Pass Microsoft Certified: Azure Administrator Associate Certification Exam in First Attempt Guaranteed!
Get 100% Latest Exam Questions, Accurate & Verified Answers to Pass the Actual Exam!
30 Days Free Updates, Instant Download!
AZ-104 Premium Bundle
- Premium File 498 Questions & Answers. Last update: Dec 12, 2024
- Training Course 132 Video Lectures
- Study Guide 458 Pages
AZ-104 Premium Bundle
- Premium File 498 Questions & Answers
Last update: Dec 12, 2024 - Training Course 132 Video Lectures
- Study Guide 458 Pages
Purchase Individually
Premium File
Training Course
Study Guide
AZ-104 Exam - Microsoft Azure Administrator
Download Free AZ-104 Exam Questions |
---|
Microsoft Microsoft Certified: Azure Administrator Associate Certification Practice Test Questions and Answers, Microsoft Microsoft Certified: Azure Administrator Associate Certification Exam Dumps
All Microsoft Microsoft Certified: Azure Administrator Associate certification exam dumps, study guide, training courses are prepared by industry experts. Microsoft Microsoft Certified: Azure Administrator Associate certification practice test questions and answers, exam dumps, study guide and training courses help candidates to study and pass hassle-free!
Azure Virtual Machines
1. *UPDATED* Create a Virtual Machine
Now it's time to get into one of my favourite things to do within Microsoft Azure, which is to create a virtual machine. Now, if you're on the home page, there's a Creative Resource button right in the top left corner. There's also a Create a Resource option in the left menu bar. If you click it, you're going to be taken into the view. Now, the first item on the Get Started tab is Windows Server 2016. We can also see an Ubuntu server as the second item. If you're looking for specific images, don't worry; we can go in there and choose our favourite image. You can also go into the "Compute" section and look for images there. For instance, SQL Server running on a Windows Server is probably also a virtual machine image. You can search the markets. So, if you're looking for Windows, you can actually bring up -- well, this is a little unrealistic -- but you can certainly bring up the entire set of Windows published by Microsoft. You can see Windows 10 with Seven and so on.
Let's go back to the marketplace, GetStarted, and choose Windows Server 2016. This is a wizard-type view, a tabbed view within the browser. So this is Tab One Basic. The first thing you're going to do is select your subscription. Now if you have only one subscription, you don't really have a choice. You have more than one subscription. Make sure you're creating this machine in the right subscription. This is where the billing goes. Now you do need to select a resource group. You could have an existing resource group and put it in there, or you can click the CreateNew button and create a new resource group. Now, creating a virtual machine is going to create a number of resources, like six or seven resources. And so I'm going to create a resource group. AZ's new VM 104 This naming does not have to be unique across Azure. It's only unique to your subscription. You have given the virtual machine a name.
So I can call this AZ New VM Four, and that will be the name of my virtual machine. Now, the next big decision is the region. Now, Microsoft does claim to have 50 regions of the world, but each individual does not have access to all 50 because some of them are government regions or China regions, Germany, et cetera. So you are going to have a couple of dozen choices. Now, I should note that you might find some regions are full. So if you choose East US and you create a VM, perhaps they won't have one for you. And especially during 2020, we're having this crisis. Because many of the virtual machine regions are already full, you should probably go with South Central US. kind of an unpopular one. This also has an impact on pricing. It may be subtle, but if you select an Australian region, a Japanese region, or an African region, you will pay slightly more than if you select East US. Et cetera. So seeing as this is a problem for you, you may want to choose a region in the right location with the right price.
Now there is the concept of redundancy. Now I've decided on the South Central United States. It does not support application availability zones. And so if I wanted to choose regularcentral.us, I could create availability zones, and we'll talk about availability zones in another video. This is the image that's going to get chosen. Now that we're at this point, we can change it. If we want 2019 Windows Server, we could change it there or go over to Debian and things like this. Leave 2016 alone. This concept of a spot instance is a relatively new feature. Now, a spot instance is basically you getting a virtual machine at a much cheaper price, but you can be evicted at any time. So really, it's sort of like flying and buying tickets on an airline. You're getting your seat cheaper, but if somebody comes along and the paying customer wants to get that seat, you're going to get booted from the plane. So, if you have low-priority tasks and mindgetting booted and want to save money, a spot instance is the way to go. The next big decision here is yam size. And so you see, it's been giving me the DS 1V 2 by default, and I can actually see the pink. I'm going to click "change size." Now this is a long list—160 currently in this region, the central US region.
