- Azure Compute Resources
talking about the core resources within Azure. What we’re generally talking about can be categorised into these five categories. We can talk about “Compute Services,” which includes all of the ways that Azure can execute programs, websites, applications, etc. Networking services, which are the way that applications can communicate with each other, and storage services, which are files and data that are stored within a storage account type format, We get into Database Services, which is like a storage account except it’s organized. You can have tables, columns, collections, etc. And finally, there is the Azure Marketplace, where you can find a lot of these services, including some that were not created by Microsoft.
We’re going to talk about the following types of services: virtual machines, web apps, container instances, and Kubernetes, and added to the requirements of this exam are Windows virtual desktops. That’s not necessarily a compute service, although you are storing a virtual desktop. So it’s like a virtual machine in the cloud that acts like a desktop. Now, I’ve said “compute” a couple of times. It’s anything that comes to mind when you think of a computer having to do its job correctly, so it’s executing code. Now, maybe you didn’t write the code and so it’s a third-party application, or maybe your company created the code. You have a development team, and that’s what you’re executing. But whatever you are doing, the computer is actually performing a task, and that’s called executing code. And so all of the Compute services that we just mentioned in the last slide are covered by Compute. So first up, we talked about virtual machines. Remember how we discussed infrastructure as a service, or IaaS, a few sections ago?
So the VM, or “virtual machine,” is sort of the poster child of IaaS. This is very similar. It looks, acts, and behaves just like a computer that you might have at your desk, at your feet, or in your server room, but it operates in the cloud. It’s also virtualized, which is the virtual part of the virtual machine, which means that to you it looks and acts like a real server, but in reality it is one server that’s been divided up into many slices, and you have yourself and other customers who are taking a slice. Microsoft Azure supports both Windows and Linux operating systems. Actually, we have heard a rumour that Linux is actually more popular in Microsoft Azure. So don’t feel like it’s a Windows-only world out there. Microsoft Azure supports Linux. Microsoft appears to adore Linux, which is likely the most popular operating system running in the cloud. Like I said, a virtual machine looks and acts like a physical machine, but it’s really just a slice. Instead of having the whole pie, you just have a slice of pie. Sometimes I like to think of it like an apartment building. When you’re inside your apartment with the door locked, you think it’s your home, but you’re actually sharing it with your neighbors—your upstairs neighbors and your downstairs neighbors.
That building has been subdivided into several secure locations, but you do have full control over it. So you can install what you like. You can modify the registry; it’s got a hard drive; you can save files there; et cetera. As a result, it appears to be an accent. And in almost every way, it behaves like a physical machine. There are some low-level things that you don’t have control over, but other than that, it’s pretty much like a server. we should say. When you go into Azure to create a VM, you have a buffet selection of over 200 to choose from. And you get to choose based on a number of factors. The number of CPU cores, the CPU speed, and the amount of RAM So you get how much disc space is needed for IOPS, which stands for input, output, operations per second, etc. Now, sometimes you’ll find there are instance families, and these are often given a letter, and they are either memory optimized, storage optimized, or CPU optimized. And so, depending on what your particular application is, you may want more CPU and not as much memory, or vice versa. And there are lots of those combinations to choose from. Now, moving up the stack, we’re just talking about infrastructure as a service, app services, and our platform as a service. Basically, you take your code, package it up, give it to Azure, and Azure will run it. Now, you do get to choose plan types; there are the Basic, Standard, and Premium plans, and you do get to choose the level (Standard 1, Standard 2, Standard 3, etc.). But you’re not actually choosing CPU cores and memory. And those are not the decisions that you’re making. You’re choosing it from a simpler selection. And Microsoft does throw in a lot of additional benefits to being an app service, including deployment slots and the ability to add instances very easily, et cetera. So they make it a very rich experience. But you do lose direct access to the system. You can’t change the registry settings; you can look at some log files; and you generally can’t go and access the hardware the same way you would with a virtual machine. Another level of abstraction is the container paradigm.
