Date
- May 23: 09h00-17h00 CET
- May 24: 09h00-17h00 CET
- May 25: 09h00-17h00 CET
Audience
Technical and solution architects. Infrastructure architects are also welcome.
Prerequisites
Global understanding of architecture is required.
Theoretical / practical knowledge of infrastructure is a plus (networking, reverse proxies, firewalls…)
Theoretical / practical knowledge of Event Driven Architecture is a plus (pub/sub, SAGAs…)
Training content
Introducing cloud-native systems and applications
- Cloud and cloud-native vs traditional application development and hosting
- Mindset, expectations, ecosystems
- Cloud service models and use cases
- SaaS vs FaaS vs PaaS vs CaaS vs IaaS
- Infrastructure as Code and the broader CI/CD piece
- DevOps and GitOps
- Beyond technology
- Cloud Adoption Framework
Building the foundations
- The Azure hierarchy
- The Tenant concept
- From Management Groups to individual resources
- The basics of RBAC and policies
- Hub & Spoke architecture
- Azure networking basics
- Azure Private Link
- Landing zone concept
- Demo
- Build it yourself
- Platform-level HA and DR considerations
- Single vs Multi-region Hub & Spoke
- Alternatives to multi-region deployments
High-level tour of Azure
- Identity
- Azure Active Directory
- Azure Active Directory B2C
- OIDC & OAuth
- Containerization
- Azure Web Apps for Containers
- Azure Container Instances
- Azure Kubernetes Services
- Azure services shipping as containers
- Demos
- Azure iPaaS
- API-driven workloads
- Event-driven architecture
- Orchestrators
- Going hybrid with BizTalk
- Demos
- Data services to build applications
- SQL vs NoSQL
- Cosmos DB challenges
- Cosmos DB use case
- Data services to build a data platform
- Quick tour of Azure Data Lake, Synapse, Data Factory and Databricks
Building and using a web landing zone
- Options to host web workloads
- Azure Web Apps vs Isolated plans vs Static Web Apps
- Azure Kubernetes Service
- Managing inbound traffic
- Public vs private web apps
- Application Gateway vs Frontdoor vs Traffic Manager
- Splitting frontend and backend traffic
- Managing outbound traffic
- Azure Firewall
- Enterprise-grade web landing zone
- Explanation of the diagram
- Monitoring practices
- Build a lab landing zone
- Creation of the network
- Route traffic with Application Gateway
- Publishing, mocking and securing APIs with API Management
High availability and disaster recovery
- HA for Virtual Machines
- Availability zones and availability sets
- Azure Backup
- Azure Site Recovery
- HA for Web Apps
- Auto-scaling plans
- Multi-region deployments
- HA for Azure Kubernetes Services
- Availability zones and node pool strategy
- Pod disruption budgets
- Multi-region deployments
- HA and geo-replication for
- Azure Storage
- Cosmos DB
- Azure SQL
- API Management
- Global Services
- DR strategy with a mix of services
Security posture and best practices
- The shift left and define in depth principle
- Introducing Azure Security Center
- Introducing Azure Sentinel
- Authentication and authorization best practices
- Azure Managed Identity
- AKS Pod-Managed Identities
- RBAC vs SAS
- Azure Key Vault
Monitoring solutions
- Introducing Application Insights
- Troubleshooting web apps
- Query Application Insights
- Availability Tests
- Introducing Azure Monitor
- Evaluating metrics
- Introducing Azure Dashboards
- Introducing Azure Monitor Workbooks
- Setting up alerts
- Typical enterprise-grade practices
- Integrating with Splunk and QRadar
- Integrating with Grafana
- Integrating with ITSM tools
Use case and closing
- Design end-to-end solution
- Whiteboard session
- Summary
- Resources
General
Some general information about the training:
- The online training takes place via Microsoft Teams
- Access to an Azure subscription will be provided
- The Azure consumption cost is included in the training price
- All training material is handed over to the participants
- The prerequisite software will be communicated one week before the training
