We recently chatted with Ben V., Network & Communications Specialist at a global company, about how his team uses ParkMyCloud for Azure cloud management.
Hi Ben, thanks for chatting with us. So tell me about what you and your team do within the company.
I’m a Network & Communications specialist on a team of four. We manage the infrastructure that end developers throughout the company use. For us, that’s Microsoft Azure.
So what made you realize there was an Azure cloud management need in your organization?
When I started working here, I saw that the Azure environment was running 24×7, including development resources. Specifically, we’re using Microsoft Dynamics which comes with a hefty parameter that uses a lot of resources.
When I saw the high bill, at first I actually looked to see what Azure offers. Azure does offer a piece of it. You can log in and shut down the servers. You can set schedules to shut down machines, but they often wouldn’t turn back on, you have to manually turn them back on. And not all our developers have permissions to go into Azure to turn on and off the servers.
So, I started looking for a solution to solve this problem. A friend of mine who I have worked with over the years told me about ParkMyCloud, so I looked into it and started a trial. I looked around at other solutions, and to me, this one just stood out as the best solution to the problem.
What was your initial experience using ParkMyCloud like?
Once I got it set up, we saved more than $6,000 the first month alone just by being able to turn off all of the servers that were constantly running during weekends and at night on weekdays when a lot of the developers weren’t even touching it or using it.
And then we gave developers access to override schedules during the weekend in case they needed to work. That was even better because when they had to ask permission it would cut into my time as well.
How much are you saving using ParkMyCloud?
We have been using ParkMyCloud for over a year now, and we’ve saved about $75,000. The great thing is, it’s a very reasonable cost for us for a huge amount of savings.
What other benefits have you gained while using the product?
We hit the jackpot due to the fact that it gave us the ability to set schedules and the ability to assign different developers to teams so they can log in and can override a schedule for 12 hours or whatever they need it for. Now we’re not having to constantly log into the Azure environment and deal with it that way. It saves my time.
It makes it easier to deal with the developers to save costs. We have some third-party developers, and it’s nice to be able to separate their permissions and give them access to as few servers as possible. We have a global employee base, so we set schedules based on developers’ locations. Most of our staff schedules for resources to run only Monday to Friday, 7 am to 7 pm on average, and off nights and weekends.
Through ParkMyCloud’s utilization data and recommendations, we also found environments running that hadn’t been accessed in weeks, so we turned those off right away.
Are you using anything else for Azure cloud management?
No, we haven’t found the need for any tools in addition to ParkMyCloud.
Do you have any other feedback for us?
The product is great! Anyone I know that is using Azure, I always tell them about the product. It’s such a great way to save money and for the overall cost – you can’t beat it.
Your team has also been very easy to work with and customer service has always been great. I’ve done different types of IT through the years and I can tell you, customer service can go a long ways, so that’s a big plus.
Interested in getting the same time and money savings Ben did? Check it out with a free trial of ParkMyCloud.
Among the many ways to purchase and consume Azure resources are Azure low priority VMs. These virtual machines are compute instances allocated from spare capacity, offered at a highly discounted rate compared to “on demand” VMs. This means they can be a great option for cost savings – for the right workloads. And we love cost savings! Here’s what you need to know about this purchasing option.
How Azure Low Priority VMs Work
The great part about these virtual machines is the price: it’s quite attractive with a fixed discount of 60-80% compared to on-demand. The “low priority” part means that these VMs can be “evicted” for higher priority jobs, which makes them suitable for fault-tolerant applications such as batch processing, rendering, testing, some dev/test workloads, containerized applications, etc.
Low priority VMs are available through Azure Batch and VM scale sets. Through Azure Batch, you can run jobs and tasks across compute pools called “batch pools”. Since batch jobs consist of discrete tasks run using multiple VMs, they are a good fit to take advantage of low priority VMs.
On the other hand, VM scale sets scale up to meet demand, and when used with low priority VMs, will only allocate when capacity is available. To deploy low priority VMs on scale sets, you can use the Azure portal, Azure CLI, Azure PowerShell, or Azure Resource Manager templates.
When it comes to eviction, you have two policy options to choose between:
- Stop/Deallocate (default) – when evicted, the VM is deallocated, but you keep (and pay for) underlying disks. This is ideal for cases where the state is stored on disks.
- Delete – when evicted, the VM and underlying disks are deleted. This is the recommended option for auto scaling because deallocated instances are counted against your capacity count on the scale set.
