Azure Availability Sets and Availability Zones

Traffic Manager

Azure Traffic Manager stands as a cloud-based solution offered within the Microsoft Azure ecosystem, designed to facilitate the even distribution of incoming network traffic across a multitude of endpoints. This service functions as a global Domain Name System (DNS) load balancer, furnishing you with the capacity to proficiently manage the allocation of user traffic to disparate endpoints situated in diverse Azure regions or even external, non-Azure endpoints.

The key features of Traffic Manager include:

• Load Balancing Methods:
  Traffic Manager supports several load-balancing methods, including Performance, which routes traffic to the closest endpoint with the lowest latency; Weighted, which allows traffic distribution based on user-defined weights; Priority, which sends traffic to specified endpoints in order of priority; and Geographic, which directs traffic based on the user's geographic location.
• High Availability:
  By orchestrating the dissemination of traffic across numerous endpoints, Traffic Manager significantly elevates the accessibility and durability of applications. In scenarios where an endpoint encounters inoperability, the system seamlessly reroutes the traffic to operational endpoints, effectively mitigating instances of downtime and thereby elevating the overall quality of the user experience.
• Traffic Routing Policies:
  Traffic Manager introduces a gamut of adaptable traffic routing policies, thereby affording the latitude to deploy varying strategies in consonance with the specific demands of your application and the geographic dispersion of your user base. This allows for a tailored traffic routing approach, which can factor in elements like latency or proximity, to ensure that users are seamlessly connected to the nearest or most responsive endpoint.
• Geographic Redundancy:
  The concept of Geographic Redundancy, within the framework of Azure Traffic Manager, refers to the proficiency in disseminating incoming network traffic over a plethora of data centers or regions. This meticulous design serves as a guarantee of elevated availability and resilience. Should a particular location succumb to unavailability, the service promptly redirects users to an alternate location, thereby augmenting the general reliability of the application.

Azure Load Balancer

Azure Load Balancer is a Layer-4 load balancing service provided by Microsoft Azure that enables the distribution of incoming network traffic across multiple virtual machines (VMs), virtual machine scale sets, or availability zones within a virtual network. It ensures high availability, scalability, and reliability of applications by distributing traffic among healthy instances.

Key features of Azure Load Balancer include:

• Load Balancing Algorithms:
  Azure Load Balancer supports two load-balancing algorithms: Hash-based distribution and Source IP affinity. Hash-based distribution evenly spreads traffic based on a hash of the source and destination IP addresses, while Source IP affinity maintains a consistent mapping of source IP addresses to specific VMs to maintain session persistence.
• Health Probing:
  The Load Balancer continuously monitors the health of backend instances and automatically stops routing traffic to unhealthy VMs. It can be configured to use either TCP or HTTP health probes.
• Inbound NAT Rules:
  Azure Load Balancer allows inbound network address translation (NAT) rules to enable direct access to specific VMs within a load-balanced set.
• Public and Internal Load Balancing:
  Load Balancer supports both public and internal load balancing. Public Load Balancer provides a public IP address to distribute internet traffic, while Internal Load Balancer is used for internal load balancing within a virtual network.
• Port Forwarding:
  Azure Load Balancer can perform destination Network Address Translation (DNAT) to forward traffic from a specific port to a different port on backend VMs.
• Outbound Load Balancing:
  It also offers outbound load balancing to distribute outbound traffic from VMs to the internet, reducing bottlenecks and improving scalability.

Application Gateway

Azure Application Gateway is a Layer-7 load balancer and application delivery controller service provided by Microsoft Azure. It is designed to optimize and secure web traffic to applications and services hosted within Azure or on-premises. As a reverse proxy, it intelligently distributes incoming traffic to backend servers based on various criteria, enhancing the performance, scalability, and security of web applications.

Key features of Azure Application Gateway include:

• Layer-7 Load Balancing:
  Application Gateway can distribute traffic based on application-specific information, such as URL path, host header, or query strings. This enables more advanced and granular load balancing decisions compared to traditional Layer-4 load balancers.
• Web Application Firewall (WAF):
  Application Gateway includes a built-in WAF to protect web applications from common web exploits and vulnerabilities, such as SQL injection, cross-site scripting (XSS), and more.
• SSL Offloading:
  It can terminate Secure Sockets Layer (SSL) connections at the gateway, reducing the workload on backend servers and improving performance.
• URL Based Routing:
  Application Gateway supports URL-based routing, enabling traffic redirection to different backend pools based on the URL paths.
• Session Affinity:
  Session Affinity in Azure Application Gateway ensures that a client's subsequent requests are consistently routed to the same backend server during a session, maintaining state and improving user experience.
• Autoscaling:
  Application Gateway can automatically scale its instances based on traffic patterns and performance metrics, ensuring optimal resource utilization and handling traffic spikes effectively.
• Health Probing:
  The gateway continuously monitors the health of backend instances and stops routing traffic to unhealthy servers, ensuring high availability and reliability.
• Websocket and HTTP/2 Support:
  Application Gateway supports WebSockets for real-time communication and HTTP/2 for improved performance.

