AZ-204 Developer Associate: Architecting Powerful Compute Solutions on Azure

Last updated Jul 29, 2022 Published Jun 6, 2022

The content here is under the Attribution 4.0 International (CC BY 4.0) license

Azure offers different compute services such as Azure VMs, Azure containers, Azure functions, Azure Kubernetes and Azure app services. In this section we will go through the compute solutions that Azure offers as well as share references to specific microsoft documentation where more information can be fetched accordingly.

The main goal here is to go over all the compute services that are listed in the exam topics, compute solutions is the biggest portion of the exam in total 25 - 30% of the total (refs study guide).

Compute solutions

Azure offers has tree services that developers can use to deploy applications, named:

  • Azure VMs
  • Azure app services
  • Azure functions
  • Azure containers
  • Azure kubernetes
  • Notifications

In this sections we are going to go into each and everyone of those and explore how to deploy them.

Azure VMs

VM’s are the basic cloud service used, azure has different zones around the world to be used. Each vary on price and availability, when using VM’s you have the following sections:

  • Basics
  • Disks
  • Networking
  • Management
  • Advanced
  • Tags

Deploy VM via CLI

First of the resource group

az group create --location my-location --name myResourceGroup

And then the virtual machine with ubuntu, the following command will launch a vm that uses a public key named mysshkey.pub that already exists (via command --ssh-key-values), to generate a new key-pair along with the vm replace it by --generate--sh-keys.

az vm create \
  --resource-group myResourceGroup \
  --name myVM \
  --image UbuntuLTS \
  --admin-username azureuser \
  --ssh-key-values mysshkey.pub

Note that it is required to open up the port 22 for ssh into the machine

az vm open-port --name myVM --port 22 --priority 100

For troubleshooting network issues microsoft offers:

Availability

Virtual machines availability are created when the vm is being configured, it will avoid down time while doing upgrades.

App services

Web App services

Web app services are an abstraction over the app services, they are built on top of the service plans.

Note: It is possible to deploy from visual studio. refs AZ-204 - Develop Azure Compute Solutions - Azure Web Apps

Note 2: Service plan cannot host windows and linux apps together. refs AZ-204 - Develop Azure Compute Solutions - Azure Web Apps

CORS1 comes enabled by default, no other origins are able to call the service refs AZ-204 - Develop Azure Compute Solutions - Azure Web Apps

Web app settings

Deploy

Deploying a new instance of a webapp

az webapp up

az group create --location westeurope --name myResourceGroup

az appservice plan create --name $webappname --resource-group myResourceGroup --sku FREE

az webapp create --name $webappname --resource-group myResourceGroup --plan $webappname

az webapp deployment source config --name $webappname \
  --resource-group myResourceGroup \
  --repo-url $gitrepourl \
  --branch main \
  --manual-integration git clone $gitrepo \
  --plan $webapname

Integration Service Environment

ISE is a isolated environment for enterprise scale integration needs.

Databases

  • Plans

Containers

For a introduction of docker refer to docker official documentation and also for more advanced developers refer to Writing docker files tips.

The questions made in the mock exams usually mix docker concepts and azure concepts. Having a clear understanding of what each one of the things do is essential. For example, for tagging a container, the command user is from docker and not from azure cli.

  • Azure container instance
    • Provision vms to serve containers
      • create resources
      • container instance (image)
  • Azure container registry
    • private registry
      • docker build the image
      • docker tag the image
      • log into the registry via az cli (az acr login --name NAME_OF_REGISTRY) - registry credentials can be found in the menu keys
      • docker push the image

Use cases for containers

A resource group named FourthCoffeePublicWebResourceGroup has been created in the WestUS region that contains an App Service Plan named AppServiceLinuxDockerPlan. Which order should the CLI commands be used to develop the solution?

refs exam topics

# set the host
az webapp config hostname add --webapp-name $appName --resource-group myResourceGroup --hostname $fqdn

# create the webapp
az webapp create --name $appName --plan AppServiceLinuxDockerPlan --resource-group myResourceGroup
# set the container

azure container groups

  • containers deployed under the same machine
  • deployed via azure cli: az container create --resource-group my-group --file my-config.yml
  • azure container instance can access storage blob or file share as a volume
  • azure container instance supports secrets

