Yet another way Azure sucks
-
Ah, here we go, it made a group and that lets you delete everything.
-
You should check out https://www.terraform.io/
-
Yeah, so then you figure it's a great idea to put every VM and the resources only associated with it in all separate resource groups.
Now say you want to give someone access to a bunch of VMs but not all VMs in the subscription. Well, you can't nest multiple resource groups under a parent resource group. You could move them to another subscription and give that person permission at the subscription level.
But hey, what about Azure AD groups? So you create an Azure AD group and assign that group permission to each of the resource groups. But there's a limit to how many individual permission assignments you are allowed, and guess what? Now you've created a back door that would allow an Azure AD User Admin to give themselves access to your servers and resources.
The solution? Azure AD Administrator Units, create a whole new Azure AD Admin unit that does not share User Admin roles with your normal Microsoft 365 tenant, but guess what? Now you need to get licences that include Azure AD P2 for some people in order to use Administrative Units.
-
I been hearing issues with Azure as of late. Any other platform that can be used other than Azure. Is Proxmox a viable candidate?
-
@ITivan80 We use Vultr.com and Hetzner.com for cloud VMs.
Proxmox is tool for on premise virtualization. -
@ITivan80 said in Yet another way Azure sucks:
I been hearing issues with Azure as of late. Any other platform that can be used other than Azure. Is Proxmox a viable candidate?
AWS and GCP really are the only competitors for Azure.
DigitalOcean is a great option for small deployments and easy testing.
-
@Mario-Jakovina said in Yet another way Azure sucks:
@ITivan80 We use Vultr.com and Hetzner.com for cloud VMs.
Proxmox is tool for on premise virtualization.I currently have a Hetzner system hosted for me. It's running KVM and I love it. This is my second system through them.
64GB Ram / 8 TB disk, 1gig internet (I think... may be 100 meg) ... ~$45 USD a month. I know it's not Azure or AWS, but for what I'm doing with it (NextCloud & Personal Lab), It's great!
-
@ITivan80 said in Yet another way Azure sucks:
I been hearing issues with Azure as of late. Any other platform that can be used other than Azure. Is Proxmox a viable candidate?
"as of late"? Haha
-
@ITivan80 said in Yet another way Azure sucks:
Is Proxmox a viable candidate?
Sure is. NTG manages ProxMox for your customers, in fact But it's a bit different. ProxMox on your own server isn't all that much like Azure or AWS. But in many cases, especially for smaller businesses, ProxMox might actually be more appropriate.
-
@JaredBusch yeah AWS kinda is the same you have to setup the EC2 with volumes that get deleted on termination toon. Otherwise is manual deletion as well.
-
@JaredBusch said in Yet another way Azure sucks:
When you want to delete a virtual machine, you have to clean up all the its manually.
There is not even an option to remove everything at once.
This is by design, because all your resources are separate. Companies that leverage Azure/AWS are not using the console to deploy resources for this very reason. Using infrastructure as code is the only way to go. Both Azure and AWS offer their own IaC at no cost, but you can use terraform as an open source cloud neutral deployment method as well.
Azure VMs and AWS EC2 are not VPS as you know. AWS does offer VPS style servers called lightsail. It's more affordable than EC2 and you would be able to delete with one click like youre used to doing. Of course you don't get all the other features like advanced networking, storage, etc.
-
@JaredBusch said in Yet another way Azure sucks:
Ah, here we go, it made a group and that lets you delete everything.
Yeah this convenient when working with specific resources like building a specific app that is a collection of servers, networks, etc.
IaC still gives you more, because you can modify resources easier. You can make bulk changes very quickly and review each of those changes with much more granularity before applying.
-
@JaredBusch said in Yet another way Azure sucks:
Ah, here we go, it made a group and that lets you delete everything.
So you started a thread titled "Azure sucks" based on the fact that you just didn't really know how to use it properly?
-
@Carnival-Boy said in Yet another way Azure sucks:
@JaredBusch said in Yet another way Azure sucks:
Ah, here we go, it made a group and that lets you delete everything.
So you started a thread titled "Azure sucks" based on the fact that you just didn't really know how to use it properly?
Thats usually how it goes with the Microsoft
bias here. "XYZ sucks" because it's never used and/or understood properly in the first place... -
@IRJ said in Yet another way Azure sucks:
@JaredBusch said in Yet another way Azure sucks:
When you want to delete a virtual machine, you have to clean up all the its manually.
There is not even an option to remove everything at once.
This is by design, because all your resources are separate. Companies that leverage Azure/AWS are not using the console to deploy resources for this very reason. Using infrastructure as code is the only way to go. Both Azure and AWS offer their own IaC at no cost, but you can use terraform as an open source before neutral deployment method as well.
