Microsoft Azure – Auto Scaling

Autoscaling v0.1The ability to dynamically scale to a public cloud was one of the mantra’s I used to hear a couple of years ago.  When reality struck and customers realised that there monolithic applications wouldn’t be suitable for this construct they realised they would need to re-architect.

Wind forward a couple of years and the use of Microsoft Azure Auto Scaling has become a reality, so with this in mind  I thought it would be a good idea to share a blog post on the subject.

What Is Auto Scaling?

Auto Scaling is the process of increasing either the number of instances (scale out/in) or the compute power (scale up/down) when a level of demand is reached.

Scale Up/Down

Scale Up or Down is targeted at increasing or decreasing the compute assigned to a VM.  Microsoft have a number of ways in which you can ‘scale up’ on the Azure platform.  To vertically scale you can use any of the following:

  • Manual Process – Simple keep your VHD and deploy a new VM with greater resources.
  • Azure Automation – For VM’s which are not identical you can use Azure Automation with Web Hooks to monitor conditions e.g. CPU over ‘x’ time greater than ‘x’ and then scale up the VM within the same series of VM
  • Scale Sets – For VM’s which are identical you can use Scale Sets which is a PaaS offering which ensures that fault, update domains and load balancing is built in.

Note that using a Manual Process, Azure Automation and Scale Sets to resize a VM will require a VM restart

The diagram below provides a logical overview of a Scale Set.

Scale Set v0.1

Scale Out/In

Scale Out or In is targeted at increasing or decreasing the number of instances, which could be made up of VM’s, Service Fabric, App Service or Cloud Service.

Common approaches are to use VM’s for applications which will support Scale Out/In.  Typically a piece of middleware that performs number crunching but holds no data or perhaps a worker role that is used to transport data from point a to be.

For websites it is more common to use App Service ‘Web Apps’ which in a nutshell provides a PaaS service and depending on the hosting option chosen Standard, Premium or Isolated will dictate the maximum number of instances and Auto Scale support.

Considerations

Auto Scaling requires time to scale up or out, it doesn’t respond to a single spike in CPU usage, it looks at averages over a 45 minute period.  Therefore it is suggested that if you know when a peak workload is likely it could be more efficient to deploy Auto Scaling using a schedule.

To ensure that a run away process doesn’t cause costs to spiral out of control, use tags, a different Azure subscription, email alerting or perhaps even limit the number of instances on Auto Scale.

Azure Migrate – Initial Thoughts

When Microsoft announced Azure Migrate at Ignite, I was enticed and signed up for the limited preview.  Having being accepted to the program I thought I would share my initial thoughts.

What Is Azure Migrate?

It a set of tools provided by Microsoft to enable you to provide a high level overview of your on-premises virtual machines and a possible migration approach to Microsoft Azure.

It’s components are as follows:

  • OVA file which is Windows Server 2012 R2 that runs a Collector that connects to vCenter to extract information.
  • Unique credentials that are entered into the Collector to securely report back information to Migrate PaaS within your Azure Subscription
  • Assessment that enables you to group virtual machines into readiness for Azure along with expected monthly costs

  • Azure Readiness assessment per virtual machine with data customization

  • Data export to Microsoft Excel to enable further information manipulation
  • Integration with OMS solution pack Service Map to provide application dependency mapping, communication paths, performance data and update requirements

Azure Migrate 04

On-Premises Support

In the limited preview, the support for on-premises systems in limited to vCenter 5.5 and 6.0.  However, I ran the Collector against a vCenter Server Appliance 6.5 without any issues.

The guest operating system extends to those supported by Microsoft Azure, which makes sense.

Known Issues

As this is a limited preview, I’m sure that these issues will be resolved in due course.

  • Windows Server 2016 showing as an ‘Unsupported OS’ in Azure Readiness report
  • SQL not providing a link to the Azure Database Migration Service
  • For 182 VMs the suggested tool is always ‘Requires Deep Discovery’

Final Thought

Azure Migrate will be a good starting point (when it is generally available) to provide a high level overview of readiness for Azure.  It will require human intervention to overlay application considerations to ensure they are natively highly available to meet customer SLA’s.

 

 

Azure Announcements September 2017

We are only two days into Microsoft Ignite and I thought I would share the announcements which I believe will become ‘heavy hitters’  in the near future.

Planned Maintenance (Preview)

One of the biggest deal breakers when migrating to public cloud, is the shear amount of single instance VMs in a customer estate which relay upon infrastructure availability to meet business SLA’s.   The cost to translate this into cloud native applications to place them into an Availability Group to receive an SLA from Microsoft and to minimise the impact of planned maintenance is often too burdensome, so they are left to wither on the vine on-premises.

Microsoft have recognised this issue and have announced ‘Planned Maintenance’ which means that you will be notified of when maintenance is going to occur and you will have up to four weeks to schedule in a reboot of your virtual machine.

This is a game changer for customers, and I would encourage you to read more here.

Azure Migrate (Preview)

To start the journey to public cloud services, you need to understand your application estate.  This is a process which should not be under estimated as many customer environments are poorly documented, application owners have left the business, operations and IT don’t really understand how an application is coupled together so trying to migrate anything but low hanging fruit often gets placed into the ‘too hard to deal with bucket’.

