I'm looking for any gaps in the support for operations on Azure resources via the Azure SDK (java) vs. ARM templates.
So far, we've only found that blobs/queues/tables cannot be managed by ARM, while the containing StorageAccount can be. No documentation that calls out the differences either.
I prefer to use ARM templates as they provide atomicity of create and update across resources, provided they support all or most of the functionality.
Resources we're interested in are mostly IAAS-ish resources - Virtual network, security groups, subnets et al, LBs, storage artifacts, VM instances, DNS, etc.
Need this for basic create/delete operations and frequent update operations (e.g. patch VM images, modify DNS entries, move the ENI from one VM to another, etc).
Firstly, Template only supports ARM mode. Azure SDK supports ARM mode and asm mode.
Second, with template you could define a resource but you could not operation the resource, like start, stop a VM or a web app.
If you just want to deploy resources to Azure, I suggest you could select template, it is more easy for you to do it. SDK is more suitable for developer, Azure provides powerful API. You could manage your Azure resources and integrate them to your service.
Update:
If you only want to create or modify resources in Azure. Template is a more suitable option. Template supports more resources. Java SDK supports API is here. Template supports resource is here. Click Reference.
Note: You could not use template to delete a resource.
Related
We have set up small dev platform on azure which includes servers(sql server, web server) and azure ML. These are protected by azure VPN gateway. Below are the list of azure components we created and configured . Currently we don't need the dev platform to be available but we will need it after 6 months . so is there any way we could take this complete setup as snap shot and store as image or images so that when we need we can just restore it with out doing much configuration
dev platform components to archive and restore
Virtual networks , sub nets, dns, firewalls
VPN gateway , configuration
VM with os and server setup
sql server with data
subscription with custom roles, assignments, cost alerts , dashboards etc
if this is not possible then what are the alternatives
regards,
Suman
Have a look at the different Infrastructure as Code options that are available. Easiest way to 'export' the current situation is to generate an ARM template of the needed resources by going to the resource group and clicking Export template under Automation.
To implement infrastructure as code for your Azure solutions, use Azure Resource Manager templates (ARM templates). The template is a JavaScript Object Notation (JSON) file that defines the infrastructure and configuration for your project. The template uses declarative syntax, which lets you state what you intend to deploy without having to write the sequence of programming commands to create it. In the template, you specify the resources to deploy and the properties for those resources.
To increase the functionality options you have, have a look at Azure Bicep.
We've introduced a new language named Bicep that's used to develop ARM template JSON. Bicep files and JSON templates offer the same capabilities. You can convert templates between the two languages. Bicep provides a syntax that's easier to use for creating templates.
and also
Bicep is a domain-specific language (DSL) that uses declarative syntax to deploy Azure resources. It provides concise syntax, reliable type safety, and support for code reuse. We believe Bicep offers the best authoring experience for your infrastructure-as-code solutions in Azure.
Be advised: this is meant for the resources and their configuration of your environment. For the data side of things, save and/or export the data somewhere you can restore it from easily like Azure Storage.
I am new to Terraform and was wondering if we can use Terraform to implement a kind of disaster recovery for Azure API manager.
I know there is disaster recovery implementation by Microsoft for API manager but I wanted to explore if I can just recreate the whole thing using Terraform.
I am able to recreate the API manager using Terraform with the same configuration/APIs etc.
The only thing which is unclear to me how to back up and recreate the same subscriptions/products in API manager using Terraform.
For example, if someone deletes the API manager, I want to recreate it using Terraform and import all the existing products/subscriptions (keys).
Any ideas?
Similar to using ARM Templates, you can use Terraform to deploy Azure APIM as well. You refer the azurerm provider docs for more information.
But for all runtime data like users & subscriptions, you will have to consider setting up a backup/restore system utilizing the built-in feature.
After deploying APIM using terraform, you will have to restore the runtime data separately. Also, depending on your Recovery Time Objective, you will have to take frequent backups.
PS: Logic Apps are a great way to setup automatic backups. There is an official sample that you can refer to for this.
For provisioning AWS services(EC2/R53/VPC/S3/..), technology like Terraform have unreliable approach in terms of performing rollback, error handling etc.
AWS CloudFormation templates address these problems.
CloudFormation templates are used for both provisioning of aws services(like EC2/VPC/r53/S3/...) and configuration of every service.
