Detailed description on core Azure architectural components
Ikponmwonsa Okundigie
Posted on June 6, 2024
This article focuses on understanding the core architectural components of Azure which can be classified into two main groupings:
- Physical infrastructure.
- Management infrastructure.
Make sure you understand how regions and availability zones compare, as well as the Azure Resource Manager model. This is the way all resources are organized and deployed in Azure.
Physical Infrastructure
The physical infrastructure for Azure starts with datacenters.
Data Center
They’re facilities with servers arranged in racks, with dedicated power, cooling, and networking infrastructure. Data centers are grouped into Azure Regions or Azure Availability Zones that are designed to help you achieve resiliency and reliability for your business-critical workloads.
Regions
A region is a geographical area on the planet that contains at least one, but potentially multiple datacenters that are nearby and networked together with a low-latency network. When you deploy a resource in Azure, you’ll often need to choose the region where you want your resource deployed. It is the location for your services to host, Geographical area on the planet.
Here’s a view of all the available regions
Availability Zones
The availability zone is made up of one or more datacenters equipped with independent power, cooling, and networking. An availability zone is set up to be an isolation boundary. If one zone goes down, the other continues working.
It comes with two service offerings:
Zonal services: Allow creating multiple availability zones as required to make services highly available. e.g. VMs, Disks, etc.
Zone redundant: Automatically replicate data in multiple availability zones for backup. e.g. storage, SQL.
To ensure resiliency, a minimum of three separate availability zones are present in all availability zone-enabled regions. However, not all Azure Regions currently support availability zones, even with the additional resiliency that availability zones provide, it’s possible that an event could be so large that it impacts multiple availability zones in a single region. To provide even further resilience, Azure has Region Pairs.
Region pairs
Most Azure regions are paired with another region within the same geography (such as US, Europe, or Asia) at least 300 miles away. It helps reduce the likelihood of interruptions because of events such as natural disasters, civil unrest, power outages, or physical network outages that affect an entire region. For example, if a region in a pair was affected by a natural disaster, services would automatically failover to the other region in its region pair. Examples of region pairs in Azure are West US paired with East US and South-East Asia paired with East Asia.
Sovereign regions
Sovereign regions are instances of Azure that are isolated from the main instance of Azure. They are generally used for compliance or legal purposes. Azure sovereign regions include:
- Government region: US DoD Central, US Gov Virginia, US Gov Iowa, etc.
- Partnered region: China East, China North, etc.
Azure Management Infrastructure
The management infrastructure includes Azure resources, resource groups, subscriptions, accounts, and management groups. Let's understand them by their hierarchical arrangement.
Resources
A resource is the basic building block of Azure. Anything you create, provision, deploy, etc. is a resource. Virtual Machines (VMs), virtual networks, CosmosDB, etc. User is billed for these resources as per their usage.
Resource Groups
Resource groups are simply logical groupings of resources. They can be organized by type of services, project definition, or organization requirement. Each resource must be part of only one resource group. Resources in the resource group can reside in different locations.
Resources can be moved between resource groups. Any action applied to a resource group inherits to all the resources within the resource group. If you delete a resource group, all the resources will be deleted. If you grant or deny access to a resource group, you’ve granted or denied access to all the resources within the resource group. Resource groups can’t be nested.
Azure Subscriptions
In Azure, subscriptions are a unit of management, billing, and scale. To create and use Azure services, you need an Azure subscription which is linked with an azure account which is an identity in Azure Active Directory (Azure AD). After you’ve created an Azure account, you’re free to create additional subscriptions. A company might use a single Azure account for your business and separate subscriptions for development, marketing, and sales departments.
Management Groups
For a company dealing with multiple applications, multiple development teams, in multiple geographies, and having many subscriptions, you might need a way to efficiently manage access, policies, and compliance for those subscriptions. Azure management groups provide a level of scope above subscriptions. You organize subscriptions into containers called management groups and apply governance conditions to the management groups.
In conclusion, Azure's architectural components form a robust and flexible foundation for building and deploying a wide range of cloud-based solutions. Whether you're developing a simple web application or a complex enterprise infrastructure, Azure provides the tools and services you need to succeed in the cloud. By leveraging the power of Azure's core components, you can unlock new opportunities for innovation and growth in the digital age.
Thanks for reading till the end. Please feel free to provide any question and feedback.
Posted on June 6, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.