Booting an IT project is a process that can be challenging regarding the infrastructure it needs, as well as its growth potential and control mechanisms. However, working with a versatile cloud platform like Microsoft Azure can make these challenges much easier to solve. This article focuses on understanding how Azure can help in deploying, managing, and even monitoring an IT project. The specific attributes that will be discussed, including out-of-the-box solutions, automated deployment, scalability, and monitoring systems, show that Azure offers a good solution for managing a project infrastructure with ease.
How to simplify launching an IT project using a public cloud?
Let's explore the value that Microsoft Azure can provide for a business owner launching an IT project. In this article, I'll focus on just one aspect: the ease of managing the project's infrastructure.
Factors that significantly streamlined my project management process when using Azure:
- A wide range of out-of-the-box solutions.
- Automated application deployment, scalability, and support.
- Flexibility in connecting and disconnecting tools and resources.
- A robust, built-in monitoring system and easy cost control.
- Less programming skills needed to manage the project.
Let's take a closer look at these points.
Starting a new project makes predicting its future scale and development direction challenging. As a business owner, one may seek a solution that enables starting a project with minimal time, effort, and financial investment. Moreover, one may want the flexibility to expand the project’s scale and integrate new tools as needed. For example, adding new databases, performance and system monitoring services, implementing logging, and other horizontal and vertical scaling should be accessible when needed.
A wide range of out-of-the-box solutions
Example requirements discussed during the consulting meeting:
The project is a single page application (SPA) that works on all platforms, including mobile, with communication to the backend (BE) based on GraphQL. Anticipating the growth of microservices on the BE over time, it’s crucial to consider a mechanism for seamless communication between them. This includes implementing a service for queue management and message processing. The application has subscriptions with live updates, requiring configuration of routing for GraphQL subscription requests to the corresponding microservices. Initially, the application uses multiple databases (MongoDB, PostgreSQL, Redis). Security, authentication, and authorization are immediate concerns.
And this is just the beginning. As the project grows, additional requirements will emerge, necessitating out-of-the-box tools for maps, geolocation, image processing, text translation, analysis, etc.
In addition to tools for solving business logic tasks, the project will eventually require the integration of tools for monitoring application performance and availability in real-time, reporting and analytics, access management, cost monitoring, and more.
To sum up, the project will require elements such as:
- hosting,
- queue management and message processing,
- routing and live updates,
- high-performing databases,
- authentication and authorization,
- monitoring, reporting, and analytics tools,
- backup,
- secure storage for sensitive data.
Microsoft Azure provides all the necessary resources to support the functionalities mentioned above. Below are examples of these services.
- Hosting
Azure covers many hosting solutions like Azure Virtual Machines (VMs), Azure App Service (without managing infrastructure), Azure Container Apps (containers), Azure Functions (microservices), and much more. - Queue management and message processing
In Azure Cloud, we can use out-of-the-box solutions such as Azure Queue Storage and Azure Service Bus. These services offer simple and scalable queue management, which is ideal for decoupling application components, handling asynchronous operations, and ensuring reliable message delivery. - Routing and live updates
Azure SignalR Service facilitates real-time data exchange between the client and server. It can be used in any scenario that requires pushing data from server to client in real-time. - High-performing databases
Cosmos DB binding ensures that backend functions are automatically updated in response to changes in the database schema. Additionally, Cosmos DB offers the capability to autoscale the database within a predefined range, allowing it to dynamically adjust its throughput based on the workload. This autoscaling feature ensures optimal performance and cost-efficiency by automatically scaling the database resources up or down according to the set parameters. - Authentication and authorization
Both aspects can be addressed by Azure Active Directory B2C, which offers business-to-customer identity as a service. The integration process is described in the Create a login page for your application with Microsoft Azure Cloud blog post. - Monitoring, reporting, and analytics tools
Azure Monitor provides a comprehensive solution for collecting, analyzing, and acting on telemetry data. Azure Security Center is a unified security management system for strengthening the security posture. Azure Application Insights offers an application performance monitoring and diagnostics service. - Backup
Azure Backup is a cloud-based backup service for protecting data and applications. It enables easy recovery from the Microsoft Azure cloud in the event of a ransomware attack, accidental data loss, or human error. - Secure storage for sensitive data
Azure Key Vault is a service that ensures the secure storage and management of sensitive application information, such as secrets, certificates, and encryption keys, protecting them from unauthorized access.
There are many other tools available. A whole range of ready-made solutions (see below).
Automated application deployment, scalability, and support
All the aforementioned tools can be easily connected and disconnected. Azure Cloud provides a pay-as-you-go model, allowing businesses to pay only for the resources and services they use. This cost-effective approach helps avoid large upfront investments in hardware and infrastructure.
Practice shows that many of the tools and services may not be needed at the beginning of the project. Initially, the architecture is likely to be minimal. However, as the project expands, the number of tools utilized and their capabilities will also grow.
With Azure, one can address this challenge relatively easily.
Azure operates with the concept of a "subscription." Subscriptions are containers for billing and access control purposes. When one creates an Azure subscription, it provides access to Azure services and resources based on the permissions and budget quotas associated with that particular subscription. An Azure subscription is a contract between the user and Microsoft, granting access to various cloud services and needed resources.
Resource and service deployments in Azure can be carried out using GitHub Actions and Azure Resource Manager (ARM) templates with Bicep files. This enables the project and its infrastructure to be replicated in an automated way. Bicep is a declarative language for deploying infrastructure in Azure. GitHub Actions is a CI/CD process automation tool. Azure also supports various other deployment methods, including Azure CLI, PowerShell, and Terraform, which can be useful for different scenarios and preferences.
Using infrastructure as code (IaC) to deploy resources in Azure offers several benefits:
- Consistency: Ensures that all environments are provisioned in a consistent manner.
