Azure interview questions 21


Microsoft Azure Interview Questions
Page. 15
Deep Dive:
For example, let’s say we want to run asp.net MVC web application along with SQL server DB on Azure
IaaS VM provisioned in cloud service. Then to provide HA for VMs, it is recommended to run web
application database in different server. Then have same web application hosted in 2 different VMs. Both
VMs should be provisioned in the same cloud service and add them to same availability sets. Whenever
Azure platform see 2 VMs part of same availability sets then automatically they are placed in different
“Fault and Update domain”. This way availability sets provides HA configuration for Azure VMs running
web applications. On top of this it is also recommended to configure Load balancer [for the endpoint port
which is used for running web application. usually this is 80 for http or 443 for https].
For database VMs again it is recommended to run them in separate Availability sets than web tier VMs.
Then to keep the data in sync between 2 DB VMs either use Log shipping or mirroring mechanism. Then
on top of this Internal load balancer can be used to provide communication between web tier VMs and
DB tier VMs.
If cost is not the factor, then SQL Server Always On configuration is best and recommended approach for
achieving HA at DB tier VMs.
Following diagram illustrates the above best practice -
Microsoft Azure Interview Questions
Page. 17
As you can see above the 3
rd
record is storing the date time in different format than first 2 records and
this is absolutely accepted in Table storage. This is what we meant by “No Schema enforced on the data”.
14.
What is the difference between SQL Server on Azure VM and Azure SQL
Database?
#
SQL SERVER ON VM
SQL AZURE DATABASE
1
This is IaaS offering on Azure
This is PaaS offering on Azure. It is also termed as
“Database as a service (DBaaS)”.
2
Access to underlying VM is available.
Access to underlying VM is not available and
everything to be accessed over TDS (Tabular
Data stream) based endpoint.
3
Automated backups, DR and high
availability is not available and one needs
to configure it.
DR, Backup and High availability is available
default.
4
Eliminates Hardware cost
Eliminates hardware and administration cost as
well.
5
Distributed transaction or all SQL server
capabilities are supported.
-
Distributed transaction is not supported.
-
Additionally there are restrictions on the
usage of some reserved keywords also.
-
Use command not supported.
6
DB mirroring, Log shipping, transaction
replication supported.
DB mirroring, Log shipping, transaction
replication not supported.
7
SSIS, SSRS, SQL agent is available.
SSIS, SSRS, SQL agent is not available.
Microsoft Azure Interview Questions
Page. 18
Azure Networking – VNET
This section will cater to some example questions where Hybrid implementation is the key focus of Azure
deployment.
15.
An application front end is hosted on Azure but due to security reasons
customer want database to be hosted on-premises within his office building.
What are the different ways to handle this connectivity scenario in Azure?
Looking at the requirement of connecting single on premises DB machine to Azure hosted application,
Azure VNET based “Point to Site” can be considered as correct choice in this scenario for Azure to on
premises connectivity. Point to Site is ideal choice for establishing VPN connectivity between on premises
resources and Azure resources where number of resources to be connected is limited.
16.
What are the other VNET options for achieving connectivity with on premise
and azure resources?
Site to Site and express route are other options for achieving cross premises connectivity. Site to site to
specifically use when you have large number of resources to be connected.
In some cases, Site to Site or Point to Site connectivity may introduce network latency as VPN created by
these features work on public infrastructure (Internet) only. To overcome on this situation “Express Route”
option can be taken which offers dedicated Leased Line based offering to overcome on latency issue.
17.
What is the option to connect on premises Database in case user is not willing
to open up VNET based connectivity?
In such case, a WCF service can be developed and hosted on premises. This WCF service will have CRUD
operations specifically against the on premises database. Then Service bus relay option can be used for
invoking on premises WCF service from Azure hosted web application to access the database. Use of WCF
and service bus relay will avoid the option of VPN connectivity using Azure VNETs offerings.
Azure Migration
This section highlights real world migration interview questions for IaaS or PaaS migration from on
premises to Azure.
18.
On premises application running few windows services, console applications
to handle certain tasks. What should be the approach for migration of such
applications to Azure?
There are 3 ways by which we can achieve background process migration to Azure –
1.
Azure Virtual Machine
2.
Worker role
3.
Azure Web Jobs
Microsoft Azure Interview Questions
Page. 19
Deep dive:
The obvious way can be –
Azure VM: This is actual VM running in Azure. Current on premises console applications, windows services
can be configured on this VM. Then it can function the way it was functioning on premises. However,
managing the VM will be our onus.
Better way can be –
a.
Worker Role: If current windows service is written in C# [or any other Azure cloud service
supported programming language] then it can be easily converted into Worker role to do the
processing. Being PaaS offering we will not have to manage the role instance VM. However, in
case of Worker role the scheduling part may be tricky (manual implementation) if that is the need
of background application we are migrating.
b.
Web Jobs: This can run in background plus has scheduling capability as well. Webjobs runs in the
context of API App service, means runs on the same instance on which web application, API app is
running. Hence it saves cost as compared to Worker Role and it can scale as per the App Service
plan in which web app, API app is running.
If we are looking for Micro-service based architecture (loosely couple application in all respect) –
