Book Image

Azure Data Engineering Cookbook - Second Edition

By : Nagaraj Venkatesan, Ahmad Osama
Book Image

Azure Data Engineering Cookbook - Second Edition

By: Nagaraj Venkatesan, Ahmad Osama

Overview of this book

The famous quote 'Data is the new oil' seems more true every day as the key to most organizations' long-term success lies in extracting insights from raw data. One of the major challenges organizations face in leveraging value out of data is building performant data engineering pipelines for data visualization, ingestion, storage, and processing. This second edition of the immensely successful book by Ahmad Osama brings to you several recent enhancements in Azure data engineering and shares approximately 80 useful recipes covering common scenarios in building data engineering pipelines in Microsoft Azure. You’ll explore recipes from Azure Synapse Analytics workspaces Gen 2 and get to grips with Synapse Spark pools, SQL Serverless pools, Synapse integration pipelines, and Synapse data flows. You’ll also understand Synapse SQL Pool optimization techniques in this second edition. Besides Synapse enhancements, you’ll discover helpful tips on managing Azure SQL Database and learn about security, high availability, and performance monitoring. Finally, the book takes you through overall data engineering pipeline management, focusing on monitoring using Log Analytics and tracking data lineage using Azure Purview. By the end of this book, you’ll be able to build superior data engineering pipelines along with having an invaluable go-to guide.

Related Content you might be interested in

Current Title:

