We observed that there is a huge population of Developers and IT Professionals who wish to go on Azure or pursue a career in Cloud (Azure to be very specific). We also observed that while giving interviews many people just give high level details when they interviewed on Azure since either there is lack of awareness or they somehow not able to get deep dive into the subject/concepts of Azure. That creates a big impact not only on their planned career in Azure but also they missed out opportunities despite having good development/technical background.
Hence we thought we should address this gap and to enable both experience and inexperience developers to clear their Azure cloud interview questions effectively and efficiently. This is not a guide for Microsoft Certification on Azure but it is more of a resource guide to clear your interview.
What this guide will do?
Take the fear out of your interview and never be stuck for the right answer to even the toughest questions with The Microsoft Azure Interview Questions Book. The job market is fierce, competition has never been greater and it’s vital that you can grab every opportunity for competitive advantage and stay one step ahead with the knowledge of leading cloud computing technology platform “Microsoft Azure”.
Interviewers are looking for people who really stand out, and here’s your chance to be different from the rest. This definitive guide to questions and answers encourages every job-hunter to think on your feet and express your individuality whilst supplying ideal responses to interview questions so that you’re seen as the ideal candidate for the job.
Let’s get started!!
Structure of the guide
The book has been structured into various topics. For each topic a set of important and frequently asked questions are drafted along with short answers which specifically an interviewer will look for. This short answer is the key for you in interview. To make you understand the question and answer background along with all the details, after answers to the question, you have “Deep dive” section that explains the concept and background behind the short answer with detailed information. This will help you to understand the concept, provide you more information, so depending on the situation in interview you can explain the diagrams, concepts with more confidence.
This section highlights introductory questions and answers for general cloud concepts with MS Azure as a focus.
What is cloud computing?
Cloud computing is basically a great level of abstraction over the infrastructure that can help you to focus more on your business logic without having to worry about hosting or infrastructure needs. This is the general term used for delivering the hosted services over the internet. In cloud computing the computing resources are providing “as a service”. Just like Electricity, you pay to electricity provider and get the electricity at your home and for this you don’t need to create any infrastructure. Cloud computing provides you computing resources as a service where you don’t have to focus on infrastructure requirements.
To understand why and what is cloud computing refer to below description.
Let’s say I wish to develop a banking application using asp.net MVC. When we think about developing a new enterprise level web application, the first thought comes to mind is how am I going to host it? This leads to list of below requirements.
- Database servers and licenses
- Source control and version management server and licenses
- Dedicated office space
- Power and cooling mechanism
- Network and bandwidth configurations and setup
- Developer workstations with client OS and their licenses
- Developer tools like Visual Studio and SSMS.
- Team of experts to manage this entire setup
This is the bare minimum list for one application and this is the problem. Our main aim was to develop banking application but we did not think about
- Who will be users of my application
- What functionality my application will support
- Whether to allow 3rd party payment or no
We did not think about application business logic but got dragged in infrastructure requirements and this is the problem. Being an application development company we should be focusing on application specific things. Companies like Microsoft, Google, Amazon etc. came with the concept that, if you are an application development (or service provider) company you just need to focus on your application and data but all your infrastructure needs we will take care. Application Development Company don’t have to worry about hardware, licenses, OS management, backup etc. and just to need to pay what they use. This is nothing but the cloud computing and why cloud came into existence.
What are the benefits\advantages of cloud computing?
- High Availability
- Pay as you go
- Moving from Capex to Opex
- Fault Tolerance
- High Response Time
- High Bandwidth
- Low Latency
It can be termed as an ability of the application to handle growing amount of work without degrading the performance. Basically system can grow without limits based on demand.
Scalability is of 2 types:
- Vertical or Scale Up – In this type of scaling configuration we increase the capacity of the existing hardware or machine. For example, if you are having a desktop of 4GB RAM and tomorrow you increase the RAM of your machine to 16GB then this is nothing but the vertical scaling.
- Horizontal or Scale Out – In this type of scaling configuration we increase the count of machines without increasing the capacity. For example, if you have a server of 8GB RAM and tomorrow you put another server of same RAM. When you do horizontal scaling essentially you increase the computing power in parallel so you get better performance. This is horizontal scaling.
The system is easy to evolve as business changes. This defines a degree to which your application can be evolved/changed/ modified depending on the business or requirement changes.
Basically this defines on how much your application is available for its end users. Customers or users will always expect zero downtime of the application. High availability means your application can withstand below common types of downtime scenarios.
- Hardware failures
- Application updates
- Configuration changes
- OS update restarts
- Heavy load restarts
Pay as you go
This is the most lucrative benefit of cloud. With cloud you pay only for what you use. If you are not in the need of resources, you can free them/de-allocate them and you are not charged for it. The billing is absolutely “per minute” billing giving you more saving on cost.
