Microsoft Azure is a private and public cloud platform. You may be familiar with the Azure services, the developers, and IT professionals use to build, deploy, and manage the applications. But how does it work? Azure uses a technology known as virtualization. Virtualization separates the tight coupling between a computer's CPU and its operating system using an abstraction layer called a hypervisor. The hypervisor emulates the functions of a real computer and its CPU in a virtual machine. It can run multiple virtual machines at the same time, and each virtual machine can run any compatible operating system such as Windows or Linux. Azure takes this virtualization technology and repeats it on a massive scale in Microsoft data centers throughout the world. Each data center has many racks filled with servers. Each server includes a hypervisor to run multiple virtual machines. A network switch provides connectivity to the servers. One server in each rack runs a special piece of software called a fabric controller. Each fabric controller connected to another special piece of software known as the orchestrator. The orchestrator is responsible for managing everything that happens in Azure including responding to user requests. Users make requests using the orchestrator's web API. The web API can be called by many tools including the user interface of the Azure portal. When a user makes a request to create a virtual machine, the orchestrator package everything that's needed picks the best server rack, then sends the package and request to the fabric controller. Once the fabric controller has created the virtual machine, the user can connect to it. Azure makes it easy for developers and IT professionals to be agile when they build, deploy, and manage their applications and services. But this agility can have unintended consequences if unauthorized resources are created, or if resources are left running after they're no longer needed.