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Mount the downloaded WebStorm-10*.dmg disk image file as another disk in your system."

A block of code is set as follows:

namespace PacktPubToDoAPI.Models{ public class TodoItem { public long Id { get; set; } public string Name { get; set; } public bool IsComplete { get; set; } }}

Any command-line input or output is written as follows:

Login-AzureRmAccount

Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Click onNewand, on the right-hand side, choose an image (or you can type an image name in the search bar)."

Get in touch

Feedback from our readers is always welcome.

General feedback: Email [email protected] and mention the book title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packtpub.com.

Working with Azure Virtual Machines

This is the first chapter of the book Architecting Azure Solutions. This book will cover all the objectives for the 70-535 exam. When relevant, we will provide you with extra information and further guidance on how to design and architect robust, future-proof, and effective solutions on the Azure platform.

This chapter introduces the Microsoft Azure Virtual Machine (VM) objective. We will cover information about series and sizes. We will also cover how to design VM deployments using Availability Sets, fault domains, and update domains. In addition, we will show you how to create an Availability Set from the Azure Portal, as well as from Azure PowerShell. Finally, we will cover how to design and manage VM Scale Sets from the Azure Portal.

In this chapter, the following topics will be covered:

Designing solutions for virtual machines

Virtual machine s

eries and s

izes

Availability Sets

Fault domains and update domains

Managed Disks

Creating highly available VMs

VM Scale Sets

Disaster recovery

Technical requirements

This chapter uses the following tools for its examples:

Azure PowerShell: 

https://docs.microsoft.com/en-us/powershell/azure/install-azurerm-ps?view=azurermps-5.6.0&viewFallbackFrom=azurermps-5.1.1

The source code for this chapter can be downloaded here:

https://github.com/SjoukjeZaal/AzureArchitectureBook/tree/master/Chapter%201

Designing solutions for virtual machines

In Azure, you can run both Windows VMs as well as Linux VMs. Virtual machines come in all sorts of sizes and a variety of prices, ranging from VMs with a small amount of memory and processing power for general purposes to large VMs that can be used for GPU-intensive and high-performance computing workloads.

To create a virtual machine, you can choose from a number of predefined images. There are images available for operating systems such as Windows Server or Kali Linux, as well as predefined applications, such as SQL Server images and complete farms, which consist of multiple VMs that can be deployed at once. An example of a farm is a three-tier SharePoint farm. 

VMs can be created and managed either from the Azure Portal, PowerShell, or CLI. If you're planning on using PowerShell, please note that there are multiple versions of Azure PowerShell available, and that there is a notable difference between Azure PowerShell, which supports the classic deployment model, and the new Azure PowerShell. To install and configure Azure PowerShell, please refer to the beginning of this chapter.

Designing the most effective virtual machine solution depends on a few things, such as deciding which size and series to use, deciding if your VMs need high availability, and if your solution will need to scale up and down easily.

Virtual machine series and sizes

There are a lot of different VM sizes available to choose from in Azure. Note that it is important to know what options there are from a design perspective, because choosing the wrong VM size can have a negative impact on the performance of your VM, or your application installed on the VM. Choosing between the different available options will also have a huge effect on the overall costs. For example, if your company or client wants to reduce costs by migrating data centers to Azure, choosing your VMs wisely will either make your project a success or a failure.

Azure VMs are organized into machine series, starting with the A-series, which are VMs mainly used for general purposes. There are also VM sizes that are optimized for compute, memory, storage, and GPU, as well as high-performance compute VMs. All of the available series and sizes are explained in more detail in the following section.

Available VM series and sizes

At the time of writing this book, the following VM series are available:

Sizes

Type

Description

A0-7, Av2, B, D, DS, Dv2, DSv2, Dv3, Dsv3

General purpose

These VMs have

 a 

balanced CPU-to-memory ratio and 

are ideal for testing and development scenarios. They are also suitable for small and medium databases and web servers with low to medium traffic.

F, Fs, Fsv2

Compute optimized

These VMs have a high CPU-to-memory ratio and are suitable for

web servers with medium traffic, application servers, and network appliances for nodes in batch processing.

D, DS, Dv2, DSv2, Ev3, Esv3, G, GS, M

Memory optimized

These VMs have a high memory-to-CPU ratio and are suitable for relational database servers, medium to large caches, and in-memory analytics.

Ls

Storage optimized

These VMs have high disk throughput and IO and are suitable for big data, SQL, and NoSQL databases.

NC, NCv2, NCv3, ND, NV

GPU

These VMs are targeted for heavy graphic rendering and video editing, deep learning applications, and machine learning model training. These VMs are available with single or multiple GPUs. 

A8-11, H

High-performance compute

These are the fastest VMs available. They offer the most powerful CPU with optional high-throughput network interfaces (RDMA).

