5 Things You Don’t Know About Microsoft Azure

Although Microsoft landed quite late in the Cloud World with its IaaS and PaaS platform, Microsoft Azure is growing steadily and is definitely one of the top-tier solutions available for computing, storage, databases and everything you need to deploy on a cloud. Nevertheless, its adoption rate is still quite low compared to the other big players like Amazon Web Services, and many people have small to no knowledge of many of its interesting features. Let’s see together 5 things you don’t know about Microsoft Azure to get you started with it.

1: Your data is stored redundantly, but getting rid of it is easy and safe

Like many other cloud providers, Azure stores data in multiple places to add redundancy and increase safety. Data is triplicated across three physically separate domains, and if one part of the infrastructure goes down, it can provision another copy. Therefore, at any given time, there are always three copies of your data at the primary location.

Also, unless you disable it, Azure will geo-replicate to a secondary site far away from the primary one and keep it in triplicate there too. Definitely a strong and secure approach to saving your data. On the other end, deleting the data might be tricky. When you decide to delete an object or a table entity, Azure will immediately delete that entry from the index used to access data at the primary location, but geo-replicated copies will be deleted asynchronously at a later time. May this cause risks in case someone else tries to read data saved there? Actually, no.

Microsoft has a complex solution to avoid this issue, based on the fact that data needs to be overwritten before being provisioned. Therefore, once your data is deleted, people trying to access it will just get a bunch of 0’s. Microsoft doesn’t give a contractual guarantee that says they will overwrite deleted data, but at least they make it impossible for anyone to provision overwritten or deleted data.

2: Azure service healing restores VMs to a running state

One big advantage of running virtual machines on Azure is that your VMs will remain available even when there are problems. When Azure finds a problem in one of its nodes, it automatically moves the VMs to other nodes so that they are restored to a running and accessible state. This cause the virtual machine to shut down and restart, and the MAC address, processor, and DPU ID will be changed. But if the VM is running on an Azure Virtual Network, the IP address of the VM does not change when the healing process occurs.

Also, the storage on data disks is persistent, so files will not be affected by the restart and move. That’s why, with domain controllers running on Azure Virtual Networks, you need to store the Active Directory DIT, logs, and SYSVOL files on data disks. Data disks can be used to store any files other than the core operating system files. OS disks use caching, and data disks don’t; in the latter case, the data is immediately written to permanent storage.

3: Azure Virtual Networks mixes up well with your on-premises network

Speaking about Azure Virtual Network, it can allow you to get a nice mix of your cloud infrastructure and your on-premises network. Indeed, you can connect your internal network to an Azure Virtual Network via an IPsec site-to-site VPN through an approved VPN device and treat it like another subnet on your network, which is quite great if you have your own infrastructure already and don’t want to give it up. You can also have multiple Azure Virtual Networks your on-premises network is connected to from a single point of presence.

Unfortunately, it doesn’t work the other way around: you can’t connect the same Azure Virtual Network to multiple on-premises networks. Also, you can’t route connections between different Azure Virtual Networks through Azure. A workaround if you want to communicate between them, is to go back through the on-premises VPN to which they’re all connected.

4: Support for virtualizing domain controllers

Any network administrator knows that domain controllers on VMs were not considered an excellent practice, so to say. For example, restoring VM snapshots could easily result in inconsistencies in the Active Directory database, like inconsistent attribute values, password problems, duplicated security principles, and even schema mismatch: quite a nightmare. Windows Server 2012, though, introduced a new feature, VM Generation ID, that addresses this problem, and Windows Azure Virtual Networks run on the Windows Server 2012 stack, thus supporting this feature.

So, you can create domain controllers (or “move” them from an on-premises network) in the Azure Virtual Network. By the way: Sysprep won’t work in this scenario. You need to move the .vhd file for your VM into Azure storage and use it to create a new VM. You can also create a brand new DC on the Azure Virtual Network and enable inbound replication.

5: Azure uses both static and dynamic IO addresses

Short summary: Virtual Networks use virtual IP addresses, Virtual Machines use dynamic IP addresses. The virtual IP address of an Azure Virtual Network refers to the public IP address used by external computers to connect to the Azure Virtual Machines. Each of your virtual machines on the Azure Virtual Network has a dynamic IP address assigned to it,  “dynamic” because it’s assigned by Azure. Indeed, if you try to give your virtual machines static addresses, Azure won’t recognize them, and you won’t be able to connect to those VMs at all.

Unlike dynamic IP addresses assigned by ISPs, it can change frequently and works just like a reserved address. So the same address stays with a particular virtual machine for as long as the VM exists.

Avatar

Written by

Andrea Colangelo

Software Engineer with a solid focus on QA and an extensive experience in ICT. Above all, Andrea has a very strong interest in Free and Open Source Software, and he is a Debian and Ubuntu Developer since years. Non-tech interests include: Rugby, Jazz music and Cooking.


Related Posts

Alisha Reyes
Alisha Reyes
— April 8, 2020

New on Cloud Academy: AWS Solutions Architect – Associate Exam Prep, Azure Courses, Google Associate Cloud Engineer Exam Prep, Programming Labs, and Much More

Free content on Cloud Academy More and more customers are relying on our technology and content to keep upskilling their people in these months, and we are doing our best to keep supporting them. While the world fights the COVID-19 pandemic, we wanted to make a small contribution to he...

