We observed that there is a huge population of developers and IT professionals who wish to go on Azure or pursue a career in the cloud (Azure, to be very specific). We also observed that while giving interviews, many people just give high-level details when they interview on Azure since either there is a lack of awareness or they somehow are not able to get a deep dive into the subject or concepts of Azure. That creates a big impact not only on their planned career in Azure but also on the opportunities they missed out on despite having a good development or technical background.
Hence, we thought we should address this gap and enable both experienced and inexperienced developers to clear their Azure cloud interview questions effectively and efficiently. This is not a guide for Microsoft Certification on Azure; it is more of a resource guide to clearing your interview.
What will this guide do?
Take the fear out of your interview and never be stuck for the right answer to even the toughest questions with the Microsoft Azure Interview Questions Book. The job market is fierce, competition has never been greater, and it’s vital that you can grab every opportunity for competitive advantage and stay one step ahead with the knowledge of the leading cloud computing technology platform, Microsoft Azure.
Interviewers are looking for people who really stand out, and here’s your chance to be different from the rest. This definitive guide to questions and answers encourages every job-hunter to think on their feet and express their individuality while supplying ideal responses to interview questions so that you are seen as the ideal candidate for the job.
Let’s get started!
Structure of the guide
The post has been structured into various topics. For each topic, a set of important and frequently asked questions is drafted along with short answers that an interviewer will specifically look for. This short answer is the key for you in the interview. To make you understand the question and answer background along with all the details, after the answers to the question, you have a “Deep Dive” section that explains the concept and background behind the short answer with detailed information. This will help you understand the concept and provide you with more information, so depending on the situation in the interview, you can explain the diagrams and concepts with more confidence.
This section highlights introductory questions and answers for general cloud concepts with Microsoft Azure as a focus.
What is cloud computing?
Cloud computing is basically a great level of abstraction over the infrastructure that can help you focus more on your business logic without having to worry about hosting or infrastructure needs. This is the general term used for delivering hosted services over the internet. In cloud computing, the computing resources are provided “as a service”. Just like electricity, you pay the electricity provider and get the electricity at your home, and for this, you don’t need to create any infrastructure. Cloud computing provides you with computing resources as a service, so you don’t have to focus on infrastructure requirements.
To understand why and what cloud computing is, refer to the description below.
Let’s say I wish to develop a banking application using asp.net MVC. When we think about developing a new enterprise level web application, the first thought that comes to mind is, how am I going to host it? This leads to the list of requirements below.
- Database servers and licenses.
- Source control and version management server and licenses.
- Dedicated office space.
- Power and cooling mechanism.
- Network and bandwidth configurations and setup.
- Developer workstations with client OS and their licenses.
- Developer tools like Visual Studio and SSMS.
- Team of experts to manage this entire setup.
This is the bare minimum list for one application and this is the problem. Our main aim was to develop banking applications but we did not think about
- Who will be the users of my application?
- What functionality will my application support?
- Whether to allow third-party payment or not.
We did not think about application business logic but got dragged into infrastructure requirements, and this is the problem. Being an application development company, we should be focusing on application-specific things. Companies like Microsoft, Google, Amazon, etc. came up with the concept that, if you are an application development (or service provider) company, you just need to focus on your application and data but all your infrastructure needs will be taken care of. Application Development Companies don’t have to worry about hardware, licenses, OS management, backup, etc. and just need to pay for what they use. This is everything about cloud computing and why it came into existence.
What are the benefits of cloud computing?
- High Availability
- Pay as you go
- Moving from Capex to Opex
- Fault Tolerance
- High response time
- High Bandwidth
- Low Latency
It can be termed the ability of the application to handle a growing amount of work without degrading its performance. Basically, systems can grow without limits based on demand.
Scalability is of 2 types:
- Vertical or scale up: In this type of scaling configuration, we increase the capacity of the existing hardware or machine. For example, if you have a desktop with 4GB of RAM and tomorrow you increase the RAM of your machine to 16GB, then this is nothing but vertical scaling.