Virtual Machines in Azure

Virtual Machines (VMs) in Azure are scalable and flexible computing resources that allow users to deploy and run virtualized instances of various operating systems, applications, and services in the cloud. Azure Virtual Machines provide a way to build, manage, and customize virtualized environments without the need for physical hardware.

Key features of Azure Virtual Machines include:

• Operating System Support:
  Azure VMs support various operating systems, including Windows Server, Linux distributions, and other specialized OS images available in the Azure Marketplace.
• Scalability:
  Users can create VMs of different sizes, ranging from small to large, based on their workload requirements. VMs can be scaled up or down as needed to handle varying workloads efficiently.
• Virtual Machine Images:
  Azure provides a wide range of pre-configured VM images to streamline the deployment process, including images from Microsoft and third-party vendors.
• Networking:
  VMs can be connected to virtual networks in Azure, enabling secure communication between VMs and other resources like databases, storage accounts, and virtual network appliances.
• High Availability:
  Azure VMs can be deployed in Availability Sets or Availability Zones to ensure redundancy and fault tolerance. This minimizes downtime due to hardware failures or planned maintenance.
• Snapshots and Disk Encryption:
  VM snapshots allow for point-in-time backups, while disk encryption ensures data security by encrypting VM disks.
• Hybrid Connectivity:
  Azure VMs can be connected to on-premises networks through Virtual Network Gateways or ExpressRoute, enabling hybrid cloud scenarios.
• Management:
  Azure provides various tools for VM management, including Azure Portal, Azure CLI, Azure PowerShell, and Azure Virtual Machine Scale Sets for automatic scaling of VMs based on demand.

Availability Sets

An Availability Set is a concept used in cloud computing environments to improve the availability and reliability of virtual machines (VMs) and services running on the cloud platform. It is a feature provided by many cloud service providers like Microsoft Azure and other similar platforms. The primary goal of an Availability Set is to distribute VMs across multiple physical hardware resources and ensure that your applications remain available even when certain infrastructure or hardware failures occur.

Fault Domain

A fault domain is a logical group of hardware resources (such as racks, power sources, and network switches) that share a common point of failure. In a data center, if a fault occurs within a fault domain, all the resources within that domain could be affected. By placing VMs in separate fault domains, you increase the resiliency of your applications.

Update Domain

An update domain is a logical group of VMs that can undergo maintenance or updates simultaneously. During planned maintenance, the VMs in an update domain are taken down for updates to be applied. By spreading VMs across multiple update domains, you ensure that not all your VMs are affected at the same time, reducing the risk of downtime.

Managed Disk Fault Domains

Managed Disk fault domains are logical groups of storage and underlying hardware in a data center. When using Managed Disks in cloud environments, distributing VMs across different fault domains ensures resiliency. If a fault occurs in one domain, VMs in other domains remain unaffected, improving availability and data protection.

Availability Zone

An Availability Zone (AZ) is a distinct, physically separate data center within an Azure region. It is designed to provide high availability and fault tolerance by offering redundant and isolated infrastructure components. Each Availability Zone is equipped with independent power, cooling, and networking, reducing the risk of a single point of failure and providing resilience against data center failures or disasters.

Key features of Azure Availability Zones:

• Redundancy:
  Azure deploys each resource you place in an Availability Zone to multiple data centers in the same region, ensuring that if one data center becomes unavailable, your applications and services can continue running from another data center without interruption.
• High Availability:
  By distributing resources across Availability Zones, Azure helps maintain service uptime and reduces the impact of planned or unplanned maintenance events, hardware failures, or network issues.
• Zone Redundant Services:
  Certain Azure services, such as Azure Virtual Machines, Managed Disks, and Load Balancers, can take advantage of Availability Zones to make use of zone-redundant configurations, further enhancing their availability.
• Inter Zone Connectivity:
  Azure ensures low-latency, high-bandwidth connections between Availability Zones within the same region, enabling applications to communicate efficiently across zones.
• Regional Resilience:
  When you deploy resources across multiple Availability Zones, your applications and data remain resilient even if an entire Azure region encounters problems.

When to Use them?

When deciding between Azure Availability Set and Availability Zone, you should consider the level of fault tolerance and high availability your application requires. Here's a guideline on when to use Azure Availability Set and Availability Zone:

Azure Availability Sets

• Use Availability Sets when you want to improve the availability and fault tolerance of your virtual machines (VMs) within a single data center or availability zone.
• Suitable for applications that can tolerate short periods of downtime during planned maintenance or hardware failures.
• Recommended for non-critical workloads or applications with a lower service level agreement (SLA) requirement (99.95% SLA).

Azure Availability Zones

• Use Availability Zones when you need the highest level of availability and fault tolerance for your critical applications.
• Ideal for applications that require continuous uptime and resilience against data center-level failures or natural disasters.
• Suitable for applications with a stringent SLA requirement (99.99% SLA).
• Provides geographic redundancy by distributing resources across multiple data centers within the same region.

VMSS Flex

VMSS Flex, is a feature in Microsoft Azure that allows you to dynamically adjust the size of a Virtual Machine Scale Set (VMSS) based on your workload needs.

VMSS Flex provides more control and flexibility in managing your application's capacity, making it easier to handle varying workloads and optimize your cloud resources while maintaining performance and cost-effectiveness.