One day, all IT services will run serverless and we will not have private datacenters. Until this day comes, we – IT people – still need to sharpen our OnPrem skills. And like any kid, we learn by experimentation. In many cases, it is not very easy to build a decent lab to play with new options. I am talking about these 2 GB of memory you assigned to SQL in the lab!
I used to create labs on my laptop, then I fell in love with a thin, silent, and touchy one. And now I only have 16GBs of RAM and far less than adequate storage for a decent lab. Luckily Azure rescued me, and in this post, I will teach you how it can save you too with one powerful VM that can cover all your OnPrem lab needs.
Habit 1. Go large
Not all VMs are created equal, and you will need a VM that can run Hyper-V. This is called nested virtualization. On Azure, only specific VM sizes can do so.
Possible families include General Purpose D, Memory optimized E & M, and compute optimized F. For specifics look Azure compute unit article.
My personal preference is the Dsv3 machines, you may have a different taste depending on your specific workload. My current one is a D32s_v3, this means 32 CPUs and 128 GBs of RAM.
As for the disk, I picked the P30 managed disk. That is a premium SSD disk, 1TB, 5k IOPS, and 200MB/second.
Habit 2. Pay little
I know the mentioned specs for the VM and disk might worry you about your wallet. And it worried me too, until Azure announced Spot Instance for VMs. These are VMs without an SLA, they run using the spare capacity in Azure’s datacenters and may be turned off with just a 30s of notice. However, you get a deep discount. Deep enough to allow using such a large VM size for a lab.
In addition, the location of your VM can make it cheaper. East US is cheaper than West Europe for example. A hundred more milliseconds of latency is worth it, specially if you are not running GPU related applications.
Here is an example for the D32s_v3 in East US (with Azure Hybrid Benefits applied),
|Payment method||Cost per hour||Cost per Month||Cost per year|
|Pay as you go||$1.54||$1,121.28||$13,455.36|
|1 year reserved||$0.92||$668.67||$8,023.98|
|3 year reserved||$0.59||$430.39||$5,164.68|
As you can see, Spot Instance is the clear winner if you don’t care about your lab being shutdown (almost) without a notice.
But that’s not all, you can also configure Azure to automatically shutdown your VM at a specific time, 5 PM for example. For PAYG and Spot Instance this saves even more.
Let’s assume you use your lab on weekdays, from 9:00 AM to 5:00 PM.
|Payment method||Cost per day (8 hours)||Cost per month|
(22 working days)
|Cost per year|
|Pay as you go||$12.29||$270.34||$3,194.88|
Again, Spot Instance is, by far, the most economic.
Remember that you also pay for storage in Azure. I recommend selecting the [small disk] option for the OS Disk, for the storage volume I personally went for the P30, a smaller one would work but with performance hit. There is also an option to reserve the disk starting at P30, bringing it from $135.17 to $128.42 per month.
This adds to a total of $179.92 per month for the D32s_v3 Spot Instance with the P30 reserved. You can cut this down by going for the P20 (512 GB) at $73.22 per month. Worried that this is not enough space for your labs? Keep reading.
Habit 3. Declutter your life
Spin up a few labs, jump between projects, and add in the need to keep some lab offline for a while. You will quickly run out of space. Luckily, Windows Server has offered deduplication built into the OS since Windows Server 2012 R2 with massive improvements added over the years. In 2019 we get deduplication for large files, ReFS, VHDs. Making it possible to save up to 95% of that precious disk space.
For maximum performance I also enable read and write caching on the data disk.
Habit 4. Be easy to access
Once your VM is up and running, it is time to plan for connectivity of your labs into the Internet. There are multiple options,
|Create a NAT virtual network switch||See this guide||Very simple setup||Cannot control IP Address No full DNAT or SNAT|
|Use RRAS routing||Install RRAS role and enable NAT||Can control IP Address Can provide full DNAT or SNAT||Not a fully configurable router|
|Use RRAS plus vyOS||Install RRAS on root and vyOS on a VM.||Granular control over routing and NAT. With multiple vyOS VMs we can also build active-active gateways.||Most complex to implement|
Habit 5. Don’t let anyone in
No one likes to leave their doors open 24/7. And Azure will raise a big flag if you allow public access into RDP port (3389) for a good reason, it is a sure way to get your VM attacked. For that Azure provides Just In Time access as part of Security Center. JIT allows only your current public IP address to reach port 3389 on the VM’s public IP Address. This comes at a monthly cost and is bundled with lots of more advanced features to protect your VM.
If you don’t need the extra security offered with Azure Security Center, you can manually change the allowed IP Address on the NSG. Or create a PowerShell script to automate that for free.
Habit 6. Be quick and expected
Now that you have your lab up and running, as a general advice for all labs, use templates as much as possible. You may need to create more than a few VMs per day, waiting for installation from an ISO image and latest updates, basic settings, etc… would waste a lot of time. Unless you really enjoy staring at progress bars try to use templates as much as possible. I use the below steps,
- Install OS on a new VM with latest updates
- Basic settings and apps (Think new edge browser)
- Create snapshot with desired settings
- Sysprep and shutdown
- Create snapshot after sysprep
- Export sysprepped snapshot as a new VM and use it for future VMs
I do not use differencing disks since I am already using deduplication at the disk level and don’t need to save more space!
Habit 7. Automate and iterate
Finally, and probably most important, use PowerShell to automate any repeating steps. This will save you time and ensure you don’t have to rediscover your way with each new VM. Moreover, enhance your snippets overtime making them more powerful. You might end up with complete scripts or your own modules, and that is a good thing!
There you have it, a fully capable Azure VM for all your On-Premises scenarios. I have some plans for a few detailed posts on some of the habits. Please share your comments on which areas would be of interest to you.