Now, this has become very popular in recent years. Kubernetes Services, developed by Google, became the open standard for Kubernetes services. And so you create a Docker image and deploy it, and it basically becomes easy to deploy. And so containers are very popular in Azure. You get so many different options for containers. Two of them that we’ll talk about and are covered by this exam are the Azure container instance and the Azure Kubernetes service. But web apps also have containers. Service fabric has containers. There are a few other ways to run containers. You can run a container on a virtual machine if you want to. So these are the fastest and easiest ways to deploy code, and you do everything on your desktop, package up the image, and then deploy it. Finally, a new addition to the exam is the Windows virtual desktop. This is just like having a Windows machine, but all your files are stored in the cloud, so you can theoretically log in from any machine. And then your desktop is there. Everything in your settings is there; your desktop is there; your files are there. So this is a relatively new paradigm of not requiring everyone to have their own version of Windows running locally, but instead it all boots up from the cloud. You can also then use your cell phone to access it because there are iOS and Android apps or any web browser to get your files, get to your emails, or get whatever it is that’s on your computer.
2. Azure Networking Resources
So we’ve talked about compute services. Let’s talk about the next major Azure service, which will be networking services. Now, networking services have some common examples. In this video, virtual networks, or VPN gateways, peerExpress routes. I’ll go into more detail later, but these are examples of AzureServices that are considered networking services. Now, I want to further break down the concept of networking into four main categories. So, all of the networking services can be subdivided into one of these four categories. You have access to connectivity services. That is how applications connect to each other and communicate with each other.
Protection services. This could be ensuring that only authorised people have the ability to communicate with your server, protecting against attacks and denial of service, and things like that. delivery services, which help you deliver your resources and your services to the end user without involving another server or the general public. And finally, any kind of monitoring that you need to do We’re going to get into details about each of these four types of networking services. So, on screen, are three examples of connectivity services. So, the virtual network is basically the most basic level of networking. When you create a virtual machine, it goes on a virtual network. It is emulating a physical network that you might have in your environment. And so I think I’ll do a demonstration after this section on virtual machines and virtual networks. And so you have to look at it like when you’re creating a network within Azure; it’s virtual. Microsoft is not actually unplugging and plugging in cables at your request. Their network already exists. It’s called the Microsoft Global Network. So a virtual network is really just some settings in the database. And so it’s pretty clever, if you think about it, that you’re able to create all of these virtual machines and applications, and they know who they can communicate with and who they can’t simply based on the configuration. Now, the VPN is a virtual private network. You might be familiar with a VPN because if you are working from home, you have to use a VPN to connect to your office in order to get access to your files that are stored on a server. And so the same type of definition applies here: use a VPN when you need to connect to networks together securely.
So you can have two networks within Azure that are connected by VPNs. You can have your office location connected to Azure through a VPN or a point-to-site VPN. You could even connect your desktop computer at home, your laptop, or even your mobile device to Azure using a VPN that’s encrypted and can’t be spied upon, and you basically get access to the resources of that remote network. Now, Express is a high-speed private connection. It acts similar to a VPN, but you basically have to purchase it in advance. There’s some hardware that gets installed but doesn’t run on the public internet. So those are some examples of connectivity services. Next up, we’ll talk about the protection aspect of networking. You may have heard of the denial-of-service attack, which is when you have thousands and hundreds of thousands of computers around the world that are directing malicious traffic at a destination in an attempt to overwhelm it. Much like if you go to a store and there are already 2000 people inside, you can’t buy anything and you can’t get to the checkout; it’s just jammed. So the same concept applies to denial-of-service attacks, and Microsoft does include a basic level of DDoS protection. You can purchase an advanced level of DDoS protection for your applications. A firewall is a device that protects a network. You can set up some firewall rules to allow certain traffic and block certain traffic from coming through. Network Security Group is the most fundamental type of firewall. It’s what’s called an access control list, or an ACL. And you’ve got the rules, but they’re just static rules based on IP address. There is no intelligence to them. It’s like going to a club and checking to see if your name is on the list; if it is, you get in. If your name isn’t on the list, you don’t get in. There’s not any intelligence to it. That’s a network security group. And finally, even the Azure Private Link Service is a form of protection for a network. So these are some examples of that. Now, I think I’ll point out some of these delivery services.
