In this blog, I will share some quick tips including Q/A’s and useful links from Day 5 of our recently launched new batch of Microsoft Azure Solutions Architect(AZ-303/AZ-304)
On Day 5 Live Session, we covered the Azure Storage Accounts, Storage Services, Performance tiers, Storage redundancy, Azure Blob Storage Lifecycle Management, Storage account access keys, SAS, Azure solution for data transfer, Azure Cosmos DS.
The previous week in Day 4 Live Session, we cvered the Azure Load Balancer, Azure Application Gateway, Azure Front Door, Azure Firewall, Azure Traffic Manager, Azure Bastion.
We also covered hands-on Lab 11, Lab 25 out of our 25+ extensive labs(AZ-303).
So, here are some of the Q/A asked during the Live session from Module 6: Implement Storage Accounts & Module 7: Implement NoSQL Databases.
Azure Storage Account
Azure storage account is durable, highly available and scalable. By using Azure storage account services, we don’t need to worry about space because it will be scaled upon our demand. The Azure storage account is a container that groups a set of Azure storage services together. Only data services from Azure storage can be included in a storage account.
➝Read more about the Azure Storage Accounts.
Storage Account types
Storage type defines the methodology for storing data in Azure infrastructure It gives the solution to question what type and how to store data in Azure.
There are two Groups of storage account :
A) Accessible via REST API: Queue storage, table storage, Blob storage.
B) Designed for Microsoft Azure Virtual machines: File storage, Disk storage.
Ques 1: What are the factors affecting Azure Storage Account Pricing?
Ans: Azure Storage bills based on your storage account usage. Storage costs are calculated according to the following factors:
- Region refers to the geographical region in which your account is based.
- Account type refers to the type of storage account you’re using.
- Access tier refers to the data usage pattern you’ve specified for your general-purpose v2 or Blob storage account.
- Redundancy determines how many copies of your data are maintained at one time, and in what locations.
- Transactions refer to all read and write operations to Azure Storage.
- Data egress refers to any data transferred out of an Azure region.
Azure Storage Services
- Azure Blobs: A massively scalable object store for text and binary data. Also includes support for big data analytics through Data Lake Storage Gen2.
- Azure Files: Managed file shares for cloud or on-premises deployments.
- Azure Queues: A messaging store for reliable messaging between application components.
- Azure Tables: A NoSQL store for schemaless storage of structured data.
- Azure Disks: Block-level storage volumes for Azure VMs.
➝Read more about the Azure Storage services.
Ques 2: Is there a storage calculator for Azure storage?
Ans: Yes, We have an Azure pricing calculator which can be used for storage accounts also.
➝Read more about the Azure Pricing Calculator.
Performance Tiers In Storage Account
A) Standard: Standard storage is backed by magnetic hard drives like HDD and provides the lowest cost per GB. They are best for applications that required a bulk of data storage where data is access infrequently because read-write speeds are less as compare to premium.
B) Premium: Premium storage accounts are backed by SSD (Solid-state drives) and offers low latency performance. They are mostly used with high-end systems and high-intensity applications like databases. You can not switch from a standard storage account to a premium storage account, you must create a new storage account with premium or standard.
Access tiers in Azure
Hot Access – Data that is frequently used is stored in hot storage. It stores data utilized during migration processing. The storage cost is higher than Cool and Archive access but, the access cost is lower than the other two.
Cool Access – This tier helps store the data that is not accessed frequently. Its storage cost is lower, but the access cost is more than the Hot tier. It contains data that is going to stay for 30 days or more.
Archive Access – Data in this tier is stored for more than 180 days. The data stored in this tier are seldom accessed. It has a lower storage cost but a higher accessing cost. Also, it takes time while retrieving the data because data is often considered to be in offline mode.
Ques 3: Does by default, Access Tier is Hot?
Ans: Yes, by default access tier is set to Hot tier, but you can change the access tier while creating the storage account. The hot access tier is ideal for frequently accessed data, and the cool access tier is ideal for infrequently accessed data.
Azure Storage redundancy
Azure Storage always stores multiple copies of your data so that it is protected from planned and unplanned events, including transient hardware failures, network or power outages, and massive natural disasters.
- Locally redundant storage (LRS) copies your data synchronously three times within a single physical location in the primary region. LRS is the least expensive replication option.
- Zone-redundant storage (ZRS) copies your data synchronously across three Azure availability zones in the primary region.
- Geo-redundant storage (GRS) copies your data synchronously three times within a single physical location in the primary region using LRS.
- Geo-zone-redundant storage (GZRS) copies your data synchronously across three Azure availability zones in the primary region using ZRS.
- Read-access geo-zone-redundant (RGZRS) storage exposes a read endpoint on this secondary replica allowing you to read data in the event of primary region unavailability.
Ques 4: Will I have access to all 3 copies of the data in LRS?
Ans: No, the user doesn’t know which copy is being used. It’s just if one copy is down the second copy becomes available. So users cannot use all 3 copies at a time.
Ques 5: Why do we need Read access in the secondary region?
Ans: The secondary region is available for reading access after you Enable RA-GRS or RA-GZRS so that you can test your application in advance to make sure that it will properly read from the secondary in the event of an outage. You can design your applications to seamlessly shift to reading data from the secondary region if the primary region becomes unavailable for any reason.
Also, Check Our blog post on Azure Serverless Computing.
