Azure Management
Last update: 2022
Interacting with Azure
Web portal (with Azure Cloud shell)
Azure CLI (Bash)
Azure PowerShell
ARM templating
Azure Blueprints
Azure Blueprints can be think of as a templates used to deploy subscriptions that will be configured with specific features and settings. It make the deployment of multiple subscriptions a way more easier and consistent while keeping a total flexibility on the modification of the settings once the Blueprint has been applied to a scope. Configurations and settings specified in a Blueprint are called "artifacts" which values can be pre determined in the template or define at the time of applying the Blueprint to a scope.
Azure Blueprints have a versioning feature allowing to keep tracks of changes.
Azure ARC
Azure ARC helps with the management of multi-clouds and hybrid environment. It is a solution to centralize the management and integration of resources from others environments into the Microsoft Azure environment such as:
Servers
Kubernetes clusters
Azure data services
SQL Server
Virtual machines (preview)
Azure Resource Manager
Azure Resource Manager acts as an intermediate between the Azure tools and the resources. When we ask Azure to create, delete, update, configure any resource, the request is sent to the Azure Resource Manager for authentication and authorization before being sent to the resources itself. This help to provide a better user experience with consistent results since every requests need to transit to the ARM API.
Azure Resource Manager make use of ARM templates to help with the creation of resources.
Azure ARM Templates
ARM templates are JSON file with declarative statement with indications on the configuration of resources to deploy. The deployment of resources are therefore more consistent and easy to manage.
Parallelization of the deployment (50 resources deploy at the same time - with the exact same configurations and states)
Deploy the resources in the correct order if one resource is dependent from another.
A verification is made to the code before the deployment.
Scripts can be integrated in ARM templates.
Management of resources
In Microsoft Azure resources are grouped which help to manage resources. At each level budget, policy and role and access based controls can be implemented. A group inherits from the policy, controls and features of its parent. In other words, it is a way of grouping and managing the resources.
Management groups (up to six levels) includes subscriptions. --> Subscriptions (mainly billing boundary) includes resources groups. --> Resources groups contains resources.
Resource groups (RG)
Here is listed some important considerations about RG
Every resources need to be in a RG.
One resource can not be in more than one RG.
RGs can not be nested.
Deleting one RG will delete all the resource within.
Role based access control (RBAC) can be applied to RG
Tags
Tags are metadata aiming at managing and organizing resources. Tags can be applied to resources, resource groups and subscriptions. We can use the search utilities to filter any resources with specific tags.
Examples of useful tags that could help better organize the Azure resources.
We could tag our resources based on:
ownership, department, location, geographical region
the criticalness of the resource
the confidentiality level
regulatory and compliance
development operations and usage (dev, test, prod, backup).
By default tags are not inherited. This means that if we apply a tag to a resources groups, the resources within the group won't be labelled with the tag. Tags are inherited only if applied via an Azure policy.
Management of costs
Factors that affect costs
Resources types
Geography (where my resources are located)
Number of resources
Type of work being done
Is a resource exist? Is a resource is running?
Licensing
Cost saving strategies
Reserve a specific quantity of resources for 1 up to 3 years to get a major discount.
Migrate your on-premise licenses to the cloud to save for the license cost.
Use serverless function and tools when possible.
Rent Azure Spot VMs to perform tasks when possible (for any works that can be interrupted). Microsoft Azure allows you to rent unused computer capacity for a lower price.
Pricing & TCO calculator
Azure offers two kind of pricing calculator. The "Pricing calculator" aim to estimate the cost of provisioned Azure resources while the TCO calculator can be used to compare the price of an on-premise vs Azure provisioned infrastructure.
Cost Management & alert tool
The Cost Management is a tool that indicate the total cost of your Azure resources specified for a specific time frame. The dashboard and graphic interface provide to the client a simple way to identify the main sector of expenses. The Cost Management can also be used to make a budget. Budget can be set for a Subscription, Resource groups, Service Types, etc.
Azure allows users to receive alerts and notifications when their usage or costs quota will soon or reach the quota. Users can receive alerts based on their Budget, Credits and Department spending quota alert.
Azure Advisor
Azure Advisor is a service available through the Azure portal or API. It gives recommendations about the Microsoft Azure cloud environment concerning the following areas:
Costs (spending optimization)
Security (security alerts, breachs)
Performance (performance optimization)
Reliability (make sure that your services are always available)
Operational Excellence (optimization of management operations)
Every recommendations can be remediated immediately, postpone or dismiss.
Last updated