Made up challenges

  1. Create a container instance from the azure CLI
  2. List containers from the azure CLI
  3. Remove a container with azure CLI
  4. Repeat 1 to 3 but through azure portal
  5. Deploy multiple containers

Azure Kubernetes

  • Managed kubernetes on azure
  • orchestrate containers
    • cluster
    • kubelet - agent that runs on a node
    • pod is a group of one or more containers
    • pod get shared resources (network, storage)
  • workloads
    • deploys via kubernetes yml file
  • services
    • deploys via kubernetes yml file
    • load balancer
  • kubectl tool
    • tool to interact with kubernetes cluster
    • az aks get-credentials –resource-group my-group –name my-name
      • switches the context to the aks, issuing commands locally will send them against azure
      • kubectl get nodes
      • kubectl get pods
      • kubectl get deployments
      • kubectl get service
    • log and workspaces
      • logs are sent to workspace and are defined in the cluster creation

Kubernetes Custom Resource Definitions (CRD)

Which CRDs should you configure? To answer, drag the appropriate CRD types to the correct locations

  • Azure function code = Deployment
  • Polling interval = Scaled object
apiVersion: keda.k8s.io/v1alpha1
kind: ScaledObject
metadata:
  name: transformer-fn
  namespace: tt
  labels:
  deploymentName: transformer-fn
spec:
  scaleTargetRef:
    deploymentName: transformer-fn
  pollingInterval: 5
  minReplicaCount: 0
  maxReplicaCount: 100
  • Azure Storage Connection String = Secret
# create the k8s demo namespace
kubectl create namespace tt

# grab connection string from Azure Service Bus
KEDA_SCALER_CONNECTION_STRING=$(az servicebus queue authorization-rule keys list \
  -g $RG_NAME \
  --namespace-name $SBN_NAME \
  --queue-name inbound \
  -n keda-scaler \
  --query "primaryConnectionString" \
  -o tsv)

# create the kubernetes secret
kubectl create secret generic tt-keda-auth --from-literal KedaScaler=$KEDA_SCALER_CONNECTION_STRING --namespace tt

Refs:

Functions

  • Requires storage account
  • Plans
    • Pay only based on the consumption
      • pays only when the code is executed
    • App service plan
    • Always on (basic/standard plans)
      • will always be on run state
    • Functions premium
  • function supports docker or specific platform
  • pay only when the function is running
  • it has startup overhead - azure will remove resources if no code is running
  • triggers and bindings
    • triggers represents who will prompt the execution
      • HTTP calls
      • Timer triggers
      • Blob trigger
      • CosmosDB
    • bindings
      • react to resources that are related to the function
      • input
        • CosmosDB
          • Setting a function with http trigger and cosmosdb as input, it is possible to fetch resources from cosmosdb and send them to the function as a parameter
      • output
        • Queue
          • Dispatches a message to a queue when processing the function
  • Developer tooling
    • the azure portal
    • visual studio

Note: It is possible to deploy (and run locally) from visual studio. refs AZ-204 - Develop Azure Compute Solutions - Azure Functions

  • Function settings?
  • Connection strings? predefined values
  • host.json used to set up different logging levels and
    • Defines properties for the function that will run such as the logging level

Custom handlers can be defined if azure does not support the desired programming language.

Durable Functions

Durable has a weird meaning for azure functions, durable means a workflow, in other words, durable functions are meant to orchestrate different functions across a workflow, thus, durable.

  • Orchestration to define workflows
  • Call the same function with different parameters in a ordered fashion

Testing azure functions locally

  • visual studio
    • provides the environment to do that already - it will open the function in localhost
  • No visual studio environments
  • CosmosDB
    • CosmosDB emulator
  • Storage
    • Azurite emulator

Function patterns

Azure functions benefit from different patterns based on the context in which the function run:

  • Functional chaining
  • Fan-out/fan-in
  • Async HTTPS
  • Monitoring
  • Human interaction
  • Aggregator

SSL Certificates

  • webapp
    • general settings allows for force https only
    • application settings overrides the defined properties in the application file
    • tls/ssl settings

Authentication

  • Function
  • Anonymous
  • Admin

Footnote

  1. Become a CORS Wizard 🧙‍♀️ 

Made with 💖 by @MatheusMarabesi