Availability Sets

To create a reliable infrastructure, adding your virtual machines to an Availability Set is key. There are several scenarios that can have an impact on the availability of your Azure Virtual Machines. These are as follows:

Unplanned hardware maintenance event

:

When hardware is about to fail, Azure fires an unplanned hardware maintenance event. Live migration technology is used, which predicts the failure and then moves the VM, the network connections, 

memory, and storage

to 

different physical machines without disconnecting the client. When your VM is moved, the performance is reduced for a short time because the VM is paused for 30 seconds. Network connections, memory, and open files are still preserved.

Unexpected downtime

:

The virtual machine is down when this event occurs because Azure needs to heal your VM inside the same data center. A hardware or physical infrastructure failure often causes this event to happen. 

Planned hardware maintenance event: 

This type of event is a periodic update from Microsoft in Azure to improve the platform. Most of these updates don't have a significant impact on the uptime of VMs, but some of them may require a reboot or restart.

To provide redundancy during these types of events, you can group two or more VMs in an Availability Set. By leveraging Availability Sets, VMs are distributed across multiple isolated hardware nodes in a cluster. This way, Azure can ensure that during an event or failure, only a subset of your VMs is impacted and your overall solution will remain operational and available. This way, the 99.95% Azure SLA can be met.

Fault domains and update domains

When you place your VMs in an Availability Set, Azure guarantees to spread them across fault and update domains. By default, Azure will assign three fault domains and five update domains (which can be increased to a maximum of 20) to the Availability Set.

When spreading your VMs over fault domains, your VMs sit over three different racks in the Azure data center. So, in the case of an event or failure on the underlying platform, only one rack gets affected and the other VMs are still accessible.

Update domains are useful in the case of an OS or host update. When you spread your VMs across multiple update domains, one domain will be updated and rebooted while the others remain accessible. 

Managed Disks

Azure Managed Disks are the default disks selected when you create a VM in the Azure Portal. They handle storage for your virtual machines completely. Previously, you would have to manually create storage accounts to store VM hard disks, and when your VM needed to scale up, you have to add additional storage accounts to make sure you didn't exceed the limit of 20,000 IOPS per account.

With Managed Disks, this burden is now handled for you by Azure. You can now create 10,000 VM disks inside a subscription, which can result in thousands of VMs inside a subscription, without the need to copy disks between storage accounts.

Creating highly available virtual machines

VMs can only be added to an an Availability Set by creation. When you want to add existing VMs to an Availability Set, this will result in recreating your VMs. This is something to be aware of when designing your solutions.

Creating highly available virtual machines from the Azure Portal

Follow the given steps to create a VM from the Azure Portal:

Navigate to the Azure Portal by opening 

https://portal.azure.com/

.

Click on 

New

and, on the right-hand side, choose an image (or you can type an image name in the search bar). For this demo, we have selected the Windows Server 2016 VM image:

A new blade opens up where you can fill in the basic settings of the VM. Add the following details and click on 

OK

:

A new blade will open where you can choose the VM type and size. By default, only the recommended VMs are displayed, but you can choose to display all VMs by clicking on

View all

and then clicking on

Select

, as shown in the following screenshot:

A new blade opens up where you can configure additional options. Here, select 

Availability set

and then click 

Create new

:

By default, your VMs are assigned two fault domains and five update domains. Accept the default settings here and click on 

OK

 twice when prompted.

The last blade opens up, which provides a summary with all the settings you've entered. Check the permission box.

Click on 

Create

and

your VM is now created. Next to the 

Create

button, you should see a link where you can download the ARM template of this virtual machine. 

Create the second VM and, instead of creating a new Availability Set, add the second VM to the Availability Set that we have already created using the previous steps.

VM Scale Sets

VM Scale Sets are used for deploying multiple VMs at once without the need for manual actions or using scripts. You can then manage them all at once from a single place. VM Scale Sets are typically used to build large-scale infrastructures, where keeping all of your VMs in sync is key. The maintenance of VMs, including keeping them in sync, is handled by Azure.

VM Scale Sets use Availability Sets under the hood. VMs inside a scale set are automatically spread over the fault and update domains by the underlying platform. VM Scale Sets use Azure autoscale by default. You can, however, add or remove instances yourself instead of using autoscale.

When creating a scale set, a couple of artifacts are created for you automatically. As well as the number of VMs you have specified being added to the set, an Azure Load Balancer and Azure Autoscaling is added, along with a virtual network and a public IP:

Creating a VM Scale Set from the Azure Portal

Navigate to the Azure Portal by opening 

https://portal.azure.com/

.

Click on 

New

and type in 

Scale

in the search bar. Select

Virtual machine scale set

.

In the next screen, click on 

Create

 and add the following settings before clicking the 

Create

button:

After creation, you can manage the VM Scale Set from the Azure Portal as well as from PowerShell and CLI.