- Horizontal or scale out: In this type of scaling configuration, we increase the count of machines without increasing the capacity. For example, if you have a server with 8 GB of RAM and tomorrow you put another server with the same RAM, when you do horizontal scaling, essentially, you increase the computing power in parallel so you get better performance. This is horizontal scaling.
The system is easy to evolve as business changes. This defines the degree to which your application can be evolved, changed, or modified depending on business or requirement changes.
Basically, this defines how much your application is available for its end users. Customers or users will always expect zero downtime for the application. High availability means your application can withstand the most common types of downtime scenarios.
- Hardware failures
- Application updates
- Configuration changes
- OS update restarts
- Heavy load restarts
Pay as you go
This is the most lucrative benefit of cloud. With cloud, you pay only for what you use. If you are not in need of resources, you can free them or de-allocate them, and you are not charged for it. The billing is absolutely “per minute” giving you more savings on cost.
Moving from Capex to Opex
This stands for moving from “capital expenditure to operational expenditure.” Companies today don’t wish to invest in hardware as it is changing at a rapid pace. Therefore, instead of investing in hardware costs, which may become obsolete after a certain time span, they are more interested in and willing to pay operational costs on a monthly or yearly basis. This is nothing but the Capex to Opex. As Microsoft Azure is a “pay as you go” model, it becomes easy to move from capex to opex.
It is the ability of the system to continue operating at full capacity and fully functional in the event of the failure of some of its components. This simply means that if I have a web application that interacts with a database, if the database is not accessible or down, my web application will still be available for users. This means your application is fault tolerant. Microsoft Azure applies various replication and redundancy strategies to make Azure-hosted services and applications fault tolerant.
What is Microsoft Azure?
Cloud computing is the concept and this concept has been implemented by many companies. For example, Amazon implemented it and named their product Amazon EC2 or Amazon Web Services; Google calls it Google App Engine. On similar lines, Microsoft also created a product based on cloud computing concept called “Microsoft Azure”. Microsoft Azure provides a platform with cloud computing capabilities so that you can get all the benefits of cloud computing.
While answering this, you can also start with the answer to the question “What is cloud computing?” and then explain the paragraph above.
What is IaaS, PaaS and SaaS?
The summary of these terminologies is as follows:
- IaaS: Infrastructure as a Service – a set of infrastructure level capabilities such as an operating system, network connectivity, etc. that are delivered as pay for use services and can be used to host applications. For example, Azure VM, VNET.
- PaaS: Platform as a Service – is about abstracting developers from the underlying infrastructure to enable applications to be quickly composed. This is specifically for developers who are willing to build applications without worrying about the management of the hosting environment at all. Example, Azure Cloud Services, Azure Web Apps, Storage, SQL Azure Database.
- SaaS: Software as a Service – applications that are delivered using a service delivery model where organizations can simply consume and use the application. Typically, an organization would pay for the use of the application or the application could be monetized through ad revenue. For example, Microsoft 365, Gmail, Salesforce.com, SharePoint online, CRM online.
The following diagram explains important differences between IaaS, PaaS and SaaS.
As you can see from the above diagram, the more you go towards the right hand side of the graph, the things that you manage become lesser and lesser. In SaaS, typically, you don’t manage anything and just consume. At maximum, you can make look and feel or configuration changes, but everything else is managed by Microsoft Azure for you.
What is public, private and hybrid cloud implementations with respect to Azure?
The short answer to this question is as below:
Public Cloud: All components of your application or system are running on Azure only.
Private Cloud: You are running Azure services and features within an on-premises data center or you are using an on-premises data center to host your system or applications.
Hybrid Cloud: A Combination of Public and Private Some parts or components of your application are running on Azure, while other parts are running within an on-premises data center.
The following diagram represents the essence of public, private and hybrid clouds.
