It’s been even longer…

Busy as ever, I’ve not had much opportunity to spend any time writing. I’m still heavily involved in cloud and these are some of my current thoughts.

  • We need to start looking at ARM (ie Azure v2). When we deployed apps in Azure there was only one way of doing it – configuring each aspect of an application either by powershell or with the web gui. Configuring a web app, for example, required you to create a subscription, a vnet, a subnet, the storage account etc. Azure Resource Manager brings a simplified way of deploying apps – in Microsoft’s own words,  “You can deploy, manage, and monitor all of the resources for your solution as a group, rather than handling these resources individually.” Many of the old and new azure components cannot coexist so in order to change to ARM we’ll basically need to start from scratch.
  • There is still a need for proper firewalls in Azure. NSG’s are still really laborious and cumbersome to administer. A simple change often requires changing many NSG policies as there is still no concept of object groups. With vendors such as Barracuda, Checkpoint, and Fortinet all offering products in Azure, I think it’s time to deploy these so DMZ environments can be more easily managed.
  • Billing is important – understand what services will cost, tag and size resources appropriately.
  • Don’t get too crazy with VNET’s. Each VNET will incur charges when the gateway is provisioned. Do you really need one for Test, Dev, and Prod or could you role all of these into one, and separate them by subnets and NSG’s ?

I’ll try and post a little more regularly.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.