I do want to point out that you’re not going to be asked about load balancers or application gateways on the exam. But we’re talking about networking, and we’re going to talk about three quarters of networking. I might as well talk about the fourth quarter. And so the fourth quarter in this case is the delivery service. So, a load balancer and an application gateway allow traffic to be distributed evenly to multiple servers in the background. And this is how you can go to Amazon.com or Microsoft.com and get a response. It’s not a single server that is listening to traffic coming through that domain. There are thousands of servers typically located around the world that can respond to Microsoft.com, and they use load balancers, among other things, to make sure that you get the web page that you’re requesting. Application gateways are similar to load bouncers. It has a firewall. If you want to enable that content delivery network, you may have heard of this. It is a method of storing static files such as images, videos, JavaScript files, and CSS files closer to the end users so that their websites load much faster. And then the front-door service is relatively new. It combines some of these things, like a load balancer or CDN, and a firewall, all in one. And the fourth type of networking service is the monitoring service. And so, again, it’s important from your operations point of view that you’ll be able to watch traffic travelling over your virtual network and make adjustments based on that log stuff and that audit stuff. So these are the tools—network watcher, express, route monitor, and Azure monitor—that can be used to watch traffic coming in over the network. So those are the networking services in Azure.
3. DEMO – Create a Virtual Network
So we’re going to pop back into the Azure Portal and do a quick demo of the last couple of concepts. So we’re back in the resource group that we previously created, and the first thing I’m going to do is create what is called a virtual network. Now again, we’re not going to COVID this to the level of detail you would as if you were going for the Azure administration exam, but I do think there’s some benefit to you seeing what it actually looks like on the inside. So we’ll do this in a sort of high-level way. I just searched for “virtual network” in the Create a Resource Marketplace and found a Microsoft Virtual Network. Now, the Microsoft Virtual Network is a bit more complicated than a resource group. You’re going to see some of the same elements. So, for instance, on the screen here, we’ve got the subscription, resource group, and name. We still have to provide a subscription, and we still have to provide the resource group because I created it inside the resource group. It’s already given that name, and we have to give this virtual network a name.
So I’m going to call it Venet. The same kind of naming rules apply. Now, as I said before, choosing the region for the resource to be created is pretty much part of every resource. And this brings up an interesting idea, which is that the resource group we created was in one region, and we can actually create resources in that group in a different region. Now, this is not necessarily going to be true when we get down to the virtual machine level because the network, the machines, and the discs that work over the machines all have to be in the same region because then that would be too much to split up a single network into multiple regions. Once I’ve created this in the Central US, Then all of the other components should be in the Central United States as well. Now, I’m not going to get into the definitions of what addressing is and stuff like IP addresses, but suffice it to say that a virtual network has a defined set of addresses, and all of the devices that connect to that network pull from that list. As you can see, it gives me a default range of ten to twenty, all the way up to ten 255 255. That equates to 650 IP addresses. Now that is way more than I need, but because the IP address starts with the number 10, I can use up all of this address space. It’s called an “A” block in traditional IP address speak. And so I’ve got literally millions of addresses that I can personally use, and it’s not going to affect what you use or what someone else uses. These are private IP addresses. along with the address space of the entire virtual network.
There’s also the concept of a subnetwork. So every virtual network has at least one subnetwork, and I can take only a fraction of this. So whereas the virtual network takes 650 addresses, the subnetwork, if we break this down, is going to be only 256 addresses, actually. So, just to show how this works, I can change this to a 23-digit address. And we’ll see that there are only 500 addresses available, and we’ll only be able to use half of them. You don’t have to know all that. For the exam, I’m just giving you some background on networking here; we have the option of enabling a firewall network and a DDoS protection upgrade. Remember, I said in a previous video that DDoS protection is free, but if you want additional DDoS protection, there’s a paid option. So this is an upgrade. Effectively, it’s going to start costing money. We’re not going to enable any of that. And we still have the ability to add some metadata. And so this is going to be my first network. Now, it should be fairly quick because there’s nothing to it other than a database entry and there are no devices on it. There will be no computers, servers, or anything else. So it’s basically going to be an empty network ready for us to deploy a virtual machine, which we’ll do in a second. So that was very quick. If we go into it, we’ll see there are zero devices. Remember, we created one subnet, which has 255 addresses. There is the concept of “reserved” addresses, which are used for special purposes. And so, out of the 255, only 251 are actually available. Remember, we reduced the number of addresses to 512. So let’s pick up on creating a virtual machine in the next video.