Public cloud example
You are running an application of a hospital management system on Azure web apps or cloud service web roles and the supporting backend database you are using is a SQL Azure database. In this example, as all components of the entire system (web app and database) are running on Azure itself, this becomes your public cloud implementation.
Private cloud example
You are running an application of a hospital management system on a VM in your data center within your organization’s premises and the supporting backend database you are using is SQL Server installed on a VM in your on-premises data center. In this example, as all components of the entire system (web app and database) are running on-premises, this becomes your private cloud implementation. Similarly, if you use the Azure stack feature, you get all of the Azure services running in your on-premises data center itself.
Hybrid cloud example
You are running an application of a hospital management system on Azure web apps or cloud service web roles and the supporting backend database you are using is SQL Server installed on a VM present within an on-premises data center. In this example, as some of the components are running on Azure and a few are running on-premises, this becomes a hybrid cloud implementation.
Azure Services: Compute
This section highlights common questions around important Azure services.
- Cloud services
- Azure Web Apps
- Azure virtual machines
- Difference between cloud services and web apps
What is Azure cloud service?
- Azure cloud service is an offering from Azure and is specifically designed for hosting web applications, background processing applications [similar to traditional Windows service applications] and Azure IaaS workloads, which are virtual machines.
- The cloud service in Azure is a container under which applications run. The web application in cloud service is termed “web role,” whereas background processing applications are termed “worker role.”
- Every cloud service created in Azure provides you with a DNS name such as “YourCloudServiceName.cloudapp.net”. This DNS name is used for accessing web applications over the internet.
- An Azure subscription can contain any number of cloud services and one cloud service can contain any number of roles. Each role can run any number of “instances (virtual machines)” on which the actual application executes.
- To develop an application cloud service, we need the Azure SDK. Using the Azure SDK, one can create a cloud service type project using tools such as Visual Studio (for .net) or Eclipse (for Java).
The following diagram shows the overall hierarchy of cloud services.
Important: Cloud services can have roles or standalone VMs running within them. When we deploy worker roles in a cloud service, it becomes a PaaS offering, and when we create virtual machines (by using the management portal, PowerShell, CLI, Rest API or Azure SDK) under a cloud service, it becomes an IaaS offering.
What is the purpose of cloud service configuration file (.cscfg)?
Every cloud service type of project contains .cscfg file and primarily used for storing:
- Number of role instances to deploy for each role in cloud service project
- Thumbprint of certificates used, if any
- And most importantly, user defined configuration settings
The primary aim or purpose of this file is to allow configuration changes in the production environment without causing downtime for your application.
When you make changes to web configuration file while web application is running and active in IIS, the app pool gets restarted, current user sessions are lost. For instance, imagine web application hosted in IIS as “desktop application” if you save web.config file it’s exactly similar to closing the opening the desktop application again. Therefore, let’s say if we store azure storage connection string in web config file and after certain days or weeks you regenerated the primary key of storage account for security reasons, then you need to change it in web config file. However, if you do that, app pool will be restarted and application downtime may be experienced.
Therefore, you may want to store these changing configuration settings (like the Azure storage connection string) in a file that is external to the application binaries and deployment package so that changes in it will not affect the running application at all. This can be treated as an external configuration store design pattern and cloud service configuration file is the implementation of this pattern.
The .cscfg file settings can be modified from the Azure portal itself. This means you don’t have to redeploy the entire application which could have been the case if you have had used web.config file and needed a change in it. This is the benefit of cloud configuration file over web.config file.
As the cloud configuration file is not bound with the application, no app pool restart scenario happens upon changes.
How do I achieve zero downtime in cloud service deployments during upgrades and all hardware failures?
Run at least 2 instances of each role within a cloud service. When we have 2 or more instances running for a role in a cloud service, the deployment gets automatically distributed across different fault and upgrade domains and achieves almost or near zero downtime.
Fault domain is a physical unit of failure. In simple form, when your computer is connected to a power supply and the power supply is down, your computer cannot be operational so the computer itself connected to the power supply is a fault domain. A fault domain is a set of hardware components like computers and switches that share a single point of failure.
