Chapter One

Compute

Eight ways to run code, from raw virtual machines you patch yourself to functions that scale to zero. The right choice turns on your workload, your team's container experience, and how much operations you want to own.

8 services

Azure Compute — From Raw VMs to Functions

Virtual Machines

Raw VMs. You pick the image, size, disk, and network, and you own the OS.

AKS

Managed Kubernetes. You run the cluster's workloads; Azure runs the control plane.

Container Apps

Serverless containers on managed Kubernetes. Scale to zero, no nodes to patch.

App Service

Managed PaaS for web apps. Push code or a container; Azure runs the platform.

Functions

Event-driven functions. Azure runs your code per trigger; nothing when idle.

More controlLess ops

You manage the OS, patching, and scaling.Azure manages everything except your code.

Core Terminology

A handful of terms recur across this chapter. Defining them here keeps the service pages focused on trade-offs.

Region

A geographic area such as eastus or westeurope holding one or more datacenters. Region choice drives latency, data residency, feature availability, and price.

Availability Zone

Physically separate datacenters within a Region, each with independent power, cooling, and network. Spreading instances across zones survives a single-datacenter failure.

VM Size

A named hardware profile such as Standard_D4s_v5 defining vCPUs, memory, and capabilities. Families target general-purpose, compute, memory, or GPU workloads.

Resource Group

A logical container for resources that share a lifecycle. Deleting the group deletes everything in it — the unit of management and access control.

Managed Identity

An Entra ID identity Azure manages for a workload, so it calls other services without secrets in code or config.

Scale Set

A group of identical VMs managed as one unit, with autoscale rules and rolling upgrades — the basis of elastic VM capacity.