Azure real world questions

randomcat

Expert Member
Joined
Dec 15, 2018
Messages
2,049
the real question is do you want to get the paper cert or do you actually want to learn how to work in azure ?
Lol I'm interested in cloud computing and programming. I'm just learning how things fit together and what I can do with it.
 

mojoman

Expert Member
Joined
May 15, 2007
Messages
1,430
the real question is do you want to get the paper cert or do you actually want to learn how to work in azure ?
Im quite interested in it...Id like to get more security services knowledge in this.
I do the exams so I can actually finish a course and dont get half way and then start something else! Pay my money and then I am committed to finishing! Dont like to waste my Rands!
 

Gnome

Executive Member
Joined
Sep 19, 2005
Messages
6,508
I gather from this that AWS is the go to these days? Is Azure history or? Just curious :D

Edit: Founds this. I'm clueless on AWS so this is quite informative.
My guess is AWS and Azure are pretty close on pricing so doubt that is what he means.

A lot of "old school"/"IT guys" believe that they are being ripped off by AWS or Azure.

I'm on the AWS side as you, know little to nothing about Azure or their ecosystem, so I can only comment from the AWS perspective.

But you can't put a price on not needing to worry about your "dedicated server" having a hardware failure, then you need to email the company because they don't have monitoring. Then their connections go down. No virtual networking, etc. etc. etc.

Comparing these local dedicated hosting options to AWS is like comparing a bicycle to a top of the line car.
They aren't in the same league, not even in terms of use cases.

I also put dedicated in quotes because some of them have fine print where you actually get part of the machine. Don't even want to imagine what the security, availability, reliability & consistency is like in that situation.
 

ubercal

Expert Member
Joined
Dec 5, 2005
Messages
3,086
My guess is AWS and Azure are pretty close on pricing so doubt that is what he means.

A lot of "old schoolers" believe that they are begin ripped off by AWS or Azure.

I'm on the other side of the fence, AWS, so can't speak to Azure.

But you can't pay a price on not needing to worry about your "dedicated server" having a hardware failure, then you need to email the company because they don't have monitoring. Then their connections go down. No virtual networking, etc. etc. etc.

Comparing these local dedicated hosting options to AWS is like comparing a bicycle to a top of the line car.
They aren't in the same league, not even in terms of use cases.

I also put dedicated in quotes because some of them have fine print where you actually get part of the machine. Don't even want to imagine what the security, availability, reliability & consistency is like in that situation.
best is a hybrid approach with having some services on prem and other in the cloud.There is no one "right" solution.
 

Gnome

Executive Member
Joined
Sep 19, 2005
Messages
6,508
best is a hybrid approach with having some services on prem and other in the cloud.There is no one "right" solution.
I really don't see what you need on-premises equipment for but many, many old school companies are convinced this is way so who am I to argue
 

Hellhound105

Executive Member
Joined
Jun 5, 2018
Messages
6,896
I really don't see what you need on-premises equipment for but many, many old school companies are convinced this is way so who am I to argue
Also not here to argue.

I'm on the Azure side.

I don't have to worry about site security, air con, electricity, hardware failure, UPS.....etc.

All that I worry about on site is the wifi devices and ensuring the Mikrotik has a IPsec tunnel active to Azure.
 

Gnome

Executive Member
Joined
Sep 19, 2005
Messages
6,508
Also not here to argue.

I'm on the Azure side.

I don't have to worry about site security, air con, electricity, hardware failure, UPS.....etc.

All that I worry about on site is the wifi devices and ensuring the Mikrotik has a IPsec tunnel active to Azure.
Yep +1000

I think there is this misconception of not putting your data in a place you don't "control".
But if you aren't encrypting in transit and at rest, you've lost already.

As for data centres for companies like Amazon, MS, etc. they do business with the US government (ie. The CIA's has their own Amazon data centre).
Because of that their security on site is super tight.
You can't get into the site unless you have been authorised.
Opening the doors sets of alarms that notify people on site and remotely (in other countries, so it isn't something that goes unnoticed)
Their employees get background checks every 6 months.

