Blog Archives

Passed Microsoft Exam 70-534 Architecting Microsoft Azure Solutions

This Monday, I got certified for 70-534 Architecting Microsoft Azure Solutions, which is aimed at validating Microsoft Azure solution design skills. This test validates our knowledge about the features and capabilities of Azure services, ability to identify tradeoffs and make decisions for designing public and hybrid cloud solutions. Test also covers our knowledge and experience on defining the appropriate infrastructure and platform solutions to meet the required functional, operational, and deployment requirements through the solution lifecycle.

Preparation

Having true hands on experience with Windows Azure development really helps in preparing as well passing this exam. In addition to the practical knowledge gained through these experiences, I have used the following resources.

Skills measured

Design Microsoft Azure infrastructure and networking (15–20%)

  • Describe how Azure uses Global Foundation Services (GFS) datacenters
    • Understand Azure datacenter architecture, regional availability, and high availability
  • Design Azure virtual networks, networking services, DNS, DHCP, and IP addressing configuration
    • Extend on-premises Active Directory, deploy Active Directory, define static IP reservations, understand ACLs and Network Security Groups
  • Design Azure Compute
    • Design Azure virtual machines (VMs) and VM architecture for IaaS and PaaS; understand availability sets, fault domains, and update domains in Azure; differentiate between machine classifications
  • Describe Azure virtual private network (VPN) and ExpressRoute architecture and design
    • Describe Azure point-to-site (P2S) and site-to-site (S2S) VPN, understand the architectural differences between Azure VPN and ExpressRoute
  • Describe Azure services
    • Understand, at a high level, Azure load balancing options, including Traffic Manager, Azure Media Services, CDN, Azure Active Directory (Azure AD), Azure Cache, Multi-Factor Authentication, and Service Bus

Secure resources (15–20%)

  • Secure resources by using managed identities
    • Describe the differences between Active Directory on-premises and Azure AD, programmatically access Azure AD using Graph API, secure access to resources from Azure AD applications using OAuth and OpenID Connect
  • Secure resources by using hybrid identities
    • Use SAML claims to authenticate to on-premises resources, describe DirSync synchronization, implement federated identities using Azure Access Control service (ACS) and Active Directory Federation Services (ADFS)
  • Secure resources by using identity providers
    • Provide access to resources using identity providers, such as Microsoft account, Facebook, Google, and Yahoo!
  • Identify an appropriate data security solution
    • Use the appropriate Access Control List (ACL), identify security requirements for data in transit and data at rest
  • Design a role-based access control strategy
    • Secure resource scopes, such as the ability to create VMs and websites

Design an application storage and data access strategy (15–20%)

  • Design data storage
    • Design storage options for data, including Table Storage, SQL Database, DocumentDB, Blob Storage, MongoDB, and MySQL; design security options for SQL Database or Azure Storage; identify the appropriate VM type and size for a solution
  • Design applications that use Mobile Services
    • Create Azure Mobile Services, consume Mobile Services from cross-platform clients, integrate offline sync capabilities into an application, extend Mobile Services using custom code, implement Mobile Services using Microsoft .NET or Node.js, secure Mobile Services using Azure AD
  • Design applications that use notifications
    • Implement push notification services in Mobile Services, send push notifications to all subscribers, specific subscribers, or a segment of subscribers
  • Design applications that use a web API
    • Implement a custom web API, scale using Azure Websites, offload long-running applications using WebJobs, secure a web API using Azure AD
  • Design a data access strategy for hybrid applications
    • Connect to on-premises data from Azure applications using Service Bus Relay, BizTalk Hybrid Connections, or the VPN capability of Websites, identify constraints for connectivity with VPN, identify options for joining VMs to domains or cloud services
  • Design a media solution
    • Describe Media Services, understand key components of Media Services, including streaming capabilities, video on-demand capabilities, and monitoring services

Design an advanced application (15–20%)

  • Create compute-intensive applications
    • Design high-performance computing (HPC) and other compute-intensive applications using Azure Services
  • Create long-running applications
    • Implement worker roles for scalable processing, design stateless components to accommodate scale
  • Select the appropriate storage option
    • Use a queue-centric pattern for development, select the appropriate storage for performance, identify storage options for cloud services and hybrid scenarios with compute on-premises and storage on Azure, differentiate between cloud services and VMs interacting with storage service and SQL Database
  • Integrate Azure services in a solution
    • Identify the appropriate use of machine learning, big data, Media Services, and search services

