Overview

Over the years, Microsoft has introduced various services related to the Azure monitoring and management stack to simplify, automate, and optimize workload deployments; make management easier; and improve monitoring of Azure compute, networking, and storage services. Microsoft has released regular updates to these services, introducing additional features and functionality, enhancing the service’s support matrix, and making it easier to deploy and manage with each iteration.

Following is a brief timeline of the announcement of each of these services in public preview or general availability.

• Azure BackupOct 2014

• Azure Site RecoveryOct 2014

• Azure MigrateJuly 2019

• Azure MonitorMar 2017

• Azure Network Monitor Jan 2018

• Azure PortalDec 2015

• Azure Cloud Shell (Bash)Nov 2017

• Azure Cost ManagementSept 2017

Each service provides customers with various options to address their infrastructure management, redundancy, resiliency, and recovery requirements.

This book dives into each of these services to highlight important considerations in deploying and managing them and to share associated best practices. You will initially focus on the features provided by each service and on service requirements; thereafter, you will explore in-depth concepts of each service and the components that make up that service. This will allow you to better understand how each service can deliver value in your Azure deployment. After this, you will focus on deployment considerations and strategies, with step-by-step walkthroughs that illustrate deployment and management methods followed by best practices.

Cloud service categories

As in earlier books in this series, let us start by first discussing the different types of cloud service categories. Currently, cloud services are broken down into four main categories: infrastructure as a service (IaaS), platform as a service (PaaS), function as a service (FaaS), and software as a service (SaaS). SaaS is not relevant to the content covered in this Microsoft Azure book series; hence we will focus on better understanding the first three categories:

• Infrastructure as a service (IaaS)Using virtual machines (VMs) with storage and networking is generally referred to as infrastructure as a service (IaaS). This is a traditional approach to using cloud services in line with on-premises workloads. Most on-premises environments use virtualization technologies such as Hyper-V to virtualize Windows and Linux workloads. Migrating to IaaS from such an environment is much easier than migrating to PaaS or FaaS. Over time, as an organization’s understanding of various other types of cloud services grows, it can migrate to PaaS or FaaS.

• Platform as a service (PaaS)One of the biggest benefits of using a cloud service is the capability to offload the management of back-end infrastructure to a service provider. This model is called platform as a service (PaaS). Examples of back-end infrastructure include different layers of the application, such as the compute layer, storage layer, networking layer, security layer, and monitoring layer. Organizations can use PaaS to free up their IT staff to focus on higher-level tasks and core organizational needs instead of on routine infrastructure monitoring, upgrade, and maintenance activities. Azure App Service and Azure Container Service are examples of Azure PaaS offerings.

• Function as a service (FaaS)Function as a service (FaaS) offerings go one step beyond PaaS to enable organizations to focus only on their application code, leaving the entire back-end infrastructure deployment and management to the cloud service provider. This provides developers with a great way to deploy their code without worrying about the back-end infrastructure deployment, scaling, and management. It also enables the use of microservices architectures for applications. An example of an Azure FaaS offering is Azure Functions.

From the Azure monitoring and management stack, the services largely fall under the PaaS category. For example:

• Azure Backup is a PaaS service that allows you to configure and manage backups in Azure and on-premises environments to protect both IaaS and PaaS workloads.

• Azure Site Recovery is a PaaS service that allows you to configure and manage disaster recovery for your workloads hosted in on-premises environments, such as Hyper-V and VMWare VMs, physical servers, and VMs hosted in Azure.

Each of these cloud-service categories has various features and limitations. Limitations might relate to the application, technological know-how, costs for redevelopment, among others. As a result, most organizations use some combination of different types of these cloud services to maximize their cloud investments.

Each service provides a different level of control and ease of management. For example:

• IaaS provides maximum control and flexibility in migration and use.

• FaaS provides maximum automation for workload deployment, management, and use.

• PaaS provides a mix of both at varying levels, depending on the PaaS service used.

Each service also offers varying levels of scalability. For example:

• IaaS requires the use of additional services to achieve true scalability and load balancing—for example, using Azure Load Balancer, a PaaS service, to balance requests across multiple Azure IaaS VMs.

• PaaS and FaaS services are generally designed with built-in scalability and load-balancing features.

Cost-wise, each service provides varying levels of efficiency. For example:

• FaaS offerings charge for compute services based only on the usage hours for compute services, making it extremely cost-effective.

• IaaS products charge for compute services regardless of usage once the compute service (for example, a VM) is online.

• PaaS offerings are a mixed bag depending on how the services are configured. Some PaaS products charge for compute resources regardless of usage, while others, if configured correctly, charge based on usage alone. For example, Azure Site Recovery is charged based on different factors:

  • There is a monthly site recovery license fee per protected physical or virtual server, based on average monthly usage.

  • The back-end storage used to store the replica data is billed based on storage usage per month and for any disk costs incurred during disaster recovery drills. In addition, storage transactions are billed based on monthly usage.

  • Bandwidth is charged for when replicating Azure VMs to another Azure region.

  • Recovery points created based on the replication policy will result in snapshots of the replica storage; these are charged for as well.

  • If you perform disaster recovery drills, there are additional charges for compute, networking, and storage resources based on actual consumption during each drill.

Service selection factors and strategies

There are certain factors to consider when selecting the Azure monitoring and management service for a given environment, based on application architecture, connectivity requirements, application security requirements, application delivery requirements, and other business needs. Let us start by understanding some of these key factors and the Azure monitoring and management services that best address them:

• Securely manage Azure environmentThe management stack provides multiple services that you can leverage to securely manage your Azure environment. These include the Azure Portal and Azure Cloud Shell services. While most admins heavily use the Azure Portal for most deployment, monitoring, and management activities, it is highly recommended that you develop Azure Cloud Shell skills, as it will allow you to perform repetitive actions in a much faster and more automated manner.

