If you’ve been using Azure for a while there’s a good chance you’re using the classic deployment model. ARM is the new model which will eventually replace classic, and already there is an amount of feature disparity where new features are only being added to ARM. I started looking into the logistics of moving the networking components over to ARM recently and was worried about cost, where you would potentially need to run two environments while moving from the old to the new. One of the big drivers for the change (from a networking perspective) is that NSG’s in ARM support logging:
- Event logs: You can use this log to view what NSG rules are applied to VMs and instance roles based on MAC address. The status for these rules is collected every 60 seconds.
- Counter logs: You can use this log to view how many times each NSG rule was applied to deny or allow traffic.
Great news for people that have been running blind out there!
Until recently an express route circuit created in the classic model could not coexist with one created in ARM – it meant no easy way of connecting these two environments. Microsoft have announced that this month you are able to upgrade ExpressRoute to ARM from Classic, and have VNET’s connected together that have been provisioned in both deployment models.
The documentation is here. I’ll be looking to upgrade our secondary express route connection in the comings weeks, so we can start exploring how easy the rest of the infrastructure will be to move.