Small book image
Azure Data Engineering Cookbook - Second Edition
Nagaraj Venkatesan | Ahmad Osama
Sep, 2022 | 608 pages
Small book image
Limitless Analytics with Azure Synapse
Prashant Kumar Mishra
Jun, 2021 | 392 pages
Small book image
Azure Data Factory Cookbook
Dmitry Anoshin | Xenia Ireton | Tonya Chernyshova | Dmitry Foshin
Feb, 2024 | 532 pages
Small book image
Cloud Scale Analytics with Azure Data Services.
Patrik Borosch
Jul, 2021 | 520 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Sections
Get in touch
Share your thoughts
1
Chapter 1: Creating and Managing Data in Azure Data Lake
Chapter 1: Creating and Managing Data in Azure Data Lake
Technical requirements
Provisioning an Azure storage account using the Azure portal
Provisioning an Azure storage account using PowerShell
Creating containers and uploading files to Azure Blob storage using PowerShell
Managing blobs in Azure Storage using PowerShell
Configuring blob lifecycle management for blob objects using the Azure portal
Free Chapter
2
Chapter 2: Securing and Monitoring Data in Azure Data Lake
Chapter 2: Securing and Monitoring Data in Azure Data Lake
Configuring a firewall for an Azure Data Lake account using the Azure portal
Configuring virtual networks for an Azure Data Lake account using the Azure portal
Configuring private links for an Azure Data Lake account
Configuring encryption using Azure Key Vault for Azure Data Lake
Accessing Blob storage accounts using managed identities
Creating an alert to monitor an Azure storage account
Securing an Azure storage account with SAS using PowerShell
3
Chapter 3: Building Data Ingestion Pipelines Using Azure Data Factory
Chapter 3: Building Data Ingestion Pipelines Using Azure Data Factory
Technical requirements
Provisioning Azure Data Factory
Copying files to a database from a data lake using a control flow and copy activity
Triggering a pipeline in Azure Data Factory
Copying data from a SQL Server virtual machine to a data lake using the Copy data wizard
4
Chapter 4: Azure Data Factory Integration Runtime
Chapter 4: Azure Data Factory Integration Runtime
Technical requirements
Configuring a self-hosted IR
Configuring a shared self-hosted IR
Configuring high availability for a self-hosted IR
Patching a self-hosted IR
Migrating an SSIS package to Azure Data Factory
5
Chapter 5: Configuring and Securing Azure SQL Database
Chapter 5: Configuring and Securing Azure SQL Database
Technical requirements
Provisioning and connecting to an Azure SQL database using PowerShell
Implementing an Azure SQL Database elastic pool using PowerShell
Configuring a virtual network and private endpoints for Azure SQL Database
Configuring Azure Key Vault for Azure SQL Database
Provisioning and configuring a wake-up script for a serverless SQL database
Configuring the Hyperscale tier of Azure SQL Database
6
Chapter 6: Implementing High Availability and Monitoring in Azure SQL Database
Chapter 6: Implementing High Availability and Monitoring in Azure SQL Database
Implementing active geo-replication for an Azure SQL database using PowerShell
Implementing an auto-failover group for an Azure SQL database using PowerShell
Configuring high availability to the Hyperscale tier of Azure SQL Database
Implementing vertical scaling for an Azure SQL database using PowerShell
Monitoring an Azure SQL database using the Azure portal
Configuring auditing for Azure SQL Database
7
Chapter 7: Processing Data Using Azure Databricks
Chapter 7: Processing Data Using Azure Databricks
Technical requirements
Configuring the Azure Databricks environment
Integrating Databricks with Azure Key Vault
Mounting an Azure Data Lake container in Databricks
Processing data using notebooks
Scheduling notebooks using job clusters
Working with Delta Lake tables
Connecting a Databricks Delta Lake table to Power BI
8
Chapter 8: Processing Data Using Azure Synapse Analytics
Chapter 8: Processing Data Using Azure Synapse Analytics
Technical requirements
Provisioning an Azure Synapse Analytics workspace
Analyzing data using serverless SQL pool
Provisioning and configuring Spark pools
Processing data using Spark pools and a lake database
Querying the data in a lake database from serverless SQL pool
Scheduling notebooks to process data incrementally
Visualizing data using Power BI by connecting to serverless SQL pool
9
Chapter 9: Transforming Data Using Azure Synapse Dataflows
Chapter 9: Transforming Data Using Azure Synapse Dataflows
Technical requirements
Copying data using a Synapse data flow
Performing data transformation using activities such as join, sort, and filter
Monitoring data flows and pipelines
Configuring partitions to optimize data flows
Parameterizing Synapse data flows
Handling schema changes dynamically in data flows using schema drift
10
Chapter 10: Building the Serving Layer in Azure Synapse SQL Pool
Chapter 10: Building the Serving Layer in Azure Synapse SQL Pool
Technical requirements
Loading data into dedicated SQL pools using PolyBase and T-SQL
Loading data into a dedicated SQL pool using COPY INTO
Creating distributed tables and modifying table distribution
Creating statistics and automating the update of statistics
Creating partitions and archiving data using partitioned tables
Implementing workload management in an Azure Synapse dedicated SQL pool
Creating workload groups for advanced workload management
11
Chapter 11: Monitoring Synapse SQL and Spark Pools
Chapter 11: Monitoring Synapse SQL and Spark Pools
Technical requirements
Configuring a Log Analytics workspace for Synapse SQL pools
Configuring a Log Analytics workspace for Synapse Spark pools
Using Kusto queries to monitor SQL and Spark pools
Creating workbooks in a Log Analytics workspace to visualize monitoring data
Monitoring table distribution, data skew, and index health using Synapse DMVs
Building monitoring dashboards for Synapse with Azure Monitor
12
Chapter 12: Optimizing and Maintaining Synapse SQL and Spark Pools
Chapter 12: Optimizing and Maintaining Synapse SQL and Spark Pools
Technical requirements
Analyzing a query plan and fixing table distribution
Monitoring and rebuilding a replication table cache
Configuring result set caching in Azure Synapse dedicated SQL pool
Configuring longer backup retention for a Synapse SQL database
Auto pausing Synapse dedicated SQL pool
Optimizing Delta tables in a Synapse Spark pool lake database
Optimizing query performance in Synapse Spark pools
13
Chapter 13: Monitoring and Maintaining Azure Data Engineering Pipelines
Chapter 13: Monitoring and Maintaining Azure Data Engineering Pipelines
Technical requirements
Monitoring Synapse integration pipelines using Log Analytics and workbooks
Tracing SQL queries for dedicated SQL pool to Synapse integration pipelines
Provisioning a Microsoft Purview account and creating a data catalog
Integrating a Synapse workspace with Microsoft Purview and tracking data lineage
Applying Azure tags using PowerShell to multiple Azure resources
14
Index
Index
Why subscribe?
15
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share your thoughts

Configuring private links for an Azure Data Lake account

In this recipe, we will be creating a private link to a storage account and using private endpoints to connect to it.