What is a single point of failure? This is a part of the system. If it fails, will stop the entire system from working.
The infrastructure of each Azure data center is divided into multiple sections which are treated as fault domains. These sections of the infrastructure (which are not necessarily individual servers or server racks) are designed in such a way that a failure of one fault domain is extremely unlikely to affect any other fault domain. When you deploy a service, the Azure fabric controller automatically locates the roles in at least two different fault domains so that a failure in one domain will not affect all instances of your service.
This is the reason why Azure recommends you have 2 instances so that Azure Fabric will place your application role instances in more than one fault domain to avoid failure.
Upgrade Domain: This is a logical unit for grouping the role instances, and it does not exist physically. When we have 2 instances of a role running, then automatically each of the deployments or instances is treated as a different upgrade domain. When an upgrade of the guest OS, host OS or application needs to be performed, only one upgrade domain based instance is updated while upgrade domain 2 based instances keep serving the user’s requests. Once the upgrade of the first instance is completed, the second domain based instance gets updated. At any point during the upgrade, at least one instance is alive and serving the users requests; hence, you don’t face downtime for your application.
What is the best practice for achieving high availability of applications running on Azure VM with a web tier and database tier?
For achieving high availability in the case of Azure IaaS VMs, availability sets should be used along with at least 2 instances of VMs and this redundancy should be implemented at every web tier and DB tier.
For example, let’s say we want to run asp.net MVC web application along with a SQL Server database on an Azure IaaS VM provisioned in cloud service. Then, to provide HA for VMs, it is recommended to run the web application database on a different server. Then have the same web application hosted in 2 different VMs. Both VMs should be provisioned in the same cloud service and added to the same availability sets. Whenever the Azure platform sees 2 VMs as part of the same availability set, they are automatically placed in different “Fault and Update domains.”
This way, availability sets provide HA configuration for Azure VMs running web applications. On top of this, it is also recommended to configure a load balancer for the endpoint port that is used for running web applications. Usually, this is 80 for http or 443 for https.
Again, for database VMs, it is recommended to run them in separate availability sets from web tier VMs. Then, to keep the data in sync between 2 DB VMs, either use log shipping or mirroring mechanisms. Then, on top of this, an internal load balancer can be used to provide communication between web tier VMs and database tier VMs.
If cost is not a factor, then SQL Server always on configuration is the best and recommended approach for achieving HA at DB tier VMs.
The following diagram illustrates the best practice above:
Azure Services: Data and Storage
This section highlights Azure storage and SQL Azure specific questions.
What are the different types of Azure blobs and what is the difference between them?
Azure storage has two types of blobs: block and page.
What is the difference between table storage and SQL Azure table?
Point no. 3: We have seen people face difficulties in understanding the statement “Schema is not enforced on table storage”. The diagram below explains this scenario well.
As you can see above, the 3rd record is storing the date and time in a different format than the first 2 records, and this is absolutely acceptable in table storage. This is what we meant by “no schema enforced on the data”.
What is the difference between SQL Server on an Azure VM and Azure SQL Database?
Azure Networking: VNET
This section will cater to some example questions where hybrid implementation is the key focus of Azure deployment.
An application front end is hosted on Azure but due to security reasons, customer wants the database to be hosted on-premises within his office building. What are the different ways to handle this connectivity scenario in Azure?
Looking at the requirement of connecting a single on-premises DB machine to an Azure hosted application, Azure VNET based “point-to-site” can be considered the correct choice in this scenario for Azure to on-premises connectivity. Point-to-site is an ideal choice for establishing VPN connectivity between on-premises resources and Azure resources where the number of resources to be connected is limited.
What are the other VNET options for achieving connectivity with on premise and Azure resources?