Then, Azure functions is another way of doing it. Although it is not cost effective as webjobs but it follows
“Single Responsibility Principal” providing you true nature of loosely couple applications.
19.
What is the way to implement Caching/Session Management mechanism in
Azure?
Azure Redis Cache is the most commonly used Caching mechanism available as Platform as a Service
(PaaS) in Azure. In the recent announcement, Microsoft mentioned that Azure Managed Cache and In-
Role cache will be retiring on 30
th
November 2016.
Deep dive:
Earlier Microsoft Azure AppFabric Distributed Cache service was the primary option for Caching
implementations in Azure, however it is now deprecated and no longer recommended.
Redis Cache:
Redis Cache is open source Third Party service provider in Azure and it is available as Platform as a
Service (PaaS). So you don’t have to create VMs or configure any infrastructure components to build and
utilize Redis Cache. Redis Cache is also costly Caching service compare to SQL Server option. Redis Cache
have its own security layer and it is ensured to not get exposed to public networks, hence using Redis
Cache for your Caching related requirements in any apps is safe. Also Redis Cache is scalable and hence
very much viable solution in large enterprise applications. You can implement Redis Cache with design
patterns like Circuit Breaker or Cache-Aside pattern as well.
There are three main offerings/tiers of Redis as:
1.
Basic – Single instance with no SLA
2.
Standard – Two instance with HA (High Availability) SLA
Microsoft Azure Interview Questions
Page. 20
3.
Premium – It is designed for bigger workloads and DR (disaster recovery) with all features of
Standard tier and high availability SLA
You can also monitor Azure Redis Cache activities. You can also setup Redis Cache instance from
PowerShell like:
New-AzureRmRedisCache
-ResourceGroupName
myGroup
-Name
mycache
-Location
"West US"
Based on your business requirement you can choose any tier for your application. It is highly
recommended to use Redis Cache in Cloud First applications (Purely cloud based) than Hybrid
Workloads/Applications.
20.
What is Azure Resource Manager (ARM) and what are benefits of ARM over
Classic services (Cloud Services)
Azure Resource Manager (ARM) is the deployment methodology/strategy to deploy your Azure
components in Azure (IaaS and PaaS components). It acts like container of multiple resources however it
can span across regions and services. It is template driven, declarative and idempotent in nature.
Following are the benefits of using Azure Resource Manager (ARM) over Classic Services (Cloud Services):
You can deploy, manage, and monitor all of the resources for your solution as a group, rather than
handling these resources individually. You can repeatedly deploy your solution throughout the
development lifecycle and have confidence your resources are deployed in a consistent state. You can use
declarative templates to define your deployment. You can define the dependencies between resources so
they are deployed in the correct order.
You can apply access control to all services in your resource group because Role-Based Access Control
(RBAC) is natively integrated into the management platform. You can apply tags to resources to logically
organize all of the resources in your subscription. You can clarify billing for your organization by viewing
the rolled-up costs for the entire group or for a group of resources sharing the same tag.
21.
What is Log Analytics (Operational Management Suite)?
Log Analytics (OMS) (formerly known by “Operational Insights”) in Azure cater all requirements in one
single service and takes care of Log Analytics, Automation, Availability and Security at one single place. It
provides single dashboard which gives all details of Logs, IIS Logs, Storage and other Infrastructure Log
and Capacity planning details. Log Analytics also extend itself to On Premise infrastructure, Amazon
(AWS) workload and Open Stack beside traditional Windows and Linux virtual infrastructure in Azure.
Log Analytics also enables you to generate Power BI data source from which you can build Power BI
visuals for your data. Log Analytics leverages OMS which also gives you Security and Threat
Management related data with all necessary details like Login Information, IP Addresses etc. It is paid
services and comes with 3 different pricing tier as Free, Standard and Premium. It helps you to search
Logs across your infrastructure from a single dashboard and also allows you to export the results as well.
Hence this becomes one single point/dashboard for all your logs of all your infrastructure irrespective
whether it is Windows or Linux or On premise or Azure hosted.
Microsoft Azure Interview Questions
Page. 21
22.
What are the various ways by which an on premises VM can be migrated to
Azure?
The best and quick way can be to migrate the associated OS disk and data disks from on premises to
Azure storage, and then provision VM out of it.
For migration of on premises VM, we need to understand what is the virtualization platform used for
hosting the VM. Various virtualization techniques are HyperV, VMWare etc. For creating VM on Azure
requires VHD file only and that can be obtained from HyperV directly. In case VM is hosted on
virtualization platform other than HyperV then we need to first convert the existing VM disks into vhd
format and then can be uploaded to Azure storage. Once the disk files are present on Azure, VM can be
provisioned.
Azure Messaging – Service Bus
This section focusses on important and common questions related to Azure Service bus offering.
23.
What is the difference between Storage queue and Service Bus queue?
Below are the important difference between storage queue and service bus queue -
SR. NO. STORAGE QUEUE
SERVICE BUS QUEUE
1
FIFO ordering is not guaranteed
FIFO ordering of messages is guaranteed with
the help of sessions
2
No session support
Messaging level sessions are supported
3
At Least Once delivery model
Supports At least once, At most once, Exactly
once delivery models of messages
4
No automatic duplicate detection
Supports automatic duplicate detection
5
No support for dead-lettering
Dead letter queue is supported
6
Message size 64 KB
