da Agency

Advancing the outage experience—automation, communication, and transparency

“Service incidents like outages are an unfortunate inevitability of the technology industry. Of course, we are constantly improving the reliability of the Microsoft Azure cloud platform. We meet and exceed our Service Level Agreements (SLAs) for the vast majority of customers and continue to invest in evolving tools and training that make it easy for you to design and operate mission-critical systems with confidence.

In spite of these efforts, we acknowledge the unfortunate reality that—given the scale of our operations and the pace of change—we will never be able to avoid outages entirely. During these times we endeavor to be as open and transparent as possible to ensure that all impacted customers and partners understand what’s happening. As part of our Advancing Reliability blog series, I asked Sami Kubba, Principal Program Manager overseeing our outage communications process, to outline the investments we’re making to continue improving this experience.”—Mark Russinovich, CTO, Azure

 

In the cloud industry, we have a commitment to bring our customers the latest technology at scale, keeping customers and our platform secure, and ensuring that our customer experience is always optimal. For this to happen Azure is subject to a significant amount of change—and in rare circumstances, it is this change that can bring about unintended impact for our customers. As previously mentioned in this series of blog posts we take change very seriously and ensure that we have a systematic and phased approach to implementing changes as carefully as possible.

We continue to identify the inherent (and sometimes subtle) imperfections in the complex ways that our architectural designs, operational processes, hardware issues, software flaws, and human factors can align to cause service incidents—also known as outages. The reality of our industry is that impact caused by change is an intrinsic problem. When we think about outage communications we tend not to think of our competition as being other cloud providers, but rather the on-premises environment. On-premises change windows are controlled by administrators. They choose the best time to invoke any change, manage and monitor the risks, and roll it back if failures are observed.

Similarly, when an outage occurs in an on-premises environment, customers and users feel that they are more ‘in the know.’ Leadership is promptly made fully aware of the outage, they get access to support for troubleshooting, and expect that their team or partner company would be in a position to provide a full Post Incident Report (PIR)—previously called Root Cause Analysis (RCA)—once the issue is understood. Although our data analysis supports the hypothesis that time to mitigate an incident is faster in the cloud than on-premises, cloud outages can feel more stressful for customers when it comes to understanding the issue and what they can do about it.

Introducing our communications principles

During cloud outages, some customers have historically reported feeling as though they’re not promptly informed, or that they miss necessary updates and therefore lack a full understanding of what happened and what is being done to prevent future issues occurring. Based on these perceptions, we now operate by five pillars that guide our communications strategy—all of which have influenced our Azure Service Health experience in the Azure portal and include:

Speed
Granularity
Discoverability
Parity
Transparency

Speed

We must notify impacted customers as quickly as possible. This is our key objective around outage communications. Our goal is to notify all impacted Azure subscriptions within 15 minutes of an outage. We know that we can’t achieve this with human beings alone. By the time an engineer is engaged to investigate a monitoring alert to confirm impact (let alone engaging the right engineers to mitigate it, in what can be a complicated array of interconnectivities including third-party dependencies) too much time has passed. Any delay in communications leaves customers asking, “Is it me or is it Azure?” Customers can then spend needless time troubleshooting their own environments. Conversely, if we decide to err on the side of caution and communicate every time we suspect any potential customer impact, our customers could receive too many false positives. More importantly, if they are having an issue with their own environment, they could easily attribute these unrelated issues to a false alarm being sent by the platform. It is critical that we make investments that enable our communications to be both fast and accurate.

Last month, we outlined our continued investment in advancing Azure service quality with artificial intelligence: AIOps. This includes working towards improving automatic detection, engagement, and mitigation of cloud outages. Elements of this broader AIOps program are already being used in production to notify customers of outages that may be impacting their resources. These automatic notifications represented more than half of our outage communications in the last quarter. For many Azure services, automatic notifications are being sent in less than 10 minutes to impacted customers via Service Health—to be accessed in the Azure portal, or to trigger Service Health alerts that have been configured, more on this below.

With our investment in this area already improving the customer experience, we will continue to expand the scenarios in which we can notify customers in less than 15 minutes from the impact start time, all without the need for humans to confirm customer impact. We are also in the early stages of expanding our use of AI-based operations to identify related impacted services automatically and, upon mitigation, send resolution communications (for supported scenarios) as quickly as possible.

Granularity

We understand that when an outage causes impact, customers need to understand exactly which of their resources are impacted. One of the key building blocks in getting the health of specific resources are Resource Health signals. The Resource Health signal will check if a resource, such as a virtual machine (VM), SQL database, or storage account, is in a healthy state. Customers can also create Resource Health alerts, which leverage Azure Monitor, to let the right people know if a particular resource is having issues, regardless of whether it is a platform-wide issue or not. This is important to note: a Resource Health alert can be triggered due to a resource becoming unhealthy (for example, if the VM is rebooted from within the guest) which is not necessarily related to a platform event, like an outage. Customers can see the associated Resource Health checks, arranged by resource type.

We are building on this technology to augment and correlate each customer resource(s) that has moved into an unhealthy state with platform outages, all within Service Health. We are also investigating how we can include the impacted resources in our communication payloads, so that customers won’t necessarily need to sign in to Service Health to understand the impacted resources—of course, everyone should be able to consume this programmatically.

All of this will allow customers with large numbers of resources to know more precisely which of their services are impacted due to an outage, without having to conduct an investigation on their side. More importantly, customers can build alerts and trigger responses to these resource health alerts using native integrations to Logic Apps and Azure Functions.

Discoverability

Although we support both ‘push’ and ‘pull’ approaches for outage communications, we encourage customers to configure relevant alerts, so the right information is automatically pushed out to the right people and systems. Our customers and partners should not have to go searching to see if the resources they care about are impacted by an outage—they should be able to consume the notifications we send (in the medium of their choice) and react to them as appropriate. Despite this, we constantly find that customers visit the Azure Status page to determine the health of services on Azure.

Before the introduction of the authenticated in-portal Service Health experience, the Status page was the only way to discover known platform issues. These days, this public Status page is only used to communicate widespread outages (for example, impacting multiple regions and/or multiple services) so customers looking for potential issues impacting them don’t see the full story here. Since we rollout platform changes as safely as possible, the vast majority of issues like outages only impact a very small ‘blast radius’ of customer subscriptions. For these incidents, which make up more than 95 percent of our incidents, we communicate directly to impacted customers in-portal via Service Health.

We also recently integrated the ‘Emerging Issues’ feature into Service Health. This means that if we have an incident on the public Status page, and we have yet to identify and communicate to impacted customers, users can see this same information in-portal through Service Health, thereby receiving all relevant information without having to visit the Status page. We are encouraging all Azure users to make Service Health their ‘one stop shop’ for information related to service incidents, so they can see issues impacting them, understand which of their subscriptions and resources are impacted, and avoid the risk of making a false correlation, such as when an incident is posted on the Status page, but is not impacting them.

Most importantly, since we’re talking about the discoverability principle, from within Service Health customers can create Service Health alerts, which are push notifications leveraging the integration with Azure Monitor. This way, customers and partners can configure relevant notifications based on who needs to receive them and how they would best be notified—including by email, SMS, LogicApp, and/or through a webhook that can be integrated into service management tools like ServiceNow, PagerDuty, or Ops Genie.

To get started with simple alerts, consider routing all notifications to email a single distribution list. To take it to the next level, consider configuring different service health alerts for different use cases—maybe all production issues notify ServiceNow, maybe dev and test or pre-production issues might just email the relevant developer team, maybe any issue with a certain subscription also sends a text message to key people. All of this is completely customizable, to ensure that the right people are notified in the right way.