Design websites (15–20%)

  • Design websites for scalability and performance
    • Globally scale websites, create websites using Visual Studio, debug websites, understand supported languages, differentiate between websites to VMs and cloud services
  • Deploy websites
    • Implement Azure Site Extensions, create packages, hosting plans, deployment slots, resource groups, publishing options, Web Deploy, and FTP locations and settings
  • Design websites for business continuity
    • Scale up and scale out using Azure Websites and SQL Database, configure data replication patterns, update websites with minimal downtime, backup and restore data, design for disaster recovery, deploy websites to multiple regions for high availability, design the data tier

Design a management, monitoring, and business continuity strategy (15–20%)

  • Evaluate hybrid and Azure-hosted architectures for Microsoft System Center deployment
    • Understand, at an architectural level, which components are supported in Azure; describe design considerations for managing Azure resources with System Center; understand which scenarios would dictate a hybrid scenario
  • Design a monitoring strategy
    • Identify the Microsoft products and services for monitoring Azure solutions; understand the capabilities of System Center for monitoring an Azure solution; understand built-in Azure capabilities; identify third-party monitoring tools, including open source; describe use cases for Operations Manager, Global Service Monitor, and Application Insights; describe the use cases for Windows Software Update Services (WSUS), Configuration Manager, and custom solutions; describe the Azure architecture constructs, such as availability groups and update domains, and how they impact a patching strategy
  • Describe Azure business continuity/disaster recovery (BC/DR) capabilities
    • Understand the architectural capabilities of BC/DR, describe Hyper-V Replica and Azure Site Recovery (ASR), describe use cases for Hyper-V Replica and ASR
  • Design a disaster recovery strategy
    • Design and deploy Azure Backup and other Microsoft backup solutions for Azure, understand use cases when StorSimple and System Center Data Protection Manager would be appropriate
  • Design Azure Automation and PowerShell workflows
    • Create a PowerShell script specific to Azure
  • Describe the use cases for Azure Automation configuration
    • Understand when to use Azure Automation, Chef, Puppet, PowerShell, or Desired State Configuration (DSC)

Good luck for your exams.

Passed Microsoft Exam 70-532 Developing Microsoft Azure Solutions

This Monday, I got certified for 70-532 Developing Microsoft Azure Solutions, which is testing experience in designing, programming, implementing, automating, and monitoring Microsoft Azure solutions. It also tests that we are proficient with development tools, techniques, and approaches used to build scalable and resilient solutions.

Preparation

Having true hands on experience with Windows Azure development really helps in preparing as well passing this exam. In addition to the practical knowledge gained through these experiences, I have used the following resources.

Skills measured

Design and implement websites (15‒20%)

  • Deploy websites
    • Define deployment slots; roll back deployments; create hosting plans; migrate websites between hosting plans; create a website within a hosting plan
  • Configure websites
    • Define and use app settings, connection strings, handlers, and virtual directories; configure certificates and custom domains; configure SSL bindings and runtime configurations; manage websites by using the API, Windows PowerShell, and Xplat-CLI
  • Configure diagnostics, monitoring, and analytics
    • Retrieve diagnostics data, view streaming logs, configure endpoint monitoring, configure alerts, configure diagnostics, use remote debugging, monitor website resources
  • Implement web jobs
    • Write web jobs using the SDK, package and deploy web jobs, schedule web jobs
  • Configure websites for scale and resilience
    • Configure auto-scale using built-in and custom schedules, configure by metric, change the size of an instance, configure Traffic Manager
  • Design and implement applications for scale and resilience
    • Select a pattern, implement transient fault handling for services, respond to throttling, disable Application Request Routing (ARR) affinity

Create and manage virtual machines (20‒25%)

