Microsoft Azure

Cost Optimization - Operate

Created by: Luke Murray (https://linktr.ee/lukemurray)

Version: 1.0
 Review

Keep within the cost constraints Aim for scalable costs

Every design choice has cost implications. Before choosing A key benefit of the cloud is the ability to scale
an architectural pattern, Azure service, or a price model dynamically. The workload cost should scale linearly with
for the service, consider the budget constraints set by the demand. You can save cost through automatic scaling.
company. As part of design, identify acceptable boundaries Consider the usage metrics and performance to determine
on scale, redundancy, and performance against cost. After the number of instances. Choose smaller instances for a
estimating the initial cost, set budgets and alerts at highly variable workload and scale out to get the required
different scopes to measure the cost. One of cost drivers level of performance, rather than up. This choice will
can be unrestricted resources. These resources typically enable you to make your cost calculations and estimates
need to scale and consume more cost to meet demand. granular.

Pay for consumption Right resources, right size

Adopt a leasing model instead of owning infrastructure. Choose the right resources that are aligned with business
Azure offers many SaaS and PaaS resources that simplify goals and can handle the performance of the workload. An
overall architecture. The cost of hardware, software, inappropriate or misconfigured service can impact cost.
development, operations, security, and data center space For example, building a multi-region service when the
included in the pricing model. service levels don't require high-availability or geo-
Also, choose pay-as-you-go over fixed pricing. That way, as redundancy will increase cost without any reasonable
a consumer, you're charged for only what you use. business justification.
Certain infrastructure resources are delivered as fix-sized
Monitor and optimize building blocks. Ensure that these blocks are adequately
sized to meet
Treat cost monitoring and optimization as a process, rathercapacity demand, deliver expected
than a point-in-time
performance
activity. Conduct regular cost reviews and measure withoutthe
and forecast wasting resources.
capacity needs
so that you can provision resources dynamically and scale with demand. Review the
cost management recommendations and take action.
 Monitor & Optimize

Monitor and optimize

Treat cost monitoring and optimization as a process, rather than a point-in-time activity.
Conduct regular cost reviews and measure and forecast the capacity needs so that you can
provision resources dynamically and scale with demand. Review the cost management
recommendations and take action.

Review Underutilized Resources Review Budgets

Review unused files and VHDs Review Billing Tags

Review unused Public IPs Review Backups

Review Storage Accounts Review HUB

Review Azure Reserved Instances

 Review Underutilized Resources

Review Underutilized Resources

Optimize and improve efficiency by identifying idle and underutilized resources
across the Azure ecosystem.

Review Azure App Service Plans Review Azure Advisor

Review Azure App Service Plans to determine if: The Azure Advisor is an inbuilt tool that is critical to optimising the Azure
1. The Azure App Service Plan is ‘Standard’ or ‘Premium’ pricing and has an Environment. The Azure Advisor needs to be reviewed for Cost recommendations.
Application associated with it. 1. The Azure Advisor will recommend Reserved Instances
2. If the Azure App Service actually is getting utilised (by looking at the 2. The Azure Advisor will recommend if a Virtual Machine is running on a VM size
Metrics/CPU) and doesn’t need to be downscaled to a smaller plan. GREATER than what it needs (based on CPU utilisation under 5% in the last 14
days). If the Azure Advisor reports an overprovisioned machine, you need to
investigate its use and then resize it down to a more suitable size.
Review Shutdown Workloads
Because you pay for Azure Resources as ‘Pay As You Go’ a quick win can be to
review Virtual Machines to determine if the workload actually needs to be on 24/7!
Review Azure SQL Databases
For example, you have automation configured to automatically start-up and Review Azure SQL Databases to determine if:
shutdown workloads based on the following schedule: 1. The SQL Database Pricing Tier is ‘Standard’ and is actually using the DTUs
7AM Start – 7PM Stop (& off Weekends). (usually found by looking at the Compute utilisation on the databases), if not
You can add servers to this automated schedule by adding the following Tag to the downsize the DTU limit.
Virtual Machine, or trigger automation when a workload is ‘Shutdown’ and not 2. Check Geo-Replication to make sure that the SQL Database is not replicating
deallocated. across Regions if it doesn’t be.
 Review Reserved Instances
Review Azure Reserved Instances
Significantly reduce costs—up to 72 percent compared to pay-as-you-go prices—with
one-year or three-year terms on Windows and Linux virtual machines (VMs).

