馃攳
Free Architecture Assessment for Performance, Reliability, Security, Operations & Cost in Azure - YouTube
Channel: Microsoft Mechanics
[0]
(inspiring music)
[2]
- Up next, if you're looking
to significantly improve
[4]
your apps and workloads in Azure,
[6]
we're going to look at
free tools and guidance
[8]
for discovering and assessing
the reliability, security,
[11]
costs, operations, and performance
[14]
of what you have running in Azure
[15]
with actionable recommendations
[17]
to optimize your architecture
across these areas.
[20]
I'm joined today by Azure
expert, Matt McSpirit.
[22]
It's great to have you back on
for another impactful topic.
[25]
- Great. Thanks for having me.
[26]
- So on a previous show together,
[27]
we looked at free assessment tools
[30]
to give you a clear path forward in Azure,
[32]
as you navigate the various options.
[34]
So why don't we fast
forward a bit to the point
[36]
where you might have a
few workloads and services
[38]
that you're developing
or running in production,
[41]
and you want to improve
the app architecture
[43]
to reduce costs, maybe improve
efficiency or resiliency.
[46]
Where would you even get started?
[47]
- It's a really common question.
[49]
Even if you've done the due diligence
[50]
to plan and architect your
workloads really well,
[53]
oftentimes there's still a
ton of room for optimization
[56]
for your existing services.
[58]
Now, to help with this,
[59]
there's the Azure Architecture Center.
[60]
And there you get to the
Well-Architected Framework,
[63]
which is a set of guiding tenants
[65]
derived from the experience
[66]
gathered from real-world implementations.
[68]
And this is defined across
five main categories.
[71]
The first is reliability,
[72]
or the ability of a system
to recover from failures
[75]
and continue to function,
[76]
where we define various principles
for things like testing,
[79]
resiliency and more.
[80]
And there's security, which is about
[82]
protecting applications
and data from threats.
[84]
So here we share guidance
[85]
for building a comprehensive strategy,
[87]
including how you design
for specific attacks
[90]
and how to continually
monitor, improve and respond.
[93]
Then there's cost optimization
for managing costs
[95]
to maximize the value of what you spend
[98]
from planning to consumption,
monitoring, and optimization.
[101]
Then there's operational excellence,
[103]
where we provide guidance
on operations and processes
[106]
that keep a system running in production.
[108]
And lastly, performance efficiency,
[110]
where we tease out the main considerations
[112]
to ensure that your system
can monitor and respond
[114]
to service issues to meet your SLAs.
[117]
- Makes sense.
[118]
So looking across all the
five different categories,
[120]
how can we help then in
those different areas?
[122]
- Well, the good news is,
is that the categories
[124]
are built into the various
tools and resources.
[126]
For example, the framework's
incorporated in Azure Advisor
[129]
and in the Azure Well-Architected
review self-assessment
[132]
to give you actionable recommendations.
[134]
In fact, let's start in the
Azure portal with Azure Advisor,
[137]
which is a free tool
that continually analyzes
[139]
your resource configuration,
usage telemetry,
[142]
and then provides actionable
recommendations in real time
[145]
in the subscription context.
[147]
So here for my subscription,
[148]
I can see that there are recommendations
[150]
specific to all the categories
[151]
in the Well-Architected Framework,
[153]
and they're even divided into
high, medium, and low impact.
[157]
And we also provide an Advisor Score,
[158]
which aggregates advisor
recommendations into a simple,
[161]
actionable score to prioritize the actions
[164]
that are going to yield
the biggest improvement
[166]
to the posture of your workloads.
[168]
So here I can see my score
across the five categories.
[170]
And in my case, there are opportunities
[172]
especially to save costs
and increase security.
[175]
Now in costs, I can see a
pretty common recommendation
[178]
to right size or shut down
underutilized virtual machines.
[182]
So if I click on Security,
there are 71 recommendations,
[185]
spanning permissions,
encryption, networking, and more.
[189]
So I'll click back into costs.
[190]
And one of the great things
about this assessment
[192]
is just how actionable
these recommendations are.
[195]
In fact, if I click into
this quick fix recommendation
[197]
for right sizing and
shutting down unused VMs,
[200]
you'll see it lists 10 VMs
that could be optimized
[203]
and the potential cost savings for each.