(I have friends working there, hence the info on how it works)

Overall your company's data centre is for sure less secure.
 
Last edited:

Gnome

Executive Member
Joined
Sep 19, 2005
Messages
6,508
are you a developer ?
Yep, specifically in the dev-ops realm. Roughly 30% of my time is spent on operations for large fleets of servers. The rest of the time I'm developing software in a number of languages, at the moment primarily Kotlin.
 

ubercal

Expert Member
Joined
Dec 5, 2005
Messages
3,086
Yep, specifically in the dev-ops realm. Roughly 30% of my time is spent on operations for large fleets of servers. The rest of the time I'm developing software in a number of languages, at the moment primarily Kotlin.
i might be wrong but i get the sense with developers only think about their specific application and not the "bigger" picture and how everything ties in/interconnect together.This can be seen in the thread , as it all centers on bespoke web applications which is perfect for the cloud.Most companies that are running an IT infrastructure with with microsoft active directory will go with a hybrid approach and leverage the best of both on prem and cloud.
 

randomcat

Expert Member
Joined
Dec 15, 2018
Messages
2,049
i might be wrong but i get the sense with developers only think about their specific application and not the "bigger" picture and how everything ties in/interconnect together.This can be seen in the thread , as it all centers on bespoke web applications which is perfect for the cloud.Most companies that are running an IT infrastructure with with microsoft active directory will go with a hybrid approach and leverage the best of both on prem and cloud.
Is there any document that explains how a system was put together? Like a case study. It will be an interesting read or conversation. I don't really have experience ,so I try to find how and why certain technologies or stacks fit together.
 

DA-LION-619

Honorary Master
Joined
Aug 22, 2009
Messages
13,271
best is a hybrid approach with having some services on prem and other in the cloud.There is no one "right" solution.
Cloud in the SA context is very much colocation.
I really don't see what you need on-premises equipment for but many, many old school companies are convinced this is way so who am I to argue
Solutions that are sensitve to network latency.
Is there any document that explains how a system was put together? Like a case study. It will be an interesting read or conversation. I don't really have experience ,so I try to find how and why certain technologies or stacks fit together.
Not really, but Stack Overflow has a break down of their architecture which is really nice.
Azure is a great way to spend dedicated server type money on a 2 core vps.
No cloud provider has a limit on spend.
Play stupid games, win stupid prizes.
 

DA-LION-619

Honorary Master
Joined
Aug 22, 2009
Messages
13,271
I feel bad that no one really answered the OP.
1. You are running a webapp service on Azure. You notice your traffic is getting very heavy. Do you scale up or scale out? And why would you do that?
Remember you're not paying for the web app, you're paying for the app service plan which is the VM acting as your web server. You choose how to allocate the resources of that VM, so you can deploy 100 web apps if you wish.
Traffic getting heavy doesn't highlight the problem. Is there an increase in CPU/RAM usage or increase in response times? What processor is your VM using, Intel or AMD, vCPU to core ratio etc.
Now the last part, scaling isn't magic. It takes time, so you need to know when to scale because doing it when you're under strain is a terrible idea.

Scaling up or out will depend on the technology and context of your apps.
A PHP backend would use resources differently than Node.js for example, that matters if scaling up.
What are your apps doing? How do they mange state? Can they be distributed?
Those things matter if scaling out because you're creating another instance of the plan not the individual apps.
If you do nothing, you can scale infinitely

2 You have a website linked to an SQL database (could be a nosql one too) - as part of the SLA - do you include a Queue, or live with the possible downtime? How do you prevent data loss or damage? And does the Queue add to your costs significantly ?
This issue is handled by Availability Groups in SQL Server. Similar to how scaling out above would use a traffic manager, you use a DNS entry in your connection string so when its need to failover it just makes another node the primary behind the scenes.

