Core architectural component of Azure

This article focuses on understanding the core architectural components of Azure which can be classified into two main groupings:

1. Physical infrastructure,
2. Management infrastructure.

Physical and management infrastructure

Physical infrastructure

The physical infrastructure for Azure starts with datacenters.

DataCenter

• They’re facilities with servers arranged in racks, with dedicated power, cooling, and networking infrastructure.
• Datacenters are grouped into Azure Regions or Azure Availability Zones that are designed to help you achieve resiliency and reliability for your business-critical workloads.

Regions

• A region is a geographical area on the planet that contains at least one, but potentially multiple datacenters that are nearby and networked together with a low-latency network.
• When you deploy a resource in Azure, you’ll often need to choose the region where you want your resource deployed.
• It is the location for your services to host, Geographical area on the planet.

Availability Zones

The availability zone is made up of one or more datacenters equipped with independent power, cooling, and networking. An availability zone is set up to be an isolation boundary. If one zone goes down, the other continues working.

It comes with two service offerings:

• Zonal services: Allow creating multiple availability zones as required to make services highly available. e.g. VMs, Disks, etc.
• Zone redundant: Automatically replicate data in multiple availability zones for backup. e.g. storage, SQL.

To ensure resiliency, a minimum of three separate availability zones are present in all availability zone-enabled regions. However, not all Azure Regions currently support availability zones

Even with the additional resiliency that availability zones provide, it’s possible that an event could be so large that it impacts multiple availability zones in a single region. To provide even further resilience, Azure has Region Pairs.

Region pairs

Most Azure regions are paired with another region within the same geography (such as US, Europe, or Asia) at least 300 miles away.

It helps reduce the likelihood of interruptions because of events such as natural disasters, civil unrest, power outages, or physical network outages that affect an entire region. For example, if a region in a pair was affected by a natural disaster, services would automatically failover to the other region in its region pair.

Examples of region pairs in Azure are West US paired with East US and South-East Asia paired with East Asia.

Sovereign regions

Sovereign regions are instances of Azure that are isolated from the main instance of Azure. They are generally used for compliance or legal purposes.

Azure sovereign regions include:

• Government region: US DoD Central, US Gov Virginia, US Gov Iowa, etc.
• Partnered region: China East, China North, etc.

Azure management infrastructure

The management infrastructure includes Azure resources, resource groups, subscriptions, accounts, and management groups. Let's understand them by their hierarchical arrangement.

Resources

• A resource is the basic building block of Azure. Anything you create, provision, deploy, etc. is a resource. Virtual Machines (VMs), virtual networks, CosmosDB, etc.
• User is billed for these resources as per their usage.

Resource Groups

• Resource groups are simply logical groupings of resources. They can be organized by type of services, project definition, or organization requirement.
• Each resource must be part of only one resource group.
• Resources in the resource group can reside in different locations.
• Resources can be moved between resource groups.
• Any action applied to a resource group inherits to all the resources within the resource group. If you delete a resource group, all the resources will be deleted. If you grant or deny access to a resource group, you’ve granted or denied access to all the resources within the resource group.
• Resource groups can’t be nested.

Azure subscriptions

• In Azure, subscriptions are a unit of management, billing, and scale.
• To create and use Azure services, you need an Azure subscription which is linked with an azure account which is an identity in Azure Active Directory (Azure AD).
• After you’ve created an Azure account, you’re free to create additional subscriptions A company might use a single Azure account for your business and separate subscriptions for development, marketing, and sales departments.

Management groups

For a company dealing with multiple applications, multiple development teams, in multiple geographies, and having many subscriptions, you might need a way to efficiently manage access, policies, and compliance for those subscriptions. Azure management groups provide a level of scope above subscriptions. You organize subscriptions into containers called management groups and apply governance conditions to the management groups.

Thanks for reading till the end, Do like, share and subscribe to this page for more such content. Please feel free to provide any feedback:)

P.S. It is part of Azure for August learning series, If you want to have a look at other relevant articles, Please checkout https://medium.com/@gargsourabh/list/azure-for-august-3ac4e674e226

If this post was helpful, please click the clap 👏 button below a few times to show your support for the author 👇

🚀Developers: Learn and grow by keeping up with what matters, JOIN FAUN.