And I can filter this, for instance, by going in here and saying I want to see machines that have between zero and 8 GB of RAM. It's going to filter it right down if I know specifically what kind of machine I want. So we can see the features, the number of CPUs and RAM, the amount of external distance, the operating IO per second, and most importantly, the price. And so I can get a B-series virtual machine for at least $10 a month. One M is $7 a month. I should warn you that these CPU machines are quite underpowered. You're going to have trouble booting them up. They're going to be slow. Half a gigabyte of RAM and one CP not very powerful for a Windows server. If you're running a Linux machine, maybe you'll have a little bit more luck. So I'm going to choose B. Two Ms. It costs about $100 a month. But we are now getting two CPUs and 8 GB of memory. I guess the M stands for memory. I could get two S for 4GB for half the price.
Again, your region and your currency might bring it here. I'm going to select B and S. Now, I do have to come up with an administrator, username, and password. This is the username that you're going to use when you log in to the machine using Windows Remote Desktop. If you're doing a Linux machine, you'll be prompted for each private key here. The next big decision will be which ports to open. Previously, they had no open ports and you couldn't access the machine from outside of Azure. Now they turn on RDP by default. If you want to turn this into a web server, you're going to need to have web ports open for Linux SSH, not RDP. This is a security concern anytime you have ports open, so be extra careful if you have an existing Windows license. If you're an Azure Microsoft Enterprise customer, then you might be able to repurpose some of your existing licences for Azure.
And you can select this by moving to the Next tab on the disk. We can see here that we are getting a premium state disc by default for the operating system. We could downgrade to a standard solid-state drive or even a standard hard disk. This is going to change our selection of virtual machines and the price around it, so I would leave it as Premium SSD unless you really have a reason not to. A relatively new addition to the screen is encryption. Now all Azure VMs are encrypted on Azure storage accounts by default. If you want to provide a customer-managed key, that's done using Key Vault, and you can choose it. The additional discs have now been added to the list of data disks. So we have a temporary operating system disc that is like the C drive. And if you need additional disks, you can create and attach data disks.
And depending on the instance type you choose, there's a limit to the number of them that you can create. Now, going on to networking We have a whole section on networking coming up. But it's going to create a virtual network by default. If we want to attach this to an existing virtual network, then we would choose that from the drop-down menu here. We're going to let it remain in the default Basic Network Security Group. We already selected the port on the Basics tab. This is just a confirmation. Accelerated networking is only for certain instances that allow very high-speed connections on two or more machines of the same type on the same network. but it's not qualified here.
And if we're making the VM with the intention of putting it in a load balancer, we can do so right on the screen. So we do get what's called "Security Center Basic" for free. We can upgrade to a higher level of the Azure Security Center plan. We'll talk about that another time. This is all the logging and monitoring. I have a habit of turning them. I'm never going to go and examine the boot diagnostics for a VM. You might want to, and maybe in a development or testing area you're going to want to do that. But I leave all the diagnostics turned off. At this point, we have this running under its own system-managed identity, what's called a service principle. I do like to enable the auto-shutdown feature, especially for these types of things. You can insert them, leave them on, forget about them, and you're going to end up running up a big bill. And so I could do that, let's say at 11:00 p.m. Eastern time, and that would shut the VM down and stop the cost. At 11:00 p.m. I don't need to be notified before shutting down. We can also set up the backup here. I have a whole section on backup, so we won't touch that. Right now. This section is allowed to run the script.
So, if you have a startup that will install software and cause some confusion, you can use the VM extension to run scripts. If it's a Linux machine, there is something called "Cloud in it that is for Linux. We can run this on something called Azure Dedicated Host, which is dedicated hardware that is kind of expensive. But instead of running as a virtual machine with customers on the same machine, you get your own machine that you're running virtual machines on that no one else shares.
That's a whole separate thing. Proximity placement groups It's almost the inverse of a Basics tab availability setting. Put the machines far enough apart so that if one of them goes down, the other ones are not affected. Proximity groups are the opposite, where it's going to put the resources fully together in the same region. That is, if two machines needed to communicate with each other and you wanted the absolute lowest amount of latency communication between them, you would want to physically place them close together, which is the inverse of availability. This means that if the region or the datacenter fails, the multiverse will fail as well. The Generation I generation is the default here. Two VMs are not yet supported for encryption. So don't touch that unless you really need to.
