The adoption of cloud solutions has simplified and reduced operational expenses (Opex) and the management costs in numerous areas of IT. In fact, many systems that previously ran on-premises and were complex to maintain are now simple cloud managed services. However at the same time,, running virtual machines in Microsoft Azure opens the door to a wide range of new services that make operational management articulated. Microsoft to better manage all services and related configuration has released Azure Automanage, a new solution that automates different operations throughout the lifecycle of virtual machines located in Azure. This article lists the characteristics of the solution, showing how Azure Automanage can facilitate the day-to-day tasks of system administrators and ensure optimal compliance with Microsoft best practices.
Azure Automanage allows you to automatically implement best practices in virtual machine management ensuring compliance with regards to security aspects, corporate compliance and business continuity. To learn more about implementation guidelines, Microsoft's proven best practices and tools designed to accelerate the cloud solution adoption journey you can consult the documentation Cloud Adoption Framework.
By adopting this solution, you can detect, integrate and configure different Azure services during the entire life cycle of virtual machines, making a distinction between Production environments and DevTest environments. The Azure services currently covered by Azure Automanage are the following:
For more information about services that are automatically managed by Azure Automanage and related specifications can be consulted this Microsoft documentation.
The inclusion of virtual machines in the service can take place on a large scale or individually, with the certainty that if VMs do not meet the best practices imposed, Azure Automanage will be able to detect and correct them automatically.
The service can be activated directly from the Azure portal and requires the following steps:
At the moment Azure Automanage is only available for Windows Server virtual machines, but in the future there will be the possibility of also contemplating Linux systems.
Azure Automanage uses configuration profiles to determine which Azure services should be enabled on the selected systems. Two configuration profiles are currently available by default, one for the DevTest environment and one for the Production environment.
The two profiles are distinguished by the types of services that are intended to be enabled on the different workloads and can be customized for certain services. In fact, in addition to standard services, a certain subset of preferences can be configured within a range of configuration options that do not violate Microsoft best practices. For example,, in the case of Azure Backup it is possible to define the frequency of the backup and on which day of the week it must be performed, but it is not allowed to completely disable Azure Backup in production environments, because it would not respect the best practices imposed by Microsoft.
The configuration process also requires the presence of an Automanage account. This is an Azure System Managed Service Identity (MSI) which is used to carry out automated management operations on virtual machines. This identity can be created during the activation process, or you can select an existing identity.
After you enable the service Azure Automanage the process of bringing the machines back to the best practices specified in the configuration profile starts.
The status of the VMs after service activation can be:
- In-progress: the VM is being configured
- Configured: the VM has been configured and adheres to best practices
- Failed: the VM does not adhere to best practices and remediation actions could not be completed
The adoption of Azure Automanage entails several advantages for the customer which can be summarized with the following points:
- Reduce costs by automating virtual machine management
- Optimize workload uptime by performing tasks in an optimized way
- Implementing security best practices
Virtual machine lifecycle management, especially in large environments, can be very expensive in terms of time and cost. In addition, activities that are repeated frequently can be prone to errors, leading systems to a non-optimal configuration. With this new service, you can simplify and automate all the necessary steps to ensure that your virtual machines meet the desired requirements. The service is currently in preview, therefore not usable in production. There are several aspects on which the service is destined to expand, in particular to provide greater flexibility in the configuration, but it is a very useful solution whose adoption will certainly be recommended in Azure environments.