4. DEMO – Create a Virtual Machine
So let’s go and create our first virtual machine now. So I created the virtual network. I’m going to go back to the group and say, “Add,” and we’re being offered Windows Server right off the get go.It’s probably one of the most popular resources. So let’s pick the Windows Server option right from the start. Once again, it’s the subscription, and the resource group has been chosen. We can give this a name. I’m going to call this first one VM.
And remember, we created the Virtual Network in the Central US. So, if I attempted to replicate this in the East United States, I’d be unable to connect it to the other. So I’m going to have to go and find Central America. We do have the ability to remember. I said the availability zone is the ability to deploy this to a specific data centre within the region. But we’re just going to let Azure handle that. Now, this is one of the more interesting things: the size. So when you’re creating a virtual machine right now, there are 329 options. So I said earlier in the course that there were over 200. That number continues to grow, and now there are over 300 virtual machine options. So you don’t get to specify exactly how much RAM and how many CPUs and how much data you want. You get to choose, but there are just so many options that you’ll basically be trying to find something pretty close to what you want. We’re also going to show you the pricing right here. So you have some fairly cheap options at $15 Canadian a month, which is just over $10 US. $12 US a month, as expensive as thousands of dollars.
So, like, if I were to say I wanted an eight-CPU server, these filters would allow us to reduce the number. We can see that for $800 a month. For $789 a month, there’s an eight-CPU server available for us. And then, because it is organised here, we can actually scroll into some of these letters. Remember when we said something about “instant families”? And these are grouped together based on whether they are memory, processing, or general purpose. and they’re basically categorized. So I’m not actually going to create an eight-processor server. Go back down to the twos. So there’s a $50-per-month two-processor server. We could see the hourly cost. Again, servers only charge for what you use. So the server is only seven cents Canadian an hour, which is like five cents US an hour. And so I could literally use this server for 3 hours, and it will end up costing me $0.15. That’s one of the big advantages of cloud computing. I’m going to choose this one. Again, it’s really personal. Based on your word needs We have to create a Windows user ID and password. This is what you’re going to use to log into Windows as an administrator account.We do get to authorise traffic by default. No traffic is allowed into a network or into a virtual machine. But we’re going to, when we create this, allow the Remote Desktop Protocol, which is going to allow me to log into Windows. So that’s fine. Long term, it poses a security risk, but for testing purposes, it is fine. I’m not going to play around. I can add additional disks. So, since the server I chose does not permit multiple connections, let’s go back in here. Actually, it allows for additional data disks.
So that could be a D drive, an E drive, an FDA, or a G drive, if you think about it like that. So we can add additional data disks, but we’re not going to do that. Now for networking, we just created a virtual network, and so it’s chosen the virtual network that we created by default. But you do have to check on this because if you don’t have a virtual network, it will create one for you. So we will leave all of these as defaults. If we had a load bouncer, we could place it in there, but we don’t and we won’t. I like to disable monitoring when I create VMs because I don’t ever check them. There’s no point in not monitoring the boot diagnostics. If the machine doesn’t boot, maybe then I’ll enable it, but I don’t actually go back and check the boot diagnostics. It seems a waste to me. The auto shutdown feature is an intriguing feature. So let’s say you are playing around and you are playing around on a paid account, your company account, or your personal account, not a free account. Then maybe you want this to automatically shut down because you know that after 7:00 p.m., there’s a chance that you’re still playing around with it. In fact, it’s early enough that I can actually say this was shut down by noon, and I don’t need to be notified. We could enable backups from the start, but we won’t. So we’ll click the next tab. I’m not going to do anything with extensions or other settings on this page. We do have the option to add tags the same way we did with the resource group and the network and go to the Review and Create screen. See that it’s green, which is a checkmark, which means it’s good to go. So once this reloads, I can click the Create button, and that will create for me a virtual machine that I can then log into and use, just as if I’m using a Windows machine.