Tagging is important. So if I set this up as a dev box or a production box, you can set some metadata here on the last day you get to review and create the machine. It does a validation. So if it's green or red, you have an error. It's telling you the final price. So, based on my B2S selection, it's about 7.4 cents per hour in Canadian dollars, and I can see all of the settings that I made. Now, one of the important things that you can do here is look at the Arm template for this solution, go to the JSON file that represents your solution, and do other things in terms of managing that. Of course, we'll cover Arm templates in this course, but for now, I'm just done, and I'm going to hit the Create button. And so, Microsoft, it's going to take three or four minutes. Microsoft is pretty good at creating VMs these days. They even have some on site. So if I chop them to choose the right VM type with the right disk, they're just going to grab one of their existing VMs, and I can get that within a minute or two. But even if it has to create it, it'll take less than ten minutes. So let this run, and when we come back, we'll have a VM, hopefully.
2. *UPDATED* Connect to a Virtual Machine
Alright, so this really only took a few seconds. If we go into deployment here, we can see that the virtual machine itself was deployed in 32 seconds. The public IP address took 6 seconds. The virtual network part took 20 seconds. So we really struck it rich here. It took only a minute or so to deploy this virtual machine. So I can click this blue button to take me directly to the resource, and we can see that it's in the running state, the name of our virtual machine. It has both a public and a private IP address. Scrolling down, we can see the CPU utilization. It's up and running right now. It's running around 30%. So the machine must still be in its startup state and see the disc and the disc operations themselves. So this machine is very much alive, and we can sort of see it here. Now you might want to write a Go command and connect to the virtual machine. And Microsoft does provide an easy way to do it.
There is this connect button, and we can choose whether we want to connect to it using RDP. If this was a Linux box, it would be SSH, or if we had an Azure Bastian set up, we could use that. So let's choose RDP. And basically, we've got our public IP address and the port number, and we could download the Windows Remote Desktop file to our computer. I clicked it, and it did it. If I open the art file, it says unknown publisher. That's OK. And now we have to log in to the Windows Server. Now I'm attempting to use my own computer credentials. You have to click on more choices and use a different account. Now we created an administrator account when we setup this box, and whatever your account ended up being, this is what you're going to use.
So I put in my administrator credentials, and I said, "Okay, now this is the first time I'm connecting this." And so I have to accept the security certificate, and I can even store the certificate. And so don't ask me again for this computer. and I said yes. And now it's the familiar Windows Remote Desktop interface. It's creating an account for me. So this is the first time I'm creating a Windows profile and setting up my desktop. So it's going to take a little bit longer than a normal login to create this profile for me. Now we have a window at our disposal. I can go into it, and it's going to tell me this is the first time it's running. Do I want this to be discoverable? I'm going to say no; that's fine. And we can see it's a Windows server. I can click the Windows icon, and we can see there's nothing installed here.
The first time it runs, it does a Windows Server role selection. Now we can always—I mean, this is where we would set up iOS or anything else—and always minimise that. So we've successfully created and connected to the computer. We can easily disconnect it if we click the power button and say "disconnect." Now, as I said before, this machine is now incurring costs. And so we think it was something like $0.15 an hour. It's not that much. But when you're not using the machine—if it's not a production server and you're not using it—you really do want to stop the machine. That will deallocate the IP address, and the machine will still exist as a file in a storage account. but it won't be running. It won't be connectable. So I do remember: when you're done playing around with this, stop it. We're not going to do that right now because we have more to talk about. But I wanted to let you know that this is going to incur charges until you stop it.
3. *UPDATED* VM Availability
So let's talk about the options for high availability in Azure. Now, when we were creating our machine a couple of videos ago, we did have an availability option, and we sort of left it as the default. So when I review that, I'm going to go create a resource. I'm going to choose Windows Server 2016. Again, I'm going to go through the process of creating another virtual machine just to demonstrate. So I'm going to put this in the same resource group. I'm going to call this the new VM 5. Now, we do get to choose the region. Now, for the sake of the example here, I'm going to choose the central US region, and this is the availability options selection.
Now, this has to be done at instance creation. You can't create a virtual machine and later decide you want to set the availability options. It has to be done when you create it. As a result, there are no express availability options by default. Now, Azure has a pretty good track record when it comes to the availability of a single virtual machine. In fact, let's flip over to a service level agreement. You do a search for "SLA for virtual machines" in Azure.