Azure Blob Storage Lifecycle Management
Azure Blob Storage lifecycle management offers a rich, rule-based policy that you can use to transition your data to the best access tier and to expire data at the end of its lifecycle. Lifecycle management policy helps you:
- Transition blobs to a cooler storage tier such as hot to cool, hot to archive, or cool to archive in order to optimize for performance and cost
- Delete blobs at the end of their lifecycle
- Define up to 100 rules
- Run rules automatically once a day
Storage account access keys
Azure generates two 512-bit storage account access keys whenever a user creates a storage account. These keys can be used to authorize access to data in your storage account via Shared Key authorization. Microsoft recommends that you use Azure Key Vault to manage your access keys and that you regularly rotate and regenerate your keys.
Shared Access Signatures (SAS)
A shared access signature (SAS) provides secure delegated access to resources in your storage account. With a SAS, you have granular control over how a client can access your data.
Ques 6: What are the types of shared access signatures in azure?
Ans: Azure Storage supports three types of shared access signatures:
- User delegation SAS
- Service SAS
- Account SAS
Ques 7: What are the risks we have to be aware of while using SAS?
Ans: When you use shared access signatures in your applications, you need to be aware of two potential risks:
- If a SAS is leaked, it can be used by anyone who obtains it, which can potentially compromise your storage account.
- If a SAS provided to a client application expires and the application is unable to retrieve a new SAS from your service, then the application’s functionality may be hindered.
Azure solution for data transfer
Data transfer can be offline or over the network connection. Choose your solution depending on your:
- Data size – Size of the data intended for transfer,
- Transfer frequency – One-time or periodic data ingestion, and
- Network – Bandwidth available for data transfer in your environment.
Check the below table for Data transfer tool selection.
Ques 8: Which regions can I store data in with Data Box?
Ans: Data Box is supported for all regions within the US, Canada, the EU, the UK, Australia, Singapore, Hong Kong, Japan, Korea, India, Brazil, South Africa, and the UAE.
Also, Check Our blog post on Azure Front Door vs. Application Gateway vs. Load Balancer.
Azure Cosmos DB
Azure Cosmos DB is a fully managed NoSQL database for modern app development. Single-digit millisecond response times, and automatic and instant scalability, guarantee speed at any scale. As a fully managed service, Azure Cosmos DB takes database administration off your hands with automatic management, updates and patching.
➝Read more on Cosmos DB.
Ques 9: What are the typical use cases for Azure Cosmos DB?
Ans: Azure Cosmos DB is a good choice for a new web, mobile, gaming, and IoT applications where automatic scale, predictable performance, fast order of millisecond response times, and the ability to query over schema-free data is important.
Choosing an API in Azure Cosmos DB
You can build new applications with these APIs or migrate your existing data. To run the migrated apps, change the connection string of your application and continue to run as before. Based on your workload, you must choose the API that fits your requirement.
Check below flow chart on how to choose the right API:
Ques 10: Can we use multiple APIs to access my data?
Ans: Yes, Azure Cosmos DB is a multi-model database service. Where multi-model means Azure Cosmos DB supports multiple APIs and multiple data models, different APIs use different data formats for storage and wire protocol.
But Microsoft recommends using the same API for all access to the data in a given account.
Quiz Time (Sample Exam Questions)!
With our Microsoft Azure Solutions Architect training program, we cover 220+ [AZ-303] & 200+[AZ-304] sample exam questions to help you prepare for the certification AZ-303 & AZ-304.
Note: Download the 25 Sample Exam-Questions of Microsoft Azure Solutions Architect from here.
Check out one of the questions and see if you can crack this…
Ques: Your company is planning to store log data, crash dump files, and other diagnostic data for Azure VMs in Azure. The company has issued the following requirements for the storage:
- Administrators must be able to browse the data in File Explorer.
- Access over SMB 3.0 must be supported.
- The storage must support quotas.
You need to choose the storage type to meet the requirements. Which storage type should you use? Select one.
A. Azure Files
B. Table storage
C. Blob storage
D. Queue storage
The right answer will be revealed in my next week’s email.
Here is the answer to the question shared last week.
Ques: You are designing an Azure solution. The solution must meet the following requirements:
- Distribute traffic to different pools of dedicated virtual machines (VMs) based on rules.
- Provide SSL offloading capabilities.
Now, you need to recommend a solution to distribute network traffic. Which services would you recommend?
A. Azure Traffic Manager
B. Azure Firewall rules
C. Azure Application Gateway
D. Azure Load Balancer
Answer: C. Azure Application Gateway
Explanation: If you require “SSL offloading”, application layer treatment, or wish to delegate certificate management to Azure, you should use Azure layer 7 load balancer application Gateway instead of the Load Balancer.
Feedback
We always work on improving and being the best version of ourselves from the previous session hence constantly ask feedback from our attendees.
Here’s the feedback that we received from our trainees who had attended the session…
Related/References
- AZ 303/304: Microsoft Azure Solutions Architect: Step By Step Activity Guides (Hands-On Labs)
- [Recap] Day 1: Azure Active Directory [Azure Solutions Architect]
- [Recap] Day 2: Implement and Manage Hybrid Identities & Virtual Networking: [Azure Solutions Architect]
- [Recap] Day 3: Implement VMs for Windows and Linux: [Azure Solutions Architect]
- [Recap] Day 4: Load Balancing and Network Security [Azure Solutions Architect]
- Top 10 Best Practices for Azure Security in 2021
- Tips To Prepare Exam AZ-304: Microsoft Azure Architect Design
- Exam AZ-305: Azure Solutions Architect Expert Certification
Next Task For You
Begin your journey toward Mastering Azure Cloud and landing high-paying jobs. Just click on the register now button on the below image to register for a Free Class on Mastering Azure Cloud: How to Build In-Demand Skills and Land High-Paying Jobs. This class will help you understand better, so you can choose the right career path and get a higher paying job.
Leave a Reply