• Build redundancy for recovery ofinfrastructureThe Azure Backup and Azure Site Recovery services provide features to help you build redundancy for your environment. Based on your organizational requirements, you might deploy either one or both of these services. For example, Azure Backup is useful for long-term recovery point storage to allow you to restore data that might be days, weeks, months, or years old, whereas Azure Site Recovery is more suitable for short-term recovery points that can help you quickly recover Azure workloads in another Azure region with minimal downtime, but only if you restore from recovery points that are 48 to 72 hours old. Azure Backup can be considerably slower to use for data restoration compared to Azure Site Recovery, as you may need to deploy some infrastructure before you are able to recover the required data.

• Migrate on-premises resourcesThe Azure Migrate service is best suited to migrate on-premises hosted physical or virtual servers or other cloud-hosted IaaS VMs. Azure Site Recovery service allows you to synchronize your on-premises servers to Azure and migrate them over, but the Azure Migrate service is built to better assess and manage such migration activities.

• Optimizing Azure spendsThe Azure Cost Management service can help you better understand your Azure spends and areas for optimization and cost reduction. The service provides you with automated recommendations based on analysis of data collected by the service on the usage and sizing of each service. In addition, you can use the data provided by the service to perform manual assessments and optimizations based on your experience and understanding of your environment and hosted workloads.

• Monitoring Azure servicesThe Azure Monitor, Azure Network Monitor, and Azure Service Health services can help you to monitor the health of the overall Azure environment, Azure region, and services provided in a particular region or specific Azure networking components such as VPN. As we dive deeper into each service throughout this book, you will have more clarity on when each service can be leveraged in your environment.

As you can see, different factors can help you determine the monitoring or management service to use. As your understanding of these services improves during the course of reading this book, as you start to deploy and manage your Azure environment, and as your business needs evolve over time, you will be able to make better and wiser decisions on which service to leverage to meet those business demands.

Who is this book for?

Microsoft Azure Monitoring & Management: The Definitive Guide is for anyone interested in Azure infrastructure solutions—IT and cloud administrators, network professionals, security professionals, developers, and engineers. It is designed to be useful for the entire spectrum of Azure users. Whether you have basic experience using Azure or other on-premises or cloud virtualization technologies or you are an expert, you will still derive value from this book. This book provides introductory, intermediate, and advanced coverage of each monitoring and management service.

The book especially targets those who are working in medium-to-large enterprise organizations and have at least basic experience in administering, deploying, and managing Azure infrastructure or other virtualization technologies such as Microsoft Hyper-V, and are looking to enhance their understanding of how to build resiliency and redundancy in their on-premises and cloud environments and leverage the wide range of infrastructure services provided by Microsoft Azure.

How is this book organized?

This book is organized into nine chapters:

• Chapter 1: Azure Backup

• Chapter 2: Azure Site Recovery

• Chapter 3: Azure Migrate

• Chapter 4: Azure Monitor

• Chapter 5: Azure Network Watcher

• Chapter 6: Azure Portal

• Chapter 7: Azure Cloud Shell

• Chapter 8: Azure Service Health

• Chapter 9: Azure Cost Management

Each chapter focuses on a specific Azure monitoring and management service, covering its inner workings in depth, with walkthroughs to guide you in building and testing the service and real-world best practices to help you maximize your Azure investments.

The approach adopted for the book is a unique mix of didactic, narrative, and experiential instruction.

• The didactic component covers the core introductions to the services.

• The narrative leverages what you already understand and acts as a bridge to introduce concepts.

• The experiential instruction takes into account real-world experiences and challenges in small and large environments and the factors to consider while designing and implementing workloads. Step-by-step walkthroughs on how to configure each Azure monitoring and management service and its related features and options enable you to take advantage of all the benefits each service has to offer.

System requirements

To get the most out of this book, you must meet the following system requirements:

• An Azure subscriptionMicrosoft provides a 30-day USD200 trial subscription that can be used to explore most services covered in this book. Some services, such as dedicated hosts, cannot be created using the trial subscription, however. To test and validate these services, you will need a paid subscription. If you plan to deploy any of these restricted services, you will need to procure a paid subscription.

• Windows 10/11This should include the latest updates from Microsoft Update Service.

• Azure PowerShellFor more information, see docs.microsoft.com/en-us/powershell/azure/install-az-ps.

• Azure CLIFor more information, see docs.microsoft.com/en-us/cli/azure/install-azure-cli.

• Display monitorThis must be capable of 1024 x 768 resolution.

• Pointing deviceYou need a Microsoft mouse or compatible pointing device.

About the companion content

The companion content for this book can be downloaded from the following pages:

MicrosoftPressStore.com/AzureMonitoringTDG/downloads or github.com/avinashvaliramani/AzureMonitoringMgmtTDG

The companion content includes PowerShell and CLI code for each walkthrough in the book (where applicable).

Errata, updates, & book support

We’ve made every effort to ensure the accuracy of this book and its companion content. You can access updates to this book—in the form of a list of submitted errata and their related corrections—at:

MicrosoftPressStore.com/AzureMonitoringTDG/errata

If you discover an error that is not already listed, please submit it to us at the same page.

For additional book support and information, please visit MicrosoftPressStore.com/Support.

Please note that product support for Microsoft software and hardware is not offered through the previous addresses. For help with Microsoft software or hardware, go to support.microsoft.com.

Stay in touch

Let's keep the conversation going! We're on Twitter: twitter.com/MicrosoftPress.