Everything You Need to Know About Azure Infrastructure – November 2018 Edition

Microsoft Azure cloud hero
If you look at the below content and compare it to previous months you might find that there are not as many technical articles and releases by Microsoft. This is because we have entered one of the quiet periods in the Azure calendar. The holiday season is approaching and much of Microsoft will shut down for an extended period – introducing changes at this time of year is not normally considered a good thing! But we still do have some news.

Outages

In the cloud world, November 2018 will be remembered for Multi-Factor Authentication (MFA), an Azure AD feature that requires users to prove who they are when they attempt to sign in. The user does the usual keyboard dance of entering a username and password, and then MFA requires the user to enter a code (via SMS or the Microsoft authenticator app), confirm a sign-in attempt (the app) or answer a phone call. If you cannot prove your identity with MFA then you cannot sign in.

So, MFA would be considered a critical service. On November 19th, MFA suffered a serious outage that lasted for up to 14 hours for some customers. A series of issues, stemming from an update to Azure AD MFA, caused the outage. What made it worse was:

  • Microsoft’s own monitoring wasn’t detecting the issues correctly
  • The official status page was overloaded by customers and wouldn’t load for many of us.

A root cause analysis was released, promising fixes to the faults, the monitoring, and the status page. And a day or so later, on November 27th, MFA broke down again.
I’m a bit of a pragmatist with this stuff. IT breaks – that’s a fact of life. Imagine if you deploy some RSA solution, or some other on-premises MFA solution that has been pwned by the Chinese military, and that broke down. How quickly would you fix that? Wouldn’t you have an outage that damages the business?
What I don’t like about what we’re seeing from Microsoft is the quality, or lack of, in recent releases. Fail fast has a habit of failing frequently. I expressed my feelings in Microsoft Needs A Quality Review – I am convinced that Microsoft needs to re-think how it views quality control. The death of the tester role in Microsoft has expanded a drive in lower quality releases that started under Satya Nadella before his rise to CEO.

Reference Architectures

A resource that I find not enough people are using is the Microsoft Azure Architecture Center. Here you will find a number of design patterns for Azure solutions that Microsoft has created for many scenarios using different features of Azure. In particular, the reference architectures are extremely valuable, especially if you are learning Azure. I can read about different pieces, but unless I see how the thing is built, the words mean little. And I can read about individual components, but unless I see them together, there is little value.

A reference architecture for a Windows N-Tier workload with a SQL Server cluster [Image Credit: Microsoft]
A reference architecture for a Windows N-Tier workload with a SQL Server cluster [Image Credit: Microsoft]
The reference architectures share the design, the reasoning behind the design, a diagram in Visio format that you can download, and links to the JSON template(s) for deploying the depicted solution.

Other Announcements from Microsoft

Here are other Azure IaaS headlines from the past month:

My Azure Posts on Petri

Here are my Azure posts from the month of November:

And Now for Something Different

You have probably heard of Windows Admin Center, the relatively new HTML5 admin toolset for Windows Server. You might not have considered that Windows Admin Center can be used to integrate your on-premises machines with Azure or to manage your Windows servers that are running in Azure:

  • Deploy or configure Azure Site Recovery, Azure Backup, Azure Update Management – Azure File Sync support is coming.
  • Integrate with Azure AD authentication
  • Connect on-premises WS2019 servers quickly and easily to Azure virtual networks using the Azure Network Adapter.
  • Manage your Azure Windows servers as if they were on-premises.

All of the above is available now in the 1809 release of Windows Admin Center.