[logseq-plugin-git:commit] 2025-08-13T12:11:51.822Z
This commit is contained in:
Matthias Eckert
parent
f77f47e874
commit
2c6ef31e1f
4
journals/2025_08_13.md
Normal file
4
journals/2025_08_13.md
Normal file
@ -0,0 +1,4 @@
|
||||
- Poststraße 87 Timmendorfer Strand
|
||||
- Boltenhagen
|
||||
- schöner Strand
|
||||
-
|
||||
@ -12,12 +12,9 @@
|
||||
collapsed:: true
|
||||
- grouped in (for resiliency, reliabilty)
|
||||
- **Regions**
|
||||
collapsed:: true
|
||||
- geographical area
|
||||
collapsed:: true
|
||||
- multiple datacenters networked together with low-latency network
|
||||
- **Availabilty Zones** (AZ)
|
||||
collapsed:: true
|
||||
- one or more physically separate datacenters (independent power, cooling, networking) within an Azure region
|
||||
- Connected with high speed, private fiber-optic cable
|
||||
- Minimum of three AZs available in regions with AZ
|
||||
@ -27,7 +24,6 @@
|
||||
- Zone-redundant services: replicated (SQL databases)
|
||||
- Non-regional services: Entra-ID, ...
|
||||
- **Region Pair** (i.e. West US paired with East US, South-East Asia paired with East Asia)
|
||||
collapsed:: true
|
||||
- within the same geography at least 300 miles away
|
||||
- Cope with: natural disasters, civil unrest, power outages, or physical network outages
|
||||
- Updates one region at a time
|
||||
@ -116,14 +112,12 @@
|
||||
az vm extension set --resource-group "learn-f942f893-d72a-4614-9bec-d920bd0d3c96" --vm-name my-vm --name customScript --publisher Microsoft.Azure.Extensions --version 2.1 --settings '{"fileUris":["https://raw.githubusercontent.com/MicrosoftDocs/mslearn-welcome-to-azure/master/configure-nginx.sh"]}' --protected-settings '{"commandToExecute": "./configure-nginx.sh"}'
|
||||
```
|
||||
- ## Azure virtual desktop
|
||||
collapsed:: true
|
||||
- cloud-hosted version of Windows
|
||||
- connect with any devices, secure data in the cloud
|
||||
- 
|
||||
- data and apps are separated from the local hardware
|
||||
- user sessions are isolated in both single and multi-session environments.
|
||||
- ## Azure containers
|
||||
collapsed:: true
|
||||
- you don't manage the operating system for a container
|
||||
- VMs virtualize Hardware <-> Container virtualize OS
|
||||
- #### Azure Container Instances (PaaS)
|
||||
@ -136,18 +130,15 @@
|
||||
collapsed:: true
|
||||
- orchestration service manages the lifecycle of containers
|
||||
- ## Azure functions
|
||||
collapsed:: true
|
||||
- event-driven, serverless compute option
|
||||
- an event wakes the function, alleviating the need to keep resources provisioned when there are no events
|
||||
- work can be completed quickly, within seconds or less.
|
||||
- **stateless**: behave as if they restart every time
|
||||
- **stateful**: Durable Functions - a context is passed through the function to track prior activity
|
||||
- ## Azure App Service
|
||||
collapsed:: true
|
||||
- HTTP-based service for hosting web applications, REST APIs, and mobile back ends
|
||||
- automatic scaling and high availability
|
||||
- #### Web apps
|
||||
collapsed:: true
|
||||
- full support for hosting web apps
|
||||
- #### API apps
|
||||
collapsed:: true
|
||||
@ -165,41 +156,32 @@
|
||||
- Send push notifications.
|
||||
- ...
|
||||
- ## Azure virtual networking
|
||||
collapsed:: true
|
||||
- **Public endpoints**: have a public IP address and can be accessed from anywhere in the world.
|
||||
- **Private endpoints**: exist within a virtual network and have a private IP address from within the address space of that virtual network.