Azure Low Priority VMs vs. AWS Spot Instances
So are low priority VMs the same as AWS Spot Instances? In some ways, yes: both options allow you to purchase excess capacity at a discounted rate.
However, there are a few key differences between these options:
- Fixed vs. variable pricing – AWS spot instances have variable pricing while Azure low priority VMs have a fixed price as listed on the website
- Integration & flexibility – AWS’s offering is better integrated into their general environment, while Azure offers limited options for low priority VMs (for example, you can’t launch a single instance) with limited integration to other Azure services.
- Visibility – AWS has broad availability of spot instances as well as a Spot Instance Advisor to help users predict availability and interruptibility. On the other hand, Azure has lower visibility into the available capacity, so it’s hard to predict if/when your workloads will run.
Should You Use Azure Low Priority VMs?
If you have fault-tolerant batch processing jobs, then yes, low priority VMs are worth a try to see if they work well for you. If you’ve used these VMs, we’re curious to hear your feedback. Have you had issues with availability? Does the lack of integrations cause any problems for you? Are you happy with the cost savings you’re getting? Let us know in the comments below.
With a growing demand for Microsoft Azure, there’s never been a better time to seize the opportunity to learn the platform with free Azure training resources. Whether you’re an AWS expert looking to expand your cloud expertise or just getting started in your cloud computing career, there’s a training resource for every experience level and learning type. Jump in with our list of 5 free Azure training resources:
1. Microsoft Azure
The most obvious resource for free Azure training is the source itself. Microsoft does a great job of providing virtual courses, hands-on training, and documentation for users with a range of experience:
- Get hands on and learn on the go with an Azure free account. It’s free to sign up and $200 credit is yours to spend in the first 30 days. That’s a month of free exploration to “test and deploy enterprise apps, create custom mobile experiences, and gain insight from your data.”
- And for those who enjoy some light reading, there’s Microsoft Azure Documentation. Jump in and start learning with quickstarts, samples, and tutorials.
YouTube had to make the list. The mecca of free videos makes it easy to channel surf your way through a variety of Azure training videos. Some of the most popular channels for free Azure training include:
- Microsoft Azure (69,871 subscribers) offers demos, technical insights, and training videos.
- Cloud Ranger Network (19,594 subscribers) accompanies a popular blog on all things Microsoft Azure, making it a great resource for supplemented learning with both video and text.
- Azure DevOps (3,256 subscribers) deserves a nod as a great niche channel for developers looking to make use of Azure’s developers services.
If anyone knows Azure – it’s GitHub. The world’s leading development platform is all about open source learning, building, and project management in a community of 28 million developers. And in an effort to make Azure the leading cloud for developers, Microsoft acquired GitHub earlier this year, making it likely that the platform will become even more rich in free Azure training. Get started on the Microsoft Azure page.
Bloggers offer new insights, ideas, and the latest on all things cloud computing – if you know where to look. CloudRanger.net is solely-focused on Microsoft Azure, along with the previously mentioned YouTube channel. Microsoft has their own Azure blog, of course. But for a more well-rounded blog with additional content on AWS and Google Cloud Platform, check out Cloud Academy.
Founded by Harvard University and MIT, EDx is a massive online course provider. Take advantage of free online university-level courses and be on your way to earning professional certifications. Azure course topics include databases, security, cosmos DB, and more.
Take Advantage of These Free Azure Training Resources
With no end in sight for cloud computing and a bright future ahead for Microsoft – free Azure training is both abundant and rewarding. We picked our top 5 resources for their reliability, quality, and range of information. Whether you’re new to Azure or consider yourself an expert, these resources will get you on the right foot.
New in ParkMyCloud: we’ve released integrations with chat clients Google Hangouts and Microsoft Teams to make cloud server monitoring easier and integrated into your day. Now, ParkMyCloud users can get notifications when their resources are about to turn on or off, when a user overrides a schedule, and more.
We created these integrations based on popular demand! ParkMyCloud has had a Slack integration since last summer. Now, we’re encountering more and more teams that set themselves up as pure Google or pure Microsoft shops, hence the need. If your team only uses Google tools – Google Cloud Platform for cloud, Google OAuth for SSO, and Google Hangouts for chat — you can use ParkMyCloud with all of these. Same with Microsoft: ParkMyCloud integrates with Microsoft Azure, ADFS, and Microsoft Teams.
