for me sometimes, the number of Azure Services, is overwhelming. What is really annoying is that you can't find two lines of description, which explains the concrete uses cases for the different Azure Service.
So does someone know the difference between Azure Deployment Environments and Azure DevTest Lab? Does someone have concrete use cases for this two Azure Services?
Cheers,
Chico
Azure Deployment Environments empowers development teams to quickly and easily spin up app infrastructure with project-based templates that establish consistency and best practices while maximizing security. This on-demand access to secure environments accelerates the stages of the software development lifecycle in a compliant and cost-efficient way.
Source: https://learn.microsoft.com/en-us/azure/deployment-environments/overview-what-is-azure-deployment-environments
and
Azure DevTest Labs is a service for easily creating, using, and managing infrastructure-as-a-service (IaaS) virtual machines (VMs) and platform-as-a-service (PaaS) environments in labs. Labs offer preconfigured bases and artifacts for creating VMs, and Azure Resource Manager (ARM) templates for creating environments like Azure Web Apps or SharePoint farms.
Source: https://learn.microsoft.com/en-us/azure/devtest-labs/devtest-lab-overview
Hope this helps!
Related
In AWS we can define a Serverless App within a VPC. Need not be the case but is considered obviously a good practise.
Can the same be done for an AZURE App Service? I.e. can an AZURE App Service be defined as part of a VNET?
There are a couple of segments to answer your question. Here goes ...
VNet integration
Yes, you can Integrate your app with an Azure virtual network.
With Azure Virtual Network (VNets), you can place many of your Azure resources in a non-internet-routable network. The VNet Integration feature enables your apps to access resources in or through a VNet. VNet Integration doesn't enable your apps to be accessed privately.
Azure App Service has two variations:
The multitenant systems that support the full range of pricing plans except Isolated.
The App Service Environment, which deploys into your VNet and supports Isolated pricing plan apps.
If you're looking for restricting access to the App Services, the article linked in silent's comment is a good read. Especially the Access restrictions chapter.
Access restrictions let you filter inbound requests. The filtering action takes place on the front-end roles that are upstream from the worker roles where your apps are running. Because the front-end roles are upstream from the workers, you can think of access restrictions as network-level protection for your apps.
Infrastructure as Code
The blueprint (or 'cloud template') you're talking about in the comments feels like you need Infrastructure as Code to build/maintain resources for customers that all have the same structure. And while Azure has a service that's called Azure Blueprints, I think that would be overkill for the requirements you're giving.
Azure Blueprints enables cloud architects and central information technology groups to define a repeatable set of Azure resources that implements and adheres to an organization's standards, patterns, and requirements. Azure Blueprints makes it possible for development teams to rapidly build and stand up new environments with trust they're building within organizational compliance with a set of built-in components, such as networking, to speed up development and delivery.
I think you could implement what you're looking for by creating a (parameterizable) Bicep file to enable you to create/update the resources in a repeatable way as needed.
Bicep is a domain-specific language (DSL) that uses declarative syntax to deploy Azure resources. It provides concise syntax, reliable type safety, and support for code reuse. We believe Bicep offers the best authoring experience for your infrastructure-as-code solutions in Azure.
This is regarding Microsoft's Azure DevOps(Formerly VSTS). Just wanted to clear things, can Azure DevOps be classified as a Platform as a Service. Since it is a cloud service it should be categorized into IaaS but it eliminates the middleware/OS in pipeline. If not then where does it go in the cloud services area? IaaS/SAAS?
Thanks.
Azure DevOps is SaaS for end users (Developers,PM,QA and other stakeholder). In the backend, all the services offer by "Azure DevOps" may run on VMs or Physical server. That mean Microsoft point of view, they may use combination of IaaS & PaaS solution for this platform. Ultimately all services running on VM or physical server.
Its a SaaS, since you are buying a service, not a platform, not virtual machines.
From learn.microsoft.com
Based on the on-premises capabilities, with additional cloud services, we manage your source code, work items, builds, and tests. Azure DevOps uses platform as a service (PaaS) infrastructure and many Azure services, including Azure SQL, to deliver a reliable, globally available service for your development projects.
So according to Microsoft it is PaaS.
Team,
I have a complete running cloud service application upgraded to latest Azure SDK version and unfortunately need to dump this into a CSP subscription. But I came to know that Azure CSP supports only the Azure Resource Manager model, the cloud service is a classic deployment model. So we cannot create a cloud service within a CSP subscription.
Is there any other alternative within Azure CSP to using "cloud service" so that we can migrate with minimal changes. Please help
Firstly, here are some good reads on Microsoft Docs to help comparing the options available and make decisions based on your requirements:
(I mean requirements like Hosting features, Service Limits, 3rd party software installation and RDP access is required or not, Network isolation to a separate VNET is required or not, Cost considerations, minimum SLA, Regions available, instant deployment and auto-scaling, state management etc.):
Azure App Service, Virtual Machines, Service Fabric, and Cloud Services comparison
Decision tree for Azure compute services (This one covers a big spectrum.. simple virtual machines, Batch, Functions, Containers, AKS, ServiceFabric)
Criteria for choosing an Azure Compute Service
Also know that when looking for alternatives, it's not uncommon to make use of multiple compute or other Azure service options by breaking up an older solution into parts at the time of such migration (for e.g. A serverless compute option like Azure Function + Service Fabric + something else if needed).
Generally speaking (and without knowing much about your application from your question currently), Azure App Service and Service Fabric could be considerations IMHO when migrating from an existing Cloud Service, but this is exactly where detailed requirements help you in decision making.