Parity

All Azure users should know that Service Health is the one place to go, for all service impacting events. First, we ensure that this experience is consistent across all our different Azure Services, each using Service Health to communicate any issues. As simple as this sounds, we are still navigating through some unique scenarios that make this complex. For example, most people using Azure DevOps don’t interact with the Azure portal. Since DevOps does not have its own authenticated Service Health experience, we can’t communicate updates directly to impacted customers for small DevOps outages that don’t justify going to the public Status page. To support scenarios like this, we have stood up the Azure DevOps status page where smaller scale DevOps outages can be communicated directly to the DevOps community.

Second, the Service Health experience is designed to communicate all impacting events across Azure—this includes maintenance events as well as service or feature retirements, and includes both widespread outages and isolated hiccups that only impact a single subscription. It is imperative that for any impact (whether it is potential, actual or upcoming) customers can expect the same experience and put in place a predictable action plan across all of their services on Azure.

Lastly, we are working towards expanding our philosophy of this pillar to extend to other Microsoft cloud products. We acknowledge that, at times, navigating through our different cloud products such as Azure, Microsoft 365, and Power Platform can sometimes feel like navigating technologies from three different companies. As we look to the future, we are invested in harmonizing across these products to bring about a more consistent, best-in-class experience.

Transparency

As we have mentioned many times in the Advancing Reliability blog series, we know that trust is earned and needs to be maintained. When it comes to outages, we know that being transparent about what is happening, what we know, and what we don’t know is critically important. The cloud shouldn’t feel like a black box. During service issues, we provide regular communications to all impacted customers and partners. Often, in the early stages of investigating an issue, these updates might not seem detailed until we learn more about what’s happening. Even though we are committed to sharing tangible updates, we generally try to avoid sharing speculation, since we know customers make business decisions based on these updates during outages.

In addition, an outage is not over once customer impact is mitigated. We could still be learning about the complexities of what led to the issue, so sometimes the message sent at or after mitigation is a fairly rudimentary summation of what happened. For major incidents, we follow this up with a PIR generally within three days, once the contributing factors are better understood.

For incidents that may have impacted fewer subscriptions, our customers and partners can request more information from within Service Health by requesting a PIR for the incident. We have heard feedback in the past that PIRs should be even more transparent, so we continue to encourage our incident managers and communications managers to provide as much detail as possible—including information about the issue impact, and our next steps to mitigate future risk. Ideally to ensure that this class of issue is less likely and/or less impactful moving forward.

While our industry will never be completely immune to service outages, we do take every opportunity to look at what happened from a holistic perspective and share our learnings. One of the future areas of investment at which we are looking closely, is how best to keep customers updated with the progress we are making on the commitments outlined in our PIR next steps. By linking our internal repair items to our external commitments in our next steps, customers and partners will be able to track the progress that our engineering teams are making to ensure that corrective actions are completed.

Our communications across all of these scenarios (outages, maintenance, service retirements, and health advisories) will continue to evolve, as we learn more and continue investing in programs that support these five pillars.

Reliability is a shared responsibility

While Microsoft is responsible for the reliability of the Azure platform itself, our customers and partners are responsible for the reliability of their cloud applications—including using architectural best practices based on the requirements of each workload. Building a reliable application in the cloud is different from traditional application development. Historically, customers may have purchased levels of redundant higher-end hardware to minimize the chance of an entire application platform failing. In the cloud, we acknowledge up front that failures will happen. As outlined several times above, we will never be able to prevent all outages. In addition to Microsoft trying to prevent failures, when building reliable applications in the cloud your goal should be to minimize the effects of any single failing component.

To that end, we recently launched the Microsoft Azure Well-Architected Framework—a set of guiding tenets that can be used to improve the quality of a workload. Reliability is one of the five pillars of architectural excellence alongside Cost Optimization, Operational Excellence, Performance Efficiency, and Security. If you already have a workload running in Azure and would like to assess your alignment to best practices in one or more of these areas, try the Microsoft Azure Well-Architected Review.

Specifically, the Reliability pillar describes six steps for building a reliable Azure application. Define availability and recovery requirements based on decomposed workloads and business needs. Use architectural best practices to identify possible failure points in your proposed/existing architecture and determine how the application will respond to failure. Test with simulations and forced failovers to test both detection and recovery from various failures. Deploy the application consistently using reliable and repeatable processes. Monitor application health to detect failures, monitor indicators of potential failures, and gauge the health of your applications. Finally, respond to failures and disasters by determining how best to address it based on established strategies.

Returning to our core topic of outage communications, we are working to incorporate relevant Well-Architected guidance into our PIRs in the aftermath of each service incident. Customers running critical workloads will be able to learn about specific steps to improve reliability that would have helped to avoid and lessen impact from that particular outage. For example, if an outage only impacted resources within a single Availability Zone, we will call this out as part of the PIRs and encourage impacted customers to consider zonal redundancies for their critical workloads.

Going forward

We outlined how Azure approaches communications during and after service incidents like outages. We want to be transparent about our five communication pillars, to explain both our progress to date and the areas in which we’re continuing to invest. Just as our engineering teams endeavor to learn from each incident to improve the reliability of the platform, our communications teams endeavor to learn from each incident to be more transparent, to get customers and partners the right details to make informed decisions, and to support customers and partners as best as possible during each of these difficult situations.

We are confident that we are making the right investments to continuing improving in this space, but we are increasingly looking for feedback on whether our communications are hitting the mark. We include an Azure post-incident survey at the end of each PIR we publish. We strive to review every response to learn from our customers and partners and validate whether we are focusing on the right areas and to keep improving the experience.

We continue to identify the inherent (and sometimes subtle) imperfections in the complex ways that our architectural designs, operational processes, hardware issues, software flaws, and human factors align to cause outages. Since trust is earned and needs to be maintained, we are committed to being as transparent as possible—especially during these infrequent but inevitable service issues.
Quelle: Azure

da Agency

Build resilient applications with Kubernetes on Azure

Welcome to KubeCon EU 2020, the virtual edition. While we won’t be able to see each other in person at KubeCon EU this year, we're excited that this new virtual format of KubeCon will make the conference more accessible than ever, with more people from the amazing Kubernetes community able to join and participate from around the world without leaving their homes.

With everything that has been happening, the last year has been an up and down experience, but through it all I’m incredibly proud of the focus and dedication from the Azure Kubernetes team. They have continued to iterate and improve our Kubernetes on Azure that provides enterprise-grade experience for our customers.

Kubernetes on Azure (and indeed anywhere) delivers an open and portable ecosystem for cloud-native development. In addition to this core promise, we also deliver a unique enterprise-grade experience that ensures the reliability and security your workloads demand, while also enabling the agility and efficiency that business today desires. You can securely deploy any workload to Azure Kubernetes Service (AKS) to drive cost-savings at scale across your business. Today, we're going to tell you about even more capabilities that can help you along on your cloud-native journey to Kubernetes on Azure.

Improving latency and operational efficiency

One of the key drivers of cloud adoption is reducing latency. It used to be that it took days to get physical computers and set them up in a cluster. Today, you can deploy a Kubernetes cluster on Azure in less than five minutes. These improvements benefit the agility of our customers. For customers who want to scale and provision faster, we are announcing a preview of ephemeral OS disk support which makes responding to new compute demands on your cluster even faster.

Latency isn’t just about the length of time to create a cluster. It’s also about how fast you can detect and respond to operational problems. To help enterprises improve their operational efficiency, we’re announcing preview integration with Azure Resource Health which can alert you if your cluster is unhealthy for any reason. We’re also announcing the general availability of node image updates which allow you to upgrade the underlying operating system to respond to bugs or vulnerabilities in your cluster while staying on the same Kubernetes version for stability.