5. DEMO – Connect to a Virtual Machine
So that didn’t take too long at all. We can see that the VM itself took only 30 seconds to create. There are some other things that need to be created as well. However, if I say go to resource, we can see that the status is operational. We can go to the monitoring tab and sort of see that there’s some life. The CPU and network are returning data, and there is a way to connect to this machine. Remember, we enabled RDP traffic, which is the remote desktop protocol? It’s a piece of software that comes with most versions of Windows. And we can download the RDP file to our computer and use that to connect to this machine. So I can do that, click on this, and it’s going to ask me to log in. Remember, we had to provide a user ID and password when we created this. And if I were to do that, we would then be connected to the machine. So I’ve connected via RDP. We can see that this machine looks and acts like a Windows computer. I can hit the start button and see that there’s not much installed here by default. But then I can access the Internet, download some software, and install it. If I want this to be a web server, I can set up IIS and put my files here, and it becomes a working server.
That’s as easy as it is to create a virtual machine. If you get some practise at this, you can literally get a machine going in less than ten minutes every time. And if you automate this, if you start writing scripts, and if you’re in charge of creating virtual machines, then it’s just a push of a button to get a virtual machine going. I can close this, treat it as a smaller window, and it will simply be another machine running that I can connect to via my computer. Now the last thing I will do is show you how to delete this because if you leave it running, it’s going to charge you. And even if it auto-stops at noon, which we set up, then it’s still going to charge for storage because this virtual machine has a virtual disk, and that virtual disc means you’re paying by the gigabyte. So let’s say I’ve sort of used this computer. Remember we said it was seven cents an hour, I believe, for this thing? As a result, it won’t be too expensive. But let’s say you just don’t want it. So the last thing we’re going to do is go into the resource group that we created.
We can see all of the resources that were created, the virtual network that we created, the public IP address, the security group network interface, and the virtual disc that, like I said, will be charged even when the machine is not running. So I could delete all of this stuff by just going in here and saying delete. Or I could delete the resource group as a whole. So I’m going to say “delete resource group,” type the resource group name, and then hit the delete key. And this is going to clean up all my junk here and beyond the minutes that were used. I won’t be charged for this after it’s deleted anyway. The intention here is just to demonstrate to you what Azure looks like and to get a feel for it. Like I said, this is not an administrator exam. You do not need to know how to create a VM, but the concepts are there, and it hopefully drives home to you that this is a real computer. Even though it’s a virtual machine, you reuse it just like a real computer. But you also have the responsibilities of running a real computer in terms of keeping your operating system updated, setting the correct security settings, making sure that your user IDs and passwords are safe, and things like that. And we’re not going to get into details on how to do all that, but that’s your responsibility. That’s called the “shared responsibility model” within cloud computing. Anyway, so we’re going to get back to the rest of the topics in this section.
6. Azure Storage Resources
Alright, so we’ve talked about computing and networking. Now it’s time to talk about storage. Storage is typically considered when you’re storing files in Azure. And we’re not necessarily talking about database storage at the current time. We’re talking about file storage. Now, I’ve always called storage one of the three foundational elements of cloud computing, right? You’ve got compute and networking, and you can’t have compute without some type of storage. And one of those foundational elements of storage within Azure is called the Azure Storage Account. When you go to create an Azure Storage account, you’re given the choice of three different kinds. The one we’re going to choose almost every time is called General Purpose Version 2, or GPV 2. General purpose vs. two It’s been around for a while, but the other two that are available, General Purpose V1 and Blob Storage, are more like legacy storage accounts.
They’re useful if you already have them and just need more of what you already have. If you’re starting out for the first time, you’re generally going to choose GPV Two. Now when you create a General Purpose V Two Storage account, and we’ll do that shortly, you’re going to see that there are four types of files that can be stored within that. Now. One is called container storage or blob storage. The others would be tables. The other would be queues, and the fourth would be file storage. Now you can also configure the same Azure Storage account as what is called “data lake storage.” As the name implies, the data lake is meant to be huge. And this is where you’re going to store petabytes and exabytes of data that you’re using in a really large data processing operation. But you have to specifically configure your storage account for that. Now, an Azure Storage account is typically the cheapest form of storage you’re going to get. It is an unmanaged storage account. Like this, it is paid per gigabyte. And the last time I looked at the prices, it was about one dollar per gigabyte. So if you’re only storing 5 GB of data in a storage account, then you’re only spending about ten cents a month.