Moving from Capex to Opex
This stands for moving from “Capital Expenditure to Operational Expenditure”. Companies today don’t wish to invest on hardware as hardware is changing at rapid pace. Therefore, instead of investing on hardware cost which may become obsolete after certain time span they are more interested and willing to pay operational cost on monthly, yearly basis. This is nothing but the Capex to Opex. As Microsoft Azure being “Pay as you go” model it becomes easy to move from Capex to Opex.
It is the ability of the system to continue operating in full capacity and fully functional in the event of failure of some of its components. This simply means, if I have a web application and interacting with database then if the database is not accessible/down still my web application will be available for users. This means your application is fault tolerant. Microsoft Azure applies various replication and redundancy strategies to make azure hosted services and applications as fault tolerant.
What is Microsoft Azure?
Cloud computing is the concept and this concept has been implemented by many companies. For example, Amazon implemented it and named their product as Amazon EC2 or Amazon web services, Google call it as Google App Engine. On similar lines Microsoft also created a product based on cloud computing concept and it is called as “Microsoft Azure”. MS Azure provides a platform with cloud computing capabilities so that you can get all the benefits of cloud computing.
Here while answering this you can also start with answer to question “what is cloud computing” and then explain above paragraph.
What is IaaS, PaaS and SaaS?
The summary of these terminologies is as follows:
- IaaS – Infrastructure as a Service – a set of infrastructure level capabilities such as an operating system, network connectivity, etc. that are delivered as pay for use services and can be used to Host applications. Example, Azure VM, VNET.
- PaaS – Platform as a Service – is about abstracting developers from the underlying infrastructure to enable applications to quickly be composed. This is specifically for developers who are willing to Build applications without worrying about management of hosting environment at all. Example, Azure Cloud services, Azure Web Apps, Storage, SQL Azure Database.
- SaaS – Software as a Service – applications that are delivered using a service delivery model where organizations can simply Consume and use the application. Typically, an organization would pay for the use of the application or the application could be monetized through ad revenue. Example, Microsoft 365, Gmail, Saleforce.com, SharePoint online, CRM online.
Following diagram explains important difference between IaaS, PaaS and SaaS.
As you can see from the above diagram, more you go towards right hand side of the graph things that you manage become lesser and lesser. In SaaS typically you don’t manage anything and just consume. At the max you can make look and feel or configuration changes but everything rest is managed by Microsoft Azure for you.
What is Public, Private and Hybrid cloud implementation with respect to Azure?
The short answer for this questions is as below:
Public Cloud – All components of your application/ system are running in Azure only.
Private Cloud – You are running Azure services and features within on-premises data center OR you are using on-premises data center for hosting your system or applications.
Hybrid Cloud – Combination of Public and Private. Some part or components of your application running on Azure where as some part of your application is running within on premises datacenter.
Following diagram represents the essence of Public, Private and Hybrid cloud.
Public Cloud example
You are running an application of Hospital Management system on Azure Web Apps or Cloud service web roles and supporting backend database you are using is SQL Azure Database. In this example as all components of entire system (web app and database) are running on Azure itself this become your public cloud implementation.
Private Cloud example
You are running an application of Hospital Management system on VM in your data center within your organization premises and supporting backend database you are using is SQL server installed on VM in on premises data center. In this example as all components of entire system (web app and database) are running on premises itself this become your private cloud implementation. Similarly, if you use Azure Stack feature, you get all of the azure service running in your private within premises data center itself.
Hybrid Cloud example
You are running an application of Hospital Management system on Azure Web Apps or Cloud service web roles and supporting backend database you are using is SQL server installed on VM present within on premises data center. In this example as some of the components are running on Azure and few are running on premises this becomes Hybrid cloud implementation.
Azure Services – Compute
This section highlights common questions around important azure services.
- Cloud services
- Azure Web Apps
- Azure Virtual Machines
- Difference between Cloud Services and Web Apps
What is Azure cloud service?
Azure cloud service is an offering from Azure and specifically designed for hosting web applications, background processing applications [similar to traditional windows service applications] and Azure IaaS workloads means Virtual Machines. Cloud Service in Azure is a container under which applications run. The web application in cloud service is termed as “Web Role” whereas background processing applications are termed as “Worker Role”.
Every cloud service created from Azure provides you a DNS name such as “YourCloudServiceName.cloudapp.net”. This DNS name is used for accessing web applications over internet. An Azure subscription can contain any number cloud services and one cloud service can contain any number of roles. Each role can run any number of “Instances (virtual machines)” on which actual application executes.
To develop an application cloud service, roles aware we need Azure SDK. Using Azure SDK one can create cloud service type of project from tools such as Visual Studio (for .net) or Eclipse (for java).
Following diagram shows the overall hierarchy of cloud services.