You'll get to this, and it does get updated every year. As a result, the latest date for a single instance virtual machine is January 2020. Now, the only ones they're recovering are the premium SSDs. Remember that on the second tab, the discs tab, we have the option of selecting between HDD standard SSD and Premium SSD. So the only one that's covered by an SLA is the print SSD, and we will guarantee virtual machine connectivity 99 percent of the time. So Azure guarantees 99.9% availability even if you create a single machine with no expressive redundancy. To put this into perspective, 99.9% availability equates to approximately two minutes down per day, ten minutes down per week, and 45 minutes down per month. So if your single virtual machine is down for less than 40 minutes a month, that's what's the expectation. If it's more than this, there are some financial promises. So the guarantee is a financial one. And so if you have less than 9% uptime, there is a 25% service credit.
You can see some promises here. And if it's even less than 95% of the time, then you'll get your money back on a monthly basis. I think you have to expressly request this. So for a single VM, you do get a 99.9% service level agreement. You can do better than that, though. So the next one up is called the availability set, which allows you to expressly tell Azure that you're going to have two or more scenes that are identical; they're related. Now you're going to have to do the work to put a load balancer in front of them and make sure that they are identical. But if you tell it that it's an availability set, Microsoft is going to make an attempt to physically separate those machines so that something that would take down one machine won't take down the other. And those could be a bad power supply, a Windows update, or something else.
Using the availability set, any unintended or intended downtime is reduced. But it only works with two or more virtual machines. If you go to the SLA, it says two or more instances belonging to the same availability set will guarantee 99.95% ability. So if we go back to our chart here, we're going to the next level up, 99.95, and we're going from about 40 minutes of expected downtime a month to only 20 minutes of downtime a month.
Less than a minute per day of downtime That's pretty good. Now, it's not as perfect as you might imagine, but less than a minute per day is pretty good. In most cases, users do not have time to complain before the machine is restored. And again, this covers both machines. So you'd have two, three, four, or five machines, and one of them could be down but not all of them. Now, the next level up from that is called an availability zone. Now, the availability zone is where you are the one choosing where that machine gets deployed. Let's say there are three datacenters: one, two, and three. And say, "I want this machine deployed to Zone One." I want this other machine deployed to Zone Two. So you're physically placing them in a building.
The SLA for that gets up to 99.9%, which on our chart gets down to four minutes on the downtime. So we go from a minute per day to 40 seconds per day to 8 seconds per day of downtime. And this is barely anything. So availability zones are definitely the way to go. If availability and high availability are required to bring you something, I should mention availability sets. Before we go, let's create one here. As a result, the set has a name: availability set. And there are two concepts in availability sets: One is known as a fault domain, and the other as an update domain. Now, a fault domain is really an unintended, unforeseen error, and it's usually a power supply or some switch or networking issue.
That's your physical problem. So if you deploy two virtual machines across two volumes, then a single power supply or a single network switch is not going to support your application. You can increase that to three. So if you have three machines, they're deployed against three thumbs. You can't have more than three. All right, so if you had 20 virtual machines with an availability set, they'd be deployed across these two or three fault domains.
The other concept is the update domain. Now, the update domain is basically how patches are rolled out. And so let's imagine our 20 maximum update domains, and let's say you had 20 virtual machines. You deploy your machines across all 20 update domains, and Microsoft is going to roll out the patches first to one, then to two, then to three, then to four, all the way up to 20. And so our machines would be rebooted only one at a time as the patches were deployed.
OK, when Microsoft needs to update the Azure software, you can't avoid that downtime. Now, maybe 20 is excessive, and the default here that we saw was five. And so if you had 20 virtual machines across five update domains, that would be four virtual machines per update domain. And so when they're rolling hatches, you would have four machines being booted at the same time.
Maybe your application can handle that, or maybe it can't. So that's a very important concept. Fault domains versus update domains What they are and these limits of three and twenty—the defaults of two and five—are the things you probably need to memorise for this. Anyways, I'm not going to go ahead and create this virtual machine, but that's an explanation of validity sets and availability zones. What's the difference between them? What's the service level agreement that Microsoft makes, and what does that mean in terms of actual, practical downtime expectations for you? Solution?
4. *UPDATED* VM Monitoring
So we're back to the previously created virtual machine, and we'll talk more about monitoring in this. But I do want to just touch on the basics of monitoring. In this section on the overview page, when you go into the portal into the virtual machine, you can see an overview of some graphs, and we can see where we created it around 10:00 p.m. created the machine around 30 Everything got settled. I guess I disconnected and haven't really touched the machine since. If we want to review really quickly how a virtual machine has been running, we could certainly look at these reports on the overview screen. In fact, this little pin button will put this on the dashboard. So if I click that, it goes on the dashboard.