- Reproducibility: Enables the exact replication of environments, reducing configuration drift.
- Version Control: Infrastructure changes are tracked and versioned, allowing easy rollback to previous states.
- Scalability: Simplifies the management of large-scale environments by automating repetitive tasks.
The process can be summarized in three steps as follows:
Step 1: Create environment branches (e.g. development, staging, production) in the project repository. For each environment, create secrets for your Azure credentials, resource group, and subscriptions.
Step 2: Specify all necessary configurations in Bicep files. These files can use environment variables securely stored in Microsoft Azure Key Vault and GitHub Secrets. Functions within the Bicep can help extract information about parent resources, facilitating dynamic configuration.
As an example, the following Bicep file creates a storage account:
Step 3: Define the order of creating and launching Azure services in the application’s GitHub Actions files. The environment variables used in Bicep files are securely stored in GitHub Secrets and Azure Key Vault. Outputs from actions can be used to pass variables between steps, ensuring a seamless configuration process.
As an example, the following workflow defines the steps to execute the creation of a storage account when a push event is triggered:
Then, upon a specified GitHub event being triggered (e.g. upon the development branch being merged into staging) the project or some part of it can be reconfigured and redeployed in a new environment. Code validation prevents the launch of a broken system and notifies the developer if something goes wrong.
This approach allows for:
- Easy reconstruction of resources with parameters defined in Bicep files. If a resource is accidentally misconfigured, it can be quickly rebuilt to its previous working state, saving time and reducing errors.
- Differentiated configuration per environment. For example, a development environment might use a "Basic" payment plan while a production environment uses a "Premium" plan, both defined in the same Bicep template but with different parameters.
As a result, system expansion, addition of new services, and changes to settings and configurations are all executed through CI/CD changes. This approach reduces the impact of potential human error. Moreover, the larger the system and its infrastructure grow, the more noticeable the benefits of such an approach become.
No matter how big and complex the system is, and no matter how many environments get deployed, each one of them can be launched in an automated way. More details can be found on the official page.
Flexibility in connecting and disconnecting tools and resources
In practice, there are always business logic tools and services that may need to be integrated into the project later on. Additionally, infrastructure-related services might need to be seamlessly added or removed. Reasons for these changes include experimentation, system monitoring, cost optimization, and more.
Azure facilitates these changes with its robust suite of built-in features designed to streamline project management and infrastructure optimization. One notable capability is Azure's automatic pausing or deallocation of unused resources, a feature that optimizes costs by ensuring that resources are only active when needed. This proactive cost management approach helps organizations avoid unnecessary expenses and maintain budgetary control.
Moreover, Azure's intuitive interface and extensive library of pre-configured services make it easy to seamlessly integrate new tools and services into existing projects. Whether it's deploying a new database service for experimentation or adding a monitoring solution for enhanced system visibility, Azure provides the flexibility and scalability to meet evolving project requirements.
Furthermore, Azure's support for infrastructure as code (IaC) simplifies the deployment and management of resources through code-based configurations. This allows for the quick and repeatable provisioning of infrastructure components using Bicep files, ensuring consistency and reducing the risk of configuration errors.
In the event of a misconfigured resource, Azure's rollback capabilities enable quick remediation by reverting to previously defined parameters stored in Bicep files. This streamlined process minimizes downtime and accelerates troubleshooting efforts, ultimately reducing human error and enhancing overall system reliability.
By leveraging Azure's comprehensive set of built-in features, organizations can effectively adapt to new requirements, optimize resource utilization, and maintain operational efficiency throughout the project lifecycle.
A robust built-in monitoring system and easy cost control
Once the system deployment and expansion process is clear, the next question directed to Azure is: How to control this process?
From my perspective, one of the most crucial aspects is cost control. And here, everything is straightforward. Azure Cloud offers a range of tools and methods that enable clear monitoring of resource usage and effective financial management.
Azure Cost Management and Billing is the primary tool provided by Azure that allows for monitoring and expense analysis. It generates reports and alerts about exceeding budgets. Moreover, Azure Advisor provides recommendations for optimizing resource usage. It is possible to create budgets, setting limits for expenditures over a specified period, and so on.
Then, experimenting with services allows for a clear view of their costs, enabling expense optimization based on the obtained data.
Similarly, there is a range of tools for monitoring systems, collecting metrics, logging, monitoring application and service performance and availability, notifications, etc. It's all nicely visualized.
Less programming skills needed to manage the project
Users do not need to be coders to use many of the aforementioned capabilities. Much can be achieved using the Azure UI platform and dashboard. Users can find detailed instructions in the Azure portal sections and documentation.
For example, below is the documentation on how to manage Azure resource groups from the portal (while other sections primarily focus on developers automating processes):
Azure's user-friendly interface and management tools make it accessible for employees with limited coding expertise. Resources can be efficiently managed and monitored without extensive coding skills. This significantly simplifies work, reducing dependence on programmers. Moreover, Azure supports a wide range of programming languages, frameworks, and development tools, providing additional flexibility.
Azure’s unmatched benefits for every project
To sum up, Azure offers many benefits for projects of all sizes. Its pay-as-you-go model ensures cost efficiency, allowing precise resource allocation. The platform's scalability seamlessly accommodates growth or fluctuations in project demands. With a wide range of services, Azure provides flexibility, enabling customization to meet specific project needs. Its user-friendly tools make it a versatile and future-ready choice, empowering projects with efficiency, reliability, and agility.
The highlights above provide an overview of Azure Cloud's benefits. I’ve shared just a few ideas that come to mind when running a project on Azure. If you're unsure about the best approach for your project, feel free to reach out to discuss the full potential of Azure Cloud.