Last updated: May 2026

Azure Virtual Machines Beginner AZ-104 ⏱ 13 min read

Availability Sets & Availability Zones

A single VM is a single point of failure — one hardware failure or one maintenance event and your application goes down. Azure provides two mechanisms to protect against this: Availability Sets and Availability Zones. Understanding both — and knowing when to use which — is one of the most important skills for the AZ-104 exam and for real-world Azure architecture.

What you'll learn Why single VMs are risky · Fault domains vs update domains · How Availability Sets work · How Availability Zones differ · SLA comparison · When to use Sets vs Zones · Designing a highly available application · Creating VMs with availability options

Table of Contents

The Problem — Single Points of Failure
Availability Sets
Fault Domains
Update Domains
Availability Zones for VMs
Availability Sets vs Availability Zones
SLA Comparison
Designing a Highly Available Application
Creating VMs with Availability Options
Practice Questions

The Problem — Single Points of Failure

Imagine you have a web application running on a single Azure VM. Two things can take it down:

Unplanned downtime — The physical host server fails (power supply, hardware fault, network issue)
Planned maintenance — Azure needs to update the host server's firmware or hypervisor and reboots it

In both cases, your application is unavailable until the VM restarts. For production workloads, this is unacceptable. The solution is to run multiple VMs and ensure they don't all fail at the same time — which is what Availability Sets and Zones enable.

Availability Sets

An Availability Set is a logical grouping that tells Azure to spread VMs across multiple physical fault domains and update domains within a single data centre. When you add VMs to an Availability Set, Azure ensures no two VMs in the same set are on the same physical hardware.

ℹ️

Key Point Availability Sets protect against failures WITHIN a single data centre. They do NOT protect against an entire data centre failure. For data centre-level protection, use Availability Zones instead.

How to Create an Availability Set

An Availability Set must be created BEFORE the VMs that go into it. You cannot add an existing VM to an Availability Set after creation — you must create the VM with the Availability Set selected.

Azure CLI Create an Availability Set

# Create the Availability Set first
az vm availability-set create \
  --resource-group myResourceGroup \
  --name myAvailabilitySet \
  --location centralindia \
  --platform-fault-domain-count 2 \
  --platform-update-domain-count 5

# Create VMs inside the Availability Set
az vm create \
  --resource-group myResourceGroup \
  --name myVM1 \
  --availability-set myAvailabilitySet \
  --image Ubuntu2204 \
  --size Standard_B2s \
  --admin-username azureuser \
  --generate-ssh-keys

Fault Domains

A fault domain is a group of VMs that share a common power source and network switch. If that power supply or switch fails, all VMs in that fault domain go down together.

Azure Availability Sets spread VMs across 2 or 3 fault domains (depending on the region). This means if one power supply fails, only some of your VMs are affected — others remain running.

💡

Real-World Analogy Imagine a server room with 3 power circuits (A, B, C). Fault domain 1 uses circuit A. Fault domain 2 uses circuit B. If circuit A trips a breaker, only FD1 VMs go down — FD2 VMs keep running. That's fault domain protection.

Update Domains

An update domain is a group of VMs that Azure updates (reboots for host maintenance) at the same time. Azure spreads VMs across 5 update domains by default (up to 20).

When Azure needs to perform planned maintenance, it updates one update domain at a time, waiting 30 minutes between each. This ensures your application stays available while Azure maintains the underlying hardware.

	Fault Domain	Update Domain
Protects against	Hardware failures (power, network)	Planned maintenance reboots
Number in Availability Set	2–3	Up to 20 (default 5)
When it matters	Unexpected hardware failure	Azure maintenance window

Availability Zones for VMs

While Availability Sets protect within a single data centre, Availability Zones spread VMs across physically separate data centres (zones) within a region.

Each zone has its own independent power, cooling, and networking. A failure in one zone (even a complete data centre fire or flood) does not affect the other zones.