If I go to the dashboard, this pin is there. I can believe I can customise the hours, how granular the data is, what time zone it's in, et cetera. I can also customise the dashboard by dragging the tile. We haven't really gone through dashboard causation in this course. We probably won't. But putting stuff on the dashboard is one way of customising your view.
Let's go back into the virtual machine so we can see we've got these graphs, but there is this thing called diagnostics. If I go all the way down into support and troubleshooting or the Intel Ring, there are diagnostics settings. Now, we did not enable diagnostics when we started. We're going to have to basically install an extension for the virtual machine that will pull PPU disc and network usage out of the virtual machine and into a storage account that can be then queried by other programs, including Azure Monitor.
So in order to go any further with this, we need to enable this. This will install a new programme on the virtual machine. It's going to probably have to reboot the machine. So I think it's disruptive, and it does take some time. So creating a new storage account and installing the VM is like a five- or ten-minute job. So we're going to let that run. But once we get this machine back online, we'll see what kind of diagnostics we can get from it. So, in a matter of minutes—not quite ten minutes, but minutes nonetheless—a new storage account was created. And now that we have the ability, we can begin to configure the diagnostics for this VM. So this is the overview tab.
We're not going to look at that. We go into performance counters, and we can sort of see a default set of basic counters every 60 seconds. So every minute, it will pull the current CPU, memory disk, and net numbers. And so we can see on a minute-by-minute basis how the server is getting on.This is not going to take a minute and will not be excessive. The amount of data being extracted isn't particularly large. The server itself won't be under any strain. But if we wanted to have every ten seconds or every five seconds, we would then have to go under "custom settings." We now have additional performance counters for ASP.Net and SQL Server.
If this machine was running a website or a database, go into customs. We can see all of the custom counters and how many seconds it takes, what the unit is, and what it's pulling. So let's say we want to look at the data every 10 seconds. Now unfortunately, I have to do this on a counter-by-counter basis, but I think you can get the tier so I can sort of get my information on a more frequent basis simply by going under custom to the Logs tab. We can see that in Windows specifically, they have the action log, the security log, and the system log under "event logs." And so this is exactly that. Pull the event logs from Windows and pull those into your storage account, which can be used by Azure Monitor.
If you want to go farther and pull in the IIS activity logs and the failed request from IIS, then you can pull that in. Okay, so what this is doing is pulling it out of the virtual machine and into Azure. We can even get tracking output if your.Net application has tracking enabled, and so on. So I can sort of have all of these things. Now we get more sophisticated things, such as crash dumps. I've never in my life gone through a crash dump and looked at the memory of a process. But if that's something that you're able to do, you can obviously enable that sync. It's also similar. It's basically a managed identity that allows you to pull out certain instrumentation. Okay, now this does this using a storage account.
I created a storage account, but it does this without using one. And if you ever have a problem with the agent, you can always remove it and reinstall it. So if your performance counters aren't being run properly, it's right there for you to do it. All right, now that does not change what happens in the overview screen. This data is still being pulled, but what it does change is Azure Monitor. Now we can go into this Insights tab under Monitoring, and this is going to take us into Azure Monitor. for the virtual machine. We do have to enable the Azure Monitor VMs service. It's not connected to a login workspace. And so whenever you're dealing with Azure Monitor, you need to have a workspace for it.
Let's create a new one to enable. And so it's going to take a few minutes for that data to be pulled out of my machine, not just stored in the storage account but actually stored within something that Azure Margin Access calls the Log Analytics Workspace. So we'll let that run. But basically, this is how you would get your data out of your machines. If you've got dozens and dozens of machines It would be very difficult for you to connect to each of them to pull in the performance data. You could also make use of a system center. And there are existing Windows Server tools for managing multiple servers on a single dashboard. But Azure monitoring is the standard for Microsoft. Azure? And so monitoring for VM extensions is going to be the place to do that. This course will devote an entire section to Marine. I just wanted to show you where you can enable it within the virtual machine.
Microsoft Certified: Azure Administrator Associate certification practice test questions and answers, training course, study guide are uploaded in ETE files format by real users. Study and pass Microsoft Microsoft Certified: Azure Administrator Associate certification exam dumps & practice test questions and answers are the best available resource to help students pass at the first attempt.