[205]
Now, our dev team's in India,
[206]
and if we look at this VM resource here,
[208]
DP-Win-01, for example,
[210]
it looks underutilized.
[211]
We could save 139,000 rupees,
[214]
which is around $1,900 dollars.
[216]
And if I click into the usage patterns,
[218]
you can see it's just
using a tiny amount of CPU,
[220]
under half a percent.
[222]
So this isn't a production VM,
[223]
and I can shut it down to save costs.
[226]
So back in my list of recommended actions,
[227]
I'll choose to shut down the VM.
[229]
And from right here, I can
shut it down and confirm.
[232]
So from a Well-Architected perspective,
[234]
I was able to see and get
actionable recommendations
[237]
in the context of my subscription
[239]
to optimize the costs
of running my workloads.
[242]
- And it's really great to
see everything right there
[243]
in context for you,
[244]
and you can take action
right from Azure Advisor.
[247]
And I think it's going
to save a lot of time,
[248]
especially compared to things
like manually navigating
[251]
to that resource, then
looking at its usage pattern,
[253]
and then shutting it down.
[254]
You know, sometimes finding
these underutilized resources
[257]
that are running in Azure
[259]
can be like finding a
needle in a haystack.
[260]
- Yep, absolutely.
[261]
And as you saw there, there
are similar recommendations
[263]
often with quick fixes across security,
[265]
reliability, operations, and performance.
[268]
And what I just showed was in
the context of a subscription,
[270]
which could span across
multiple workloads.
[273]
So let's now look at what you can do
[274]
if you just want to get recommendations
[276]
for a specific workload.
[277]
So for example, I've
got a retail site here
[279]
for Adventure Works,
[281]
and I'm going through the purchase flow
[282]
and opening my shopping bag.
[284]
And when I do that, you'll
see it shares information
[286]
on what's frequently bought together
[288]
based on what is currently
a manually-defined list.
[290]
So we want to add some more intelligence
[292]
to deliver tailored recommendations.
[294]
For example, if I just
purchased a few pairs
[296]
of these Zalica trunks,
[298]
it probably shouldn't
recommend them to me again.
[300]
Now, in this case, even though we have
[302]
a machine learning model ready,
[304]
we don't have a clear understanding
[305]
of the architecture attributes
[307]
that we need to plan for
in order to make sure
[309]
it's architected in a way that's reliable,
[311]
secure, and cost optimized.
[313]
Now to get guided recommendations,
[315]
I can go back to the Microsoft assessments
[317]
I showed last time I was on,
[318]
and we can choose the Azure
Well-Architected Review.
[321]
So here, if I sign in,
[322]
I can review individual workloads
[324]
and track progress over time,
[325]
and it's even integrated
with Azure Advisor.
[328]
So I'll sign in and start a
new assessment to show you.
[331]
I'll modify the assessment name a little
[332]
with AW ML model so I can
easily return to it later.
[336]
And I've got the option
here to link this assessment
[339]
to Advisor recommendations,
[340]
but because this is a new
workload that I'm assessing
[342]
before deploying into production,
[344]
I don't need to get Azure
Advisor recommendations
[345]
for it quite yet, but we'll
come back to it in a moment.
[349]
So I'll go ahead and start.
[350]
And then in my case,
[351]
I'll choose Azure Machine
Learning for my workload type.
[354]
And if you deploy in other workloads,
[355]
the Core Well-Architected
Review and Data Services
[358]
are going to cover those use cases.
[360]
So this review for Machine Learning
[361]
looks at all five categories
[363]
in the Well-Architected Framework,
[364]
and I'm selecting all
of them in this case.
[367]
And you can see all of the
questions on the left here,
[368]
and you'll see there are over 20 questions
[370]
that you can choose to answer.
[372]
Now to save a little time,
[373]
I'll just show you a few questions
[374]
across the different categories.
[375]
So under reliability,
[376]
there's questions asking if
we're resilient to failures.
[379]
Under security,
[380]
here we can see a question
about managing identities.
[383]
And in the section on costs,
[384]
I'm asked to review current steps taken
[386]
to make sure we're optimizing our spend.