ParkMyCloud notifications in Google Hangouts – note the “view resource” link will take you straight to the resource in ParkMyCloud
Here’s what actions ParkMyCloud admins can get notified on through a chat client for better cloud server monitoring:
- Resource Shutdown Warning – Provides a 15-minute warning before an instance is scheduled to be parked due to a schedule or expiring schedule override.
- User Actions – These are actions performed by users in ParkMyCloud such as manual resource state toggles, attachment or detachment of schedules, credential updates, etc.
- Parking Actions – These are actions specifically related to parking such as automatic starting or stopping of resources based on defined parking schedules.
- Policy Actions – These are actions specifically related to configured policies in ParkMyCloud such as automatic schedule attachments based on a set rule.
- System Errors – These are errors occurring within the system itself such as discovery errors, parking errors, invalid credential permissions, etc.
- System Maintenance and Updates – These are the notifications provided via the banner at the top of the dashboard.
There are a few ways these can be useful. If you’re an IT administrator and you see your users toggling resource states frequently, the notifications may help you determine the best parking schedule for the users’ needs.
Or let’s say you’re a developer deep in a project and you get a notification that your instance is about to be shut down — but you still need that instance while you finish your work. Right in your Microsoft Teams window, you can send an override command to ParkMyCloud to keep the instance running for a couple more hours.
ParkMyCloud notifications in Microsoft Teams
These integrations give ParkMyCloud users a better perspective into cloud server monitoring, right in the same workspaces they’re using every day. Feedback? Comment below or shoot us an email – we are happy to hear from you!
P.S. We also just created a user community on Slack! Feel free to join here for cloud cost, automation, and DevOps discussions.
When companies move from on-prem workloads to the cloud, common concerns arise around costs, security, and cloud user management. Each cloud provider handles user permissions in a slightly different way, with varying terminology and roles available to assign to each of your end users. Let’s explore a few of the differences in users and roles within Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, and Alibaba Cloud.
AWS IAM Users and Roles
AWS captures all user and role management within IAM, which stands for “Identity and Access Management”. Through IAM, you can manage your users and roles, along with all the permissions and visibility those users and service accounts have within your AWS account. There are a couple different IAM entities:
- Users – used when an actual human will be logging in
- Roles – used when service accounts or scripts will be interacting with resources
Both users and roles can have IAM policies attached, which give specific permissions to operate or view any of the other AWS services.
Azure utilizes the RBAC system within Resource Manager for user permissions, which stands for “Role Based Access Control”. Granting access to Azure resources starts with creating a Security Principal, which can be one of 3 types:
- User – a person who exists in Azure Active Directory
- Group – a collection of users in Azure Active Directory
- Service Principal – an application or service that needs to access a resource
Each Security Principal can be assigned a Role Definition, which is a collection of permissions that they can utilize to view or access resources in Azure. There are a few built-in Role Definitions, such as Owner, Contributor, Reader, and User Access Administrator, but you can also create custom role definitions as well depending on your cloud user management needs. Roles may be assigned on a subscription by subscription basis.
Google Cloud Platform IAM
Google Cloud Platform also uses the term IAM for their user permissions. The general workflow is to grant each “identity” a role that applies to each resource within a project. An identity can be any of the following:
- Google account – any user with an email that is associated with a Google account
- Service account – an application that logs in through the Google Cloud API
- Google group – a collection of Google accounts and service accounts
- G Suite domain – all Google accounts under a domain in G Suite
- Cloud Identity domain – all Google accounts in a non-G-Suite organization
Roles in Google Cloud IAM are a collection of permissions. There are some primitive roles (Owner, Editor, and Viewer), some predefined roles, and the ability to create custom roles with specific permissions through an IAM policy.
Alibaba Cloud RAM
Alibaba Cloud has a service called RAM (Resource Access Management) for managing user identities. These identities work in slightly different ways than the other cloud service providers, though they have similar names:
- RAM-User – a single real identity, usually a person but can also be a service account
- RAM-Role – a virtual identity that can be assigned to multiple real identities
RAM users and roles can have one or more authorization policies attached to them, which in turn can each have multiple permissions in each policy. These permissions then work similarly to other CSPs, where a User or Role can have access to view or act upon a given resource.