What's more, you can now improve budgeting and forecasting with a single upfront
payment (i.e. Pay for a VM Upfront for 1/3 Year or 5 Years) making it easy to calculate
your investments. Or, lower your upfront cash outflow with monthly payment options
at no additional cost.

Review Azure Reserved Instances

The Azure Advisor is an inbuilt tool that is critical to optimising the Azure Environment.
The Azure Advisor needs to be reviewed for Reserved Instance recommendations.

When reviewing Reserved Instances you need to take into consideration:

• What workloads are they used for?

• Is there a project that may replace or resize the workloads in the next year?
• Who is paying for the workloads?
 Review unused files and VHDs
Review unused files and VHDs
Save Azure cost by cleaning up unused VHDs in your Azure storage

Azure stores Azure Virtual Machine OS and data disks in Azure storage accounts. When a
VM is deleted from Azure portal, the underlying OS and data disks may not get deleted.
Such disks continue to consume Azure storage and accounts for cost for storing them.
These disks are called Orphaned Disks.

Review unused files and VHDS

As mentioned above, some Virtual Machines with unmanaged disks when deleted will
keep the VHDs around.

Using a PowerShell script (provided by Microsoft) you can Report on any disks that are not
in use by a VM, and then delete them.

Note: Be VERY cautious doing this, solutions such as Citrix and Azure Image Builder uses unmanaged
disks to create new Session hosts etc, so context is key.

With the Azure Storage accounts, using Blob data – such as Diagnostic Accounts. It’s a
good idea to implement Azure Blob Storage Lifecycle on the storage accounts so we are
only retaining recent and relevant data.

The lifecycle management policy lets you:

1. Transition blobs to a cooler storage tier (hot to cool, hot to archive, or cool to
archive) to optimize for performance and cost
2. Delete blobs at the end of their lifecycles
3. Define rules to be run once per day at the storage account level
 Review budgets
Review Budgets
Budgets in Cost Management help you plan for and drive organizational accountability.
With budgets, you can account for the Azure services you consume or subscribe to
during a specific period. They help you inform others about their spending to
proactively manage costs, and to monitor how spending progresses over time.

When the budget thresholds you've created are exceeded, notifications are triggered.
None of your resources are affected and your consumption isn't stopped. You can use
budgets to compare and track spending as you analyse costs.

Review Budgets
Make sure you have Azure Budget notifications configured to email Product Owners or
other Stakeholders once a Resource Group or Subscription reaches a specific threshold.

This is set up in the Azure Portal, on the Resource Group under Budgets and set to
email the Application Owner.

Example of budgets that could be configured:

Generally, I recommend 3 budgets should be configured, to give enough notice:

• 50%
• 60%
• 70%
 Review Tags

Review Tags
You apply tags to your Azure resources, resource groups, and subscriptions to logically
organize them into a taxonomy. Each tag consists of a name and a value pair. For
example, you can apply the name "Environment" and the value "Production" to all the
resources in production.

Tags can be used to determine things like:

• Who to bill?
• Who supports it?

The right tags, can mean that the right owners get charged internally and have more
ownership of their resource costs.

Examples below:

Tag Name Value Comment

Dept Finance Name of the department who owns the resources.
Environment UAT What environment the Resource is used for such as Production, UAT and Development
Application Owner Luke Murray The name of the Product Owner for the service sitting inside the Resource Group
Support Team Platform Team What team is responsible for the resources/site for support reasons
Billing Code Operational Purchase order or project billing code
 Review HUB (Hybrid Use Benefit)
Review HUB
The Azure Hybrid Benefit is a pricing benefit for customers who have licenses with
Software Assurance, which helps maximize the value of existing on-premises Windows
Server and/or SQL Server license investments when migrating to Azure.