|
||||
- #### Isolation and segmentation
|
||||
collapsed:: true
|
||||
- define a private IP address space by using either public or private IP address ranges
|
||||
- divide that IP address space into subnets and allocate part of the defined address space to each named subnet.
|
||||
- use the name resolution service built into Azure or use either an internal or an external DNS server
|
||||
- #### Internet communications
|
||||
collapsed:: true
|
||||
- enable incoming connections from the internet by assigning a public IP
|
||||
- putting the resource behind a public load balancer
|
||||
- #### Communicate between Azure resources
|
||||
collapsed:: true
|
||||
- Virtual Networks connect: App Service Environment for Power Apps, Azure Kubernetes Service, and Azure virtual machine scale sets
|
||||
- Service endpoints can connect to other Azure resource types, such as Azure SQL databases and storage accounts
|
||||
- #### Communicate with on-premises resources
|
||||
collapsed:: true
|
||||
- link resources together in your on-premises environment and within your Azure subscription
|
||||
- create a network that spans both your local and cloud environments
|
||||
collapsed:: true
|
||||
- **Point-to-site virtual private network**: connections are from a computer outside your organization back into your corporate network. In this case, the client computer initiates an encrypted VPN connection to connect to the Azure virtual network.
|
||||
- **Site-to-site virtual private networks**: link your on-premises VPN device or gateway to the Azure VPN gateway in a virtual network. In effect, the devices in Azure can appear as being on the local network. The connection is encrypted and works over the internet.
|
||||
- **Azure ExpressRoute**: provides a dedicated private connectivity to Azure that doesn't travel over the internet. ExpressRoute is useful for environments where you need greater bandwidth and even higher levels of security.
|
||||
- #### Route network traffic
|
||||
collapsed:: true
|
||||
- Azure routes traffic between subnets on any connected virtual networks, on-premises networks, and the internet.
|
||||
- Route tables allow you to define rules about how traffic should be directed
|
||||
- Border Gateway Protocol (BGP) works with Azure VPN gateways, Azure Route Server, or Azure ExpressRoute to propagate on-premises BGP routes to Azure virtual networks.
|
||||
- #### Filter network traffic
|
||||
collapsed:: true
|
||||
- **Network security groups** are Azure resources that can contain multiple inbound and outbound security rules. You can define these rules to allow or block traffic, based on factors such as source and destination IP address, port, and protocol.
|
||||
- **Network virtual appliances** are specialized VMs that can be compared to a hardened network appliance. A network virtual appliance carries out a particular network function, such as running a firewall or performing wide area network (WAN) optimization.
|
||||
- #### Connect virtual networks
|
||||
collapsed:: true
|
||||
- link virtual networks together by using virtual network peering
|
||||
- Network traffic between peered networks is private, and travels on the Microsoft backbone network, never entering the public internet.
|
||||
- ## Azure virtual private networks
|
||||
@ -289,25 +271,17 @@
|
||||
| Queue Storage | https://<storage-account-name>.queue.core.windows.net |
|
||||
| Table Storage | https://<storage-account-name>.table.core.windows.net |
|
||||
- ## Azure storage redundancy
|
||||
collapsed:: true
|
||||
- #### Redundancy in the primary region
|
||||
collapsed:: true
|
||||
- **Locally redundant storage**
|
||||
collapsed:: true
|
||||
- 
|
||||
- **Zone-redundant storage**
|
||||
collapsed:: true
|
||||
- 
|
||||
- #### Redundancy in a secondary region
|
||||
collapsed:: true
|
||||
- **Geo-redundant storage**
|
||||
collapsed:: true
|
||||
- 
|
||||
- **Geo-zone-redundant storage**
|
||||
collapsed:: true
|
||||
- 
|
||||
- **Read access to data in the secondary region**
|
||||
collapsed:: true
|
||||
- GRS and GZRS with read access (normally not possible)
|
||||
- ## Azure storage services
|
||||
collapsed:: true
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user