  • Deploy workloads on Azure virtual machines (VMs)
    • Identify workloads that can and cannot be deployed, run workloads including Microsoft and Linux, create VMs
  • Create and manage a VM image or virtual hard disk
    • Create specialized and reusable images, prepare images using SysPrep and Windows Agent (Linux), copy images between storage accounts and subscriptions, upload VMs
  • Perform configuration management
    • Automate configuration management by using PowerShell Desired State Configuration and VM Agent (custom script extensions); configure VMs using a configuration management tool, such as puppet or chef; enable remote debugging
  • Configure VM networking
    • Configure reserved IP addresses, access control list (ACL), DNS at the cloud service level, load balancing endpoints, HTTP and TCP health probes, public IPs, firewall rules, direct server return, and keep-alive
  • Scale VMs
    • Scale up and scale down VM sizes, configure auto-scale and availability sets
  • Design and implement VM storage
    • Configure disk caching, plan for storage capacity, configure shared storage using Azure File service, configure geo-replication
  • Monitor VMs
    • Configure endpoint monitoring, configure alerts, configure diagnostic and monitoring storage location

Design and implement cloud services (20‒25%)

  • Design and develop a cloud service
    • Install SDKs, install emulators, develop a web role or worker role, design and implement resiliency including transient fault handling, develop startup tasks
  • Configure cloud services and roles
    • Configure HTTPS endpoint and upload an SSL certificate, and instance count and size; configure network access rules, local storage, multiple websites, custom domains, and dedicated and co-located caching; scale up and scale down role sizes; configure auto-scale
  • Deploy a cloud service
    • Upgrade an automatic, manual, or simultaneous deployment; VIP swap a deployment; package a deployment; implement continuous deployment from Visual Studio Online (VSO); implement runtime configuration changes using the portal; configure regions and affinity groups
  • Monitor and debug a cloud service
    • Configure diagnostics using the SDK or configuration file, profile resource consumption, enable remote debugging, establish a connection using Remote Desktop CmdLets in Windows PowerShell, debug using IntelliTrace or the emulator

Design and implement a storage strategy (20‒25%)

  • Implement Azure Storage blobs and Azure files
    • Read data, change data, set metadata on a container, store data using block and page blobs, stream data using blobs, access blobs securely, implement async blob copy, configure Content Delivery Network (CDN), design blob hierarchies, configure custom domains, scale blob storage
  • Implement Azure storage tables
    • Implement CRUD with and without transactions, design and manage partitions, query using OData; scale tables and partitions
  • Implement Azure storage queues
    • Add and process messages, retrieve a batch of messages, scale queues
  • Manage access
    • Generate shared access signatures, including client renewal and data validation; create stored access policies; regenerate storage account keys; configure and use Cross-Origin Resource Sharing (CORS)
  • Monitor storage
    • Set retention policies and logging levels, analyze logs
  • Implement SQL databases
    • Choose the appropriate database tier and performance level, configure and perform point in time recovery, enable geo-replication, import and export data and schema, scale SQL databases

Manage application and network services (15‒20%)

  • Integrate an app with Azure Active Directory
    • Develop apps that use WS-federation, OAuth, and SAML-P endpoints; query the directory using graph API
  • Configure a virtual network
    • Deploy a VM into a virtual network, deploy a cloud service into a virtual network
  • Modify network configuration
    • Modify a subnet, import and export network configuration
  • Design and implement a communication strategy
    • Develop messaging solutions using service bus queues, topics, relays, and notification hubs; create service bus namespaces and choose a tier; scale service bus
  • Monitor communication
    • Monitor service bus queues, topics, relays, and notification hubs
  • Implement caching
    • Implement Redis caching, implement Azure Cache Service

Good luck for your exams.

Passed Microsoft Exam 70-533 Implementing Microsoft Azure Infrastructure Solutions

Last month, I got certified for Microsoft 70-533 Implementing Microsoft Azure Infrastructure Solutions, which is implementing an infrastructure solution in Microsoft Azure. It also tests our experience implementing and monitoring cloud and hybrid solutions as well as supporting application lifecycle management.

Preparation

I have been working with Microsoft Azure since 2008 (lead the team who built Java SDK based on WS-* protocols for .NET Services (Service Bus Relay) and did drive the efforts to simultaneous shipping of the Java SDK, when Windows Azure was announced in Build conference in 2008. Recently we are helping many organizations across the globe on developing software solutions and implementing infrastructure hybrid solutions. In addition to the practical knowledge gained through these experience, I have used the following resources.