Eligible customers can save up to 40% on Azure Virtual Machines (infrastructure as a

service, or IaaS), and save up to 55% on Azure SQL Database (platform as a service, or
PaaS) and SQL Server on Azure Virtual Machines (IaaS) with Azure Hybrid Benefit, which
increases to up to 80% when combined with Azure Reserved Instances.

Review HUB
To verify if a server is using the Azure Hybrid Benefit

Log in to the Azure Portal and navigate to the Virtual Machine Blade
Make sure that the: OS Licensing Benefit column is selected.

If a Virtual Machine Already has HUB it will have: Azure hybrid benefit listed in the
column, any non-supported workloads (such as Linux) will have ‘Not Supported’.

If any are eligible for HUB, click on the Virtual Machine…

1. Click the Configuration blade
2. Select Licensing, Already have a Windows server license?
3. Yes and Save

Note: This is a non-intrusive change that will take effect on the billing immediately and doesn’t cause
any impact on the Virtual Machine.
 Review Backups
Review Backups
Azure Backup is simple because it’s built into the platform.

It has one-click backup support for SQL databases and virtual machines running in
Azure. Azure Backup is cost-effective and less complex than other cloud backup
solutions while keeping your data safe from ransomware and human errors.

Sometimes there will be workloads that have been backed up to migrate, test or clone
and that you no longer need to retain the data for.

Review Backups
Note: This can be a tricky one as you will need to talk to product owners to confirm the workloads
were just Dev/Test workloads, and not required, there may be legal implications for keeping
workloads in backup.

But if someone stood up something to play with, particularly in a Sandbox or Development

subscription there may not be a reason to keep it around.

Login to the Azure Portal and navigate to the Recovery Services Vault page
Navigate to each one and click on:
Backup:
1. Under Usage, click on Backup Items
2. Click on Azure Virtual Machines
Sort the Backup items by Latest Restore Point (so the older restore points are at the
top)
Using the Latest Restore Point as a guide, IF there are any servers that can have their
Backups deleted:
1. Click on the Name of the Backup Item
2. Click on Stop Backup
3. Select Delete Backup Data (this is non-reversible)
4. Type in the name of the Backup Item and select Stop Backup
 Review unused Public IPs

Review unused Public IPs

Public IP addresses allow Internet resources to communicate inbound to Azure
resources. Public IP addresses enable Azure resources to communicate to the Internet
and public-facing Azure services.

The address is dedicated to the resource until it’s unassigned by you. A resource
without a public IP assigned can communicate outbound. Azure dynamically assigns an
available IP address that isn’t dedicated to the resource.

When resources get created, sometimes they will create a Public IP, these can be
removed as part of the build but left in the Resource Groups. We want to remove
unattached Public Ips to save money.

Note: In some cases, the Product Owner may need to be consulted before any
changes are made, as some of the resources may be inflight projects or required.

Review unused Public IPs

1. Log in to the Azure Portal and navigate to the Public IP Addresses blade
2. Look in the ‘Associated to’ column and if not required click on the Public IP
3. Click Delete
 Review Storage Accounts
Review Storage Accounts
An Azure storage account contains all of your Azure Storage data objects: blobs, files,
queues, tables, and disks. Data in your Azure storage account is durable and highly
available, secure, and massively scalable.

General-purpose storage accounts may be configured for either of the following

performance tiers:

• A standard performance tier for storing blobs, files, tables, queues, and Azure
virtual machine disks.
• A premium performance tier for storing unmanaged virtual machine disks.

If a Storage account is Premium but only needs to be Standard (or LRS instead of ZRS),
this can save some money.

Note: In some cases, the Product Owner may need to be consulted before any
changes are made, as some of the resources may be inflight projects or required.

Review Storage Accounts

1. Login to the Azure Portal and navigate to the Storage Account blade
2. Click on Manage View, Edit Columns and add in: SKU
3. Review the Premium Storage Accounts and determine if any accounts need to be
downsized to Standard
4. To change, click on the Storage Account
5. Click on Configuration and change from Premium to Standard

You can also look at the Replication, does that Storage Account need to be Geo-
Redundant if the rest of the application that uses it isn’t?
https://linktr.ee/lukemurray