Additionally this template approach should easily fit into scripted pipeline using Jenkins.
What is the approach for provisioning and configuration of services in Azure cloud?
Its called Azure Resource Manager (Peter gave a helpful link in the comments). You will interact with ARM through Azure powershell, Azure Cli, ARM Templates, different SDK's or just plain rest calls to create resources.
ARM Templates are the closest thing you can get to CloudFormation templates, but they dont really have all the features of CloudFormation templates.
For example, there is no preview of the changes that will happen before you run the template. some services can not be configured with ARM Templates (or some of the properties cannot be configured).
We are working on following within Azure portal
Azure Functions
Data Factory
Logic Apps
Storage account (not files)
Now as we are done with development, we need to deploy these azure resources in client's UAT environment
I looked around (might be missing something) and found that deployment of Azure resources is not straightforward.
In Azure, it is like another subscription, correct?
So found this blog, which works with different PowerShell scripts to copies from one subscription to another
This is the right approach? & it cover everything required for resources to execute flawless (I still need to go thru scripts) for e.g. permissions, Data Factory datasets, etc?
Any other way to deploy (kind of export & import)?
Basically what you need is to create a reusable arm template, your question lacks some details yet ARM templates are the way of automated deployment in Azure, on a high-level
start by authoring your arm template to deploy the vanilla required resources look here
https://learn.microsoft.com/en-us/azure/templates/microsoft.web/sites/functions
https://learn.microsoft.com/en-us/azure/templates/microsoft.datafactory/factories
https://learn.microsoft.com/en-us/azure/templates/microsoft.logic/integrationaccounts
https://learn.microsoft.com/en-us/azure/templates/microsoft.datalakeanalytics/accounts/storageaccounts
you can combine all of them in one big template using ARM template dependency and other functions
look here
https://learn.microsoft.com/en-us/azure/azure-resource-manager/resource-group-template-functions
after you finish ARM templates can be used in many ways including PowerShell, direct API calls or even you can create a deployment in Azure and save it to be reused with a click
look here, also if there will be a high volume of users consider adding it to market place.
https://learn.microsoft.com/en-us/azure/azure-resource-manager/
after finishing your implementation of vanilla resources you can then move into adding any customization you might have.
this is the right and best way to do "afaik"
also look here to see all of your existing resources in an arm template view
https://resources.azure.com/
my understanding of Azure is that almost everything with some few exceptions has an ARM template representation
hope this would help.
I am currently looking into using ARM to deploy new environments of our Azure Components. We have a lot of web apis that are deployed to Cloud Services, since we need access to the underlying OS to get CPU usage for App Dynamics metrics. When reading through ARM, it seems as if they are deprecating Cloud Services, but I have some confusion about what is replacing it. I see that you can create Web Apps using this and use Publish from Visual Studio to deploy the app it, but I see no options for Cloud Services. So what is the preferred method to do this? Creating a VM and deploying using Web Deploy? What about VM scaling. Any help would be greatly appreciated.
My company is in the process of moving a legacy app to Azure using Cloud Services and we were concerned about the future of Cloud Services. Since we are somewhat early into the project and would like to use the ARM model we thought it would be easier to make a move now if we knew the future. After a few conversations with project leads at Microsoft on this topic we were only told that we should continue working with Cloud Services as they would continue to be supported.
It's quite clear that the move to ARM was not well thought out in terms of direction and consequences of existing services that many people are already using. Reading between the lines I would say that there is no plan to convert Cloud Services from the ASM to ARM model.
If application insights (https://azure.microsoft.com/en-us/services/application-insights/) are sufficient for your monitoring needs, then you can use web apps. These can be deployed via ARM, and can automatically deploy from a git repo or web deploy package. See this example:
https://github.com/Azure/azure-quickstart-templates/tree/master/201-web-app-github-deploy
The issue here that you may be trying to do operations which are restricted by the web app sandbox.
Failing that, you can use an ARM template to set up a VM and then invoke a custom site extension which will run powershell code to do further provisioning. This powershell code can fetch any package that you may want to install. See this ARM template for example: https://github.com/Azure/azure-quickstart-templates/tree/9ad72f1f5f0008c14311be79eee036b871712394/201-list-storage-keys-windows-vm
Once the VM is created you would be able to modify it and scale as needed.