Journey to Microsoft Certified Azure Solution Architect Expert – Day 3

My Focus the next 2 days is to complete John Savills’ Training on AZ 104 – Microsoft Azure Administrator Associate Certification Super Cram video which is over 3.5 hours long. At this stage I’m using a tactic called passive learning. I”m not taking notes, I”m not trying to memorise anything, I’m just sitting back and paying attention. It’s very relaxing and I”m not worried or concerned about trying to retain any information. I do want to understand everything, so there were a few parts where I felt John glossed over something and I felt confused, so I did go back an re-watch those segments just so I’m getting the right perspective and having a clear understanding. From what I can tell so far, I’m pretty familiar with 75%-80% of the material and what’s new is interesting, This is not to say it’s not a lot of content and information, so I will most likely take a second review of the course material at a later stage, but perhaps not via Johns training. This will also give me a different perspective.

Regions 57:40 – A Region typically have less than 2 ms latency between servers.

Paired regions 1:00:30 – For example North Europe and West Europe that are typically 100’s of miles apart by would form a pair in Geo Redundancy

Networking 1:01:49

Virtual networks 1:06:29

Public IPs 1:10:50 – Basic and Standard SKUs’

VNet peering 1:16:16 – no overlaps

Network Security Groups 1:24:30 – simple firewall. Based on rules.

Azure Firewall and routing 1:29:55

Azure DNS services 1:35:20 The Azure DNS Service for public resolution and private resolution. Private can do automatically resolution for a zone that is configured for a private network.

S2S VPN 1:42:10 – Site to Site VPN

ExpressRoute 1:51:08

Virtual WAN 1:54:58 – A Managed Service version of the previous networking section where all the detail is abstracted

Service Endpoints 2:02:10 – Where internal networks have more efficient or shorter hop routes from public to service

Private Endpoints 2:07:28 – Similiar to Service Endpoints but for private network

Azure Load Balancer 2:14:05 – map private or public IP to resources. OSI Layer 4 based rules.

The Azure Firewall, Azure Load Balancer, Traffic Manager and App Gateway are interesting distinctions, and I really want to go back to review the distinctions between them.

Azure App Gateway 2:20:40 listener -> config. Looks like nginx. FQDN routing.

Global balancers 2:22:35 azure app gateway and azure load balancers are regional. Global solutions are across region. Azure font door is layer 7 global. Azure global load balancer is a layer 4 solution that maps to regional load balancer. DNS solution is azure traffic manager

Storage 2:23:33

Storage accounts 2:25:35

Storage services 2:31:13

Performance 2:32:24

Replication 2:38:20 (Redundancy)

Importing blob 2:39:48 – using Portal, Storage Explorer, AZCopy, but I didn’t see reference to REST API / C# nuget. I have since found out the NuGet Packages are now called Azure.Storage.*

Tiers and lifecycle 2:43:38 – I think this is a reference to Premium (SSD), Transactions, Hot, Cold, Archive.

Object replication and data protection 2:48:12 – Can see how out of sync we are as the replication is asynchronous

AD integration for files 2:48:51 – Connect AD to file storage so can authenticate

Azure File Sync 2:51:13 – Great for replication of SMB or offloading files and free up local storage

Access keys, shared access signatures and RBAC – If you turn off Access Keys, you also lose SAS access too

Today, We covered a lot of material and there were a few gems – I’m excited to implement Azure File Sync and AD Integration for files in the next few weeks, it’s something I’ve been curious about for a while and my Home Storage Server only has 8 TB of storage and I’m almost full, so I can see a lot of value of backing up some of this data to storage account and setting the tier to cold or archive storage.