Deploying VMs Across Zones

Azure CLI Deploy VMs across 3 Availability Zones

# VM in Zone 1
az vm create \
  --resource-group myResourceGroup \
  --name myVM-zone1 \
  --zone 1 \
  --image Ubuntu2204 \
  --size Standard_B2s \
  --admin-username azureuser \
  --generate-ssh-keys

# VM in Zone 2
az vm create \
  --resource-group myResourceGroup \
  --name myVM-zone2 \
  --zone 2 \
  --image Ubuntu2204 \
  --size Standard_B2s \
  --admin-username azureuser \
  --generate-ssh-keys

# VM in Zone 3
az vm create \
  --resource-group myResourceGroup \
  --name myVM-zone3 \
  --zone 3 \
  --image Ubuntu2204 \
  --size Standard_B2s \
  --admin-username azureuser \
  --generate-ssh-keys

Availability Sets vs Availability Zones

Feature	Availability Set	Availability Zone
Protection scope	Within one data centre	Across separate data centres
Protects against	Hardware failures, planned maintenance	Data centre failures
SLA	99.95%	99.99%
Cost impact	Free to create (pay for VMs)	Pay for VMs in each zone
Network latency between VMs	Very low (same DC)	Low (<2ms between zones)
Available everywhere?	Yes — all regions	Only in AZ-supported regions
Recommended for new workloads?	Legacy — use zones instead	Yes — modern approach

⚠️

Availability Sets Are Legacy Availability Sets were the original high availability mechanism. They only protect within a single data centre. For any new workload in a region that supports Availability Zones (like Central India), always use Availability Zones instead — better SLA, better protection.

SLA Comparison

Deployment	SLA	Max Annual Downtime
Single VM (Standard HDD)	No SLA	No guarantee
Single VM (Premium SSD)	99.9%	~8.7 hours
VMs in Availability Set	99.95%	~4.4 hours
VMs across 2+ Availability Zones	99.99%	~52 minutes

Designing a Highly Available Application

Here's a practical high availability design for a web application using Availability Zones:

Layer	Zone 1	Zone 2	Zone 3	Front-end
Web tier	VM-web-1	VM-web-2	VM-web-3	Zone-redundant Load Balancer
App tier	VM-app-1	VM-app-2	VM-app-3	Internal Load Balancer
Database	SQL Primary	SQL Secondary	SQL Secondary	SQL Always On

With this design, if Zone 2 completely fails, Zone 1 and Zone 3 continue serving all traffic. The Load Balancer detects the zone failure and routes around it automatically. Users see no downtime.

💡

AZ-104 Exam Tip This is one of the most tested topics on AZ-104. Know: fault domains (hardware failure protection), update domains (maintenance protection), Availability Sets (within one DC, 99.95%), Availability Zones (across DCs, 99.99%), and that you cannot move an existing VM into an Availability Set.

📝 Practice Questions

Click an option to check your answer. AZ-104 style questions.

Q1. What does a fault domain in an Availability Set protect against?

A Planned maintenance reboots by Azure

B Hardware failures — power supply and network switch failures

C An entire data centre going offline

D Natural disasters at the regional level

Q2. What SLA does Microsoft provide for VMs deployed across two or more Availability Zones?

A 99.9%

B 99.95%

C 99.99%

D 100%

Q3. A production application needs maximum high availability within the Azure Central India region. Which deployment option should be used?

A A single VM in one Availability Zone

B Multiple VMs in an Availability Set

C Multiple VMs spread across all three Availability Zones

D Deploy to a different Azure region entirely

Q4. Can you add an existing running VM to an Availability Set?

A Yes — you can add any running VM to an Availability Set at any time

B Yes — but only if the VM is first deallocated

C No — VMs must be created with the Availability Set specified at creation time

D Only for Windows VMs — not Linux VMs

Q5. What is the default number of update domains in an Azure Availability Set?

A 2

B 3

C 5

D 20

← Previous Azure Bastion Next → VM Scale Sets

Comments

Disclaimer: RedKite Cloud is an independent educational resource and is not affiliated with, endorsed by, or officially connected to Microsoft Corporation. All product names, logos, and trademarks are property of their respective owners. Content is written independently for educational purposes only.