Finally, though Kubernetes has always enabled enterprises to drive cost savings through containerization, the new economic realities of the world during a pandemic mean that achieving cost efficiency for your business is more important than ever. We’ve got a great exercise that can help you learn how to optimize your costs using containers and the Azure Kubernetes Service.

Secure by design with Kubernetes on Azure

One of the key pillars of any enterprise computing platform is security. With market-leading features like policy integration and Azure Active Directory identity for Pods and cloud-native security have always been an important part of the Azure Kubernetes Service. I’m excited about some new features we’ve added recently to further enhance the security of your workloads running on Kubernetes.

Though Kubernetes has built-in support for secrets, most enterprise environments require a more secure and more compliant implementation. In the Azure Kubernetes Service, being enterprise-grade means providing integration between Azure Key Vault and the Azure Kubernetes service. Using Key Vault with Kubernetes enables you to securely store your credentials, certificates, and other secrets in state of the art, compliant secret store, and easily use them with your applications in an Azure Kubernetes cluster.

It’s even more exciting that this integration is built on the back of an open Container Storage Interface (CSI) driver that the Azure team built and open sourced for the entire Kubernetes community. Giving back to open source is an important part of what it means to be a community steward, and it was exciting to see our approach get validated as it was picked up and used by the HashiCorp Vault team for their secrets integration. Our open source team has been hard at work on improving many other parts of the security ecosystem. We’ve enhanced the CSI driver for Windows, and worked on cgroups v2 and containerd. If you want to learn more about how to secure your cloud-native workloads and make sure that your enterprise is following Microsoft’s best practices, check out our guide to Kubernetes best practices. They will teach you how to integrate firewalls, policy, and more to ensure you have both security and agility in your cloud-native development.

Next steps and KubeCon EU

I hope that you have an awesome KubeCon EU. As you go through the conference and learn more about Kubernetes, you can also learn more about Kubernetes on Azure with all of the great information online and in our virtual booth. If you’re new to KubeCon and Kubernetes and wondering how you can adopt Kubernetes for workloads from hobbyist to enterprise, we’ve got a great Kubernetes adoption guide for you.
Quelle: Azure

da Agency

How to optimize your Azure workload costs

The economic challenges posed by the global health pandemic continue to affect every organization around the world. During this difficult time, cost optimization has become an especially critical topic. Recently, we provided an overview of how to approach cost optimization on Microsoft Azure, which laid out three focus areas to help you get the most value out of your Azure investment: understanding and forecasting your costs, optimizing your workload costs, and controlling your costs.

Today, we’ll dive more deeply into the second focus area—how you can optimize your Azure workloads costs—and show you how guidance in the Microsoft Azure Well-Architected Framework, tools like Azure Advisor, and offers like the Azure Hybrid Benefit and Azure Reservations can help you operate more efficiently on Azure and save.

Design workloads for cost optimization using best practices from the Azure Well-Architected Framework

The Azure Well-Architected Framework is designed to help you build and deploy cloud workloads with confidence, using actionable and simple to use deep technical content, assessments, and reference architectures based on proven industry best practices. You can assess workloads against the five pillars of the Azure Well-Architected Framework cloud design—cost optimization, reliability, security, performance efficiency, and operational excellence—to help you focus on the right activities and to ensure you optimize workloads and proactively meet business needs.

The cost optimization section of the Azure Well-Architected Framework is all about managing costs to get the most value out of your Azure workloads and covers:

Cost management principles, a series of important considerations that can help you achieve both business objectives and cost justification.
Cost best practices for design, provisioning, monitoring, and optimization.
Trade-offs between cost and other pillars like reliability and performance.

A great way to get started with the Azure Well-Architected Framework is by taking the Azure Well-Architected Review. This review examines your workload against the best practices defined by the pillars of reliability, cost optimization, operational excellence, security, and performance efficiency. You can choose to take the review for any or all of the pillars, so you can start by focusing on cost optimization, if you prefer.

Optimize your Azure resources with best practice recommendations from Azure Advisor

Your workloads are composed of resources, so configuring your resources according to the latest Azure best practices is critical to ensuring your workloads are cost optimized. Azure Advisor is a free service that helps you optimize your already-deployed Azure resources for cost, security, performance, reliability, and operational excellence. Advisor is aligned with the Azure Well-Architected Framework, but is targeted at the resource level instead of the workload level. Advisor’s recommendations are personalized to your Azure environment based on your resource telemetry and configurations.

Examples of Advisor cost recommendations include rightsizing underutilized or shutting down unused resources, buying reserved instances to save over pay-as-you-go costs, and using storage lifecycle management. Our full list of Advisor cost recommendations is available.

Advisor offers several features to make it faster and easier to optimize your resources. Quick Fix enables one-click bulk remediation of recommendations, so you can multi-select resources you’d like to remediate. Click Quick Fix, and Advisor takes care of the rest. You can configure Advisor to display only the recommendations that mean the most to you, such as those for your production subscriptions and resource groups. Advisor alerts notify you when you have new recommendations, and Advisor recommendation digests remind you about available recommendations you haven’t remediated yet.

Visit the Advisor documentation to learn more and get started remediating your cost recommendations.

Save big on Azure by leveraging your existing on-premises licensing investment with the Azure Hybrid Benefit

The Azure Hybrid Benefit is a licensing benefit that lets you bring your Windows Server and SQL Server on-premises licenses with Software Assurance or subscriptions to Azure and save up to 85 percent compared to standard pay as-you-go rates,1 so you only pay for the compute costs on Azure. You can apply these savings across Azure SQL and Azure Dedicated Host.

License mobility benefits offered by Azure include the ability to bring your Windows Server and SQL Server licenses to the cloud, leverage SQL Server licensing in Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) environments, and gain additional licensing benefits, including 180-day dual use rights of your licenses, both on-premises and in Azure. For your heavily-virtualized workloads, you get four vCPUs of Azure SQL Database or Azure SQL Managed Instance for each core of SQL Server Enterprise.

These unique advantages plus additional benefits such as, free fail-over servers licensing for SQL Server disaster recovery and free extended security updates, make Azure the best-in-class cloud for Windows Server and SQL Server.

Check out the Azure Hybrid Benefit Documentation for more technical tutorials and resources.

Reserve upfront and pay less with Azure Reservations

Receive a discount on your Azure services by purchasing Azure Reservations, which is a one-year or three-year commitment to specific Azure services. Giving us visibility into your one-year or three-year resource needs in advance allows us to be more efficient. In return, we pass these savings onto you as discounts of up to 72 percent.2 When you buy a reservation, you immediately receive a discount and are no longer charged at pay-as-you-go rates. This offer is ideal for Azure services that use significant capacity or run for long periods of time in a consistent way.

Reservation discounts apply to the following eligible subscriptions and offer types:

Enterprise agreements (offer numbers: MS-AZR-0017P or MS-AZR-0148P).
Microsoft Customer Agreement subscriptions.
Individual plans with pay-as-you-go rates (offer numbers: MS-AZR-0003P or MS-AZR-0023P).
Cloud Solution Provider (CSP) subscriptions.

Learn more

Learn more about how to lower your upfront cash outflow with various monthly payment options at no additional cost in the reservations documentation.

You could achieve the lowest cost of ownership when you combine the Azure Hybrid Benefit, reservation pricing, and extended security updates. Cost optimize your Azure workloads today with these Azure cost saving options.

Check back soon for more cloud cost optimization guidance or visit our Azure cost optimization page to learn more.

1The 85 percent savings is based on 8-Core D13 v2 VM in East US 2 region. Savings are calculated from full price (license included) for SQL Server Enterprise edition VM against reduced rate (applying Azure Hybrid Benefit for SQL Server and Windows Server), which excludes Software Assurance costs for SQL Server and Windows Server, which may vary based on EA agreement or any applicable volume licensing agreement. Actual savings may vary based on region, instance size and compute family. Prices as of June 5, 2018 are subject to change.