Important – Cloud services can have roles or standalone VMs running within them. When we deploy web/worker roles in cloud service is becomes PaaS offering and when we create virtual machines (by using management portal, PowerShell, CLI, Rest API or Azure SDK) under a cloud service becomes IaaS offerings.
What is purpose of cloud service configuration file (.cscfg)?
Every cloud service type of project contains .cscfg file and primarily is used for storing:
- Number of role instances to deploy for each role in cloud service project
- Thumbprint of certificates used if any
- And most important, User defined configuration settings
The primary aim or purpose of this file is to allow configuration changes in production environment without downtime of your application.
When you make changes to web configuration file while web application is running and active in IIS, the App Pool gets restarted, current user sessions are lost. For instance, imagine web application hosted in IIS as “desktop application” if you save web.config file it’s exactly similar to closing the opening the desktop application again. Therefore, let’s say if we store azure storage connection string in web config file and after certain days or weeks you regenerated the primary key of storage account for security reasons, then you need to change it in web config file. However, if you do that, app pool will be restarted and application downtime may be experienced.
Therefore, you may want to store these changing configuration settings (like azure storage connection string) in a file which is external to application binaries and deployment package so that change in it will not affect the running application at all. This can have treated as External Configuration Store Design Pattern and cloud service configuration file is the implementation of this pattern.
The .cscfg file settings can be modified from the azure portal itself. This means you don’t have to redeploy the entire application which could have been the case if you have had used web.config file and needed a change in it. This is the benefit of cloud configuration file over web.config file.
As cloud configuration file is not bound with application no app pool restart scenario happens upon changes.
How to achieve zero downtime in cloud service deployments during upgrades and all hardware failures?
Run at least 2 instances of each role within a cloud service. When we have 2 or more instances running for a role in cloud service then automatically the deployment gets distributed across different fault and upgrade domains and achieves almost or near to zero downtime.
Fault domain is a physical unit of failure. In simple form when your computer is connected to power supply and if power supply is down then your computer can not be operational so computer itself connected to power supply is a Fault domain. A fault domain is set of hardware components like computers, switches that share single point of failure.
What is single point of failure – is a part of the system, if it fails, will stop the entire system from working.
The infrastructure of each Azure data center is divided into multiple sections which are treated as fault domains. These sections of the infrastructure (which are not necessarily individual servers or server racks) are designed in such a way that a failure of one fault domain is extremely unlikely to affect any other fault domain. When you deploy a service, the Azure Fabric Controller automatically locates the roles in at least two different fault domains so that a failure in one domain will not affect all instances of your service.
This is the reason why Azure recommends you to have 2 instances so that Azure fabric will place your application role instances in more than one fault domain to avoid failure.
Upgrade Domain – is a logical unit of grouping the role instances and it does not exist physically. When we have 2 instances of role running then automatically each of the deployment or instances are treated as different upgrade domain. When an upgrade of guest OS, host OS or application update need to be performed then only one upgrade domain based instances is updated while upgrade domain 2 based instance keep serving the user’s requests. Once upgrade of first instance is completed then second upgrade domain based instance gets updated. At any point of time during upgrade at least one instance is alive and serving the users request hence you don’t face the downtime of your application.
What is the best practice for achieving the High availability of applications running on Azure VM having web tier and DB tier?
For achieving high availability in case of Azure IaaS VMs – Availability sets should be used along with at least 2 instances of VMs and implement this redundancy at every web tier and DB tier.
For example, let’s say we want to run asp.net MVC web application along with SQL server DB on Azure IaaS VM provisioned in cloud service. Then to provide HA for VMs, it is recommended to run web application database in different server. Then have same web application hosted in 2 different VMs. Both VMs should be provisioned in the same cloud service and add them to same availability sets. Whenever Azure platform see 2 VMs part of same availability sets then automatically they are placed in different
“Fault and Update domain”.
This way availability sets provides HA configuration for Azure VMs running web applications. On top of this it is also recommended to configure Load balancer (for the endpoint port which is used for running web application. usually this is 80 for http or 443 for https).
For database VMs again it is recommended to run them in separate Availability sets than web tier VMs. Then to keep the data in sync between 2 DB VMs either use Log shipping or mirroring mechanism. Then on top of this Internal load balancer can be used to provide communication between web tier VMs and DB tier VMs.
If cost is not the factor, then SQL Server Always On configuration is best and recommended approach for achieving HA at DB tier VMs.
Following diagram illustrates the above best practice:
Azure Services – Data and Storage
This section highlights Azure storage, SQL azure specific questions.
What are different types of Azure blobs and difference between them?
Azure storage has two type of blob – Block and Page.
What is the difference between Table Storage and SQL Azure Table?
Point no 3 – We have seen people face difficulties in understanding the statement “Schema is not enforced on table storage”. Below diagram explains this scenario well.