Azure VMs and AWS EC2 are not VPS as you know. AWS does offer VPS style servers called lightsail. It's more affordable than EC2 and you would be able to delete with one click like youre used to doing. Of course you don't get all the other features like advanced networking, storage, etc.
We've been looking at Pulumi lately for IaC. I'm kind of over DLCs to write things and then having to wait for that DLC to support control flows. Just let the language your used to using do the work.
-
@Carnival-Boy said in Yet another way Azure sucks:
@JaredBusch said in Yet another way Azure sucks:
Ah, here we go, it made a group and that lets you delete everything.
So you started a thread titled "Azure sucks" based on the fact that you just didn't really know how to use it properly?
I never tried to use is for a test lab before. Will never again. The customer has various things on Azure already. They wanted to test moving a tool from on prem to Azure also.
I warned them the cost (a full VM) is not worth it until they change the workflow to use API calls or something else that is not a full VM.
In the end they agreed and we went to remove the test system.
-
@stacksofplates said in Yet another way Azure sucks:
@IRJ said in Yet another way Azure sucks:
@JaredBusch said in Yet another way Azure sucks:
When you want to delete a virtual machine, you have to clean up all the its manually.
There is not even an option to remove everything at once.
This is by design, because all your resources are separate. Companies that leverage Azure/AWS are not using the console to deploy resources for this very reason. Using infrastructure as code is the only way to go. Both Azure and AWS offer their own IaC at no cost, but you can use terraform as an open source before neutral deployment method as well.
Azure VMs and AWS EC2 are not VPS as you know. AWS does offer VPS style servers called lightsail. It's more affordable than EC2 and you would be able to delete with one click like youre used to doing. Of course you don't get all the other features like advanced networking, storage, etc.
We've been looking at Pulumi lately for IaC. I'm kind of over DLCs to write things and then having to wait for that DLC to support control flows. Just let the language your used to using do the work.
Coming from a company that only uses ARM templates, Bicep was the most exciting thing I saw at Ignite.
The scariest thing was using AR and Teams to remotely assist with surgeries. Teams didn't even work properly for that whole presentation.
-
@Carnival-Boy That is an overstretched assumption. People can have their opinion about a software/vendor because that is how they feel about it at the moment. I would say the same thing about Sonicwall being easy to setup an maintain and other people will disagree with me. That doesn't make it that the person doesn't know how to use it properly.
-
@flaxking said in Yet another way Azure sucks:
@stacksofplates said in Yet another way Azure sucks:
@IRJ said in Yet another way Azure sucks:
@JaredBusch said in Yet another way Azure sucks:
When you want to delete a virtual machine, you have to clean up all the its manually.
There is not even an option to remove everything at once.
This is by design, because all your resources are separate. Companies that leverage Azure/AWS are not using the console to deploy resources for this very reason. Using infrastructure as code is the only way to go. Both Azure and AWS offer their own IaC at no cost, but you can use terraform as an open source before neutral deployment method as well.
Azure VMs and AWS EC2 are not VPS as you know. AWS does offer VPS style servers called lightsail. It's more affordable than EC2 and you would be able to delete with one click like youre used to doing. Of course you don't get all the other features like advanced networking, storage, etc.
We've been looking at Pulumi lately for IaC. I'm kind of over DLCs to write things and then having to wait for that DLC to support control flows. Just let the language your used to using do the work.
Coming from a company that only uses ARM templates, Bicep was the most exciting thing I saw at Ignite.
The scariest thing was using AR and Teams to remotely assist with surgeries. Teams didn't even work properly for that whole presentation.
Yeah I'm even kind of over things like Terraform.
With Pulumi you can do things like this:
import pulumi import pulumi_aws as aws def make_ec2(name: str): size = 't2.micro' ami = aws.get_ami(most_recent="true", owners=["137112412989"], filters=[{"name":name,"values":["amzn-ami-hvm-*"]}]) group = aws.ec2.SecurityGroup('webserver-secgrp', description='Enable HTTP access', ingress=[ { 'protocol': 'tcp', 'from_port': 22, 'to_port': 22, 'cidr_blocks': ['0.0.0.0/0'] } ]) server = aws.ec2.Instance(name, instance_type=size, vpc_security_group_ids=[group.id], # reference security group from above ami=ami.id) pulumi.export('publicIp', server.public_ip) pulumi.export('publicHostName', server.public_dns) vms = ["test","myvm","things"] for x in vms: make_ec2(x)
You don't need to wait 6 years for the DSL to support for loops or if statements. And you can build in whatever scaffolding you want around it. Want to test your infrastructure? Include the same stuff in a testing suite. It's just much nicer overall.