In a typical IT environment, we tend to have multiple virtual networks, and also the workloads in these different virtual networks need to communicate with each other. So, we will discuss some connectivity scenarios which we can use to enable communication between workloads in various virtual networks.

cloud 1

Peering

Virtual network peering enables us to connect two VNet in the same or across regions. If both of the virtual networks are in Azure and also within the same region, then you can use peering. Due to this, the workload in those virtual machines can communicate with each other.

The traffic between different virtual machines in peered virtual networks is routed directly from the Microsoft backbone infrastructure, not through a gateway or over the public Internet.
We can deploy hub-and-spoke networks, where the virtual hub network can host infrastructure components such as a virtual network appliance or a VPN gateway.
Every spoke virtual network could then peer with the hub virtual network Traffic can flow through virtual network appliances or VPN gateways in the virtual hub network.
When virtual networks have peered, we can also configure the gateway in the peered virtual network as a transit point to an on-premises network.

Global peering

If we have a virtual network in azure that exists in different regions, then we can use Global peering. Gateway transit is supported for both VNet peering and Global VNet Peering.

Site to Site VPN: If we have an on-premises virtual network, and we may have other virtual networks existing in other cloud providers. To connect to our virtual network in Azure with the network that is an on-premises data center, we can use Site to site VPN.

Express Route: If we have a business requirement where this connection between our on-premises data center and virtual network should be on a private channel of communication, then you can use Express Route.

Points to Remember while peering:

Peering between VNets is allowed in the same subscription only.
Peering between VNets in different subscriptions under the same AD tenant is allowed.
Peering between VNets in different subscription located in different AD tenants are also allowed.

VPN Gateway

A VPN gateway is a specific type of virtual network gateway, which is used to send encrypted traffic between an Azure virtual network and an on-premises location over the public internet. VPN gateway act as a middle man on both sides of the virtual networks. And if the workloads in those virtual networks need to communicate with each other, they will communicate via this encrypted channel of communication between the VPN gateways of both virtual networks.

When we are planning to deploy a VPN gateway into Azure, we can configure the number of setting related to it:

Gateway SKUs: We need to select the SKU that satisfies our requirements based on the types of workloads, throughputs, features, and SLAs.
Zone-redundant gateways: We can get benefits from zone-resiliency to access your mission-critical, scalable service on Azure when we use zone-redundant gateways.
Connection types: Connection type can be IPsec, Vnet2Vnet, ExpressRoute, VPNClient.
VPN types: The VPN type that we choose depends on the connection topology that we want to create and the VPN device. It can be a policy-based VPN or Route-based VPN.
Gateway subnet: Before you create a VPN gateway, you must create a gateway subnet with the name ‘GatewaySubnet’ and do not deploy anything else into that subnet.
Local network gateway: Local network gateway usually represents your on-premises location, i.e., VPN devices, and address prefixes.
Connection topologies: Site to site, Multi-site, point-to-site, Vnet-to-Vnet, and express route.
Monitoring and Alerts: Monitors the key metrics and configure alerts.

Azure Availability Zones and Sets

If we want to migrate a mission-critical application into Azure and because of the nature of the application, one of the key requirements is to make an application resilient to both reasonable failures, data center failure, and also even rack failure. So, to make that application highly available in all circumstances, we use Azure services that can deliver that requirement in terms of making application resilient to reasonable failures.

cloud 2

Traffic Manager: We can use traffic manager to monitor the endpoints located in different regions, and if any of the endpoints are no longer reachable, then all the traffic can be routed to other regional endpoints. It contains different routing methods, such as priority weightage, performance, geographic, etc.

Azure Load balancer: We can use Azure load balancer to balance the traffic between our web servers or application servers. It offers layer-4 load balancing, i.e., if we use source IP, source port, destination IP, destination port, and protocol using which we can configure the rules in load balancer to load balance traffic between a form of web servers.

Application Gateway: If we want to load-balance traffic based on URL based routing, or we can say that we want to host multiple sites on the same public IP address and other things, then we can use the application gateway.

To deliver high availability, Azure provides two more important features.

Availability Zone: It is a high availability offering that protects your application and data from data center failures. Generally, every Azure region consists of multiple data centers located at different physical locations. When you are deploying your services into Azure, you can able to select into which availability zone you want to deploy your service.

Availability Set: It works at a rack level. It is a logical grouping of the virtual machine within the data center that allows Azure to understand how your application is built to provide for redundancy and availability. The availability set consists of two domains one is fault domain, and another is the update domain.

Fault Domain: It is a logical group of the underlying hardware that share a common power source and network switch similar to a rack within an on-premises data center. So, if we are deploying all the virtual machines into the same fault domain, then any hardware failure will knock out all the virtual machines in that particular rack or fault domain.
Update Domain: It is a logical group of the underlying hardware that can undergo maintenance or be rebooted at the same time because Azure will do infrastructure management.
Managed Disk fault domains: For VMs using Azure Managed Disks, VMs are aligned with managed disk fault domains when using a managed availability set. This alignment ensures that all the managed disks attached to a VM are with the same managed disk fault domain.