That is extremely cheap storage. Those, however, are not the only options. when you’re setting up a storage account. We are going to find out about access tiers, and I’ll show you that when we do the demo. Basically, you can store files for; I believe the Hot Access Tier is the default. It’s what you think about when you’re storing files. The Cool Access Tier is meant to save you money on storage fees, but it costs you more money to do reads and writes to it. So you’ll want to put the main files that require real-time access in hot storage. If you ever need files where it’s kind of rare for you to access them, you put them in cold storage, and archive storage is just as it sounds. It really is more like cold storage, where it actually saves you a lot of money in terms of storing files, but then it costs you ten times as much to access the file. And with archive storage, you actually have to, I will say, unthaw the file before you can access it. So there’s probably like a 1-hour process to get a file out of the archive. So think of it almost like tape backup, although I don’t think Microsoft is using tapes. But you have to have the mentality that you can’t get access to files in the archive right away. So let’s say you have a regulatory requirement to keep these files around, but you don’t really expect to ever need them in an emergency, like a backup from a server from six months ago. So you can put that in archive storage, save a tonne of money on storage fees, and then get that file back. But it does take, like I said, an hour or more.
Now there’s also the performance tier. You’re basically going to be able to pay extra to get faster access and read and write access to a file. That’s called the “premium tier,” the location of the files. We talked about Azure being global, and so you can store files in all of these regions—the 60 plus regions of the world. So the location is going to have different prices. If you want to store a file in South America, you’re going to pay a little bit more. You’ll pay a little less if you store it in the East US region. And so the location of the file does impact the pricing. You do get to choose what’s called a replication or redundancy when setting this up. Then, basically, you can have a backup of the file in another region. By default, Microsoft is going to keep three copies of every file that you give it, and that’s the lowest level, but you can then make that globally redundant. And they’ll keep six copies, three in each of the two regions. And when you’re setting up file storage in general, you can basically set up failover so that if one region were to go down, then your files would be available in another region, and then you could just switch everything over to the other region in case of an emergency. Break glass is an option. That was a lot of blob storage stuff. There is virtual disc storage. This is called a managed disk. You’re going to pay for a reservation. So instead of paying per gigabyte, you get a tier. Maybe you get a terabyte of storage, and that costs you a certain amount every year. And you pay the same whether you use all of it or none of it. So this is called “manage storage,” and it’s really optimised to become the hard disc underneath a virtual machine. So it’s a randomised access to files, which is stored on disk.
7. DEMO – Create a Storage Account
So let’s jump into the Azure portal quickly and create a storage account. And once again, you don’t have to follow along, but it’s good to watch this because I think this exam is a bit more technical than people give it credit for. It’s not to the level of detail of an administrator, but there is some knowledge of Azure required, obviously. So we’re going to go into the portal under the plus sign here. Create a resource. For this, there is a storage account right on the homepage. So it’s on the first screen, and I’m going to say storage account. You’ll see an interface very similar to creating a virtual machine. It’s a tabbed interface; a wizard here makes sure we have the right subscription. We have to give it a resource group. I’m going to create a new one because I deleted my last one. Right, call it a new group. A storage account has to have a name. Now this name has to be used across the entire region. So in my East US-2 region, I’m going to have to create a storage account that doesn’t already exist. So if I said “new storage well,” somebody has already taken that.
OK, so what I typically do is use my initials or some other prefix that’s unique to me. Since I’ve been teaching courses, people have been borrowing my prefix, so I have to change it a little bit. So I have new SJD AZ storage. There is an agreeable checkmark, which indicates that everything is fine; you select the region. Remember, I said the region does matter, not only the location, as it’s got to be as close as possible to the users of the files. You don’t want to have files in Japan and your users in the United States. That’s a long way for the data to travel, and the pricing is going to be relevant too. I’m going to leave it in East US two.We did talk about there being both standard and premium storage. If I want premium storage, it will cost more but be faster. General-purpose storage is what we want. We see that you have V1 and Blob storage options, but those are deprecated. Someday they’ll be removed, but not yet. We talked about redundancy or replication, and by default, I’m being pushed toward global redundancy. I don’t really need that. It does cost a bit more, so I’m just going to leave it as locally redundant storage. We won’t get into all of the various options, but we can see right on the first page that we have to pick the location, the performance, the type, and the replication. Now, by default, storage accounts are available to everyone who’s got the access key, even anywhere in the world. So if you leave it on the public endpoint, then anyone in the world who has been given the accesskey, which is not guessable, can access your storage account.
