Azure infrastructure management: Best practices (and how to implement them).
As a user of Microsoft Azure, you don’t need to know every detail about managing your cloud infrastructure to get the best possible outcomes (if you have the right partner supporting you – more on that a bit later). However, if you know nothing else about Azure infrastructure management best practices, you must know one thing – the Azure Well-Architected Framework.
The Well-Architected Framework as a set of quality-driven tenets, architectural decision points and review tools to help whoever is managing your infrastructure to build a technical foundation for high-quality workloads. These include:
- Azure Well-Architected Review
- Azure Advisor
- Documentation
- Partners, support and service offers
- Azure Architecture Center
- Well-Architected recommendation process
(I’ll pause for a moment to draw your attention to number four: Partners, support and service offers. As we’ve said before, Microsoft encourages organisations to work with managed service providers. This helps you capture the best value and navigate the complexities of your Azure environment. Thus, it’s always critical that you select an Azure Expert MSP partner to manage your environment. We are proud to be one!)
The Azure Well-Architected Framework is underpinned by the five pillars of reliability, cost optimisation, operational excellence, performance efficiency and security. You can prioritise these pillars depending on what you’re trying to achieve, but you (or your partner) must consider all of them.
There’s a lot of information out there about each of these pillars. In fact, it can be a little overwhelming to sift through it all, if you’re trying to manage things yourself (we highly recommend you don’t). So without any further ado, I’ll step you through the key considerations of each pillar of the framework.
It’s how we approach things for our managed Azure customers at Macquarie Cloud Services – and we can do it for you, too.
Azure infrastructure management best practice #1: Reliability.
It’s essential to have a business continuity and disaster recovery plan in case things go wrong during the migration process (or afterwards). This should cover both data backup and keeping your applications resilient in the case of an outage.
Azure’s built-in tools to support resilience include Azure Backup (to create data recovery points of your virtual machines (VMs), which are encrypted to the highest standards) and Azure Site Recovery, which brings your VMs and applications back online in case of an outage.
If you have mission critical systems and applications that cannot tolerate any downtime or interruption, make sure your partner has configured your Azure infrastructure to be high availability – with physical separation of availability zones, to protect you in the event of a data centre failure or outage.
Azure infrastructure management best practice #2: Cost optimisation.
Cost optimisation is a high-priority pillar for many Azure users at the moment, so we covered it in-depth here: Three best practices for managing your Azure cost. In summary, the three key points are:
- Working with an expert partner
- Understand and manage your compute time
- Take a strategic look at your resources
I recommend visiting the article for all the details if one of your Azure priorities is cost optimisation.
Azure infrastructure management best practice #3: Operational excellence.
When you’re running workloads in Azure, you expect certain things. Applications and deployments must be reliable and predictable. If you need to troubleshoot something, then you need to be able to locate the root cause – quickly.
Monitoring and diagnostics are essential for quick insights, so you know where and when issues are occurring (or are about to occur). You should expect the right level of vigilance from your Azure partner, so things are identified, prevented or remediated before they become an issue.
In a practical sense, this means giving resource groups practical and consistent names so they can be scanned and identified easily. Microsoft has its own recommended naming convention best practices for resources. It’s also essential to tag your resources to add useful metadata, which allows quick and efficient queries and reporting.
Finally, it goes without saying that it’s essential to keep your Azure VMs updated with the latest operating system and software updates. Update Management is a useful built-in tool that helps you automate much of this work.
Azure infrastructure management best practice #4: Performance efficiency.
Well-architected Azure workloads will help you scale up and out as quickly as you need to, enhancing organisational flexibility and agility. This is one of the key benefits of cloud versus on-premise digital infrastructure.
However, Azure won’t implement automatic scaling without input. You must have a deep understanding of your resource usage and performance at all times – and that takes vigilance and resources.
Azure has a built-in tool to manage essential diagnostics and logging of events (Azure Monitor), and we also integrate analytical platform CloudHealth into our customers’ environments. It’s the cherry on top when it comes to delivering intelligent insights to boost the performance of your environment.
Azure infrastructure management best practice #5: Security.
I’ve left it to last, but it’s by no means least. No matter who you are or what you do, the security of your Azure infrastructure is paramount.
We’ve covered this in greater detail here (How to secure your Microsoft Azure environment). If you’re looking for the summary version, it’s all about following the recommendations of Azure’s built-in security tool, Microsoft Defender for Cloud, as an example – protecting your VMs with the appropriate antimalware. Microsoft Antimalware for Azure Cloud Services and Virtual Machines generates alerts when known malicious or unwanted software tries to install itself.
However, for many organisations, too much security is never enough. At Macquarie Cloud Services, we go above and beyond by implementing Zero Trust security principles to customer environments. It’s current best practice in cyber security architecture, based on the mindset of “assume a breach, and always verify”. Read more about our approach to Zero Trust here.
Looking for support to implement Azure infrastructure management best practices?
If you’re already on Azure and want to get the most from it, we can help by taking a look at your existing configuration. Macquarie Lens is our market-leading tool to help you get started, with support from one of our principal consultants.
This service is free for our new clients (valued at $2500), so you can kickstart your journey to Azure optimisation, while managing your costs. And best of all, you’ll claim the value of our market leadership and years of intellectual property, skills and capability in managing Microsoft Azure infrastructure.
We are proud to be an Azure Expert Managed Service Provider, which is a distinction we’ve been awarded by Microsoft following rigorous independent assessments. In fact, we’ve also been working with Microsoft to launch Macquarie Guard. It’s an exciting, first of its kind SaaS launch in the Azure Marketplace to provide the safeguards and skills you need to enable accelerated development on Azure.
We’re here and ready to help! Reach out to us today at 1800 004 943 or drop us an email at enquiries@macquariecloudservices.com to explore how we can help you manage your Azure infrastructure to the highest standards of industry best practice.