Know what to look for in a cloud management platform Use modern cloud security best practices

Azure resource management tips to optimize a cloud deployment

Prepare -- or revamp -- an Azure cloud strategy with these essential resource management tips for workload resiliency, access control and more.

The key to success in the cloud is to learn the ins and outs of your chosen platform to optimize management and performance, as well as minimize costs.

This means IT teams that manage Microsoft Azure should be familiar with the broad range of administrative tools, such as Azure Resource Manager (ARM) templates and the Azure portal, as well as the various VM deployment options on the IaaS platform.

Review these four Azure resource management best practices to keep your cloud running effectively.

Use ARM templates to replicate Azure resources

With the help of infrastructure-as-code and automation tools, public cloud users can deploy intricate workloads almost effortlessly. IT admins want a way to replicate workload environments for testing or disaster recovery scenarios with that same ease and flexibility.

ARM, Azure's deployment and management service, includes templates that can help admins achieve this goal through the replication of Azure resource groups. With an API call or via the Azure portal, cloud admins can continually execute templates and create workflows. However, policy issues can arise, so be aware of the different ways to work through such issues.

As for VMs, there isn't a direct cloning method, but you can capture a VM's image to create a new one. There are various steps to prepare the source VM, and they can vary depending on the OS. Do not use this approach with production servers because it will make the original VM unusable.

Take advantage of Azure RI size flexibility

Some of the most sought-after Azure resource management best practices involve ways to minimize costs.

Organizations can cut their cloud bill with the help of Azure Reserved VM Instances (RIs), a type of Azure VM that users can get at a discounted price -- compared to on-demand VMs -- when they purchase them in advance and commit to long-term use. Last year, Microsoft released a size flexibility feature for RIs, which let users apply the discount to differently sized VM instances within the same VM family.

To maximize discounts, plan ahead, since flexibility varies with each instance size an admin initially chooses. In addition, this feature can increase management complexity, as admins will frequently need to change the scope of a reservation, split reservations and adjust user accounts in the Azure portal.

Add resiliency with Azure availability zones

Among other Azure resource management best practices is the use of availability zones (AZs) -- or distinct physical locations within a geographical region -- to ensure uptime and availability and protect against data center failures. Microsoft offers numerous AZs, including Central U.S., East U.S., France Central, West Europe and Southeast Asia.

Azure services that support AZs come in two flavors: zonal services and zone-redundant services. With zonal services, a resource -- such as a VM or managed disk -- is pinned to a specific zone. With zone-redundant services, Azure offerings, such as VM scale sets and SQL databases, automatically replicate across zones. Also, enterprises can distribute traffic across multiple zones with the Standard Load Balancer.

Optimize Azure subscription management

Microsoft's cloud platform and associated Azure services are based on subscriptions, which specify the set of resources accessible to a particular user and contain billing information.

Enterprises can use Azure management groups to apply access policies across various subscriptions and the resources they contain. Azure management groups, which are primarily for larger enterprises with multiple subscriptions, have a hierarchical design. At the top sits the root management group, often run by an Active Directory admin, which controls all subscriptions and policies set for an entire organization. Enterprises can create groups within ARM, but there are limitations. For example, the group hierarchy can't have more than six levels, and a user can't move or delete the root group. Take time to plan out each group structure, and study role-based access control requirements before getting started.

Next Steps

Get to know the Azure resource hierarchy

Dig Deeper on Cloud infrastructure design and management

Data Center