Here again, you're not paying for the queue specifically but the storage account.
Understanding storage is important, because it's the base in all clouds to which everything is built up on.
Block blob vs Page blob etc.

Other than queues, there's other things that are part of the storage account like table storage(nosql).
Costs have to be reasoned about transactionally, renaming a blob is essentially two transactions because you have to copy it to a new destination(VFS) then delete the original.
Polling the queue every minute, compared to every hour means there's a significant cost difference.

This also affects other services as well like static web apps or functions.
If you have a JS function and you perform a npm restore, how many transactions would you guess that to be?
Unless really needed, disable logging and metrics for storage accounts as that leads to additional transactions which are a waste of money.

3. If you are working for a South African company - which region do you use? As you know - not all services are available in SA as yet and Covid has slowed things down considerably.
End user experience, < 100ms response times is the goal
 
Last edited:

Gnome

Executive Member
Joined
Sep 19, 2005
Messages
6,508
i might be wrong but i get the sense with developers only think about their specific application and not the "bigger" picture and how everything ties in/interconnect together.This can be seen in the thread , as it all centers on bespoke web applications which is perfect for the cloud.Most companies that are running an IT infrastructure with with microsoft active directory will go with a hybrid approach and leverage the best of both on prem and cloud.
I would use something like direct connect in that situation.
Putting down servers mean lots of pain and getting the same uptime as a cloud provider is really tough.

On premises equipment is rapidly becoming more unpopular.
Network connections, even in SA, have become much cheaper and are continuing to do so.

Solutions that are sensitve to network latency.
ping ec2-xx-xxx-xxx-xxx.af-south-1.compute.amazonaws.com
PING ec2-xx-xxx-xxx-xxx.af-south-1.compute.amazonaws.com (123.456.789.012): 56 data bytes
64 bytes from 123.456.789.012: icmp_seq=0 ttl=238 time=3.085 ms
64 bytes from 123.456.789.012: icmp_seq=1 ttl=238 time=3.301 ms
64 bytes from 123.456.789.012: icmp_seq=2 ttl=238 time=3.687 ms
64 bytes from 123.456.789.012: icmp_seq=3 ttl=238 time=3.374 ms
64 bytes from 123.456.789.012: icmp_seq=4 ttl=238 time=4.007 ms
64 bytes from 123.456.789.012: icmp_seq=5 ttl=238 time=3.466 ms
64 bytes from 123.456.789.012: icmp_seq=6 ttl=238 time=2.731 ms

This is ping form my house.
So what would be so sensitive that it needs less than ~3ms latency
 
Last edited:

DA-LION-619

Honorary Master
Joined
Aug 22, 2009
Messages
13,271
This is ping form my house.
So what would be so sensitive that it needs less than ~3ms latency
What you’ve described below.
You can't get into the site unless you have been authorised.
Opening the doors sets of alarms that notify people on site and remotely (in other countries, so it isn't something that goes unnoticed)
 

B-1

Expert Member
Joined
Apr 17, 2020
Messages
3,096
We haven't had a server in years and I don't miss it. We do have some network/switching hardware in the bigger DC's but that's only because we have to do interconnects and carry a lot of data between many entry/exit nodes. You do have to manage your costs a lot better in the cloud as its easy to spin things up all over the place but the tools are all there.
 

InvisibleJim

Expert Member
Joined
Mar 9, 2011
Messages
2,018
I really don't see what you need on-premises equipment for but many, many old school companies are convinced this is way so who am I to argue

A lot of traditional applications aren't well suited to cloud deployments and it isn't very economical to run them in the cloud - you're basically lifting and shifting the VM and running it 24/7 in the cloud. You can't really take advantage of the elasticity available in the cloud and even reserved instances don't give you much of a saving on this once you introduce a SQL Server license.

Until the business is ready to adopt a different application with more modern characteristics, it doesn't really make sense to put it in the cloud.
 
Top