2The 72 percent saving is based on one M32ts Azure VM for Windows OS in US Gov Virginia region running for 36 months at a pay-as-you-go rate of ~$3,660.81/month; reduced rate for a 3-year Reserved Instance of ~$663.45/month. Azure pricing as of October 30, 2018 (prices subject to change). Actual savings may vary based on location, instance type, or usage.
Quelle: Azure

da Agency

Prioritize datacenter discovery and readiness assessments to accelerate cloud migration

Cloud migrations are an effective way to drive operational efficiencies and to flip capital expenses to operational. Successful cloud migrations are rooted in bias towards action and execute with urgency towards triggers that need immediate attention. In our experience, migration projects that start with a deep understanding of the IT landscape, are best positioned to mitigate any complexities. In our experience, leaders who set actionable project goals and timelines, bring together teams and encourage solution thinking, and lean in to track progress towards well-defined objectives, are the most effective in helping their organizations realize cloud migration targets.

In the kick-off blog of this series, we listed prioritizing assessments as one of our top three recommendations to accelerate your cloud migration journey. Comprehensive cloud migration assessments should cover the entire fleet and help you arrive at key decisions related to candidate apps, optimum resource allocation, and cost projections. You’ll want to understand your applications, their on-premises performance, uncover dependencies and interrelated systems, and estimate cloud readiness and run-cost. This analysis is critical to fully recognize what you are working with and proactively understand how to best manage these resources in the cloud. Further, in our experience with customers, inadequately planned migrations—especially those that don’t focus on optimizing infrastructure resources and cost levers such as compute, storage, licensing, and benefits including Azure Hybrid Benefit and Software Assurance—often result in long-term sticker shock.

Prioritizing assessments is also important to keep your IT and financial organizations aligned around how to transform your business with Azure while keeping the cost structure lean to weather changing market conditions. We shared our guidance in this cloud migration blog to help you understand the financial considerations for cloud migrations and best practice guidance for managing cloud costs.

Comprehensive discovery with Azure Migrate and Movere

The discovery process can be slow and daunting, especially for enterprises that host hundreds of applications and resources across multiple datacenters. Arriving at an accurate baseline of your IT infrastructure is tedious and often requires you to connect disparate sets of information across various tools, sub-systems, and business teams. Leverage Azure Migrate or Movere to automate this process and quickly perform discovery and assessments of your on-premises infrastructure, databases, and applications. Movere is available via the United States and Worldwide Solutions Assessment program. Azure Migrate is available with your Azure subscription at no additional cost.

Azure Migrate discovery and assessment capabilities are agentless and offer the following key features:

Comprehensive, at-scale discovery features for Linux and Windows servers, running on hypervisor platforms such as VMware vSphere or Microsoft Hyper-V, public clouds such as AWS or GCP, or bare metal servers.
Discovery of infrastructure configuration and actual resource utilization in terms of cores, memory, disks, IOPS, and more so that you can right-size and optimize your infrastructure based on what you actually need to meet the desired application performance in Azure. Discovery of IOPS characteristics over a period of time results in an accurate prediction of resources that your applications need in the cloud.
Azure assessment reports that help you understand the various offers, SKUs, and offerings and associated cost of running your applications in Azure. You can customize for different scenarios and compare results to make decisions related to target regions, EA pricing, reserved instances, SKU consolidation, and more.
Features that help you inventory your applications and software components installed on your servers – this capability is crucial in understanding your application vendor estate and evaluating compatibility, end-of-support, and more.
Agentless dependency mapping so that you can visualize dependencies across different tiers of an application or across applications – this feature helps you design high-confidence migration waves and to mitigate any complexities upfront.

CMDBs, ITAM, and management tools enrich discovery data

Discovery and assessment results are important, but intersecting them with your existing on-premises data sources unlocks powerful insights, driving better decision-making. These are data sources that are great to get started with – your Configuration Management Database (CMDB), IT asset management systems (ITAM), Active Directory, management tools, and monitoring systems. Merging your rich IT data repositories with discovery and assessment reports broadens understanding across different dimensions and renders a more complete and accurate view of your business units, IT assets, and business applications.

Use Azure cost estimations from the assessment output and allocate the projections to various business teams to better recognize their future budgetary requirements. Compare Azure cost against the current spend to estimate potential cloud savings your teams can accrue by moving to Azure.
Identify machines that have reached their OS end-of-support and reference your CMDB to identify associated application owners and teams to prioritize migrations to Azure.
Filter out machines with high CPU and memory utilization, and correlate with performance events in your monitoring systems to identify applications with capacity constraints. These applications are ideal candidates that can benefit from Azure’s auto-scaling, and VM scale sets capabilities.
Identify related systems using the Azure Migrate dependency mapping feature, and map associated owners from your CMDBs and Azure AD to identify move group owners.
Identify servers with zero to low usage and work with owning business units on decommissioning options.
Understand the recommend migration window by mapping RTO/RPO information from your private data sources.
Understand your storage IOPS and projected application growth to select the appropriate Azure storage and disk SKUs.

These are just a few samples of the many insights that can be surfaced by unifying discovery and assessment results with IT data sources.

Data-driven progress tracking

CIOs and leaders who are on point for driving cloud migration initiatives should periodically track progress, identify and communicate migration priorities, and bring together stakeholders to ensure that teams on the ground are making progress. Dashboards that track progress on the projects and the quality of insights and actions being generated are effective tools to stay focused.

Some important dimensions that dashboards should include are datacenter cost trends, fleet size in terms of physical hosts, count of virtual servers, provisioned storage, OS distribution, VM density by host, resource utilization in terms of cores, memory, and storage. Additionally, views should help quickly identify important cloud migration triggers such as hardware that is coming up for refresh, OS versions that are hitting end-of-support, business units that are constrained by capacity.

Here is a sample PowerBI dashboard that an Azure customer is using to track the progress of their cloud assessment and migration project:

 
  

Next steps

Investigate the Microsoft Cloud Adoption Framework for Azure to align your cloud migration priorities and objectives before you start planning and ensure a more successful migration.
Make sure you start your journey right by understanding how to build your migration plan with Azure Migrate and reviewing the best practices for creating assessments.
For expert assistance from Microsoft or our qualified partners, check out our Cloud Solution Assessment offerings or join the Azure Migration Program (AMP).
To learn more and to get started, visit the Azure Migration Center.

Coming up next, we’ll explore a big topic that’s key to succeeding in your migrations: anticipating and mitigating complexities. We’ll talk about the organizational challenges and decisions you’ll need to make as you start planning and executing your cloud migrations.

Share your feedback

Please share your experiences or thoughts as this series comes together in the comments below—we appreciate your feedback.
Quelle: Azure

da Agency

New Azure SQL Learning Tools help reduce the global technology skills gap

Microsoft’s learning solutions pave the way toward data-centric jobs of the future

"It’s been forecasted 800 million people need to learn new skills for their jobs by 2030. In this time of change, people are hungry to learn, gain new skills, and grow their economic opportunity.”—Satya Nadella, CEO, Microsoft

Across Microsoft, we are helping a new generation of technology workers develop the right level of skills. Recently, Microsoft announced the availability of new virtual learning programs. These programs, focused on technical topics, are already helping people enhance their digital expertise and, for some, are providing a foundation for success in a new career path.

Building upon this goal, we're excited to announce the Azure Data team’s latest additions to these educational programs.

