Using Azure for IaaS requires best practices, just as an on-premise deployment does. In this video, Sharon will outline the best practices for Azure virtual machines to keep the VMs safe, secure, and performing reliably. Topics will include high availability, storage, and virtual machine and data backups.
- [Narrator] Microsoft puts out a list of best practices and recommendations for virtual machines. I'm going to cover off some of the key ones here. Always understand what your virtual machine disk limits are. How many disks can you actually attach to that virtual machine? You always want to add a data disk, always, always, always. As soon as you create your virtual machine, I would like thinking about something in the back of your mind, jumping up and down saying, you need to do something. Oh, right, add a data disk, always add one. All your data should be stored on this data disk.
And be aware if your virtual machine can scale, and how far it can scale. If you require your virtual machines to always be on, meaning you can have absolutely no downtime, you must configure your virtual machines in an availability set. You will need at least two virtual machines within this availability set. This ensures that when your virtual machines are rebooted, and they will because they still have to be maintained by Microsoft, that you always have a virtual machine up and running.
Without this, your virtual machine may experience downtime. And a little trick about these availability sets, if you put a single virtual machine in an availability set, you will not be notified if there is going to be downtime on your virtual machine. Microsoft assumes if you have a virtual machine in an availability set, you have more than one virtual machine within that availability set. If your virtual machine is not in an availability set, you will receive an email letting you know of planned maintenance.
Your virtual machines are durable. There are six copies across two different data centers. Please note, this is not a backup. You still have to back up your virtual machines. And finally, some best practices. Just as we do on premise, in Azure we have to harden our virtual machines. Not only do we have to harden them, we have to lock them down. You can configure your Azure environment to only allow access from specific IP addresses if you wish. Maybe only certain users have access.
You need to lock down the environment, no different than what you have to do on premise. You are still responsible for patching your virtual machines Microsoft looks after everything from the concrete to the hypervisor level. You are responsible for everything after that. Stopping your virtual machines means you are not using the virtual machine, therefore you're not being charged. This is only true if you actually deallocate the resources. When you stop your virtual machine from the Azure portal, the virtual machine is deallocated, and you're not paying for that virtual machine to be running.
You are still paying for storage. If you stop the virtual machine from within the virtual machine, the virtual machine is stopped, but the resources have not been deallocated, and from Microsoft's point of view, you are still consuming those resources, therefore you will be billed for it. And finally, if you want to set up auto-scaling for your virtual machines, your virtual machines must be configured in an availability set, and your virtual machines must be at the standard-level tier.
Following these best practices and guidelines for your Azure infrastructure, will ensure your data is safe, and you have the best possible experience within Azure.
- Understanding cloud technologies
- Why Azure?
- Creating virtual networks and storage
- Using Azure Active Directory for identity management and protection
- Disaster recovery with Azure Backup and Azure Site Recovery
- Working with virtual machines