Nerd Level Tech logo
Lesson 11 of 24

GCP & Azure Fundamentals for Multi-Cloud

Azure Core Services: Compute, Storage & Networking

4 min read

Microsoft Azure dominates in enterprise environments due to Microsoft 365, Microsoft Entra ID (formerly Azure Active Directory), and hybrid cloud integration. Understanding Azure is essential for enterprise-focused architect roles.

Azure Compute Services

Azure Virtual Machines

VM Series & Use Cases:

SeriesUse CaseExample
B-seriesBurstable, dev/testB2ms
D-seriesGeneral purposeD4s_v5
E-seriesMemory-optimizedE16s_v5
F-seriesCompute-optimizedF8s_v2
N-seriesGPU workloadsNC24ads_A100_v4
L-seriesStorage-optimizedL8s_v3

Azure-Specific VM Features:

  • Availability Sets: Fault domain + update domain isolation
  • Availability Zones: Physical datacenter isolation (like AWS AZs)
  • Scale Sets: Auto-scaling VM groups (like AWS ASG)
  • Spot VMs: Up to 90% discount (similar to AWS Spot)

Azure Kubernetes Service (AKS)

AKS Characteristics:

  • Free tier control plane available (paid Uptime SLA tier for production)
  • Integrated with Microsoft Entra ID (formerly Azure Active Directory)
  • Virtual nodes (Azure Container Instances integration)
  • Automatic node OS patching

Interview Question: AKS vs EKS vs GKE

Q: "Compare the managed Kubernetes offerings across the three major clouds."

A:

FeatureAKSEKSGKE
Control Plane CostFree tier / Paid Uptime SLA$0.10/hour (~$73/mo)$0.10/hour per cluster above free quota
Node ManagementScale SetsManaged/Self-managed/Auto ModeNode Pools/Autopilot
IAM IntegrationMicrosoft Entra ID (Azure AD)IAM Roles for Service Accounts / EKS Pod IdentityWorkload Identity
NetworkingAzure CNI, kubenetVPC CNI, Calico, CiliumVPC-native, Calico, Cilium
Service MeshIstio add-onApp Mesh (deprecated) / third-partyAnthos Service Mesh / Cloud Service Mesh
Best ForMicrosoft shopsAWS-heavy orgsMulti-cloud, GCP data

Azure Functions & Container Apps

Azure Functions:

  • Similar to Lambda, up to 230 seconds (consumption plan)
  • Premium plan: No cold start, VNET integration
  • Durable Functions: Stateful orchestration (unique feature)

Azure Container Apps:

  • Similar to Cloud Run
  • Built on Kubernetes (KEDA, Dapr)
  • Scale to zero capability
  • Integrated with Dapr for microservices

Azure Storage Services

Azure Storage Account Types

TypeUse CaseRedundancy Options
Standard general-purpose v2Blobs, files, queues, tablesLRS, ZRS, GRS, GZRS
Premium block blobsHigh-performance blobsLRS, ZRS
Premium file sharesEnterprise file sharesLRS, ZRS
Premium page blobsVM disksLRS

Blob Storage Tiers

TierAccess LatencyMin StorageUse Case
HotMillisecondsNoneFrequently accessed
CoolMilliseconds30 daysInfrequent (monthly)
ColdMilliseconds90 daysRarely accessed
ArchiveHours180 daysLong-term archive

Azure Managed Disks

TypeMax IOPSMax ThroughputUse Case
Standard HDD2,000500 MB/sBackup, dev/test
Standard SSD6,000750 MB/sWeb servers
Premium SSD20,000900 MB/sProduction databases
Premium SSD v280,0001,200 MB/sHigh-performance DBs
Ultra Disk400,0004,000 MB/sSAP HANA, analytics

Interview Question: Azure Storage Redundancy

Q: "Explain Azure's storage redundancy options and when to use each."

A:

OptionCopiesScopeUse Case
LRS3Single datacenterDev/test, non-critical
ZRS33 availability zonesProduction, zone resilience
GRS62 regions (primary + secondary)DR, compliance
GZRS63 zones + secondary regionMaximum durability
RA-GRS/RA-GZRSSameSame + read access to secondaryRead during outage

Recommendation: Use ZRS for production, GZRS for critical data requiring regional DR.

Azure Networking

Virtual Network (VNet) Concepts

Azure VNet vs AWS VPC:

AspectAzure VNetAWS VPC
ScopeRegionalRegional
SubnetsRegional (span all zones)AZ-specific
SecurityNSG (subnet/NIC level)Security Groups + NACLs
PeeringGlobal (cross-region)Regional (cross-region separate)
NATNAT GatewayNAT Gateway
DNSAzure DNS (168.63.129.16)VPC DNS (.2 address)

Azure Load Balancing Options

ServiceScopeLayerUse Case
Azure Load BalancerRegionalLayer 4VM load balancing
Application GatewayRegionalLayer 7Web app load balancing, WAF
Azure Front DoorGlobalLayer 7Global web apps, CDN
Traffic ManagerGlobalDNSDNS-based traffic routing

Interview Question: Azure Front Door vs Application Gateway

Q: "When would you use Azure Front Door instead of Application Gateway?"

A:

FactorFront DoorApplication Gateway
ScopeGlobal (anycast)Regional
Best ForMulti-region appsSingle-region apps
CDNBuilt-inSeparate (Azure CDN)
WAFPremium tierBuilt-in
SSL OffloadYesYes
RoutingURL, header, geoURL, cookie
CostHigherLower

Use Front Door when:

  • Multi-region deployment
  • Global user base
  • Need integrated CDN
  • Want global WAF protection

Azure Private Link & Service Endpoints

Service Endpoints:

  • Traffic stays on Azure backbone
  • Service still has public IP
  • Simple to configure

Private Link:

  • Private IP in your VNet
  • Works across VNet peering
  • Supports cross-region access

Recommendation: Use Private Link for production; Service Endpoints for simplicity.

Hybrid Cloud: Azure's Strength

Azure Arc

Extend Azure management to any infrastructure:

  • Arc-enabled servers (any VM)
  • Arc-enabled Kubernetes (any K8s cluster)
  • Arc-enabled data services (SQL, PostgreSQL)

Azure Stack

Run Azure services on-premises:

  • Azure Stack Hub: Full Azure in your datacenter
  • Azure Stack HCI: Hyperconverged infrastructure
  • Azure Stack Edge: Edge computing appliances

Interview Tip: Azure's enterprise strength is hybrid cloud and identity integration. Emphasize Azure Arc, Microsoft Entra ID (formerly Azure AD), and Microsoft 365 integration when discussing enterprise scenarios.

Next, we'll explore multi-cloud comparison and decision frameworks. :::

Quick check: how does this lesson land for you?

Quiz

Module 3: GCP & Azure Fundamentals for Multi-Cloud

Take Quiz
FREE WEEKLY NEWSLETTER

Stay on the Nerd Track

One email per week — courses, deep dives, tools, and AI experiments.

No spam. Unsubscribe anytime.