Our all-new content will help beginners being introduced to Azure as well as SQL experts learn how to understand the benefits of Azure SQL. Since SQL Server and Azure SQL share the same engine, these new set of tools builds upon familiar content. This means SQL Server professionals can become Azure SQL professionals with just a little bit of help, such as:

Microsoft Learn learning path: This six-course Azure SQL fundamentals learning path provides a built-in lab environment for you to learn at your own pace without a subscription.

YouTube/Channel9 series: We offer more than 60 videos to help beginners learn more about Azure SQL. Viewers can experience on-demand training through Microsoft Developer and Azure SQL playlists on YouTube and Channel9.

GitHub content: Learners and educators can dig into open-source code in a scenario-driven GitHub workshop, where forking and redelivering is encouraged. You can access this content by visiting the SQL Server workshops page and selecting “Workshop: Azure SQL”.

Learn Live in the Azure SQL Bootcamp: In this four-day series of live sessions, Microsoft SQL experts Anna Hoffman and Bob Ward will help you get ramped up and support you as you learn. You can sign up for Azure SQL Bootcamp here to join us.

Azure SQL’s rapid adoption creates new opportunities

Azure SQL adoption is accelerating at a dramatic growth rate and will continue on this trajectory for the foreseeable future. Azure SQL unlocks new opportunities for our customers to optimize costs, build resiliency, and promote agility with AI-based features, rapid scaling capability, and much more.

A few weeks ago, a Morgan Stanley report noted, “The key insight of [the] 2nd edition of our New Stack monthly is that the relational database, commonly viewed as outdated for the digital era, is not only not dead but is seeing a resurgence reflecting strong growth in cloud. MSFT is a key beneficiary with the top share in cloud and overall".

It’s a terrific time to join the Azure SQL community and fine-tune your technical skills. If you have questions about the benefits, opportunities, or process of making a move from SQL on-premises to SQL in the Cloud, we can lend a hand to guide you. Our new learning materials answer these questions and go into greater technical depth. On Twitter, you can follow us @AzureSQL and get more involved in the community with the #AzureSQL.

Kudos due to our SQL community 

I’d like to take a moment to acknowledge a few members of our team who gathered feedback from customers, took that information to heart and developed our new curriculum. First, a heartfelt thank you to Anna Hoffman, Data Scientist, for your dedicated efforts to providing customers the latest content and for enabling more scalable platforms to deliver it. I’d also like to thank Bob Ward, one of our SQL visionaries, who has invested over 26 years driving SQL development. Last but not least, I’m grateful to Buck Woody, who has written hundreds of articles about databases to help educate future data experts.

Jumpstart your journey

In these uniquely challenging times, it is more important than ever for Microsoft to equip our SQL community with new tools and resources to help you succeed. Whether you are a SQL expert, or someone just starting, I encourage you to visit our latest resources and find out how you can jumpstart your journey to learn about Azure SQL.
Quelle: Azure

da Agency

Announcing preview of Java Message Service 2.0 over AMQP on Azure Service Bus

Azure Service Bus simplifies enterprise messaging scenarios by leveraging familiar queue and topic subscription semantics over the industry-driven AMQP protocol. It offers customers a fully managed platform as a service (PaaS) offering with deep integrations with Azure services to provide a messaging broker with high throughput, reliable latency while ensuring high availability, secure design, and scalability as a first-class experience. We aim to offer Azure Service Bus for customer workloads on most application stacks and ecosystems.

In keeping with that vision, we’re excited to announce preview support for Java Message Service (JMS) 2.0 over AMQP in Azure Service Bus Premium tier. With this, we empower customers to seamlessly lift and shift their Java and Spring workloads to Azure while also helping them modernize their application stack with best in class enterprise messaging in the cloud.

As enterprise customers look to lift and shift their workloads to Azure, they may take the opportunity to modernize their application stack by leveraging cloud-native Azure offerings. This is more appropriate for components on the data plane, storing or moving data, which benefit from moving away from an infrastructure as a service (IaaS) hosted setup to a more cloud-native PaaS setup.

With databases and data stores, the establishment of standardized APIs and protocols has paved the way for seamless migration, wherein the application is agnostic of the actual provider or implementation of this standardized API and with negligible or configuration only code changes, the applications can move from their current on-premises provider to Azure’s fully managed PaaS offering with expected behavior.

The enterprise messaging ecosystem has been largely fragmented compared to the data ecosystem until the recent AMQP 1.0 protocol standardization in 2011 that drove consistent behavior across all enterprise message brokers guaranteed by the protocol implementation. However, this still did not lead to a standardized API contract, perpetuating the fragmentation in the enterprise messaging space.

The Java Enterprise community (and by extension, Spring) has made some forward strides with the Java Message Service (JMS 1.1 and 2.0) specification to standardize the API utilized by producer and consumer applications when interacting with an enterprise messaging broker. The Apache QPID community furthered this by its implementation of the JMS API specification over AMQP. QPID-JMS, whether standalone or as part of the Spring JMS package, is the de-facto JMS implementation for most enterprise customers working with a variety of message brokers.

Connect existing applications with Azure Service Bus over AMQP

With the feature list supported with this preview (with full parity planned by general availability), Azure Service Bus supports all Java Message Service API contracts, enabling customers to bring their existing applications to Azure without rewriting the application. Here is a list of JMS features that are supported today:

Queues.
Topics.
Temporary queues.
Temporary topics.
Subscriptions.

Shared durable subscriptions.
Shared non-durable subscriptions.
Unshared durable subscriptions.
Unshared non-durable subscriptions.

QueueBrowser.
TopicBrowser.
Auto-creation of all the above entities (if they don’t already exist).
Message selectors.
Sending messages with delivery delay (scheduled messages).

Seamless migration from on-premises or IaaS hosted JMS provider to Azure Service Bus

To connect an existing JMS based application with Azure Service Bus, simply add the Azure Service Bus JMS Maven package or the Azure Service Bus starter for Spring boot to the application’s pom.xml and add the Azure Service Bus connection string to the configuration parameters.

With configuration only code changes, as shown above, customers can keep their business logic agnostic of the message broker and avoid any vendor lock-in.
  

Simple pricing, painless deployments, and scalable resourcing

By leveraging Azure Service Bus JMS support, customers can now avoid the overhead of procuring licenses, managing an enterprise messaging broker on their own IaaS Compute, simplify cost management with a fixed price per messaging unit, and by leveraging automatic scale up and down provisioning to address variability in workloads.

Integrate with other Azure offerings to further modernize your application stack

You can also leverage Azure Service Bus’s integration with other Azure offerings to modernize and simplify the application stack. Here are some ways on how you can do that.

Azure Logic Apps: Utilize Azure Logic Apps connectors for Azure Service Bus to replace various critical business workflows with a simple low-code pay-as-you-go Serverless offering.
Azure Functions: Utilize Azure Functions triggers for Azure Service Bus to replace custom applications with a simple pay-as-you-go serverless PaaS offering.
Azure Monitor and Alerts: Utilize Azure monitor and alerts to keep an eye on the Azure Service Bus Namespace, Queue, Topics, and Subscriptions level metrics.
Azure KeyVault: Utilize integration with Azure KeyVault to encrypt the data on the namespace with a customer-managed key.
Virtual Networks and Private endpoints: Secure access to Azure Service Bus using Virtual network service endpoints. Connect with a cloud-hosted service via an address hosted on your private network using Private endpoints.

Get started today

Get started today by provisioning a Service Bus namespace with JMS features and migrating your existing Java and Spring applications from Active MQ to Service Bus.
Quelle: Azure

da Agency

Azure Cost Management + Billing updates – July 2020

Whether you're a new student, thriving startup, or the largest enterprise, you have financial constraints, and you need to know what you're spending, where, and how to plan for the future. Nobody wants a surprise when it comes to the bill, and this is where Azure Cost Management + Billing comes in.

