Microsoft Azure: Compute
As part of the Microsoft Enterprise Skills Initiative I am looking into different topics in Azure and summarize my learnings. This post is about Azure Compute
Posted March 9, 2022 by Adrian Wyssmann
Let’s dig into some of the most prominent services offered by Azure
Azure virtual machines
- The VM which is
- based on an os image
- has a defined Size i.e. memory, cpu, gpu to be used
- sits in a dedicate location
- Storage account for the disks
- virtual machines will have at least two virtual hard disks (VHDs), one for the operating system and the other one a temporary storage.
- additional disks can be added
- Network interface to communicate on the network
- the interface which connect to the VNets
- Virtual networks (VNets) (shared with other VMs and services)
- Virtual networks (VNets) are used in Azure to provide private connectivity between Azure Virtual Machines and other Azure services.
- Network Security Groups (NSGs) to secure the network traffic
- Software firewalls to control the traffic flow to and from subnets and to and from VMs. It consist of rules and allow filtering inbound and outbound traffic on the VNet.
- Public Internet address (optional)
- Public addresses allow you to connect from anywhere to your instance e.g. using SSH
The following picture visualizes the relation VNets, NSGs and VMs:
A good staring point for creating VMs is Compile a checklist for creating an Azure Virtual Machine
By use of Availability sets you can get high availability. An Availability sets is a logical grouping of VMs, where each set is assigned to one or more (20) update domain and one more (3) fault domain by the underlying Azure platform. In case of underlying maintenance update domains are booted in sequence - SWwith a recovery time up to 30 minutes. Thus distributing the machines ensures that not all are booted the same time. The fault domain is a group of virtual machines that share a common power source and network switch. So in case there is an outage/interruption in one domain, the resources in the other domain are still working. The concept also applies for the managed disks attached to the VM.
Beside the Availability sets, Backup is another essential part of the disaster recovery. [Azure Backup] provides a scalable, fully encrypted backup solution for your Azure resources (Azure VMs, Managed Disks, Azure File Shares, …), as well as for On-Premise Resources
At last, there is the option of scale sets, which let you create and manage a group of identical, load-balanced VMs. The number of VM instances can automatically increase or decrease in response to demand or a defined schedule.
Azure App Service
Azure App Service is a fully managed web application hosting platform and enables you to build and host web applications in the programming language of your choice without managing infrastructure:
- Automatic Secure endpoints
- Automatically scale your web application to meet traffic demand
- Built-in load balancing and traffic manager
- Windows or Linux host os
It supports different types of apps:
- Web apps: ASP.NET, ASP.NET Core, Java, Ruby, Node.js, PHP, or Python
- API apps: EST-based web APIs by using your choice of language and framework, with full Swagger support and the ability to package and publish your API in Azure Marketplace
- WebJobs: Run a program (.exe, Java, PHP, Python, or Node.js) or script (.cmd, .bat, PowerShell, or Bash) in the same context as a web app, API app, or mobile app.
- Mobile apps: Mobile Apps feature of App Service allows you to quickly build a back end for iOS and Android apps
To deploy your application you can do this automatically and manually e.g. by using
azcommand-line interface via
az webapp upor ZIP deploy
az webapp deployment source config-zip
WAR deploy using curl and
curl -v -X POST -u [username]:[password] https://<your-app-name>.scm.azurewebsites.net/api/wardeploy --data-binary @helloworld.war
Serverless means that Azure manages the underlying infrastructure automatically i.e. allocation and deallocation of resources based on demand. The developer creates only a function, which contains both code and metadata about its triggers and bindings, which is then schedules to run and scales the number of compute instances required to handle the incoming events. It also uses micro-billing, means you have to pay only for the time your code runs.
There are two types of serverless compute:
- Azure Functions is a serverless compute service, that allows to host a single method or function that runs in response to an event. It’s suitable for stateful (Durable Functions), as well as stateless functions can execute code in almost any modern language.
- Azure Logic Apps is a serverless orchestration service, which requires no code to be written, but instead, the app is designed in a web-based designer. The app uses connectors to link triggers to actions. A trigger is an event (such as a timer) that causes an app to execute actions (steps/tasks). The outcome is a new message to be sent to a queue, or an HTTP request, which can be used by other Azure services.
There are some differences and you might check analyze the decision criteria to understand where to use what:
|State||Normally stateless, but Durable Functions provide state||Stateful|
|Development||Code-first (imperative)||Designer-first (declarative)|
|Connectivity||About a dozen built-in binding types. Write code for custom bindings||Large collection of connectors.
Enterprise Integration Pack for B2B scenarios. Build custom connectors
|Actions||Each activity is an Azure function.
Write code for activity functions
|Large collection of ready-made actions|
|Monitoring||Azure Application Insights||Azure portal, Log Analytics|
|Management||REST API, Visual Studio||Azure portal, REST API, PowerShell, Visual Studio|
|Execution context||Can run locally or in the cloud||Runs only in the cloud|
Windows Virtual Desktop
Windows Virtual Desktop is a desktop and application virtualization service that enables users to use a cloud-hosted Windows Desktop form anywhere. One important difference to virtual machine is, that Microsoft offers Azure Reserved Virtual Machine Instances, which saves up to 72 percent versus pay-as-you-go pricing.
Azure IoT services
IoT devices are usually equipped with sensors that collect data e.g. environmental sensors, barcode scanners, …. With azure IoT services these devices can be connected to Azure trough the internet, to collect and aggregate the data, allowing to create reports and alerts. In addition you may also publish firmware or software updates to these devices.
- Azure IoT Hub is a managed services, that acts as a central message hub for bi-directional communication between your IoT application and the devices it manages to
- receive messages from a device and route them to other Azure services
- remote control of connected devices
- monitor device health
- Azure IoT Central sits on top of the hub and provides and is a web-based user interface to perform the activities mentioned above. In addition it allows for creation of dashboards and alerts. If you already have a software for that, you may not need it.
- Azure Sphere creates an end-to-end, highly secure IoT solution and consists of 3 elements
- Azure Sphere micro-controller unit (MCU), which processes the operating system and signals from attached sensors
- customized Linux operating system (OS), handles communication with the security service
- Azure Sphere Security Service (AS3), to make sure that the device has not been maliciously compromised
You may check analyze the decision criteria to help you deciding what to use.