Cloud User Management – Principles to Follow, No Matter the Provider
As you can see, each cloud service provider has a way to enable users to access the resources they need in a limited scope, though each method is slightly different. Your organization will need to come up with the policies and roles you want your users to have, which is a balancing act between allowing users to do their jobs and not letting them break the bank (or your infrastructure). The good news is that you will certainly have the tools available to provide granular access control for your cloud user management, regardless of the cloud (or clouds) you’re using.
In our ongoing discussion on cloud waste, we recently talked about orphaned resources eating away at your cloud budget, but there’s another type of resource that’s costing you money needlessly and this one is hidden in plain sight – overprovisioned resources. When you looked at your initial budget and made your selection of cloud services, you probably had some idea of what resources you needed and in what sizes. Now that you’re well into your usage, have you taken the time to look at those metrics and analyze whether or not you’ve overprovisioned?
One of the easiest ways to waste money is by paying for more than you need and not realizing it. Here are 6 types of overprovisioned resources that contribute to cloud waste.
As a rule of thumb, it’s a good idea to delete volumes that are not attached to instances or VMs. Take the example of AWS EBS volumes unattached to EC2 instances – if you’re not using them, then all they’re doing is needlessly accruing charges on your monthly bill. And even if your volume is attached to an instance, it’s billed separately, so you should also make a practice of deleting volumes you no longer need (after you backup the data, of course).
Underutilized database warehouses
Data warehouses like Amazon Redshift, Google Cloud Datastore, and Microsoft Azure SQL Data Warehouse were designed as a simple and cost-effective way to analyze data using standard SQL and your existing Business Intelligence (BI) tools. But to get the most cost savings benefits, you’ll want to identify any clusters that appear to be underutilized and rightsize them to lower costs on your monthly bill.
Underutilized relational databases
Relational databases such as Amazon RDS, Azure SQL, and Google Cloud SQL offer the ability to directly run and manage a relational database without managing the infrastructure that the database is running on or having to worry about patching of the database software itself.
As a best practice, Amazon recommends that you check the configuration of your RDS for any idle DB instances. You should consider a DB instance idle if it has not had a connection for a prolonged period of time, and proceed by deleting the instance to avoid unnecessary charges. If you need to keep storage for data on the instance, there are other cost-effective alternatives to deleting altogether, like taking snapshots. But remember – manual snapshots are retained, taking up storage and costing you money until you delete them.
We often preach about idle instances and how they waste money, but sizing your instances incorrectly is just as detrimental to your monthly bill. It’s easy to overspend on large instances or VMs that are you don’t need. With any cloud service, whether it’s AWS, Azure, or GCP, you should always “rightsize” your instances and VMs by picking the instance size that is optimized for the size of your workload – be it compute optimized, memory optimized, GPU optimized, or storage optimized.
Once your instance has been running for some time, you’ll have a better idea of whether not the chosen size is optimal. Review your usage and make cost estimates with AWS Management Console, Amazon CloudWatch, and AWS Trusted Advisor if you’re using AWS. Azure users can review their metrics from Azure Monitor data, and Google users can import GCP metrics data for GCP virtual machines. Use this information to find under-utilized resources that can be resized to better optimize costs
Application containerization allows multiple applications to be distributed across a single host operating system without requiring their own VM, which can lead to significant cost savings. It’s possible that developers will launch multiple containers and fail to terminate them when they are no longer required, wasting money. Due to the number of containers being launched compared to VMs, it will not take long for container-related cloud waste to match that of VM-related cloud waste.
The problem with controlling cloud spend using cloud management software is that many solutions fail to identify unused containers because the solutions are host-centric rather than role-centric.
Idle hosted caching tools (Redis)
Hosted caching tools like Amazon ElastiCache offer high performance, scalable, and cost-effective caching. ElastiCache also supports Redis, an open source (BSD licensed), in-memory data structure store, used as a database, cache and message broker. While caching tools are highly useful and can save money, it’s important to identify idle cluster nodes and delete them from your account to avoid accruing charges on your monthly bill. Be cognizant of average CPU utilization and get into the practice of deleting the node if your average utilization is under designated minimum criteria that you set.
How to Combat Overprovisioned Resources (and lower your cloud costs)
Now that you have a good idea of ways you could be overprovisioning your cloud resources and needlessly running up your cloud bill – what can you do about it? The end-all-be-all answer is “be vigilant.” The only way to be sure that your resources are cost-optimal is with constant monitoring of your resources and usage metrics. Luckily, optimization tools can help you identify and automate some of these best practices and do a lot of the work for you, saving time and money.