As you can see above the 3rd record is storing the date time in different format than first 2 records and this is absolutely accepted in Table storage. This is what we meant by “No Schema enforced on the data”.
What is the difference between SQL Server on Azure VM and Azure SQL Database?
Azure Networking – VNET
This section will cater to some example questions where Hybrid implementation is the key focus of Azure deployment.
An application front end is hosted on Azure but due to security reasons customer want database to be hosted on-premises within his office building. What are the different ways to handle this connectivity scenario in Azure?
Looking at the requirement of connecting single on premises DB machine to Azure hosted application, Azure VNET based “Point to Site” can be considered as correct choice in this scenario for Azure to on premises connectivity. Point to Site is ideal choice for establishing VPN connectivity between on premises resources and Azure resources where number of resources to be connected is limited.
What are the other VNET options for achieving connectivity with on premise and azure resources?
Site to Site and express route are other options for achieving cross premises connectivity. Site to site to specifically use when you have large number of resources to be connected. In some cases, Site to Site or Point to Site connectivity may introduce network latency as VPN created by these features work on public infrastructure (Internet) only. To overcome on this situation “Express Route” option can be taken which offers dedicated Leased Line based offering to overcome on latency issue.
What is the option to connect on premises database in case user is not willing to open up VNET based connectivity?
In such case, a WCF service can be developed and hosted on premises. This WCF service will have CRUD operations specifically against the on premises database. Then Service bus relay option can be used for invoking on premises WCF service from Azure hosted web application to access the database. Use of WCF and service bus relay will avoid the option of VPN connectivity using Azure VNETs offerings.
This section highlights real world migration interview questions for IaaS or PaaS migration from on premises to Azure.
On premises application running few windows services, console applications to handle certain tasks. What should be the approach for migration of such applications to Azure?
There are 3 ways by which we can achieve background process migration to Azure.
- Azure Virtual Machine
- Worker role
- Azure Web Jobs
The obvious way can be:
Azure VM: This is actual VM running in Azure. Current on premises console applications, windows services can be configured on this VM. Then it can function the way it was functioning on premises. However, managing the VM will be our onus.
Better way can be:
Worker Role: If current windows service is written in C# (or any other Azure cloud service supported programming language) then it can be easily converted into Worker role to do the processing. Being PaaS offering we will not have to manage the role instance VM. However, in case of Worker role the scheduling part may be tricky (manual implementation) if that is the need of background application we are migrating.
Web Jobs: This can run in background plus has scheduling capability as well. Webjobs runs in the context of API App service, means runs on the same instance on which web application, API app is running. Hence it saves cost as compared to Worker Role and it can scale as per the App Service plan in which web app, API app is running.
If we are looking for Micro-service based architecture (loosely couple application in all respect), then Azure functions is another way of doing it. Although it is not cost effective as webjobs but it follows “Single Responsibility Principal” providing you true nature of loosely couple applications.
What is Log Analytics?
Log Analytics in Azure cater all requirements in one single service and takes care of Log Analytics, Automation, Availability and Security at one single place. It provides single dashboard which gives all details of Logs, IIS Logs, Storage and other Infrastructure Log and Capacity planning details. Log Analytics also extend itself to On Premise infrastructure, Amazon (AWS) workload and Open Stack beside traditional Windows and Linux virtual infrastructure in Azure.
Log Analytics also enables you to generate Power BI data source from which you can build Power BI visuals for your data. Log Analytics leverages OMS which also gives you Security and Threat Management related data with all necessary details like Login Information, IP Addresses etc. It is paid services and comes with 3 different pricing tier as Free, Standard and Premium. It helps you to search Logs across your infrastructure from a single dashboard and also allows you to export the results as well. Hence this becomes one single point/dashboard for all your logs of all your infrastructure irrespective whether it is Windows or Linux or On premise or Azure hosted.
What are the various ways by which an on premises VM can be migrated to Azure?
The best and quick way can be to migrate the associated OS disk and data disks from on premises to Azure storage, and then provision VM out of it. For migration of on premises VM, we need to understand what is the virtualization platform used for hosting the VM. Various virtualization techniques are HyperV, VMWare etc. For creating VM on Azure requires VHD file only and that can be obtained from HyperV directly. In case VM is hosted on virtualization platform other than HyperV then we need to first convert the existing VM disks into vhd format and then can be uploaded to Azure storage. Once the disk files are present on Azure, VM can be provisioned.
Azure Messaging – Service Bus
Below are the important difference between storage queue and service bus queue.
Identity in Azure – Azure Active Directory
This section highlights important and common questions around security in Azure that are asked during interviews.
What is the difference between Azure AD and Windows Server AD?
For reference, visit the Microsoft website.
Thanks for reading through! We hope you found this Azure cloud interview questions guide useful. We will love to hear about topics you want to get covered as a part of this guide so go ahead and leave a comment below.