On a side note, here is a list of Azure Services available in CSP - Available Azure services in Azure CSP
I published a web api in Azure via Visual Studio. I would like to know if it is PaaS or IaaS.
When I search for the answer, I find lot of definitions about the PaaS and IaaS.
But I did not find where it is clearly defined which services found in Azure portal are PaaS and Which are IaaS?
Thanks.
With best regards,
SR
IaaS (Infrastructure as a Service):
Cloud infrastructure services, known as Infrastructure as a Service (IaaS), are made of highly scalable and automated compute resources. IaaS is fully self-service for accessing and monitoring things like compute, networking, storage, and other services, and it allows businesses to purchase resources on-demand and as-needed instead of having to buy hardware outright.
PaaS (Platform as a Service):
Cloud platform services, or Platform as a Service (PaaS), provide cloud components to certain software while being used mainly for applications. PaaS provides a framework for developers that they can build upon and use to create customized applications. All servers, storage, and networking can be managed by the enterprise or a third-party provider while the developers can maintain management of the applications.
Source: SaaS vs PaaS vs IaaS: What’s The Difference and How To Choose
In short: with IaaS you use infrastructure (mostly VMs, networking, ...) from your cloud provider that you manage yourself. With PaaS you use an abstraction layer on top of some infrastructure where you do not manage the underlying infrastructure itself. You only manage the application and its data.
If you've deployed to an App Service, you're using PaaS. If you've deployed to a VM that you manage and runs IIS, you're using IaaS.
Another interesting read: What is PaaS?
In Azure there are 2 options available to create virtual machines.
A. normal VM
B. Classic VM
Does anybody know what is the difference between both option? When do we use one over other?
Short answer to your question is Normal VM or Virtual Machines is the new way of deploying your Virtual Machines whereas Classic VM or Virtual Machines (Classic) is the old way of deploying them. Azure is pushing towards the new way of deploying resources so the recommendation would be to use it instead of old way. However please keep in mind that there're some features which are available in the old way that have not been ported on to the new way so you just have to compare the features offered and only if something that you need is not available in new way, you use the old way.
Now comes the long answer :)
Essentially there's a REST API using which you interact with Azure Infrastructure.
When Azure started out, this API was called Service Management API (SMAPI) which served its purpose quite well at that time (and to some extent today). However as Azure grew, so does the requirements of users and that's where SMAPI was found limiting. A good example is access control. In SMAPI, there was access control but it was more like all-or-none kind of access control. It lacked the granularity asked by users.
Instead of patching SMAPI to meet user's requirement, Azure team decided to rewrite the entire API which was much simpler, more robust and feature rich. This API is called Azure Resource Manager API (ARM). ARM has many features that are not there in SMAPI (my personal favorite is Role-based access control - RBAC).
If you have noticed that there are two Azure portals today - https://manage.windowsazure.com (old) and https://portal.azure.com (new). Old portal supports SMAPI whereas new portal supports ARM. In order to surface resources created via old portal into new portal (so that you can have a unified experience), Azure team ended up creating a resource provider for old stuff and their names will always end with (Classic) so you will see Virtual Machines (Classic), Storage Accounts (Classic) etc. So the resources you create in old portal can be seen in the new portal (provided the new portal supports them) but any resources you create in the new portal using ARM are not shown in the old portal.
The Azure Virtual Machine (classic) is based on the old Azure Service Management Model (ASM). Which revolved around the concept of a cloud service. Everything was contained inside a cloud service, and that was the gateway to the internet. While it is still used (extensively) Azure is now moving over to the Azure Resource Management Model (ARM).
ARM uses the concept of declarative templates to configure an entire solution (rather than individual components) So you can create an entire Sharepoint stack, rather than just a singular machine.
ARM also has a much more logical approach to networking. Instead of having a monolithic VM in an obscure cloud service. You have a VM, that you attach a network card to. You can then put the Network card into a VNet and attach a public IP (if you need one)
Unless you have a compelling reason to use ASM (classic) You should create your solution using ARM. As this is the MS recommendation going forward (todo find a link to that) It also means that you can create templates for your deployments, so you can have a repeatable solution.
On the negative, the old portal manage.windowsazure.com can not manage anything that is deployed using ARM, and there are still parts of ASM that haven't been migrated over to ARM yet. For instance you cannot configure Azure VM backup, since Azure backup is ASM and it can't 'see' ARM VMs
It very largely depends on your circumstances though, what it is you are planning for, the method you are going to deploy with. If you are just looking to stand a machine up to do a single task, it makes very little difference. If you are looking to deploy into an environment that will have some concepts of DevOps going forward, then ARM is the way to go.
The one big differences is for resource management. For that new version is called Azure Resource Manager VM (ARM VM).
ARM VM is better in terms of;
Classic VM must be tied with Cloud Service, and Cloud Service consumes resource limitation and not-so-flexible network configuration.
ARM VM is managed under Azure Resource Manager (ARM) which can be organized with/without other Azure services. ARM is like a folder of Azure services, and it gives you more fine-grained resource management.
Classic VM can be migrated to ARM VM version, but you have to afford service downtime. To migrate from classic VM, read the official article: Considerations for Virtual Machines.
Azure provides two deploy models now: Azure Resource Manager(Normal) and Azure Service Management(Classic) and some important considerations you should care when working Virtual Machines.
Virtual machines deployed with the classic deployment model cannot be included in a virtual network deployed with Resource Manager.
Virtual machines deployed with the Resource Manager deployment model must be included in a virtual network.
Virtual machines deployed with the classic deployment model don't have to be included in a virtual network.