Private links and private endpoints ensure that all communication to the storage account goes through the Azure backbone network. Communications to the storage account don't use a public internet network, which makes them very secure.

Getting ready

Before you start, perform the following steps:

  1. Open a web browser and go to the Azure portal at https://portal.azure.com.
  2. Make sure you have an existing storage account. If not, create one using the Provisioning an Azure storage account using the Azure Portal recipe in Chapter 1, Creating and Managing Data in Azure Data Lake.
  3. Make sure you have an existing virtual network configured to the storage account. If not, create one using the Configuring virtual networks for an Azure Data Lake account using the Azure portal recipe in this chapter.

How to do it…

Perform the following steps to configure private links to a Data Lake account:

  1. Log in to the Azure portal and click on the storage account.
  2. Click on Networking | the Private Endpoints tab.
  3. Click on the + Private endpoint button, as shown here:
Figure 2.7 – Creating a private endpoint to a storage account

Figure 2.7 – Creating a private endpoint to a storage account

  1. Provide an endpoint name, as shown in the following screenshot:
Figure 2.8 – Providing an endpoint name

Figure 2.8 – Providing an endpoint name

  1. In the Resource tab, set Target sub-resource to dfs. Distributed File Systems (DFS) is sub-source if we are connecting to Data Lake Storage Gen2. The rest of the fields are auto-populated. Proceed to the Configuration section:
Figure 2.9 – Setting the target resource type to dfs

Figure 2.9 – Setting the target resource type to dfs

  1. Create a private Domain Name System (DNS) zone by picking the same resource group where you created the storage account, as shown in the following screenshot:
Figure 2.10 –  Creating a private DNS

Figure 2.10 – Creating a private DNS

  1. Hit the Create button to create the private DNS link.
  2. After the private endpoint is created, open it in the Azure portal. Click on DNS configuration:
Figure 2.11 – Copy the FQD9

Figure 2.11 – Copy the FQD9

  • Make a note of the FQDN and IP addresses details. The FQDN is the Fully Qualified Domain Name, which will resolve to the private IP address if, and only if, you are connected to the virtual network.

With the preceding steps, we have created a private endpoint that will use private links to connect to a storage account.

How it works…

We have created a private link to a storage account and ensured that traffic goes through the Microsoft backbone network (and not the public internet), as we will be accessing the storage account via a private endpoint. To show how it works, let's resolve the private URL link from the following locations. Let's perform the following:

  • Use nslookup to look up a private URL link from your local machine.
  • Use nslookup to look up a private URL link from a virtual machine inside the virtual network.

On your machine, open Command Prompt and type nslookup <FQDN of private link>, as shown in the following screenshot:

Figure 2.12 – Testing a private endpoint connection outside of the virtual network

Figure 2.12 – Testing a private endpoint connection outside of the virtual network

nslookup resolves the private link to an incorrect IP address, as your machine is not part of the virtual network. To see it working, perform the following instructions:

  1. Create a new virtual machine in the Azure portal. Ensure to allow a remote desktop connection to the virtual machine, as shown in the following screenshot:
Figure 2.13 – Creating a new virtual machine and allowing a remote desktop

Figure 2.13 – Creating a new virtual machine and allowing a remote desktop

  1. Under Networking, select the virtual network in which the storage account resides:
Figure 2.14 – Configuring the virtual machine to use the virtual network

Figure 2.14 – Configuring the virtual machine to use the virtual network

Once the virtual machine is created, log in to the virtual machine using a remote desktop and perform nslookup to look up the private link URL again to resolve its IP address. nslookup is a command that will resolve an URL to an IP address. We will use nslookup to verify whether the private link URL resolves to a private IP address (10.x.x.x) and not a public IP address.

nslookup from a virtual machine inside the virtual network resolves correctly to the private IP address of the private link, as shown in the following screenshot. This shows that the connection goes through a virtual network only and doesn't use public internet:

Figure 2.15 – nslookup from the virtual network

Figure 2.15 – nslookup from the virtual network

With the previous recipe, we have successfully created a private link to a storage account, configured a private endpoint connection, and accessed it via a virtual machine to verify the connectivity. This recipe covers how you can securely connect to a storage account through virtual networks only by passing a public network.

Previous Section
End of Section 4
Next Section