Efficient Cloud Management Considerations
Cloud computing these days is a standard for IT infrastructure. The cloud environments have a lot of advantages and benefits as compared to on-premises data centers—no need to purchase expensive hardware; companies can pay only for resources they use; capacity is unlimited, on-demand, self-service and flexible, and deployments are just about real-time.
However, such scale and convenience bring a number of challenges. One of the pains is cloud resources management. It's very easy to lose grip on what's happening in your cloud (private cloud, hybrid cloud and public cloud). Who set up a specific resource? Why? Is it in use, and who are the clients? Which identity do clients use to connect to the resource? How do you visualize the cost savings achieved?
If you want to use cloud resources efficiently, make sure you fully address five main areas of cloud management:
- Cost Management
- Regulations Management
- Resources Management
- Identity Management
- Deployment Automation
There are many tools that will help to save money on cloud resources:
Free Tiers/Development Environment Discounts
Watch out for the free tiers or development environment discounts. Those are, in fact, tiny flags, and if you utilize them, you can get up to 50% cost reduction.
Automate the nightly non-production environments shut down. Usually, development environments are not used on weekends, holidays, and evening and night hours – that can be a huge cost saver.
Infrastructures that do not have strict latency SLAs can benefit from using the Spot instances. Discounted idle resources can be purchased for lower prices but might be claimed back by the cloud provider when they need them. Testing flows that are re-runnable may benefit from spot instances greatly.
Hybrid Benefit Discounts
If you have purchased Windows or SQL Server licenses, you can always use them when setting up cloud resources and enjoy Hybrid Benefit discounts.
Storage container sizes are not easy to track. Make sure you know the backups and snapshots costs and set lifecycle policies on volumes containing log files.
Cloud Resources Inventory
It's critical to have an inventory of cloud resources. Make sure to have easy access to the resource purpose information, like who is a resource owner and what is the purpose of the resource.
Enforcing the creation of mandatory tags on each cloud resource can have many benefits and greatly helps to avoid managing manual lists of resources. As soon as we can group resources by team or process, it's easy to regularly evaluate existing resource costs against predefined budgets to note the cost trends.
No matter the area of your business, there are many regulations, laws, and compliance guidelines to follow.
There are a lot of AI services in the Azure cloud that can search for sensitive information in your data store and alert.
It is good to map required policies, regulations, laws, and compliance rules first and convert each into a measurable metric. This can be complicated, but in the end, each metric can be monitored, and you will be able to receive alerts on policy violations.
Here are some examples of regulations management KPIs that can give an idea of what is applicable in your specific case:
- Cost of untagged cloud resources
- The percentage of your infrastructure that is yet not fully patched
- Security rating of your cloud infrastructure, made by some thirds party tools
- Number of systems utilizing encryption
- Number of intrusion attempts
- Security incidents per month
- Number of approved changes deployed to the production vs. number of unapproved changes deployed to production
- Forecast accuracy
- Average time between announcement and implementation of security updates/patches.
It is important to utilize cloud elasticity and avoid static resource capacity. There is no need to provision more resources and keep extra CPU/RAM for workload peaks. This goes against cloud best practices. We can use automation flows that react upon alerts and add more resources when workload growth begins. We should also lower the resources after traffic calms down. Utilizing cloud elasticity is both cost-effective and supports unstable workloads.
Often, we hear how it is essential to consolidate resources to save costs. I like a different approach. For instance, you have two applications, one is frequently spiking and needs more resources to process the workload, and the other is spiking once a day. It is much better to split those applications into different VMs/database instances and fit the capacity accordingly.
Performance boundaries and high-availability requirements for each resource can also be documented using cloud resource tags. Tagging performance boundaries makes it easy to create measurable metrics and monitor them.
Creating KPIs on unutilized resources and visualizing those in infrastructure usage dashboards is an excellent practice in addition to visualizing total usage and costs.
Identity management is one of the most critical and complicated cloud challenges. Many cloud services tend to have internal identity management. For instance, SQL Server DBAs would prefer using SQL Server proprietary logins instead of moving to Azure Active Directory identities. It's important to standardize how identities are used and avoid multiple identities management.
Using Active Directory identities and centralized role management is a key to both developer and application access success. The same identities will be used to access all Azure services, and there is no need to remember passwords for each service. When a developer leaves the company, it's easy to see all permissions he has and transfer those permissions to someone else, as well as drop identities in a single place.
Developers like to set up resources manually. This way, they feel independent and can set up and use the resources immediately. However, manually created resources might have irregular settings, missing tags, and wrong naming conventions.
We should avoid manual resources set up, enforce naming standardization, and automate resources set up using templates. This will ensure that all resources are set up in an aligned way and generate a change management log and resource catalog. This is a great way to audit lifecycles for all resources and ensure no resource was created in a non-standardized way.
Verify that all the above categories are covered to ensure that the cloud costs, infrastructure utilization, and health can be properly governed and controlled.
- Microsoft Azure Cost Optimization Best Practices
- Plan and measure costs
- Azure Virtual Machine (VM) Deployment Best Practices
- How to use the Azure SQL Database DTU Calculator
- Choosing Between Azure General Purpose or Business Critical Tiers
- Amazon Web Services (AWS) Cost Optimization Tools and Tips
- Best practices for optimizing your Google cloud costs
About the author
View all my tips
Article Last Updated: 2022-12-05