Read more
  • AWS
  • Azure
  • Google Cloud Platform
  • programming
Avatar
Logan Rakai
— April 7, 2020

How to Effectively Use Azure DevOps

Azure DevOps is a suite of services that collaborate on software development following DevOps principles. The services in Azure DevOps are: Azure Repos for hosting Git repositories for source control of your code Azure Boards for planning and tracking your work using proven agil...

Read more
  • Azure
  • DevOps
Alisha Reyes
Alisha Reyes
— March 17, 2020

Cloud Academy’s Blog Digest: How Do AWS Certifications Increase Your Employability, How to Become a Microsoft Certified Azure Data Engineer, and more

With everything going on right now, it's likely that the only thing you've been reading lately is related to the coronavirus pandemic. It's important to stay informed during these times, but it's also good to jump into something that can take your mind off of the current situation for j...

Read more
  • AWS
  • Azure
  • blog digest
  • Certifications
  • Cloud Academy
  • programming
  • Security
Avatar
Cloud Academy Team
— March 13, 2020

Which Certifications Should I Get?

As we mentioned in an earlier post, the old AWS slogan, “Cloud is the new normal” is indeed a reality today. Really, cloud has been the new normal for a while now and getting credentials has become an increasingly effective way to quickly showcase your abilities to recruiters and compan...

Read more
  • AWS
  • Azure
  • Certifications
  • Cloud Computing
  • Google Cloud Platform
Avatar
Guy Hummel
— March 10, 2020

How to Become a Microsoft Certified Azure Data Engineer

Data engineering is one of the most sought-after skills in the job market. According to a 2019 Dice.com report, there was an 88% year-over-year growth in job postings for data engineers, which was the highest growth rate among all technology jobs. If you want to become a data enginee...

Read more
  • Azure
  • Data Engineer
  • DP-200
  • DP-201
  • Microsoft
Alisha Reyes
Alisha Reyes
— March 7, 2020

New on Cloud Academy: Intro to GitOps; AWS Courses; Java, Python, Amazon Linux 2, Ubuntu, & Docker Playgrounds; and much more

New Lab Playgrounds This month, our Content Team released six new "playground labs." Our playground labs provide a safe and secure sandbox environment for you to explore your own ideas, follow along with Cloud Academy courses, or answer your own questions — all without having to instal...

Read more
  • AWS
  • Azure
  • gitops
  • Google Cloud Platform
  • lab playground
  • programming
Alisha Reyes
Alisha Reyes
— March 6, 2020

New on Cloud Academy: Intro to GitOps; AWS Courses; Java, Python, Amazon Linux 2, Ubuntu, & Docker Playgrounds; and much more

New Lab Playgrounds This month, our Content Team released six new "playground labs." Our playground labs provide a safe and secure sandbox environment for you to explore your own ideas, follow along with Cloud Academy courses, or answer your own questions — all without having to instal...

Read more
  • AWS
  • Azure
  • gitops
  • Google Cloud Platform
  • lab playground
  • programming
Avatar
Thomas Mitchell
— February 27, 2020

5 Steps to Vulnerability Management for Containers

Organizations have begun embracing containers due to their simplicity and to the fact that they allow for a faster development and deployment velocity. Although developers are thrilled with containers because they allow them to deliver solutions more quickly, security teams are sometime...

Read more
  • AZ-500
  • AZ-500 Exam
  • Azure
  • vulnerability management
Avatar
Chandan Patra
— February 21, 2020

Elasticsearch vs. CloudSearch: AWS Cloud Search Choices

Elasticsearch vs. CloudSearch: What's the main difference? Let's compare AWS-based cloud tools: Elasticsearch vs. CloudSearch. While both services use proven technologies, Elasticsearch is more popular, open source, and has a flexible API to use for customization; in comparison, CloudS...

Read more
  • AWS
  • Azure
  • cloudsearch
  • elasticsearch
Avatar
Andrew Larkin
— February 13, 2020

Cloud Academy Content Roadmap Updates

Welcome to our Q1 2020 roadmap. This is the content we plan to build over the next three months, between February 1 - and April 30, 2020. Let's look at some of our roadmap highlights. Atlassian Bamboo for CI/CD We had a lot of requests for practical guides on how to apply DevOps tool...

Read more
  • Artificial Intelligence
  • AWS
  • Azure
  • Docker
  • Google Cloud Platform
  • Kubernetes
  • Machine Learning
Alisha Reyes
Alisha Reyes
— February 7, 2020

New on Cloud Academy: Git Labs, CKA and CKAD Lab Challenges, AWS and Azure Learning Paths, AGILE, and Much More

We just kicked off our first Free Weekend of 2020. This means we've unlocked our Training Library for just 72 hours. Until Sunday at 11:59 pm (PST), you can get unlimited access to our industry-leading learning paths, courses, certification prep exams, and our most popular hands-on labs...

Read more
  • agile
  • AWS
  • Azure
  • Google Cloud Platform
  • Linux
  • OWASP
  • programming
  • red hat
  • scrum
Alisha Reyes
Alisha Reyes
— January 31, 2020

How to Unlock Complimentary Access to Cloud Academy

Are you looking to get trained or certified on AWS, Azure, Google Cloud Platform, DevOps, Cybersecurity, Information Security, Python, Java, or another technical skill? Then you'll want to mark your calendars. Starting Friday, February 7 at 12:00 a.m. PST (3:00 a.m. EST), Cloud Acade...

Read more
  • AWS
  • Azure
  • cloud academy content
  • complimentary access
  • GCP
  • on the house