Skills measured

Implement websites (15-20%)

  • Deploy websites
    • Define deployment slots; roll back deployments, configure and deploy packages, deploy web jobs, schedule web jobs
  • Configure websites
    • Configure app settings, connection strings, handlers, and virtual directories; configure certificates, custom domains, and traffic manager; configure SSL bindings and runtime configurations; manage websites by using Windows PowerShell and Xplat-CLI
  • Configure diagnostics, monitoring, and analytics
    • Retrieve diagnostics data; view streaming logs; configure endpoint monitoring, alerts, and diagnostics; monitor website resources
  • Configure scale and resilience
    • Configure auto-scale using built-in and custom schedules; configure by metric; change the size of an instance
  • Manage hosting plans
    • Create hosting plans; migrate websites between hosting plans; create a website within a hosting plan

Implement virtual machines (15-20%)

  • Deploy workloads on Azure virtual machines (VMs)
    • Identify supported Microsoft workloads; deploy and connect to a Linux VM; create VMs
  • Implement images and disks
    • Create specialized and generalized images for Windows and Linux; copy images between storage accounts and subscriptions; upload VHDs
  • Perform configuration management
    • Automate configuration management by using PowerShell Desired State Configuration and custom script extensions; enable puppet and chef extensions
  • Configure VM networking
    • Settings include reserved IP addresses, access control list (ACL), internal name resolution, DNS at the cloud service level, load balancing endpoints, HTTP and TCP health probes, public IPs, firewall rules, direct server return, and Keep Alive
  • Configure VM resiliency
    • Scale up and scale down VM sizes; auto-scale; configure availability sets
  • Design and implement VM storage
    • Configure disk caching; plan storage capacity; configure operating system disk redundancy; configure shared storage using Azure File service; configure geo-replication; encrypt disks
  • Monitor VMs
    • Configure endpoint monitoring, alerts, and diagnostics

Implement cloud services (15-20%)

  • Configure cloud services and roles
    • Configure instance count and size, operating system version and family, upgrade and fault domains, ACLs, reserved IPs, and network access rules; configure local storage; configure dedicated and co-located caching, local and cloud configurations, and local disks; configure multiple websites; configure custom domains
  • Deploy and manage cloud services
    • Upgrade a deployment; VIP swap a deployment; package a deployment; modify configuration files; perform in-place updates; perform runtime configuration changes using the portal; scale a cloud service; create service bus namespaces and choose a tier; apply scalability targets
  • Monitor cloud services
    • Monitor service bus queues, topics, relays, and notification hubs; configure diagnostics

Implement storage (15-20%)

  • Implement blobs and Azure files
    • Read data; change data; set metadata on a container; use encryption (SSL); perform an async blob copy; configure a Content Delivery Network (CDN); implement storage for backup and disaster recovery; configure Azure Backup; define blob hierarchies; configure custom domains; configure the Import and Export Service
  • Manage access
    • Create and manage shared access signatures; use stored access policies; regenerate keys
  • Configure diagnostics, monitoring, and analytics
    • Configure retention policies and logging levels; analyze logs
  • Implement SQL databases
    • Choose the appropriate database tier and performance level; configure point in time recovery and geo-replication; import and export data and schema; design a scaling strategy
  • Implement recovery services
    • Create a backup vault; deploy a backup agent; backup and restore data

Implement an Azure Active Directory (15-20%)

  • Integrate an Azure AD with existing directories
    • Implement DirSync, O365 integration, and single sign-on with on-premises Windows Server 2012 R2; add custom domains; monitor Azure AD
  • Configure the Application Access Panel
    • Configure single sign-on with SaaS applications using federation and password based; add users and groups to applications; revoke access to SaaS applications; configure access; federation with Facebook and Google ID
  • Integrate an app with Azure AD
    • Web apps (WS-federation); desktop apps (OAuth); graph API

Implement virtual networks (15-20%)

  • Configure a virtual network
    • Deploy a VM into a virtual network; deploy a cloud service into a virtual network; configure static IPs; configure internal load balancing; design subnets
  • Modify a network configuration
    • Modify a subnet; import and export a network configuration
  • Design and implement a multi-site or hybrid network
    • Choose the appropriate solution between ExpressRoute, site-to-site, and point-to-site; choose the appropriate gateway; identify supported devices and software VPN solutions; identify networking prerequisites; configure regional virtual networks and multi-site virtual networks

Good luck for your exams.

hyper-v.nu

My views on technology

yungchou

witnessing a clear cloudy day

Virtualization and some coffee

My views on technology

Thomas Maurer

Cloud and Virtualization

Cloud Administrator

Begin Your Journey to the Cloud with the Cloud Administrator