I am trying to startup a team which requires resources to be deployed in 3 cloud regions which are to be isolated from each other.
Currently we have 2 environments - dev & prod, so the plan is to have 2 GCP projects - 1 for dev and 1 for prod(Each containing the 3 regions).
From what I understand in GCP, you can have all 3 regions in the same project and VPC(as VPCs are global) and therefore just have this one 1 VPC in each project. The current plan for the architecture is to just deploy the serverless applications to their specific regions. However when I looked into it more, it seems that having all 3 regions resources in the same project and VPC would make it less isolated than the other proposed solution of having 3 dev project, and 3 prod projects(i.e 1 region per project per environment).
I couldn't find anything detailing what the best practises were for this kind of scenario so any help would be appreciated!
All depends on what do you want to isolate. Serverless services are isolated by default (it's container with independent identity and access management).
In term of VPC, you can keep 1 project but create 3 VPC in the same project, 1 per region. You will be isolated at network level.
But, even if your VPCs are isolated, the accounts (users or service) can access to all the VPCs of the project (if you are a compute Admin user, you can create a VM, whatever the VPC). If you need more isolation, you have to create different project to give permissions only to the correct region to the accounts.
Related
While doing some research for a customer some doubts have rise regarding how the pricing on App Service plans work and what would be the best way to configure the ARM templates for different projects.
What I would like to confirm (and I don't think that Azure documentation is very clear on that) is if you pay only for the App Service Plan itself, even if you don't have any web apps running.
Imagining that I would like to have 2 web apps running on a Standard tier, is there any difference of having a different app service plan for each that I can later change independently for a single project? (e.g. one of the web apps may require more compute power in the future while the other doesn't).
And if by any change we remove the web apps from the subscription but still leave there the App Service Plan configuration... is anything paid in that case, even if there is no computing happening?
Thanks for the help everyone. Cheers
TL;DR You pay for an App Service Plan, not for an App Service.
Looking at App Service Plans details, you see the number of Apps an App Service Plan can have.
A Free plan can have 10
A Shared plan can have 100
A Consumption plan for Functions can have 500
All other plans can have unlimited
Now for your question: you don't pay per App Service. You pay per App Service Plan. And this is regardless the number of apps. This is because you pay for the fact the plan is there, ready and waiting. You've reserved the resources specified in the tier you selected. The fact you're not using them isn't of influence.
Of course, consumption plan is the odd one out, since there you do pay only for compute used.
If you take a look at Pricing - App Service, you also see the pricing tables specify pricing for App Service Plans, not the App Services.
EDIT:
I would pay more for 2 service plans with 1 app each than 1 service plan with 2 apps on top
Yes.
Since an App Service Plan is an abstraction for (something like) a virtual machine, having 2 App Service Plans means having 2 virtual machines that are reserved for you.
EDIT2:
As #Juunas said in his comment:
you do pay per VM in your plan, so if you set scale out to 3 instances, you have 3 VMs running your app, so pay 3 times more than with scale out set to 1.
So 1 plan with 1 instance and 2 apps is cheaper than 2 plans with 1 instance and 1 app per plan. But if the 1 plan has 2 instances and 2 apps, you pay the same as in the 2-plans-1-instance scenario.
This is starting to get complex ... 🤔
I want to deploy multiple machines across various geographical regions to serve my application in a Development and Production environment; I'm coming from Google Cloud Platform where my solution would be to create 2 projects:
project-dev
project-prod
With that I have complete freedom of creating resources in any region/zone in either project/environment.
The closest thing to this I have found on Azure is Resource Groups, but those are tied to a specified region, which is not ideal for me. Is there a better way, rather than creating a resource group in EACH region I choose to deploy resources for both environments as follows:
project-dev-east-us
project-dev-west-us
project-dev-west-eu
project-dev-east-as
project-prod-east-us
project-prod-west-us
project-prod-west-eu
project-prod-east-as
Resource groups are tied to regions, but resource inside are not, so you can have resources from multiple regions in a single resource group. but resource group is like a folder on a hard drive. its just a way to logically organize things, nothing more.
