Everything You Need to Know About Azure Infrastructure -- May 2018 Edition
I predicted that the Build conference would give us lots of Azure news. In one respect, I was right; there was lots of news. However, it was mostly related to PaaS, data, machine learning/AI, and IoT services. A little came out of the conference for the world of infrastructure but lots of smaller things happened over the course of the month.
Say Goodbye to Traditional PC Lifecycle Management
Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.
What Service In Azure … ?
As a server person, you might find yourself facing a group of developers across a meeting room table one day. They’ll be asking you what services in Azure that you would recommend for their application’s platform.
If you spend enough time watching videos from the Microsoft Ignite conferences, you might have a good idea. However, each video is probably 75 minutes and there are many of them to watch over three years. A recently posted page on Microsoft Docs summarizes the decision-making process into a pretty simple flow chart.
Using this chart and some basic information, you can steer your way through choosing a compute platform for hosting the binaries of a new or migrated service.
One of the benefits and/or downsides of working in the cloud is the rate of change! I remember long conversations with people about “Codename Ibiza”, the once-new portal for Azure that would become the Azure Portal. I, like many others, did not like the new user interface. It felt unplanned, demanded too many clicks, and like you needed a pair of 84” Surface Hubs on your desk to browse it.
Unlike the old MMC tools for on-premises administration, the Azure Portal is very much alive and it changes very quickly. Only last week, one of my Azure course attendees found a bug and it was fixed for everyone within 24 hours of me reporting it. Change is constant in the Azure Portal, making instructional blog posts, such as those found here on Petri.com, impossible to keep up to date. I teach that it’s more important to understand the system than to rote-learn the steps.
The Build conference might not have resulted in lots of announcements for users of Azure IaaS but a number of Portal changes came during the week. One of my favorites was the improved screen for searching for and selecting a series/size when building a new virtual machine. The old experience was biased towards those trying to find a large virtual machine.
The new experience allows you to:
- Searcy for a machine size by name
- Filter the list by machine type, using the categories that Microsoft uses in its documentation
- Filter the list by storage type
- Find machines by minimum and maximum numbers of virtual processors
The table format breaks down important information about the machines, including processor, RAM, IOPS, data disk quantities, storage types (SSD includes HDD support), and any other interesting notes.
This new blade is a result of lots of feedback to Microsoft. Allegedly, there are over 175 virtual machine sizes and browsing through the old list had become a chore. One improvement is still needed. The misleading column name “Local SSD” needs to be renamed to “Temp Disk”.
Reserved Instances For You, And You …
Typically, we pay for Azure virtual machines on a per-minute pay-as-you-go (PAYG) basis. However, Enterprise Agreement (EA) and direct (credit card/MOSP) customers have had the option to pre-pay for virtual machines to get substantial discounts using a system called reserved instances (RIs). Now, this system has come to an important growth market for Microsoft called Cloud Solution Provider (CSP) where the sale and deployment go through a Microsoft partner.
The RI system is confusing and is not nearly as clear as the Microsoft pricing tools mislead us to believe. The tools show us that the cost of a machine is discounted each month, by a nice amount for a 1-year commitment and by a larger amount for a 3-year commitment.
In reality, RIs are much more complex than that:
- The cost of a machine can be (Windows Server) split between compute plus operating system.
- The RI cost of the compute is paid entirely up front for 1 years or 3 years.
- The operating system cost is paid for per month based on RI consumption.
- An RI is not assigned to a machine. It is dynamically matched based on machine deployment.
- You can return an RI for free in the first few days (see your terms and conditions for precise details) but after that, there are complications (terms and conditions once again).
The upfront payment is quite “un-cloud” but that’s business for you – cash commitments = discounts. The process is complicated and the tooling from Microsoft incorrectly presents data about estimated payments. If you know how the game is played, there are large discounts to be had on Azure virtual machines.
Other Announcements from Microsoft
Here are the various infrastructure announcements from the last month:
- Write Accelerator for M-Series Virtual Machines Now Generally Available
- AzCopy on Linux Now Generally Available
- Global VNet Peering Now Generally Available
- Monitor Microsoft Peering in ExpressRoute with Network Performance Monitor – Public Preview
- General Availability: Azure Storage Metrics in Azure Monitor
- Announcing Low-Priority VMs on Scale Sets Now in Public Preview
- Announcing First-Class Support for CloudEvents on Azure
- Azure M-series VMs Are Now SAP HANA Certified
- Azure Database Migration Service Now Generally Available
- Announcing Microsoft’s Own Content Delivery Network
- Azure Mobile App Is Now Generally Available
- Virtual Network Service Endpoints for Azure #CosmosDB Is Now Generally Available
- Azure Networking May 2018 Announcements
- Azure Confidential Computing
- Why Developers Should Enable Azure Security Center’s Just-in-Time VM Access
- Protect Virtual Machines Across Different Subscriptions with Azure Security Center
- New Azure Network Watcher Integrations and Network Security Group Flow Logging Updates
- Changes Coming to PowerShell (Preview) in Azure Cloud Shell
- New Updates for Microsoft Azure Storage Explorer
- Blue-Green Deployments Using Azure Traffic Manager
- An Update on the Integration of Avere Systems into the Azure Family
- Azure AD Authentication for Azure Storage Now in Public Preview
- New Capabilities to Enable Robust GDPR Compliance
- Azure Security Center Integration with Windows Defender Advanced Threat Protection for Servers
- Azure Lab Services Public Preview Released!
My Azure Posts on Petri
Here are the posts that I wrote for Petri.com about Azure after the April update:
- Comparing the Basic and Standard Azure Load Balancers
- Firewall Options for an Azure Virtual Network
- Options for Load Balancing Services in Azure
- Sharing Azure Portal Dashboards
- Enabling DDoS for Azure Virtual Networks
- Associating Azure Network Security Groups
- Swapping the OS Disk of an Azure Virtual Machine
- How to Deploy An Azure Virtual Machine (May 2018)
- Azure AD Login for Azure Linux VMs
- Changed Process for Remoting into Azure VMs
- Choosing an Azure Storage Account Type
And Now for Something Different
Android on Windows. Let that sink in. The Hyper-V team has been hard at work in the last few years. Its biggest customer is Azure. Windows Server containers started with Hyper-V. Windows Subsystem for Linux (WSL) is run by Hyper-V. And now … Android can run on Windows 10 1803 (not Windows Server Hyper-V).
Microsoft announced a Google Android emulator for Windows that is compatible with Hyper-V at the Build conference. This solves a complaint that many developers had with Hyper-V. They’d run Hyper-V for Windows/Linux virtual machines but this prevented other virtualization techs from working. But with this emulation, Android can work side-by-side with Hyper-V thanks to a new feature called the Windows Hypervisor Platform.