Site-to-site and express routes are other options for achieving cross premises connectivity. Site to site to specifically use when you have a large number of resources to be connected. In some cases, site-to-site or point-to-site connectivity may introduce network latency as VPNs created by these features work on public infrastructure (the Internet) only. To overcome this situation, the “express route” option can be taken, which offers a dedicated leased line-based offering to overcome the latency issue.
What is the option to connect on-premises database in case user is not willing to open up VNET based connectivity?
In such a case, a WCF service can be developed and hosted on-premises. This WCF service will have CRUD operations specifically against the on-premises database. Then the service bus relay option can be used for invoking an on-premises WCF service from an Azure hosted web application to access the database. Use of WCF and service bus relay will avoid the option of VPN connectivity using Azure VNET’s offerings.
This section highlights real world migration interview questions for IaaS or PaaS migration from on-premises to Azure.
On-premises applications running a few Windows services and console applications to handle certain tasks; what should be the approach for migrating such applications to Azure?
There are 3 ways in which we can achieve background process migration to Azure.
- Azure Virtual Machine
- Worker role
- Azure Web Jobs
The obvious way can be:
Azure VM: This is an actual VM running in Azure. Current on-premises console applications and Windows services can be configured on this VM. Then it can function the way it did on-premises. However, managing the VM will be our onus.
The better way can be:
Worker role: If the current Windows service is written in C# (or any other Azure cloud service supported programming language), then it can be easily converted into a worker role to do the processing. Being a PaaS offering, we will not have to manage the role instance VM. However, in the case of the worker role, the scheduling part may be tricky (manual implementation) if that is the need for the background application we are migrating.
Web jobs: This can run in the background and has scheduling capability as well. Webjobs run in the context of the API App service, which means they run on the same instance on which the web application, the API App, is running. Hence, it saves cost as compared to the worker role, and it can scale as per the app service plan in which the web app or API app is running.
If we are looking for a micro-service based architecture (loosely coupled applications in all respects), then Azure Functions is another way of doing it. Although it is not as cost effective as webjobs but it follows the “Single Responsibility Principal” providing you with the true nature of loosely coupled applications.
What is log analytics?
Log Analytics in Azure caters to all requirements in one single service and takes care of log analytics, automation, availability and security in one place. It provides a single dashboard that gives all the details of logs, IIS logs, storage and other infrastructure log and capacity planning details. Log analytics also extends itself to on-premises infrastructure, Amazon (AWS) workloads, and the open stack alongside traditional Windows and Linux virtual infrastructure in Azure.
Log Analytics also enables you to generate Power BI data sources from which you can build Power BI visualizations for your data. Log analytics leverages OMS, which also gives you security and threat management related data with all necessary details like login information, IP addresses, etc. It is a paid service and comes in 3 different pricing tiers: free, standard and premium. It helps you search logs across your infrastructure from a single dashboard and also allows you to export the results. Hence, this becomes one single point for all your logs of all your infrastructure irrespective of whether it is Windows or Linux, on-premises or Azure hosted.
What are the various ways in which an on-premises VM can be migrated to Azure?
The best and most quick way can be to migrate the associated OS disk and data disks from on-premises to Azure storage and then provision a VM out of it. For the migration of an on-premises VM, we need to understand the virtualization platform used for hosting the VM. Various virtualization techniques include HyperV, VMware, etc. For creating VMs on Azure, you need a VHD file only, which can be obtained from HyperV directly. In case the VM is hosted on a virtualization platform other than HyperV, we need to first convert the existing VM disks into VHD format, which can then be uploaded to Azure storage. Once the disk files are present on Azure, VMs can be provisioned.
Azure Messaging: Service Bus
Below are the important differences between a storage queue and service bus queue.
Identity in Azure: Azure Active Directory
This section highlights important and common questions around security in Azure that are asked during interviews.
What is the difference between Azure AD and Windows Server AD?
For reference, visit the Microsoft website.
Thanks for reading through! We hope you found this Azure cloud interview questions guide useful. We will love to hear about topics you want to get covered as a part of this guide so go ahead and leave a comment below.