To counter act this, Microsoft have announced Azure Migrate which uses an application based approach for the following:

  • Discovery and assessment for on-premises virtual machines
  • Inbuilt dependency mapping for high-confidence discovery of multi-tier applications
  • Intelligent rightsizing to Azure virtual machines
  • Compatibility reporting with guidelines for remediating potential issues
  • Integration with Azure Database Management Service for database discovery and migration

I wondering if this will be a PaaS offering of Microsoft Assessment and Planning Toolkit? Any how read more here.

Azure File Sync (Preview)

You would have thought with the advent of SharePoint and OneDrive for Business that the traditional file server would be on the way out,  however file storage still continues to be an issue for many companies.  Microsoft have announced Azure File Sync which enables you to replicate file data across the globe and tier data from on-premises to Microsoft Azure without a StoreSimple device.

When more details are announced, I will be interested to understand how Microsoft deal with file locking and if this will be dealt with using Optimistic Concurrency, Pessimistic Concurrent or Last Writer Wins.  Also backup of data needs to be addressed as well.

For more information see here.

Azure DDoS Protection Service (Preview)

Security is always a hot topic when discussing public cloud services, figuring how you protect the ‘crown jewels’ is difficult and can be difficult to get Information Security Risk officers to agree on your approach.

To counter act this Microsoft have announced Azure DDoS Protection Service which in a nutshell protects a virtual network and everything behind it.  The service understands your normal application traffic profiles using machine learning and detects malicious traffic attacks.  Azure DDoS Protection can also be combined with Web Application Firewalls to provide protection from:

  • Request rate-limiting
  • HTTP Protocol Violations
  • HTTP Protocol Anomalies
  • SQL Injection
  • Cross site scripting

For more information see here.

 

Microsoft Azure Enterprise Cost Management

azureMicrosoft have announced the preview of Enterprise Cost Management for Azure, which is great news for Enterprise Agreement customers.

Until now gaining visibility of spend on an Azure Enterprise Agreement has been difficult to manage even when combined with Tags and Resource Groups.

It should also be noted that an Enterprise Agreement doesn’t provide spending limits (see offer details), quotas or even billing alerts (see prevent unexpected costs) so customers are often wary of migrating services to Microsoft Azure and/or providing access to their Azure Portals due to fear of being stung by large bills.

It is understandable that Microsoft do not want to ‘turn off’ customers workloads, however their could be a case for this in a development environment where a person leaves a ‘monster VM’ up and running of a month by mistake.

This is a step in the right direction, hopefully we will see billing alerts added in the not to distant future.

 

Azure Updates – Enhancement Summary April 2017 to July 2017

azureOver the past three months, I have been leading a delivery engagement which has meant that I’m not as up to speed as I perhaps should have been on the latest enhancements to Microsoft Azure.

With this in mind, I thought I would share with you , the feature enhancements over the past few months that have had the biggest impact to the customers I work with.

Azure Service Health (Preview)

Planned and unplanned maintenance events are always a hot topic when educating customers on the use of cloud for IaaS as it’s a paradigm shift from the on-premises operating model.

Rather than having an email letting you know that West Europe is going to be patched in the future or checking the Azure Status URL, Microsoft have rolled this up into Service Health.

In a nutshell this lets you know what ongoing issues in Azure services are impacting your resources, provides you with a PDF summary of the issue for problem management.

Read more here.

Azure VM Configuration Changes (Private Preview)

Let’s face it a significant proportion of operational outages are caused by people making changes without following the correct internal procedures.  To circumvent this, Microsoft have introduced Azure VM Configuration Changes which can track all Windows Services, Linus Daemons, Software by default.

Azure VM Configuration Changes also allows you to view changes in the last 30 minutes, hour, six hours, 7 days or 30 days so you can pinpoint when changes occurred to the VM.

See more here.

Azure Large Disks

One of the challenges around IaaS VMs was trying to fit existing file structures into or across multiple 1TB hard drives.  This caused a few challenges for customers who had to rework GPO’s or migrate data to enable the use of file services within Azure.

Another significant challenge was using Azure Site Recovery to protect a VM with a hard drive larger than 1TB.  To address both of these issues Microsoft have launchged 4TB for Azure IaaS VM’s,

See more here and here.

Azure Application Gateway

Security is always a hot topic when it comes to cloud and Microsoft has fixed the gap it had between DNS based Global Site Load Balancing using Traffic Manager and Azure Load Balancer which worked at Layer 4 (TCP/UDP).

Azure Application Gateway acts as a Web Application Firewall to protect from common web attacks such as SQL injection, cross site scripting and session hijacks.

Read more here.

Faster Azure VPN Gateway

When customers embark on their cloud journey, it normally starts with a Site to Site VPN whilst ExpressRoute is put in place.  A previous limiting factor with Site to Site VPN’s was the bandwidth limit and SLA.

Microsoft have resolved this by introducing a new series of VPN gateways appropriately titled VpnGw1, VpnGw2 and VpnGw3 which will provide an SLA of 99.95% with up to 1.25Gbsp throughput at the same cost as the previous gateways.

Read more here.