Everything You Need to Know About Azure Infrastructure – August 2018

Posted on by Aidan Finn in Microsoft Azure

In this post, I will summarize what’s been going on in Azure IaaS in August, and I’ll also discuss a few features and services that you might have missed or forgotten about.

Governance

One of the topics that I have found myself talking to customers about lately is governance in Microsoft Azure. Azure offers a number of tools to help you with governance – control, auditing, and role-based access control:

  • Management Groups: This feature, which reached general availability in August, allows you to create an inheritance hierarchy for grouping and organizing subscriptions in your tenant (linked to your Azure AD domain).
  • Resource Groups & Resources: Everything you deploy is a resource and is deployed into a resource groups. Resource groups can be used to logically group resources, such as AppA in a resource group called AppA.
  • Role-Based Access Control: Azure provides a set of roles and enables you to create custom roles that can be used to assign rights to groups of users within Azure. The concept is that you can give people just enough rights to get the job done. Permissions can be assigned, using these roles, to resources (ideally not), resource groups, subscriptions, and management groups.
  • Azure Policy: You can create and deploy policies to control and restrict what is deployed, and how it is deployed/configured in Azure. Policies can be deployed to management groups, subscriptions, and resource groups.
  • Activity Log: Everything that happens in Azure is logged in the Activity Log, such as a successful backup, creating a virtual machine, removing a database, or planned maintenance by Microsoft. You can create alerts to trigger action groups so you know when these things happen.
Azure management groups [Image Credit: Microsoft]
Azure management groups [Image Credit: Microsoft]

Managed Disks

Microsoft introduced managed disks in February of 2017. The old method of deploying disks, a page blob in a storage account, was renamed to un-managed disks. Un-managed disks are the past, and are no longer developed or improved. You have always been convert the un-manged disks of single virtual machines and availability set virtual machines into managed disks using PowerShell.

Why would you want to upgrade to managed disks? Firstly, it’s because they are what Microsoft are developing. For example, the new Standard SSD tier of disk (low latency and smooth flow of data) will only be available as an un-managed disk. Secondly, it’s because they are easier to own and offer more functionality. Imagine that you deployed a machine with Premium SSD storage and your monitoring indicated that you always use less than 500 IOPS and latency isn’t a big issue. Those disks might be candidates to convert to Standard tier disks. I can do that with a few clicks in the Azure Portal if they are manged disks. If they are un-managed disks then life will be … interesting.

When I’m assisting customers or looking at consumption billing, I still see a massive number of un-managed disks, even in Resource Manager (ARM) deployments (a requirement for managed disks). I think that this has been because most people don’t read blogs or attend tech events/training, and never discover the new options.

As of this month, the conversion to managed disks can be done in the Azure Portal. A banner appears in the overview of virtual machines with un-managed disks, making it more discoverable for customers. Clicking the banner will lead the operator to a new Migrate To managed Disks blade which will orchestrate the process, requiring a shutdown, for you.

Migrating virtual machines to managed disks in the Azure Portal [Image Credit: Microsoft]
Migrating virtual machines to managed disks in the Azure Portal [Image Credit: Microsoft]

Other Announcements from Microsoft

Here are other Azure IaaS headlines from the past month:

My Azure Posts on Petri

Here are my Azure posts from the month of August:

And Now for Something Different

Power BI – there’s a product that I thought I would never blog about. My employer, a CSP Indirect distributor that sells Microsoft (and other vendor’s) services through Microsoft partners, ran a Power BI course a few months ago and I sat in on it. I was hooked on it immediately. Using Power BI, you can take in data sources from many places such as SQL Server, Excel, Azure SQL, CSV, a table on a web page, Oracle, DB2, Sybase, SharePoint, and many more, and then visualize that data in easy to consume reports.

We struggle to understand what our resellers were doing with Microsoft Azure, how usage was growing, who was doing well, who was doing interesting things, and trying to understand micro-cost spends. Every month, my employer gets a huge reconciliation report from Microsoft for our resellers’ Azure usage. This report has a line-by-line summary and daily usage information for every resource in every Azure subscription. As you can imagine, this is not something you want to read.

Then I installed Power BI Desktop on my Surface Book and imported this CSV file, and generated a bunch of visual reports with tables, filters, pie and bar charts, and even AI-based analytics. In a matter of hours, our understanding of the business had evolved – if you can evolve from nothing. Every month, this data is ingested, and we can see who’s growing, who’s not, and we have a greater understanding of Azure usage.

Why am I not using Azure Cost Management? Many reasons:

  • It’s based on RRP rates in US Dollars only.
  • The old Cloudyn tool isn’t that useful in our Azure channel (Cloud Solution Provider or CSP)
  • I find that the data in Cloudyn is pretty useless – that’s just my opinion!

If you have data that you’d like to understand then give Power BI a look. By the way, many Microsoft cloud services have content packs that are easy to connect and have built-in visualizations, such as Azure AD, Azure Activity Log, and Azure Backup.

BECOME A PETRI MEMBER:

Don't have a login but want to join the conversation? Sign up for a Petri Account

Register