Message size is 256KB
7
Time to leave up to 7 days max
Time is live is unlimited
8
One to one message delivery
Supports one to one and one to many
message delivery
9
No transaction support
Transaction is supported
10
Batched receive is supported but batch
send is not supported
Supports batched receive and batched send
both.
11
Message receiving behavior is non-
blocking
Message receiving behavior can be blocking
or non-blocking both.
Deep Dive:
Point 1 & 2 -
The storage queue does not provide guarantee about FIFO nature. The order in which messages are
added to queue may not get received in the same order. On the other hand, Service Bus Queue provides
FIFO ordering guarantee if “Message Sessions” are used. If messages are added with SessionID and
receiver receives the messages with same SessionID then an affinity is created and the order in which
messages were added, message will be received as well.
Microsoft Azure Interview Questions
Page. 22
Point 3 – Message Delivery model –
Storage Queue - At Least Once –
Storage Queue has two methods of receiving message from queue. “PeekMessage” and “GetMessage”.
Peek only read the message but it remains in the queue so other receivers can receive it again. So if you
want your message to be processed multiple times then PeekMessage method should be the choice.
When GetMessage is used then received message remain invisible for some default duration for other
receivers. If it is not deleted within that period, then automatically message reappears for other receivers
to consume again. So typically if you want your message to be processed only once then call GetMessage
method and after processing call DeleteMessage method. In this case if any error is encountered during
processing of the message before calling delete message then the message will re-appear in the queue
after default time period of invisibility.
As here we can see using GetMessage and DeleteMessage method combination every message in storage
queue “always gets delivered or received” hence it is termed as “At Least Once” delivery.
Service Bus Queue – At Most Once -
Service bus queue message can be received using ReceiveAndDelete method. This is one way operation
where message is received from service bus queue and immediately marked as complete. If message is
marked for complete then automatically it gets deleted. This is one way operation hence faster and
cheaper as only one transaction charges are applicable. However, if any error is encountered during
processing of message after receiving then, same message is lost as and can’t be received again as it has
been already deleted while receive operation. So if your application can tolerate the no-processing or
missing messages in some cases then ReceiveAndDelete can be used.
As the message receiving attempt is made only once and after that it gets deleted this is referred as “At
Most Once”.
Service Bus Queue – At Least Once -
PeekLock method of receiving message from Service Bus Queue is two stage operation. When PeekLock is
called, the message gets locked and no other receivers can receive it. Once the processing is finished
Complete method can be called on the same message which marks the message for delete operation. In
case an error occurs while processing the message can re-appear again for receive operation after expiry
of lock period. Similarly, if processing of message is required to be done immediately after error, Abandon
method can be called which makes locked message available for consumption immediately. This way
combination of PeekLock and Complete method makes sure that every message is received and
processed always therefore this model is called as “At Least Once”.
Service Bus Queue – Exactly Once -
Service bus queue supports automatic duplicate detection of message based on MessageId. If queue is
created with duplication detection as true then if 2 messages with same MessageId are added to the
Microsoft Azure Interview Questions
Page. 23
queue, one of them automatically will get ignored. So this way we can say Service Bus Queue support
“Exactly once” delivery model if duplicate detection is enabled.
24.
What are different receive methods can be used for Azure Service Bus Queue?
Answered as a part of deep dive section of question no. 12.
Identity in Azure – Azure Active Directory
This section highlights important and common questions around security in Azure that are asked during
interviews.
25.
What is the difference between Azure AD and Windows Server AD?
#
WINDOWS SERVER AD
AZURE ACTIVE DIRECTORY
1
Windows AD offers 5 core services –
ADCS, ADRMS, ADFS, ADDS, ADLDS.
Azure AD provides only one solution – “Identity
management throughout the internet”.
2
Designed to operate in corporate network
where companies have full control over
topology. This exposes services exposed
through various protocols like LDAP,
Kerberos, DNS, AD replication etc.
Type of communication is Http or Https and
authentication protocols supported are OAuth,
WS-Federation, SAMP-P.
3
Operations/ information can be retrieved
from AD are performed through LDAP
queries.
Azure AD provides Graph API which is REST API.
4
The management of devices are limited to
corporate assets.
Http and https enables support for any device
that can talk over http/ (s) hence enabling true
Bring Your Own Device (BYOD) scenario.
5
Can’t be integrated with enterprise ready
SaaS applications.
The nature of Azure AD enables to integrate with
enterprise grade SaaS applications such as
Salesforce, Facebook at work, dropbox and so on.
6
You have access to underlying Domain
controller as this is Infra offering.
No access to underlying servers as this is PaaS
offering and communication happens using
internet facing endpoints.
Microsoft Azure Interview Questions
Page. 24
References
https://azure.microsoft.com/en-us/get-started/
An Appeal to readers
Thanks for reading through! We hope you found this interview guide trial version useful. We will love to
hear about topics you want to get covered as a part of full version of this book. Requesting you to take 2
minutes of your time and send your thoughts to
E-mail: cloudqna2016@outlook.com
Or
Tweet: @AzureInterviews (AzureQNA)
Author’s on Twitter :
Vikram Pendse (@VikramPendse)
Kunal Chandratre (@kunalchandratre)

