This is an old revision of the document!
Table of Contents
Azure
Network Security Group NSG
Unlike the AWS security group which is always associated with an instance, Azure Network Security Group (NSG) can be associated with three different entities:
- NSG can be associated with the subnet
- NSG can be associated with the VM (Classic)
- NSG can be associated with the network interfaces (NIC) attached to VMs (Resource Manager)
AWS vs Azure Security Groups
https://www.bdrsuite.com/blog/network-security-groups-aws-azure-brief-overview/#:~:text=Unlike%20the%20AWS%20security%20group,attached%20to%20VMs%20(Resource%20Manager)
Network
- Default outbound access in Azure
https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/default-outbound-access
see https://learn.microsoft.com/en-us/azure/virtual-network/ip-services/default-outbound-access
Spec
https://docs.microsoft.com/en-us/rest/api/maps/dataset/createpreview
https://learn.microsoft.com/en-gb/training/paths/describe-azure-management-governance/
Architecture
Azure Fundamentals AZ-900
Microsoft Azure Fundamentals AZ-900 https://learn.microsoft.com/en-us/certifications/exams/az-900/
Self paced learning for fundamentals
AZ-305 Microsoft Azure Architect Design Prerequisites
Exam AZ-305: Designing Microsoft Azure Infrastructure Solutions
Knowhow
Azure physical infrastructure
Availability Zones
Region pairs
- Planned Azure updates are rolled out to paired regions one region at a time to minimize downtime and risk of application outage.
Azure management infrastructure
Azure resources and resource groups
- Resource groups are simply groupings of resources.
- When you create a resource, you’re required to place it into a resource group.
- There aren’t hard rules about how you use resource groups, so consider how to set up your resource groups to maximize their usefulness for you
Azure subscriptions
- Billing boundary: This subscription type determines how an Azure account is billed for using Azure. You can create multiple subscriptions for different types of billing requirements. Azure generates separate billing reports and invoices for each subscription so that you can organize and manage costs.
- Access control boundary: Azure applies access-management policies at the subscription level, and you can create separate subscriptions to reflect different organizational structures. An example is that within a business, you have different departments to which you apply distinct Azure subscription policies. This billing model allows you to manage and control access to the resources that users provision with specific subscriptions.
Azure management groups
- You organize subscriptions into containers called management groups and apply governance conditions to the management groups.
- All subscriptions within a management group automatically inherit the conditions applied to the management group,
- the same way that resource groups inherit settings from subscriptions and
- resources inherit from resource groups.
- E.g. You could limit VM locations to the US West Region in a group called Production.
ESXi
Virtual SAN (vSAN)
VMware vSAN ist eine Storage-Virtualisierungssoftware für Unternehmen, die Hyper-Converged Infrastructure (HCI) unterstützt.
VMware vSAN fasst lokale und direkt angeschlossene Datenspeichergeräte in einem VMware vSphere-Cluster zusammen, um einen einzigen Datenspeicher zu erstellen, den alle Hosts in einem vSAN-Cluster gemeinsam nutzen. VMware vSAN ist in den VMware-Hypervisor, ESXi, integriert.
vSphere
Der vCenter Server dient der Verwaltung einer vSphere-Infrastruktur. Er umfasst Funktionen zum Erzeugen, Löschen oder Ändern von virtuellen Data Centern