Final Notes on Microsoft Azure

These are my final notes on Microsoft Azure. It’s not meant to be taken as a review, but just yet another experience.

I’ve spent a total of two months with Microsoft Azure(referred as Azure from here on). Most of the time I spent with Azure was using their B-series virtual machines which for small/medium sites it’s perfect. My complaints about Azure does not start with the service quality but the prices they offer. I left Azure with a satisfied experience, yet somewhat bitter I couldn’t keep using them.

Azure is yet another cloud services like Amazon Web Services, Google Cloud, etc. You can spin up as many virtual machines, put them in the same virtual networks, or put them behind a load balancer, or simply keep it private as the choice is ultimately yours. There’s also a vast amount of services Azure offers for a very steep price as well. Managed database servers, DNS hosting, storage services, cognitive services, container services (application server plans), and the list goes on.

There’s something I have to point out. Like Amazon Web Services and Google Cloud, Azure is not for beginners. Yes, there are beginner tutorials but put it in the context of “I have experience configuring linux servers, but I’ve never used Azure or AWS”. That’s the beginner context I’d like to highlight because there will be a lot of terms that will make people scratch their heads wondering what they mean. I think it’s a necessity to point out what defines a beginner when it comes to cloud services.

Now jumping back to the subject. I loved working with Azure network security group (firewalls, etc). It gave you most of the controls you needed to open/close inbound/outbound ports. Their storage services was a incredible delight to use, especially and specifically the file share storage. Being able to mount the file share on Windows and Linux was just pure bliss for me as I could backup visually anything from a server outside Azure, or even my personal computer back into the file share. File (storage) is something I’m really excited about and something that I’d like to see grow consumer wise because there’s nothing more satisfying than mounting a file share, do your tasks, unmount and be on your way to the next server.

I couldn’t find any services that aligned with what Azure did with its File storage. And this is outside cloud services. I’ve been looking at a service where I could do this without paying an exorbitant amount of money. If you know any, let me know in the comment section.

There are two glaring issues I have with Azure. Let me start by saying that I know Scott Hanselman wrote (two?) articles titled Penny pinching in the cloud where he goes on showing you how to save money with Azure. I think having an estimate of $33 monthly without accounting for bandwidth is not saving money. This isn’t me criticizing him in any way, I just feel like the intentions may be misinterpreted as just telling people Azure is cheap and you should totally get on our services. And to be fairly honest he mentioned multiple times that you should just stick with “that $5 dollar service”, which by the way if you haven’t visited Linode and used their service it’s to be honest up there in terms of quality. It’s probably the best $5 spent if you are just starting out there.

I have to disagree with Mr. Hanselman on his “penny pinching” articles. Azure isn’t cheap and I don’t believe you can save any money outside of reserved instances. However, I do think that you get what you pay for. Linode may have the best $5 expenditure and get an amazing service, but Azure wins in the sense that it does not limit your CPU usage in any way. Let me do the best to explain: Linode, being awesome as they are have a somewhat strict and disturbing terms of services. What makes it disturbing? If you use your CPU a lot Linode may be notifying you about it, or even stop the services if they find it’s impacting other users. And I have a lot to say about this because to me while Linode tries to sell it as a “way to maintain quality; and this is a shared environment” in my eyes is just “we want to maintain a low level effort on limiting everyone VPS resources while maximizing profits”. This is my interpretation on how Linode operates, and ultimately it’s the vibe their terms of services give off. I’m open to be proven wrong on Linode.

Meanwhile in Azure, if you have a  CPU skyrocketing at 80% because it’s doing something CPU intensive Microsoft won’t bat an eye at it. So in a sense Azure, AWS, Google Cloud probably has your back on doing CPU intensive tasks. I personally would be at a fear using Linode, Vultr, Digital Ocean trying to use what I’m paying for. They could come and shut you down anytime they want.

The other issue is bandwidth. Azure needs to offer reserved capacity for bandwidth. It’s direly needed for that wide adaption on small business/medium business sector. No one wants to pay $88 bucks for 1TB bandwidth. I’m not saying that everyone is out there hoping to use that amount because if that was the case a lot of service providers would be either out of service or plainly struggling. The pay-as-you go for bandwidth has to be improved for a massive Azure adoption rate, in my opinion. I can deal with virtual machine prices because reserved instance has my back on this.

In conclusion: Microsoft Azure is amazing, and ultimately if you have the money and don’t mind paying premium I ask you to give it a try.  For small time people like me, Azure comes off as an overpriced service. I hope to come back to Azure someday, but it’s highly unlikely with those bandwidth prices.

 

Site updates: Done, and done.

I finally finished moving everything off Microsoft Azure. Using Azure made me realize that as much as I wanted to use it it was just a huge money sink for what I was going to use it for. Over the days that passed I was just pondering whether or not I should stay with Azure. It didn’t sit well for me paying additional fees for Bandwidth, disk performances (reads, writes, premium, standard), and other types of details.

I hope that in a near future Microsoft Azure offers a B-series virtual machine with the capability of reserving bandwidth capacity. It’s a much needed feature for customers that have small or medium sites. I know that most of Azure is managed, as in, if I open a ticket the standard support is supposed to do the work and investigate what’s going on. I know it’s not profitable assigning so many resources to support small/medium customers when you want to keep that response time low for enterprises.

I hope that in the following days I have the time to write a long winded post about the cloud and the current prices. In fact I’m hoping to talk about Linode, Digital Ocean, Scaleway, and other services where I spent my time doing setups.

Now, having said all that. I ended up in ArubaCloud. I thought long and hard about it. I gathered that many people didn’t have problems with them. I’m actually excited because not only I got a low cost out of it but I can now create actual affordable virtual machines based on current needs: Do I need an e-mail server? Let me spin up a VM. Do I need an additional SQL Server? Let me spin up a VM and see if I can even out the current load.

I ended up creating a setup I really liked. For a long time I wanted to have SQL Server separated from NGINX/Apache, and with ArubaCloud that was made possible so now I have a dedicated SQL server serving this site and a HTTP server (nginx) serving all dynamic/static data. I loved working with UFW, setting up the firewall, fail2ban, etc. I think if I have to put an order out there it would be like this:

  • Spin up a VM in ArubaCloud with Ubuntu.
  • Notice that it doesn’t have the latest Ubuntu, but that’s okay with Ubuntu Xenial I can jump to 18.04.
  • Jump to do-release-upgrade -dand that will guide you through the process.
  • Once upgraded, which shouldn’t take you more than 30 minutes, apply security settings to sshd_config and add the rules I need to protect my VMs with UFW which is a tool to simply firewall management.
  • Install fail2ban, change SSH port and so on.
  • Configure server roles (DB, HTTP Server in my case)
  • Install LetsEncrypt’s amazing certbot.
  • Generate certificates for your site and be sure to enable SSL on your virtual host.

And the steps goes on and on and on. It looks tedious, and sometimes it is. I enjoy setting up my environments. After all the configurations were done?

I had a few hiccups from the MySQL Server. I wasn’t getting a decent response time, I think it was a network issue because as I’m writing it the response times have improved greatly.

There’s still a few security enhancements I have left to do, but they aren’t exactly priorities. I feel incredibly accomplished with my little journey on configuring my first remote MySql server and making it work with the HTTP server. At first sight it isn’t hard, but as you start considering security things become a bit harder.