Comments

Post a Comment

Popular posts from this blog

BAD_ADDRESS FLOOD IN WINDOWS DHCP SERVER

Image
How a single misbehaving client can take down your network Well, not really your entire network but definitely DHCP. I came across a linux client that had issues with assigning an IP address using dhclient. The dhclient process would throw a null pointer exception during the phase in which it attempts to validate the assigned IP address. From here, dhclient sends a DHCPDECLINE message to the server. The DHCPDECLINE message tells the server that something is either wrong with the DHCP parameters or that the client discovered that the IP was in use (through gratuitous ARP or in this case, a failed attempt at sending a gratuitous ARP). cat /var/log/messages  : RFC 1541 states: “If the server receives a DHCPDECLINE message, the client has discovered through some other means that the suggested network address is already in use. The server MUST mark the network address as “not allocated” and SHOULD notify the local system administrator of a possible configuration pr...
Read more

ESXI REMOVE ALL SNAPSHOTS HANGS AT 99%

Image
Check and make sure that the process is actually stuck and not just taking a very long time. To do this, follow these steps: 1. Make sure SSH service is running on the ESXi host Navigate to configuration -> security profile -> services -> Click on Properties Choose the ‘SSH’ service, ‘Options’, and click ‘Start’ Once SSH is enabled, connect to the ESXi host using your favorite ssh client. 2. Run ->   vim - cmd  vmsvc / getallvms Find the vmid of the virtual machine, in this case its 20. 3. Now run ->   vim - cmd  vmsvc / get . tasklist   20 <-   this is the # of the vm from above 4. Find the removeallsnapshots task # then run: vim - cmd  vimsvc / task _ info   185720854  <- this # will be different for you If you see:   “The object has already been deleted or has not been completely created”  or similar, your snapshot removal is probably frozen, but in order to be sure, let’s loo...
Read more

Windows Server: How to Repair the Boot Files in Windows Server 2008 or 2008 R2 if the Server Won’t Boot

There are a number of possible causes for the failure of a server to boot into Windows. This article deals with a problem in the boot files and demonstrates how to repair them. Solution IMPORTANT: Drive Letters Change in WinRE When booting to the Windows Recovery Environment (WinRE), the drive letters are assigned on a first-come, first-serve basis. For example, the C: drive in Windows will often have a different letter in WinRE. The DiskPart utility can be used to keep track of the drives and what is stored on them. Restoring Boot Files   Note:  If there is no System Reserved partition. It is okay to select the drive containing the Windows folder . First Partition: 100 MB System Reserved (No drive letter) Second Partition: 60 GB (C:) OS Third Partition:1.5 TB (D:) Data DVD Drive: E:   Note:  The DVD drive’s letter changes from E: to F: in WinRE. Boot to the Windows Server DVD. Open the command prompt. Server 2008 R2 If no driver is needed, p...
Read more