RSS
 

Azure Best Practice Policies

This article discusses the best practice policies for Azure accounts in VMware Aria Cost.

Financial Governance

Budget and Cost Trend Monitoring

Set a budget for Azure and compare how your monthly spend is tracking with reference to that budget. VMware Aria Cost customers can configure the policy to evaluate when MTD Actual Cost is within their budget, or when MTD Projected Cost is expected to exceed the budget.

Example: If MTD Cost > 100% of budget, then send email notification

Sample Over Budget Policy: This policy alerts stakeholders when the projected cost for the month is expected to be above the originally specified budget by a certain threshold. Use it to track your actual spend in comparison to your allocated budget.

Variants

  • Use Perspectives. For example, if projected MTD for Production spend is more than 100% of budget, send an email notification.
  • Compare the MTD Actual Cost with the budget.

Other Sample Policies for Cost Trends

  • If total cost increased by more than 40% in one week, send notification.
  • If the total projected cost of your Azure assets will exceed the cost in the previous billing period.
  • The total cost of your Azure assets has exceeded the cost in the previous billing period.

Identify Offending Services

You can have greater control over your costs by benchmarking the cost of each Azure service month over month. If you have a large number of assets, this task can get overwhelming. Therefore, we recommend managing by exception. Start by identifying those services that changed by more that 20%.

Sample Service Cost Increase Policy: This policy alerts stakeholders when the Total Cost of your Azure bill increases by more than a certain percentage within the specified time interval.

Variants:

  • Limit this policy to certain Azure Service Types, for example, Storage Accounts.
  • Leverage Perspectives. For example, send an alert when the Total Costs for the virtual machines increase by 20% over 1 month.

Identify Offending Groups

When your cloud costs are rising, it is critical to proactively identify cost variances by the offending functional business group.

Examples

  • The monthly cost for any environment is projected to increase by more than 10% compared to the previous month.
  • The actual monthly cost for any environment has increased more than 10% compared to the previous month.
  • The projected monthly cost for any department will exceed the budget by more than 5%.
  • The actual monthly cost for any department has exceeded the budget by more than 5%.

Sample Group Cost Increase Policy: This policy alerts stakeholders when the development environment costs exceeds a specific ($) amount. Use this policy to control or monitor month-over-month costs for a single service or across all services.

Virtual Machine Cost Monitoring

Monitor your virtual machine costs and send notifications when your VM costs increase or decrease by a certain amount or cross an absolute threshold.

Examples

  • If monthly VM Total Cost crosses an absolute threshold of $6000.
  • If monthly VM Total Cost increases by 20%.
  • If monthly VM Total Cost decreases by 30%.

Sample VM Over Budget Policy: This policy alerts stakeholders when the monthly VM Total Cost increases by a specific percentage.

Variant:

  • Add different rules that capture other metrics such as utilization, configuration, or performance.
  • Add a filter to limit the rule to a specific machine series or reservation type.

Operational Governance

Identify and Terminate Zombie Virtual Machines

Zombie virtual machines are running virtual machines that are idle, most likely forgotten, and costing you money. Identify VMs that are running with a daily average CPU rate lower than 10% for 2 weeks in a row and Network I/O less than 5 MB for 4 or more days. If you want to be more specific, isolate instances based on their instance type.

Example: F-series VMs (compute optimized) that have a Maximum CPU less than 10% for the last 14 days are most likely to be running idle and are good candidates to be terminated.

Sample Zombie VM Identifying Policy: This policy identifies VM series compute optimized (e.g., F series) that have a low average CPU % and sends a notification.

In addition, by leveraging VMware Aria Cost Perspectives, you can run this policy against specific non-production environments.

Variant: Add different rules that capture other performance metrics such as network traffic.

Identify and Terminate Zombie Disks

When a virtual machine is deleted in Azure, any disks attached to the VM aren’t automatically deleted, costing you money.

Example: Identify disks that have been unattached for more than 2 weeks and terminate them after confirming that they do not contain critical data.

Sample Zombie Disk Identifying Policy: This policy identifies unattached disks and sends a notification to a user who can review the disk and determine whether to delete it.

Identify and Delete Old Snapshots

These are old snapshots that have crossed a certain age threshold. Old snapshots can become a legal liability.

Example: Identify snapshots that are older that a specified time period.

Sample old Snapshot Identifying Policy: This policy sends a notification when it identifies potential zombie VM snapshots that older than 6 months.

VM Scheduling (Lights On/Lights Off)

Not all Virtual Machines are in use 24x7x365, especially those outside of production. These VMs can be periodically shut down to reduce cost.

Sample Lights on/Lights off Policy: Turns off development environment over the weekend.

Locate Unattached IP Addresses

A network interface (NIC) is the interconnection between an Azure Virtual Machine (VM) and the underlying software network. A VM has one or more NICs attached to it depending on the VM size.

You can manage NICs as objects that are decoupled form the VM. When you delete a VM, the NIC object remains unattached and its settings persist, including the Public IP Address that is associated with it, subnets, and Network Security Groups.

Sample Unattached NIC Identifying Policy: This policy sends a notification when unattached IP addresses are detected in your Azure infrastructure. You can use the notifications to determine whether you want to retain the unattached NICs.

Variant: Add different conditions that capture other performance metrics such as network traffic.

Identify VMs on Unapproved Operating Systems

The price per server fluctuates depending on the operating system (OS) or license used. Identify virtual machines that are running on an unapproved OS.

Sample Unapproved OS Policy: This policy sends a notification when a VM runs on an unapproved OS.

Variant: Change the filter to identify VMs running on old generation VM types.

check-circle-line exclamation-circle-line close-line
Scroll to top icon