I recently delivered a session at Microsoft Ignite The Tour in London around governance in Azure. One of the critical points in this session is that before you try and implement any controls around resources, cost or security you need to have a good understanding of what your Azure estate currently looks like and what resources you are making use of, so you know where to focus your effort. There is no point spending lots of time implementing policies to restrict which size web apps you can deploy if no one is using them.

Budgets are a feature of the new Azure cost management tool, which is primarily the integration of Cloudyn into the Azure portal. Budgets allow you to set a financial boundary for a subscription or a resource group, which you can monitor through cost management and trigger alerts when you are close to the cost set in your budget. One thing you cannot do with budgets, and something that many people feel is an obvious requirement, is to stop people spending any more money when they hit the budget.

I have a love/hate relationship with Windows containers. On the one hand, it is great that we have an option for containerising legacy applications that are dependant on things like the full .net framework or other Windows-only features. On the other hand, Windows containers have some many limitations and issues compared to Linux containers, that working with them becomes painful. These limitations include what options you have for hosting these contains when you want to run them in Azure.

From the early days of Azure, it has been possible to configure storage accounts to be geo-redundant. Geo-redundant storage is replicated 3 times in the local region and then a further 3 times in the paired region, so that should the primary region go down, data can be accessed in the secondary. The big problem with this, however, is that the failover to the secondary region is under Microsoft’s control. Microsoft are the ones to decide as to whether the primary region is impaired enough to require storage to be failed over to the secondary region.

Time for a bit of self-promotion. I want to bring your attention to a new YouTube series I’ve recently started publishing entitle Azure Snippets. In this series, each snippet is a 10-15 minute video looking at a specific Azure based topic with all the information you need to get started and no waffle. I aim to keep these videos as short and bite-sized as possible to your not wasting any time, and just getting the information you need.

We’ve looked previously at using the open source tool https://www.packer.io/intro/ from Hashicorp to automate the process of building Azure VM images, which can then be consumed using either single VMs or VM scale sets. By using this tool and some PowerShell DSC scripts, we have been able to automate the process of spinning up a VM in Azure, installing the required software and configuration, running Sysprep and capturing an image. So far we have done this by running our Packer script manually from the command line.

Generate SAS Tokens in ARM Templates Without much fanfare, MS recently updated the ARM template spec to allow the creation of SAS tokens inside a template. This is excellent news for anyone who is deploying resources with ARM templates that rely on storage accounts and need a SAS token to access them. For those not familiar with SAS tokens, you can read more on them here but essentially Shared Access Signatures (SAS) provide a way to generate a key to undertake operations on a storage account, without needing the actual storage account key.

A few months back we looked at how we can use a tool called Packer to automate the creation of virtual machine images, which could then be used with VM Scale Sets. If this is something you are interested in doing, I would recommend taking a look at the original article, which walks you through the whole process. At the end of that article, I said we were next going to look at how we can use continuous integration to build this image on a regular schedule, or when applications are updated.

As we head towards the end of the year, I wanted to take a look back over all the Azure updates and announcements we have seen throughout this year and review some of the highlights. Based on the data from the Azure Updates site, we have seen 842 updates and announcements throughout the last year. As you might expect we’ve seen the number of announcements increase month on month, up to the big announcement windows of Build and Ignite.

If you are writing ARM templates to deploy your Azure Infrastructure, then it’s more than likely you are utilising some of the functions provided by the ARM language. Functions allow you to perform simple operations inside your template to transform or creation values that you use in your deployment. Some of the most common ones you’ll see include: Concat - for joining strings, regularly used to join parameters, variables and constants together to form resource names, app settings, connection strings and so on.