We're always looking for ways to learn more about your challenges and how Azure Cost Management + Billing can help you better understand where you're accruing costs in the cloud, identify and prevent bad spending patterns, and optimize costs to empower you to do more with less. Here are a few of the latest improvements and updates based on your feedback:

Drilling into empty fields and untagged resources in cost analysis.
What's new in Cost Management Labs.
New ways to save money with Azure.
New videos and learning opportunities.
Documentation updates.

Let's dig into the details.

 

Drilling into empty fields and untagged resources in cost analysis

Azure Cost Management + Billing includes all usage, purchases, and refunds for your billing account. Seeing every line item in the full usage and charges file allows you to reconcile your bill at the lowest level, but since each record can represent different charge types, which may have different properties, aggregating them within cost analysis can result in groups of empty results. This is when you see groups like "no value," "other purchases," or "untagged". Now you can filter down to these empty values and group by other attributes to drill in and understand your costs.

You can drill into data in cost analysis by either adding an explicit filter using the filter pills at the top or by clicking any grouped segment in the charts. When you add a filter using the filter pills, you'll see a new "No value" option. This accounts for any and all scenarios where that property might be empty. Here are a few examples:

Other subscription resources: Services that aren't deployed to resource groups do not have a resource group name.
Untagged resources: There are 3 categories of costs that don't have tags: Resources that simply don't have tags applied (Untagged), resources with tags that aren't included in usage data (Tags not available), and charges that cannot be tagged at all (Tags not supported).
Purchases: Since purchases aren't associated with an Azure resource, you might see placeholders for Azure or Marketplace purchases. Azure purchases cover Microsoft offers, like reservations and Azure Active Directory. Marketplace purchases cover any third-party offers available from the Azure Marketplace.

After filtering down to "No value," group data by different properties to get a clearer picture of what that represents. As an example, group by publisher type or charge type to identify Marketplace costs or purchases, respectively, when you see meter and service properties are empty.

You can also click a chart segment to drill into these costs. Clicking any of the placeholders will automatically apply the "No value" filter pill for that property.

Use this new filtering capability to drill in to and understand your costs and let us know what you'd like to see next.

 

What's new in Cost Management Labs

With Cost Management Labs, you get a sneak peek at what's coming in Azure Cost Management and can engage directly with us to share feedback and help us better understand how you use the service, so we can deliver more tuned and optimized experiences. Here are a few features you can see in Cost Management Labs:

Show billing menu items on the Cost Management menu – Now available in the portal.
See all Cost Management + Billing menu items together in one place with quick navigation between scopes.

Of course, that's not all. Every change in Azure Cost Management is available in Cost Management Labs a week before it's in the full Azure portal. We're eager to hear your thoughts and understand what you'd like to see next. What are you waiting for? Try Cost Management Labs today.

 

New ways to save money with Azure

We're always looking for ways to help you optimize costs. Here's what's new this month:

Save even more on VMs with five-year Hybrid Benefit reservations.
Support for Azure Hybrid Benefit v2 VMs in Japan East.
Reduce your Data Lake storage costs with the new, ultra low-cost Archive tier.
More flexible options with ephemeral OS disks, enabling you to save on storage costs.

 

New videos and learning opportunities

For those visual learners out there, here's one new video you might be interested in:

Azure Cosmos DB: A cost-effective database for cloud native applications (part one) (12 minutes).
Azure Cosmos DB: A cost-effective database for cloud native applications (part two) (11 minutes).
How to optimize costs with Azure Kubernetes Service (AKS) and PostgreSQL (10 minutes).
Cost optimization with Windows containers (6 minutes).

Follow the Azure Cost Management + Billing YouTube channel to stay in the loop with new videos as they're released and let us know what you'd like to see next.

Want a more guided experience? Start with Control Azure spending and manage bills with Azure Cost Management + Billing.

 

Documentation updates

Here are a couple documentation updates you might be interested in:

Noted that early termination fees are not being charged for reservation refunds.
Documented support for budget alert thresholds above 100 percent.

Want to keep an eye on all of the documentation updates? Check out the Cost Management + Billing doc change history in the azure-docs repository on GitHub. If you see something missing, select Edit at the top of the document and submit a quick pull request.

 

What's next?

These are just a few of the big updates from last month. Don't forget to check out the previous Azure Cost Management + Billing updates. We're always listening and making constant improvements based on your feedback, so please keep the feedback coming.

Follow @AzureCostMgmt on Twitter and subscribe to the YouTube channel for updates, tips, and tricks. And, as always, share your ideas and vote up others in the Cost Management feedback forum.

We know these are trying times for everyone. Best wishes from the Azure Cost Management team. Stay safe, and stay healthy!
Quelle: Azure

da Agency

Eight ways to optimize costs on Azure SQL

Across the globe, businesses are emerging into a new normal, eager to restart or rebuild, but still operating in uncertain times. Optimizing costs and redirecting the spend to where it matters most is as important as ever, and many companies see the cloud as a way to control costs, build resilience, and accelerate time to market.

Customers choose Azure for a variety of reasons, but one of the main reasons is to lower their costs. What more could you do if you could save up to 80 percent or more on your database costs? We introduced the Azure SQL family of database services to help businesses cost-effectively adapt and scale to rapidly changing conditions. Here are the top eight ways you can optimize your data spend, with savings available wherever you are in your digital transformation journey.

1. Maintain business continuity in the cloud with free SQL Server licenses

Use your active Software Assurance benefit to get a free license for every SQL Server in your datacenter for a secondary passive replica you can use for disaster recovery to an Azure Virtual Machine.

2. Shift capex to opex with SQL Server on Azure Virtual Machines

Migrating your data to virtual machines hosted on Azure can yield real savings, over $10 million in three years,1 by avoiding the cost and complexity of buying and managing your own physical servers. With SQL Server on Azure Virtual Machines, Azure manages the infrastructure while you purchase, install, configure, and manage your own software. Benefit even more when you register your VM with Resource Provider and operate more productively with a comprehensive set of manageability features like automated backups, patching, and AlwaysOn availability groups.

3. Protect your data with free security updates

For applications that rely upon SQL Server 2008 or 2008/R2, activate three years of free extended security updates when you migrate to Azure Virtual Machines. Use Azure Site Recovery for easy migration to the cloud with pre-configured SQL Server 2008 and 2008 R2 images in Azure Gallery.

4. Boost productivity with fully managed Azure SQL database services

Modernize your existing apps on evergreen, fully managed services that are always on the latest version of SQL Server, where backups, high availability, performance tuning, data protection, and more are performed on your behalf. A recent Forrester Consulting study indicated Azure SQL Database and Azure SQL Managed Instance provide up to a 238 percent return on investment in addition to productivity improvements up to 40 percent.2

“We’ve reduced our operating costs by about 70 percent or one-seventh of our previous IT budget. We’re using those savings to focus on research and development to make our product better and faster.” Shoji Ueda: Senior Architect, Benesse Corporation

5. Use your SQL Server licenses for discounted rates on Azure

Save up to 80 percent3 versus other cloud providers with Azure Hybrid Benefit, a unique offer that maximizes the value of your on-premises licenses in the cloud. Unlike the License Mobility benefit on other clouds, Azure Hybrid Benefit covers your Windows Server licenses, too, and eases the migration of heavily virtualized SQL Server workloads by providing four vCores of SQL Database or SQL Managed Instance for every one core of SQL Server Enterprise. On top of this, you get 180-days of dual-use rights so you can maintain your on-premises operation while migrating to Azure.

6. Optimize costs through better insights

Use Azure Advisor to obtain cost savings insights on idle or underutilized VMs. Or, use Azure Cost Management to monitor and control your storage expenses and optimize usage in your SQL databases.

