We’ve all heard of scaffolding – used to support people and materials to aid in the maintenance and repair of structures using firm anchor points to get to areas that would be otherwise hard to get to. The term is well known in the construction world but why would a Managed Services Provider be interested in it and what has it got to do with the public cloud?
Similar to requiring sturdy scaffolding prior to constructing a building, the key to good cloud design is to establish a strong framework prior to deploying your solutions. A strong framework provides a solid foundation for building and scaling out your services whilst ensuring you remain flexible enough to meet those ever more dynamic environments. This is called governance.
Governance can be thought of as a means of consistently managing and monitoring your Azure resources. You can set your governance criteria in line with the goals and requirements of your organisation. Leveraging tools such as role-based access control (RBAC), resource policy and platform capabilities, Azure allows customers to scale and ensure consistency across the platform to make sure your organisation governance is achieved and there is optimum security across your resources.
So, let’s think about building an Azure scaffold. My recommendation would be to approach your build with infrastructure-as-code in mind. Think of this as a repeatable design, one that would allow for automation, less human error, a more secure platform, and lower costs to deploy as less engineers are involved. Without this, each deployment is slightly unique, and each environment must be maintained individually due to their inconsistencies.
We can use Azure Resource Manager (ARM) templates to build out our Resource Groups, Network, and Storage resources so we can have a core reference model for our infrastructure using strict naming conventions. We can then use these to deploy the new resource immediately without changing any of the existing configuration or impacting any of the services. Doing it this way ensures minimum governance of an organisation without limitation of Administrator and Developer Staff with more traditional and agile workloads.
The below image outlines the core components of the Azure scaffold. The scaffolding starts with a solid base where you have your subscription and resource groups. This is built on using Resource Manager policies and consistent naming conventions across all your resources. The remainder of the scaffold utilises Azure features that allow you to secure, connect and manage your environment such as identity and access management and security. From here you can build on your fundamental framework to implement your applications.
Azure tagging works hand in hand with the Azure scaffold by allowing you to keep track of events, costs, and resource optimisation. Tagging your resources with a unique tag forms part of the identifier of the associated project or application therefore enabling a granular way of collectively reporting on your resources attributed to their tag.
The benefits of using the Azure scaffold as a foundation of each new subscription in Azure guarantees agreed governance requirements are met, and all business groups have the minimum requirements for their teams. This contributes towards a more streamlined increase in cloud footprint for organisations, allowing for efficient scaling and meeting increased IT demands.
Azure done right first time saves time in the long run, and ensures that your platform is built securely, consistently and with governance in mind. When designing your infrastructure remember this: unsafe scaffolding has the potential to result in accidents and upset SysAdmins. Don’t drink and scaffold.
Microsoft have since released the Cloud Adoption Framework (CAF) which is designed to help enterprises at any level and stage of cloud adoption move forward in the best way whilst considering governance, cost management and security baseline as essential steps. N4Stack are closely aligned to helping our customers achieve the standards set out by the CAF as discussed in our blog post ‘A Beginners Guide to Microsoft’s Cloud Adoption Framework‘.
Jared joined the cloud team over 3 years ago and since then he’s been heavily involved in both public and private cloud deployments.
Whether you’re in need of some Azure attention or VMware magic, Jared’s the man to call!
To find out more about Jared click here.