This might not be ideal. A lot of companies want to have very limited access, and that makes perfect sense. And so Microsoft does push people to lock this down a little bit more, but it is relatively safe even though it’s on the internet. So we’ll leave it at that. To restore points in time, we can enable various options. So, basically, you can go back six or twelve hours in time and get the storage count from that point. Soft delete is a security feature that prevents people from simply deleting files and having them vanish forever. It basically requires some time for a file to be deleted. We’re not going to enable or change any of this versioning. Https required. That’s typically the standard. You can see it’s the default. You have to have a good reason not to require HTTPS to access these files. And if you are doing HTTP, you want to be on version 1, because it’s the most secure version. So here’s the access tier: hot or cool. You can’t do archive tiering by default; you’d have to individually select files to do archive tiering. However, hot and cool can be the default settings. Remember how I mentioned that data lakes are a type of storage that is slightly different in format and has more data space? You do have to turn that on, and we’re not going to use tags like it does with most resources. And if I say “review and create” when I click this, I will get a storage account. So I’m going to do that. I’ll pause the video and come back. We’ll have a working storage account.
8. DEMO – Storage Containers and Keys
Alright, so that was created relatively quickly. Click the blue buttons to go to the resource. So now we have an Azure storage account, and we can see in this top area the settings: standard performance, hot tier, locally redundant storage, GPV. Two, where is the location? Scroll down a little bit. Blobs, file storage tables, storage queues, and storage pools are the four types of data that can be stored in containers. Queues are sort of what they call a “first in, first out” metaphor where you can put something in a list and then the application that reads it takes it from the top. It’s often used for application-to-application communication in an asynchronous manner. I go into containers. We don’t have any containers.
Containers are almost like a folder metaphor. So I can create a container, call it default, and then, as you’ll see, I can dig into it and maybe create another folder or upload a file into that container. So storage is now usually interfaced with programmatically from my disk. So you will basically have a programme that connects to the storage account. If I go under access keys, now they’re hiding it, but this is what is used to connect to the storage account. Anyone who has your access keys has full ownership of your storage account. So they’re supposed to be kept private; why are they now hidden behind this, and you say, “Show the keys?” So if I go under properties, we can see that the storage accounts have a URL that you can then use to connect to the containers and the files in them as long as you have the access key. Anyways, that’s pretty much what I wanted to show you: a storage account. It’s really easy to create leaves. The storage account can contain up to five petabytes in North America and Western Europe. That is a lot of storage. Even at two cents per gigabyte, five petabytes is $50,000 per month. So you really have to work hard to fill your storage account. And then, at that point, you’re paying a lot of money. So these things are big.
9. Azure Marketplace
So before we leave this section talking about Azure services, I want to mention one that a lot of people don’t view as a service but kind of is, and that’s called the Azure Marketplace. So we saw earlier in this section, when I was creating networks, virtual machines, and storage accounts, that I would go into the marketplace to find those to hit the create button. And so the Azure Marketplaces, where Microsoft and its partners list the various computing services available for your use, And so this is where we say there are more than 1,000 services available. You can go under here; you can see the categories on the left. And you’ll be able to find hundreds of types of virtual machines that are not just provided by Microsoft. So you could find a virtual machine that already has SQL Server installed, and that will be SQL Server in a VM. That image is available.
There are also virtual machines that contain Barracuda, which is a web application, a firewall, and Red Hat Enterprise. Linux is a virtual machine available from Red Hat, etc. So this is the marketplace where companies create images and provide them. Now, you can obviously create your own image as well. There’s such a thing as a custom image. So once you’ve set up your virtual machine exactly how you like it with your software, your files, and your permissions, you can make an image of it, and that becomes the image that gets deployed. However, if you want to find images created by other people, this is the place to look. Another example would be if you wanted a database that was not among the default Azure set, like we were just talking about databases. So, if you need Oracle database, there is also an Oracle database image in here. So I would say that if you’re curious about whether Azure has native support for any of the technologies that you work with, you go to the marketplace and you do a search for those names.