7. Pay only for the resources you use

Pay by the second with the only serverless SQL in the cloud. SQL Database serverless automatically scales, pauses, and resumes compute resources based upon your workload activity, so you only pay for the resources you consume. Icertis, a leading provider of contract lifecycle management in the cloud, cut its database costs by nearly 70 percent with SQL Database serverless.

“Azure SQL Database serverless enables us to offer an even more robust and resilient solution, helping us build deeper partnerships with our customers and go to market stronger than ever before.” Purna Rao, Senior DevOps Architect, Icertis

8. Commit upfront and lock-in rates for up to three years

Reduce your compute costs by up to 72 percent4 versus pay-as-you-go pricing and budget more effectively with reservation pricing. You can save even more, up to 80 percent, when you combine reservation pricing with Azure Hybrid Benefit. Prepay upfront at a reserved price or with convenient monthly payments at no extra cost.

When you factor in the savings from Azure Hybrid Benefit with the performance on Azure, you get an unbeatable value for your mission-critical workloads, costing up to 86 percent less5 than AWS on SQL Database and up to 84 percent less6 for workloads on SQL Server on Azure Virtual Machines.

Get started with Azure SQL today

Need help with next steps? We can guide you to the right Azure SQL service for your workload and the tools and services to help you cost-effectively migrate to the cloud.

Azure. Invent with Purpose.

1 “The Total Economic ImpactTM of Microsoft Azure IaaS,” a commissioned study conducted by Forrester Consulting in August 2019 on behalf of Microsoft.

2“The Total Economic ImpactTM of Migration to Azure SQL Managed Databases,” a commissioned study conducted by Forrester Consulting in March 2020 on behalf of Microsoft.

3 Calculations based on scenarios running 744 hours/month for 12 months at 3-year Reserved Instances or Reserved Capacity. Prices as of 10/24/2018, subject to change. Azure Windows VM calculations based on one D2V3 Azure VM in US West 2 region at the SUSE Linux Enterprise Basic rate. AWS calculations based on one m5.Large VM in US West (Oregon) using Windows Server pay-as-you-go rate for Reserved Instances under Standard 3-year term, all upfront payment. SQL Server calculations based on 8 vCore Azure SQL Database Managed Instance Business Critical in US West 2 running at Azure Hybrid Benefit rate. AWS calculations based on RDS for SQL EE for db.r4.2xlarge on US West (Oregon) in a multi AZ deployment for Reserved Instances under Standard 3-year term, all upfront payment. Extended security updates cost used for AWS is based on Windows Server Standard open NL ERP pricing in USD. Actual savings may vary based on region, instance size, and performance tier. Savings exclude Software Assurance costs, which may vary based on Volume Licensing agreement. Contact your sales representative for details.

4 The 72 percent saving is based on one M32ts Azure VM for Windows OS in US Gov Virginia region running for 36 months at a Pay as You Go rate of ~$3,660.81/month; reduced rate for a 3-year Reserved Instance of ~$663.45/month. Azure pricing as of 10/30/2018 (prices subject to change). Actual savings may vary based on location, instance type, or usage.

5 Price-performance claim based on data from a study commissioned by Microsoft and conducted by GigaOm in August 2019. The study compared price performance between a single, 80 vCore, Gen 5 Azure SQL Database on the business-critical service tier and the db.r4.16xlarge offering for SQL Server on AWS RDS. Benchmark data is taken from a GigaOm Analytic Field Test derived from a recognized industry standard, TPC Benchmark™ E (TPC-E), and is based on a mixture of read-only and update intensive transactions that simulate activities found in complex OLTP application environments. Price-performance is calculated by GigaOm as the cost of running the cloud platform continuously for three years divided by transactions per second throughput. Prices are based on publicly available US pricing in East US for Azure SQL Database and US East (Ohio) for AWS RDS as of August 2019. Price-performance results are based upon the configurations detailed in the GigaOm Analytic Field Test. Actual results and prices may vary based on configuration and region.

6 Price-performance claims based on data from a study commissioned by Microsoft and conducted by GigaOm in February 2020. The study compared price performance between SQL Server 2019 Enterprise Edition on Windows Server 2019 Datacenter edition in Azure E32as_v4 instance type with P30 Premium SSD Disks and the SQL Server 2019 Enterprise Edition on Windows Server 2019 Datacenter edition in AWS EC2 r5a.8xlarge instance type with General Purpose (gp2) volumes. Benchmark data is taken from a GigaOm Analytic Field Test derived from a recognized industry standard, TPC Benchmark™ E (TPC-E). The Field Test does not implement the full TPC-E benchmark and as such is not comparable to any published TPC-E benchmarks. Prices are based on publicly available US pricing in West US for SQL Server on Azure Virtual Machines and Northern California for AWS EC2 as of January 2020. The pricing incorporates three-year reservations for Azure and AWS compute pricing, and Azure Hybrid Benefit for SQL Server and Azure Hybrid Benefit for Windows Server and License Mobility for SQL Server in AWS, excluding Software Assurance costs. Actual results and prices may vary based on configuration and region.
Quelle: Azure

da Agency

Creating cloud ready environments with Azure landing zones

Moving to the cloud creates an opportunity to pause and think about how to operate the IT environment. Most organizations in the world have seen their ability to innovate and adopt cloud technologies slowed down by the rules and operating model that governs their existing IT environments. Organizations have their own set of processes, tools, and dedicated staff to ensure that these environments can continuously support business needs.

With the move to a cloud environment, IT has access to new tools and processes that unblock IT operations. By revisiting the operating model, technology-focused teams and Azure partners can help organizations improve agility, cost, and scale.

Azure landing zones in the Microsoft Cloud Adoption Framework for Azure are designed to accelerate efforts to map, modernize, or even reimagine the operating model. Azure landing zones help build a cloud environment aligned to the optimal technology operations specific to your needs in the cloud.

As the following analogy illustrates, a standardized foundation can’t fit the variety of needs seen by organizations and operating models. Respecting any need for options and customization, we provide a range of landing zone architectures and implementation options. Organizations can use the implementation option that most clearly aligns to their current cloud strategy. As the approach to managing, operating, and governing the cloud platform matures, you can support your customers and refactor their Azure landing zone implementation to reflect changes to their operating model.

Landing zone analogy

The cloud environment is similar to laying a foundation in any construction project. All architects have to consider common decisions when designing and laying the foundation for any building. They all share things like concrete, rebar, and conduits to bring in necessary utilities, like plumbing or electricity. While foundations contain similar elements and considerations, they may have other considerations that make them unique and wildly different. The foundation for a house is concise and well-contained. The foundation for a stadium is larger and more complex. The foundation for a bridge is even more complex and may require stricter governance and performance standards. Designing the right foundation requires an understanding of what that foundation will support.

The cloud environments, created by Azure landing zones, are very similar as they are all built from the same common design elements. While commonalities exist across all environments, each landing zone implementation is customized to support a specific type of structure or cloud operating model. Like traditional foundations, the cloud environment will require review, modification, and iteration by an experienced architect to ensure that it supports the organization’s long-term needs.

When getting started or rethinking operations, Azure landing zones help accelerate the design, review, and implementation of the cloud environment. When working with your customers to accelerate their journey, Azure landing zones can guide your collaboration, as you validate, customize, and expand Azure landing zones to build the foundation for their digital transformation.

Azure landing zones

Azure landing zones provide a clear architecture, reference implementations, and code samples to create the initial cloud environment. This environment will support all other adoption efforts by consistently applying a set of common design areas. These design areas represent how the operating model is supported in the cloud.