In Azure Service Fabric, the default number of upgrade domains is 5. Is there a way to change to a different number?
From https://learn.microsoft.com/en-us/azure/service-fabric/service-fabric-cluster-resource-manager-cluster-description#configuring-fault-and-upgrade-domains, there's ClusterManifest.xml, but it doesn't seem we should modify it.
This is not possible in Azure today. SF picks up the FD and UD information from the VM Scale Sets that it runs on, and today these are capped/locked at 5x5. SF itself doesn't care how many UDs you have, and generally recommends more so that during an upgrade you're taking down less of your overall service in terms of capacity and also have more time to react to any issues.
There are some workarounds:
Run multiple service fabric application instances. Since each application instance is independently upgradable, you end up with (app instances) * (# of UDs) separate upgrade boundaries
Run the cluster across VM Scale Sets in multiple Azure AZs
Unfortunately this only works in areas where Azure has multiple AZs exposed
I currently have a web application deployed to Azure on the App Service free plan and, as part of going live, I'm interested in moving to the use of slots.
This is primarily because it gives me the ability to deploy new code into staging and then seamlessly swap over once it's been validated.
Now, to use slots, I know I need the standard plan and this clocks in at a minimum of $X per VM.
What I don't know (and frustratingly haven't been able to find out from the Azure stuff on Microsoft's web pages) is whether a second slot counts as another VM.
In one place at least, it states that deployment slots are live web applications with their own hostname but that could be read in at least two ways. either as a separate app on the same VM or a separate VM altogether.
Since the difference is substantial ($2X/month rather than $X/month), it's rather important to planning. So does anyone know how (preferably with some supporting citation from Microsoft) the slots are handled and charged for?
All deployed Azure sites in a given Web App plan run on the same VM instances. Just as if you deployed mysite1.azurewebsites.net and mysite2.azurewebsites.net in the same plan, they'd share the same VM instances. So, too, do extra deployment slots.
If you scale to 3 instances, you pay for 3 instances, and all deployments (all slots for all deployments) run on all three instances.
One way to make this easier to think about: the 'production' (or main) deployment slot is just another slot.
I have a BizSpark account but I'm struggling to work out what I'm actually entitled to as part of my free Azure package. The package details are listed here:
http://www.windowsazure.com/en-us/offers/details?locale=en-us&offer=ms-azr-0012p&no-rewrite=true
I need to run:
One virtual machine (running Linux) to power the website
One hosted service to provide the client software (Windows Phone and Windows 8) with database access
One hosted service to provide the virtual machine with database access
Two storage accounts (one for images and one for the virtual machine)
One SQL database
Do the hosted services count as VMs and can anybody shed some light on the best configuration (VM sizes etc) to fit all of the above into my subscription please? Multiple instances would be nice but I think I might be getting greedy now!
Thank you.
The most important thing to keep in mind is that you 1500 hours of small compute instances (this includes both Cloud Services and Virtual Machines). 1500 hours per month means you can run 2 small instances full time or choose for an equivalent ratio. So you could go for 4 extra small instances and still have room for 2 extra small instances and 1 small instance to use for something else. To keep the SLA (on the hosted service at least) I would suggest the following:
2 extra small instances of a Linux Virtual Machine
2 extra small instances of a hosted service with a web role. The web role would have 2 tasks:
Provide the client software with database access
Provide the Virtual Machine with database access
This might not be the best solution in terms of performance, but you'll be able to run everything high available without having to pay anything extra.
The 2 storage accounts and the SQL Azure database (you must use the web edition) are also covered by the BizSpark subscription.
Update: 1 small = 4 extra small equivalent ratio isn't right. The ratio is 1 small = 6 extra small.