So, this brings us to the end of blog. This Tecklearn ‘Azure Availability Zones and Sets and VNet Connectivity’ blog helps you with commonly asked questions if you are looking out for a job in Azure and Cloud Computing. If you wish to learn Microsoft Azure and build a career in Cloud Computing domain, then check out our interactive, Microsoft Azure Developer and Administrator Training, that comes with 24*7 support to guide you throughout your learning period. Please find the link for course details:

https://www.tecklearn.com/course/microsoft-azure-developer-associate-az-203-and-microsoft-azure-administrator-associate-az-103/

Microsoft Azure Developer Associate: AZ-203 and Microsoft Azure Administrator Associate AZ-103 Training

About the Course

This Course provides training for Microsoft Azure Administrator and Azure Developer. Tecklearn’s Azure Administrator training provides you with a deep understanding of the entire administrative lifecycle in Azure environments. This Azure course shows you how to maintain services related to computing, storage, network, and security. Enhance your Azure Administrator skills and prepare to ace the AZ-103 Azure Administrator exam. The Azure Developer certification course prepares you for Microsoft’s Azure Developer certification exam AZ-203. It covers Azure architecture, Azure technology development solutions, Azure storage services, and solutions, Cognitive Services such as Computer Vision, Q&A Maker, Azure service solutions, and API management services.

Why Should you take Azure Developer and Administrator Training?

Microsoft certified Azure Associate developer earns salary ranging from $95,000 to $135,000
Average salary of Microsoft Certified Azure Administrator is $90,000 – Indeed.com
Apple, eBay, Samsung, Citrix, UST Global, Mindtree, TCS, Wipro, Infosys & many other MNC’s worldwide use Azure across industries
According to Microsoft, more than 1,000 new sign-ups for Azure occur each day, which equates to approximately 365,000 new sign-ups each year
By 2022, 90% of enterprises will use both the IaaS and PaaS capabilities from cloud provider – Gartner

What you will Learn in this Course?

Introduction to Azure Compute Solutions and Cloud Computing

Introduction to Microsoft Azure
About Azure Certification

Overview of Azure Storage Services

Azure Storage
Azure File Use Case
Azure DNS
Azure Site Recovery

Secure and Manage Azure Storage

Security Issue
Azure Regions
Azure Services

Implementing Secure Data Solutions and Integrating Caching & CDN

Azure CDN
Azure Traffic Manager
Azure Load Balancer
Azure Scale Set

Implementing Azure App Service Web Apps and Mobile Apps

Design and Implement Azure Service Apps
Web Apps
Pricing Calculator – Azure

Managing Azure Subscriptions and Resource Groups

Create Resource Group
Create App Service Plan
Create Web App and Deploy Angular Application using SCM
Deploy .NET Application using SCM
Deploy App using Visual Studio
Web Job Types
Sendgrid

Develop Event-based and Message-based Solutions in Azure

Messaging Strategy
Design and implement Messaging Strategy
Azure Notifications
Microsoft Azure Service Bus
Queues
Topics
Create Topic
Create Subscription
Azure Relay
Using EventHubs

Implementing Azure App Service API Apps & Azure Functions

Azure PAAS Services
API Management
Function Apps
Logic Apps

Overview of Azure Virtual Machines and Configure Virtual Machines for High Availability

Virtual Machines
Create VM
PowerShell DSC and Custom Script Extension
Scale ARM VMS
VMSS
Monitoring VMs
Dev Test Labs
VM Storage

Design and implement Azure DevOps

CI/CD Pipelines
VSTS
Deployment in pass and VM’s
Scheduled deployments

Manage Azure Active Directory (AD)

Manage Identity, Application and Network Services
Overview of Azure Active Directory
Azure Active Directory B2C
Azure Active Directory B2B
Key Vault
Azure Graph API

Azure Virtual Networks and Network Security

Redis Caching
Azure search
Virtual Networks
Configure Virtual Network
Hybrid Network Connectivity
ARM VM Networking
Azure security and recovery services

Developing Solutions That Use Relational Database and Azure Blob Storage

Azure DB Services – SQL DB
Azure Notifications
Backup and Restore
Enabling Geo-Replication
Export source Database
Scale Azure SQL Databases

Developing Solutions That Use Azure Table Storage & Cosmos DB

COSMOS DB
Azure Key Vault
Azure App Insights

Azure Command Line Interface (CLI) and PowerShell

Resource management and deployments using PowerShell and CLI
ARM templates
Implement ARM templates
Control Access
PowerShell runbooks
Azure Automation
Real Time Examples

Got a question for us? Please mention it in the comments section and we will get back to you.

614