Azure landing zones implementation options provides a reference implementation or approach to help make decisions regarding networking, identity, resource organization, governance, operations, and other design areas that impact the environment. The options provide a structure, which organizations can follow, to ensure all minimal design considerations have been made and decisions are reflected consistently across the cloud environment.

Azure landing zones implementation options

Azure landing zones are designed to meet our customers distinct needs based on today’s requirements, and then provide a clear path to customize and mature any personalized landing zone implementation. This starts with choosing an landing zone implementation option, which will quickly deploy a starting point for the cloud environment.

Some of the Azure landing zones are small by design to encourage skills development and customization. The “start small” implementation options establish an infrastructure-as-code approach and then provide the IT team with a series of decisions guides. This approach helps guide the thoughts and decisions that need to happen. This iterative approach builds the foundation in parallel to the cloud adoption plan to help the team make concrete decisions, as cloud experience matures.

For organizations with well-defined operating models, the “enterprise-scale” implementation option fills in those decisions. This option includes very detailed solutions for security, governance, and operations. These solutions are automated and enforced by Azure Policy and other governance tools in the reference implementations. When starting with enterprise-scale, organizations can reduce the number of decision points and implement a proven cloud operating model faster.

Azure landing zones development

Regardless of the landing zone chosen, the Ready methodology of the Cloud Adoption Framework (CAF) for Azure helps guide organizations while developing the skills needed to create and support their cloud environment. The theory behind Azure landing zones brings well-established development practices to the infrastructure management function.

As Azure landing zones are implemented and customized, the team will develop skills in general Azure architecture. It is also important to learn how to refactor landing zones to meet new business and technical requirements and how test-driven development can ensure high-quality changes are adding value to the cloud environment. You’ll also experience how the governance tools in Azure can be used to create an environment factory to provide your customers with the rapid deployment of security, well-governed, well-managed azure landing zones.

As your customer’s cloud adoption efforts advance, you can use the guidance found in the Govern and Manage methodologies to further help them mature their governance and operational management postures. As these processes and disciplines mature, Azure landing zones and the suite of Azure governance tools provide a convenient approach to apply changes to existing environments. This allows the collective technology teams to mature governance and management at the right pace, while ensuring that such progress isn’t stalled by technical compatibility challenges.

Learn more

To learn more about Azure landing zones, check out the Ready section under the Cloud Adoption Framework (CAF) including:

Read Azure landing zones defined.
Review the Azure landing zone design areas and begin thinking about your landing zone requirements.
Evaluate the Azure landing zone implementation options to find the deployment approach that best aligns with your needs.

If you are ready to help your customers deploy Azure landing zones, the following resources will help you get started:

Start small and expand: Deploy the CAF migration landing zone blueprint to start building out a migration ready environment. Add the CAF blueprint to begin adding governance tooling to any environment.
Start with enterprise-scale: For a more robust implementation, deploy the CAF enterprise-scale landing zones leveraging the reference implementation.
Third-party, multi-cloud option: Use CAF Terraform modules to deploy landing zones.

Already have workloads on Azure and want to assess them against best practices? Check out the Microsoft Azure Well-Architected Framework and the Microsoft Azure Well-Architected Review.

Grow your business and strengthen your position, as a trusted cloud advisor, by leveraging Azure landing zones to create the right cloud environment to support your customer’s cloud adoption needs! Building on the right environment, ensures that your own and your customers’ modern operations are able to support the innovation and migration needs of the organization. Adopting the cloud on top of Azure landing zones is the first step to unlocking the agility, scale, and cost benefits of the cloud across your customer’s IT portfolio.
Quelle: Azure

da Agency

Monitoring Azure Arc enabled Kubernetes and servers

Azure Arc is a preview service that enables users to create and attach Kubernetes clusters both inside and outside of Azure. Azure Arc also enables the user to manage Windows and Linux machines outside of Azure the same way native Azure Virtual Machines are managed. To monitor these Azure Arc enabled clusters and servers, you can use Azure Monitor the same way you would use it for the Azure resources.

With Azure Arc, the Kubernetes clusters and servers are given a full-fledged Azure Resource ID and managed identity, enabling various scenarios that simplifies management and monitoring of these resources from a common control plane. For Kubernetes, this enables scenarios such as deploying applications through GitOps-based management, applying Azure policy, or monitoring your containers. For servers, users also benefit from applying Azure policies and collecting logs with Log Analytics agent for virtual machine (VM) monitoring.

Monitoring Azure and on-premises resources with Azure Monitor

As customers begin their transition to the cloud, monitoring on-premises resources alongside their cloud infrastructure can feel disjointed and cumbersome to manage. With Azure Arc enabled Kubernetes and Servers, Azure Monitor can enable you to monitor your full telemetry across your cloud-native and on-premises resources in a single place. This saves the hassle of having to configure and manage multiple different monitoring services and bridges the disconnect that many people experience when working across multiple environments.

For example, the below view shows the Map experience of Azure Monitor on an Azure Arc enabled server, with the dashed red lines showing failed connections. The graphs on the right side of the map show detailed metrics about the selected connection.

Also, here you can see your data from Azure Kubernetes Services (AKS), Azure Arc, and Azure Red Hat OpenShift side-by-side in Azure Monitor for containers:

Using Azure Monitor for Azure Arc enabled servers

Azure Monitor for VMs is a complete monitoring offering that gives you views and information about the performance of your virtual machines, as well as dependencies your monitored machines may have. It provides an insights view of a single monitored machine, as well as an at-scale view to look at the performance of multiple machines at once.

Azure Arc enabled servers fit right into the existing monitoring view for Azure Virtual Machines, so the monitoring view on an Azure Arc enabled server will look the same as the view of a native Azure Virtual Machines. From within the Azure Arc blade, you can look at your Azure Arc machines and dive into their monitoring, both through the Performance tab, which shows insights about different metrics such as CPU Utilization and the Map tab, which shows dependencies.

In the at-scale monitoring view, your Azure Arc machines are co-mingled with your native Azure Virtual Machines and Virtual Machines Scale Sets to create a single place to view performance information about your machines. The monitoring data shown in these at-scale views will include all VMs, Virtual Machines Scale Sets, and Azure Arc enabled servers that you have onboarded to Azure Monitor.

The Getting Started tab provides an overview of the monitoring status of your machines, broken down by subscription and resource group.

The Performance tab shows trends at scale, as the performance in certain metrics of all the machines in the chosen subscription and resource group. Within the at-scale view, with the provided Type filter, you can drill down any view to show either your native Azure Virtual Machines, native Azure Virtual Machine Scale Sets, or your Azure Arc enabled servers.

You can check out our onboarding documentation to learn how to start monitoring your Azure Arc enabled Servers.

Using Azure Monitor for Azure Arc enabled Kubernetes

Azure Monitor for Containers provides numerous monitoring features to create a thorough experience to understand the health and performance for your Azure Arc clusters.

Azure Monitor provides both an at-scale view for all your clusters, ranging from standard AKS, AKS-engine, Azure Red Hat OpenShift, and Azure Arc. Azure Monitor provides important details, such as:

Health statuses (healthy, critical, warning, unknown).
Node count.
Pod count (user and system).

At the resource level for your Azure Arc enabled Kubernetes, there are several key performance indicators for your cluster. Users can toggle the metrics for these charts based on percentile and pin them to their Azure Dashboards.

In the Nodes, Controllers, and Containers tab, data is displayed across various levels of hierarchy with detailed information in the context blade. By clicking on the View in Analytics, you can take a deep dive into the full container logs to analyze and troubleshoot.

Next steps

There are Azure Monitor Workbooks and Grafana integrations available as well if you want to explore additional metrics or create your own custom monitoring experiences.

You can check out our onboarding documentation to learn how to start monitoring your Azure Arc enabled Kubernetes clusters.
Quelle: Azure