[388]
And one more thing here in
performance efficiencies,
[390]
asking how I autoscale compute resources
[392]
for training and inferencing.
[394]
So once I'm finished,
I'll hit view guidance,
[397]
and it's going to output a score,
[398]
which is based on my
answers in each category.
[400]
So it's good to see that I'm green
[402]
with a score of 77 as an
average across the categories,
[404]
but there are still areas to improve on,
[406]
like performance, where I'm in the yellow.
[408]
And if I scroll down,
[409]
I can open each of the
categories recommendations.
[412]
So as I expand all of these one by one,
[414]
you'll see it's highlighting areas
[416]
where we can improve our workload,
[417]
so I don't need to hunt
these articles down.
[419]
And in fact, I'll scroll
back up to reliability.
[422]
And here, you can see
we've got a recommendation
[423]
to use Azure Machine Learning
to monitor data drifts.
[426]
And if I click into the recommendation,
[429]
it takes me directly to the
article in Microsoft Docs
[431]
to detect data drift and how
to set up dataset monitoring,
[434]
right down to the Python code sample.
[437]
- And this is really great,
[438]
especially as a pre-deployment
checklist in this case
[441]
for your Machine Learning workload.
[442]
But what if I've already got
a few services and workloads
[445]
that are running in Azure?
[446]
Can I use it then for those cases?
[448]
- Absolutely.
[449]
The Well-Architected Review is perfect
[450]
for those periodic health
checks of your workloads
[452]
once they're deployed and running.
[453]
In fact, the recommendations
from Azure Advisor
[456]
are going to look for optimizations
[457]
in your running set of Azure resources.
[459]
So I'll go back to my
assessments homepage,
[461]
and I'll open another assessment
[462]
for the entire retail
Adventure Works site.
[465]
Now, in this case, I scope the
assessment to security only.
[468]
So you've got the flexibility
[469]
to focus on the categories
that you really care about.
[472]
Now, if I view the guidance,
[473]
you'll see it's connected
to Azure Advisor.
[475]
And once there, I can
expand the recommendations
[477]
and you'll see, in both columns,
[479]
there are items from Azure
Advisor in this subscription
[481]
as noted by this icon.
[483]
Now in fact, this recommendation here
[484]
found that a few of my web apps
aren't connecting over HTTPS
[488]
and this is something the
team needs to address ASAP.
[491]
And when I look at the affected resources,
[493]
you'll see it also as a quick fix.
[495]
And I can view the logic
and script for the fix.
[498]
So if I select all the resources,
[499]
I can implement the fix
for every impacted web app
[502]
right from Azure Advisor.
[504]
So between the Well-Architected
self-assessment
[506]
through to Azure Advisor
[507]
and the created resources available,
[509]
everything I've shown you today
[511]
helps you overcome
specific learning curves,
[513]
get automated recommendations,
[515]
and take advantage of best practices
[516]
from other Azure users globally,
[518]
as you build and run your workloads.
[520]
- And these are going to
be really helpful tools,
[522]
especially for anyone
who's looking to optimize
[524]
what they have running in Azure,
[526]
even like the pre-deployment checklist
[527]
that you showed earlier.
[529]
So what's the best way then
to get started with all this?
[531]
- Well, thankfully, there's
a number of different ways.
[533]
So if you've got existing
workloads in the Azure portal,
[535]
you can use aka.ms/AzureAdvisor.
[538]
This is an authenticated link to take you
[540]
straight to the advisor
overview for your tenant.
[543]
Next, the Azure Architecture
Center at aka.ms/Architecture
[547]
is a great hub for all
the resources you need.
[549]
So there you're going to find
all the guidance and links
[551]
to all the tools I showed today.
[553]
And you can get to the
Microsoft Assessments
[554]
at aka.ms/MicrosoftAssessments
[556]
and start your well-architected review.
[559]
- Thanks so much for
joining us today, Matt
[560]
and sharing all the great tools.
[562]
Of course, keep checking
back to Microsoft Mechanics
[564]
for the latest updates.
[565]
Subscribe, if you haven't already,
[567]
and thank you for watching.
[569]
(inspiring music)
Most Recent Videos:
You can go back to the homepage right here: Homepage