How we got into the Azure cloud

Speaker's environment was 3 sites with on premis kit
Problem to be solved
Was tied into a very expensive contract that was preventing the business from growing and needed to do something else.
Architects created a PoC in Azure and tested the legacy apps for minimal cost.
Advantage of Azure was rapid creation of environments to enable the business to try new things.
Issue – Link to Azure (ExpressLink) If MPLS already in place costs can be reasonable but expensive for new sites. VPN had issues with latency but mainly worked well. If possible, having on-premis kit in a co-lo DC with Azure backend link, is recommended.
Migration Plan
Build new! Mainly a dev lead project and infrastructure team had to learn on the job. Recommend starting early and getting to KNOW powershell and automation tools. Engineers need to cross skill and have broad depth of knowledge. (CBT Nuggets was found to be very useful)
Azure platform evolution is constant and original VMs are becoming old. Soon they will be unsupported and ‘unwelcome’ in Azure as VMs. The design has become an issue and will need replacing.
Recommend using large IP subnet range. 10.10.0.0 to future proof as they regret using small range.
Sometimes large VM computer types must be selected so that enough HDDs can be connected to get the required IOPs. 6 Months later new Azure options come available. So smaller machines can be purchased to lower monthly bills.
High Availablity
Don’t rely on Azure and design to use multiple sites.
  • Have had multiple Azure outages which have taken down the business. Service credits was the only comeback and telephone calls resulted in nothing happening. Have to take a different attitude and just ‘take it on the chin.’
  • Build cloud provider ‘down time’ into own SLA and business continuation planning.
Security is an issue, infrastructure engineers are having to become more security aware. (Good thing) New Azure features are become available but East / West traffic security was a concern. Worked around with Windows firewall.

COSTS

Bills are always to high and use automatic scripts to start servers early in morning and off at night, plus weekends.
On premise Azure is defiantly interesting as a way of managing costs.
2 years in, WAY over the forecast costs and this is now a board level issue. (Example from room was £30k per year forecast and this turning into the monthly actual cost!) Visibility of cost for specific applications is both a good & bad thing. Cost needs to be managed 24/7
Budget is one big IT pot and the dev burn through it very quickly. Moved responsibility of budget to dev manager who was origanally not VERY cost consous but then became so. This lead to more effiecenct solutions & designs.
If using PaaS databases you don’t have ‘admin’ access which makes it VERY hard to get data out of the database if you want to move it.

DANAGER

A single command could remove ALL virtual machines and data and it would be impossible to recover from. Azure backups only last for 7 days if you can afford them!
Audit people who can change Azure permissions.
Use lots of firewalls to protect VMs and restrict traffic.

Office 365

Great, would not go back. Talk about legal discovery options and features.

New ways of working

  • Don’t troubleshoot issues, simply recreate the VM and see if that fixes the issue. 99% of the time yes
  • Flex up and create more infrastructure when extra traffic is expected on the back marketing campaign – PROBLEM If the machines are not turned back off again, can lose lots of money voiding the benefits
  • Legacy kit does not need to go to cloud, no real benefits to justify it
  • StoreSimple are ‘interesting’ mini SANs
  • Never had so much storage capacity available. What 10 Tb storage no, sure, no problem…

Troubleshooting

Yes it is a problem, how do you fix the cloud?
‘Flaky’ VPN case study
  • Azure Insight talk – https://techug.org.uk/Blog/Virtualisation/MS-Azure-Application-Insights-feature
  • P1 support calls and resolved quickly but P3 is not a ‘happy’ experience. These calls must be paid for at extra cost, EVEN if the issue is due to an Azure root issue.

Mixing cloud providers

Staff skills already in Azure makes adding AWS unappealing…
  • Azure & AWS have different solutions to the same problem, so some HA use cases are interesting.

Leave a Reply

  • (will not be published)

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>